Administrator Guide
Table Of Contents
- Dell EMC Networking Command Line Reference Guide for the Z9100–ON System 9.14.2.6
- About this Guide
- CLI Basics
- File Management
- Control and Monitoring
- alias
- banner exec
- banner login
- banner motd
- cam-acl
- clear average-power
- clear line
- configure
- disable
- do
- enable
- enable cpu-clock-monitor
- enable optic-info-update interval
- end
- exec-timeout
- exit
- ftp-server enable
- ftp-server topdir
- ftp-server username
- hostname
- ip ftp password
- ip ftp source-interface
- ip ftp username
- ip ftp vrf
- ip telnet server enable
- ip telnet server vrf
- ip telnet source-interface
- ip tftp source-interface
- ip tftp vrf
- line
- logging disable-syslog snmp auth-failure
- login concurrent-session
- login statistics
- motd-banner
- ping
- reload
- reload-type
- send
- service timestamps
- show alias
- show alarms
- show cpu-traffic-stats
- show debugging
- show environment
- show inventory
- show login statistics
- show memory
- show processes cpu
- show processes ipc flow-control
- show processes memory
- show reload-type
- show reset-reason
- show software ifm
- show system
- show tech-support
- ssh-peer-stack-unit
- stack-unit location-led
- telnet
- telnet-peer-stack-unit
- terminal length
- traceroute
- undebug all
- virtual-ip
- warmboot-failure-action
- write
- 802.1X
- debug dot1x
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x auth-type mab-only
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x critical-vlan
- dot1x guest-vlan
- dot1x host-mode
- mac
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x max-supplicants
- dot1x port-control
- dot1x profile
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x static-mab
- dot1x supplicant-timeout
- dot1x tx-period
- show dot1x cos-mapping interface
- show dot1x interface
- show dot1x profile
- Access Control Lists (ACL)
- Commands Common to all ACL Types
- Common IP ACL Commands
- Standard IP ACL Commands
- Extended IP ACL Commands
- Common MAC Access List Commands
- Standard MAC ACL Commands
- Extended MAC ACL Commands
- IP Prefix List Commands
- Route Map Commands
- continue
- description
- match as-path
- match community
- match interface
- match ip address
- match ip next-hop
- match ip route-source
- match metric
- match origin
- match route-type
- match tag
- route-map
- set as-path
- set automatic-tag
- set comm-list delete
- set community
- set level
- set local-preference
- set metric
- set metric-type
- set next-hop
- set origin
- set tag
- set weight
- show config
- show route-map
- deny (for Standard IP ACLs)
- deny (for Extended IP ACLs)
- seq (for Standard IPv4 ACLs)
- deny tcp (for Extended IP ACLs)
- deny (for Standard MAC ACLs)
- deny (for Extended MAC ACLs)
- permit (for Standard IP ACLs)
- permit icmp (for Extended IP ACLs)
- permit udp (for Extended IP ACLs)
- permit (for Extended IP ACLs)
- permit (for Standard MAC ACLs)
- seq (for Standard MAC ACLs)
- permit tcp (for Extended IP ACLs)
- seq (for IP ACLs)
- seq (for IPv6 ACLs)
- permit udp (for IPv6 ACLs)
- permit tcp (for IPv6 ACLs)
- permit icmp (for IPv6 ACLs)
- permit (for IPv6 ACLs)
- deny udp (for IPv6 ACLs)
- deny tcp (for IPv6 ACLs)
- deny icmp (for Extended IPv6 ACLs)
- deny (for IPv6 ACLs)
- Bidirectional Forwarding Detection (BFD)
- Boot Command Line Interface
- boot change
- boot message
- boot show net config retries
- boot write net config retries
- boot zero
- default-gateway
- etheraddr
- ignore enable-password
- ignore startup-config
- interface management ethernet ip address
- NVRAM erase
- reload
- serial console
- show bootvar
- show default-gateway
- show interface management ethernet
- show serial console baud rate
- watchdog
- Border Gateway Protocol
- BGP IPv4 Commands
- address-family
- aggregate-address
- bgp add-path
- bgp always-compare-med
- bgp asnotation
- bgp bestpath as-path ignore
- bgp bestpath as-path multipath-relax
- bgp bestpath med confed
- bgp bestpath med missing-as-best
- bgp bestpath router-id ignore
- bgp client-to-client reflection
- bgp cluster-id
- bgp confederation identifier
- bgp confederation peers
- bgp dampening
- bgp default local-preference
- bgp dmzlink-bw
- bgp enforce-first-as
- bgp fast-external-fallover
- bgp four-octet-as-support
- bgp graceful-restart
- bgp non-deterministic-med
- bgp outbound-optimization
- bgp recursive-bgp-next-hop
- bgp redistribute-internal
- bgp regex-eval-optz-disable
- bgp router-id
- clear ip bgp
- clear ip bgp dampening
- clear ip bgp flap-statistics
- clear ip bgp peer-group
- debug ip bgp
- debug ip bgp dampening
- debug ip bgp events
- debug ip bgp keepalives
- debug ip bgp notifications
- debug ip bgp soft-reconfiguration
- debug ip bgp updates
- default-metric
- deny bandwidth
- description
- maximum-paths
- neighbor activate
- neighbor add-path
- neighbor advertisement-interval
- neighbor advertisement-start
- neighbor allowas-in
- neighbor default-originate
- neighbor description
- neighbor distribute-list
- neighbor ebgp-multihop
- neighbor fall-over
- neighbor local-as
- neighbor maximum-prefix
- neighbor password
- neighbor peer-group (assigning peers)
- neighbor peer-group (creating group)
- neighbor peer-group passive
- neighbor remote-as
- neighbor remove-private-as
- neighbor route-map
- neighbor route-reflector-client
- neighbor send-community
- neighbor shutdown
- neighbor soft-reconfiguration inbound
- neighbor timers
- neighbor timers extended
- neighbor update-source
- neighbor weight
- network
- network backdoor
- permit bandwidth
- redistribute
- redistribute ospf
- router bgp
- shutdown all
- shutdown address-family-ipv4–multicast
- shutdown address-family-ipv4–unicast
- shutdown address-family-ipv6–unicast
- set extcommunity bandwidth
- show capture bgp-pdu neighbor
- show config
- show ip bgp
- show ip bgp cluster-list
- show ip bgp community
- show ip bgp community-list
- show ip bgp dampened-paths
- show ip bgp detail
- show ip bgp extcommunity-list
- show ip bgp filter-list
- show ip bgp flap-statistics
- show ip bgp inconsistent-as
- show ip bgp neighbors
- show ip bgp next-hop
- show ip bgp paths
- show ip bgp paths community
- show ip bgp peer-group
- show ip bgp regexp
- show ip bgp summary
- show running-config bgp
- timers bgp
- timers bgp extended
- MBGP Commands
- BGP IPv4 Commands
- Content Addressable Memory (CAM)
- Control Plane Policing (CoPP)
- control-plane-cpuqos
- cpu-protocol-group
- copp-profile
- cpu-queue
- copp-policy
- protocol-list
- queue-length
- service-policy rate-limit-cpu-queues
- service-policy rate-limit-protocols
- show cpu-queue rate cp
- show ip protocol-queue-mapping
- show ipv6 protocol-queue-mapping
- show mac protocol-queue-mapping
- show running-config copp-profile
- show running-config cpu-protocol-group
- Data Center Bridging (DCB)
- Debugging and Diagnostics
- Diagnostics and Monitoring Commands
- Offline Diagnostic Commands
- Hardware Commands
- clear hardware stack-unit
- clear hardware system-flow
- clear hardware vlan-counters
- hardware watchdog
- show hardware mac
- show hardware ip
- show hardware ipv6
- show hardware stack-unit
- show hardware buffer
- show hardware buffer headroom-pool
- show hardware buffer service-pool
- show hardware buffer-stats-snapshot
- show hardware drops
- show hardware counters interface
- show hardware system-flow
- show hardware vlan-counters
- Dynamic Host Configuration Protocol (DHCP)
- Commands to Configure the System to be a DHCP Server
- Commands to Configure Secure DHCP
- arp inspection
- arp inspection-limit
- arp inspection-trust
- clear ip dhcp snooping
- clear ipv6 dhcp snooping binding
- ip dhcp relay
- ip dhcp snooping
- ipv6 dhcp snooping
- ipv6 dhcp snooping vlan
- ip dhcp snooping binding
- IPv6 DHCP Snooping Binding
- ip dhcp snooping database
- ipv6 dhcp snooping database write-delay
- ip dhcp snooping database renew
- ipv6 dhcp snooping database renew
- ip dhcp snooping trust
- ipv6 dhcp snooping trust
- ip dhcp source-address-validation
- ip dhcp relay information-option
- ip dhcp relay source-interface
- ipv6 dhcp relay source-interface
- ip dhcp snooping verify mac-address
- ipv6 dhcp snooping verify mac-address
- ip helper-address
- ipv6 helper-address
- show ip dhcp snooping
- show ipv6 dhcp snooping
- Commands to Configure DNS
- Equal Cost Multi-Path (ECMP)
- Flex Hash and Optimized Boot-Up
- FIP Snooping
- clear fip-snooping database interface vlan
- clear fip-snooping statistics
- debug fip snooping
- debug fip snooping rx
- feature fip-snooping
- fip-snooping enable
- fip-snooping fc-map
- fip-snooping max-sessions-per-enodemac
- fip-snooping port-mode fcf
- show fip-snooping config
- show fip-snooping enode
- show fip-snooping fcf
- show fip-snooping statistics
- show fip-snooping system
- show fip-snooping vlan
- Force10 Resilient Ring Protocol (FRRP)
- GARP VLAN Registration (GVRP)
- ICMP Message Types
- Internet Group Management Protocol (IGMP)
- Interfaces
- Basic Interface Commands
- clear counters
- clear dampening
- dampening
- description
- default interface
- duplex (10/100 Interfaces)
- encapsulation dot1q
- errdisable recovery cause
- errdisable recovery interval
- fec default
- fec enable
- flowcontrol
- interface
- interface group
- interface loopback
- interface managementEthernet
- interface null
- interface range
- interface range macro (define)
- interface range macro name
- interface vlan
- intf-type cr1 autoneg
- intf-type cr2 autoneg
- intf-type cr4 autoneg
- keepalive
- monitor interface
- mtu
- negotiation auto
- no port-delay-restore (Interface Mode)
- port-delay-restore (Configuration Mode)
- portmode hybrid
- rate-interval
- rate-interval (Configuration Mode)
- show config
- show config (from INTERFACE RANGE mode)
- show interfaces
- show interfaces configured
- show interfaces dampening
- show interfaces stack-unit
- show interfaces status
- show interfaces vlan
- show system stack-unit fanout configured
- show interfaces switchport
- show interfaces transceiver
- show range
- shutdown
- speed (for 10/100/1000/10000 interfaces)
- speed (Management interface)
- stack-unit portmode
- switchport
- wavelength
- Port Channel Commands
- Enhanced Validation of Interface Ranges
- ip http source-interface
- Basic Interface Commands
- IPv4 Routing
- arp
- arp backoff-time
- arp learn-enable
- arp max-entries
- arp retries
- arp timeout
- clear arp-cache
- clear host
- clear ip fib stack-unit
- clear ip route
- clear tcp statistics
- debug arp
- debug ip dhcp
- debug ip icmp
- debug ip packet
- ip address
- ip directed-broadcast
- ip domain-list
- ip domain-lookup
- ip domain-name
- ip helper-address
- ip helper-address hop-count disable
- ip host
- ip icmp source-interface
- ipv6 icmp source-interface
- ip max-frag-count
- ip name-server
- ip proxy-arp
- ip route
- ip source-route
- ip tcp initial-time
- ip unknown-unicast
- ipv4 unicast-host-route
- show ip tcp initial-time
- ip unreachables
- load-balance
- load-balance hg
- management route
- show arp
- show arp retries
- show hosts
- show ip cam stack-unit
- show ip fib stack-unit
- show ip flow
- show ip interface
- show ip management-route
- show ipv6 management-route
- show ip protocols
- show ip route
- show ip route list
- show ip route summary
- show ip traffic
- show tcp statistics
- IPv6 Basics
- IPv6 Access Control Lists (IPv6 ACLs)
- Intermediate System to Intermediate System (IS-IS)
- adjacency-check
- advertise
- area-password
- clear config
- clear isis
- clns host
- debug isis
- debug isis adj-packets
- debug isis local-updates
- debug isis snp-packets
- debug isis spf-triggers
- debug isis update-packets
- default-information originate
- description
- distance
- distribute-list in
- distribute-list out
- distribute-list redistributed-override
- domain-password
- graceful-restart ietf
- graceful-restart interval
- graceful-restart restart-wait
- graceful-restart t1
- graceful-restart t2
- graceful-restart t3
- hello padding
- hostname dynamic
- ignore-lsp-errors
- ip router isis
- ipv6 router isis
- isis circuit-type
- isis csnp-interval
- isis hello-interval
- isis hello-multiplier
- isis hello padding
- isis ipv6 metric
- isis metric
- isis network point-to-point
- isis password
- isis priority
- is-type
- log-adjacency-changes
- lsp-gen-interval
- lsp-mtu
- lsp-refresh-interval
- max-area-addresses
- max-lsp-lifetime
- maximum-paths
- metric-style
- multi-topology
- net
- passive-interface
- redistribute
- redistribute bgp
- redistribute ospf
- router isis
- set-overload-bit
- show config
- show isis database
- show isis graceful-restart detail
- show isis hostname
- show isis interface
- show isis neighbors
- show isis protocol
- show isis traffic
- spf-interval
- iSCSI Optimization
- Link Aggregation Control Protocol (LACP)
- Layer 2
- MAC Addressing Commands
- mac-address-table aging-time
- mac-address-table aging-time
- mac-address-table static
- mac-address-table station-move refresh-arp
- mac learning-limit
- mac learning-limit learn-limit-violation
- mac learning-limit mac-address-sticky
- mac learning-limit station-move-violation
- mac learning-limit reset
- mac port-security
- show mac-address-table
- show mac-address-table aging-time
- show mac learning-limit
- Virtual LAN (VLAN) Commands
- Far-End Failure Detection (FEFD)
- MAC Addressing Commands
- Link Layer Discovery Protocol (LLDP)
- Microsoft Network Load Balancing
- Multicast Source Discovery Protocol (MSDP)
- clear ip msdp peer
- clear ip msdp sa-cache
- clear ip msdp statistic
- ip msdp cache-rejected-sa
- ip msdp default-peer
- ip msdp log-adjacency-changes
- ip msdp mesh-group
- ip msdp originator-id
- ip msdp peer
- ip msdp redistribute
- ip msdp sa-filter
- ip msdp sa-limit
- ip msdp shutdown
- ip multicast-msdp
- show ip msdp
- show ip msdp sa-cache rejected-sa
- Multicast Listener Discovery Protocol
- Multiple Spanning Tree Protocol (MSTP)
- Multicast
- Neighbor Discovery Protocol (NDP)
- IPv6 Router Advertisement (RA) Guard
- clear ipv6 neighbors
- debug ipv6 nd ra–guard
- device–role
- hop–limit
- ipv6 nd ra–guard attach–policy
- ipv6 nd ra–guard enable
- ipv6 nd ra–guard policy
- ipv6 neighbor
- managed-config-flag
- match ra
- mtu
- other–config–flag
- reachable–time
- retrans-time
- router–lifetime
- router–preference maximum
- show config
- show ipv6 nd ra–guard policy
- show ipv6 neighbors
- trusted–port
- IPv6 Router Advertisement (RA) Guard
- Object Tracking
- Open Shortest Path First (OSPFv2 and OSPFv3)
- OSPFv2 Commands
- area default-cost
- area nssa
- area range
- area stub
- auto-cost
- clear ip ospf
- clear ip ospf statistics
- debug ip ospf
- default-information originate
- default-metric
- description
- distance
- distance ospf
- distribute-list in
- distribute-list out
- fast-convergence
- flood-2328
- graceful-restart grace-period
- graceful-restart helper-reject
- graceful-restart mode
- graceful-restart role
- ip ospf auth-change-wait-time
- ip ospf authentication-key
- ip ospf cost
- ip ospf dead-interval
- ip ospf hello-interval
- ip ospf message-digest-key
- ip ospf mtu-ignore
- ip ospf network
- ip ospf priority
- ip ospf retransmit-interval
- ip ospf transmit-delay
- log-adjacency-changes
- maximum-paths
- mib-binding
- network area
- passive-interface
- redistribute
- redistribute bgp
- redistribute isis
- router-id
- router ospf
- show config
- show ip ospf
- show ip ospf asbr
- show ip ospf database
- show ip ospf database asbr-summary
- show ip ospf database external
- show ip ospf database network
- show ip ospf database nssa-external
- show ip ospf database opaque-area
- show ip ospf database opaque-as
- show ip ospf database opaque-link
- show ip ospf database router
- show ip ospf database summary
- show ip ospf interface
- show ip ospf neighbor
- show ip ospf routes
- show ip ospf statistics
- show ip ospf timers rate-limit
- show ip ospf topology
- summary-address
- timers spf
- timers throttle lsa all
- timers throttle lsa arrival
- OSPFv3 Commands
- area authentication
- area encryption
- area nssa
- auto-cost
- clear ipv6 ospf process
- debug ipv6 ospf bfd
- debug ipv6 ospf events
- debug ipv6 ospf packet
- debug ipv6 ospf spf
- default-information originate
- graceful-restart grace-period
- graceful-restart mode
- ipv6 ospf area
- ipv6 ospf authentication
- ipv6 ospf cost
- ipv6 ospf dead-interval
- ipv6 ospf encryption
- ipv6 ospf graceful-restart helper-reject
- ipv6 ospf hello-interval
- ipv6 ospf mtu-ignore
- ipv6 ospf priority
- ipv6 router ospf
- maximum-paths
- max-metric router-lsa
- passive-interface
- redistribute
- router-id
- snmp context
- show crypto ipsec policy
- show crypto ipsec sa ipv6
- show ipv6 ospf database
- show ipv6 ospf interface
- show ipv6 ospf neighbor
- snmp context
- timers spf
- OSPFv2 Commands
- Policy-based Routing (PBR)
- PIM-Sparse Mode (PIM-SM)
- IPv4 PIM-Sparse Mode Commands
- clear ip pim rp-mapping
- clear ip pim tib
- debug ip pim
- ip pim bsr-border
- ip pim bsr-candidate
- ip pim dr-priority
- ip pim join-filter
- ip pim neighbor-filter
- ip pim query-interval
- ip pim register-filter
- ip pim rp-address
- ip pim rp-candidate
- ip pim sparse-mode
- ip pim sparse-mode sg-expiry-timer
- ip pim ssm-range
- ip pim spt-threshold
- show ip pim bsr-router
- show ip pim interface
- show ip pim neighbor
- show ip pim rp
- show ip pim ssm-range
- show ip pim summary
- show ip pim tib
- IPv6 PIM-Sparse Mode Commands
- clear ipv6 pim tib
- debug ipv6 pim
- ipv6 pim bsr-border
- ipv6 pim bsr-candidate
- ipv6 pim dr-priority
- ipv6 pim query-interval
- ipv6 pim rp-address
- ipv6 pim rp-candidate
- ipv6 pim sparse-mode
- ipv6 pim sparse-mode sg-expiry-timer
- ipv6 pim spt-threshold
- show ipv6 pim bsr-router
- show ipv6 pim interface
- show ipv6 pim neighbor
- show ipv6 pim rp
- show ipv6 pim summary
- show ipv6 pim tib
- IPv4 PIM-Sparse Mode Commands
- Port Monitoring
- Private VLAN (PVLAN)
- Per-VLAN Spanning Tree Plus (PVST+)
- Quality of Service (QoS)
- Global Configuration Commands
- Per-Port QoS Commands
- Policy-Based QoS Commands
- bandwidth-percentage
- buffer-stats-snapshot
- class-map
- clear qos statistics
- description
- match ip access-group
- match ip dscp
- match ip precedence
- match mac access-group
- match mac dot1p
- match mac vlan
- policy-aggregate
- policy-map-input
- policy-map-output
- qos-policy-input
- qos-policy-output
- rate-police
- rate-shape
- resequence class-map
- service-policy input
- service-policy output
- service-queue
- set
- show qos class-map
- show qos policy-map
- show qos policy-map-input
- show qos policy-map-output
- show qos qos-policy-input
- show qos qos-policy-output
- show qos statistics
- show qos statistics wred-ecn
- show qos wred-profile
- service-class buffer shared-threshold-weight
- test cam-usage
- threshold
- trust
- unsequence class-map all
- wred
- wred ecn
- wred weight
- wred-profile
- rate shape
- service-pool wred
- DSCP Color Map Commands
- Routing Information Protocol (RIP)
- auto-summary
- clear ip rip
- debug ip rip
- default-information originate
- default-metric
- description
- distance
- distribute-list in
- distribute-list out
- ip poison-reverse
- ip rip receive version
- ip rip send version
- ip split-horizon
- maximum-paths
- neighbor
- network
- offset-list
- output-delay
- passive-interface
- redistribute
- redistribute isis
- redistribute ospf
- router rip
- show config
- show ip rip database
- show running-config rip
- timers basic
- version
- Remote Monitoring (RMON)
- Rapid Spanning Tree Protocol (RSTP)
- Security
- AAA Accounting Commands
- Authorization and Privilege Commands
- Obscure Password Commands
- Authentication and Password Commands
- RADIUS Commands
- aaa radius auth-method
- client
- client-key
- coa-bounce-port
- coa-disable-port
- coa-reauthenticate
- debug radius
- da-rsp-timeout
- disconnect-user
- dynamic-auth-enable
- ip radius source-interface
- port
- radius-server deadtime
- radius-server group
- radius-server host
- radius-server vrf
- radius-server key
- radius-server retransmit
- radius-server timeout
- rate-limit
- replay-protection-window
- terminate-session
- TACACS+ Commands
- Port Authentication (802.1X) Commands
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x guest-vlan
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x port-control
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x supplicant-timeout
- dot1x tx-period
- show dot1x interface
- SSH and SCP Commands
- crypto key generate
- crypto key zeroize rsa
- debug ip ssh
- ip scp topdir
- ip ssh authentication-retries
- ip ssh challenge–response–authentication
- ip ssh cipher
- ip ssh connection-rate-limit
- ip ssh connection-rate-interval
- ip ssh connection-rate-lockout
- ip ssh hostbased-authentication
- ip ssh mac
- ip ssh password-authentication
- ip ssh rekey
- ip ssh pub-key-file
- ip ssh rhostsfile
- ip ssh rsa-authentication (Config)
- ip ssh server
- ip ssh server dns enable
- ip ssh server vrf
- ip ssh source-interface
- ip ssh vrf
- show crypto
- show ip ssh
- show ip ssh client-pub-keys
- show ip ssh rsa-authentication
- ssh
- Secure DHCP Commands
- Role-Based Access Control Commands
- ICMP Vulnerabilities
- System Security Commands
- Service Provider Bridging
- sFlow
- Simple Network Management Protocol (SNMP) and Syslog
- SNMP Commands
- show snmp
- show snmp engineID
- show snmp group
- show snmp supported-mibs
- show snmp supported-traps
- show snmp user
- snmp context
- snmp context
- snmp ifmib ifalias long
- snmp-server community
- snmp-server contact
- snmp-server enable traps
- snmp-server engineID
- snmp-server group
- snmp-server host
- snmp-server location
- snmp-server packetsize
- snmp-server trap-source
- snmp-server user
- snmp-server user (for AES128-CFB Encryption)
- snmp-server view
- snmp-server vrf
- snmp trap link-status
- Syslog Commands
- clear logging
- clear logging auditlog
- default logging buffered
- default logging console
- default logging monitor
- default logging trap
- logging
- logging buffered
- logging console
- logging extended
- logging facility
- logging history
- logging history size
- logging monitor
- logging on
- logging source-interface
- logging synchronous
- logging trap
- logging version
- show logging auditlog
- show logging
- show logging driverlog stack-unit
- terminal monitor
- SNMP Commands
- SNMP Traps
- Storm Control
- polling-interval
- xoff-state threshold polling-count
- storm-control pfc in queue-drop
- queue-drop backoff-force
- queue-drop backoff-on-norxpfc
- storm-control pfc in queue-drop-state clear
- disable storm-control pfc
- show storm-control pfc status
- clear storm-control pfc drop-counters
- show storm-control pfc statistics
- clear storm-control pfc statistics
- show storm-control broadcast
- show storm-control multicast
- show storm-control unknown-unicast
- storm-control broadcast (Configuration)
- storm-control broadcast (Interface)
- storm-control multicast (Configuration)
- storm-control multicast (Interface)
- storm-control unknown-unicast (Configuration)
- storm-control unknown-unicast (Interface)
- Spanning Tree Protocol (STP)
- SupportAssist
- System Time and Date
- clock summer-time date
- clock summer-time recurring
- clock timezone
- debug ntp
- ntp authenticate
- ntp broadcast client
- ntp control-key-passwd
- ntp disable
- ntp master
- ntp offset-threshold
- ntp server
- ntp source
- ntp step-threshold
- ntp trusted-key
- ntp authentication-key
- show clock
- show ntp associations
- show ntp vrf associations
- show ntp status
- Tunneling
- Uplink Failure Detection (UFD)
- VLAN Stacking
- Virtual Routing and Forwarding (VRF)
- VLT Proxy Gateway
- Virtual Link Trunking (VLT)
- back-up destination
- clear vlt statistics
- delay-restore
- delay-restore abort-threshold
- lacp ungroup member-independent
- multicast peer-routing timeout
- peer-link port-channel
- peer-routing
- peer-routing-timeout
- primary-priority
- show vlt brief
- show vlt backup-link
- show vlt counters
- show vlt detail
- show vlt inconsistency
- show vlt mismatch
- show vlt role
- show vlt statistics
- show vlt statistics igmp-snoop
- unit-id
- vlt domain
- vlt-peer-lag port-channel
- Virtual Extensible LAN (VXLAN)
- clear vxlan vxlan-instance statistics
- clear mac-address-table dynamic
- controller
- debug vxlan
- disable-mac-learn
- feature vxlan
- fail-mode
- gateway-ip
- local-vtep-ip
- max_backoff
- peer-ovsdbserver-ip
- remote-vtep-ip
- vnid
- vni-profile
- vxlan-instance
- vxlan-instance (VAP)
- vxlan-instance loopback
- vxlan-instance static
- vxlan-vnid
- show running-config vxlan
- show vxlan vxlan-instance
- show vxlan vxlan-instance logical network
- show vxlan vxlan-instance physical-locator
- show vxlan vxlan-instance statistics interface
- show vxlan vxlan-instance statistics remote-vtep-ip
- show vxlan vxlan-instance unicast-mac-local
- show vxlan vxlan-instance unicast-mac-remote
- show vxlan vxlan-instance vtep-vni-map
- Virtual Router Redundancy Protocol (VRRP)
- X.509v3
Parameters
cert-file Enter the keyword cert-file to specify that the certificate needs to be
downloaded.
cert-path
Enter the path where the certificate is locally stored. The path can be a full
path or a relative path. If the system accepts this path, a notification is sent
indicating the location where the certificate file is stored. Following are example of
a path that you can specify: flash://certs/s4810-001-request.crtand
usbflash:/certs/s4810-001-cert.pem
NOTE: Before installing a trusted certificate, you first need to download it
from a remote CA using the copy command.
.
key-file Enter the keyword key-file to specify the private key.
private Enter the keyword private to specify that the key is stored in a hidden location in
the NVRAM. Only one private key can exist in a hidden location at any given point
in time.
key-path
Enter the absolute or relative location on the device where the key is stored.
NOTE: After the certificate is successfully installed, the private key is deleted
from the specified location and copied to the hidden location in NVRAM.
password
passphrase
(Optional) Enter the keyword password followed by the password phrase used to
decrypt the private key.
NOTE: You can generate the private key and certificate on another host. While
doing so, you must keep the private key encrypted with a passphrase so that
the private key is not compromised during transport. The password phrase acts
a facility to decrypt the private key before installing it on the switch.
Defaults NA.
Command Modes EXEC Privilege
Command
History
This guide is platform-specific. For command information about other platforms, see the relevant Dell
EMC Networking OS Command Line Reference Guide.
The following is a list of the Dell EMC Networking OS version history for this command.
Version Description
9.11.0.0 Introduced the command.
Usage
Information
The following RBAC roles are allowed to issue this command:
● sysadmin
● secadmin
Certain parameters must be met in order for this command to succeed:
● The downloaded certificate should be formatted properly.
● In order for verification to work, the CA certificate must be installed on the system before running this
command.
● The downloaded certificate’s public key must correspond to the private key.
● If the certificate is not self-signed, then the CA certificate (from the CA that has signed the
certificate) must be installed on the system prior to running this command for verification to work.
NOTE: It is possible for the switch to store two types of certificates: one for the FIPS mode and
one for the non-FIPS mode. If the system is in FIPS mode, the certificate is installed as the FIPS
certificate. If the system is in non-FIPS mode, the certificate is installed as the non-FIPS certificate.
When FIPS mode is enabled or disabled, the certificates (and keys) are switched by the system.
NOTE: For the switch, there are two possible certificates stored - one for FIPS mode, one for
non-FIPS mode. If the system is in FIPS mode, the certificate will be installed as the FIPS certificate.
1708 X.509v3