2CSPC4.X8100-SWUM100.
CSPC4.X8100-SWUM100.book Page 2 Wednesday, August 29, 2012 6:23 PM Notes A NOTE indicates important information that helps you make better use of your computer. ____________________ Information in this publication is subject to change without notice. © 2012 Dell Inc. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.
2CSPC4.X8100-SWUM100.book Page 3 Wednesday, August 29, 2012 6:23 PM Contents 1 Command Groups Introduction . . . . . . . . . . . . . . . . . . 77 . . . . . . . . . . . . . . . . . . . . . . . 77 Command Groups Mode Types . . . . . . . . . . . . . . . . . . . . 77 . . . . . . . . . . . . . . . . . . . . . . . 81 Layer 2 Commands . Data Center Technology Commands. . . . . . . . . . . 117 . . . . . . . . . . . . . . . . . . . 119 . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 4 Wednesday, August 29, 2012 6:23 PM 3 Layer 2 Switching Commands . . . . . . . . 235 4 AAA Commands . . . . . . . . . . . . . . . . . . . 237 TACACS+ Accounting . . . . . . . . . . . . . . . . . Commands in this Chapter . . . . . . . . . . . . . . . aaa authentication dot1x default 240 . . . . . . . . . . . . . . 241 . . . . . . . . . . . . . . . 243 . . . . . . . . . . . . . . . . . . . 245 aaa authentication login .
2CSPC4.X8100-SWUM100.book Page 5 Wednesday, August 29, 2012 6:23 PM password (User EXEC) . . . . . . . . . . . . . . . . . . 259 show aaa ias-users . . . . . . . . . . . . . . . . . . . 260 show aaa statistics . . . . . . . . . . . . . . . . . . . 261 show authentication methods . . . . . . . . . . . . . . 262 . . . . . . . . . . . . . . 263 . . . . . . . . . . . . . . . . . . 265 show authorization methods show users accounts show users login-history username . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 6 Wednesday, August 29, 2012 6:23 PM access-list . . . . . . . . . . . . . . . . . . . . . . . deny | permit (IP ACL) . . . . . . . . . . . . . . . . . deny | permit (Mac-Access-List-Configuration) . ip access-group 284 . . . 286 . . . . . . . . . . . . . . . . . . . . 288 mac access-group . . . . . . . . . . . . . . . . . . . mac access-list extended . . . . . . . . . . . . . . . mac access-list extended rename service-acl input . 289 290 . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 7 Wednesday, August 29, 2012 6:23 PM mac address-table multicast forward-unregistered mac address-table multicast static . . . . . . . . . . . 306 . . . . . . . . . . . . . . . . 307 . . . . . . . . . . . . . . . . . . . . . . . 308 mac address-table static port security port security max 309 . . . . . . . . . . . . . . . . . . . . show mac address-table multicast . . . . . . . . . . . 310 show mac address-table filtering . . . . . . . . . . . . 311 . . . .
2CSPC4.X8100-SWUM100.book Page 8 Wednesday, August 29, 2012 6:23 PM 9 CDP Interoperability Commands . . . . . . 329 . . . . . . . . . . . . . . 329 . . . . . . . . . . . . . . . . . . 329 . . . . . . . . . . . . . . . . . . . . 330 Commands in this Chapter . clear isdp counters clear isdp table . isdp advertise-v2 . isdp enable . . . . . . . . . . . . . . . . . . . . 330 . . . . . . . . . . . . . . . . . . . . . . 331 isdp holdtime . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 9 Wednesday, August 29, 2012 6:23 PM dhcp l2relay vlan . 345 . . . . . . . . . . . . . . . . . . . . show dhcp l2relay all 346 . . . . . . . . . . . . . . . . . . show dhcp l2relay interface . show dhcp l2relay stats interface . 348 . . . . . . . . . . . show dhcp l2relay subscription interface . . . . . . . 349 . . . . . . . . . . 350 . . . . . . . . . . . . . . . . . 351 show dhcp l2relay agent-option vlan show dhcp l2relay vlan 347 . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 10 Wednesday, August 29, 2012 6:23 PM clear ip dhcp snooping statistics ip dhcp snooping . . . . . . . . . . . . 367 . . . . . . . . . . . . . . . . . . . 367 ip dhcp snooping binding . . . . . . . . . . . . . . . ip dhcp snooping database . . . . . . . . . . . . . . ip dhcp snooping database write-delay . ip dhcp snooping limit 370 . . . . . . . . . . . . . . . . . 371 . . . . . . . . . . . . . 372 . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 11 Wednesday, August 29, 2012 6:23 PM ip arp inspection validate ip arp inspection vlan . . . . . . . . . . . . . . . . 387 . . . . . . . . . . . . . . . . . . 388 permit ip host mac host show arp access-list . . . . . . . . . . . . . . . . . 389 . . . . . . . . . . . . . . . . . . 390 show ip arp inspection show ip arp inspection vlan . Commands in this Chapter . . . . . . . . . . . 397 . . . . . . . . . . . . . . . . . . . . . . 398 . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 12 Wednesday, August 29, 2012 6:23 PM username (Mail Server Configuration Mode) . . . . . 409 password (Mail Server Configuration Mode) . . . . . 410 . . . . . . . . . . . . . . . . . . . 411 show mail-server 15 Ethernet Configuration Commands . . . . 413 . . . . . . . . . . . . . . 414 . . . . . . . . . . . . . . . . . . . . . 414 . . . . . . . . . . . . . . . . . . . . . . 415 . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 13 Wednesday, August 29, 2012 6:23 PM shutdown . speed . . . . . . . . . . . . . . . . . . . . . . . . . 441 . . . . . . . . . . . . . . . . . . . . . . . . . . 441 storm-control broadcast . . . . . . . . . . . . . . . . . 443 . . . . . . . . . . . . . . . . . 444 storm-control unicast . . . . . . . . . . . . . . . . . . 445 switchport protected . . . . . . . . . . . . . . . . . . 446 storm-control multicast switchport protected name . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 14 Wednesday, August 29, 2012 6:23 PM show ethernet cfm domain . . . . . . . . . . . . . . show ethernet cfm maintenance-points local . . . . show ethernet cfm maintenance-points remote 463 . . . . . . . . . . . . . 464 . . . . . . . . . . . . . . . . . . . . . . . 466 17 Green Ethernet Commands Energy-Detect Mode . . . . . . . . . . . 469 . . . . . . . . . . . . . . . . . 469 Energy Efficient Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 15 Wednesday, August 29, 2012 6:23 PM show gvrp configuration . show gvrp error-statistics . show gvrp statistics . 481 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482 . . . . . . . . . . . . . . . . . . 483 19 IGMP Snooping Commands . Commands in this Chapter . ip igmp snooping (global) . . . . . . . . . 485 . . . . . . . . . . . . . . . 486 . . . . . . . . . . . . . . . . 486 ip igmp snooping (interface). . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 16 Wednesday, August 29, 2012 6:23 PM 20 IGMP Snooping Querier Commands . . . 499 . . . . . . . . . . . . . . 499 . . . . . . . . . . . . . . . 499 Commands in this Chapter . ip igmp snooping querier ip igmp snooping querier election participate . . . . 501 . . . . . . . 502 . . . . . . . . 503 . . . . . . . . . . . 503 . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 17 Wednesday, August 29, 2012 6:23 PM ipv6 address (Interface Config) . . . . . . . . . . . . . 517 . . . . . . . . . . . . . . . . . 518 . . . . . . . . . . . . . . . . . . . . 520 ipv6 address (OOB Port) ipv6 address dhcp ipv6 enable (Interface Config) . ipv6 enable (OOB Config) . . . . . . . . . . . . . 521 . . . . . . . . . . . . . . . . 521 ipv6 gateway (OOB Config) show hosts . . . . . . . . . . . . . . . . 522 . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 18 Wednesday, August 29, 2012 6:23 PM ipv6 mld snooping immediate-leave . . . . . . . . . . ipv6 mld snooping groupmembership-interval ipv6 mld snooping maxresponse . . . . 541 . . . . . . . . . . . 541 ipv6 mld snooping mcrtexpiretime ipv6 mld snooping (Global) . . . . . . . . . . 542 . . . . . . . . . . . . . . 543 ipv6 mld snooping (Interface) . . . . . . . . . . . . . 544 ipv6 mld snooping (VLAN) . . . . . . . . . . . . . . . 545 show ipv6 mld snooping .
2CSPC4.X8100-SWUM100.book Page 19 Wednesday, August 29, 2012 6:23 PM 25 IP Source Guard Commands Commands in this Chapter . ip verify source 557 . . . . . . . . . . . . . . . . . . . . . 557 . . . . . . . . . . . . . . 558 . . . . . . . . . . . . . . . . . . . . . 559 show ip verify interface show ip source binding . . . . . . . . . . . . 560 . . . . . . . . . . . . . . . . . 561 26 iSCSI Optimization Commands Commands in this Chapter . . . . . . . . 563 . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 20 Wednesday, August 29, 2012 6:23 PM add gigabitethernet . . . . . . . . . . . . . . . . . . add tengigabitethernet . . . . . . . . . . . . . . . . . 577 . . . . . . . . . . . . . . . . . . . 578 . . . . . . . . . . . . . . . . . . . . . . 579 add port-channel . depends-on . show link-dependency. 28 LLDP Commands . . . . . . . . . . . . . . . . 580 . . . . . . . . . . . . . . . . . . 583 Commands in this Chapter . . . . . . . . . . . . . . . 584 . . . . .
2CSPC4.X8100-SWUM100.book Page 21 Wednesday, August 29, 2012 6:23 PM 29 Multicast VLAN Registration Commands . . . . . . . . . . . . . . . Commands in this Chapter . mvr . . . . . . . . 601 . . . . . . . . . . . . . . . 602 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602 mvr group . . . . . . . . . . . . . . . . . . . . . . . . 603 mvr mode . . . . . . . . . . . . . . . . . . . . . . . . . 604 mvr querytime mvr vlan . . . . . . . . . . . . . . . . . . . . . . 604 . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 22 Wednesday, August 29, 2012 6:23 PM Enhanced LAG Hashing . . . . . . . . . . . . . . . . Manual Aggregation of LAGs . . . . . . . . . . . . . 623 Manual Aggregation of LAGs . . . . . . . . . . . . . 623 Flexible Assignment of Ports to LAGs . . . . . . . . . 623 . . . . . . . . . . . . . . 623 . . . . . . . . . . . . . . . . . . . . . 624 Commands in this Chapter . channel-group interface port-channel . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 23 Wednesday, August 29, 2012 6:23 PM 32 QoS Commands . . . . . . . . . . . . . . . . . . . Access Control Lists . Layer 2 ACLs . . . . . . . . . . . . . . . . . . 643 . . . . . . . . . . . . . . . . . . . . . . . 644 Layer 3/4 IPv4 ACLs . . . . . . . . . . . . . . . . . . . Class of Service (CoS) . Queue Mapping 644 . . . . . . . . . . . . . . . . . 644 . . . . . . . . . . . . . . . . . . . . . 645 Commands in this Chapter . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 24 Wednesday, August 29, 2012 6:23 PM mark ip-dscp . . . . . . . . . . . . . . . . . . . . . . mark ip-precedence . . . . . . . . . . . . . . . . . . 662 . . . . . . . . . . . . . . . . . . . 663 . . . . . . . . . . . . . . . . . . . . . . . 664 match class-map . match cos match destination-address mac . . . . . . . . . . . . 665 match dstip . . . . . . . . . . . . . . . . . . . . . . . 666 match dstip6 . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 25 Wednesday, August 29, 2012 6:23 PM policy-map . random-detect queue-parms 680 . . . . . . . . . . . . . . random-detect exponential-weighting-constant . redirect . 679 . . . . . . . . . . . . . . . . . . . . . . . . . . 682 . . . . . . . . . . . . . . . . . . . . . . . . . 683 service-policy show class-map 685 . . . . . . . . . . . . . . . . . . . . . show classofservice dot1p-mapping 687 . . . . . . . . . . show classofservice ip-dscp-mapping . . . . .
2CSPC4.X8100-SWUM100.book Page 26 Wednesday, August 29, 2012 6:23 PM aaa accounting dot1x default start-stop. . . . . . . . 709 . . . . . . . . . . . . . . . . . . . . . . . 711 acct-port . . . . . . . . . . . . . . . . . . . . . . . . 712 auth-port . . . . . . . . . . . . . . . . . . . . . . . . 713 deadtime . . . . . . . . . . . . . . . . . . . . . . . . 713 accounting debug aaa accounting . key . . . . . . . . . . . . . . . . 714 . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 27 Wednesday, August 29, 2012 6:23 PM show radius statistics . . . . . . . . . . . . . . . . . . 729 . . . . . . . . . . . . . . . . . . . . . . . . 733 . . . . . . . . . . . . . . . . . . . . . . . . . 734 . . . . . . . . . . . . . . . . . . . . . . . . . . 735 source-ip . timeout . usage . 34 Spanning Tree Commands . Commands in this Chapter . . . . . . . . . . . . . . . . . . . . . . . . . . clear spanning-tree detected-protocols exit (mst) . 738 . . . . . .
2CSPC4.X8100-SWUM100.book Page 28 Wednesday, August 29, 2012 6:23 PM spanning-tree loopguard . spanning-tree max-age . . . . . . . . . . . . . . . 759 . . . . . . . . . . . . . . . . 760 spanning-tree max-hops . spanning-tree mode . . . . . . . . . . . . . . . 760 . . . . . . . . . . . . . . . . . . 761 spanning-tree mst configuration spanning-tree mst cost . . . . . . . . . . . . 762 . . . . . . . . . . . . . . . . 763 spanning-tree mst port-priority . . . . . . . . . . . . 764 . . . . .
2CSPC4.X8100-SWUM100.book Page 29 Wednesday, August 29, 2012 6:23 PM tacacs-server host . tacacs-server key . . . . . . . . . . . . . . . . . . . 777 . . . . . . . . . . . . . . . . . . . . 778 tacacs-server timeout timeout . . . . . . . . . . . . . . . . . . . 779 . . . . . . . . . . . . . . . . . . . . . . . . . 779 36 UDLD Commands . . . . . . . . . . . . . . . . . . Detecting Unidirectional Links on a Device Port . . . . 781 . . . . . . . 782 . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 30 Wednesday, August 29, 2012 6:23 PM Independent VLAN Learning . . . . . . . . . . . . . . 792 Protocol Based VLANs . . . . . . . . . . . . . . . . . 792 IP Subnet Based VLANs . . . . . . . . . . . . . . . . 793 . . . . . . . . . . . . . . . . . . 793 MAC-Based VLANs Private VLAN Commands . . . . . . . . . . . . . . . Commands in this Chapter . . . . . . . . . . . . . . . 796 . . . . . . . . . . . . . . . . 797 . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 31 Wednesday, August 29, 2012 6:23 PM switchport access vlan . . . . . . . . . . . . . . . . . switchport forbidden vlan . . . . . . . . . . . . . . . . 816 817 switchport general acceptable-frame-type tagged-only . . . . . . . . . . . . . . . . . . . . . . . switchport general allowed vlan . . . . . . . . . . . . switchport general ingress-filtering disable . 818 818 . . . . . 819 . . . . . . . . . . . . . . . . 820 switchport mode . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 32 Wednesday, August 29, 2012 6:23 PM private-vlan. . . . . . . . . . . . . . . . . . . . . . . show vlan private-vlan . . . . . . . . . . . . . . . . . 38 Voice VLAN Commands 839 . . . . . . . . . . . . . . 840 . . . . . . . . . . . . . . . . . . . . . . . 840 voice vlan (Interface) . . . . . . . . . . . . . . . . . voice vlan data priority show voice vlan 842 . . . . . . . . . . . . . . . . . . . . 842 . . . . . . . . . . . . . . . . . Local 802.
2CSPC4.X8100-SWUM100.book Page 33 Wednesday, August 29, 2012 6:23 PM dot1x port-control . . . . . . . . . . . . . . . . . . . . dot1x re-authenticate . . . . . . . . . . . . . . . . . . dot1x reauthentication . . . . . . . . . . . . . . . . . . dot1x system-auth-control . . . . . . . . . . . . . . . . dot1x system-auth-control monitor 854 855 855 . . . . . . . . . . . 856 . . . . . . . . . . . . 857 . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 34 Wednesday, August 29, 2012 6:23 PM 40 Data Center Technology Commands . . . 879 . . . . . 881 . . . . . . 881 . . . . . . . . . . . 885 . . . . . . . . . . . . . . . . . . . . . . . 885 41 Data Center Bridging Commands Data Center Bridging Exchange Protocol . Interoperability with IEEE DCBX . Port Roles Commands in this Chapter . . . . . . . . . . . . . . . Data Center Bridging Capability Exchange Commands . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 35 Wednesday, August 29, 2012 6:23 PM show interfaces traffic-class-group 42 FIP Snooping Commands . Setting Up FIP Snooping . 909 . . . . . . . . . . . . . . . . . . . . . 913 913 . . . . . . . . . . . . . . . . Commands in this Chapter . . . . . . . . . . . . . . . . 914 . . . . . . . . . . . . . . . . . . 915 fip-snooping enable . . . . . . . . . . . . . . . . . . . 916 fip-snooping fc-map . . . . . . . . . . . . . . . . . . . 917 feature fip-snooping .
2CSPC4.X8100-SWUM100.book Page 36 Wednesday, August 29, 2012 6:23 PM show interfaces priority-flow-control . . . . . . . . . 949 . . . . . . . . . . . . . . . . 953 . . . . . . . . . . . . . . . . . . . 955 . . . . . . . . . . . . . . . . . . . . . . . 956 44 Layer 3 Commands . 45 ARP Commands ARP Aging Commands in this Chapter . arp . . . . . . . . . . . . . . 956 . . . . . . . . . . . . . . . . . . . . . . . . . . . 956 arp cachesize . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 37 Wednesday, August 29, 2012 6:23 PM 46 DHCP Server and Relay Agent Commands . . . . . . . . . . . . . . . . Commands in this Chapter . 967 . . . . . . . . . . . . . . . 968 . . . . . . . . . . . . . . . . . . . . . . . 968 . . . . . . . . . . . . . . . . . . . . . . . . . 971 ip dhcp pool bootfile . . . . . . . . clear ip dhcp binding . . . . . . . . . . . . . . . . . . 972 clear ip dhcp conflict . . . . . . . . . . . . . . . . . . 973 . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 38 Wednesday, August 29, 2012 6:23 PM next-server . option . . . . . . . . . . . . . . . . . . . . . . . 986 . . . . . . . . . . . . . . . . . . . . . . . . . 987 service dhcp sntp . . . . . . . . . . . . . . . . . . . . . . . 991 . . . . . . . . . . . . . . . . . . . . . . . . . . 992 show ip dhcp binding . . . . . . . . . . . . . . . . . 993 show ip dhcp conflict . . . . . . . . . . . . . . . . . 994 show ip dhcp global configuration show ip dhcp pool . . .
2CSPC4.X8100-SWUM100.book Page 39 Wednesday, August 29, 2012 6:23 PM show ipv6 dhcp interface (Privileged EXEC) show ipv6 dhcp pool . . . . . . 1010 . . . . . . . . . . . . . . . . . 1016 show ipv6 dhcp statistics 48 DVMRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Commands in this Chapter . ip dvmrp 1016 1019 . . . . . . . . . . . . . . 1019 . . . . . . . . . . . . . . . . . . . . . . . . 1019 ip dvmrp metric show ip dvmrp . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 40 Wednesday, August 29, 2012 6:23 PM ip igmp robustness . . . . . . . . . . . . . . . . . . . ip igmp startup-query-count . . . . . . . . . . . . . . ip igmp startup-query-interval . 1034 . . . . . . . . . . . . . . . . . . . . 1035 . . . . . . . . . . . . . . . . . . . . . 1035 show ip igmp groups . . . . . . . . . . . . . . . . . . show ip igmp interface . . . . . . . . . . . . . . . . show ip igmp membership . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 41 Wednesday, August 29, 2012 6:23 PM bootpdhcprelay maxhopcount . . . . . . . . . . . . . 1053 . . . . . . . . . . . . . 1054 . . . . . . . . . . . . . . . 1055 bootpdhcprelay minwaittime clear ip helper statistics . ip dhcp relay information check . . . . . . . . . . . ip dhcp relay information check-reply ip dhcp relay information option 1055 . . . . . . . . 1056 . . . . . . . . . . . 1057 ip dhcp relay information option-insert . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 42 Wednesday, August 29, 2012 6:23 PM ip netdirbcast. ip route . . . . . . . . . . . . . . . . . . . . . 1074 . . . . . . . . . . . . . . . . . . . . . . . . . 1074 ip route default . . . . . . . . . . . . . . . . . . . . . ip route distance . ip routing . . . . . . . . . . . . . . . . . . . . 1077 . . . . . . . . . . . . . . . . . . . . . . . 1078 show ip brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 43 Wednesday, August 29, 2012 6:23 PM ipv6 enable . . . . . . . . . . . . . . . . . . . . . . . ipv6 hop-limit ipv6 host . . . . . . . . . . . . . . . . . . . . . 1102 . . . . . . . . . . . . . . . . . . . . . . . . 1102 ipv6 mld last-member-query-count . . . . . . . . . . ipv6 mld last-member-query-interval ipv6 mld-proxy . 1103 . . . . . . . . . 1104 . . . . . . . . . . . . . . . . . . . . 1105 ipv6 mld-proxy reset-status . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 44 Wednesday, August 29, 2012 6:23 PM ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . ipv6 route distance . . . . . . . . . . . . . . . . . . . 1119 ipv6 unicast-routing . . . . . . . . . . . . . . . . . . 1120 . . . . . . . . . . . . . . . . . . . . . . . . 1121 ping ipv6 ping ipv6 interface . show ipv6 brief . . . . . . . . . . . . . . . . . . . 1122 . . . . . . . . . . . . . . . . . . . . 1123 show ipv6 interface . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 45 Wednesday, August 29, 2012 6:23 PM traceroute ipv6 . . . . . . . . . . . . . . . . . . . . . 54 Loopback Interface Commands . Commands in this Chapter . interface loopback . 1151 . . . . . . . . . . . . . . . . . . 1151 55 Multicast Commands . Commands in this Chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152 1155 . . . . . . . . . . . . . . 1156 . . . . . . . . . . . . . . . . . . 1157 . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 46 Wednesday, August 29, 2012 6:23 PM ip pim rp-candidate . . . . . . . . . . . . . . . . . . 1167 . . . . . . . . . . . . . . . . . . . . . 1168 . . . . . . . . . . . . . . . . . . . . . . . 1169 ip pim sparse . ip pim ssm ip pim spt-threshold show ip multicast . . . . . . . . . . . . . . . . . . 1170 . . . . . . . . . . . . . . . . . . . 1171 show ip mcast boundary . . . . . . . . . . . . . . . . show ip multicast interface show ip mcast mroute . . . . . . .
2CSPC4.X8100-SWUM100.book Page 47 Wednesday, August 29, 2012 6:23 PM ipv6 pim dense . . . . . . . . . . . . . . . . . . . . . ipv6 pim dr-priority . . . . . . . . . . . . . . . . . . . ipv6 pim hello-interval . . . . . . . . . . . . . . . . . ipv6 pim join-prune-interval . 1188 1189 1190 . . . . . . . . . . . . . 1190 ipv6 pim register-rate-limit . . . . . . . . . . . . . . 1191 ipv6 pim register-threshold . . . . . . . . . . . . . . 1192 . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 48 Wednesday, August 29, 2012 6:23 PM Forwarding of OSPF Opaque LSAs Enabled by Default . . . . . . . . . . . . . . . . . . . . . . . . . Passive Interfaces Graceful Restart 1207 . . . . . . . . . . . . . . . . . . . 1207 . . . . . . . . . . . . . . . . . . . . 1208 Commands in this Chapter . . . . . . . . . . . . . . . area default-cost (Router OSPF) . area nssa (Router OSPF) . 1208 . . . . . . . . . . . 1209 . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 49 Wednesday, August 29, 2012 6:23 PM area virtual-link transmit-delay . . . . . . . . . . . . 1228 auto-cost . . . . . . . . . . . . . . . . . . . . . . . . 1229 bandwidth . . . . . . . . . . . . . . . . . . . . . . . 1230 capability opaque clear ip ospf . . . . . . . . . . . . . . . . . . . 1230 . . . . . . . . . . . . . . . . . . . . . . 1231 clear ip ospf stub-router . compatible rfc1583 . . . . . . . . . . . . . . . . 1232 . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 50 Wednesday, August 29, 2012 6:23 PM ip ospf mtu-ignore . . . . . . . . . . . . . . . . . . . 1245 . . . . . . . . . . . . . . . . . . . . 1246 . . . . . . . . . . . . . . . . . . . . . 1247 ip ospf network . ip ospf priority ip ospf retransmit-interval . ip ospf transmit-delay . . . . . . . . . . . . . . 1247 . . . . . . . . . . . . . . . . . 1248 log adjacency-changes . . . . . . . . . . . . . . . . 1249 . . . . . . . . . . . . . . . . . 1250 . . . . . .
2CSPC4.X8100-SWUM100.book Page 51 Wednesday, August 29, 2012 6:23 PM show ip ospf asbr . . . . . . . . . . . . . . . . . . . show ip ospf database . . . . . . . . . . . . . . . . . show ip ospf database database-summary . show ip ospf interface . 1273 1274 . . . . . 1277 . . . . . . . . . . . . . . . . 1279 show ip ospf interface brief . . . . . . . . . . . . . . 1281 show ip ospf interface stats . . . . . . . . . . . . . . 1283 . . . . . . . . . . . . . . . . 1284 . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 52 Wednesday, August 29, 2012 6:23 PM area nssa default-info-originate (Router OSPFv3 Config) . . . . . . . . . . . . . . . . . . . . . . . . . area nssa no-redistribute area nssa no-summary . . . . . . . . . . . . . . . . 1305 . . . . . . . . . . . . . . . . 1306 area nssa translator-role. . . . . . . . . . . . . . . . area nssa translator-stab-intv . 1307 . . . . . . . . . . . . 1308 . . . . . . . . . . . . . . 1309 . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 53 Wednesday, August 29, 2012 6:23 PM ipv6 ospf . . . . . . . . . . . . . . . . . . . . . . . . 1322 ipv6 ospf area . . . . . . . . . . . . . . . . . . . . . 1323 ipv6 ospf cost . . . . . . . . . . . . . . . . . . . . . 1324 ipv6 ospf dead-interval . . . . . . . . . . . . . . . . 1325 ipv6 ospf hello-interval . . . . . . . . . . . . . . . . 1326 . . . . . . . . . . . . . . . . . 1326 ipv6 ospf network . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 54 Wednesday, August 29, 2012 6:23 PM show ipv6 ospf abr . . . . . . . . . . . . . . . . . . . 1343 show ipv6 ospf area . . . . . . . . . . . . . . . . . . 1344 show ipv6 ospf asbr . . . . . . . . . . . . . . . . . . 1345 show ipv6 ospf border-routers . show ipv6 ospf database . . . . . . . . . . . . . 1346 . . . . . . . . . . . . . . . 1346 show ipv6 ospf database database-summary . show ipv6 ospf interface . . . . . 1351 . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 55 Wednesday, August 29, 2012 6:23 PM ip irdp maxadvertinterval . . . . . . . . . . . . . . . 1369 ip irdp minadvertinterval . . . . . . . . . . . . . . . 1370 . . . . . . . . . . . . . . . . . . . . 1371 ip irdp multicast ip irdp preference show ip irdp . . . . . . . . . . . . . . . . . . . 1372 . . . . . . . . . . . . . . . . . . . . . . 1372 60 Routing Information Protocol Commands . . . . . . . . . . . . . . . Commands in this Chapter . auto-summary . . . .
2CSPC4.X8100-SWUM100.book Page 56 Wednesday, August 29, 2012 6:23 PM router rip . . . . . . . . . . . . . . . . . . . . . . . . show ip rip . . . . . . . . . . . . . . . . . . . . . . . show ip rip interface . . . . . . . . . . . . . . . . . . show ip rip interface brief . split-horizon . . . . . . . . . . . . . . . . . . . . . . 1389 interface tunnel 1391 1391 . . . . . . . . . . . . . . . . . . . . 1392 tunnel destination . . . . . . . . . . . . . . . . 1392 . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 57 Wednesday, August 29, 2012 6:23 PM vrrp accept-mode . . . . . . . . . . . . . . . . . . . 1400 . . . . . . . . . . . . . . . . . . 1401 . . . . . . . . . . . . . . . . . . . . 1402 . . . . . . . . . . . . . . . . . . . . . . . . . 1403 vrrp authentication vrrp description vrrp ip vrrp mode . . . . . . . . . . . . . . . . . . . . . . . 1405 vrrp preempt . . . . . . . . . . . . . . . . . . . . . . 1405 vrrp priority. . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 58 Wednesday, August 29, 2012 6:23 PM boot auto-copy-sw . . . . . . . . . . . . . . . . . . . boot auto-copy-sw allow-downgrade . . . . . . . . . 1427 . . . . . . . . . . . . . . . . . 1428 . . . . . . . . . . . . . . . . . . 1429 . . . . . . . . . . . . . . . . . . . . . 1429 boot host autoreboot . boot host autosave . boot host dhcp boot host retrycount . . . . . . . . . . . . . . . . . . 1430 show auto-copy-sw . . . . . . . . . . . . . . . . . . 1431 . .
2CSPC4.X8100-SWUM100.book Page 59 Wednesday, August 29, 2012 6:23 PM interface locale . . . . . . . . . . . . . . . . . . . . . . . . . 1445 . . . . . . . . . . . . . . . . . . . . . . . . . 1445 name (Captive Portal) . . . . . . . . . . . . . . . . . 1446 protocol . . . . . . . . . . . . . . . . . . . . . . . . 1447 redirect . . . . . . . . . . . . . . . . . . . . . . . . . 1447 redirect-url . . . . . . . . . . . . . . . . . . . . . . . session-timeout verification . 1448 . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 60 Wednesday, August 29, 2012 6:23 PM user session-timeout . . . . . . . . . . . . . . . . . . show captive-portal configuration . . . . . . . . . . show captive-portal configuration interface 1462 show captive-portal configuration locales . . . . . . 1463 show captive-portal configuration status . . . . . . . 1464 . . . . . . . . . . . . . . . . . . . . . . . 1466 user group moveusers user group name . . . . . . . . . . . . . . . . . 1466 . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 61 Wednesday, August 29, 2012 6:23 PM Simple Network Time Protocol . . . . . . . . . . . . 1479 . . . . . . . . . . . . . . 1480 . . . . . . . . . . . . . . . 1480 show sntp server . . . . . . . . . . . . . . . . . . . . 1481 show sntp status . . . . . . . . . . . . . . . . . . . . 1483 sntp authenticate . . . . . . . . . . . . . . . . . . . 1484 Commands in this Chapter . show sntp configuration . sntp authentication-key . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 62 Wednesday, August 29, 2012 6:23 PM script apply . . . . . . . . . . . . . . . . . . . . . . . 1497 script delete . . . . . . . . . . . . . . . . . . . . . . 1498 . . . . . . . . . . . . . . . . . . . . . . . . 1499 script list script show . . . . . . . . . . . . . . . . . . . . . . . script validate . . . . . . . . . . . . . . . . . . . . . 69 Configuration and Image File Commands . . . . . . . . . . . . . . . File System Commands . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 63 Wednesday, August 29, 2012 6:23 PM show backup-config . show bootvar. . . . . . . . . . . . . . . . . . 1519 . . . . . . . . . . . . . . . . . . . . . 1520 show running-config. . . . . . . . . . . . . . . . . . 1521 show startup-config . . . . . . . . . . . . . . . . . . 1522 . . . . . . . . . . . . . . . . . . . 1524 . . . . . . . . . . . . . . . . . . . . . . . . . . 1525 update bootcode . write 70 Denial of Service Commands Commands in this Chapter . .
2CSPC4.X8100-SWUM100.book Page 64 Wednesday, August 29, 2012 6:23 PM 71 Line Commands exec-timeout . history 1539 . . . . . . . . . . . . . . . . . . . . . . . . . 1540 . . . . . . . . . . . . . . . . . . . . . . 1541 . . . . . . . . . . . . . . . . . . . . . . . . . . . 1541 show line . speed . . . . . . . . . . . . . . . . . . . . . . . . 1542 . . . . . . . . . . . . . . . . . . . . . . . . . 1544 72 Management ACL Commands Commands in this Chapter . deny (management) . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 65 Wednesday, August 29, 2012 6:23 PM 74 Password Management Commands Configurable Minimum Password Length . 1559 . . . . . . 1559 . . . . . . . . . . . . . . . . . . . 1559 . . . . . . . . . . . . . . . . . . . . 1559 . . . . . . . . . . . . . . . . . . . . . 1559 Password History Password Aging User Lockout . . . Password Strength . . . . . . . . . . . . . . . . . . Commands in this Chapter . passwords aging . 1560 . . . . . . . . . . . . . . 1561 . . . .
2CSPC4.X8100-SWUM100.book Page 66 Wednesday, August 29, 2012 6:23 PM passwords strength minimum character-classes . . . . . . . . . . . . . . . . . . . passwords strength exclude-keyword enable password encrypted . . . . . . . . . 1572 . . . . . . . . . . . . . 1573 show passwords configuration show passwords result . . . . . . . . . . . . 1574 . . . . . . . . . . . . . . . . 1576 75 PHY Diagnostics Commands show copper-ports tdr . . . . . . . . . . . . . . . . . . 1581 . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 67 Wednesday, August 29, 2012 6:23 PM show rmon log . . . . . . . . . . . . . . . . . . . . . show rmon statistics. . . . . . . . . . . . . . . . . . 77 SDM Templates Commands . Commands in this Chapter . sdm prefer . . . . . . . . 1598 1603 . . . . . . . . . . . . . . 1603 . . . . . . . . . . . . . . . . . . . . . . . 1603 show sdm prefer . . . . . . . . . . . . . . . . . . . . 78 Serviceability Tracing Packet Commands . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 68 Wednesday, August 29, 2012 6:23 PM debug ip pimsm packet debug ip vrrp . . . . . . . . . . . . . . . . 1618 . . . . . . . . . . . . . . . . . . . . . . 1618 debug ipv6 dhcp . . . . . . . . . . . . . . . . . . . . debug ipv6 mcache debug ipv6 mld . . . . . . . . . . . . . . . . . . . 1620 . . . . . . . . . . . . . . . . . . . . 1620 debug ipv6 pimdm . . . . . . . . . . . . . . . . . . . 1621 debug ipv6 pimsm . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 69 Wednesday, August 29, 2012 6:23 PM sflow polling . . . . . . . . . . . . . . . . . . . . . . sflow polling (Interface Mode) sflow sampling . . . . . . . . . . . . . 1634 . . . . . . . . . . . . . . . . . . . . 1635 sflow sampling (Interface Mode) show sflow agent . . . . . . . . . . . 1636 . . . . . . . . . . . . . . . . . . . 1637 show sflow destination show sflow polling . . . . . . . . . . . . . . . . 1638 . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 70 Wednesday, August 29, 2012 6:23 PM snmp-server engineID local . snmp-server filter . . . . . . . . . . . . . 1660 . . . . . . . . . . . . . . . . . . . 1661 snmp-server group . snmp-server host . . . . . . . . . . . . . . . . . . . 1663 . . . . . . . . . . . . . . . . . . . 1664 snmp-server location . . . . . . . . . . . . . . . . . 1666 snmp-server user . . . . . . . . . . . . . . . . . . . . 1667 snmp-server view . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 71 Wednesday, August 29, 2012 6:23 PM 82 Syslog Commands . . . . . . . . . . . . . . . . CLI Logged to Local File and Syslog Server . . . . . . 1685 . . . . . . . . . . . . . . 1686 . . . . . . . . . . . . . . . . . . . . . 1687 Commands in this Chapter . clear logging . clear logging file . . . . . . . . . . . . . . . . . . . . description (Logging) level 1685 1687 . . . . . . . . . . . . . . . . . 1688 . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 72 Wednesday, August 29, 2012 6:23 PM show syslog-servers . terminal monitor . . . . . . . . . . . . . . . . . 1705 . . . . . . . . . . . . . . . . . . . . 1706 83 System Management Commands . asset-tag . . . . . . . . . . . . . . . . . . . . . . . . 1707 . . . . . . . . . . . . . . . . . . . . . . 1708 banner login . . . . . . . . . . . . . . . . . . . . . . 1709 banner motd . . . . . . . . . . . . . . . . . . . . . . 1710 banner motd acknowledge . . . . . .
2CSPC4.X8100-SWUM100.book Page 73 Wednesday, August 29, 2012 6:23 PM reload . . . . . . . . . . . . . . . . . . . . . . . . . set description . slot 1725 . . . . . . . . . . . . . . . . . . . . 1726 . . . . . . . . . . . . . . . . . . . . . . . . . . . 1727 show banner . . . . . . . . . . . . . . . . . . . . . . show boot-version . . . . . . . . . . . . . . . . . . . show checkpoint statistics 1728 1730 . . . . . . . . . . . . . . 1730 show cut-through mode . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 74 Wednesday, August 29, 2012 6:23 PM show system id . . . . . . . . . . . . . . . . . . . . . show system power . . . . . . . . . . . . . . . . . . show system temperature 1760 . . . . . . . . . . . . . . . . . . 1762 . . . . . . . . . . . . . . . . . . . . . . 1765 show version . stack . . . . . . . . . . . . . . . . . . . . . 1766 . . . . . . . . . . . . . . . . . . . . . . . . . . 1767 stack-port standby . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 75 Wednesday, August 29, 2012 6:23 PM 86 Time Ranges Commands time-range . . . . . . . . . . . 1785 . . . . . . . . . . . . . . . . . . . . . . . 1785 absolute . . . . . . . . . . . . . . . . . . . . . . . . 1786 periodic . . . . . . . . . . . . . . . . . . . . . . . . 1787 show time-range . . . . . . . . . . . . . . . . . . . . 87 User Interface Commands . enable end . . . . . . . . . 1789 1793 . . . . . . . . . . . . . . . . . . . . . . . . . 1793 . . . .
2CSPC4.X8100-SWUM100.book Page 76 Wednesday, August 29, 2012 6:23 PM ip http server . . . . . . . . . . . . . . . . . . . . . . ip http secure-certificate ip http secure-port . . . . . . . . . . . . . . . 1806 . . . . . . . . . . . . . . . . . . . 1807 ip http secure-server . . . . . . . . . . . . . . . . . . 1808 . . . . . . . . . . . . . . . . . . . . . 1808 . . . . . . . . . . . . . . . . . . . . . . . . 1809 key-generate . location . organization-unit . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 77 Wednesday, August 29, 2012 6:23 PM 1 Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphic User Interface (GUI) driven software application. By directly entering commands, the user has greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.
2CSPC4.X8100-SWUM100.book Page 78 Wednesday, August 29, 2012 6:23 PM Table 1-1. System Command Groups (continued) Command Group Description Administrative Profiles Configures and displays ACL information. Address Table Configures bridging address tables. Auto-VoIP Configures Auto VoIP for IP phones on a switch. CDP Interoperability Configures Cisco® Discovery Protocol (CDP). DHCP L2 Relay Enables the Layer 2 DHCP Relay agent for an interface.
2CSPC4.X8100-SWUM100.book Page 79 Wednesday, August 29, 2012 6:23 PM Table 1-1. System Command Groups (continued) Command Group Description Radius Configures and displays RADIUS information. Spanning Tree Configures and reports on Spanning Tree protocol. TACACS+ Configures and displays TACACS+ information. VLAN Configures VLANs and displays VLAN information. 802.1x Configures and displays commands related to 802.1x security protocol.
2CSPC4.X8100-SWUM100.book Page 80 Wednesday, August 29, 2012 6:23 PM Table 1-1. System Command Groups (continued) Command Group Description IP Routing (IPv4) Configures IP routing and addressing. IPv6 Multicast Manages IPv6 Multicasting on the system. IPv6 Routing Configures IPv6 routing and addressing. Loopback Interface (IPv6) Manages Loopback configurations. Multicast (Mcast) Manages Multicasting on the system. OSPF (IPv4) Manages shortest path operations.
2CSPC4.X8100-SWUM100.book Page 81 Wednesday, August 29, 2012 6:23 PM Table 1-1. System Command Groups (continued) Command Group Description Password Management Provides password management. PHY Diagnostics Diagnoses and displays the interface status. RMON Can be configured through the CLI and displays RMON information. Serviceability Tracing Controls display of debug output to serial port or telnet console. sFlow Configures sFlow monitoring.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 83 Wednesday, August 29, 2012 6:23 PM • TRC — Time Range Configuration • UE — User EXEC • VC — VLAN Configuration (reached via vlan database command) • v6ACL — IPv6 Access List Configuration • v6CMC — IPv6 Class-Map Configuration • v6DP — IPv6 DHCP Pool Configuration Layer 2 Commands AAA Command Description Modea aaa authentication dot1x default Specifies an authentication method for 802.1x clients.
2CSPC4.X8100-SWUM100.book Page 84 Wednesday, August 29, 2012 6:23 PM Command Description Modea password (Line Configuration) Specifies a password on a line. LC password (User EXEC) Specifies a user password UE show aaa ias-users Displays configured IAS users and their attributes. PE show authentication methods Shows information about authentication methods. PE show users accounts Displays information about the local user database.
2CSPC4.X8100-SWUM100.book Page 85 Wednesday, August 29, 2012 6:23 PM ACL Command Description Modea access-list Creates an Access Control List (ACL) that is identified by the parameter accesslistnumber. GC deny | permit (IP ACL) The deny command denies traffic if the ML conditions defined in the deny statement are matched. The permit command allows traffic if the conditions defined in the permit statement are matched. ip access-group Attaches a specified access-control list to an interface.
2CSPC4.X8100-SWUM100.book Page 86 Wednesday, August 29, 2012 6:23 PM Address Table Command Description Modea clear mac address-table Removes any learned entries from the forwarding database. PE mac address-table agingtime Sets the address table aging time. GC mac address-table multicast Enables filtering of Multicast addresses. filtering GC mac address-table multicast Forbids adding a specific Multicast address to forbidden address specific ports.
2CSPC4.X8100-SWUM100.book Page 87 Wednesday, August 29, 2012 6:23 PM Command Description Modea show mac address-table filtering Displays the Multicast filtering configuration. PE show mac address-table interface Displays the mac forwarding table entries for a specific interface. UE or PE show mac address-table multicast Displays Multicast MAC address table information. PE show mac address-table static Displays statically created entries in the bridge- PE forwarding database.
2CSPC4.X8100-SWUM100.book Page 88 Wednesday, August 29, 2012 6:23 PM Modea Command Description isdp holdtime Configures the hold time for ISDP packets that GC the switch transmits. isdp timer Sets period of time between sending new ISDP GC packets. show isdp Displays global ISDP settings. PE show isdp interface Displays ISDP settings for the specified interface. PE show isdp entry Displays ISDP entries. PE show isdp neighbors Displays the list of neighboring devices.
2CSPC4.X8100-SWUM100.book Page 89 Wednesday, August 29, 2012 6:23 PM DHCP Management Interface Command Description Modea release dhcp Forces the DHCPv4 client to release a leased address. PE renew dhcp Forces the DHCP client to immediately renew an IPv4 address lane. PE debug dhcp packet Displays debug information about DHCPv4 PE client activities and traces DHCP v4 packets to and from the local DHCPv4 client. show dhcp lease Displays IPv4 addresses leased from a DHCP server. a.
2CSPC4.X8100-SWUM100.book Page 90 Wednesday, August 29, 2012 6:23 PM Command Description Modea ip dhcp snooping verify mac- Enables the verification of the source MAC address address with the client MAC address in the received DHCP message. GC show ip dhcp snooping Displays the DHCP snooping global and per port configuration. PE show ip dhcp snooping binding Displays the DHCP snooping binding entries.
2CSPC4.X8100-SWUM100.book Page 91 Wednesday, August 29, 2012 6:23 PM Modea Command Description permit ip host mac host Configures a rule for a valid IP address and ARPA MAC address combination used in ARP packet validation. show arp access-list Displays the configured ARP ACLs with the rules. PE show ip arp inspection Displays the Dynamic ARP Inspection configuration. PE show ip arp inspection interfaces Displays the Dynamic ARP Inspection PE configuration on all the DAI enabled interfaces.
2CSPC4.X8100-SWUM100.book Page 92 Wednesday, August 29, 2012 6:23 PM Command Description Modea show logging email statistics Displays information on how many e-mails are PE sent, how many e-mails failed, when the last email was sent, how long it has been since the last e-mail was sent, how long it has been since the e-mail changed to disabled mode. clear logging email statistics Clears the e-mail alerting statistics. GC security Sets the e-mail alerting security protocol.
2CSPC4.X8100-SWUM100.book Page 93 Wednesday, August 29, 2012 6:23 PM Command Description Modea interface range Enters the interface configuration mode to execute a command on multiple ports at the same time. GC, IC, IR show interfaces advertise Displays information about auto negotiation advertisement. PE show interfaces configuration Displays the configuration for all configured interfaces. UE show interfaces counters Displays traffic seen by the physical interface.
2CSPC4.X8100-SWUM100.book Page 94 Wednesday, August 29, 2012 6:23 PM Ethernet CFM Command Description Modea ethernet cfm domain Enters into maintenance domain config mode for an existing domain. Use the optional level parameter to create a domain and enter into maintenance domain config mode. GC service Associates a VLAN with a maintenance domain. MDC ethernet cfm cc level Initiates sending continuity checks (CCMs) at the specified interval and level on a VLAN monitored by an existing domain.
2CSPC4.X8100-SWUM100.book Page 95 Wednesday, August 29, 2012 6:23 PM GVRP Command Description Modea clear gvrp statistics Clears all the GVRP statistics information. PE garp timer Adjusts the GARP application join, leave, and leaveall GARP timer values. IC gvrp enable (global) Enables GVRP globally. GC gvrp enable (interface) Enables GVRP on an interface. IC gvrp registration-forbid De-registers all VLANs, and prevents dynamic VLAN registration on the port.
2CSPC4.X8100-SWUM100.book Page 96 Wednesday, August 29, 2012 6:23 PM Command Description Modea show ip igmp snooping groups Displays Multicast groups learned by IGMP snooping. UE show ip igmp snooping interface Displays IGMP snooping configuration. PE show ip igmp snooping mrouter Displays information on dynamically learned Multicast router interfaces. PE ip igmp snooping (VLAN) In VLAN Config mode, enables IGMP snooping VC on a particular VLAN or on all interfaces participating in a VLAN.
2CSPC4.X8100-SWUM100.book Page 97 Wednesday, August 29, 2012 6:23 PM Command Description Modea ip igmp snooping querier version Sets the IGMP version of the query that the snooping switch is going to send periodically. GC show ip igmp snooping querier Displays IGMP Snooping Querier information. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 81. IP Addressing Command Description Modea clear host Deletes entries from the host name-to-address cache.
2CSPC4.X8100-SWUM100.book Page 98 Wednesday, August 29, 2012 6:23 PM Command Description Modea ipv6 enable (Interface Config) Enables IPv6 on the management interface. GC ipv6 enable (OOB Config) Enables IPv6 operation on the out-of-band interface. IC ipv6 gateway (OOB Config) Configures the address of the IPv6 gateway. IC show hosts Displays the default domain name, a list of UE name server hosts, static and cached list of host names and addresses.
2CSPC4.X8100-SWUM100.book Page 99 Wednesday, August 29, 2012 6:23 PM IPv6 MLD Snooping Modea Command Description ipv6 mld snooping immediate-leave Enables or disables MLD Snooping immediate- IC leave admin mode on a selected interface or VC VLAN. ipv6 mld snooping groupmembership-interval Sets the MLD Group Membership Interval time on a VLAN or interface. ipv6 mld snooping maxresponse Sets the MLD Maximum Response time for an IC or interface or VLAN.
2CSPC4.X8100-SWUM100.book Page 100 Wednesday, August 29, 2012 6:23 PM Command Description Modea ipv6 mld snooping querier query-interval Sets the MLD Querier Query Interval time. GC ipv6 mld snooping querier timer expiry Sets the MLD Querier timer expiration period. GC show ipv6 mld snooping querier Displays MLD Snooping Querier information. a. PE For the meaning of each Mode abbreviation, see Mode Types on page 81.
2CSPC4.X8100-SWUM100.book Page 101 Wednesday, August 29, 2012 6:23 PM iSCSI Optimization Link Dependency Command Description Modea iscsi aging time Sets aging time for iSCSI sessions. GC iscsi cos Sets the quality of service profile that will be applied to iSCSI flows. GC iscsi enable Enables Global Configuration mode command GC globally enables iSCSI awareness. iscsi target port Configures an iSCSI target port (optionally configures target port address and name).
2CSPC4.X8100-SWUM100.book Page 102 Wednesday, August 29, 2012 6:23 PM LLDP Command Description Modea clear lldp remote-data Deletes all data from the remote data table. PE clear lldp statistics Resets all LLDP statistics. PE lldp notification Enables remote data change notifications. IC lldp notification-interval Limits how frequently remote data change notifications are sent. GC lldp receive Enables the LLDP receive capability.
2CSPC4.X8100-SWUM100.book Page 103 Wednesday, August 29, 2012 6:23 PM Command Description Modea mvr querytime Sets the MVR query response time. GC mvr vlan Sets the MVR multicast VLAN. GC mvr immediate Enables MVR Immediate Leave mode. IC mvr type Sets the MVR port type. IC mvr vlan group Use to participate in the specific MVR group. IC show mvr Displays global MVR settings. PE show mvr members Displays the MVR membership groups allocated.
2CSPC4.X8100-SWUM100.book Page 104 Wednesday, August 29, 2012 6:23 PM Command Description Modea show lacp Displays LACP information for ports. PE show statistics port-channel Displays port-channel statistics. a. PE For the meaning of each Mode abbreviation, see Mode Types on page 81. Port Monitor Command Description Modea monitor session Configures a port monitoring session. GC show monitor session Displays the port monitoring status. PE a.
2CSPC4.X8100-SWUM100.book Page 105 Wednesday, August 29, 2012 6:23 PM Command Description Modea cos-queue min-bandwidth Specifies the minimum transmission bandwidth for each interface queue. GC or IC cos-queue random-detect Configures WRED queue management policy GC or on an interface CoS queue. IC cos-queue strict Activates the strict priority scheduler mode for GC or each specified queue. IC diffserv Sets the DiffServ operational mode to active.
2CSPC4.X8100-SWUM100.book Page 106 Wednesday, August 29, 2012 6:23 PM Modea Command Description match dstl4port Adds to the specified class definition a match CMC condition based on the destination layer 4 port of a packet using a single keyword, or a numeric notation. match ethertype Adds to the specified class definition a match CMC condition based on the value of the ethertype. match ip6flowlbl Adds to the specified class definition a match condition based on the IPv6 flow label of a packet.
2CSPC4.X8100-SWUM100.book Page 107 Wednesday, August 29, 2012 6:23 PM Command Description Modea match vlan Adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field. CMC mirror Mirrors all the data that matches the class defined to the destination port specified. PCMC police-simple Establishes the traffic policing style for the specified class. PCMC policy-map Establishes a new DiffServ policy or enters policy map configuration mode.
2CSPC4.X8100-SWUM100.book Page 108 Wednesday, August 29, 2012 6:23 PM Command Description Modea show diffserv service interface Displays policy service information for the specified interface and direction. PE show diffserv service interface port-channel Displays policy service information for the specified interface and direction. PE show diffserv service brief Displays all interfaces in the system to which a PE DiffServ policy has been attached.
2CSPC4.X8100-SWUM100.book Page 109 Wednesday, August 29, 2012 6:23 PM Modea Command Description deadtime Improves Radius response times when a server is R unavailable by causing the unavailable server to be skipped. debug aaa accounting Enables debugging for accounting. key Sets the authentication and encryption key for all R RADIUS communications between the switch and the RADIUS daemon.
2CSPC4.X8100-SWUM100.book Page 110 Wednesday, August 29, 2012 6:23 PM Modea Command Description show aaa servers Displays the list of configured RADIUS servers UE or and the values configured for the global PE parameters of the RADIUS client. show accounting methods Displays the configured accounting method lists. PE show radius statistics Shows the statistics for an authentication or accounting server.
2CSPC4.X8100-SWUM100.book Page 111 Wednesday, August 29, 2012 6:23 PM Command Description Modea spanning-tree bpduprotection Enables BPDU protection on a switch. GC spanning-tree cost Configures the spanning tree path cost for a port. IC spanning-tree disable Disables spanning tree on a specific port. IC spanning-tree forward-time Configures the spanning tree bridge forward time. GC spanning-tree guard Selects whether loop guard or root guard is enabled on an interface.
2CSPC4.X8100-SWUM100.book Page 112 Wednesday, August 29, 2012 6:23 PM Command Description Modea spanning-tree tcnguard Prevents a port from propagating topology change notifications. IC spanning-tree transmit hold- Set the maximum number of BPDUs that a count bridge is allowed to send within a hello time window (2 seconds). a. GC For the meaning of each Mode abbreviation, see Mode Types on page 81.
2CSPC4.X8100-SWUM100.book Page 113 Wednesday, August 29, 2012 6:23 PM Command Description Modea mode dvlan-tunnel Enables Double VLAN tunneling on the specified interface. IC name (VLAN Configuration) Configures a name to a VLAN. IC private-vlan Defines a private VLAN association between the primary and secondary VLANs. VC protocol group Attaches a vlanid to the protocol-based VLAN identified by groupid.
2CSPC4.X8100-SWUM100.book Page 114 Wednesday, August 29, 2012 6:23 PM Command Description Modea switchport general acceptable-frame-type tagged-only Discards untagged frames at ingress. IC switchport general allowed vlan Adds or removes VLANs from a port in General IC mode. switchport general ingressfiltering disable Disables port ingress filtering. IC switchport general pvid Configures the PVID when the interface is in general mode.
2CSPC4.X8100-SWUM100.book Page 115 Wednesday, August 29, 2012 6:23 PM Command Modea Description vlan protocol group remove Removes the protocol-base VLAN group identified by groupid. a. GC For the meaning of each Mode abbreviation, see Mode Types on page 81. 802.1x Command Description Modea dot1x dynamic-vlan enable Enables the capability of creating VLANs dynamically when a RADIUS-assigned VLAN does not exist in the switch.
2CSPC4.X8100-SWUM100.book Page 116 Wednesday, August 29, 2012 6:23 PM Command Description dot1x timeout re-authperiod Sets the number of seconds between reauthentication attempts. dot1x timeout servertimeout Modea IC Sets the number of seconds the switch waits for IC a response from the authentication server before resending the request. dot1x timeout supp-timeout Sets the number of seconds the switch waits for IC a response to an EAP-request frame from the client before retransmitting the request.
2CSPC4.X8100-SWUM100.book Page 117 Wednesday, August 29, 2012 6:23 PM Data Center Technology Commands Data Center Bridging Commands Command Description Modea datacenter-bridging Enters the Data Center Bridging mode. IC lldp dcbx version Enables the switch to support a specific version GC of the Data Center Bridging Capability Exchange (DCBX) protocol or to detect the peer version and match it. lldp tlv-select dcbxp Sends specific DCBX TLVs if LLDP is enabled IC, to transmit on the given interface.
2CSPC4.X8100-SWUM100.book Page 118 Wednesday, August 29, 2012 6:23 PM Command Description Modea show fip-snooping enode Displays information about the interfaces connected to ENodes UE, PE show fip-snooping fcf Displays information about the interfaces connected to FCFs. UE, PE show fip-snooping sessions Displays information about the active FIP snooping sessions. UE, PE show fip-snooping statistics Displays the statistics of the FIP packets snooped in the VLAN or on an interface.
2CSPC4.X8100-SWUM100.book Page 119 Wednesday, August 29, 2012 6:23 PM Layer 3 Commands ARP (IPv4) Command Description Modea arp Creates an Address Resolution Protocol (ARP) entry. GC arp cachesize Configures the maximum number of entries in the ARP cache. GC arp dynamicrenew Enables the ARP component to automatically renew dynamic ARP entries when they age out. GC arp purge Causes the specified IP address to be removed from the ARP cache.
2CSPC4.X8100-SWUM100.book Page 120 Wednesday, August 29, 2012 6:23 PM DHCP Server and Relay Agent (IPv4) Modea Command Description ip dhcp pool Defines a DHCP address pool that can be used GC to supply addressing information to DHCP client. This command puts the user into DHCP Pool Configuration mode. bootfile Sets the name of the image for the DHCP client to load. DP clear ip dhcp binding Removes automatic DHCP server bindings. PE clear ip dhcp conflict Removes DHCP server address conflicts.
2CSPC4.X8100-SWUM100.book Page 121 Wednesday, August 29, 2012 6:23 PM Command Description Modea netbios-name-server Configures the IPv4 address of the Windows® Internet Naming Service (WINS) for a Microsoft DHCP client. DP netbios-node-type Sets the NetBIOS node type for a Microsoft DHCP client. DP network Defines a pool of IPv4 addresses for distributing DP to clients. next-server Sets the IPv4 address of the TFTP server to be used during auto-install.
2CSPC4.X8100-SWUM100.book Page 122 Wednesday, August 29, 2012 6:23 PM Command Description Modea domain-name (IPv6 DHCP Sets the DNS domain name which is provided Pool Config) to a DHCPv6 client by the DHCPv6 server. v6DP ipv6 dhcp pool Enters IPv6 DHCP Pool Configuration mode. GC ipv6 dhcp relay Configures an interface for DHCPv6 Relay functionality. IC ipv6 dhcp server Configures DHCPv6 server functionality on an IC interface.
2CSPC4.X8100-SWUM100.book Page 123 Wednesday, August 29, 2012 6:23 PM Command Description Modea show ip dvmrp nexthop Displays the next hop information on outgoing interfaces for routing multicast datagrams. PE show ip dvmrp prune Displays the table that lists the router’s upstream prune information. PE show ip dvmrp route Displays the multicast routing information for DVMRP. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 81.
2CSPC4.X8100-SWUM100.book Page 124 Wednesday, August 29, 2012 6:23 PM Command Description Modea ip igmp version Configures the version of IGMP for an interface. IC show ip igmp Displays system-wide IGMP information. PE show ip igmp groups Displays the registered multicast groups on the PE interface. show ip igmp interface Displays the IGMP information for the specified interface. PE show ip igmp membership Displays the list of interfaces that have registered in the multicast group.
2CSPC4.X8100-SWUM100.book Page 125 Wednesday, August 29, 2012 6:23 PM IP Helper/DHCP Relay Modea Command Description bootpdhcprelay maxhopcount Configures the maximum allowable relay agent GC hops for BootP/DHCP Relay on the system. bootpdhcprelay minwaittime Configures the minimum wait time in seconds GC for BootP/DHCP Relay on the system. clear ip helper statistics Resets (to 0) the statistics displayed in show ip PE helper statistics.
2CSPC4.X8100-SWUM100.book Page 126 Wednesday, August 29, 2012 6:23 PM IP Routing Modea Command Description encapsulation Configures the link layer encapsulation type for IC the packet. ip address Configures an IP address on an interface. IC ip mtu Sets the IP Maximum Transmission Unit (MTU) on a routing interface. IC ip netdirbcast Enables the forwarding of network-directed IC ip route Configures a static route. Use the no form of the command to delete the static route.
2CSPC4.X8100-SWUM100.book Page 127 Wednesday, August 29, 2012 6:23 PM IPv6 Routing Command Description Modea clear ipv6 neighbors Clears all entries in the IPv6 neighbor table or an entry on a specific interface. PE clear ipv6 statistics Clears IPv6 statistics for all interfaces or for a PE specific interface, including loopback and tunnel interfaces. ipv6 address Configures an IPv6 address on an interface (including tunnel and loopback interfaces).
2CSPC4.X8100-SWUM100.book Page 128 Wednesday, August 29, 2012 6:23 PM Command Description Modea ipv6 mld router Enables MLD in the router in global configuration mode and for a specific interface in interface configuration mode. GC or IC ipv6 mtu Sets the maximum transmission unit (MTU) IC size, in bytes, of IPv6 packets on an interface. ipv6 nd dad attempts Sets the number of duplicate address detection probes transmitted while doing neighbor discovery.
2CSPC4.X8100-SWUM100.book Page 129 Wednesday, August 29, 2012 6:23 PM Modea Command Description ping ipv6 Determines whether another computer is on PE the network. ping ipv6 interface Determines whether another computer is on PE the network using Interface keyword. show ipv6 brief Displays the IPv6 status of forwarding mode and IPv6 unicast routing mode. show ipv6 interface Shows the usability status of IPv6 interfaces.
2CSPC4.X8100-SWUM100.book Page 130 Wednesday, August 29, 2012 6:23 PM Command Description Modea traceroute ipv6 Discovers the routes that packets actually take when traveling to their destination through the network on a hop-by-hop basis. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 81. Loopback Interface Command Description Modea interface loopback Enters the Interface Loopback configuration mode.
2CSPC4.X8100-SWUM100.book Page 131 Wednesday, August 29, 2012 6:23 PM Command Description Modea ip pim dr-priority Administratively configures the advertised designated router (DR) priority value. IC ip pim hello-interval Administratively configures the PIM Hello messages on the specified interface. IC ip pim join-prune-interval Administratively configures the frequency of IC join/prune messages on the specified interface.
2CSPC4.X8100-SWUM100.book Page 132 Wednesday, August 29, 2012 6:23 PM Modea Command Description show ip mcast mroute source Displays the multicast configuration settings of PE entries in the multicast mroute table. show ip mcast mroute static Displays all the static routes configured in the static mcast table. PE show ip pim bsr-router Displays the bootstrap router (BSR) information. PE show ip pim interface Displays PIM interface status parameters.
2CSPC4.X8100-SWUM100.book Page 133 Wednesday, August 29, 2012 6:23 PM Command Description Modea ipv6 pim dr-priority Sets the priority value for which a router is elected as the designated router (DR). IC ipv6 pim hello-interval Administratively configures the PIM-SM Hello IC Interval for the specified interface. ipv6 pim join-prune-interval Administratively configures the interface join/prune interval for the PIM-SM router.
2CSPC4.X8100-SWUM100.book Page 134 Wednesday, August 29, 2012 6:23 PM Modea Command Description show ipv6 pim neighbor Displays IPv6 PIMSM neighbors learned on the PE or routing interfaces. GC show ipv6 pim rphash Displays which rendezvous point (RP) is being selected for a specified group. show ipv6 pim rp mapping Displays all group-to-RP mappings of which the PE or router is aware (either configured or learned GC from the bootstrap router (BSR). a.
2CSPC4.X8100-SWUM100.book Page 135 Wednesday, August 29, 2012 6:23 PM Command Description Modea area virtual-link Creates the OSPF virtual interface for the specified area-id and neighbor router. ROSPF area virtual-link authentication Configures the authentication type and key for ROSPF the OSPF virtual interface identified by the area ID and neighbor ID.
2CSPC4.X8100-SWUM100.book Page 136 Wednesday, August 29, 2012 6:23 PM Modea Command Description enable Resets the default administrative mode of OSPF ROSPF in the router (active). exit-overflow-interval Configures the exit overflow interval for OSPF. ROSPF external-lsdb-limit Configures the external LSDB limit for OSPF. ROSPF ip ospf area Enables OSPFv2 and sets the area ID of an interface. IC ip ospf authentication Sets the OSPF Authentication Type and Key for the specified interface.
2CSPC4.X8100-SWUM100.book Page 137 Wednesday, August 29, 2012 6:23 PM Modea Command Description network area Enables OSPFv2 on an interface and sets its area ROSPF ID if the IP address of an interface is covered by this network command. passive-interface Sets the interface or tunnel as passive. passive-interface default Enables the global passive mode by default for all ROSPF interfaces. passive-interface Sets the interface or tunnel as passive.
2CSPC4.X8100-SWUM100.book Page 138 Wednesday, August 29, 2012 6:23 PM Command Description Modea show ip ospf range Displays information about the area ranges for the specified area-id. PE show ip ospf statistics Displays information about recent Shortest Path PE First (SPF) calculations. show ip ospf stub table Displays the OSPF stub table. show ip ospf virtual-link Displays the OSPF Virtual Interface information PE for a specific area and neighbor.
2CSPC4.X8100-SWUM100.book Page 139 Wednesday, August 29, 2012 6:23 PM Command Description Modea area nssa translator-role Configures the translator role of the NSSA. ROSV3 area nssa translator-stabintv Configures the translator stability interval of the ROSV3 NSSA. area range (Router OSPFv3) Creates an area range for a specified NSSA. ROSV3 area stub Creates a stub area for the specified area ID.
2CSPC4.X8100-SWUM100.book Page 140 Wednesday, August 29, 2012 6:23 PM Command Description Modea ipv6 ospf Enables OSPF on a router interface or loopback interface. IC ipv6 ospf area Sets the OSPF area to which the specified router IC interface belongs. ipv6 ospf cost Configures the cost on an OSPF interface. IC ipv6 ospf dead-interval Sets the OSPF dead interval for the specified interface. IC ipv6 ospf hello-interval Sets the OSPF hello interval for the specified interface.
2CSPC4.X8100-SWUM100.book Page 141 Wednesday, August 29, 2012 6:23 PM Modea Command Description redistribute Configures the OSPFv3 protocol to allow ROSV3 redistribution of routes from the specified source protocol/routers. router-id Sets a 4-digit dotted-decimal number uniquely identifying the Router OSPF ID. ROSV3 show ipv6 ospf Displays information relevant to the OSPF router. PE show ipv6 ospf abr Displays the internal OSPFv3 routes to reach Area Border Routers (ABR).
2CSPC4.X8100-SWUM100.book Page 142 Wednesday, August 29, 2012 6:23 PM Modea Command Description show ipv6 ospf virtuallinks Displays the OSPF Virtual Interface information PE for a specific area and neighbor. show ipv6 ospf virtuallink brief Displays the OSPFV3 Virtual Interface information for all areas in the system. a. PE For the meaning of each Mode abbreviation, see Mode Types on page 81.
2CSPC4.X8100-SWUM100.book Page 143 Wednesday, August 29, 2012 6:23 PM Command Description Modea default-information originate (Router RIP Configuration) Controls the advertisement of default routes. RIP default-metric Sets a default for the metric of distributed routes. RIP distance rip Sets the route preference value of RIP in the router. RIP distribute-list out Specifies the access list to filter routes received RIP from the source protocol.
2CSPC4.X8100-SWUM100.book Page 144 Wednesday, August 29, 2012 6:23 PM Tunnel Interface Modea Command Description interface tunnel Enables the interface configuration mode for a GC tunnel. show interfaces tunnel Displays the parameters related to tunnel such as tunnel mode, tunnel source address and tunnel destination address. PE tunnel destination Specifies the destination transport address of the tunnel. IC tunnel mode ipv6ip Specifies the mode of the tunnel.
2CSPC4.X8100-SWUM100.book Page 145 Wednesday, August 29, 2012 6:23 PM Modea Command Description vrrp preempt Sets the preemption mode value for the virtual IC router configured on a specified interface. vrrp priority Sets the priority value for the virtual router configured on a specified interface. vrrp timers advertise Sets the frequency, in seconds, that an interface IC on the specified virtual router sends a virtual router advertisement.
2CSPC4.X8100-SWUM100.book Page 146 Wednesday, August 29, 2012 6:23 PM Utility Commands Auto-Install Command Description Modea boot auto-copy-sw Enables or disables Stack Firmware Synchronization. GC boot auto-copy-sw allowdowngrade Enables downgrading the firmware version on GC the stack member if the firmware version on the manager is older than the firmware version on the member.
2CSPC4.X8100-SWUM100.book Page 147 Wednesday, August 29, 2012 6:23 PM Command Description Modea https port Configures an additional HTTPS port for captive portal to monitor. CP show captive-portal Displays the status of captive portal. PE show captive-portal status Reports the status of all captive portal instances PE in the system. block Blocks all traffic for a captive portal configuration. CPI configuration Enables the captive portal instance mode.
2CSPC4.X8100-SWUM100.book Page 148 Wednesday, August 29, 2012 6:23 PM Modea Command Description show captive-portal configuration client status Displays the clients authenticated to all captive PE portal configurations or a to specific configuration. show captive-portal interface client status Displays information about clients authenticated on all interfaces or a specific interface.
2CSPC4.X8100-SWUM100.book Page 149 Wednesday, August 29, 2012 6:23 PM Command Description Modea user group Creates a user group. CP user group moveusers Moves a group's users to a different group. CP user group name Configures a group name. CP a. For the meaning of each Mode abbreviation, see Mode Types on page 81. CLI Macro Command Description Modea macro name Creates a user-defined macro. GC macro global apply Use to apply a macro. GC macro global trace Applies and traces a macro.
2CSPC4.X8100-SWUM100.book Page 150 Wednesday, August 29, 2012 6:23 PM Command Description Modea sntp server Configures the SNTP server to use SNTP to request and accept NTP traffic from it. GC sntp trusted-key Authenticates the identity of a system to which GC Simple Network Time Protocol (SNTP) will synchronize. sntp unicast client enable Enables clients to use Simple Network Time Protocol (SNTP) predefined Unicast clients.
2CSPC4.X8100-SWUM100.book Page 151 Wednesday, August 29, 2012 6:23 PM Command Description Modea delete Deletes a file from a flash memory. PE delete backup-image Deletes a file from a flash memory device. PE delete backup-config Deletes the backup configuration file. PE delete startup-config Deletes the startup configuration file. PE dir Prints the contents of the flash file system. PE erase Erases the startup configuration, the backup configuration, or the backup image.
2CSPC4.X8100-SWUM100.book Page 152 Wednesday, August 29, 2012 6:23 PM Command Description Modea dos-control tcpflag Enables TCP Flag Denial of Service protections. GC dos-control tcpfrag Enables TCP Fragment Denial of Service protection. GC ip icmp echo-reply Enables or disables the generation of ICMP Echo GC Reply messages. ip icmp error-interval Limits the rate at which IPv4 ICMP error messages are sent. GC ip unreachables Enables the generation of ICMP Destination Unreachable messages.
2CSPC4.X8100-SWUM100.book Page 153 Wednesday, August 29, 2012 6:23 PM Management ACL Command Description Modea deny (management) Defines a deny rule. MA management access-class Defines which management access-list is used. GC management access-list Defines a management access-list, and enters the access-list for configuration. GC permit (management) Defines a permit rule. MA show management accessclass Displays the active management access-list.
2CSPC4.X8100-SWUM100.book Page 154 Wednesday, August 29, 2012 6:23 PM Modea Command Description passwords lock-out Enables the administrator to strengthen the GC security of the switch by enabling the user lockout feature. When a lockout count is configured, a user who is logging in must enter the correct password within that count. passwords min-length Enables the administrator to enforce a minimum length required for a password. GC passwords strength-check Enables the Password Strength feature.
2CSPC4.X8100-SWUM100.book Page 155 Wednesday, August 29, 2012 6:23 PM a. For the meaning of each Mode abbreviation, see Mode Types on page 81. PHY Diagnostics Command Description Modea show copper-ports tdr Displays the last TDR (Time Domain Reflectometry) tests on specified ports. PE show fiber-ports opticaltransceiver Displays the optical transceiver diagnostics.
2CSPC4.X8100-SWUM100.book Page 156 Wednesday, August 29, 2012 6:23 PM SDM Templates Command Description Modea sdm prefer Changes the template that will be active after the next reboot. GC show sdm prefer Views the currently active SDM template and its scaling parameters, or views the scaling parameters for an inactive template. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 81. Serviceability Tracing Command Description Modea debug arp Enables tracing of ARP packets.
2CSPC4.X8100-SWUM100.book Page 157 Wednesday, August 29, 2012 6:23 PM Modea Command Description debug ipv6 dhcp Displays debug information about DHCPv6 PE client activities and to trace DHCPv6 packets to and from the local DHCPv6 client. debug ipv6 mcache Traces MDATAv6 packet reception and transmission. debug ipv6 mld Traces MLD packet reception and transmission. PE debug ipv6 pimdm Traces PIMDMv6 packet reception and transmission.
2CSPC4.X8100-SWUM100.book Page 158 Wednesday, August 29, 2012 6:23 PM sFlow Command Description Modea sflow destination Configures sFlow collector parameters (owner string, receiver timeout, ip address, and port). GC sflow polling Enables a new sflow poller instance for the data GC source if rcvr_idx is valid. sflow polling (Interface Mode) Enable a new sflow poller instance for this data IC source if rcvr_idx is valid.
2CSPC4.X8100-SWUM100.book Page 159 Wednesday, August 29, 2012 6:23 PM Command Description Modea snmp-server community Sets up the community access string to permit access to SNMP protocol. GC snmp-server communitygroup Maps SNMP v1 and v2 security models to the group name. GC snmp-server contact Sets up a system contact (sysContact) string. GC snmp-server enable traps Enables SNMP traps globally or enables specific GC SNMP traps.
2CSPC4.X8100-SWUM100.book Page 160 Wednesday, August 29, 2012 6:23 PM Modea Command Description ip ssh pubkey-auth Enables public key authentication for incoming GC SSH sessions. ip ssh server Enables the switch to be configured from a SSH GC server connection. key-string Manually specifies a SSH public key. show crypto key mypubkey Displays its own SSH public keys stored on the PE switch. show crypto key pubkeychain ssh Displays SSH public keys stored on the switch.
2CSPC4.X8100-SWUM100.book Page 161 Wednesday, August 29, 2012 6:23 PM Modea Command Description logging console Limits messages logged to the console based on GC severity. logging facility Configures the facility to be used in log messages. GC logging file Limits syslog messages sent to the logging file based on severity. GC logging on Controls error messages logging. GC logging snmp Enables SNMP Set command logging. GC logging web-session Enables web session logging.
2CSPC4.X8100-SWUM100.book Page 162 Wednesday, August 29, 2012 6:23 PM Command Description Modea cut-through mode Enables the cut-through mode on the switch. GC exec-banner Enables exec banner on the console, telnet or SSH connection. LC hostname Specifies or modifies the switch host name. GC locate Locates a switch by LED blinking. PE login-banner Enables login banner on the console, telnet, or LC SSH connection. media-type Selects the media-type for the interface.
2CSPC4.X8100-SWUM100.book Page 163 Wednesday, August 29, 2012 6:23 PM Command Description Modea show process cpu Checks the CPU utilization for each process currently running on the switch. PE show sessions Displays a list of the open telnet sessions to remote hosts. PE show slot Displays information about all the slots in the system or for a specific slot. UE show supported cardtype Displays information about all card types supported in the system.
2CSPC4.X8100-SWUM100.book Page 164 Wednesday, August 29, 2012 6:23 PM Telnet Server Command Description Modea ip telnet server disable Enables/disables the Telnet service on the switch. GC ip telnet port Configures the Telnet TCP port number on the GC switch. show ip telnet Displays the status of the Telnet server and the PE Telnet TCP port number. a. For the meaning of each Mode abbreviation, see Mode Types on page 81.
2CSPC4.X8100-SWUM100.book Page 165 Wednesday, August 29, 2012 6:23 PM USB Flash Drive Command Description Modea unmount usb Makes the USB flash device inactive. PE show usb Displays the USB flash device details. PE dir usb Displays the USB device contents and memory PE statistics. a. For the meaning of each Mode abbreviation, see Mode Types. User Interface Command Description Modea enable Enters the privileged EXEC mode.
2CSPC4.X8100-SWUM100.book Page 166 Wednesday, August 29, 2012 6:23 PM Modea Command Description ip http port Specifies the TCP port for use by a web browser GC to configure the switch. ip http server Enables the switch to be configured from a browser. GC ip http secure-certificate Configures the active certificate for HTTPS. GC ip http secure-port Configures a TCP port for use by a secure web browser to configure the switch.
2CSPC4.X8100-SWUM100.book Page 167 Wednesday, August 29, 2012 6:23 PM 2 Using the CLI Introduction This chapter describes the basics of entering and editing the Dell PowerConnect 70xx Series Command Line Interface (CLI) commands and defines the command hierarchy. It also explains how to activate the CLI and implement its major functions.
2CSPC4.X8100-SWUM100.book Page 168 Wednesday, August 29, 2012 6:23 PM Two instances where the help information can be displayed are: • Keyword lookup — The key is entered in place of a command. A list of all valid commands and corresponding help messages is displayed. • Partial keyword lookup — A command is incomplete and the key is entered in place of a parameter. The matched parameters for this command are displayed.
2CSPC4.X8100-SWUM100.book Page 169 Wednesday, August 29, 2012 6:23 PM Table 2-1. History Buffer Keyword Source or Destination Up-arrow key Recalls commands in the history buffer, beginning with the most recent command. Repeats the key sequence to recall successively older commands. + Down-arrow key + Returns to more recent commands in the history buffer after recalling commands with the up-arrow key. Repeating the key sequence recalls more recent commands in succession.
2CSPC4.X8100-SWUM100.book Page 170 Wednesday, August 29, 2012 6:23 PM --------- ------------------------- ------ ------- ---- ------ -----------Gi1/0/1 N/A Unknown Auto Down Inactive Gi1/0/2 N/A Unknown Auto Down Inactive Gi1/0/3 N/A Unknown Auto Down Inactive Gi1/0/4 N/A Unknown Auto Down Inactive Gi1/0/5 N/A Unknown Auto Down Inactive Gi1/0/6 N/A Unknown Auto Down Inactive Command Completion CLI can complete partially entered commands when the user presses the or key.
2CSPC4.X8100-SWUM100.book Page 171 Wednesday, August 29, 2012 6:23 PM Table 2-2. CLI Shortcuts Keyboard Key Description Delete previous character + Go to beginning of line + Go to end of line + Go forward one character + Go backward one character + Delete current character + Delete to beginning of line + Delete to the end of the line.
2CSPC4.X8100-SWUM100.book Page 172 Wednesday, August 29, 2012 6:23 PM Operating on Multiple Objects (Range) The CLI allows the user to operate on the set of objects at the same time. The guidelines are as follows for range operation: • Operations on objects with four or more instances support the range operation, unless noted otherwise in the specific command documentation. • The range key word is used to identify the range of objects on which to operate.
2CSPC4.X8100-SWUM100.book Page 173 Wednesday, August 29, 2012 6:23 PM • Some parameters must be configured individually for each port or interface. Command Scripting The CLI can be used as a programmable management interface. To facilitate this function, any characters entered after the character are treated as a comment and ignored by the CLI. Also, the CLI allows the user to disable session timeouts.
2CSPC4.X8100-SWUM100.book Page 174 Wednesday, August 29, 2012 6:23 PM Interface Naming Conventions The conventions for naming interfaces in CLI commands are as follows: Ethernet Interfaces The gigabit Ethernet and ten-gigabit Ethernet ports are identified in the CLI by the variable unit/slot/port, where: • Unit#/Slot#/Port# — Identifies a specific interface by the interface type tag followed by the Unit# followed by a / symbol, then the Slot# followed by a / symbol, and then the Port#.
2CSPC4.X8100-SWUM100.book Page 175 Wednesday, August 29, 2012 6:23 PM Table 2-4.
2CSPC4.X8100-SWUM100.book Page 176 Wednesday, August 29, 2012 6:23 PM Tunnel Interfaces Tunnel interfaces are represented in the CLI by the variable tunnel-id, which can assume values from 0–7.
2CSPC4.X8100-SWUM100.book Page 177 Wednesday, August 29, 2012 6:23 PM CLI Command Modes Since the set of CLI commands is very large, the CLI is structured as a command-tree hierarchy, where related command sets are assigned to command modes for easier access. At each level, only the commands related to that level are available to the user and only those commands are shown in the context sensitive help for that level.
2CSPC4.X8100-SWUM100.book Page 178 Wednesday, August 29, 2012 6:23 PM The Privileged EXEC mode provides access to commands that can not be executed in the User EXEC mode and permits access to the switch Configuration mode. The Global Configuration mode manages switch configuration on a global level. For specific interface configurations, command modes exist at a sublevel. Entering a at the system prompt displays a list of commands available for that particular command mode.
2CSPC4.X8100-SWUM100.book Page 179 Wednesday, August 29, 2012 6:23 PM Global Configuration Mode Global Configuration commands apply to features that affect the system as a whole, rather than just a specific interface. The Privileged EXEC mode command configure is used to enter the Global Configuration mode. console(config)# The following are the Global Configuration modes: • SNMP v3 Host Configuration — Configures the parameters for the SNMP v3 server host.
2CSPC4.X8100-SWUM100.book Page 180 Wednesday, August 29, 2012 6:23 PM 180 • Management Access List — Contains commands to define management access administration lists. The Global Configuration mode command management access-list is used to enter the Management Access List configuration mode. • Policy-map — Use the policy-map command to access the QoS policy map configuration mode to configure the QoS policy map.
2CSPC4.X8100-SWUM100.book Page 181 Wednesday, August 29, 2012 6:23 PM • SSH Public Key-string — Contains commands to manually specify the SSH Public-key of a remote SSH Client. The SSH Public-Key Chain Configuration mode command user-key command is used to enter the SSH Public-Key Configuration mode. • MAC Access-List — Configures conditions required to allow traffic based on MAC addresses. The Global Configuration mode command macaccess-list is used to enter the MAC Access-List configuration mode.
2CSPC4.X8100-SWUM100.book Page 182 Wednesday, August 29, 2012 6:23 PM [# | >] — The # sign is used to indicate that the system is in the Privileged EXEC mode. The > symbol indicates that the system is in the User EXEC mode, which is a read-only mode in which the system does not allow configuration. Navigating CLI Command Modes Table 2-5 describes how to navigate through the CLI Command Mode hierarchy. Table 2-5.
2CSPC4.X8100-SWUM100.book Page 183 Wednesday, August 29, 2012 6:23 PM Table 2-5. Navigating CLI Command Modes (continued) Command Mode Access Method Command Prompt Exit or Access Previous Mode Line Interface From Global Configuration mode, use the line command. console(config-line)# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode. Management Access-List From Global Configuration mode, use the management access-list command.
2CSPC4.X8100-SWUM100.book Page 184 Wednesday, August 29, 2012 6:23 PM Table 2-5. Navigating CLI Command Modes (continued) Command Mode Access Method MAC Access List From Global Configuration mode, use the mac access-list command. Command Prompt Exit or Access Previous Mode console(config-mac-accesslist)# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode.
2CSPC4.X8100-SWUM100.book Page 185 Wednesday, August 29, 2012 6:23 PM Table 2-5. Navigating CLI Command Modes (continued) Command Mode Access Method Command Prompt Exit or Access Previous Mode Radius From Global Configuration mode, use the radius-server host command. console(config-radius)# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode. SNMP Host Configuration From Global Configuration mode, use the snmp-server command.
2CSPC4.X8100-SWUM100.book Page 186 Wednesday, August 29, 2012 6:23 PM Navigating CLI Command Modes (continued) Table 2-5. Command Mode Access Method Command Prompt Crypto Certificate Generation From Global Configuration mode, use the crypto certificate number generate command. console(config-crypto-cert)# To exit to Global Crypto Certificate Request From Privileged EXEC mode, use the crypto certificate number request command.
2CSPC4.X8100-SWUM100.book Page 187 Wednesday, August 29, 2012 6:23 PM Table 2-5. Navigating CLI Command Modes (continued) Command Mode Access Method Command Prompt Exit or Access Previous Mode MST From Global Configuration mode, use the spanning-tree mst configuration command. console(config-mst)# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode. VLAN Config console(config-vlan)# From Global Configuration mode, use the vlan database command.
2CSPC4.X8100-SWUM100.book Page 188 Wednesday, August 29, 2012 6:23 PM Navigating CLI Command Modes (continued) Table 2-5. Command Mode Access Method Command Prompt Router OSPFv3 Config console(config-rtr)# From Global Configuration mode, use the ipv6 router ospf command. console(config-dhcp6sIPv6 DHCP Pool From Global pool)# Mode Configuration mode, use the ipv6 dhcp pool command.
2CSPC4.X8100-SWUM100.book Page 189 Wednesday, August 29, 2012 6:23 PM Table 2-5. Navigating CLI Command Modes (continued) Command Mode Access Method Command Prompt Exit or Access Previous Mode 40 Gigabit Ethernet console (config-ifFrom Global Founit/slot/port# Configuration mode, use the interface fortygigabitetherne t command. Or, use the abbreviation interface fo. To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode.
2CSPC4.X8100-SWUM100.book Page 190 Wednesday, August 29, 2012 6:23 PM Table 2-5. Navigating CLI Command Modes (continued) Command Mode Access Method Command Prompt Loopback console(configFrom Global configuration mode, loopbackloopback-id)# use the interface loopback command. Or, use the abbreviation interface lo. Exit or Access Previous Mode To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode.
2CSPC4.X8100-SWUM100.book Page 191 Wednesday, August 29, 2012 6:23 PM By default the switch is shipped from the factory with an IP address of 192.168.2.1 but the Easy Setup Wizard provides the opportunity to customize the IP address. The initial activation must be done using the serial interface since, without a unique IP address, the user can not access the other management interfaces.
2CSPC4.X8100-SWUM100.book Page 192 Wednesday, August 29, 2012 6:23 PM running, the system does not display any unsolicited or unrelated status messages. For example, the system does not display event notification or system status messages. After completing the wizard, the user is given a chance to save his configuration and continue to the CLI. If the user chooses to discard his configuration, any restart of the wizard must be from the beginning.
2CSPC4.X8100-SWUM100.book Page 193 Wednesday, August 29, 2012 6:23 PM Figure 2-1.
2CSPC4.X8100-SWUM100.book Page 194 Wednesday, August 29, 2012 6:23 PM Example Session This section describes an Easy Setup Wizard session. Refer to the state diagram in the previous section for general flow. The following values used by the example session are not the only possible ones: • IP address for the VLAN 1 is 192.168.1.2:255.255.255.0. This address is on a different subnet than the OOB interface and in the same subnet as the default gateway.
2CSPC4.X8100-SWUM100.book Page 195 Wednesday, August 29, 2012 6:23 PM NOTE: In the following Easy Setup Wizard example, the possible user options are enclosed in [ ]. Also, where possible, default values are enclosed in []. If the user enters with no options defined, the default value is accepted. Help text is in parentheses.
2CSPC4.X8100-SWUM100.book Page 196 Wednesday, August 29, 2012 6:23 PM Network Manager or other management interfaces to change this setting, and to add additional management system later. For more information on adding management systems, see the user documentation. To add a management station: Please enter the SNMP community string to be used. {public}: public Please enter the IP address of the Management System (A.B.C.D) or wildcard (0.0.0.0) to manage from any Management Station. {0.0.0.0}: 192.
2CSPC4.X8100-SWUM100.book Page 197 Wednesday, August 29, 2012 6:23 PM Optionally you may request that the system automatically retrieve an IP address from the network via DHCP (this requires that you have a DHCP server running on the network). To setup an IP address: Please enter the IP address of the device (A.B.C.D) or enter "DHCP" (without the quotes) to automatically request an IP address from the network DHCP server. 192.168.1.2 Please enter the IP subnet mask (A.B.C.D or /nn): 255.255.255.
2CSPC4.X8100-SWUM100.book Page 198 Wednesday, August 29, 2012 6:23 PM Thank you for using the Dell Easy Setup Wizard. You will now enter CLI mode. ..... console> Using CLI Functions and Tools The CLI has been designed to manage the switch’s configuration file system and to manage switch security. A number of resident tools exist to support these and other functions. Configuration Management All managed systems have software images and databases that must be configured, backed up and restored.
2CSPC4.X8100-SWUM100.book Page 199 Wednesday, August 29, 2012 6:23 PM Copying Files The copy command not only provides a method for copying files within the file system, but also to and from remote servers. With the copy command and URLs to identify files, the user can back up images to local or remote systems or restore images from local or remote systems. To use the copy command, the user specifies the source file and the destination file.
2CSPC4.X8100-SWUM100.book Page 200 Wednesday, August 29, 2012 6:23 PM • startup-config — This file refers to the special configuration image stored in flash memory which is loaded when the system next reboots. The user may copy a particular configuration file (remote or local) to this special file name and reboot the system to force it to use a particular configuration. • image1 & image2 — These files refer to software images. One of these will be loaded when the system next reboots.
2CSPC4.X8100-SWUM100.book Page 201 Wednesday, August 29, 2012 6:23 PM User Accounts Management The CLI provides authentication for users either through remote authentication servers supporting TACACS+ or Radius or through a set of locally managed user accounts. The setup wizard asks the user to create the initial administrator account and password at the time the system is booted. The following rules and specifications apply: • The user may create five local user accounts.
2CSPC4.X8100-SWUM100.book Page 202 Wednesday, August 29, 2012 6:23 PM If the user account is created and maintained locally, each user is given an access level at the time of account creation. If the user is authenticated through remote authentication servers, the authentication server is configured to pass the user access level to the CLI when the user is authenticated. When Radius is used, the Vendor-Specific Option field returns the access level for the user. Two vendor specific options are supported.
2CSPC4.X8100-SWUM100.book Page 203 Wednesday, August 29, 2012 6:23 PM • If a log server is not specified by the user, the CLI maintains at most the last 1000 critical system events. In this case, less important events are not recorded. Security Logs Security logs are maintained to record all security events including the following: • User login. • User logout. • Denied login attempts. • User attempt to exceed security access level.
2CSPC4.X8100-SWUM100.book Page 204 Wednesday, August 29, 2012 6:23 PM • SSH and the keying information to use for SSH. • HTTP. • HTTPS and the security certificate to be used. • SNMPv1/v2c and the read and read/write community strings to be used. • SNMPv3 and the security information for used this protocol. For each of these management profiles, the user defines the list of hosts or subnets from which the management profiles may be used.
2CSPC4.X8100-SWUM100.book Page 205 Wednesday, August 29, 2012 6:23 PM Boot Utility Menu If a user is connected through the serial interface during the boot sequence, pressing the key interrupts the boot process and displays a Boot Utility Menu. Selecting item 2 displays the menu and may be typed only during the initial boot up sequence. When the system boot up is complete, typing the escape sequence does not display the menu. Boot Menu 4.1.0.
2CSPC4.X8100-SWUM100.book Page 206 Wednesday, August 29, 2012 6:23 PM 1 - 1200 2 - 2400 3 - 4800 4 - 9600 5 - 19200 6 - 38400 7 - 57600 8 - 115200 0 - no change Baud rate is not changed [Boot Menu] 3 Sending event log, start XMODEM receive..... File asciilog.bin Ready to SEND in binary mode Estimated File Size 0K, 12 Sectors, 89 Bytes Estimated transmission time 14 seconds Send several Control-X characters to cancel before transfer starts. [Boot Menu] 4 Ready to receive the file with XMODEM/CRC....
2CSPC4.X8100-SWUM100.book Page 207 Wednesday, August 29, 2012 6:23 PM Send several Control-X characters to cancel before transfer starts. CKCK [Boot Menu] 5 The following image is in the Flash File System: File Name......................................image2 CRC............................................0x3431 (13361) Target Device..................................0x00508548 Size...........................................0xc178 dc (12679388) Number of Components...........................
2CSPC4.X8100-SWUM100.book Page 208 Wednesday, August 29, 2012 6:23 PM Boot Code Size.................................0x100000 (1048576) Boot Code Offset...............................0xa73b68 (10959720) Boot Code FLASH flag...........................0 Boot Code CRC..................................0x578 VPD - rel 4 ver 1 maint_lvl 0 build_num 6 Timestamp - Mon Feb 28 16:43:14 2011 File - PC7000_M6348v4.1.0.6.
2CSPC4.X8100-SWUM100.book Page 209 Wednesday, August 29, 2012 6:23 PM Wrote 0x40000 bytes. Wrote 0x50000 bytes. Wrote 0x60000 bytes. Wrote 0x70000 bytes. Wrote 0x80000 bytes. Wrote 0x90000 bytes. Wrote 0xa0000 bytes. Wrote 0xb0000 bytes. Wrote 0xc0000 bytes. Wrote 0xd0000 bytes. Wrote 0xe0000 bytes. Wrote 0xf0000 bytes. Wrote 0x100000 bytes. Validating Flash.....Passed Flash update completed. Rebooting...
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 211 Wednesday, August 29, 2012 6:23 PM Boot Menu 4.1.0.6 Select an option. If no selection in 10 seconds then operational code will start. 1 - Start operational code. 2 - Start Boot Menu. Select (1, 2):2 Boot Menu 4.1.0.
2CSPC4.X8100-SWUM100.book Page 212 Wednesday, August 29, 2012 6:23 PM [Boot Menu] 8 Are you SURE you want to delete: image1 ? (y/n):y image1 deleted... [Boot Menu] 10 Are you SURE you want to delete the configuration? (y/n):y [Boot Menu] 11 Backup image - image1 activated. [Boot Menu] 12 Operational Code Date: Mon Feb 28 16:43:14 2011 Uncompressing.....
2CSPC4.X8100-SWUM100.book Page 213 Wednesday, August 29, 2012 6:23 PM Adding 0 symbols for standalone.
2CSPC4.X8100-SWUM100.book Page 214 Wednesday, August 29, 2012 6:23 PM - first cluster is in sector # 260 - Update last access date for open-read-close = FALSE PCI unit 0: Dev 0xb634, Rev 0x11, Chip BCM56634_B0, Driver BCM56634_B0 SOC unit 0 attached to PCI device BCM56634_B0 soc_reset_bcm56634_a0: TCAM PLL not locked.
2CSPC4.X8100-SWUM100.book Page 215 Wednesday, August 29, 2012 6:23 PM (Unit 1 - Waiting to select management unit)>USB Auto Configuration process is completed! Applying Global configuration, please wait ... Welcome to Dell Easy Setup Wizard The setup wizard guides you through the initial switch configuration, and gets you up and running as quickly as possible. You can skip the setup wizard, and enter CLI mode to manually configure the switch.
2CSPC4.X8100-SWUM100.book Page 216 Wednesday, August 29, 2012 6:23 PM Applying Interface configuration, please wait ... console>en console#reload Management switch has unsaved changes. Are you sure you want to continue? (y/n) y Configuration Not Saved! Are you sure you want to reload the stack? (y/n) y Reloading all switches. Boot Menu 4.1.0.6 CPU Card ID: 0x508548 CFI Probe: Found 2x16 devices in x16 mode /DskVol// - disk check in progress ...
2CSPC4.X8100-SWUM100.book Page 217 Wednesday, August 29, 2012 6:23 PM /DskVol//files/dh512.pem /DskVol//files/dh1024.pem /DskVol//files/sslt_cert1.pem /DskVol//files/sslt_key1.pem /DskVol//files/ssh_host_key /DskVol//files/ssh_host_dsa_key /DskVol//files/ssh_host_rsa_key /DskVol//files/log2.bin /DskVol//files/hpc_broad.cfg /DskVol//files/slog0.txt /DskVol//files/olog0.txt /DskVol//files/sslt.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 219 Wednesday, August 29, 2012 6:23 PM Boot Menu 4.1.0.
2CSPC4.X8100-SWUM100.book Page 220 Wednesday, August 29, 2012 6:23 PM copying file /DskVol/files/startup-config -> /RamDisk/startup-config copying file /DskVol/files/vpd.bin -> /RamDisk/vpd.bin copying file /DskVol/files/hpc_broad.cfg -> /RamDisk/hpc_broad.cfg copying file /DskVol/files/boot.dim -> /RamDisk/boot.dim copying file /DskVol/files/dh512.pem -> /RamDisk/dh512.pem copying file /DskVol/files/dh1024.pem -> /RamDisk/dh1024.pem copying file /DskVol/files/sslt_cert1.pem -> /RamDisk/sslt_cert1.
2CSPC4.X8100-SWUM100.book Page 221 Wednesday, August 29, 2012 6:23 PM dh1024.pem 0:20:24 245 5/30/113 sslt_cert1.pem 5:09:30 863 6/2/113 sslt_key1.pem 5:09:30 887 6/2/113 ssh_host_key 0:20:24 517 5/30/113 ssh_host_dsa_key 0:20:24 672 5/30/113 ssh_host_rsa_key 0:20:24 887 5/30/113 Filesystem size 25484288 Bytes used 12683956 Bytes free 12800332 Erasing FFS: CFI Probe: Found 2x16 devices in x16 mode Formatted 1 of 251 units = 0.3 % Formatted 2 of 251 units = 0.
2CSPC4.X8100-SWUM100.book Page 222 Wednesday, August 29, 2012 6:23 PM Formatted 12 of 251 units = 4.7 % Formatted 13 of 251 units = 5.1 % Formatted 14 of 251 units = 5.5 % Formatted 15 of 251 units = 5.9 % Formatted 16 of 251 units = 6.3 % Formatted 17 of 251 units = 6.7 % Formatted 18 of 251 units = 7.1 % Formatted 19 of 251 units = 7.5 % Formatted 20 of 251 units = 7.9 % Formatted 21 of 251 units = 8.3 % Formatted 22 of 251 units = 8.7 % Formatted 23 of 251 units = 9.1 % Formatted 24 of 251 units = 9.
2CSPC4.X8100-SWUM100.book Page 223 Wednesday, August 29, 2012 6:23 PM Formatted 38 of 251 units = 15.1 % Formatted 39 of 251 units = 15.5 % Formatted 40 of 251 units = 15.9 % Formatted 41 of 251 units = 16.3 % Formatted 42 of 251 units = 16.7 % Formatted 43 of 251 units = 17.1 % Formatted 44 of 251 units = 17.5 % Formatted 45 of 251 units = 17.9 % Formatted 46 of 251 units = 18.3 % Formatted 47 of 251 units = 18.7 % Formatted 48 of 251 units = 19.1 % Formatted 49 of 251 units = 19.
2CSPC4.X8100-SWUM100.book Page 224 Wednesday, August 29, 2012 6:23 PM Formatted 64 of 251 units = 25.4 % Formatted 65 of 251 units = 25.8 % Formatted 66 of 251 units = 26.2 % Formatted 67 of 251 units = 26.6 % Formatted 68 of 251 units = 27.0 % Formatted 69 of 251 units = 27.4 % Formatted 70 of 251 units = 27.8 % Formatted 71 of 251 units = 28.2 % Formatted 72 of 251 units = 28.6 % Formatted 73 of 251 units = 29.0 % Formatted 74 of 251 units = 29.4 % Formatted 75 of 251 units = 29.
2CSPC4.X8100-SWUM100.book Page 225 Wednesday, August 29, 2012 6:23 PM Formatted 90 of 251 units = 35.8 % Formatted 91 of 251 units = 36.2 % Formatted 92 of 251 units = 36.6 % Formatted 93 of 251 units = 37.0 % Formatted 94 of 251 units = 37.4 % Formatted 95 of 251 units = 37.8 % Formatted 96 of 251 units = 38.2 % Formatted 97 of 251 units = 38.6 % Formatted 98 of 251 units = 39.0 % Formatted 99 of 251 units = 39.4 % Formatted 100 of 251 units = 39.8 % Formatted 101 of 251 units = 40.
2CSPC4.X8100-SWUM100.book Page 226 Wednesday, August 29, 2012 6:23 PM Formatted 116 of 251 units = 46.2 % Formatted 117 of 251 units = 46.6 % Formatted 118 of 251 units = 47.0 % Formatted 119 of 251 units = 47.4 % Formatted 120 of 251 units = 47.8 % Formatted 121 of 251 units = 48.2 % Formatted 122 of 251 units = 48.6 % Formatted 123 of 251 units = 49.0 % Formatted 124 of 251 units = 49.4 % Formatted 125 of 251 units = 49.8 % Formatted 126 of 251 units = 50.1 % Formatted 127 of 251 units = 50.
2CSPC4.X8100-SWUM100.book Page 227 Wednesday, August 29, 2012 6:23 PM Formatted 142 of 251 units = 56.5 % Formatted 143 of 251 units = 56.9 % Formatted 144 of 251 units = 57.3 % Formatted 145 of 251 units = 57.7 % Formatted 146 of 251 units = 58.1 % Formatted 147 of 251 units = 58.5 % Formatted 148 of 251 units = 58.9 % Formatted 149 of 251 units = 59.3 % Formatted 150 of 251 units = 59.7 % Formatted 151 of 251 units = 60.1 % Formatted 152 of 251 units = 60.5 % Formatted 153 of 251 units = 60.
2CSPC4.X8100-SWUM100.book Page 228 Wednesday, August 29, 2012 6:23 PM Formatted 168 of 251 units = 66.9 % Formatted 169 of 251 units = 67.3 % Formatted 170 of 251 units = 67.7 % Formatted 171 of 251 units = 68.1 % Formatted 172 of 251 units = 68.5 % Formatted 173 of 251 units = 68.9 % Formatted 174 of 251 units = 69.3 % Formatted 175 of 251 units = 69.7 % Formatted 176 of 251 units = 70.1 % Formatted 177 of 251 units = 70.5 % Formatted 178 of 251 units = 70.9 % Formatted 179 of 251 units = 71.
2CSPC4.X8100-SWUM100.book Page 229 Wednesday, August 29, 2012 6:23 PM Formatted 194 of 251 units = 77.2 % Formatted 195 of 251 units = 77.6 % Formatted 196 of 251 units = 78.0 % Formatted 197 of 251 units = 78.4 % Formatted 198 of 251 units = 78.8 % Formatted 199 of 251 units = 79.2 % Formatted 200 of 251 units = 79.6 % Formatted 201 of 251 units = 80.0 % Formatted 202 of 251 units = 80.4 % Formatted 203 of 251 units = 80.8 % Formatted 204 of 251 units = 81.2 % Formatted 205 of 251 units = 81.
2CSPC4.X8100-SWUM100.book Page 230 Wednesday, August 29, 2012 6:23 PM Formatted 220 of 251 units = 87.6 % Formatted 221 of 251 units = 88.0 % Formatted 222 of 251 units = 88.4 % Formatted 223 of 251 units = 88.8 % Formatted 224 of 251 units = 89.2 % Formatted 225 of 251 units = 89.6 % Formatted 226 of 251 units = 90.0 % Formatted 227 of 251 units = 90.4 % Formatted 228 of 251 units = 90.8 % Formatted 229 of 251 units = 91.2 % Formatted 230 of 251 units = 91.6 % Formatted 231 of 251 units = 92.
2CSPC4.X8100-SWUM100.book Page 231 Wednesday, August 29, 2012 6:23 PM Formatted 246 of 251 units = 98.0 % Formatted 247 of 251 units = 98.4 % Formatted 248 of 251 units = 98.8 % Formatted 249 of 251 units = 99.2 % Formatted 250 of 251 units = 99.6 % Formatted 251 of 251 units = 100.
2CSPC4.X8100-SWUM100.book Page 232 Wednesday, August 29, 2012 6:23 PM - volume label: ) NO LABEL ; (in boot sector: - volume Id: 0x0 - total number of sectors: - bytes per sector: 124,408 512 - # of sectors per cluster: 4 - # of reserved sectors: - FAT entry size: 1 FAT16 - # of sectors per FAT copy: - # of FAT table copies: - # of hidden sectors: 122 2 8 - first cluster is in sector # 260 - Update last access date for open-read-close = FALSE done . ..
2CSPC4.X8100-SWUM100.book Page 233 Wednesday, August 29, 2012 6:23 PM copying file /RamDisk/startup-config -> /DskVol/files/startup-config copying file /RamDisk/vpd.bin -> /DskVol/files/vpd.bin copying file /RamDisk/hpc_broad.cfg -> /DskVol/files/hpc_broad.cfg copying file /RamDisk/boot.dim -> /DskVol/files/boot.dim copying file /RamDisk/dh512.pem -> /DskVol/files/dh512.pem copying file /RamDisk/dh1024.pem -> /DskVol/files/dh1024.pem copying file /RamDisk/sslt_cert1.pem -> /DskVol/files/sslt_cert1.
2CSPC4.X8100-SWUM100.book Page 234 Wednesday, August 29, 2012 6:23 PM dh512.pem 0:20:24 156 5/30/113 dh1024.pem 0:20:24 245 5/30/113 sslt_cert1.pem 5:09:30 863 6/2/113 sslt_key1.
2CSPC4.X8100-SWUM100.book Page 235 Wednesday, August 29, 2012 6:23 PM Layer 2 Switching Commands 3 The chapters that follow describe commands that conform to the OSI model data link layer (Layer 2). Layer 2 commands provide a logical organization for transmitting data bits on a particular medium. This layer defines the framing, addressing, and checksum functions for Ethernet packets.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 237 Wednesday, August 29, 2012 6:23 PM 4 AAA Commands Management access to the switch is via telnet, HTTP, SSH, or the serial console (SNMP access is discussed in SNMP Commands). To ensure that only authorized users can access and change the configuration of the switch, users must be authenticated.
2CSPC4.X8100-SWUM100.book Page 238 Wednesday, August 29, 2012 6:23 PM support the concept of time-out, subsequent entries in the list are never attempted. For example, the local authentication method implementation does not supply a time-out value. If a list contains the local method, followed by the radius authentication method, the radius method is not attempted.
2CSPC4.X8100-SWUM100.book Page 239 Wednesday, August 29, 2012 6:23 PM Accounting Method Lists An Accounting Method List (AML) is an ordered list of accounting methods that can be applied to the accounting types (exec or commands). Accounting Method Lists are identified by the default keyword or by a user-defined name. TACACS+ and RADIUS are supported as accounting methods. TACACS+ accounts all accounting types. RADIUS only accounts exec sessions.
2CSPC4.X8100-SWUM100.book Page 240 Wednesday, August 29, 2012 6:23 PM aaa authorization network default radius ip https authentication show users accounts aaa ias-user username login authentication show users login-history aaa new-model password (aaa IAS User Configuration) username clear (IAS) password (Line Configuration) – aaa authentication dot1x default Use the aaa authentication dot1x default command in Global Configuration mode to specify an authentication method for 802.1x clients.
2CSPC4.X8100-SWUM100.book Page 241 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Only one authentication method may be specified in the command. For the RADIUS authentication method, if the RADIUS server cannot be contacted, the supplicant fails authentication. The none method always allows access. the ias method utilizes the internal authentication server. The internal authentication server only supports the EAP-MD5 method.
2CSPC4.X8100-SWUM100.book Page 242 Wednesday, August 29, 2012 6:23 PM • list-name — Character string used to name the list of authentication methods activated, when using access higher privilege levels. (Range: 1-15 characters) • method1 [method2...] — Specify at least one from the following table: Keyword Source or destination enable Uses the enable password for authentication. line Uses the line password for authentication. none Uses no authentication.
2CSPC4.X8100-SWUM100.book Page 243 Wednesday, August 29, 2012 6:23 PM authenticate to get to privileged EXEC mode. For example, if none is specified as an authentication method after radius, no authentication is used if the RADIUS server is down. NOTE: Requests sent by the switch to a RADIUS server include the username "$enabx$", where x is the requested privilege level. For enable to be authenticated on Radius servers, add "$enabx$" users to them.
2CSPC4.X8100-SWUM100.book Page 244 Wednesday, August 29, 2012 6:23 PM Keyword Source or destination radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The default login lists are defaultList and networkList. defaultList is used by the console and only contains the method none. networkList is used by telnet and SSH and only contains the method local.
2CSPC4.X8100-SWUM100.book Page 245 Wednesday, August 29, 2012 6:23 PM aaa authorization Use the aaa authorization command to create an authorization method list. A list may be identified by a user-specified list-name or the keyword default. Use the no form of the command to delete an authorization list.
2CSPC4.X8100-SWUM100.book Page 246 Wednesday, August 29, 2012 6:23 PM Default Configuration Authorization is not enabled by default. Only TACACS is supported for authorization. Setting a none method for authorization authorizes all commands.
2CSPC4.X8100-SWUM100.book Page 247 Wednesday, August 29, 2012 6:23 PM None Selecting the none method authorizes all commands. Radius The radius method is only valid for EXEC authorization. Command authorization with RADIUS will work if and only if the applied authentication method is also radius. aaa authorization network default radius Use the aaa authorization network default radius command in Global Configuration mode to enable the switch to accept VLAN assignment by the RADIUS server.
2CSPC4.X8100-SWUM100.book Page 248 Wednesday, August 29, 2012 6:23 PM aaa ias-user username Use the aaa ias-user username command in Global Configuration mode to configure IAS users and their attributes. Username and password attributes are supported. The ias-user name is composed of up to 64 alphanumeric characters. This command also changes the mode to a user config mode. Use the no form of this command to remove the user from the internal user database.
2CSPC4.X8100-SWUM100.book Page 249 Wednesday, August 29, 2012 6:23 PM aaa new-model The aaa new-model command in Global Configuration mode is a no-op command. It is present only for compatibility purposes. PowerConnect switches only support the new model command set. Syntax aaa new-model Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 250 Wednesday, August 29, 2012 6:23 PM Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#clear aaa ias-users authorization Use the authorization command to apply a command authorization method to a line config.
2CSPC4.X8100-SWUM100.book Page 251 Wednesday, August 29, 2012 6:23 PM Parameter Description list_name Character string used to name the list of authorization methods. The list name can consist of any printable character. Use quotes around the list name if embedded blanks are contained in the list name. Default Configuration Authorization is not enabled on any line method by default.
2CSPC4.X8100-SWUM100.book Page 252 Wednesday, August 29, 2012 6:23 PM Syntax enable authentication {default | list-name} no enable authentication • default — Uses the default list created with the aaa authentication enable command. • list-name — Uses the indicated list created with the aaa authentication enable command. (Range: 1-12 characters) Default Configuration Uses the default set with the command aaa authentication enable.
2CSPC4.X8100-SWUM100.book Page 253 Wednesday, August 29, 2012 6:23 PM • password — Password for this level (Range: 8- 64 characters). • encrypted — Encrypted password entered, copied from another switch configuration. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines The 4.x firmware emulates industry standard behavior for enable mode authentication over SSH and telnet. In 4.
2CSPC4.X8100-SWUM100.book Page 254 Wednesday, August 29, 2012 6:23 PM • method1 [method2...] — Specify at least one from the following table: Keyword Source or destination local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked.
2CSPC4.X8100-SWUM100.book Page 255 Wednesday, August 29, 2012 6:23 PM no ip https authentication Parameter Description method1 [method2...] — Specify at least one from the following table: Keyword Source or destination local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked.
2CSPC4.X8100-SWUM100.book Page 256 Wednesday, August 29, 2012 6:23 PM login authentication Use the login authentication command in Line Configuration mode to specify the login authentication method list for a line (console, telnet, or SSH). To return to the default specified by the authentication login command, use the no form of this command. Syntax login authentication {default | list-name} no login authentication • default — Uses the default list created with the aaa authentication login command.
2CSPC4.X8100-SWUM100.book Page 257 Wednesday, August 29, 2012 6:23 PM password (aaa IAS User Configuration) Use the password command in aaa IAS User Configuration mode to configure a password for a user. The password is composed of up to 64 alphanumeric characters. An optional parameter [encrypted] is provided to indicate that the password given to the command is already pre-encrypted. To clear the user’s password, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 258 Wednesday, August 29, 2012 6:23 PM console(Config-IAS-User)#password 1f3ccb1157 console(Config-IAS-User)#exit console(config)# password (Line Configuration) Use the password command in Line Configuration mode to specify a password on a line. To remove the password, use the no form of this command. NOTE: For commands that configure password properties, see Password Management Commands on page 1559.
2CSPC4.X8100-SWUM100.book Page 259 Wednesday, August 29, 2012 6:23 PM password (User EXEC) Use the password command in User EXEC mode to allow a currently logged in user to change the password for only that user without having read/write privileges. This command should be used after the password has aged. The user is prompted to enter the old password and the new password. NOTE: For commands that configure password properties, see Password Management Commands.
2CSPC4.X8100-SWUM100.book Page 260 Wednesday, August 29, 2012 6:23 PM show aaa ias-users Use the show aaa ias-users command in Privileged EXEC mode to display configured IAS users and their attributes. Passwords configured are not shown in the show command output. Syntax show aaa ias-users [username] Parameter Description This command does not require a parameter description. Default Behavior This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 261 Wednesday, August 29, 2012 6:23 PM password a45c74fdf50a558a2b5cf05573cd633bac2c6c598d54497ad4c46 104918f2c encrypted exit show aaa statistics Use the show aaa statistics command in Privileged EXEC mode to display accounting statistics. Syntax show aaa statistics Default Configuration This command has no default setting. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 262 Wednesday, August 29, 2012 6:23 PM Errors when sending Accounting Notifications at beginning of a command execution: 0 Number of Accounting Notifications sent at end of a command execution: 0 Errors when sending Accounting Notifications at end of a command execution: 0 show authentication methods Use the show authentication methods command in Privileged EXEC mode to display information about the authentication methods.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 264 Wednesday, August 29, 2012 6:23 PM User Guidelines Command authorization is supported only for the line, telnet, and SSH access methods.
2CSPC4.X8100-SWUM100.book Page 265 Wednesday, August 29, 2012 6:23 PM show users accounts Use the show users accounts command in Privileged EXEC mode to display the local user status with respect to user account lockout and password aging. Syntax show users accounts Parameter Description The following fields are displayed by this command. Parameter Description User Name Local user account’s user name. Privilege User’s access level (read only or read/write).
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 267 Wednesday, August 29, 2012 6:23 PM Example The following example show user login history outputs. console#show users login-history Login Time Username Protocol Location -------------------- --------- --------- ----------- Jan 19 2005 08:23:48 Bob Serial Jan 19 2005 08:29:29 Robert HTTP 172.16.0.8 Jan 19 2005 08:42:31 John SSH 172.16.0.1 Jan 19 2005 08:49:52 Betty Telnet 172.16.1.
2CSPC4.X8100-SWUM100.book Page 268 Wednesday, August 29, 2012 6:23 PM Parameter Description password The authentication password for the user. Range: 8-64 characters. This value can be 0 [zero] if the no passwords min-length command has been executed. The special characters allowed in the password include ! # $ % & ‘ ( ) * + , - . / : ; < = > @ [ \ ] ^ _ ` { | } ~. level The user’s privilege level. Level 0 can be assigned by a level 15 user to another user to suspend that user’s access. Range: 0-15.
2CSPC4.X8100-SWUM100.book Page 269 Wednesday, August 29, 2012 6:23 PM Message Type Message Description Successful Completion Message No message is displayed. Error Completion Message Could not set user password! Reason behind the failure 1 Exceeds Minimum Length of a Password. Password should be in the range of 8-64 characters in length. Set minimum password length to 0 by using the passwords min-length 0 command.
2CSPC4.X8100-SWUM100.book Page 270 Wednesday, August 29, 2012 6:23 PM username unlock Use the username unlock command in Global Configuration mode to unlock a locked user account. Only a user with read/write access can re-activate a locked user account. Syntax username username unlock Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 271 Wednesday, August 29, 2012 6:23 PM 5 Administrative Profiles Commands Overview The administrative profiles capability provides the network administrator control over which commands a user is allowed to execute. The administrator is able to group commands into a “profile” and assign a profile to a user upon authentication. This provides more granularity than simply allowing readonly and read-write users.
2CSPC4.X8100-SWUM100.book Page 272 Wednesday, August 29, 2012 6:23 PM If the successful authentication method does not provide an Administrative Profile for a user, then the user is permitted access based upon the user’s privilege level (as in previous releases). This means that if a user successfully passes enable authentication, the user is permitted access to all commands. This is also true if none of the Administrative Profiles provided are configured on the switch.
2CSPC4.X8100-SWUM100.book Page 273 Wednesday, August 29, 2012 6:23 PM admin-profile Use the admin-profile command in Global Config mode to create an administrative profile. The system-defined administrative profiles cannot be deleted. When creating a profile, the user is placed into Administrative Profile Configuration mode. Use the no form of the command to delete an administrative profile and all its rules.
2CSPC4.X8100-SWUM100.book Page 274 Wednesday, August 29, 2012 6:23 PM description (Administrative Profile Config) Use the description command in Administrative Profile Configuration mode to add a description to an administrative profile. Use the no form of this command to delete the description. Syntax description text no description Parameter Description Parameter Description text A description of, or comment about, the administrative profile.
2CSPC4.X8100-SWUM100.book Page 275 Wednesday, August 29, 2012 6:23 PM rule Use the rule command to add a rule to an administrative profile. Use the no form of this command to delete a rule. Syntax rule number {deny|permit} {command command-string|mode mode-name} no rule number Parameter Description Parameter Description number The sequence number of the rule. Rules are applied from the highest sequence number to the lowest. Range: 1 to 256. command-string Specifies which commands to permit or deny.
2CSPC4.X8100-SWUM100.book Page 276 Wednesday, August 29, 2012 6:23 PM show admin-profiles Use the show admin-profiles command in Privileged EXEC mode to show the administrative profiles. If the optional profile name parameter is used, only that profile will be shown. Syntax show admin-profiles [name profile-name] Parameter Description Parameter Description profile-name The name of the administrative profile to display. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 277 Wednesday, August 29, 2012 6:23 PM Example console#show admin-profiles name qos Profile: qos Description: This profile allows access to QoS commands.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 279 Wednesday, August 29, 2012 6:23 PM 6 ACL Commands Access to a switch or router can be made more secure through the use of Access Control Lists (ACLs) to control the type of traffic allowed into or out of specific ports. An ACL consists of a series of rules, each of which describes the type of traffic to be processed and the actions to take for packets that meet the classification criteria. Rules within an ACL are evaluated sequentially until a match is found, if any.
2CSPC4.X8100-SWUM100.book Page 280 Wednesday, August 29, 2012 6:23 PM classifier rule. The ACL logging feature allows these hardware hit counts to be collected on a per-rule basis and reported periodically to the network administrator using the system logging facility and an SNMP trap. The PowerConnect ACL permit/deny rule specification supports a log parameter that enables hardware hit count collection and reporting.
2CSPC4.X8100-SWUM100.book Page 281 Wednesday, August 29, 2012 6:23 PM Table 6-1. Common Ethertypes EtherType Protocol 0x0800 Internet Protocol version 4 (IPv4) 0x0806 Address Resolution Protocol (ARP) 0x0842 Wake-on LAN Packet 0x8035 Reverse Address Resolution Protocol (RARP) 0x8100 VLAN tagged frame (IEEE 802.1Q) 0x86DD Internet Protocol version 6 (IPv6) 0x8808 MAC Control 0x8809 Slow Protocols (IEEE 802.3) 0x8870 Jumbo frames 0x888E EAP over LAN (EAPOL – 802.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 283 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description list-name Access-list name up to 31 characters in length. deny | permit Specifies whether the IP ACL rule permits or denies an action. every Allows all protocols. eq Equal. Refers to the Layer 4 port number being used as match criteria. The first reference is source match criteria, the second is destination match criteria. number Standard protocol number.
2CSPC4.X8100-SWUM100.book Page 284 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Access list names can consist of any printable character. Names can be up to 31 characters in length. Examples The following examples create an ACL to discard any HTTP traffic from 192.168.77.171, but allow all other traffic from 192.168.77.171: console(config)#access-list alpha deny ip 192.168.77.171 0.0.0.0 0.0.0.0 255.255.255.
2CSPC4.X8100-SWUM100.book Page 285 Wednesday, August 29, 2012 6:23 PM {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | number} srcip srcmask [{eq {portkey | 0-65535} dstip dstmask [{eq {portkey| 0-65535}] [precedence precedence | tos tos tosmask | dscp dscp] [log] [time-range time-range-name] [assign-queue queue-id] [{mirror | redirect} interface-id] Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 286 Wednesday, August 29, 2012 6:23 PM Ethertype Protocol 0x8809 Slow Protocols (IEEE 802.3) 0x8870 Jumbo frames 0x888E EAP over LAN (EAPOL – 802.1x) 0x88CC Link Layer Discovery Protocol 0x8906 Fibre Channel over Ethernet 0x8914 FCoE Initialization Protocol 0x9100 Q in Q deny | permit (Mac-Access-List-Configuration) Use the deny command in Mac-Access-List Configuration mode to deny traffic if the conditions defined in the deny statement are matched.
2CSPC4.X8100-SWUM100.book Page 287 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description srcmac Valid source MAC address in format xxxx.xxxx.xxxx. srcmacmask Valid MAC address bitmask for the source MAC address in format xxxx.xxxx.xxxx. any Packets sent to or received from any MAC address dstmac Valid destination MAC address in format xxxx.xxxx.xxxx. destmacmask Valid MAC address bitmask for the destination MAC address in format xxxx.xxxx.xxxx.
2CSPC4.X8100-SWUM100.book Page 288 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Mac-Access-List Configuration mode User Guidelines The no form of this command is not supported, as the rules within an ACL cannot be deleted individually. Rather the entire ACL must be deleted and respecified. The assign-queue and redirect parameters are only valid for permit commands.
2CSPC4.X8100-SWUM100.book Page 289 Wednesday, August 29, 2012 6:23 PM • direction — Direction of the ACL. (Range: in or out. Default is in.) • seqnum — Precedence for this interface and direction. A lower sequence number has higher precedence. Range: 1 – 4294967295. Default is1. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 290 Wednesday, August 29, 2012 6:23 PM no mac access-group name • name — Name of the existing MAC access list. (Range: 1-31 characters) • direction — Only the in-bound direction is supported. • sequence — Order of access list relative to other access lists already assigned to this interface and direction. (Range: 1-4294967295) Default Configuration The default direction is in (in-bound).
2CSPC4.X8100-SWUM100.book Page 291 Wednesday, August 29, 2012 6:23 PM Syntax mac access-list extended name no mac access-list extended name • name — Name of the access list. (Range: 1-31 characters) Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Use this command to create a mac access control list. The CLI mode is changed to Mac-Access-List Configuration when this command is successfully executed.
2CSPC4.X8100-SWUM100.book Page 292 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Command fails if the new name is the same as the old one. Example The following example shows the mac access-list extended rename command. console(config)#mac access-list extended rename DELL1 DELL2 service-acl input Use the service-acl input command in Interface Configuration mode to block Link Local Protocol Filtering (LLPF) protocol(s) on a given port.
2CSPC4.X8100-SWUM100.book Page 293 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet, Port-channel) User Guidelines To specify multiple protocols, enter the protocol parameters together on the command line, separated by spaces. This command can only be entered once per interface if no intervening no service-acl input command has been entered.
2CSPC4.X8100-SWUM100.book Page 294 Wednesday, August 29, 2012 6:23 PM Example console#show service-acl interface gi1/0/1 Block CDP................................ Enable Block VTP.................................Enable Block DTP..................................Enable Block UDLD................................ Enable Block PAGP.................................Enable Block SSTP................................ Enable Block All.................................
2CSPC4.X8100-SWUM100.book Page 295 Wednesday, August 29, 2012 6:23 PM Examples The following example displays IP ACLs configured on a device. console#show ip access-lists Current number of ACLs: 2 ACL Name Vlan(s) Maximum number of ACLs: 100 Rules Interface(s) ----------------------------------------------------ACL40 1 ACL41 1 show mac access-list Use the show mac access-list command in Privileged EXEC mode to display a MAC access list and all of the rules that are defined for the MAC ACL.
2CSPC4.X8100-SWUM100.book Page 296 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays a MAC access list and all associated rules. console#show mac access-list DELL123 The command output provides the following information: Fields Description MAC ACL Name The name of the MAC access list. Rules The number of user-configured rules defined for the MAC ACL.
2CSPC4.X8100-SWUM100.book Page 297 Wednesday, August 29, 2012 6:23 PM Address Table Commands 7 Static MAC Filtering allows the administrator to add a number of unicast or multicast MAC addresses directly to the forwarding database. This is typically a small number relative to the total size of the database. Associated with each static MAC address is a set of source ports, a set of destination ports and VLAN information.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 299 Wednesday, August 29, 2012 6:23 PM Parameter Description interface-id Delete all dynamic MAC addresses on the specified physical port or port channel. vlan-id Delete all dynamic MAC addresses for the specified VLAN. The range is 1 to 4093. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, the mac address-table tables are cleared.
2CSPC4.X8100-SWUM100.book Page 300 Wednesday, August 29, 2012 6:23 PM Parameter Description 10-1000000 Set the number of seconds aging time for the MAC Address Table Default Configuration 300 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In this example the MAC Address Table aging time is set to 400.
2CSPC4.X8100-SWUM100.book Page 301 Wednesday, August 29, 2012 6:23 PM Default Configuration Multicast filtering is disabled by default. The switch will flood multicast packets to all ports belonging to the received VLAN and ignores the settings of the mac address-table multicast forbidden and mac address-table multicast forward-unregistered commands.
2CSPC4.X8100-SWUM100.book Page 302 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description add Adds ports to the group. If no option is specified, this is the default option. remove Removes ports from the group. vlan vlan-id A valid vlan-id. (Range 1-4093) mac-multicastaddress MAC Multicast address in the format xxxx.xxxx.xxxx. ip-multicast-address IP Multicast address.
2CSPC4.X8100-SWUM100.book Page 303 Wednesday, August 29, 2012 6:23 PM mac address-table multicast forbidden forwardunregistered Use the mac address-table multicast forbidden forward-unregistered command in Global Configuration mode to forbid forwarding unregistered– multicast–addresses. Use the no form of this command to return to the default.
2CSPC4.X8100-SWUM100.book Page 304 Wednesday, August 29, 2012 6:23 PM mac address-table multicast forward-all Use the mac address-table multicast forward-all command in Interface Configuration mode to enable forwarding of all Multicast packets. To restore the default, use the no form of the mac address-table multicast forward-all command.
2CSPC4.X8100-SWUM100.book Page 305 Wednesday, August 29, 2012 6:23 PM mac address-table multicast forwardunregistered Use the mac address-table multicast forward-unregistered command in Global Configuration mode to enable the forwarding of unregistered multicast addresses. Syntax mac address-table multicast forward-unregistered vlan vlan-id Parameter Description Parameter Description vlan vlan-id A valid VLAN ID (Range 1-4093).
2CSPC4.X8100-SWUM100.book Page 306 Wednesday, August 29, 2012 6:23 PM mac address-table multicast static Use the mac address-table multicast static command in Global Configuration mode to register MAC layer Multicast addresses to the bridge table and to add ports to the group statically. To deregister the MAC address, use the no form of the mac address-table multicast static command.
2CSPC4.X8100-SWUM100.book Page 307 Wednesday, August 29, 2012 6:23 PM User Guidelines If the command is executed without add or remove, the command registers only the group in the bridge database. Static Multicast addresses can be defined only on static VLANs. Examples The following example registers the MAC address. console(config)#mac address-table vlan 8 multicast static 0100.5e02.0203 The following example registers the MAC address and adds ports statically.
2CSPC4.X8100-SWUM100.book Page 308 Wednesday, August 29, 2012 6:23 PM Default Configuration No static addresses are defined. The default mode for an added address is permanent. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example adds a permanent static MAC-layer station source address 3aa2.64b3.a245 to the MAC address table. console(config)# mac address-table static 3AA2.64B3.
2CSPC4.X8100-SWUM100.book Page 309 Wednesday, August 29, 2012 6:23 PM User Guidelines When port security is enabled on an interface, all dynamic entries learned up to that point are flushed, and new entries can be learned only to the limit set by the port security max command. The default limit is 100 dynamic MAC addresses. Example In this example, frame forwarding is enabled without learning, and with traps sent every 100 seconds on port gi1/0/1.
2CSPC4.X8100-SWUM100.book Page 310 Wednesday, August 29, 2012 6:23 PM Example The following example shows using this command in Ethernet Interface Configuration mode. console(config-if-Te1/0/3)# port security max 80 show mac address-table multicast Use the show mac address-table multicast command in Privileged EXEC mode to display Multicast MAC address table information.
2CSPC4.X8100-SWUM100.book Page 311 Wednesday, August 29, 2012 6:23 PM ----- ------------------- 1 ------- 0100.5E05.0505 ------------------ Static Forbidden ports for multicast addresses: Vlan MAC Address ---- ----------------------- 1 Ports --------------------------- 0100.5E05.0505 NOTE: A multicast MAC address maps to multiple IP addresses, as shown above.
2CSPC4.X8100-SWUM100.book Page 312 Wednesday, August 29, 2012 6:23 PM Filtering: Enabled VLAN: 1 Mode: Forward-Unregistered show mac address-table Use the show mac address-table command in User EXEC or Privileged EXEC mode to display all entries in the bridge-forwarding database. Syntax show mac address-table Parameter Description This command has no arguments or keywords. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 313 Wednesday, August 29, 2012 6:23 PM Vlan Mac Address Type Port ---- ---------------- ---------- ----------0 001E.C9AA.AE19 Management CPU Interface: 1 001E.C9AA.AC19 Dynamic Gi1/0/21 1 001E.C9AA.AE1B Management Vl1 10 001E.C9AA.AE1B Management Vl10 90 001E.C9AA.
2CSPC4.X8100-SWUM100.book Page 314 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example In this example, the mac address table entry for 0000.E26D.2C2A is displayed. console#show mac address-table address 0000.E26D.2C2A Vlan Mac Address Type Port ---- -------------- -------- ------------1 0000.E26D.
2CSPC4.X8100-SWUM100.book Page 315 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 316 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example In this example, all dynamic entries in the mac address-table are displayed. console#show mac address-table dynamic Aging time is 300 Sec Vlan Mac Address Type Port ---- -------------- ------- ------------1 0000.0001.
2CSPC4.X8100-SWUM100.book Page 317 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description interface-id Specify an interface type.Valid interfaces include physical ports and port channels. vlan-id Specify a valid VLAN. The range is 1 to 4093. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 318 Wednesday, August 29, 2012 6:23 PM show mac address-table static Use the show mac address-table static command in User EXEC or Privileged EXEC mode to display static entries in the bridge-forwarding database. Syntax show mac address-table static [address mac-address] [interface interface-id] [vlan vlan-id] Parameter Description Parameter Description mac-address A MAC address with the format xxxx.xxxx.xxxx.
2CSPC4.X8100-SWUM100.book Page 319 Wednesday, August 29, 2012 6:23 PM 1 0001.0001.0001 Static gi1/0/1 show mac address-table vlan Use the show mac address-table vlan command in User EXEC or Privileged EXEC mode to display all entries in the bridge-forwarding database for the specified VLAN. Syntax show mac address-table [vlan vlan-id] Parameter Description Parameter Description vlan-id Specify a valid VLAN; the range is 1 to 4093. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 320 Wednesday, August 29, 2012 6:23 PM 1 0000.0001.0000 Dynamic gi1/0/1 1 0000.8420.5010 Dynamic gi1/0/1 1 0000.E26D.2C2A Dynamic gi1/0/1 1 0000.E89A.596E Dynamic gi1/0/1 1 0001.02F1.0B33 Dynamic gi1/0/1 Total Mac Addresses for this criterion: 5 show ports security Use the show ports security command in Privileged EXEC mode to display the port-lock status.
2CSPC4.X8100-SWUM100.book Page 321 Wednesday, August 29, 2012 6:23 PM 1/0/1 Locked Discard 1/0/2 Unlocked 1/0/3 Locked - 3 Enable 28 100 - Discard, Shutdown 8 Disable - The following table describes the fields in this example. Field Description Port The port number. Status The status can be one of the following: Locked or Unlocked. Actions Action on violations. Maximum The maximum addresses that can be associated on this port in Static Learning mode or in Dynamic Learning mode.
2CSPC4.X8100-SWUM100.book Page 322 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Examples The following example displays dynamic addresses for port channel number 1/0/1.
2CSPC4.X8100-SWUM100.book Page 323 Wednesday, August 29, 2012 6:23 PM 8 Auto-VoIP Commands Voice over Internet Protocol (VoIP) allows network users to make telephone calls using a computer network over a data network like the Internet. With the increased prominence of delay-sensitive applications (voice, video, and other multimedia applications) deployed in networks today, proper QoS configuration ensures high-quality application performance.
2CSPC4.X8100-SWUM100.book Page 324 Wednesday, August 29, 2012 6:23 PM show switchport voice Use the show switchport voice command to show the status of Auto-VoIP on an interface or all interfaces. Syntax show switchport voice [gigabitethernet unit/slot/port| port-channel portchannel-number | tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port] Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 327 Wednesday, August 29, 2012 6:23 PM switchport voice detect auto The switchport voice detect auto command is used to enable the VoIP Profile on all the interfaces of the switch (global configuration mode) or for a specific interface (interface configuration mode).Use the no form of the command to disable the VoIP Profile. Syntax switchport voice detect auto no switchport voice detect auto Default Configuration This feature is disabled by default.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 329 Wednesday, August 29, 2012 6:23 PM CDP Interoperability Commands 9 Industry Standard Discovery Protocol (ISDP) is a proprietary Layer 2 network protocol which inter-operates with Cisco network equipment and is used to share information between neighboring devices. PowerConnect switches participate in the ISDP protocol and are able to both discover and be discovered by devices that support the Cisco Discovery Protocol (CDP).
2CSPC4.X8100-SWUM100.book Page 330 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console#clear isdp counters clear isdp table The clear isdp table command clears entries in the ISDP table. Syntax clear isdp table Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 331 Wednesday, August 29, 2012 6:23 PM Default Configuration ISDP sends version 2 packets by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#isdp advertise-v2 isdp enable The isdp enable command enables ISDP on the switch. User the “no” form of this command to disable ISDP. Use this command in global configuration mode to enable the ISDP function on the switch.
2CSPC4.X8100-SWUM100.book Page 332 Wednesday, August 29, 2012 6:23 PM Example The following example enables isdp on interface 1/0/1. console(config)#interface gigabitethernet 1/0/1 console(config-if-Gi1/0/1)#isdp enable isdp holdtime The isdp holdtime command configures the hold time for ISDP packets that the switch transmits. The hold time specifies how long a receiving device should store information sent in the ISDP packet before discarding it. The range is given in seconds.
2CSPC4.X8100-SWUM100.book Page 333 Wednesday, August 29, 2012 6:23 PM isdp timer The isdp timer command sets period of time between sending new ISDP packets. The range is given in seconds. Use the “no” form of this command to reset the timer to the default. Syntax isdp timer time no isdp timer Parameter Description Parameter Description time The time in seconds (range: 5–254 seconds). Default Configuration The default timer is 30 seconds.
2CSPC4.X8100-SWUM100.book Page 334 Wednesday, August 29, 2012 6:23 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example console#show isdp Timer................................ 30 Hold Time............................ 180 Version 2 Advertisements............. Enabled Neighbors table last time changed.... 0 days 00:06:01 Device ID...........
2CSPC4.X8100-SWUM100.book Page 335 Wednesday, August 29, 2012 6:23 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example console#show isdp entry Switch Device ID Switch Address(es): IP Address: 172.20.1.18 IP Address: 172.20.1.
2CSPC4.X8100-SWUM100.book Page 336 Wednesday, August 29, 2012 6:23 PM Compiled Wed 21-Mar-07 12:20 by tinhuang show isdp interface The show isdp interface command displays ISDP settings for the specified interface. Syntax show isdp interface {all | gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port} Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 338 Wednesday, August 29, 2012 6:23 PM Syntax show isdp neighbors {[gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port | fortygigabitethernet | detail]} Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The information displayed varies based upon the information received from the ISDP neighbor.
2CSPC4.X8100-SWUM100.book Page 339 Wednesday, August 29, 2012 6:23 PM Interface 1/0/1 Port ID GigabitEthernet1/1 Holdtime 162 Advertisement Version 2 Entry last changed time 0 days 00:55:20 Version : Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9K91S-M), Version 12.2(25)EWA9, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc.
2CSPC4.X8100-SWUM100.book Page 340 Wednesday, August 29, 2012 6:23 PM ISDP Packets Transmitted....................... 127 ISDPv1 Packets Received........................ 0 ISDPv1 Packets Transmitted..................... 0 ISDPv2 Packets Received........................ 4253 ISDPv2 Packets Transmitted..................... 4351 ISDP Bad Header................................ 0 ISDP Checksum Error............................ 0 ISDP Transmission Failure...................... 0 ISDP Invalid Format..............
2CSPC4.X8100-SWUM100.book Page 341 Wednesday, August 29, 2012 6:23 PM 10 DHCP Layer 2 Relay Commands In the majority of network configurations, DHCP clients and their associated servers do not reside on the same IP network or subnet. Therefore, some kind of third-party agent is required to transfer DHCP messages between clients and servers. Such an agent is known as a DHCP Relay agent. The DHCP Relay agent accepts DHCP requests from any routed interface, including VLANs.
2CSPC4.X8100-SWUM100.book Page 342 Wednesday, August 29, 2012 6:23 PM Syntax dhcp l2relay no dhcp l2relay Default Configuration DHCP L2 Relay is disabled by default. Command Mode Global Configuration. User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay dhcp l2relay (Interface Configuration) Use the dhcp l2relay command to enable DHCP L2 Relay for an interface. Use the "no" form of this command to disable DHCP L2 Relay for an interface.
2CSPC4.X8100-SWUM100.book Page 343 Wednesday, August 29, 2012 6:23 PM Example console(config-if-Gi1/0/1)#dhcp l2relay dhcp l2relay circuit-id Use the dhcp l2relay circuit-id command to enable setting the DHCP Option 82 Circuit ID for a VLAN. When enabled, the interface number is added as the Circuit ID in DHCP option 82. Use the "no" form of this command to disable setting the DHCP Option 82 Circuit ID.
2CSPC4.X8100-SWUM100.book Page 344 Wednesday, August 29, 2012 6:23 PM dhcp l2relay remote-id Use the dhcp l2relay remote-id command to enable setting the DHCP Option 82 Remote ID for a VLAN. When enabled, the supplied string is used for the Remote ID in DHCP Option 82. Use the "no" form of this command to disable setting the DHCP Option 82 Remote ID.
2CSPC4.X8100-SWUM100.book Page 345 Wednesday, August 29, 2012 6:23 PM Syntax dhcp l2relay trust no dhcp l2relay trust Default Configuration DHCP Option 82 is discarded by default. Configuration Mode Interface Configuration (Ethernet, Port-channel). User Guidelines There are no user guidelines for this command. Example console(config-if-Gi1/0/1)#dhcp l2relay trust dhcp l2relay vlan Use the dhcp l2relay vlan command to enable the L2 DHCP Relay agent for a set of VLANs.
2CSPC4.X8100-SWUM100.book Page 346 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay vlan 10,340-345 show dhcp l2relay all Use the show dhcp l2relay all command in Privileged EXEC mode to display the summary of DHCP L2 Relay configuration. Syntax show dhcp l2relay all Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 348 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example console#show dhcp l2relay interface all DHCP L2 Relay is Enabled.
2CSPC4.X8100-SWUM100.book Page 349 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example console#show dhcp l2relay stats interface all DHCP L2 Relay is Enabled.
2CSPC4.X8100-SWUM100.book Page 350 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description all Show all interfaces. interface-id A physical interface. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 351 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console# show dhcp l2relay agent-option vlan 5-10 DHCP L2 Relay is Enabled.
2CSPC4.X8100-SWUM100.book Page 352 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description vlan-range Show information for the specified VLAN range. A range may be a single VLAN ID or two VLAN IDs separated by a single dash with no embedded spaces. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 353 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description vlan-range Show information for the specified VLAN range. A range may be a single VLAN ID or two VLAN IDs separated by a single dash with no embedded spaces. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 354 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description vlan-range Show information for the specified VLAN range. A range may be a single VLAN ID or two VLAN IDs separated by a single dash with no embedded spaces. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 355 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description all Show all interfaces. interface-id A physical interface. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 357 Wednesday, August 29, 2012 6:23 PM DHCP Management Interface Commands 11 PowerConnect switches support an embedded DHCP client. Any IP interface can use DHCP to obtain an IP address. The DHCP client can run on multiple interfaces simultaneously. For IPv4, an IP interface can either use manually configured addresses or be enabled for DHCP. The options are mutually exclusive.
2CSPC4.X8100-SWUM100.book Page 358 Wednesday, August 29, 2012 6:23 PM renew dhcp show dhcp lease release dhcp Use the release dhcp command in Privileged EXEC mode to force the DHCPv4 client to release a leased address. Syntax release dhcp interface-id Parameter Description Parameter Description interface-id Any valid VLAN interface. See Interface Naming Conventions for interface representation. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 359 Wednesday, August 29, 2012 6:23 PM Example console#release dhcp vlan2 renew dhcp Use the renew dhcp command in Privileged EXEC mode to force the DHCP client to immediately renew an IPv4 address lease. Syntax renew dhcp {interface-id | out-of-band} Parameter Description Parameter Description interface-id Any valid routing interface. See Interface Naming Conventions for interface representation. out-of-band Keyword to identify the out-of-band interface.
2CSPC4.X8100-SWUM100.book Page 360 Wednesday, August 29, 2012 6:23 PM Examples The first example is for routing interfaces. console#renew dhcp vlan 2 The second example is for out-of-band port. console#renew dhcp out-of-band debug dhcp packet Use the debug dhcp packet command in Privileged EXEC mode to display debug information about DHCPv4 client activities and to trace DHCPv4 packets to and from the local DHCPv4 client. To disable debugging, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 361 Wednesday, August 29, 2012 6:23 PM console#debug dhcp packet transmit The third example is for receive flow. console#debug dhcp packet receive show dhcp lease Use the show dhcp lease command in Privileged EXEC mode to display IPv4 addresses leased from a DHCP server. Syntax show dhcp lease [interface interface-id] Parameter Description Parameter Description interface-id Any valid IP interface (VLAN only).
2CSPC4.X8100-SWUM100.book Page 362 Wednesday, August 29, 2012 6:23 PM Term Description DHCP transaction id The transaction ID of the DHCPv4 Client. Lease The time (in seconds) that the IP address was leased by the server. Renewal The time (in seconds) when the next DHCP renew Request is sent by DHCPv4 Client to renew the leased IP address. Rebind The time (in seconds) when the DHCP Rebind process starts.
2CSPC4.X8100-SWUM100.book Page 363 Wednesday, August 29, 2012 6:23 PM console#show dhcp lease interface vl10 IP address: 10.1.20.1 on interface VLAN10 Subnet mask: 255.255.255.0 DHCP Lease server: 10.1.20.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 365 Wednesday, August 29, 2012 6:23 PM DHCP Snooping Commands 12 DHCP Snooping is a security feature that monitors DHCP messages between DHCP clients and DHCP server to filter harmful DHCP messages and build a bindings database of {MAC address, IP address, VLAN ID, interface} tuples that are considered authorized. The DHCP snooping application processes incoming DHCP messages.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 367 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. clear ip dhcp snooping statistics Use the clear ip dhcp snooping statistics command to clear all DHCP Snooping statistics. Syntax clear ip dhcp snooping statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 368 Wednesday, August 29, 2012 6:23 PM Default Configuration DHCP Snooping is disabled by default. Command Mode Global Configuration mode User Guidelines In order to enable DHCP snooping, perform the following three steps: 1 Enable DHCP Snooping globally. 2 Enable DHCP Snooping per VLAN. 3 Set DHCP Snooping trusted port on the port in the DHCP server direction.
2CSPC4.X8100-SWUM100.book Page 369 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description mac-address The client's MAC address. vlan-id The number of the VLAN the client is authorized to use. ip-address The IP address of the client. interface The interface on which the client is authorized. The form is unit/slot/port. Default Configuration There are no static DHCP snooping bindings by default.
2CSPC4.X8100-SWUM100.book Page 370 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description hostIP The IP address of the remote host. filename The name of the file for the database on the remote host. The filename may contain any printable character and is checked only when attempting to open the file. Default Configuration The database is stored locally by default. Configuration Mode Global Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 371 Wednesday, August 29, 2012 6:23 PM Syntax ip dhcp snooping database write-delay seconds no ip dhcp snooping database write-delay Parameter Description Parameter Description seconds The write delay (Range: 15–86400 seconds). Default Configuration The write delay is 300 seconds by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 372 Wednesday, August 29, 2012 6:23 PM Default Configuration DHCP snooping rate limiting is 15 packets per second. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines If DHCP packets are received on a port at a rate that exceeds the threshold for the specified time, the port will be diagnostically disabled.
2CSPC4.X8100-SWUM100.book Page 373 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines There are no user guidelines for this command. Example console(config-if-1/0/1)#ip dhcp snooping log-invalid console(config-if-1/0/1)#no ip dhcp snooping loginvalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as trusted.
2CSPC4.X8100-SWUM100.book Page 374 Wednesday, August 29, 2012 6:23 PM Example console(config-if-1/0/1)#ip dhcp snooping trust console(config-if-1/0/1)#no ip dhcp snooping trust ip dhcp snooping verify mac-address Use the ip dhcp snooping verify mac-address command to enable the verification of the source MAC address with the client MAC address in the received DHCP message. Use the “no” form of this command to disable verification of the source MAC address.
2CSPC4.X8100-SWUM100.book Page 375 Wednesday, August 29, 2012 6:23 PM Syntax Description This command has no arguments or keywords. Default Configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 376 Wednesday, August 29, 2012 6:23 PM show ip dhcp snooping binding Use the show ip dhcp snooping binding command to display the DHCP snooping binding entries. Syntax show ip dhcp snooping binding [{static | dynamic}] [interface interface-id] [vlan vlan-id] • static | dynamic— Use these keywords to filter by static or dynamic bindings. • interface-id — The interface for which to show bindings. • vlan-id — The number of the VLAN for which to show bindings.
2CSPC4.X8100-SWUM100.book Page 377 Wednesday, August 29, 2012 6:23 PM 00:0F:FE:00:13:04 86400 210.1.1.4 10 1/0/1 show ip dhcp snooping database Use the show ip dhcp snooping database command to display the DHCP snooping configuration related to the database persistence. Syntax show ip dhcp snooping database Syntax Description This command has no arguments or keywords. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 378 Wednesday, August 29, 2012 6:23 PM Syntax show ip dhcp snooping interfaces [interface] • interface—A valid physical interface. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 379 Wednesday, August 29, 2012 6:23 PM console#show ip dhcp snooping interfaces gigabitethernet 1/0/15 Interface Interval Trust State Rate Limit Burst (pps) (seconds) ---------------- ------------- 1/0/15 ------------- Yes -------- 15 1 show ip dhcp snooping statistics Use the show ip dhcp snooping statistics command to display the DHCP snooping filtration statistics.
2CSPC4.X8100-SWUM100.book Page 380 Wednesday, August 29, 2012 6:23 PM Fields Description MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch. Client Ifc Mismatch The number of DHCP release and Deny messages received on the different ports than previously learned. DHCP Server Msgs The number of DHCP server messages received on untrusted ports.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 383 Wednesday, August 29, 2012 6:23 PM Dynamic ARP Inspection Commands 13 Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and malicious ARP packets. The feature prevents a class of man-in-the-middle attacks, where an unfriendly station intercepts traffic for other stations by poisoning the ARP caches of its neighbors. The miscreant sends ARP requests or responses mapping another station IP address to its own MAC address.
2CSPC4.X8100-SWUM100.book Page 384 Wednesday, August 29, 2012 6:23 PM Default Configuration There are no ARP ACLs created by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#arp access-list tier1 clear ip arp inspection statistics Use the clear ip arp inspection statistics command in Privileged EXEC mode to reset the statistics for Dynamic Address Resolution Protocol (ARP) inspection on all VLANs.
2CSPC4.X8100-SWUM100.book Page 385 Wednesday, August 29, 2012 6:23 PM Example console#clear ip arp inspection statistics ip arp inspection filter Use the ip arp inspection filter command to configure the ARP ACL to be used for a single VLAN or a range of VLANs to filter invalid ARP packets. If the static keyword is given, packets that do not match a permit statement are dropped without consulting the DHCP snooping bindings. Use the “no” form of this command to unconfigure the ARP ACL.
2CSPC4.X8100-SWUM100.book Page 386 Wednesday, August 29, 2012 6:23 PM ip arp inspection limit Use the ip arp inspection limit command to configure the rate limit and burst interval values for an interface. Configuring none for the limit means the interface is not rate limited for Dynamic ARP Inspection. Syntax ip arp inspection limit {none | rate pps [burst interval seconds]} no ip arp inspection limit • none — To set no rate limit. • pps — The number of packets per second (Range: 0–300).
2CSPC4.X8100-SWUM100.book Page 387 Wednesday, August 29, 2012 6:23 PM ip arp inspection trust The ip arp inspection trust command configures an interface as trusted for Dynamic ARP Inspection. Use the no form of this command to configure an interface as untrusted. Syntax ip arp inspection trust no ip arp inspection trust Default Configuration Interfaces are configured as untrusted by default.
2CSPC4.X8100-SWUM100.book Page 388 Wednesday, August 29, 2012 6:23 PM Syntax ip arp inspection validate {[src-mac] [dst-mac] [ip]} no ip arp inspection validate {[src-mac] [dst-mac] [ip]} • src-mac —For validating the source MAC address of an ARP packet. • dst-mac —For validating the destination MAC address of an ARP packet. • ip —For validating the IP address of an ARP packet. Default Configuration There is no additional validation enabled by default.
2CSPC4.X8100-SWUM100.book Page 389 Wednesday, August 29, 2012 6:23 PM • logging — Use this parameter to enable logging of invalid packets. Default Configuration Dynamic ARP Inspection is disabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 390 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(Config-arp-access-list)#permit ip host 1.1.1.1 mac host 00:01:02:03:04:05 show arp access-list Use the show arp access-list command to display the configured ARP ACLs with the rules. Giving an ARP ACL name as the argument would display only the rules in that ARP ACL.
2CSPC4.X8100-SWUM100.book Page 391 Wednesday, August 29, 2012 6:23 PM permit ip host 2.1.1.2 mac host 00:03:04:05:06:08 show ip arp inspection Use the show ip arp inspection command in Privileged EXEC mode to display the Dynamic ARP Inspection and status.
2CSPC4.X8100-SWUM100.book Page 392 Wednesday, August 29, 2012 6:23 PM Field Description VLAN The VLAN-ID for each displayed row. Forwarded The total number of valid ARP packets forwarded in this VLAN. Dropped The total number of invalid ARP packets dropped in this VLAN. DHCP Drops The number of packets dropped due to DHCP Snooping binding database match failure. ACL Drops The number of packets dropped due to ARP ACL rule match failure.
2CSPC4.X8100-SWUM100.book Page 393 Wednesday, August 29, 2012 6:23 PM Following is an example of the show ip arp inspection interfaces command. console#show ip arp inspection interfaces Interface Interval Trust State -------------------- ----------- 1/0/1 1 Untrusted 1/0/2 10 Untrusted Rate Limit Burst (pps) (seconds) ---------- --------- 15 10 Following is an example of the show ip arp inspection statistics command.
2CSPC4.X8100-SWUM100.book Page 394 Wednesday, August 29, 2012 6:23 PM ---- ---------- ---------- ---------- ---------- --------- ---------- -----10 1 11 1 20 0 1 1 65 25 0 8 2 0 1 1 show ip arp inspection vlan Use the show ip arp inspection vlan command to display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range. It also displays the global configuration values for source MAC validation, destination MAC validation and invalid IP validation.
2CSPC4.X8100-SWUM100.book Page 395 Wednesday, August 29, 2012 6:23 PM Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled. IP Address Validation If IP address validation of ARP frame is enabled. The following fields are displayed for each VLAN: Field Description VLAN The VLAN-ID for each displayed row. Configuration Whether DAI is enabled on the VLAN. Log Invalid Whether logging of invalid ARP packets is enabled on the VLAN.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 397 Wednesday, August 29, 2012 6:23 PM E-mail Alerting Commands 14 E-mail Alerting is an extension of the logging system. The PowerConnect logging system allows the user to configure a variety of destinations for log messages. This feature adds e-mail configuration capabilities, by which the log messages are sent to a configured SMTP server such that an operator may receive the log in an e-mail account of their choice.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 399 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description severity If you specify a severity level, log messages at or above the severity level are e-mailed. The severity level may either be specified by keyword or as an integer from 0 to 7. The accepted keywords, and the numeric severity level each represents, are as follows.
2CSPC4.X8100-SWUM100.book Page 400 Wednesday, August 29, 2012 6:23 PM logging email urgent Use the logging email urgent command in Global Configuration mode to set the lowest severity level at which log messages are e-mailed in an urgent manner. To revert the urgent severity level to its default value, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 401 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Log messages at or above this severity level are considered urgent. By default, Emergency and Alert log messages are considered urgent. Urgent log messages are e-mailed immediately, one log message per e-mail message, and do not wait for the log time to expire. Urgent log messages are not e-mailed unless you enable e-mail alerting with the logging email command.
2CSPC4.X8100-SWUM100.book Page 402 Wednesday, August 29, 2012 6:23 PM Default Configuration The default severity level is info(6). Command Mode Global Configuration mode User Guidelines You can filter log messages that appear in the buffered log by severity level. You can specify the severity level of log messages that are e-mailed.
2CSPC4.X8100-SWUM100.book Page 403 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration User Guidelines This command removes the configured to-addr field of e-mail. logging email from-addr Use the logging email from-addr command in Global Configuration mode to configure the From address of the e-mail. Use the no form of this command to remove the e-mail source address.
2CSPC4.X8100-SWUM100.book Page 404 Wednesday, August 29, 2012 6:23 PM Syntax logging email message-type message-type subject subject no logging email message-type message-type subject Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines The user must enter the message-type parameter manually as tab and space bar completion do not work for this parameter.
2CSPC4.X8100-SWUM100.book Page 405 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration User Guidelines This command has no user guidelines. logging email test message-type Use the logging email test message-type command in Global Configuration mode to test whether or not an e-mail is being sent to an SMTP server.
2CSPC4.X8100-SWUM100.book Page 406 Wednesday, August 29, 2012 6:23 PM show logging email statistics Use the show logging email statistics command in Privileged EXEC mode to show the statistics about the e-mails. The command displays information on how many e-mails are sent, how many e-mails failed, when the last e-mail was sent, how long it has been since the last e-mail was sent, how long it has been since the e-mail changed to disabled mode.
2CSPC4.X8100-SWUM100.book Page 407 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines. security Use the security command in Mail Server Configuration mode to set the email alerting security protocol. This enables and disables the switch to use TLS authentication with the SMTP Server.
2CSPC4.X8100-SWUM100.book Page 408 Wednesday, August 29, 2012 6:23 PM mail-server ip-address | hostname Use the mail-server ip-address | hostname command in Global Configuration mode to configure the SMTP server IP address and change the mode to Mail Server Configuration mode. The server address can be in the IPv4, IPv6, or DNS name format. Use the no form of this command to remove the configured SMTP server address.
2CSPC4.X8100-SWUM100.book Page 409 Wednesday, August 29, 2012 6:23 PM port (Mail Server Configuration Mode) Use the port command in Mail Server Configuration mode to configure the TCP port to use for communication with the SMTP server. Port can be set to 465 or 25. Use the no form of the command to revert the SMTP port to the default port. Syntax port port no port Parameter Description This command does not require a parameter description. Default Configuration The default value is 25.
2CSPC4.X8100-SWUM100.book Page 410 Wednesday, August 29, 2012 6:23 PM Parameter Description This command does not require a parameter description. Default Configuration The default value for username is admin. Command Mode Mail Server Configuration User Guidelines This command has no user guidelines. password (Mail Server Configuration Mode) Use the password command in Mail Server Configuration mode to configure the password required to authenticate to the e-mail server.
2CSPC4.X8100-SWUM100.book Page 411 Wednesday, August 29, 2012 6:23 PM show mail-server Use the show mail-server command in Privileged EXEC mode to display the configuration of all the mail servers or a particular mail server. Syntax show mail-server {ip-address | hostname | all} Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 412 Wednesday, August 29, 2012 6:23 PM SMTP server authentication details: Username: admin Mail server2 configuration: SMTP server IP Address: 10.131.1.31 SMTP server Port: 465 SMTP server security protocol: tls SMTP server authentication details: Username: admin console#show mail-server ip-address 10.131.1.11 SMTP server IP Address: 10.131.1.
2CSPC4.X8100-SWUM100.book Page 413 Wednesday, August 29, 2012 6:23 PM 15 Ethernet Configuration Commands PowerConnect switches support a variety of configuration options to optimize network operations. Features such as flow-control and jumbo frames are supported along with a variety of commands to display traffic statistics as well as limit the effects of network loops or other network issues.
2CSPC4.X8100-SWUM100.book Page 414 Wednesday, August 29, 2012 6:23 PM On a storm control enabled interface, if the ingress rate of that type of packet (L2 broadcast, multicast, or unicast) is greater than the configured threshold level (as a percentage of port speed or as an absolute packets-per-second rate), the switch forwarding-plane discards the excess traffic. The speed and duplex commands control interface link speeds and autonegotiation.
2CSPC4.X8100-SWUM100.book Page 415 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In the following example, the counters for port 1/0/1 are cleared. console#clear counters gigabitethernet 1/0/1 description Use the description command in Interface Configuration mode to add a description to an interface.
2CSPC4.X8100-SWUM100.book Page 416 Wednesday, August 29, 2012 6:23 PM Example The following example adds a description to the Ethernet port 5. console(config)#interface gigabitethernet 1/0/5 console(config-if-1/0/5)# description RD_SW#3 duplex Use the duplex command in Interface Configuration mode to configure the duplex operation of a given Ethernet interface. To restore the default, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 417 Wednesday, August 29, 2012 6:23 PM parameter. Fiber ports do not support auto-negotiation and therefore require the operator to enter the duplex full command and the speed command with the desired operating bandwidth. Disabling auto-negotiation on 1G copper ports may lead to random frame loss as the clock master has not been arbitrated by the auto-negotiation process. Auto-negotiation is required on 10G/40G copper ports, and is recommended on all copper ports.
2CSPC4.X8100-SWUM100.book Page 418 Wednesday, August 29, 2012 6:23 PM interface Use this command to configure parameters for the gigabit Ethernet and tengigabit Ethernet ports, and for port-channels. While in Global Configuration mode, enter the interface command (with a specific interface). To exit to Global Configuration mode, enter exit. To return to Privileged EXEC mode, press Ctrl-Z or enter end.
2CSPC4.X8100-SWUM100.book Page 419 Wednesday, August 29, 2012 6:23 PM interface range Use the interface range command in Global Configuration mode to execute a command on multiple ports at the same time. NOTE: An additional form of this command enables configuring a range of VLANs. See interface range vlan. Syntax interface range {port-range | port-type all} Parameter Description port-range A list of valid ports to configure.
2CSPC4.X8100-SWUM100.book Page 420 Wednesday, August 29, 2012 6:23 PM Example The following example shows how gigabitethernet ports 5/0/18 to 5/0/20 and 3/0/1 to 3/0/24 are ranged to receive the same command. console(config)# interface range gigabitethernet 5/0/18-20,3/0/1-24 console(config-if-range)# The following example shows how all gigabitethernet ports can be configured at once.
2CSPC4.X8100-SWUM100.book Page 421 Wednesday, August 29, 2012 6:23 PM Syntax mtu bytes no mtu • bytes — Number of bytes (Range: 1518-9216) Default Configuration The default number of bytes is 1518 (1522 bytes of VLAN-tagged frames). Command Mode Interface Configuration (Ethernet, Port-channel) mode User Guidelines Because the switch does not fragment frames, received frames that are larger than the MTU setting are dropped.
2CSPC4.X8100-SWUM100.book Page 422 Wednesday, August 29, 2012 6:23 PM show interfaces advertise Use the show interfaces advertise command in Privileged EXEC mode to display information about auto-negotiation advertisement. The display includes the local configuration and link partner advertisement, in addition to the local advertisement.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 424 Wednesday, August 29, 2012 6:23 PM show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces. Syntax show interfaces configuration [{gigabitethernet unit/slot/port| port-channel port-channel-number | tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port}] Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 426 Wednesday, August 29, 2012 6:23 PM Syntax show interfaces counters [gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port] Default Configuration This command has no default configuration. Command Mode User EXEC mode,Privileged EXEC mode, Config mode and all Config submodes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 427 Wednesday, August 29, 2012 6:23 PM Ch InOctets InUcastPkts ---- ---------- --------- 1 27889 928 Ch OutOctets OutUcastPkts ---- ---------- --------- 1 23739 882 The following example displays counters for Ethernet port 1/0/1.
2CSPC4.X8100-SWUM100.book Page 428 Wednesday, August 29, 2012 6:23 PM The following table describes the fields shown in the display: Field Description InOctets Counted received octets. InUcastPkts Counted received Unicast packets. InMcastPkts Counted received Multicast packets. InBcastPkts Counted received Broadcast packets. OutOctets Counted transmitted octets. OutUcastPkts Counted transmitted Unicast packets. OutMcastPkts Counted transmitted Multicast packets.
2CSPC4.X8100-SWUM100.book Page 429 Wednesday, August 29, 2012 6:23 PM Field Description Transmitted Pause Frames Counted MAC Control frames transmitted on this interface with an opcode indicating the PAUSE operation. Received PFC Frames A count of the received Priority Flow Control (PFC) frames. Transmitted PFC Frames A count of the transmitted PFC frames.
2CSPC4.X8100-SWUM100.book Page 430 Wednesday, August 29, 2012 6:23 PM Example The following example displays the description for all interfaces.
2CSPC4.X8100-SWUM100.book Page 431 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays detailed status and configuration of the specified interface.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 433 Wednesday, August 29, 2012 6:23 PM Port Gi1/0/1 Enabled State: Disabled Disabled Role: Port id: 128.1 Cost: 0 Port Port Fast: No (Configured: no) Protection: No Root Designated bridge Priority: 32768 Address: 001E.C9AA.AF51 Designated port id: 128.
2CSPC4.X8100-SWUM100.book Page 434 Wednesday, August 29, 2012 6:23 PM Neg Describes the Auto-negotiation status. Link State Displays the Link Aggregation status, either Up or Down. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines Port channels are only displayed if configured. Use the show interfaces portchannel command to display configured and unconfigured port channels.
2CSPC4.X8100-SWUM100.book Page 435 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description unit/slot/port A valid interface. See Interface Naming Conventions for interface representation. switchport Displays statistics for the entire switch. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 436 Wednesday, August 29, 2012 6:23 PM Packets RX and TX 512-1023 Octets.............. 0 Packets RX and TX 1024-1518 Octets............. 0 Packets RX and TX 1519-2047 Octets............. 0 Packets RX and TX 2048-4095 Octets............. 0 Packets RX and TX 4096-9216 Octets............. 0 Total Packets Received Without Errors.......... 0 Unicast Packets Received....................... 0 Multicast Packets Received..................... 0 Broadcast Packets Received..............
2CSPC4.X8100-SWUM100.book Page 437 Wednesday, August 29, 2012 6:23 PM Packets Transmitted > 1518 Octets.............. 0 Max Frame Size................................. 1518 Total Packets Transmitted Successfully......... 0 Unicast Packets Transmitted.................... 0 Multicast Packets Transmitted.................. 0 Broadcast Packets Transmitted.................. 0 Total Transmit Errors.......................... 0 Total Transmit Packets Discarded............... 0 Single Collision Frames............
2CSPC4.X8100-SWUM100.book Page 438 Wednesday, August 29, 2012 6:23 PM show statistics switchport Use the show statistics command in Privileged EXEC mode to display detailed statistics for a specific port or for the entire switch. Syntax show statistics {interface-id |switchport} Parameter Description Parameter Description interface-id Interface id. See Interface Naming Conventions for interface representation. switchport Displays statistics for the entire switch.
2CSPC4.X8100-SWUM100.book Page 439 Wednesday, August 29, 2012 6:23 PM Broadcast Packets Received..................... 0 Receive Packets Discarded...................... 0 Octets Transmitted............................. 0 Packets Transmitted Without Errors............. 0 Unicast Packets Transmitted.................... 0 Multicast Packets Transmitted.................. 0 Broadcast Packets Transmitted.................. 0 Transmit Packets Discarded..................... 0 Most Address Entries Ever Used.........
2CSPC4.X8100-SWUM100.book Page 440 Wednesday, August 29, 2012 6:23 PM show storm-control Use the show storm-control command in Privileged EXEC mode to display the configuration of storm control. Syntax show storm-control [all | {gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port}] Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 441 Wednesday, August 29, 2012 6:23 PM shutdown Use the shutdown command in Interface Configuration mode to disable an interface. To restart a disabled interface, use the no form of this command. Syntax shutdown no shutdown Default Configuration The interface is enabled. Command Mode Interface Configuration (Ethernet, Port-Channel, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 442 Wednesday, August 29, 2012 6:23 PM Syntax speed {10 | 100 | 1000 | 10000 | auto [10 | 100 | 1000 | 10000]} no speed Parameter Description Parameter Description 10 Configures the port to 10 Mbps operation. 100 Configures the port to 100 Mbps operation. 1000 Configures the port to 1000 Mbps operation. 10000 Configures the port to 10 Gbps operation. 40000 Configures the port to 40 Gbps operation.
2CSPC4.X8100-SWUM100.book Page 443 Wednesday, August 29, 2012 6:23 PM support all speeds, even if they are available in the command. Entering an unsupported speed will produce the following error message An invalid interface has been used for this function. Fiber ports do not support auto-negotiation. Both ends of fiber connections must be set to full-duplex and the same speed. Example The following example configures the speed operation of Ethernet port 1/0/5 to advertise 100-Mbps operation only.
2CSPC4.X8100-SWUM100.book Page 444 Wednesday, August 29, 2012 6:23 PM Example console(config-if-1/0/1)#storm-control broadcast level 5 storm-control multicast Use the storm-control multicast command in Interface Configuration mode to enable multicast storm recovery mode for an interface. If the mode is enabled, multicast storm recovery is active, and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
2CSPC4.X8100-SWUM100.book Page 445 Wednesday, August 29, 2012 6:23 PM storm-control unicast Use the storm-control unicast command in Interface Configuration mode to enable unknown unicast storm control for an interface. If the mode is enabled, unicast storm recovery is active, and if the rate of unknown L2 unicast (destination lookup failure) traffic ingressing on an interface increases beyond the configured threshold, the traffic will be dropped.
2CSPC4.X8100-SWUM100.book Page 446 Wednesday, August 29, 2012 6:23 PM switchport protected Use the switchport protected command in Interface Configuration mode to configure a protected port. The groupid parameter identifies the set of protected ports to which this interface is assigned. You can only configure an interface as protected in one group. You are required to remove an interface from one group before adding it to another group. Port protection occurs within a single switch.
2CSPC4.X8100-SWUM100.book Page 447 Wednesday, August 29, 2012 6:23 PM switchport protected name Use the switchport protected name command in Global Configuration mode to adds the port to the protected group 1 and also sets the group name to "protected". Syntax switchport protected groupid name name no switchport protected groupid name • groupid — Identifies which group the port is to be protected in. (Range: 0–2) • name — Name of the group.
2CSPC4.X8100-SWUM100.book Page 448 Wednesday, August 29, 2012 6:23 PM show switchport protected Use the show switchport protected command in Privileged EXEC mode to display the status of all the interfaces, including protected and unprotected interfaces. Syntax show switchport protected groupid • groupid — Identifies which group the port is to be protected in. (Range: 0–2) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 449 Wednesday, August 29, 2012 6:23 PM Ethernet CFM Commands 16 Connectivity Fault Management (CFM) is the OAM Protocol provision for end-to-end service layer OAM in carrier Ethernet networks. CFM provides mechanisms to support the operator in performing connectivity checks, fault detection, fault verification and isolation, and fault notification per service in the network domain of interest. Unlike Ethernet OAM defined in IEEE 802.
2CSPC4.X8100-SWUM100.book Page 450 Wednesday, August 29, 2012 6:23 PM ethernet cfm mep archive-hold-time show ethernet cfm statistics ethernet cfm mip level debug cfm ethernet cfm domain Use the ethernet cfm domain command in Global Configuration mode to enter into maintenance domain config mode for an existing domain. Use the optional level parameter to create a domain and enter into maintenance domain config mode.
2CSPC4.X8100-SWUM100.book Page 451 Wednesday, August 29, 2012 6:23 PM User Guidelines Each domain must have a unique name and level, for example, one cannot create a domain qwerty at level 2 if domain qwerty already exists at level 1. Likewise, one cannot create a domain dvorak at level 2 if a domain of any name exists at level 2. Example In this example, a domain vin is created at level 1.
2CSPC4.X8100-SWUM100.book Page 452 Wednesday, August 29, 2012 6:23 PM Command Mode Maintenance domain config mode User Guidelines This command has no user guidelines. Example console(config-cfm-mdomain)#service serv1 vlan 10 ethernet cfm cc level Use the ethernet cfm cc level command in Global Configuration mode to initiate sending continuity checks (CCMs) at the specified interval and level on a VLAN monitored by an existing domain. Use the no form of the command to cease send CCMs.
2CSPC4.X8100-SWUM100.book Page 453 Wednesday, August 29, 2012 6:23 PM Default Configuration CCMs are not sent by default. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example console(config)#ethernet cfm cc level 1 vlan 15 interval 10 ethernet cfm mep level Use the ethernet cfm mep level command in Interface Configuration mode to create a Maintenance End Point (MEP) on an interface at the specified level and direction.
2CSPC4.X8100-SWUM100.book Page 454 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration User Guidelines This command has no user guidelines. Example The following example creates a maintenance endpoint at level 1 with mpid 1010 on vlan 10. console(config-if-Gi1/0/3)#ethernet cfm mep level 1 direction up mpid 1010 vlan 10 ethernet cfm mep enable Use the ethernet cfm mep enable command in Interface Configuration mode to enable a MEP at the specified level and direction.
2CSPC4.X8100-SWUM100.book Page 455 Wednesday, August 29, 2012 6:23 PM User Guidelines The maintenance domain must exist for it to be enabled. Example The following example enables a maintenance endpoint at level 1 with mpid 1010 on vlan 10. console(config-if-Gi1/0/3)#ethernet cfm mep enable level 1 vlan 10 mpid 1010 ethernet cfm mep active Use the ethernet cfm mep active command in Interface Configuration mode to activate a MEP at the specified level and direction.
2CSPC4.X8100-SWUM100.book Page 456 Wednesday, August 29, 2012 6:23 PM ethernet cfm mep archive-hold-time Use the ethernet cfm mep archive-hold-time command in Interface Configuration mode to maintain internal information on a missing MEP. Use the no form of the command to return the interval to the default value. Syntax ethernet cfm mep archive-hold-time hold-time Parameter Description Parameter Description hold-time The time in seconds to maintain the data for a missing MEP before removing the data.
2CSPC4.X8100-SWUM100.book Page 457 Wednesday, August 29, 2012 6:23 PM Syntax ethernet cfm mip level 0-7 Parameter Description Parameter Description level Maintenance association level Default Configuration No MIPs are preconfigured. Command Mode Interface Configuration User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 458 Wednesday, August 29, 2012 6:23 PM Parameter Description mac-addr The destination MAC address for which the connectivity needs to be verified. Either MEP ID or the MAC address option can be used. remote-mpid The MEP ID for which connectivity is to be verified; i.e. the destination MEP ID. domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). vlan-id A VLAN associated with the maintenance domain. Range: 14094.
2CSPC4.X8100-SWUM100.book Page 459 Wednesday, August 29, 2012 6:23 PM Syntax traceroute ethernet cfm {mac mac-addr| remote-mpid 1-8191} {domain domain name | level 0-7} vlan vlan-id mpid 1-8191 [ttl 1-255] Parameter Description Parameter Description level Maintenance association level mac-addr The destination MAC address for which the route needs to be traced. Either MEP ID or the MAC address option can be used. remote-mpid The MEP ID for which connectivity needs to be verified; i.e.
2CSPC4.X8100-SWUM100.book Page 460 Wednesday, August 29, 2012 6:23 PM show ethernet cfm errors Use the show ethernet cfm errors command in Privileged EXEC mode to display the cfm errors. Syntax show ethernet cfm errors {domain domain-id | level 0-7} Parameter Description Parameter Description domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). level Maintenance association level Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 461 Wednesday, August 29, 2012 6:23 PM show ethernet cfm domain Use the show ethernet cfm domain command in Privileged EXEC mode to display the configured parameters in a maintenance domain. Syntax show ethernet cfm domain {brief |domain-id} Parameter Description Parameter Description domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 462 Wednesday, August 29, 2012 6:23 PM show ethernet cfm maintenance-points local Use the show ethernet cfm maintenance-points local command in Privileged EXEC mode to display the configured local maintenance points. Syntax show ethernet cfm maintenance-points local {level 0-7 | interface interfaceid | domain domain-name} Parameter Description Parameter Description domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length).
2CSPC4.X8100-SWUM100.book Page 463 Wednesday, August 29, 2012 6:23 PM ----- ---- ------ ----------------Level Type Port MAC ----- ---- ------ ----------------- show ethernet cfm maintenance-points remote Use the show ethernet cfm maintenance-points remote command in Privileged EXEC mode to display the configured remote maintenance points.
2CSPC4.X8100-SWUM100.book Page 464 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 465 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 466 Wednesday, August 29, 2012 6:23 PM CCM's transmitted : 1 In-order Loopback Replies received : 0 Out-of-order Loopback Replies received: 0 Bad MSDU Loopback Replies received : 0 Loopback Replies transmitted : 5 Unexpected LTR's received : 0 debug cfm Use the debug cfm command in Privileged EXEC mode to enable CFM debugging. Use the no form of the command to disable debugging.
2CSPC4.X8100-SWUM100.book Page 467 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 469 Wednesday, August 29, 2012 6:23 PM Green Ethernet Commands 17 PowerConnect switches support various Green Ethernet modes, i.e., power saving modes, namely: • Energy-Detect Mode • Energy Efficient Ethernet These modes can enable significant operational cost reductions through direct power savings and reducing cooling costs.
2CSPC4.X8100-SWUM100.book Page 470 Wednesday, August 29, 2012 6:23 PM – – green-mode eee-lpi-history – green-mode energy-detect This command enables a Dell proprietary mode of power reduction on ports that are not connected to another interface. Use the green-mode energydetect command in Interface Configuration mode to enable energy-detect mode on an interface or all the interfaces. Energy-detect mode is disabled by default on 1G copper interfaces and enabled by default on 10G copper interfaces.
2CSPC4.X8100-SWUM100.book Page 471 Wednesday, August 29, 2012 6:23 PM User Guidelines Cable diagnostics (show copper-ports commands) may give misleading results if green mode is enabled on the port. Disable green mode prior to running any cable diagnostics. EEE and energy-detect modes are only supported on PC81xx 10G ports. Energy-detect mode is always enabled on PC81xx 10G ports and cannot be configured.
2CSPC4.X8100-SWUM100.book Page 472 Wednesday, August 29, 2012 6:23 PM User Guidelines Cable diagnostics (show copper-ports commands) may give misleading results if green mode is enabled on the port. Disable green mode prior to running any cable diagnostics. EEE and energy-detect modes are only supported on PC81xx 10G ports. green-mode eee-lpi-history Use the green-mode eee-lpi-history command in Global Configuration mode to configure the Global EEE LPI history collection interval and buffer size.
2CSPC4.X8100-SWUM100.book Page 473 Wednesday, August 29, 2012 6:23 PM Examples Use the command below to set the EEE LPI History sampling interval to the default. console(config)# no green-mode eee-lpi-history sampling-interval Use the command below to set the EEE LPI History max-samples to the default.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 475 Wednesday, August 29, 2012 6:23 PM 18 GVRP Commands GARP VLAN Registration Protocol (GVRP) is used to propagate VLAN membership information throughout the network. GVRP is based on the Generic Attribute Registration Protocol (GARP), which defines a method of propagating a defined attribute (that is, VLAN membership) throughout the network. GVRP allows both end stations and the networking device to issue and revoke declarations relating to membership in VLANs.
2CSPC4.X8100-SWUM100.book Page 476 Wednesday, August 29, 2012 6:23 PM Syntax clear gvrp statistics [{gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port}] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example clears all the GVRP statistics information on port 1/0/8.
2CSPC4.X8100-SWUM100.book Page 477 Wednesday, August 29, 2012 6:23 PM • timer_value — Timer values in centiseconds. The range is 10-100 for join, 20-600 for leave, and 200-6000 for leaveall.
2CSPC4.X8100-SWUM100.book Page 478 Wednesday, August 29, 2012 6:23 PM Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables GVRP on the device. console(config)#gvrp enable gvrp enable (interface) Use the gvrp enable command in Interface Configuration mode to enable GVRP on an interface.
2CSPC4.X8100-SWUM100.book Page 479 Wednesday, August 29, 2012 6:23 PM User Guidelines An Access port cannot join dynamically to a VLAN because it is always a member of only one VLAN. Membership in untagged VLAN would be propagated in a same way as a tagged VLAN. In such cases it is the administrator’s responsibility to set the PVID to be the untagged VLAN VID. Example The following example enables GVRP on gigabit ethernet 1/0/8.
2CSPC4.X8100-SWUM100.book Page 480 Wednesday, August 29, 2012 6:23 PM Example The following example shows how default dynamic registering and deregistering is forbidden for each VLAN on port 1/0/8. console(config)#interface gigabitethernet 1/0/8 console(config-if-1/0/8)#gvrp registration-forbid gvrp vlan-creation-forbid Use the gvrp vlan-creation-forbid command in Interface Configuration mode to disable dynamic VLAN creation. To enable dynamic VLAN creation, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 481 Wednesday, August 29, 2012 6:23 PM show gvrp configuration Use the show gvrp configuration command in Privileged EXEC mode to display GVRP configuration information. Timer values are displayed. Other data shows whether GVRP is enabled and which ports are running GVRP.
2CSPC4.X8100-SWUM100.book Page 482 Wednesday, August 29, 2012 6:23 PM 1/0/10 20 60 1000 Disabled 1/0/11 20 60 1000 Disabled 1/0/12 20 60 1000 Disabled 1/0/13 20 60 1000 Disabled 1/0/14 20 60 1000 Disabled show gvrp error-statistics Use the show gvrp error-statistics command in User EXEC mode to display GVRP error statistics.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 484 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example This example shows output of the show gvrp statistics command.
2CSPC4.X8100-SWUM100.book Page 485 Wednesday, August 29, 2012 6:23 PM IGMP Snooping Commands 19 Snooping of Internet Group Management Protocol (IGMP) messages is a feature that allows PowerConnect switches to forward multicast traffic intelligently on the switch. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255.
2CSPC4.X8100-SWUM100.book Page 486 Wednesday, August 29, 2012 6:23 PM interface within a specified length of time (multicast router present expiration time), that interface is removed from the list of interfaces with multicast routers attached. The multicast router present expiration time is configurable using management. The default value for the multicast router expiration time is zero, which indicates an infinite time-out (that is, no expiration).
2CSPC4.X8100-SWUM100.book Page 487 Wednesday, August 29, 2012 6:23 PM User Guidelines IGMP snooping is enabled on static VLANs only and is not enabled on Private VLANs or their community VLANs. Example The following example globally enables IGMP snooping. console(config)# ip igmp snooping ip igmp snooping (interface) Use the ip igmp snooping command in Interface Configuration mode to enable Internet Group Management Protocol (IGMP) snooping on a specific interface.
2CSPC4.X8100-SWUM100.book Page 488 Wednesday, August 29, 2012 6:23 PM ip igmp snooping host-time-out Use the ip igmp snooping host-time-out command in Interface Configuration mode to configure the host-time-out. If an IGMP report for a Multicast group is not received for a host time-out period from a specific port, this port is deleted from the member list of that Multicast group. To reset to the default host time-out, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 489 Wednesday, August 29, 2012 6:23 PM IGMP leave was received from a specific port, the current port is deleted from the member list of that Multicast group. To configure the default leave-timeout, use the no form of this command. Syntax ip igmp snooping leave-time-out [time-out | immediate-leave] no ip igmp snooping leave-time-out • time-out — Specifies the leave-time-out in seconds.
2CSPC4.X8100-SWUM100.book Page 490 Wednesday, August 29, 2012 6:23 PM Syntax ip igmp snooping mrouter-time-out time-out no ip igmp snooping mrouter-time-out • time-out — mrouter time-out in seconds for IGMP. (Range: 1–3600) Default Configuration The default value is 300 seconds. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 491 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. show ip igmp snooping groups Use the show ip igmp snooping groups command in User EXEC mode to display the Multicast groups learned by IGMP snooping.
2CSPC4.X8100-SWUM100.book Page 492 Wednesday, August 29, 2012 6:23 PM ---- ----------- ------- 1 224-239.130 | 2.2.3 1/0/1, 2/0/2 19 224-239.130 | 2.2.8 1/0/9-1/0/11 IGMP Reporters that are forbidden statically: --------------------------------------------Vlan IP Address ---- ------------------ 1 224-239.130 | 2.2.
2CSPC4.X8100-SWUM100.book Page 493 Wednesday, August 29, 2012 6:23 PM Slot/Port................................... 1/0/1 IGMP Snooping Admin Mode.................... Disabled Fast Leave Mode............................. Disabled Group Membership Interval................... 260 Max Response Time........................... 10 Multicast Router Present Expiration Time....
2CSPC4.X8100-SWUM100.book Page 494 Wednesday, August 29, 2012 6:23 PM ip igmp snooping (VLAN) Use the ip igmp snooping command in VLAN Configuration mode to enable IGMP snooping on a particular interface or on all interfaces participating in a VLAN. To disable IGMP snooping use the no form of this command. Syntax ip igmp snooping vlan-id no ip igmp snooping Default Configuration IGMP snooping is disabled on VLAN interfaces by default.
2CSPC4.X8100-SWUM100.book Page 495 Wednesday, August 29, 2012 6:23 PM You should enable fast-leave admin mode only on VLANs where only one host is connected to each layer 2 LAN port. This setting prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 LAN port but were still interested in receiving multicast traffic directed to that group. Also, fast-leave processing is supported only with IGMP version 2 hosts.
2CSPC4.X8100-SWUM100.book Page 496 Wednesday, August 29, 2012 6:23 PM Syntax ip igmp snooping groupmembership-interval vlan-id seconds no ip igmp snooping groupmembership-interval • vlan-id — Number assigned to the VLAN • seconds — IGMP group membership interval time in seconds. (Range: 2–3600) Default Configuration The default group membership interval time is 260 seconds. Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 497 Wednesday, August 29, 2012 6:23 PM no ip igmp snooping maxresponse vlan-id • vlan-id — Number assigned to the VLAN. • seconds — IGMP Maximum response time in seconds. (Range: 1-25) Default Configuration The default maximum response time is 10 seconds. Command Mode VLAN Configuration mode User Guidelines When using IGMP Snooping Querier, this parameter should be less than the value for the IGMP Snooping Querier query interval.
2CSPC4.X8100-SWUM100.book Page 498 Wednesday, August 29, 2012 6:23 PM Default Configuration The default multicast router present expiration time is 300 seconds. Command Mode VLAN Configuration mode User Guidelines The mcrexpiretime should be less than the group membership interval. Example The following example sets the multicast router present expiration time on VLAN 2 to 60 seconds.
2CSPC4.X8100-SWUM100.book Page 499 Wednesday, August 29, 2012 6:23 PM 20 IGMP Snooping Querier Commands The IGMP/MLD Snooping Querier is an extension to the IGMP/MLD Snooping feature. IGMP/MLD Snooping Querier allows the switch to simulate an IGMP/MLD router in a Layer 2-only network, thus removing the need to have an IGMP/MLD Router to collect and refresh the multicast group membership information. The querier function simulates a small subset of the IGMP/MLD router functionality.
2CSPC4.X8100-SWUM100.book Page 500 Wednesday, August 29, 2012 6:23 PM source address when generating periodic queries. The no form of this command disables IGMP Snooping Querier on the system. Use the optional address parameter to set or reset the querier address. If a VLAN has IGMP Snooping Querier enabled, and IGMP Snooping is operationally disabled on it, IGMP Snooping Querier functionality is disabled on that VLAN.
2CSPC4.X8100-SWUM100.book Page 501 Wednesday, August 29, 2012 6:23 PM Example The following example enables IGMP snooping querier in VLAN Configuration mode. console(config-vlan)#ip igmp snooping querier 1 address 10.19.67.1 ip igmp snooping querier election participate This command enables the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN.
2CSPC4.X8100-SWUM100.book Page 502 Wednesday, August 29, 2012 6:23 PM console#vlan database console(config-vlan)#ip igmp snooping querier election participate ip igmp snooping querier query-interval This command sets the IGMP Querier Query Interval time, which is the amount of time in seconds that the switch waits before sending another periodic query. The no form of this command sets the IGMP Querier Query Interval time to its default value.
2CSPC4.X8100-SWUM100.book Page 503 Wednesday, August 29, 2012 6:23 PM ip igmp snooping querier timer expiry This command sets the IGMP Querier timer expiration period which is the time period that the switch remains in Non-Querier mode after it has discovered that there is a Multicast Querier in the network. The no form of this command sets the IGMP Querier timer expiration period to its default value.
2CSPC4.X8100-SWUM100.book Page 504 Wednesday, August 29, 2012 6:23 PM Syntax ip igmp snooping querier version version no ip igmp snooping querier version • version — IGMP version. (Range: 1–2) Default Configuration The querier version default is 2. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the IGMP version of the querier to 1.
2CSPC4.X8100-SWUM100.book Page 505 Wednesday, August 29, 2012 6:23 PM Parameter Description Admin Mode Indicates whether or not IGMP Snooping Querier is active on the switch. Admin Version Indicates the version of IGMP that will be used while sending out the queries. Source IP Address Shows the IP address that is used in the IPv4 header when sending out IGMP queries. It can be configured using the appropriate command.
2CSPC4.X8100-SWUM100.book Page 506 Wednesday, August 29, 2012 6:23 PM Parameter Description Elected Querier Indicates the IP address of the Querier that has been designated as the Querier based on its source IP address. This field will be 0.0.0.0 when Querier Election Participate mode is disabled. When the optional argument detail is used, the command shows the global information and the information for all Querier enabled VLANs. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 507 Wednesday, August 29, 2012 6:23 PM IP Addressing Commands 21 Interfaces on the PowerConnect switches support a variety of capabilities to support management of the switch. In addition to performing switching and routing of network traffic, PowerConnect switches act as a host for management of the switch.
2CSPC4.X8100-SWUM100.book Page 508 Wednesday, August 29, 2012 6:23 PM clear host Use the clear host command in Privileged EXEC mode to delete entries from the host name-to-address cache. Syntax clear host {name | *} • name — Host name to be deleted from the host name-to-address cache. (Range: 1-255 characters) • * — Deletes all entries in the host name-to-address cache. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 509 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console# console#configure console(config)#clear ip address-conflict-detect ip address (Out-of-Band) Use the ip address command in Interface Configuration mode to set an IP address for the out-of-band interface.
2CSPC4.X8100-SWUM100.book Page 510 Wednesday, August 29, 2012 6:23 PM Default Configuration The out-of-band interface (service port) obtains an IP address via DHCP by default. Command Mode Interface (Out-of-Band) Configuration mode User Guidelines When setting the netmask/prefix length on an IPv4 address, a space is required between the address and the mask or prefix length. Setting an IP address on the out-of-band port enables switch management over the service port.
2CSPC4.X8100-SWUM100.book Page 511 Wednesday, August 29, 2012 6:23 PM Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 512 Wednesday, August 29, 2012 6:23 PM User Guidelines This command only applies to routing interfaces. When DHCP is enabled on a routing interface, the system automatically deletes all manually configured IPv4 addresses on the interface. • The command no ip address dhcp removes the interface’s primary address (Manual/DHCP) including the secondary addresses, if configured, and sets the Interface method to None.
2CSPC4.X8100-SWUM100.book Page 513 Wednesday, August 29, 2012 6:23 PM ip default-gateway Use the ip default-gateway command in Global Configuration mode to configure a default gateway (router). Syntax ip default-gateway ip-address no ip default-gateway ip-address Parameter Description Parameter Description ip-address Valid IPv4 address of an attached router. Default Configuration No default gateway is defined.
2CSPC4.X8100-SWUM100.book Page 514 Wednesday, August 29, 2012 6:23 PM ip domain-lookup Use the ip domain-lookup command in Global Configuration mode to enable IP Domain Naming System (DNS)-based host name-to-address translation. To disable the DNS, use the no form of this command. Syntax ip domain-lookup no ip domain-lookup Default Configuration DNS name resolution is enabled by default. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 515 Wednesday, August 29, 2012 6:23 PM • name — Default domain name used to complete an unqualified host name. Do not include the initial period that separates the unqualified host name from the domain name (Range: 1-255 characters). Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines a default domain name of dell.com.
2CSPC4.X8100-SWUM100.book Page 516 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example defines a static host name-to-address mapping in the host cache. console(config)#ip host accounting.dell.com 176.10.23.1 ip name-server Use the ip name-server command in Global Configuration mode to define available IPv4 or IPv6 name servers. To delete a name server, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 517 Wednesday, August 29, 2012 6:23 PM Example The following example sets the available name server. console(config)#ip name-server 176.16.1.18 ipv6 address (Interface Config) Use the ipv6 address command to set the IPv6 address of the management interface. Use the no form of this command to reset the IPv6 address to the default.
2CSPC4.X8100-SWUM100.book Page 518 Wednesday, August 29, 2012 6:23 PM Example Configure ipv6 routing on vlan 10 and obtain an address via DHCP. Assumes vlan 10 already exists.
2CSPC4.X8100-SWUM100.book Page 519 Wednesday, August 29, 2012 6:23 PM Use the no form of the command to remove a specific address or to return the address assignment to its default value. Using the no form of the command with no parameters removes all IPv6 prefixes from the interface.
2CSPC4.X8100-SWUM100.book Page 520 Wednesday, August 29, 2012 6:23 PM ipv6 address dhcp Use the ipv6 address dhcp command in Interface (VLAN) Configuration mode to enable the DHCPv6 client on an IPv6 interface. Syntax ipv6 address dhcp no ipv6 address dhcp Parameter Description This command does not require a parameter description. Default Configuration DHCPv6 is disabled by default on routing interfaces.
2CSPC4.X8100-SWUM100.book Page 521 Wednesday, August 29, 2012 6:23 PM ipv6 enable (Interface Config) Use the ipv6 enable command in Interface Config mode to enable IPv6 on a routing interface. Use the no form of this command to reset the IPv6 configuration to the defaults. Syntax ipv6 enable no ipv6 enable Default Configuration IPv6 is not enabled by default. Command Mode Interface Configuration mode (VLAN, loopback) User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 522 Wednesday, August 29, 2012 6:23 PM Command Mode Interface (out-of-band) Configuration mode User Guidelines There are no user guidelines for this command. ipv6 gateway (OOB Config) Use the ipv6 gateway command in Interface (out-of-band) Config mode to configure the address of the IPv6 gateway. The gateway is used as a default route for packets addressed to network devices not present on the local subnet. Use the no form of the command to remove the gateway configuration.
2CSPC4.X8100-SWUM100.book Page 523 Wednesday, August 29, 2012 6:23 PM show hosts Use the show hosts command in User EXEC mode to display the default domain name, a list of name server hosts, and the static and cached list of host names and addresses. The command itself shows hosts [hostname]. • Host name. (Range: 1–255 characters). The command allows spaces in the host name when specified in double quotes.
2CSPC4.X8100-SWUM100.book Page 524 Wednesday, August 29, 2012 6:23 PM show ip address-conflict Use the show ip address-conflict command in User EXEC or Privileged EXEC mode to display the status information corresponding to the last detected address conflict. Syntax show ip address-conflict Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 525 Wednesday, August 29, 2012 6:23 PM Example console#show ip address-conflict Address Conflict Detection Status...Conflict Detected Last Conflicting IP Address.........10.131.12.56 Last Conflicting MAC Address........00:01:02:04:5A:BC Time Since Conflict Detected........5 days 2 hrs 6 mins 46 secs console#show ip address-conflict Address Conflict Detection Status..
2CSPC4.X8100-SWUM100.book Page 526 Wednesday, August 29, 2012 6:23 PM Example console#show ip helper-address IP helper is enabled Interface Server Address UDP Port Discard Hit Count -------------------- ----------- ---------- --------- -----------------vlan 25 192.168.40.2 domain No 0 vlan 25 192.168.40.2 dhcp No 0 vlan 30 dhcp Yes 0 vlan 30 192.168.23.1 162 No 0 Any 192.168.40.
2CSPC4.X8100-SWUM100.book Page 527 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example console#show ipv6 dhcp interface out-of-band statistics DHCPv6 Client Statistics ------------------------DHCPv6 Advertisement Packets Received.......... 0 DHCPv6 Reply Packets Received.................. 0 Received DHCPv6 Advertisement Packets Discard.. 0 Received DHCPv6 Reply Packets Discarded........
2CSPC4.X8100-SWUM100.book Page 528 Wednesday, August 29, 2012 6:23 PM show ipv6 interface out-of-band Use the show ipv6 interface out-of-band command in Privileged EXEC mode to show the IPv6 out-of-band port configuration. Syntax show ipv6 interface out-of-band Parameter Description Parameter Description ipv6-address An IPv6 address (not a prefix). Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 529 Wednesday, August 29, 2012 6:23 PM IPv6 Access List Commands 22 Access to a switch or router can be made more secure through the use of Access Control Lists (ACLs) to control the type of traffic allowed into or out of specific ports. An ACL consists of a series of rules, each of which describes the type of traffic to be processed and the actions to take for packets that meet the classification criteria.
2CSPC4.X8100-SWUM100.book Page 530 Wednesday, August 29, 2012 6:23 PM deny | permit (IPv6 ACL) This command creates a new rule for the current IPv6 access list. Each rule is appended to the list of configured rules for the list. A rule may either deny or permit traffic according to the specified classification fields. At a minimum, either the every keyword or the protocol, source address, and destination address values must be specified.
2CSPC4.X8100-SWUM100.book Page 531 Wednesday, August 29, 2012 6:23 PM Parameter Description every Allows all protocols. icmpv6 | ipv6 | tcp Protocol to match, specified as keywords icmp, igmp, ipv6, tcp, | udp | udp or as a standard protocol number from 1–255. protocolnumber any | sourceipv6 prefix/ any matches any source IP address. Or, you can specify a source IPv6 addressed expressed as a prefix/prefixlength. eq {portnumber | portkey} eq matches a port number being used as a match criteria.
2CSPC4.X8100-SWUM100.book Page 532 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode IPv6-Access-List Configuration mode User Guidelines Users are permitted to add rules, but if a packet does not match any userspecified rules, the packet is dropped by the implicit “deny all” rule. The 'no' form of this command is not supported, since the rules within an IPv6 ACL cannot be deleted individually.
2CSPC4.X8100-SWUM100.book Page 533 Wednesday, August 29, 2012 6:23 PM Syntax ipv6 access-list name no ipv6 access-list name • name — Alphanumeric string of 1 to 31 characters uniquely identifying the IPv6 access list. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 534 Wednesday, August 29, 2012 6:23 PM Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(Config)#ipv6 access-list rename DELL_IP6 DELL_IP6_NEW_NAME ipv6 traffic-filter The ipv6 traffic-filter command either attaches a specific IPv6 Access Control List (ACL) to an interface or associates it with a VLAN ID in a given direction.
2CSPC4.X8100-SWUM100.book Page 535 Wednesday, August 29, 2012 6:23 PM • sequence seq-num — Order of access list relative to other access lists already assigned to this interface and direction. (Range: 1–4294967295) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 536 Wednesday, August 29, 2012 6:23 PM Parameter Description Rule Status Status (Active/Inactive) of the IPv6 ACL rule. Default Configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example The following example displays configuration information for the IPv6 ACLs.
2CSPC4.X8100-SWUM100.book Page 537 Wednesday, August 29, 2012 6:23 PM Inbound Interface(s): 1/0/1 Rule Number: 1 Action......................................... deny Protocol....................................... 255(ipv6) Source IP Address.............................. 2001:DB8::/32 Destination L4 Port Keyword.................... 80(www/http) Rule Number: 2 Action......................................... permit Protocol....................................... 255(ipv6) Source IP Address.................
2CSPC4.X8100-SWUM100.book Page 538 Wednesday, August 29, 2012 6:23 PM Source L4 This field displays the source port for this rule. Port Keyword Destination IP Address This displays the destination IP address for this rule. Destination L4 Port Keyword This field displays the destination port for this rule. IP DSCP This field indicates the value specified for IP DSCP. Flow Label This field indicates the value specified for IPv6 Flow Label. Log Displays when you enable logging for the rule.
2CSPC4.X8100-SWUM100.book Page 539 Wednesday, August 29, 2012 6:23 PM 23 IPv6 MLD Snooping Commands In IPv6, Multicast Listener Discover (MLD) snooping performs functions similar to IGMP snooping in IPv4. With MLD snooping, IPv6 multicast data is selectively forwarded to a list of ports that want to receive the data, instead of being flooded to all ports in a VLAN. This list is constructed by snooping IPv6 multicast control packets.
2CSPC4.X8100-SWUM100.book Page 540 Wednesday, August 29, 2012 6:23 PM ipv6 mld snooping immediate-leave The ipv6 mld snooping immediate-leave command enables or disables MLD Snooping snooping immediate-leave admin mode on a selected interface or VLAN. Enabling fast-leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an MLD done message for that multicast group without first sending out MAC-based general queries to the interface.
2CSPC4.X8100-SWUM100.book Page 541 Wednesday, August 29, 2012 6:23 PM ipv6 mld snooping groupmembership-interval The ipv6 mld snooping groupmembership-interval command sets the MLD Group Membership Interval time on a VLAN or interface. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry. This value must be greater than the MLDv2 Maximum Response time value.
2CSPC4.X8100-SWUM100.book Page 542 Wednesday, August 29, 2012 6:23 PM interface because it did not receive a report for a particular group in that interface. This value must be less than the MLD Query Interval time value. The range is 1 to 3599 seconds. Syntax ipv6 mld snooping maxresponse [vlan-id] [seconds] no ipv6 mld snooping maxresponse [vlan-id] • vlan_id — Specifies a VLAN ID value in VLAN Database mode. • seconds — MLD maximum response time in seconds.
2CSPC4.X8100-SWUM100.book Page 543 Wednesday, August 29, 2012 6:23 PM no ipv6 mld snooping mcrtexpiretime [vlan-id] • • vlan_id — Specifies a VLAN ID value in VLAN Database mode. seconds — multicast router present expiration time in seconds. (Range: 1–3600) Default Configuration The default multicast router present expiration time is 300 seconds. Command Mode Interface Configuration mode. VLAN Database mode.
2CSPC4.X8100-SWUM100.book Page 544 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping ipv6 mld snooping (Interface) The ipv6 mld snooping (Interface) command enables MLD Snooping on an interface. If an interface has MLD Snooping enabled and it becomes a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface.
2CSPC4.X8100-SWUM100.book Page 545 Wednesday, August 29, 2012 6:23 PM ipv6 mld snooping (VLAN) The ipv6 mld snooping (VLAN) command enables MLD Snooping on a particular VLAN and enables MLD snooping on all interfaces participating in a VLAN. Syntax ipv6 mld snooping vlan-id no ipv6 mld snooping vlan-id • vlan-id — Specifies a VLAN ID value. Default Configuration MLD Snooping is disabled. Command Mode VLAN Database mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 546 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example With no optional arguments, the command displays the following information: • Admin Mode — Indicates whether or not MLD Snooping is active on the switch. • Interfaces Enabled for MLD Snooping — Interfaces on which MLD Snooping is enabled.
2CSPC4.X8100-SWUM100.book Page 547 Wednesday, August 29, 2012 6:23 PM • Multicast Router Present Expiration Time — Displays the amount of time to wait before removing an interface that is participating in the VLAN from the list of interfaces with multicast routers attached. The interface is removed if a query is not received. This value may be configured. show ipv6 mld snooping groups The show ipv6 mld snooping groups command displays the MLD Snooping entries in the MFDB table.
2CSPC4.X8100-SWUM100.book Page 548 Wednesday, August 29, 2012 6:23 PM --------------------------------------------- Vlan ---- Ipv6 Address ----------------------- Ports ------------------------------------ console#show ipv6 mld snooping groups vlan 2 Vlan Ipv6 Address Type Ports ---- ----------------------- ------- --------------------------- 2 3333.0000.0004 Dynamic 1/0/1,1/0/3 2 3333.0000.
2CSPC4.X8100-SWUM100.book Page 549 Wednesday, August 29, 2012 6:23 PM IPv6 MLD Snooping Querier Commands 24 IGMP/MLD Snooping Querier is an extension of the IGMP/MLD Snooping feature. IGMP/MLD Snooping Querier allows the switch to simulate an IGMP/MLD router in a Layer 2-only network, thus removing the need to have an IGMP/MLD Router to collect the multicast group membership information. The querier function simulates a small subset of the IGMP/MLD router functionality.
2CSPC4.X8100-SWUM100.book Page 550 Wednesday, August 29, 2012 6:23 PM ipv6 mld snooping querier Use the ipv6 mld snooping querier command to enable MLD Snooping Querier on the system. Use the no form of this command to disable MLD Snooping Querier. Syntax ipv6 mld snooping querier no ipv6 mld snooping querier Default Configuration MLD Snooping Querier is disabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 551 Wednesday, August 29, 2012 6:23 PM Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping querier 10 ipv6 mld snooping querier address Use the ipv6 mld snooping querier address command to set the global MLD Snooping Querier address. Use the no form of this command to reset the global MLD Snooping Querier address to the default.
2CSPC4.X8100-SWUM100.book Page 552 Wednesday, August 29, 2012 6:23 PM ipv6 mld snooping querier election participate Use the ipv6 mld snooping querier election participate command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN. When this mode is enabled, if the Snooping Querier finds that the other Querier's source address is higher than the Snooping Querier's address, it stops sending periodic queries.
2CSPC4.X8100-SWUM100.book Page 553 Wednesday, August 29, 2012 6:23 PM Syntax ipv6 mld snooping querier query-interval interval ipv6 mld snooping querier query-interval • interval — Amount of time that the switch waits before sending another general query. (Range: 1–1800 seconds) Default Configuration The default query interval is 60 seconds.
2CSPC4.X8100-SWUM100.book Page 554 Wednesday, August 29, 2012 6:23 PM Default Configuration The default timer expiration period is 60 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping querier timer expiry 222 show ipv6 mld snooping querier Use the show ipv6 mld snooping querier command to display MLD Snooping Querier information.
2CSPC4.X8100-SWUM100.book Page 555 Wednesday, August 29, 2012 6:23 PM MLD Snooping Querier Mode Indicates whether or not MLD Snooping Querier is active on the switch. Querier Address Shows the IP Address which will be used in the IPv6 header while sending out MLD queries. MLD Version Indicates the version of MLD that will be used while sending out the queries. This is defaulted to MLD v1 and it can not be changed.
2CSPC4.X8100-SWUM100.book Page 556 Wednesday, August 29, 2012 6:23 PM Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received. MLD Version Indicates the version of MLD.
2CSPC4.X8100-SWUM100.book Page 557 Wednesday, August 29, 2012 6:23 PM IP Source Guard Commands 25 IP Source Guard (IPSG) is a security feature that filters IP packets based on source ID. The source ID may either be source IP address or a {source IP address, source MAC address} pair. The network administrator configures whether enforcement includes the source MAC address. The network administrator can configure static authorized source IDs.
2CSPC4.X8100-SWUM100.book Page 558 Wednesday, August 29, 2012 6:23 PM Syntax ip verify source Default Configuration By default, IPSG is disabled on all interfaces. Command Mode Interface Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 559 Wednesday, August 29, 2012 6:23 PM Example console(config-if-1/0/1)#ip verify source portsecurity ip verify binding Use the ip verify binding command in Global Configuration mode to configure static bindings. Use the no form of the command to remove the IPSG entry. Syntax ip verify binding macaddr vlan ipaddr interface Default Configuration By default, there will not be any static bindings configured.
2CSPC4.X8100-SWUM100.book Page 560 Wednesday, August 29, 2012 6:23 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example console#show ip verify interface gigabitethernet 1/0/1 show ip verify source interface Use the show ip verify source interface command in Privileged EXEC mode to display the bindings configured on a particular interface.
2CSPC4.X8100-SWUM100.book Page 561 Wednesday, August 29, 2012 6:23 PM show ip source binding Use the show ip source binding command in Privileged EXEC mode to display all bindings (static and dynamic). Syntax show ip source binding Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 563 Wednesday, August 29, 2012 6:23 PM 26 iSCSI Optimization Commands iSCSI Optimization provides a means of performing configuration specific to storage traffic and optionally giving traffic between iSCSI initiator and target systems special Quality of Service (QoS) treatment. iSCSI Optimization is best applied to mixed-traffic networks where iSCSI packets constitutes a portion of overall traffic.
2CSPC4.X8100-SWUM100.book Page 564 Wednesday, August 29, 2012 6:23 PM iSCSI Optimization borrows ACL lists from the global system pool. ACL lists allocated by iSCSI Optimization reduce the total number of ACLs available for use by the network operator. Enabling iSCSI Optimization uses one ACL list to monitor for iSCSI sessions. Each monitored iSCSI session utilizes two rules from additional ACL lists up to a maximum of two ACL lists.
2CSPC4.X8100-SWUM100.book Page 565 Wednesday, August 29, 2012 6:23 PM • When aging time is increased, current sessions will be timed out according to the new value. • When aging time is decreased, any sessions that have been dormant for a time exceeding the new setting will be immediately deleted from the table. All other sessions will continue to be monitored against the new time out value. Example The following example sets the aging time for iSCSI sessions to 100 minutes.
2CSPC4.X8100-SWUM100.book Page 566 Wednesday, August 29, 2012 6:23 PM Parameter Description remark Mark the iSCSI frames with the configured DSCP when egressing the switch. Default Configuration By default, frames are not remarked. The default vpt setting for iSCSI is 4, which the default class of service dot1p mapping assigns to queue 2. Command Mode Global Configuration mode. User Guidelines The remark option only applies to DSCP values. Remarking is not available for vpt values.
2CSPC4.X8100-SWUM100.book Page 567 Wednesday, August 29, 2012 6:23 PM Example The following example configures iSCSI packets to receive CoS treatment using DiffServ Code Point AF 41 and configures remarking of transmitted iSCSI packets. console(config)#iscsi cos dscp 10 remark iscsi enable The iscsi enable command globally enables iSCSI optimization. To disable iSCSI optimization, use the no form of this command. Syntax iscsi enable no iscsi enable Default Configuration iSCSI is enabled by default.
2CSPC4.X8100-SWUM100.book Page 568 Wednesday, August 29, 2012 6:23 PM The Application Priority TLV sent will contain the following information in addition to any other information contained in the TLV: AE Selector = 1 AE Protocol = 3260 AE Priority = priority configured for iSCSI PFC (the VPT value above). This TLV is sent in addition to any Application Priority TLV information received from the configuration source.
2CSPC4.X8100-SWUM100.book Page 569 Wednesday, August 29, 2012 6:23 PM Parameter Description targetname iSCSI name of the iSCSI target. The name can be statically configured; however, it can be obtained from iSNS or from sendTargets response. The initiator MUST present both its iSCSI Initiator Name and the iSCSI Target Name to which it wishes to connect in the first login request of a new session or connection.
2CSPC4.X8100-SWUM100.book Page 570 Wednesday, August 29, 2012 6:23 PM Example The following example configures TCP Port 49154 to target IP address 172.16.1.20. console(config)#iscsi target port 49154 address 172.16.1.20 show iscsi Use the show iscsi command in Privileged EXEC mode to display the iSCSI configuration. Syntax show iscsi Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 571 Wednesday, August 29, 2012 6:23 PM -----------------------------------------------iSCSI Targets and TCP Ports: -----------------------------------------------TCP Port 860 -3260 -- Target IP Address Name 30001 172.16.1.1iqn.1993-11.com.diskvendor:diskarrays.sn.45678.tape:sys1.xyz 30033172.16.1.
2CSPC4.X8100-SWUM100.book Page 572 Wednesday, August 29, 2012 6:23 PM Example The following examples show summary and detailed information about the iSCSI sessions. console#show iscsi sessions Target: iqn.1993-11.com.diskvendor:diskarrays.sn.45678 ----------------------------------------------------Initiator: iqn.1992-04.com.os-vendor.plan9:cdrom.12 ISID: 11 Initiator: iqn.1995-05.com.os-vendor.plan9:cdrom.10 ISID: 222 ----------------------------------------------------Target: iqn.103-1.com.
2CSPC4.X8100-SWUM100.book Page 573 Wednesday, August 29, 2012 6:23 PM Time started: 17-Jul-2008 10:04:50 Time for aging out: 10 min ISID: 11 Initiator Initiator Target Target IP address TCP port IP address IP port 172.16.1.3 49154 172.16.1.20 30001 172.16.1.4 49155 172.16.1.21 30001 172.16.1.5 49156 172.16.1.22 30001 Session 2: ----------------------------------------------------Initiator: iqn.1995-05.com.os-vendor.plan9:cdrom.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 575 Wednesday, August 29, 2012 6:23 PM Link Dependency Commands 27 Link dependency allows the link status of a group of interfaces to be made dependent on the link status of other interfaces. The effect is that the link status of a group that depends on another interface either mirrors or inverts the link status of the depended-on interface.
2CSPC4.X8100-SWUM100.book Page 576 Wednesday, August 29, 2012 6:23 PM Default Configuration The default configuration for a group is down, i.e. the group members will mirror the depended-on link status by going down when all depended-on interfaces are down. Command Mode Link Dependency mode User Guidelines The action up command will cause the group members to be up when no depended-on interfaces are up.
2CSPC4.X8100-SWUM100.book Page 577 Wednesday, August 29, 2012 6:23 PM Example console(config)#link-dependency group 1 console(config-linkDep-group-1)# add gigabitethernet Use this command to add member gigabit Ethernet port(s) to the dependency list. Syntax add gigabitethernet intf-list • intf-list — List of Ethernet interfaces in unit/slot/port format. Separate nonconsecutive ports with a comma and no spaces. Use a hyphen to designate the range of ports.
2CSPC4.X8100-SWUM100.book Page 578 Wednesday, August 29, 2012 6:23 PM • intf-list — List of Ethernet interfaces in unit/slot/port format. Separate nonconsecutive ports with a comma and no spaces. Use a hyphen to designate the range of ports. (Range: Valid Ethernet interface list or range) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 579 Wednesday, August 29, 2012 6:23 PM Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-depend-1)#add port-channel 10-12 depends-on Use this command to add the dependent Ethernet ports or port channels list. Use the no depends-on command to remove the dependent Ethernet ports or port-channels list.
2CSPC4.X8100-SWUM100.book Page 580 Wednesday, August 29, 2012 6:23 PM Examples console(config-linkDep-group-1)#depends-on gigabitethernet 1/0/10 console(config-linkDep-group-1)#depends-on portchannel 6 show link-dependency Use the show link-dependency command to show the link dependencies configured for a particular group. If no group is specified, then all the configured link-dependency groups are displayed.
2CSPC4.X8100-SWUM100.book Page 581 Wednesday, August 29, 2012 6:23 PM GroupId Member Ports Ports Depended On Link Action Group State ------- ---------------------------------------------------1 Gi4/0/2-3,Gi4/0/5 Gi4/0/10-12 Link Up Up/Down The following command shows link dependencies for group 1 only.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 583 Wednesday, August 29, 2012 6:23 PM LLDP Commands 28 The IEEE 802.1AB standard defines the Link Layer Discovery Protocol (LLDP). This protocol allows stations residing on an 802 LAN to advertise major capabilities, physical descriptions, and management information to physically adjacent devices, allowing a network management system (NMS) to access and display this information.
2CSPC4.X8100-SWUM100.book Page 584 Wednesday, August 29, 2012 6:23 PM The receive function accepts incoming LLDPDU frames and stores information about the remote stations. Both local and remote data may be displayed by the user interface and retrieved using SNMP as defined in the LLDP MIB definitions. The component maintains one remote entry per physical network connection.
2CSPC4.X8100-SWUM100.book Page 585 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays how to clear the LLDP remote data. console#clear lldp remote-data clear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics. Syntax clear lldp statistics Default Configuration By default, the statistics are only cleared on a system reset.
2CSPC4.X8100-SWUM100.book Page 586 Wednesday, August 29, 2012 6:23 PM lldp notification Use the lldp notification command in Interface Configuration mode to enable remote data change notifications. To disable notifications, use the no form of this command. Syntax lldp notification no lldp notification Default Configuration By default, notifications are disabled on all supported interfaces. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 587 Wednesday, August 29, 2012 6:23 PM • interval — The smallest interval in seconds at which to send remote data change notifications. (Range: 5–3600 seconds) Default Configuration The default value is 5 seconds. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to set the interval value to 10 seconds.
2CSPC4.X8100-SWUM100.book Page 588 Wednesday, August 29, 2012 6:23 PM Example The following example displays how to enable the LLDP receive capability. console(config-if-1/0/3)#lldp receive lldp timers Use the lldp timers command in Global Configuration mode to set the timing parameters for local data transmission on ports enabled for LLDP. To return any or all parameters to factory default, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 589 Wednesday, August 29, 2012 6:23 PM Examples The following example displays how to configure LLDP to transmit local information every 1000 seconds. console(config)#lldp timers interval 1000 The following example displays how to set the timing parameter at 1000 seconds with a hold multiplier of 8 and a 5 second delay before reinitialization.
2CSPC4.X8100-SWUM100.book Page 590 Wednesday, August 29, 2012 6:23 PM lldp transmit-mgmt Use the lldp transmit-mgmt command in Interface Configuration mode to include transmission of the local system management address information in the LLDPDUs. To cancel inclusion of the management information, use the no form of this command. Syntax lldp transmit-mgmt no lldp transmit-mgmt Default Configuration By default, management address information is not included.
2CSPC4.X8100-SWUM100.book Page 591 Wednesday, August 29, 2012 6:23 PM • sys-name — Transmits the system name TLV • sys-desc — Transmits the system description TLV • sys-cap — Transmits the system capabilities TLV • port desc — Transmits the port description TLV Default Configuration By default, no optional TLVs are included. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 592 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays the current LLDP configuration summary.
2CSPC4.X8100-SWUM100.book Page 593 Wednesday, August 29, 2012 6:23 PM Examples This example show how the information is displayed when you use the command with the all parameter.
2CSPC4.X8100-SWUM100.book Page 594 Wednesday, August 29, 2012 6:23 PM • detail — includes a detailed version of remote data. • interface — Specifies a valid physical interface on the device. Specify either gigabitethernet unit/slot/port or tengigabitethernet unit/slot/port or fortygigabitethernet unit/slot/port. • all — Shows lldp local device information on all interfaces. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 595 Wednesday, August 29, 2012 6:23 PM System Name: System Description: Routing Port Description: System Capabilities Supported: bridge, router System Capabilities Enabled: bridge Management Address: Type: IPv4 Address: 192.168.17.25 — — — show lldp remote-device Use the lldp remote-device command in Privileged EXEC mode to display the current LLDP remote data. This command can display summary information or detail for each interface.
2CSPC4.X8100-SWUM100.book Page 596 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Examples These examples show current LLDP remote data, including a detailed version.
2CSPC4.X8100-SWUM100.book Page 597 Wednesday, August 29, 2012 6:23 PM show lldp statistics Use the show lldp statistics command in Privileged EXEC mode to display the current LLDP traffic statistics. Syntax show lldp statistics {unit/slot/port | all} Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 598 Wednesday, August 29, 2012 6:23 PM Total Drops.................................. 0 Total Ageouts................................ 1 Tx TLV TLV Rx TLV TLV TLV Interface Total Total Discards Errors Ageout Discards Unknowns MED 802.1 802.3 --------- ----- ----- -------- ------ ------ --------------- ---- ----- ----1/0/11 0 1 29395 82562 0 4 0 1 0 0 The following table explains the fields in this example.
2CSPC4.X8100-SWUM100.book Page 599 Wednesday, August 29, 2012 6:23 PM Fields Description Discards Number of LLDP frames received on the indicated port and discarded for any reason. Errors Number of non-valid LLDP frames received on the indicated port. Ageouts Number of times a remote data entry on the indicated port has been deleted due to TTL expiration. TLV Discards Number LLDP TLVs (Type, Length, Value sets) received on the indicated port and discarded for any reason by the LLDP agent.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 601 Wednesday, August 29, 2012 6:23 PM Multicast VLAN Registration Commands 29 Multicast VLAN registration (MVR) is a method for consolidating multicast traffic from multiple VLANs onto a single VLAN. A typical usage scenario would be the distribution of a multicast group to a switch using a single VLAN where the switch has users in different VLANs subscribing to the multicast group.
2CSPC4.X8100-SWUM100.book Page 602 Wednesday, August 29, 2012 6:23 PM Commands in this Chapter This chapter explains the following commands: mvr mvr type mvr group mvr vlan group mvr mode show mvr mvr querytime show mvr members mvr vlan show mvr interface mvr immediate show mvr traffic mvr Use the mvr command in Global Config and Interface Config modes to enable MVR. Use the no form of this command to disable MVR.
2CSPC4.X8100-SWUM100.book Page 603 Wednesday, August 29, 2012 6:23 PM mvr group Use the mvr group command in Global Config mode to add an MVR membership group. Use the no form of the command to remove an MVR membership group. Syntax mvr group A.B.C.D [count] no mvr group A.B.C.D [count] Parameter Description Parameter Description A.B.C.D Specify a multicast group. count Specifies the number of multicast groups to configure.
2CSPC4.X8100-SWUM100.book Page 604 Wednesday, August 29, 2012 6:23 PM console(config)#mvr group 239.0.1.0 100 console(config)#mvr vlan 10 mvr mode Use the mvr mode command in Global Config mode to change the MVR mode type. Use the no form of the command to set the mode type to the default value. Syntax mvr mode {compatible | dynamic} no mvr mode Parameter Description Parameter Description compatible Do not allow membership joins on source ports.
2CSPC4.X8100-SWUM100.book Page 605 Wednesday, August 29, 2012 6:23 PM Syntax mvr querytime 1–100 no mvr querytime Parameter Description Parameter Description querytime The query time is a maximum time to wait for an IGMP membership report on a receiver port before removing the port from the multicast group. The query time only applies to receiver ports. The query time is specified in tenths of a second. Default Configuration The default value is 5 tenths of a second.
2CSPC4.X8100-SWUM100.book Page 606 Wednesday, August 29, 2012 6:23 PM mvr vlan Use the mvr vlan command in Global Config mode to set the MVR multicast VLAN. Use the no form of the command to set the MVR multicast VLAN to the default value. Syntax mvr vlan 1–4094 no mvr vlan Parameter Description Parameter Description vlan The VLAN specifies the port on which multicast data is expected to be received. Source ports should belong to this VLAN. Default Configuration The default value is 1.
2CSPC4.X8100-SWUM100.book Page 607 Wednesday, August 29, 2012 6:23 PM Syntax mvr immediate no mvr immediate Parameter Description This command does not require a parameter description. Default Configuration The default value is Disabled. Command Mode Interface Config User Guidelines Immediate leave should only be configured on ports with a single receiver. When immediate leave is enabled, a receiver port will leave a group on receipt of a leave message.
2CSPC4.X8100-SWUM100.book Page 608 Wednesday, August 29, 2012 6:23 PM Syntax mvr type {receiver | source} no mvr type Parameter Description Parameter Description receiver Configure the port as a receiver port. Receiver ports are ports over which multicast data will be sent but not received. source Configure the port as a source port. Source ports are ports over which multicast data is received or sent. Default Configuration The default value is None.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 610 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Config User Guidelines This command statically configures a port to receive the specified multicast group on the specified VLAN. This command only applies to receiver ports in compatible mode. It also applies to source ports in dynamic mode. In dynamic mode, receiver ports can also join multicast groups using IGMP messages.
2CSPC4.X8100-SWUM100.book Page 611 Wednesday, August 29, 2012 6:23 PM Parameter Description MVR Running MVR running state. It can be enabled or disabled. MVR Multicast VLAN Current MVR multicast VLAN. It can be in the range from 1 to 4094. MVR Max Multicast Groups The maximum number of multicast groups that is supported by MVR. MVR Current Multicast groups The current number of MVR groups allocated. MVR Query Response Time The current MVR query response time. MVR Mode The current MVR mode.
2CSPC4.X8100-SWUM100.book Page 612 Wednesday, August 29, 2012 6:23 PM MVR Current multicast groups............. 1 MVR Global query response time........... 10 (tenths of sec) MVR Mode................................. compatible show mvr members Use the show mvr members command in Privileged EXEC mode to display the MVR membership groups allocated. Syntax show mvr members [A.B.C.D] Parameter Description The parameter is a valid multicast address in IPv4 dotted notation.
2CSPC4.X8100-SWUM100.book Page 613 Wednesday, August 29, 2012 6:23 PM Message Type Message Description Successful Completion Message None Error Completion Message MVR disabled Examples console#show mvr members MVR Group IP Status Members --------------------------- --------------- ----------- 224.1.1.1 1/0/3 INACTIVE 1/0/1, 1/0/2, console#show mvr members 224.1.1.1 MVR Group IP Status Members --------------------------- --------------- ----------- 224.1.1.
2CSPC4.X8100-SWUM100.book Page 614 Wednesday, August 29, 2012 6:23 PM Parameter Description VID VLAN identifier. The following table explains the output parameters. Parameter Description Port Interface number Type The MVR port type. It can be None, Receiver, or Source type. Status The interface status. It consists of two characteristics: 1 active or inactive indicating if port is forwarding.
2CSPC4.X8100-SWUM100.book Page 615 Wednesday, August 29, 2012 6:23 PM Port Type Immediate Leave Status ----------------------------------------- --------------------- 1/0/9 DISABLED ACTIVE/inVLAN RECEIVER - console#show mvr interface 1/0/9 Type: RECEIVER Status: ACTIVE DISABLED Immediate Leave: console#show mvr interface Fa1/0/23 members 235.0.0.1 STATIC ACTIVE console#show mvr interface Fa1/0/23 members vlan 12 235.0.0.1 STATIC ACTIVE 235.1.1.
2CSPC4.X8100-SWUM100.book Page 616 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines The following table lists the completion messages. Message Type Message Description Successful Completion Message None Error Completion Message MVR disabled Examples The following table explains the output parameters. Parameter Description IGMP Query Received Number of received IGMP Queries.
2CSPC4.X8100-SWUM100.book Page 617 Wednesday, August 29, 2012 6:23 PM IGMP Report V2 Received........................ 3 IGMP Leave Received............................ 0 IGMP Query Transmitted......................... 2 IGMP Report V1 Transmitted..................... 0 IGMP Report V2 Transmitted..................... 3 IGMP Leave Transmitted......................... 1 IGMP Packet Receive Failures................... 0 IGMP Packet Transmit Failures..................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 619 Wednesday, August 29, 2012 6:23 PM Port Channel Commands 30 Care must be taken while enabling this type of configuration. If the Partner System is not 802.3AD compliant or the Link Aggregation Control protocol is not enabled, there may be network instability.
2CSPC4.X8100-SWUM100.book Page 620 Wednesday, August 29, 2012 6:23 PM A LAG can be either static or dynamic, but not both. It cannot have some member ports participate in the protocol while other member ports do not participate. Additionally, it is not possible to change a LAG from static to dynamic via the CLI. You must remove the member ports from the static LAG and then add them to the dynamic LAG. VLANs and LAGs When members are added to a LAG, they are removed from all existing VLAN membership.
2CSPC4.X8100-SWUM100.book Page 621 Wednesday, August 29, 2012 6:23 PM A LAG failure of one or more of the links does not stop traffic in any manner. Upon failure, the flows mapped to a link are dynamically reassigned to the remaining links of the LAG. Similarly when links are added to a LAG, the conversations may need to be shifted to a new link. The purpose of link aggregation is to increase bandwidth between two switches. It is achieved by aggregating multiple ports in one logical group.
2CSPC4.X8100-SWUM100.book Page 622 Wednesday, August 29, 2012 6:23 PM The hashing algorithm is configurable for each LAG. Typically, an administrator is able to choose from hash algorithms utilizing the following attributes of a packet to determine the outgoing port: • Source MAC, VLAN, EtherType, and incoming port associated with the packet. • Source IP and Source TCP/UDP fields of the packet. • Destination MAC, VLAN, EtherType, and incoming port associated with the packet.
2CSPC4.X8100-SWUM100.book Page 623 Wednesday, August 29, 2012 6:23 PM Manual Aggregation of LAGs PowerConnect switching supports the manual addition and deletion of links to aggregates. In the manual configuration of aggregates, the ports send their Actor Information (LACPDUs) to the partner system in order to find a suitable Partner to form an aggregation. When the Partner System neglects to respond using LACPDUs, the PowerConnect switching aggregates manually.
2CSPC4.X8100-SWUM100.book Page 624 Wednesday, August 29, 2012 6:23 PM channel-group Use the channel-group command in Interface Configuration mode to associate a port with a port channel. To remove the channel-group configuration from the interface, use the no form of this command. Syntax channel-group port-channel-number mode {on | active} no channel-group • port-channel-number — Number of a valid port-channel with which to associate the current interface.
2CSPC4.X8100-SWUM100.book Page 625 Wednesday, August 29, 2012 6:23 PM interface port-channel Use the interface port-channel command in Global Configuration mode to configure a port-channel type and enter port-channel configuration mode. Syntax interface port-channel port-channel-number Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 626 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Commands in the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, it stops the execution of the command on subsequent interfaces.
2CSPC4.X8100-SWUM100.book Page 627 Wednesday, August 29, 2012 6:23 PM • 6 — Source/destination IP and source/destination TCP/UDP port • 7 — Enhanced hashing mode Default Configuration This command has no default configuration. Command Mode Interface Configuration (port-channel) User Guidelines No specific guidelines.
2CSPC4.X8100-SWUM100.book Page 628 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example configures the priority value for port 1/0/8 to 247. console(config)#interface gigabitethernet 1/0/8 console(config-if-1/0/8)#lacp port-priority 247 lacp system-priority Use the lacp system-priority command in Global Configuration mode to configure the Link Aggregation system priority. To reset to default, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 629 Wednesday, August 29, 2012 6:23 PM lacp timeout Use the lacp timeout command in Interface Configuration mode to assign an administrative LACP timeout. To reset the default administrative LACP timeout, use the no form of this command. Syntax lacp timeout {long | short} no lacp timeout • long — Specifies a long timeout value. • short — Specifies a short timeout value. Default Configuration The default port timeout value is long.
2CSPC4.X8100-SWUM100.book Page 630 Wednesday, August 29, 2012 6:23 PM Syntax port-channel local-preference no port-channel local-preference Default Configuration By default, port channels are not configured with local preference. Command Mode Interface Config (port-channel) mode User Guidelines For a LAG that contains links distributed across stacking units, the default behavior is to distribute locally received ingress traffic across all LAG links in the stack per the selected hashing algorithm.
2CSPC4.X8100-SWUM100.book Page 631 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description min-links The minimum number of links that must be active before the link is declared up. Range 1-8. The default is 1. Default Configuration This command has no default configuration. Command Mode Interface Configuration (port-channel) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 632 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 633 Wednesday, August 29, 2012 6:23 PM Example #2 console#show interfaces port-channel 1 Channel Ports Local Prf Ch-Type Hash Type Min-links ----------------------------------- -------- ---------- -------- --------Po1 Enabled Inactive: Gi1/0/1, Gi1/0/2, Dynamic 3 1 Gi1/0/3, Gi1/0/4 show lacp Use this command in Privileged EXEC mode to display LACP information for Ethernet ports.
2CSPC4.X8100-SWUM100.book Page 634 Wednesday, August 29, 2012 6:23 PM Example The following example shows how to display LACP Ethernet interface information.
2CSPC4.X8100-SWUM100.book Page 635 Wednesday, August 29, 2012 6:23 PM port Oper timeout: LONG LACP Activity: ASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Port 1/0/1 LACP Statistics: LACP PDUs sent: 2 LACP PDUs received: 2 show statistics port-channel Use the show statistics port-channel command in Privileged EXEC mode to display statistics about a specific port-channel.
2CSPC4.X8100-SWUM100.book Page 636 Wednesday, August 29, 2012 6:23 PM Example The following example shows statistics about port-channel 1. console#show statistics port-channel 1 Total Packets Received (Octets)................ 0 Packets Received > 1522 Octets................. 0 Packets RX and TX 64 Octets.................... 1064 Packets RX and TX 65-127 Octets................ 140 Packets RX and TX 128-255 Octets............... 201 Packets RX and TX 256-511 Octets...............
2CSPC4.X8100-SWUM100.book Page 637 Wednesday, August 29, 2012 6:23 PM Total Received Packets Not Forwarded........... 0 Local Traffic Frames........................... 0 802.3x Pause Frames Received................... 0 Unacceptable Frame Type........................ 0 Multicast Tree Viable Discards................. 0 Reserved Address Discards...................... 0 Broadcast Storm Recovery....................... 0 CFI Discards................................... 0 Upstream Threshold.......................
2CSPC4.X8100-SWUM100.book Page 638 Wednesday, August 29, 2012 6:23 PM 802.3x Pause Frames Transmitted................ 0 GVRP PDUs received............................. 0 GVRP PDUs Transmitted.......................... 0 GVRP Failed Registrations...................... 0 Time Since Counters Last Cleared...............
2CSPC4.X8100-SWUM100.book Page 639 Wednesday, August 29, 2012 6:23 PM Port Monitor Commands 31 PowerConnect switches allow the user to monitor traffic with an external network analyzer. The external network analyzer can use any of the Ethernet ports as a probe port. The probe port transmits a mirror copy of the traffic being probed. Network traffic transmission is always disrupted whenever a configuration change is made for port monitoring.
2CSPC4.X8100-SWUM100.book Page 640 Wednesday, August 29, 2012 6:23 PM monitor session show monitor session monitor session Use the monitor session command in Global Configuration mode to configure a probe port and a monitored port for monitor session (port monitoring). Use the src-interface parameter to specify the interface to monitor. Use rx to monitor only ingress packets, or use tx to monitor only egress packets.
2CSPC4.X8100-SWUM100.book Page 641 Wednesday, August 29, 2012 6:23 PM User Guidelines The source of a monitoring session must be configured before the destination can be configured. Only one session with a single destination is supported, however, that session supports multiple sources. Example The following examples show a simple port level configuration that mirrors both transmitted and received packet from one port to another.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 643 Wednesday, August 29, 2012 6:23 PM QoS Commands 32 Quality of Service (QoS) technologies are intended to provide guaranteed timely delivery of specific application data to a particular destination. In contrast, standard IP-based networks are designed to provide best effort data delivery service. Best effort service implies that the network delivers the data in a timely fashion, although there is no guarantee.
2CSPC4.X8100-SWUM100.book Page 644 Wednesday, August 29, 2012 6:23 PM A user configures an ACL permit rule to force its matching traffic stream to a specific egress interface, bypassing any forwarding decision normally performed by the device. The interface can be a physical port or a LAG. The redirect interface rule action is independent of, but compatible with, the assign queue rule action. ACLs can be configured to apply to a VLAN instead of an interface.
2CSPC4.X8100-SWUM100.book Page 645 Wednesday, August 29, 2012 6:23 PM – • Untrusted Port Default Priority Queue Configuration This enables PowerConnect switches to support a wide variety of delay sensitive video and audio multicast applications. CoS mapping tables, port default priority, and hardware queue parameters may be configured on LAG interfaces as well as physical port interfaces.
2CSPC4.X8100-SWUM100.book Page 646 Wednesday, August 29, 2012 6:23 PM process is also used for cases where a trusted port mapping is unable to be honored, such as when a nonIP packet arrives at a port configured to trust the IP precedence or IP DSCP value.
2CSPC4.X8100-SWUM100.book Page 647 Wednesday, August 29, 2012 6:23 PM assign-queue Use the assign-queue command in Policy-Class-Map Configuration mode to modify the queue ID to which the associated traffic stream is assigned. Syntax assign-queue queueid • queueid — Specifies a valid queue ID. (Range: integer from 0–6.) Default Configuration This command has no default configuration. Command Mode Policy-Class-Map Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 648 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Policy Map Configuration mode User Guidelines This command causes the specified policy to create a reference to the class definition. The command mode is changed to Policy-Class-Map Configuration when this command is executed successfully. Example The following example shows how to specify the DiffServ class name of "DELL.
2CSPC4.X8100-SWUM100.book Page 649 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example The following example creates a class-map named "DELL" which requires all ACE’s to be matched. console(config)#class-map DELL console(config-cmap)# class-map rename Use the class-map rename command in Global Configuration mode to change the name of a DiffServ class.
2CSPC4.X8100-SWUM100.book Page 650 Wednesday, August 29, 2012 6:23 PM console(config)# classofservice dot1p-mapping Use the classofservice dot1p-mapping command in Global Configuration mode to map an 802.1p priority to an internal traffic class. In Interface Configuration mode, the mapping is applied only to packets received on that interface. Use the no form of the command to remove mapping between an 802.1p priority and an internal traffic class. Syntax classofservice dot1p-mapping 802.
2CSPC4.X8100-SWUM100.book Page 651 Wednesday, August 29, 2012 6:23 PM User Guidelines None Example The following example configures mapping for user priority 1 and traffic class 2. console(config)#classofservice dot1p-mapping 1 2 classofservice ip-dscp-mapping Use the classofservice ip-dscp-mapping command in Global Configuration mode to map an IP DSCP value to an internal traffic class.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 654 Wednesday, August 29, 2012 6:23 PM IP DSCP Traffic Class 58 3 59 3 60 3 61 3 62 3 63 3 Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays mapping for IP DSCP 1 and traffic class 2.
2CSPC4.X8100-SWUM100.book Page 655 Wednesday, August 29, 2012 6:23 PM • ip-dscp — Specifies that the mode be set to trust IP DSCP packet markings. Default Configuration This command has no default configuration. Command Mode Global Configuration mode or Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 656 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Policy-Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to specify the conform-color command.
2CSPC4.X8100-SWUM100.book Page 657 Wednesday, August 29, 2012 6:23 PM User Guidelines The maximum number of queues supported per interface is seven. When ETS is operational on a switch, this command overrides the ETS assignments and assigns minimum bandwidth constraints across traffic class groups. This allows the administrator to ensure that the frame scheduler does not completely starve lower priority groups when strict priority is enabled on a high numbered TCG.
2CSPC4.X8100-SWUM100.book Page 658 Wednesday, August 29, 2012 6:23 PM Default Configuration WRED queue management policy is disabled by default. Tail-drop queue management policy is enabled by default. Command Mode Interface Configuration (physical or port-channel) mode or Global Configuration mode User Guidelines When used on a port-channel, this command will override the settings on the individual interfaces that are part of the port channel. This command can be used in Interface Range mode.
2CSPC4.X8100-SWUM100.book Page 659 Wednesday, August 29, 2012 6:23 PM no cos-queue strict {queue-id-1} [{queue-id-2} … {queue-id-n}] • queue-id-1 — Specifies the queue ID for which you are activating the strict priority scheduler. You can specify a queue ID for as many queues as you have (queue-id 1 through queue-id-n). (Range: 0–6) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 660 Wednesday, August 29, 2012 6:23 PM Default Configuration This command default is enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to set the DiffServ operational mode to active. console(Config)#diffserv drop Use the drop command in Policy-Class-Map Configuration mode to specify that all packets for the associated traffic stream are to be dropped at ingress.
2CSPC4.X8100-SWUM100.book Page 661 Wednesday, August 29, 2012 6:23 PM console(config-policy-classmap)#drop mark cos Use the mark cos command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header. If the packet does not already contain this header, one is inserted. Syntax mark cos cos-value • cos-value — Specifies the CoS value as an integer.
2CSPC4.X8100-SWUM100.book Page 662 Wednesday, August 29, 2012 6:23 PM • dscpval — Specifies a DSCP value (10, 12, 14, 18, 20, 22, 26, 28, 30, 34, 36, 38, 0, 8, 16, 24, 32, 40, 48, 56, 46) or a DSCP keyword (af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef). Default Configuration This command has no default configuration. Command Mode Policy-Class-Map Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 663 Wednesday, August 29, 2012 6:23 PM User Guidelines. This command has no user guidelines. Example The following example displays console(config)#policy-map p1 in console(config-policy-map)#class c1 console(config-policy-classmap)#mark ip-precedence 2 console(config-policy-classmap)# match class-map Use the match class-map command to add to the specified class definition the set of match conditions defined for another class.
2CSPC4.X8100-SWUM100.book Page 664 Wednesday, August 29, 2012 6:23 PM • Any attempts to delete the refclassname class while the class is still referenced by any class-map-name fails. • The combined match criteria of class-map-name and refclassname must be an allowed combination based on the class type. • Any subsequent changes to the refclassname class match criteria must maintain this validity, or the change attempt fails.
2CSPC4.X8100-SWUM100.book Page 665 Wednesday, August 29, 2012 6:23 PM Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition to the specified class. console(config-classmap)#match cos 1 match destination-address mac Use the match destination-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination MAC address of a packet.
2CSPC4.X8100-SWUM100.book Page 666 Wednesday, August 29, 2012 6:23 PM Example The following example displays adding a match condition for the specified MAC address and bit mask. console(config-classmap)#match destination-address mac AA:ED:DB:21:11:06 FF:FF:FF:EF:EE:EE match dstip Use the match dstip command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination IP address of a packet.
2CSPC4.X8100-SWUM100.book Page 667 Wednesday, August 29, 2012 6:23 PM match dstip6 The match dstip6 command adds to the specified class definition a match condition based on the destination IPv6 address of a packet. Syntax match dstip6 destination-ipv6-prefix/prefix-length • destination-ipv6-prefix — IPv6 prefix in IPv6 global address format. • prefix-length —IPv6 prefix length value. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 668 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition based on the destination layer 4 port of a packet using the "echo" port name keyword.
2CSPC4.X8100-SWUM100.book Page 669 Wednesday, August 29, 2012 6:23 PM Example The following example displays how to add a match condition based on ethertype. console(config-classmap)#match ethertype arp match ip6flowlbl The match ip6flowlbl command adds to the specified class definition a match condition based on the IPv6 flow label of a packet. Syntax match ip6flowlbl label • label - The value to match in the Flow Label field of the IPv6 header (Range 0-1048575).
2CSPC4.X8100-SWUM100.book Page 670 Wednesday, August 29, 2012 6:23 PM match ip dscp Use the match ip dscp command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the IP DiffServ Code Point (DSCP) field in a packet. This field is defined as the high-order six bits of the Service Type octet in the IP header. The low-order two bits are not checked.
2CSPC4.X8100-SWUM100.book Page 671 Wednesday, August 29, 2012 6:23 PM match ip precedence Use the match ip precedence command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the IP precedence field. Syntax match ip precedence precedence • precedence — Specifies the precedence field in a packet. This field is the high-order three bits of the Service Type octet in the IP header.
2CSPC4.X8100-SWUM100.book Page 672 Wednesday, August 29, 2012 6:23 PM Syntax match ip tos tosbits tosmask • tosbits — Specifies a two-digit hexadecimal number. (Range: 00–ff) • tosmask — Specifies the bit positions in the tosbits parameter that are used for comparison against the IP TOS field in a packet. This value of this parameter is expressed as a two-digit hexadecimal number. (Range: 00–ff) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 673 Wednesday, August 29, 2012 6:23 PM • protocol-name — Specifies one of the supported protocol name keywords. The supported values are icmp, igmp, ip, tcp, and udp. • protocol-number — Specifies the standard value assigned by IANA. (Range 0–255) Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 674 Wednesday, August 29, 2012 6:23 PM Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example adds to the specified class definition a match condition based on the source MAC address of the packet.
2CSPC4.X8100-SWUM100.book Page 675 Wednesday, August 29, 2012 6:23 PM Example The following example displays adding a match condition for the specified IP address and address bit mask. console(config-classmap)#match srcip 10.240.1.1 10.240.0.0 match srcip6 The match srcip6 command adds to the specified class definition a match condition based on the source IPv6 address of a packet. Syntax match srcip6 source-ipv6-prefix/prefix-length • source-ipv6-prefix —IPv6 prefix in IPv6 global address format.
2CSPC4.X8100-SWUM100.book Page 676 Wednesday, August 29, 2012 6:23 PM Syntax match srcl4port {portkey | port-number} • portkey — Specifies one of the supported port name keywords. A match condition is specified by one layer 4 port number. The currently supported values are: domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, and www. • port-number — Specifies a layer 4 port number (Range: 0–65535). Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 677 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines Only a single VLAN can be specified for each class map. To remove the matching criteria, delete the class map. Example The following example displays adding a match condition for the VLAN ID "2.
2CSPC4.X8100-SWUM100.book Page 678 Wednesday, August 29, 2012 6:23 PM Example The following example displays how to copy all the data to port 1/0/5. console(config-policy-classmap)#mirror 1/0/5 police-simple Use the police-simple command in Policy-Class-Map Configuration mode to establish the traffic policing style for the specified class. The simple form of the police command uses a single data rate and burst size, resulting in two outcomes: conform and nonconform.
2CSPC4.X8100-SWUM100.book Page 679 Wednesday, August 29, 2012 6:23 PM User Guidelines Only one style of police command (simple) is allowed for a given class instance in a particular policy. Example The following example shows how to establish the traffic policing style for the specified class.
2CSPC4.X8100-SWUM100.book Page 680 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines The CLI mode is changed to Policy-Class-Map Configuration when this command is successfully executed. The policy type dictates which of the individual policy attribute commands are valid within the policy definition. Example The following example shows how to establish a new ingress DiffServ policy named "DELL.
2CSPC4.X8100-SWUM100.book Page 681 Wednesday, August 29, 2012 6:23 PM Parameter Description max-thresh The maximum threshold to ene dropping at the configured maximum drop probability for each color and for non-TCP packets. Range 0 to 100. drop-prob-scale The maximum drop probability. Range 0-100. Should be configured to be equal to or larger than the minimum probability.
2CSPC4.X8100-SWUM100.book Page 682 Wednesday, August 29, 2012 6:23 PM 1 - 18.75% of maximum drop probability 2 - 30.25% of maximum drop probability 3 - 43.75% of maximum drop probability 4 - 56.25% of maximum drop probability 5 - 68.75% of maximum drop probability 6 - 81.25% of maximum drop probability 7 - 92.75% of maximum drop probability Packets are dropped at 100% when the queue size exceeds the maximum value and at 0% when the queue size is below the minimum value.
2CSPC4.X8100-SWUM100.book Page 683 Wednesday, August 29, 2012 6:23 PM no random-detect exponential-weighting-constant • 0–15 — The weighting constant is used to smooth the calculation of the queue size using the following formula where the 0-15 value is N. Default Configuration The default value is 0.
2CSPC4.X8100-SWUM100.book Page 684 Wednesday, August 29, 2012 6:23 PM Command Mode Policy-Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example shows how to redirect incoming packets to port 1/0/1. console(config-policy-classmap)#redirect 1/0/1 service-policy Use the service-policy command in either Global Configuration mode (for all system interfaces) or Interface Configuration mode (for a specific interface) to attach a policy to an interface.
2CSPC4.X8100-SWUM100.book Page 685 Wednesday, August 29, 2012 6:23 PM Interface Configuration (Ethernet, Port-channel) mode (for a specific interface) User Guidelines This command effectively enables DiffServ on an interface. No separate interface administrative mode command for DiffServ is available. Use the policy-map command to configure the DiffServ policy. The service-policy direction must catch the direction given for the policy map.
2CSPC4.X8100-SWUM100.book Page 686 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays all the configuration information for the class named "Dell". console#show class-map Class L3 Class Name Reference Class Name Type Proto ------------------------------- ----- ----- ---------------------------ipv4 All ipv4 ipv6 All ipv6 stop_http_class All ipv6 match_icmp6 All ipv6 console#show class-map ipv4 Class Name...........
2CSPC4.X8100-SWUM100.book Page 687 Wednesday, August 29, 2012 6:23 PM console#show class-map stop_http_class Class Name..................................... stop_http_class Class Type..................................... All Class Layer3 Protocol..........................
2CSPC4.X8100-SWUM100.book Page 688 Wednesday, August 29, 2012 6:23 PM User Guidelines If the interface is specified, the 802.1p mapping table of the interface is displayed. If omitted, the most recent global configuration settings are displayed. Example The following example displays the dot1p traffic class mapping and user priorities.
2CSPC4.X8100-SWUM100.book Page 689 Wednesday, August 29, 2012 6:23 PM show classofservice ip-dscp-mapping Use the show classofservice ip-dscp-mapping command in Privileged EXEC mode to display the current IP DSCP mapping to internal traffic classes for a specific interface. Syntax show classofservice ip-dscp-mapping • Command is supported only globally. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 692 Wednesday, August 29, 2012 6:23 PM 58 3 59 3 60 3 61 3 62 3 63 3 console# show classofservice trust Use the show classofservice trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface.
2CSPC4.X8100-SWUM100.book Page 693 Wednesday, August 29, 2012 6:23 PM show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information, which includes the current administrative mode setting as well as the current and maximum number of DiffServ components. Syntax show diffserv Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 694 Wednesday, August 29, 2012 6:23 PM show diffserv service interface Use this command in Privileged EXEC mode to display policy service information for the specified interface. Syntax show diffserv service interface {gigabitethernet unit/slot/port| tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port} {in|out} Parameter Description Parameter Description in Show ingress policies. out Show egress policies.
2CSPC4.X8100-SWUM100.book Page 695 Wednesday, August 29, 2012 6:23 PM No policy is attached to this interface in this direction. show diffserv service interface port-channel Syntax Description show diffserv service interface port-channel channel-group {in|out} Parameter Description Parameter Description channel-group A valid port-channel in the system. (Range: 1–18) in Show ingress policies. out Show egress policies. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 696 Wednesday, August 29, 2012 6:23 PM No policy is attached to this interface in this direction show diffserv service brief Use the show diffserv service brief command in Privileged EXEC mode to display all interfaces in the system to which a DiffServ policy has been attached. Syntax show diffserv service brief Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 697 Wednesday, August 29, 2012 6:23 PM Syntax show interfaces cos-queue [{gigabitethernet unit/slot/port | port-channel port-channel-number | tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port}] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines If the interface is specified, the class-of-service queue configuration of the interface is displayed.
2CSPC4.X8100-SWUM100.book Page 698 Wednesday, August 29, 2012 6:23 PM 2 Drop 0 Weighted Tail 3 Drop 0 Weighted Tail 4 Drop 0 Weighted Tail 5 Drop 0 Weighted Tail 6 Drop 0 Weighted Tail This example displays the COS configuration for the specified interface 1/0/1. console#show interfaces cos-queue gigabitethernet 1/0/1 Interface...................................... 1/0/1 Interface Shaping Rate......................... 0 Queue Id Min.
2CSPC4.X8100-SWUM100.book Page 699 Wednesday, August 29, 2012 6:23 PM 4 Drop 0 Weighted Tail 5 Drop 0 Weighted Tail 6 Drop 0 Weighted Tail The following table lists the parameters in the examples and gives a description of each. Parameter Description Interface The port of the interface. If displaying the global configuration, this output line is replaced with a global configuration indication. Intf Shaping Rate The maximum transmission bandwidth limit for the interface as a whole.
2CSPC4.X8100-SWUM100.book Page 700 Wednesday, August 29, 2012 6:23 PM Syntax show interfaces random-detect interface-id Parameter Description Parameter Description interface-id Specify an interface type. Valid interfaces include physical ports and port channels. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 701 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays the DiffServ information. console#show policy-map Policy Name Policy Type Class Members ----------- ----------- ------------- POLY1 xxx DELL xxx DellClass DellClass show policy-map interface Use the show policy-map interface command in Privileged EXEC mode to display policy-oriented statistics information for the specified interface.
2CSPC4.X8100-SWUM100.book Page 702 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the statistics information for port te1/0/1. console#show policy-map interface te1/0/1 in Interface..................................... te1/0/1 Operational Status............................ Down Policy Name...................................
2CSPC4.X8100-SWUM100.book Page 703 Wednesday, August 29, 2012 6:23 PM Example The following example displays a summary of policy-oriented statistics information.
2CSPC4.X8100-SWUM100.book Page 704 Wednesday, August 29, 2012 6:23 PM • bw — Maximum transmission bandwidth value expressed in Kbps. (Range: 64 - 4294967295) Default Configuration This command has no default configuration. Command Mode Global Configuration mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 705 Wednesday, August 29, 2012 6:23 PM 33 RADIUS Commands Managing and determining the validity of users in a large network can be significantly simplified by making use of a single database of accessible information supplied by an Authentication Server. These servers commonly use the Remote Authentication Dial In User Service (RADIUS) protocol as defined by RFC 2865.
2CSPC4.X8100-SWUM100.book Page 706 Wednesday, August 29, 2012 6:23 PM Table 33-1. RADIUS Attributes Supported by PowerConnect Switch Service Type RADIUS Attribute Name 802.
2CSPC4.X8100-SWUM100.book Page 707 Wednesday, August 29, 2012 6:23 PM Table 33-1. RADIUS Attributes Supported by PowerConnect Switch Service Type RADIUS Attribute Name 802.
2CSPC4.X8100-SWUM100.book Page 708 Wednesday, August 29, 2012 6:23 PM • FILTER-ID – • TUNNEL-TYPE – • Used to indicate that a VLAN is to be assigned to the user when set to tunnel type VLAN (13). TUNNEL-MEDIUM-TYPE – • Name of the filter list for this user. Used to indicate the tunnel medium type. Must be set to medium type 802 (6) to enable VLAN assignment. TUNNEL-PRIVATE-GROUP-ID – Used to indicate the VLAN to be assigned to the user.
2CSPC4.X8100-SWUM100.book Page 709 Wednesday, August 29, 2012 6:23 PM aaa accounting dot1x default start-stop The aaa accounting network default start-stop group radius command has been migrated to the aaa accounting dot1x default start-stop {radius|none} command. Use the aaa accounting dot1x default start-stop command in Global Config mode to create an accounting method list. Use the no form of the command to delete a list. A list may be identified by the default keyword or a user-specified listname.
2CSPC4.X8100-SWUM100.book Page 710 Wednesday, August 29, 2012 6:23 PM Parameter Description start-stop Issue a start accounting notice at the beginning and stop accounting notice at the end of the accounted method. Accounting notices are sent when the user logs into the switch and when the user logs out of the exec mode. Accounting notifications are also sent at the beginning and at the end of the user executed command.
2CSPC4.X8100-SWUM100.book Page 711 Wednesday, August 29, 2012 6:23 PM The same list-name can be used for both exec and commands accounting types. AAA accounting for commands with RADIUS as the accounting method is not supported. TACACS+ supports both exec and commands accounting types. There is exactly one accounting method list for dot1x: default. accounting Use the accounting command in Line Config mode to apply an accounting method to a line config.
2CSPC4.X8100-SWUM100.book Page 712 Wednesday, August 29, 2012 6:23 PM User Guidelines When enabling accounting for exec mode for the current line-configuration type, users logged in with that mode will be logged out. Examples Use the following command to enable exec type accounting for telnet. console(config)#line telnet console(config-telnet)# accounting exec default acct-port Use the acct-port command to set the port that connects to the RADIUS accounting server.
2CSPC4.X8100-SWUM100.book Page 713 Wednesday, August 29, 2012 6:23 PM console(Config-acct-radius)#acct-port 56 auth-port Use the auth-port command in Radius mode to set the port number for authentication requests of the designated Radius server. Syntax auth-port auth-port-number • auth-port-number — Port number for authentication requests. (Range: 1 65535) Default Configuration The default value of the port number is 1812.
2CSPC4.X8100-SWUM100.book Page 714 Wednesday, August 29, 2012 6:23 PM server will be used until it no longer responds. RADIUS servers whose deadtime interval has not expired are skipped when searching for a new RADIUS server to contact. Syntax deadtime deadtime • deadtime — The amount of time that the unavailable server is skipped over. (Range: 0-2000 minutes) Default Configuration The default deadtime interval is 0 minutes.
2CSPC4.X8100-SWUM100.book Page 715 Wednesday, August 29, 2012 6:23 PM Default Configuration Debugging is disabled by default. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. key Use the key command to specify the encryption key which is shared with the RADIUS server. Use the "no" form of this command to remove the key. Syntax key key-string • key-string — A string specifying the encryption key (Range: 0 - 128 characters).
2CSPC4.X8100-SWUM100.book Page 716 Wednesday, August 29, 2012 6:23 PM msgauth Use the msgauth command to enable the message authenticator attribute to be used for the RADIUS Authenticating server being configured. Use the “no” form of this command to disable the message authenticator attribute. Syntax msgauth no msgauth Default Configuration The message authenticator attribute is enabled by default. Command Mode Radius mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 717 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description servername The name for the RADIUS server (Range: 1 - 32 characters). Default Configuration The default RADIUS server name is Default-RADIUS-Server. Command Mode Radius Config mode User Guidelines Names may only be set for authentication servers, not for accounting servers. Names may consist of alphanumeric characters and the underscore, dash and blanks.
2CSPC4.X8100-SWUM100.book Page 718 Wednesday, August 29, 2012 6:23 PM primary Use the primary command to specify that a configured server should be the primary server in the group of authentication servers which have the same server name. Multiple primary servers can be configured for each group of servers which have the same name.
2CSPC4.X8100-SWUM100.book Page 719 Wednesday, August 29, 2012 6:23 PM Default Configuration The default priority is 0. Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command. Example The following example specifies a priority of 10 for the designated server. console(config)#radius-server host 192.143.120.
2CSPC4.X8100-SWUM100.book Page 720 Wednesday, August 29, 2012 6:23 PM User Guidelines This command does not change the address in the IP header for the request sent to the RADIUS server. It only changes the address sent to the RADIUS server inside the RADIUS packet. Example The following example sets the NAS IP address in RADIUS attribute 4 to 192.168.10.22. console(config)#radius-server attribute 4 192.168.10.
2CSPC4.X8100-SWUM100.book Page 721 Wednesday, August 29, 2012 6:23 PM User Guidelines If only one RADIUS server is configured, it is recommended that the deadtime interval be left at 0. Example The following example sets the minimum interval for a RADIUS server will not be contacted after becoming unresponsive. console(config)#radius-server deadtime 10 radius-server host Use the radius-server host command in Global Configuration mode to specify a RADIUS server host and enter RADIUS Configuration mode.
2CSPC4.X8100-SWUM100.book Page 722 Wednesday, August 29, 2012 6:23 PM User Guidelines Radius servers are keyed by the host name, therefore it is advisable to use unique server host names. Example The following example specifies a Radius server host with the following characteristics: Server host IP address — 192.168.10.1 console(config)#radius-server host 192.168.10.
2CSPC4.X8100-SWUM100.book Page 723 Wednesday, August 29, 2012 6:23 PM Example The following example sets the authentication and encryption key for all Radius communications between the device and the Radius server to “dellserver.” console(config)#radius-server key dell-server radius-server retransmit Use the radius-server retransmit command in Global Configuration mode to specify the number of times the Radius client will retransmit requests to the Radius server.
2CSPC4.X8100-SWUM100.book Page 724 Wednesday, August 29, 2012 6:23 PM radius-server source-ip Use the radius-server source-ip command in Global Configuration mode to specify the source IP address used for communication with Radius servers. To return to the default, use the no form of this command. 0.0.0.0 is interpreted as a request to use the IP address of the outgoing IP interface. Syntax radius-server source-ip source no radius-server source-ip • source — Specifies the source IP address.
2CSPC4.X8100-SWUM100.book Page 725 Wednesday, August 29, 2012 6:23 PM • timeout — Specifies the timeout value in seconds. (Range: 1–30) Default Configuration The default value is 3 seconds. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the interval for which a switch waits for a server host to reply to 5 seconds.
2CSPC4.X8100-SWUM100.book Page 726 Wednesday, August 29, 2012 6:23 PM Example The following example of the retransmit command specifies five retries. console(config)#radius-server host 192.143.120.123 console(config-radius)#retransmit 5 show aaa servers Use the show aaa servers command to display the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS client.
2CSPC4.X8100-SWUM100.book Page 727 Wednesday, August 29, 2012 6:23 PM Field Description Configured Authentication Servers The number of RADIUS Authentication servers that have been configured. Configured Accounting Servers The number of RADIUS Accounting servers that have been configured. Named Authentication Server Groups The number of configured named RADIUS server groups. Named Accounting Server Groups The number of configured named RADIUS server groups.
2CSPC4.X8100-SWUM100.book Page 728 Wednesday, August 29, 2012 6:23 PM Global values -------------------------------------------Number of Configured Authentication Servers.... Number of Configured Accounting Servers........ Number of Named Authentication Server Groups... Number of Named Accounting Server Groups....... Number of Retransmits.......................... Timeout Duration............................... Deadtime....................................... Source IP......................................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 730 Wednesday, August 29, 2012 6:23 PM Parameter Description hostname Host name of the Radius server host. (Range: 1–158 characters). The command allows spaces in the host name when specified in double quotes. For example, console(config)#snmp-server host "host name" servername The alias used to identify the server. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 731 Wednesday, August 29, 2012 6:23 PM Field Description Malformed Responses The number of malformed RADIUS Accounting Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed accounting responses. Bad Authenticators The number of RADIUS Accounting Response packets containing invalid authenticators received from this accounting server.
2CSPC4.X8100-SWUM100.book Page 732 Wednesday, August 29, 2012 6:23 PM Field Description Malformed Access The number of malformed RADIUS Access Response packets Responses received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed access responses.
2CSPC4.X8100-SWUM100.book Page 733 Wednesday, August 29, 2012 6:23 PM Packets Dropped............................... 0 console#show radius statistics name Default_RADIUS_Server RADIUS Server Name............................ Default_RADIUS_Server Server Host Address........................... 192.168.37.200 Access Requests............................... 0.00 Access Retransmissions........................ 0 Access Accepts................................ 0 Access Rejects................................
2CSPC4.X8100-SWUM100.book Page 734 Wednesday, August 29, 2012 6:23 PM Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command. Example The following example specifies 10.240.1.23 as the source IP address. console(config)#radius-server host 192.143.120.123 console(config-radius)#source-ip 10.240.1.23 timeout Use the timeout command in Radius mode to set the timeout value in seconds for the designated Radius server.
2CSPC4.X8100-SWUM100.book Page 735 Wednesday, August 29, 2012 6:23 PM Example The following example specifies the timeout setting for the designated Radius Server. console(config)#radius-server host 192.143.120.123 console(config-radius)#timeout 20 usage Use the usage command in Radius mode to specify the usage type of the server. Syntax usage type • type — Variable can be one of the following values: login, 802.1x or all. Default Configuration The default variable setting is all.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 737 Wednesday, August 29, 2012 6:23 PM Spanning Tree Commands 34 The Multiple Spanning Tree Protocol (MSTP) component complies with IEEE 802.1s by efficiently navigating VLAN traffic over separate interfaces for multiple instances of Spanning Tree. IEEE 802.1D, Spanning Tree and IEEE 802.1w, Rapid Spanning Tree are supported through the IEEE 802.1s implementation. The difference between the RSTP and STP (IEEE 802.
2CSPC4.X8100-SWUM100.book Page 738 Wednesday, August 29, 2012 6:23 PM port. In this way, the root guard enforces the position of the root bridge. In MSTP scenario the port may be designated in one of the instances while being alternate in the CIST, and so on. Root guard is a per port (not a per port per instance command) configuration so all the MSTP instances this port participates in should not be in root role. STP BPDU Filtering - STP BPDU filtering applies to all operational edge ports.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 740 Wednesday, August 29, 2012 6:23 PM exit (mst) Use the exit command in MST mode to exit the MST configuration mode and apply all configuration changes. Syntax exit Default Configuration MST configuration. Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example shows how to exit the MST configuration mode and save changes.
2CSPC4.X8100-SWUM100.book Page 741 Wednesday, August 29, 2012 6:23 PM Default Configuration VLANs are mapped to the common and internal spanning tree (CIST) instance (instance 0). Command Mode MST mode User Guidelines Before mapping VLANs to an instance use the spanning-tree mst enable command to enable the instance. All VLANs that are not explicitly mapped to an MST instance are mapped to the common and internal spanning tree (CIST) instance (instance 0) and cannot be unmapped from the CIST.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 743 Wednesday, August 29, 2012 6:23 PM Syntax name string • string — Case sensitive MST configuration name. (Range: 1-32 characters) Default Configuration Bridge address. Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example sets the configuration name to “region1”.
2CSPC4.X8100-SWUM100.book Page 744 Wednesday, August 29, 2012 6:23 PM Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example sets the configuration revision to 1. console(config)#spanning-tree mst configuration console(config-mst)#revision 1 show spanning-tree Use the show spanning-tree command in Privileged EXEC mode to display the spanning-tree configuration.
2CSPC4.X8100-SWUM100.book Page 745 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Examples The following examples display spanning-tree information.
2CSPC4.X8100-SWUM100.book Page 746 Wednesday, August 29, 2012 6:23 PM Name State Restricted Prio.Nbr Cost Sts Role ----------- -------- --------- --------- ---- ----- ---- Gi1/0/1 Enabled 128.1 20000 FWD Root No Gi1/0/2 Enabled 128.2 0 DIS Disb No Gi1/0/3 Enabled 128.3 0 DIS Disb No Gi1/0/4 Enabled 128.4 0 DIS Disb No console#show spanning-tree gigabitethernet 1/0/1 Port Gi1/0/1 Enabled State: Forwarding Root Role: Port id: 128.
2CSPC4.X8100-SWUM100.book Page 747 Wednesday, August 29, 2012 6:23 PM TCN Guard...................................... FALSE Auto Portfast.................................. TRUE Port Up Time Since Counters Last Cleared.......
2CSPC4.X8100-SWUM100.book Page 748 Wednesday, August 29, 2012 6:23 PM Port Gi1/0/1 Enabled State: Forwarding Root Role: Port id: 128.1 Cost: 20000 Port Root Protection: No Designated bridge Priority: 32768 Address: 0010.1882.1C53 Designated port id: 128.
2CSPC4.X8100-SWUM100.book Page 749 Wednesday, August 29, 2012 6:23 PM Priority 32768 Address 001E.C9AA.AD1B Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 1 last change occurred 0d0h17m15s ago Times: hold 6, hello 2, max age 20, forward delay 15 Port Gi1/0/1 Enabled State: Forwarding Root Role: Port id: 128.1 Cost: 20000 Port Root Protection: No Designated bridge Priority: 32768 Address: 0010.1882.1C53 Designated port id: 128.
2CSPC4.X8100-SWUM100.book Page 750 Wednesday, August 29, 2012 6:23 PM Designated bridge Priority: 32768 Address: 001E.C9AA.AD1B Designated port id: 128.
2CSPC4.X8100-SWUM100.book Page 751 Wednesday, August 29, 2012 6:23 PM show spanning-tree summary Use the show spanning-tree summary command to display spanning tree settings and parameters for the switch. Syntax show spanning-tree summary Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 752 Wednesday, August 29, 2012 6:23 PM MST Instances List of all multiple spanning tree instances configured on the switch. Example console#show spanning-tree summary Spanning Tree Adminmode........... Enabled Spanning Tree Version............. IEEE 802.1w BPDU Guard Mode................... Disabled BPDU Flood Mode................... Disabled BPDU Filter Mode.................. Disabled Configuration Name................ 00-1E-C9-AA-AC-84 Configuration Revision Level......
2CSPC4.X8100-SWUM100.book Page 753 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example enables spanning-tree functionality. console(config)#spanning-tree spanning-tree auto-portfast Use the spanning-tree auto-portfast command to set the port to auto portfast mode. This enables the port to become a portfast port if it does not see any BPDUs for 3 seconds. Use the no form of this command to disable auto portfast mode.
2CSPC4.X8100-SWUM100.book Page 754 Wednesday, August 29, 2012 6:23 PM spanning-tree bpdu flooding The spanning-tree bpdu flooding command allows flooding of BPDUs received on non-spanning-tree ports to all other non-spanning-tree ports. Use the “no” form of the command to disable flooding. Syntax spanning-tree bpdu flooding no spanning-tree bpdu flooding Default Configuration This feature is disabled by default.
2CSPC4.X8100-SWUM100.book Page 755 Wednesday, August 29, 2012 6:23 PM RSTP provides BPDU protection function against such attack. After BPDU protection function is enabled on a switch, the system disables an edge port that has received BPDU and notifies the network manager about it. The disabled port can only be enabled by the no version of the command. Syntax spanning-tree bpdu-protection no spanning-tree bpdu-protection Default Configuration BPDU protection is not enabled.
2CSPC4.X8100-SWUM100.book Page 756 Wednesday, August 29, 2012 6:23 PM Default Configuration The default cost is 0, which signifies that the cost is automatically calculated based on port speed. • 10G Port path cost — 2000 • Port Channel — 20,000 • 1000 mbps (giga) — 20,000 • 100 mbps — 200,000 • 10 mbps — 2,000,000 Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines This command configures the external cost.
2CSPC4.X8100-SWUM100.book Page 757 Wednesday, August 29, 2012 6:23 PM Default Configuration By default, all ports are enabled for spanning-tree. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines This command has no user guidelines. Example The following example disables spanning-tree on 1/0/5.
2CSPC4.X8100-SWUM100.book Page 758 Wednesday, August 29, 2012 6:23 PM User Guidelines When configuring the Forward-Time the following relationship should be satisfied: 2*(Forward-Time - 1) >= Max-Age. Example The following example configures spanning-tree bridge forward time to 25 seconds. console(config)#spanning-tree forward-time 25 spanning-tree guard The spanning-tree guard command selects whether loop guard or root guard is enabled on an interface.
2CSPC4.X8100-SWUM100.book Page 759 Wednesday, August 29, 2012 6:23 PM Example The following example disables spanning-tree guard functionality on gigabit ethernet interface 4/0/1. console#config console(config)#interface gigabitethernet 4/0/1 console(config-if-4/0/1)#spanning-tree guard none spanning-tree loopguard Use the spanning-tree loopguard command to enable loop guard on all ports. Use the “no” form of this command to disable loop guard on all ports.
2CSPC4.X8100-SWUM100.book Page 760 Wednesday, August 29, 2012 6:23 PM spanning-tree max-age Use the spanning-tree max-age command in Global Configuration mode to configure the spanning-tree bridge maximum age. To reset the default maximum age, use the no form of this command. Syntax spanning-tree max-age seconds no spanning-tree max-age • seconds -Time in seconds. (Range: 6–40) Default Configuration The default max-age for IEEE STP is 20 seconds.
2CSPC4.X8100-SWUM100.book Page 761 Wednesday, August 29, 2012 6:23 PM Syntax spanning-tree max-hops hops no spanning-tree max-hops • hops — The maximum number of hops to use (Range: 6 to 40). Default Configuration The maximum number of hops is 20 by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 762 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines In RSTP mode, the switch would use STP when the neighbor switch is using STP. In MSTP mode, the switch would use RSTP when the neighbor switch is using RSTP and would use STP when the neighbor switch is using STP. Example The following example configures the spanning-tree protocol to MSTP.
2CSPC4.X8100-SWUM100.book Page 763 Wednesday, August 29, 2012 6:23 PM console (config-mst)#instance 1 add vlan 10-20 console (config-mst)#name region1 console (config-mst)#revision 1 spanning-tree mst cost Use the spanning-tree mst cost command in Interface Configuration mode to configure the internal path cost for multiple spanning tree (MST) calculations. If a loop occurs, the spanning tree considers path cost when selecting an interface to put in the forwarding state.
2CSPC4.X8100-SWUM100.book Page 764 Wednesday, August 29, 2012 6:23 PM Example The following example configures the MSTP instance 1 path cost for interface 1/0/9 to 4. console(config)#interface gigabitethernet 1/0/9 console(config-if-1/0/9)#spanning-tree mst 1 cost 4 spanning-tree mst port-priority Use the spanning-tree mst port-priority command in Interface Configuration mode to configure port priority. To return to the default port priority, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 765 Wednesday, August 29, 2012 6:23 PM Example The following example configures the port priority of gigabit Ethernet interface 1/0/5 to 144. console(config)#interface gigabitethernet 1/0/5 console(config-if)#spanning-tree mst 1 port-priority 144 spanning-tree mst priority Use the spanning-tree mst priority command in Global Configuration mode to set the switch priority for the specified spanning-tree instance.
2CSPC4.X8100-SWUM100.book Page 766 Wednesday, August 29, 2012 6:23 PM The switch with the lowest priority is selected as the root of the spanning tree. Example The following example configures the spanning tree priority of instance 1 to 4096. console(config)#spanning-tree mst 1 priority 4096 spanning-tree portfast Use the spanning-tree portfast command in Interface Configuration mode to enable PortFast mode.
2CSPC4.X8100-SWUM100.book Page 767 Wednesday, August 29, 2012 6:23 PM Example The following example enables PortFast on 1/0/5. console(config)#interface gigabitethernet 1/0/5 console(config-if-1/0/5)#spanning-tree portfast spanning-tree portfast bpdufilter default The spanning-tree portfast bpdufilter default command discards BPDUs received on spanning-tree ports in portfast mode. Use the “no” form of the command to disable discarding.
2CSPC4.X8100-SWUM100.book Page 768 Wednesday, August 29, 2012 6:23 PM Syntax spanning-tree portfast default no spanning-tree portfast default Default Configuration Portfast mode is disabled by default. Command Mode Global Configuration mode Usage Guidelines This command only applies to access ports. NOTE: This command should be used with care.
2CSPC4.X8100-SWUM100.book Page 769 Wednesday, August 29, 2012 6:23 PM Default Configuration The default port-priority for IEEE STP is 128. The default port-priority for a LAG (port-channel) is 96. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines The priority value must be a multiple of 16. Example The following example configures the spanning priority on 1/0/5 to 96.
2CSPC4.X8100-SWUM100.book Page 770 Wednesday, August 29, 2012 6:23 PM User Guidelines The priority value must be a multiple of 4096. The switch with the lowest priority is the root of the spanning tree. Example The following example configures spanning-tree priority to 12288. console(config)#spanning-tree priority 12288 spanning-tree tcnguard Use the spanning-tree tcnguard command to prevent a port from propagating topology change notifications. Use the “no” form of the command to enable TCN propagation.
2CSPC4.X8100-SWUM100.book Page 771 Wednesday, August 29, 2012 6:23 PM spanning-tree transmit hold-count Use the spanning-tree transmit hold-count command to set the maximum number of BPDUs that a bridge is allowed to send within a hello time window (2 seconds). Use the no form of this command to reset the hold count to the default value. Syntax spanning-tree transmit [hold-count] [value] no spanning-tree transmit • value — The maximum number of BPDUs to send (Range: 1–10).
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 773 Wednesday, August 29, 2012 6:23 PM 35 TACACS+ Commands TACACS+ provides access control for networked devices via one or more centralized servers, similar to RADIUS this protocol simplifies authentication by making use of a single database that can be shared by many clients on a large network. TACACS+ is based on the TACACS protocol (described in RFC1492) but additionally provides for separate authentication, authorization and accounting services.
2CSPC4.X8100-SWUM100.book Page 774 Wednesday, August 29, 2012 6:23 PM show tacacs timeout key Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server. This key must match the key used on the TACACS daemon. Syntax key [key-string] • key-string — To specify the key name. (Range: 1–128 characters) Default Configuration If left unspecified, the key-string parameter defaults to the global value.
2CSPC4.X8100-SWUM100.book Page 775 Wednesday, August 29, 2012 6:23 PM Default Configuration The default port number is 49. Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to specify server port number 1200. console(tacacs)#port 1200 priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used, where 0 (zero) is the highest priority.
2CSPC4.X8100-SWUM100.book Page 776 Wednesday, August 29, 2012 6:23 PM console(tacacs)#priority 10000 show tacacs Use the show tacacs command in Privileged EXEC mode to display the configuration and statistics of a TACACS+ server. Syntax show tacacs [ip-address] • ip-address — The name or IP address of the host. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 777 Wednesday, August 29, 2012 6:23 PM tacacs-server host Use the tacacs-server host command in Global Configuration mode to configure a TACACS+ server. This command enters into the TACACS+ configuration mode. To delete the specified hostname or IP address, use the no form of this command. Syntax tacacs-server host {ip-address | hostname} no tacacs-server host {ip-address | hostname} • ip-address — The IP address of the TACACS+ server.
2CSPC4.X8100-SWUM100.book Page 778 Wednesday, August 29, 2012 6:23 PM tacacs-server key Use the tacacs-server key command in Global Configuration mode to set the authentication and encryption key for all TACACS+ communications between the switch and the TACACS+ daemon. To disable the key, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 779 Wednesday, August 29, 2012 6:23 PM tacacs-server timeout Use the tacacs-server timeout command in Global Configuration mode to set the interval during which a switch waits for a server host to reply. To restore the default, use the no form of this command. Syntax tacacs-server timeout [timeout] no tacacs-server timeout • timeout — The timeout value in seconds. (Range: 1–30) Default Configuration The default value is 5 seconds.
2CSPC4.X8100-SWUM100.book Page 780 Wednesday, August 29, 2012 6:23 PM Default Configuration If left unspecified, the timeout defaults to the global value. Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines. Example This example shows how to specify the timeout value.
2CSPC4.X8100-SWUM100.book Page 781 Wednesday, August 29, 2012 6:23 PM UDLD Commands 36 The UDLD feature detects unidirectional links on physical ports. A unidirectional link is a forwarding anomaly in a Layer 2 communication channel in which a bi-directional link stops passing traffic in one direction. UDLD must be enabled on the both sides of the link in order to detect a unidirectional link. The UDLD protocol operates by exchanging packets containing information about neighboring devices.
2CSPC4.X8100-SWUM100.book Page 782 Wednesday, August 29, 2012 6:23 PM recognize only the sending failures on unidirectional links. If all devices in the network support UDLD, this functionality is enough to detect all unidirectional links. Processing UDLD Traffic from Neighbors Every UDLD-capable device collects information about all other UDLDcapable devices. Each device populates UDLD echo packets with collected neighbor information to help neighbors identify unidirectional links.
2CSPC4.X8100-SWUM100.book Page 783 Wednesday, August 29, 2012 6:23 PM UDLD will put the port into the shutdown state in the following cases: a When there is a loopback. The device ID and port ID sent out on a port is received back. b UDLD PDU is received from a partner does not have its own details (echo). c Bidirectional connection is established and no UDLD packets are received from the partner device within three times the message interval.
2CSPC4.X8100-SWUM100.book Page 784 Wednesday, August 29, 2012 6:23 PM Command Mode Global Config mode User Guidelines This command globally enables UDLD. Interfaces which are not connected or enabled at the Ethernet layer at the time the command is issued will be enabled for UDLD when connected or enabled. udld reset Use the udld reset command in Privileged EXEC mode to reset (enable) all interfaces disabled by UDLD. Syntax udld reset Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 785 Wednesday, August 29, 2012 6:23 PM udld message time Use the udld message time command in Global Config mode to configure the interval between the transmission of UDLD probe messages on ports that are in the advertisement phase. Use the no form of the command to return the message transmission interval to the default value.
2CSPC4.X8100-SWUM100.book Page 786 Wednesday, August 29, 2012 6:23 PM Use the no form of the command to return the value to the default setting. Syntax udld timeout interval timeout-interval no udld timeout interval Parameter Description Parameter Description timeout-interval UDLD timeout interval. Range is 5 to 60 seconds. Default Configuration The default timeout interval is 5 seconds.
2CSPC4.X8100-SWUM100.book Page 787 Wednesday, August 29, 2012 6:23 PM Command Mode Interface (physical) Config mode User Guidelines UDLD cannot be enabled on a port channel. Instead, enable UDLD on the physical interfaces of a port channel. udld port Use the udld port command in Interface (physical) Config mode to select the UDLD operating mode on a specific interface. Use the no form of the command to reset the operating mode to the default (normal).
2CSPC4.X8100-SWUM100.book Page 788 Wednesday, August 29, 2012 6:23 PM show udld Use the show udld command in User EXEC or Privileged EXEC mode to display the global settings for UDLD. Syntax show udld [interface-id|all] Field Description When no interface is specified, the following fields are shown: Field Description Admin Mode The global administrative mode of UDLD. Message Interval The time period (in seconds) between the transmission of UDLD probe packets.
2CSPC4.X8100-SWUM100.book Page 789 Wednesday, August 29, 2012 6:23 PM Field Description UDLD Status The status of the link as determined by UDLD. The options are: • Undetermined – UDLD has not collected enough information to determine the state of the port. • Not applicable – UDLD is disabled, either globally or on the port. • Shutdown – UDLD has detected a unidirectional link and shutdown the port. That is, the port is in an errDisabled state. • Bidirectional - UDLD has detected a bidirectional link.
2CSPC4.X8100-SWUM100.book Page 790 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description Packet Display transmitted and received UDLD packets. Receive Debug packets received by the switch. Transmit Debug packets transmitted by the switch. Events Display UDLD events. Default Configuration By default, debugging is disabled. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 791 Wednesday, August 29, 2012 6:23 PM VLAN Commands 37 PowerConnect 802.1Q VLANs are an implementation of the Virtual Local Area Network, specification 802.1Q. Operating at Layer 2 of the OSI model, the VLAN is a means of parsing a single network into logical user groups or organizations as if they physically resided on a dedicated LAN segment of their own. In reality, this virtually defined community may have individual members scattered across a large, extended LAN.
2CSPC4.X8100-SWUM100.book Page 792 Wednesday, August 29, 2012 6:23 PM two TPID values can be different or the same. VLAN normalization, source MAC learning, and forwarding are based on the S-TAG value in a received frame. PowerConnect supports configuring one outer VLAN TPID value per switch. The global default TPID is 0x88A8, which indicates a Virtual Metropolitan Area Network (VMAN).
2CSPC4.X8100-SWUM100.book Page 793 Wednesday, August 29, 2012 6:23 PM its own VLAN. Additionally, protocol-based classification allows an administrator to assign nonrouting protocols, such as NetBIOS or DECnet, to larger VLANs than routing protocols like IPX or IP. This maximizes the efficiency gains that are possible with VLANs. In port-based VLAN classification, the Port VLAN Identifier (PVID) is associated with the physical ports.
2CSPC4.X8100-SWUM100.book Page 794 Wednesday, August 29, 2012 6:23 PM • Isolated VLAN Is a secondary VLAN. It carries traffic from isolated ports to promiscuous ports. Only one isolated VLAN can be configured per private VLAN. • Community VLAN Is a secondary VLAN. It forwards traffic between ports which belong to the same community and to the promiscuous ports. There can be multiple community VLANs per private VLAN.
2CSPC4.X8100-SWUM100.book Page 795 Wednesday, August 29, 2012 6:23 PM Figure 37-1. Private VLANs Isolated VLAN An endpoint connected over an isolated VLAN is allowed to communicate with endpoints connected to promiscuous ports only. Endpoints connected to adjacent endpoints over an isolated VLAN cannot communicate with each other.
2CSPC4.X8100-SWUM100.book Page 796 Wednesday, August 29, 2012 6:23 PM In order to enable Private VLAN operation across multiple switches which are not stacked, the inter-switch links should carry VLANs which belong to a private VLAN. The trunk ports which connect neighbor switches have to be assigned to the primary, isolated, and community VLANs of a private VLAN. In regular VLANs, ports in the same VLAN switch traffic at L2.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 798 Wednesday, August 29, 2012 6:23 PM Default Configuration The default for this command is 802.1Q. The default S-TAG TPID, when double-tagging is enabled, is 0x88A8. The default C-TAG TPID when double vlan tagging is enabled is 0x8100. Command Mode Global Configuration mode User Guidelines This command configures the TPID value on the outer VLAN (S-VLAN).
2CSPC4.X8100-SWUM100.book Page 799 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description vlan-id The ID of a valid VLAN (Range 1–4093). nsf-index Internal interface ID. This optional parameter is automatically generated by the system and does not need to be entered by the user. The nsf-index parameter is listed in the configuration file and the running configuration for all VLAN routing interfaces.
2CSPC4.X8100-SWUM100.book Page 800 Wednesday, August 29, 2012 6:23 PM • vlan-range — A list of valid VLAN IDs to add. Separate nonconsecutive VLAN IDs with a comma and no spaces; use a hyphen to designate a range of IDs. (Range: 2–4093) • all — All existing static VLANs. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Commands used in the interface range context are executed independently on each interface in the range.
2CSPC4.X8100-SWUM100.book Page 801 Wednesday, August 29, 2012 6:23 PM Default Configuration By default, Double VLAN Tunneling is disabled. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines Use the global configuration command dvlan-tunnel ethertype to configure the inner and outer TPIDs. Example The following example displays how to enable Double VLAN Tunneling at gigabit ethernet port 1/0/1.
2CSPC4.X8100-SWUM100.book Page 802 Wednesday, August 29, 2012 6:23 PM Command Mode VLAN Configuration mode User Guidelines The VLAN name may include any alphanumeric characters including a space, underscore, or dash. Enclose the string in double quotes to include spaces within the name. The surrounding quotes are not used as part of the name. The CLI does not filter illegal characters and may truncate entries at the first illegal character or reject the entry entirely.
2CSPC4.X8100-SWUM100.book Page 803 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to attach the VLAN ID "100" to the protocol-based VLAN group "3.
2CSPC4.X8100-SWUM100.book Page 804 Wednesday, August 29, 2012 6:23 PM • groupid — The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command. Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 805 Wednesday, August 29, 2012 6:23 PM • groupid — The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 806 Wednesday, August 29, 2012 6:23 PM Example The following example shows how to display all interfaces for Double VLAN Tunneling. console#show dvlan-tunnel Interfaces Enabled for DVLAN Tunneling......... 1/0/1 show dvlan-tunnel interface Use the show dvlan-tunnel interface command in Privileged EXEC mode to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces.
2CSPC4.X8100-SWUM100.book Page 807 Wednesday, August 29, 2012 6:23 PM Field Description Mode This field specifies the administrative mode through which Double VLAN Tunneling can be enabled or disabled. The default value for this field is disabled. Interface Interface Number. EtherType This field represents a 2-byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel. The three different EtherType tags are: (1) 802.1Q, which represents the commonly used value of 0x8100.
2CSPC4.X8100-SWUM100.book Page 808 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Interface Config mode and all Config sub-modes User Guidelines Do not configure private VLANs on ports configured with any of these features: • Link Aggregation Control Protocol (LACP) • Multicast VLAN Registration (MVR) • Voice VLAN It is recommended that the private VLAN host ports be configured as spanning-tree portfast.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 812 Wednesday, August 29, 2012 6:23 PM • groupid — The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command. • all — Enter all to show all interfaces. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 813 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description vlanid VLAN identifier vlan-name A valid VLAN name (Range 1-32 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays information for VLAN id 1, 2 and 3.
2CSPC4.X8100-SWUM100.book Page 814 Wednesday, August 29, 2012 6:23 PM console#show vlan id 3 VLAN Name ----- ----------------------3 VLAN0003 (GVRP) Ports Type ------------- ----- Gi1/0/21-24 Dynamic show vlan association mac Use the show vlan association mac command in Privileged EXEC mode to display the VLAN associated with a specific configured MAC address. If no MAC address is specified, the VLAN associations of all the configured MAC addresses are displayed.
2CSPC4.X8100-SWUM100.book Page 815 Wednesday, August 29, 2012 6:23 PM MAC Address VLAN ID ----------------------- ------- 0001.0001.0001.0001 1 console# show vlan association subnet Use the show vlan association subnet command in Privileged EXEC mode to display the VLAN associated with a specific configured IP-Address and netmask. If no IP Address and net mask are specified, the VLAN associations of all the configured IP-subnets are displayed.
2CSPC4.X8100-SWUM100.book Page 816 Wednesday, August 29, 2012 6:23 PM The IP Subnet to VLAN association does not exist. switchport access vlan Use the switchport access vlan command in Interface Configuration mode to configure the VLAN ID when the interface is in access mode. To reconfigure the default, use the no form of this command. Syntax switchport access vlan vlan-id no switchport access vlan • vlan-id — A valid VLAN ID of the VLAN to which the port is configured.
2CSPC4.X8100-SWUM100.book Page 817 Wednesday, August 29, 2012 6:23 PM switchport forbidden vlan Use the switchport forbidden vlan command in Interface Configuration mode to forbid adding specific VLANs to a port. To revert to allowing the addition of specific VLANs to the port, use the remove parameter of this command. Syntax switchport forbidden vlan {add vlan-list | remove vlan-list} • add vlan-list — List of valid VLAN IDs to add to the forbidden list.
2CSPC4.X8100-SWUM100.book Page 818 Wednesday, August 29, 2012 6:23 PM switchport general acceptable-frame-type tagged-only Use the switchport general acceptable-frame-type tagged-only command in Interface Configuration mode to discard untagged frames at ingress. To enable untagged frames at ingress, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 819 Wednesday, August 29, 2012 6:23 PM switchport general allowed vlan remove vlan-list • add vlan-list — List of VLAN IDs to add. Separate nonconsecutive VLAN IDs with a comma and no spaces. Use a hyphen to designate a range of IDs. • remove vlan-list — List of VLAN IDs to remove. Separate nonconsecutive VLAN IDs with a comma and no spaces. Use a hyphen to designate a range of IDs. • tagged — Sets the port to transmit tagged packets for the VLANs.
2CSPC4.X8100-SWUM100.book Page 820 Wednesday, August 29, 2012 6:23 PM Syntax switchport general ingress-filtering disable no switchport general ingress-filtering disable Default Configuration Ingress filtering is enabled. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines This command has no user guidelines. Example The following example shows how to enables port ingress filtering on 1/0/8.
2CSPC4.X8100-SWUM100.book Page 821 Wednesday, August 29, 2012 6:23 PM Default Configuration The default value for the vlan-id parameter is 1 when the VLAN is enabled. Otherwise, the value is 4093. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet, fortygigabitethernet) mode User Guidelines This command has no user guidelines. Example The following example shows how to configure the PVID for 1/0/8, when the interface is in general mode.
2CSPC4.X8100-SWUM100.book Page 822 Wednesday, August 29, 2012 6:23 PM Parameter Description trunk A trunk port connects two switches. A trunk port may belong to multiple VLANs. A trunk port accepts only packets tagged with the VLAN IDs of the VLANs to which the trunk is a member or untagged packets if configured with a PVID. A trunk only transmits tagged packets. general Full 802.1q support VLAN interface. A general mode port is a combination of both trunk and access ports capabilities.
2CSPC4.X8100-SWUM100.book Page 823 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description vlan–list Set the list of allowed VLANs that can receive and send traffic on this interface in tagged format when in trunking mode. The default is all. The vlan–list format is as follows: The vlan-list format is all | [add | remove | except] vlan–atom [, vlan–atom...] where: all specifies all VLANs from 1 to 4093.
2CSPC4.X8100-SWUM100.book Page 824 Wednesday, August 29, 2012 6:23 PM Example console(config-if-Gi1/0/1)#switchport trunk allowed vlan 1-1024 console(config-if-Gi1/0/1)#switchport trunk allowed vlan except 1,2,3,5,7,11,13 vlan Use the vlan command in VLAN Database mode to configure a VLAN. To delete a VLAN, use the no form of this command. Syntax vlan vlan-range no vlan vlan-range • vlan-range — A list of valid VLAN IDs to be added.
2CSPC4.X8100-SWUM100.book Page 825 Wednesday, August 29, 2012 6:23 PM vlan (Global Config) Use the vlan command in Global Configuration mode to configure a VLAN. To delete a VLAN, use the no form of this command. Syntax vlan {vlan–id | vlan–range} no vlan {vlan–id | vlan–range} Parameter Description Parameter Description vlan–id A valid VLAN ID. (Range: 2–4093) vlan–range A list of valid VLAN IDs. List separate, non-consecutive VLAN IDs separated by commas (without spaces).
2CSPC4.X8100-SWUM100.book Page 826 Wednesday, August 29, 2012 6:23 PM vlan association mac Use the vlan association mac command in VLAN Config mode to associate a MAC address to a VLAN. The maximum number of MAC-based VLANs is 256. Only packets with a matching source IP address are placed in the VLAN. Syntax vlan association mac mac-address no vlan association mac mac-address mac-address — MAC address to associate to the VLAN. (Range: Any MAC address in the format xxxx.xxxx.
2CSPC4.X8100-SWUM100.book Page 827 Wednesday, August 29, 2012 6:23 PM no vlan association subnet ip-address subnet-mask • ip-address — Source IP address. (Range: Any valid IP address) • subnet-mask — Subnet mask. (Range: Any valid subnet mask) Default Configuration No assigned ip-subnet. Command Mode VLAN Config mode User Guidelines This command has no user guidelines. Example The following example associates the 192.168.0.xxx IP address with VLAN ID 1.
2CSPC4.X8100-SWUM100.book Page 828 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example enters the VLAN database mode. console(config)#vlan database console(config-vlan)# vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined). The ID is a valid VLAN identification number. VLAN range is 24093.
2CSPC4.X8100-SWUM100.book Page 829 Wednesday, August 29, 2012 6:23 PM vlan protocol group Use the vlan protocol group command in Global Configuration mode to add protocol-based groups to the system. When a protocol group is created, it is assigned a unique group ID number. The group ID is used to identify the group in subsequent commands. Use the no form of the command to remove the specified VLAN protocol group name from the system.
2CSPC4.X8100-SWUM100.book Page 830 Wednesday, August 29, 2012 6:23 PM vlan protocol group add protocol Use the vlan protocol group add protocol command in Global Configuration mode to add a protocol to the protocol-based VLAN groups identified by groupid. A group may have more than one protocol associated with it. Each interface and protocol combination can be associated with one group only.
2CSPC4.X8100-SWUM100.book Page 831 Wednesday, August 29, 2012 6:23 PM console(config)#vlan protocol group add protocol 2 ethertype 0xXXXX vlan protocol group name This is a new command for assigning a group name to vlan protocol group id. Syntax vlan protocol group name groupid groupName no vlan protocol group name groupid • groupid—The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command.
2CSPC4.X8100-SWUM100.book Page 832 Wednesday, August 29, 2012 6:23 PM Syntax vlan protocol group remove groupid • groupid — The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 833 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description host-association Defines VLAN associations for community or host ports. mapping Defines the private VLAN mapping for promiscuous ports. primary-vlan-id Primary VLAN ID of a private VLAN. secondary-vlan-id Secondary (isolated or community) VLAN ID of a private VLAN. add Associates the secondary VLAN with the primary one.
2CSPC4.X8100-SWUM100.book Page 834 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description host-association Configure the interface as a private VLAN host port. Host ports are community or isolated ports, depending on the VLAN to which they belong. promiscuous Configure the interface as a private VLAN promiscuous port. Promiscuous ports are members of the primary VLAN. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 835 Wednesday, August 29, 2012 6:23 PM no private-vlan [association] Parameter Description The command displays the following information: Parameter Description association Defines an association between the primary VLAN and secondary VLANs. primary Specify that the selected VLAN is the primary VLAN. community Specify that the selected VLAN is the community VLAN. isolated Specify that the selected VLAN is the isolated VLAN.
2CSPC4.X8100-SWUM100.book Page 836 Wednesday, August 29, 2012 6:23 PM VLAN 1 cannot be configured in a private VLAN configuration.
2CSPC4.X8100-SWUM100.book Page 837 Wednesday, August 29, 2012 6:23 PM Parameter Description The command displays the following information. Parameter Description Primary Primary VLAN ID. Secondary Secondary VLAN ID. Type Secondary VLAN type. Use the type parameter to display only private VLAN ID and its type. Ports Ports that are associated with a private VLAN. Default Configuration This command has no default setting.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 839 Wednesday, August 29, 2012 6:23 PM Voice VLAN Commands 38 The Voice VLAN feature enables switch ports to carry voice traffic with an administrator-defined priority so as to enable prioritization of voice traffic over data traffic. Using Voice VLAN helps to ensure that the sound quality of an IP phone is protected from deterioration when the data traffic utilization on the port is high.
2CSPC4.X8100-SWUM100.book Page 840 Wednesday, August 29, 2012 6:23 PM Commands in this Chapter This chapter explains the following commands: voice vlan voice vlan data priority voice vlan (Interface) show voice vlan voice vlan This command is used to enable the voice vlan capability on the switch. Syntax voice vlan no voice vlan Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines Not applicable Default Value This feature is disabled by default.
2CSPC4.X8100-SWUM100.book Page 841 Wednesday, August 29, 2012 6:23 PM Syntax voice vlan {vlanid | dot1p priority | none | untagged | data priority {trust | untrust} | auth { enable | disable} | dscp dscp} no voice vlan Parameter Description Parameter Description auth Enables/disables authentication on the voice vlan port. data Observe the priority on received voice vlan traffic (trusted mode). dot1p Configure Voice VLAN 802.1p priority tagging for voice traffic.
2CSPC4.X8100-SWUM100.book Page 842 Wednesday, August 29, 2012 6:23 PM Example console(config-if-Gi1/0/1)#voice vlan 1 console(config-if-Gi1/0/1)#voice vlan dot1p 1 console(config-if-Gi1/0/1)#voice vlan none console(config-if-Gi1/0/1)#voice vlan untagged voice vlan data priority This command is to either trust or not trust (untrust) the data traffic arriving on the voice VLAN port.
2CSPC4.X8100-SWUM100.book Page 843 Wednesday, August 29, 2012 6:23 PM Syntax When the interface parameter is not specified, only the global mode of the voice VLAN is displayed. When the interface parameter is specified, the following is displayed: When the interface parameter is specified: Voice VLAN Mode The admin mode of the voice VLAN on the interface. Voice VLAN ID The voice VLAN ID. Voice VLAN Priority The Dot1p priority for the voice VLAN on the port.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 845 Wednesday, August 29, 2012 6:23 PM 39 802.1x Commands Local Area Networks (LANs) are often deployed in environments that permit the attachment of unauthorized devices. The networks also permit unauthorized users to attempt to access the LAN through existing equipment. In such environments, the administrator may desire to restrict access to the services offered by the LAN.
2CSPC4.X8100-SWUM100.book Page 846 Wednesday, August 29, 2012 6:23 PM Whenever an operator configures a port in Dot1x authentication mode and selects the authentication method as internal, then the user credentials received from the Dot1x supplicant is validated against the IDAS by Dot1x component. The Dot1x application accesses the Dot1x user database to check whether the user credentials present in the authentication message corresponds to a valid user or not.
2CSPC4.X8100-SWUM100.book Page 847 Wednesday, August 29, 2012 6:23 PM Guest VLAN The Guest VLAN feature allows a PowerConnect switch to provide a distinguished service to unauthenticated users (not rogue users who fail authentication). This feature provides a mechanism to allow visitors and contractors to have network access to reach external network with no ability to surf internal LAN. When a client that does not support 802.1X is connected to an unauthorized port that is 802.
2CSPC4.X8100-SWUM100.book Page 848 Wednesday, August 29, 2012 6:23 PM client is authenticated and is undisturbed by the failure condition(s). The reasons for failure are logged and buffered into the local logging database such that the operator can track the failure conditions. Clients authenticated when monitor mode is enabled are always assigned to the default VLAN, regardless of the RADIUS assignment.
2CSPC4.X8100-SWUM100.book Page 849 Wednesday, August 29, 2012 6:23 PM dot1x system-auth-control show dot1x authentication- – history 802.1x Advanced Features dot1x guest-vlan dot1x unauth-vlan show dot1x advanced dot1x dynamic-vlan enable Use the dot1x dynamic-vlan enable command in Global Configuration mode to enable the capability of creating VLANs dynamically when a RADIUS–assigned VLAN does not exist in the switch. Use the no form of the command to disable this capability.
2CSPC4.X8100-SWUM100.book Page 850 Wednesday, August 29, 2012 6:23 PM dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is auto or mac-based. If the control mode is not auto or mac-based, an error will be returned. Syntax dot1x initialize [interface interface-id] Syntax Description Parameter Description interface-id The port to be initialized.
2CSPC4.X8100-SWUM100.book Page 851 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (Ethernet) mode User Guidelines Authentication of a user via mac-auth-bypass will not occur until the "dot1x time-out guest-vlan-period" timer expires.
2CSPC4.X8100-SWUM100.book Page 852 Wednesday, August 29, 2012 6:23 PM Example The following example sets the number of times that the switch sends an EAP-request/identity frame to 6. console(config)# interface gigabitethernet 1/0/16 console(config-if-1/0/16)# dot1x max-req 6 dot1x max-users Use the dot1x max-users command in Interface Configuration mode to set the maximum number of clients supported on the port when MAC-based 802.1X authentication is enabled on the port.
2CSPC4.X8100-SWUM100.book Page 853 Wednesday, August 29, 2012 6:23 PM dot1x port-control Use the dot1x port-control command in Interface Configuration mode to enable the IEEE 802.1X operation on the port. Syntax dot1x port-control {force-authorized | force-unauthorized | auto | macbased} no dot1x port-control • auto — Enables 802.1x authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.
2CSPC4.X8100-SWUM100.book Page 854 Wednesday, August 29, 2012 6:23 PM When configuring a port to use MAC-based authentication, the port must be in switchport general mode. Example The following command enables MAC-based authentication on port 1/0/2 console(config)# interface gigabitethernet 1/0/2 console(config-if-1/0/2)# dot1x port-control macbased dot1x re-authenticate Use the dot1x re-authenticate command in Privileged EXEC mode to enable manually initiating a re-authentication of all 802.
2CSPC4.X8100-SWUM100.book Page 855 Wednesday, August 29, 2012 6:23 PM dot1x reauthentication Use the dot1x reauthentication command in Interface Configuration mode to enable periodic re-authentication of the client. To return to the default setting, use the no form of this command. Syntax dot1x reauthentication no dot1x reauthentication Default Configuration Periodic re-authentication is disabled. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 856 Wednesday, August 29, 2012 6:23 PM Default Configuration The default for this command is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables 802.1x globally. console(config)# dot1x system-auth-control dot1x system-auth-control monitor Use the dot1x system-auth-control monitor command in Global Configuration mode to enable 802.1x monitor mode globally.
2CSPC4.X8100-SWUM100.book Page 857 Wednesday, August 29, 2012 6:23 PM Example The following example enables 802.1x globally. console(config)# dot1x system-auth-control monitor dot1x timeout guest-vlan-period Use the dot1x timeout guest-vlan-period command in Interface Configuration mode to set the number of seconds that the switch waits before authorizing the client if the client is a dot1x unaware client. Use the no form of the command to return the timeout to the default value.
2CSPC4.X8100-SWUM100.book Page 858 Wednesday, August 29, 2012 6:23 PM dot1x timeout quiet-period Use the dot1x timeout quiet-period command in Interface Configuration mode to set the number of seconds that the switch remains in the quiet state following a failed authentication exchange (for example, the client provided an invalid password). To return to the default setting, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 859 Wednesday, August 29, 2012 6:23 PM console(config-if-1/0/16)# dot1x timeout quiet-period 3600 dot1x timeout re-authperiod Use the dot1x timeout re-authperiod command in Interface Configuration mode to set the number of seconds between re-authentication attempts. To return to the default setting, use the no form of this command. Syntax dot1x timeout re-authperiod seconds no dot1x timeout re-authperiod • seconds — Number of seconds between re-authentication attempts.
2CSPC4.X8100-SWUM100.book Page 860 Wednesday, August 29, 2012 6:23 PM dot1x timeout server-timeout Use the dot1x timeout server-timeout command in Interface Configuration mode to set the time that the switch waits for a response from the authentication server. To return to the default setting, use the no form of this command. Syntax dot1x timeout server-timeout seconds no dot1x timeout server-timeout • seconds — Time in seconds that the switch waits for a response from the authentication server.
2CSPC4.X8100-SWUM100.book Page 861 Wednesday, August 29, 2012 6:23 PM Syntax dot1x timeout supp-timeout seconds no dot1x timeout supp-timeout seconds — Time in seconds that the switch should wait for a response to an EAP-request frame from the client before resending the request. (Range: 1–65535) Default Configuration The period of time is set to 30 seconds.
2CSPC4.X8100-SWUM100.book Page 862 Wednesday, August 29, 2012 6:23 PM • seconds — Time in seconds that the switch should wait for a response to an EAP-request/identity frame from the client before resending the request. (Range: 1–65535) Default Configuration The period of time is set to 30 seconds.
2CSPC4.X8100-SWUM100.book Page 863 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description interface-id Any valid interface. See Interface Naming Conventions for interface representation. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines If you do not use the optional parameters, the command displays the global dot1x mode and the VLAN Assignment mode.
2CSPC4.X8100-SWUM100.book Page 864 Wednesday, August 29, 2012 6:23 PM show dot1x authentication-history Use the show dot1x authentication-history command in Privileged EXEC mode to display the dot1x authentication events and information during successful and unsuccessful dot1x authentication processes. The command is available to display all events, or events per interface, or only failure authentication events in summary or in detail.
2CSPC4.X8100-SWUM100.book Page 865 Wednesday, August 29, 2012 6:23 PM Example console#show dot1x authentication-history all detail Time Stamp............................... Mar 22 2010 01:16:31 Interface................................ Gi1/0/2 MAC-Address.............................. 00:01:02:03:04:05 VLAN Assigned............................ 111 VLAN Assigned Reason..................... Guest VLAN Auth Status.............................. Authorized Reason...... ............................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 867 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description interface–id Any valid interface. See Interface Naming Conventions for interface representation. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The following fields are displayed by this command.
2CSPC4.X8100-SWUM100.book Page 868 Wednesday, August 29, 2012 6:23 PM Field Description Filter ID The Filter ID assigned to the client by the RADIUS server. This field is not applicable when the Filter-ID feature is disabled on the RADIUS server and client. VLAN Assigned The VLAN assigned to the client by the radius server. When VLAN assignments are disabled, RADIUS server does not assign any VLAN to the port, and this field is set to 0.
2CSPC4.X8100-SWUM100.book Page 869 Wednesday, August 29, 2012 6:23 PM Logical Interface.............................. 96 Interface...................................... gi1/0/7 User Name...................................... brcm Supp MAC Address............................... 00:08:A1:7E:45:1A Session Time................................... 67 VLAN Id........................................ 1 VLAN Assigned.................................. Monitor Mode Session Timeout................................
2CSPC4.X8100-SWUM100.book Page 870 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console#show dot1x interface gigabitethernet 1/0/10 Administrative Mode............... Disabled Dynamic VLAN Creation Mode........ Disabled Monitor Mode...................... Disabled Port Reauth Admin Oper Reauth Mode Mode Control Period ------- -------------------------- ------------ -------- Gi1/0/10 auto 3600 N/A FALSE Quiet Period.................
2CSPC4.X8100-SWUM100.book Page 871 Wednesday, August 29, 2012 6:23 PM MAB mode (configured).......................... Disabled MAB mode (operational)......................... Disabled Authenticator PAE State........................ Initialize Backend Authentication State................... Initialize show dot1x interface statistics Use the show dot1x interfacestatistics command in Privileged EXEC mode to display 802.1x statistics for the specified interface.
2CSPC4.X8100-SWUM100.book Page 872 Wednesday, August 29, 2012 6:23 PM EAPOL Frames Received.......................... 0 EAPOL Frames Transmitted....................... 0 EAPOL Start Frames Received.................... 0 EAPOL Logoff Frames Received................... 0 Last EAPOL Frame Version....................... 0 Last EAPOL Frame Source........................ 0000.0000.0000 EAP Response/Id Frames Received................ 0 EAP Response Frames Received...................
2CSPC4.X8100-SWUM100.book Page 873 Wednesday, August 29, 2012 6:23 PM Field Description EapolReqIdFramesTx The number of EAP Req/Id frames that have been transmitted by this Authenticator. EapolReqFramesTx The number of EAP Request frames (other than Rq/Id frames) that have been transmitted by this Authenticator. InvalidEapolFramesRx The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized.
2CSPC4.X8100-SWUM100.book Page 874 Wednesday, August 29, 2012 6:23 PM Example The following example displays 802.1x users. console#show dot1x users Port Username --------- --------1/0/1 Bob 1/0/2 John Switch# show dot1x users username Bob Port Username --------- --------1/0/1 Bob The following table describes the significant fields shown in the display: Field Description Username The username representing the identity of the Supplicant. Port The port that the user is using.
2CSPC4.X8100-SWUM100.book Page 875 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#clear dot1x authentication-history Purge all entries from the log. console#clear dot1x authentication-history gi1/0/1 Purge all entries for the specified interface from the log. 802.
2CSPC4.X8100-SWUM100.book Page 876 Wednesday, August 29, 2012 6:23 PM Default Configuration The guest VLAN is disabled on the interface by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines Configure the guest VLAN before using this command. Example The following example sets the guest VLAN on port 1/0/2 to VLAN 10.
2CSPC4.X8100-SWUM100.book Page 877 Wednesday, August 29, 2012 6:23 PM Example The following example set the unauthenticated VLAN on port 1/0/2 to VLAN 20. console(config-if-1/0/2)#dot1x unauth-vlan 20 show dot1x advanced Use the show dot1x advanced command in Privileged EXEC mode to display 802.1x advanced features for the switch or for the specified interface. The output of this command has been updated in release 2.
2CSPC4.X8100-SWUM100.book Page 878 Wednesday, August 29, 2012 6:23 PM 1/0/1 Disabled Disabled 1/0/2 10 20 1/0/3 Disabled Disabled 1/0/4 Disabled Disabled 1/0/5 Disabled Disabled 1/0/6 Disabled Disabled console#show dot1x advanced gigabitethernet 1/0/2 Port Guest Unauthenticated VLAN --------1/0/2 878 --------10 802.
2CSPC4.X8100-SWUM100.book Page 879 Wednesday, August 29, 2012 6:23 PM 40 Data Center Technology Commands NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PC8024 and PC8024F switches. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 881 Wednesday, August 29, 2012 6:23 PM 41 Data Center Bridging Commands NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PC8024 and PC8024F switches. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models. Data Center Bridging Exchange Protocol The Data Center Bridging Exchange Protocol (DCBX) is used by DCB devices to exchange configuration information with directly connected peers.
2CSPC4.X8100-SWUM100.book Page 882 Wednesday, August 29, 2012 6:23 PM Enhanced Transmission Selection Overview In a typical switch or router, each physical port supports one or more queues for transmitting packets on the attached network. Multiple queues per port are often provided to give preference to certain packets over others based on user-defined criteria.
2CSPC4.X8100-SWUM100.book Page 883 Wednesday, August 29, 2012 6:23 PM The CoS queue feature provides a method to configure Traffic Class Groups (TCGs) to extend the CoS queue management. Multiple CoS queues can be mapped to a single TCG. Each TCG can have a configured minimum guaranteed bandwidth allocation and a scheduling algorithm similar to the CoS queue configuration. The TCG scheduling and bandwidth enforcement occurs after the CoS queue scheduling and bandwidth enforcement is performed.
2CSPC4.X8100-SWUM100.book Page 884 Wednesday, August 29, 2012 6:23 PM The mapping between the ingress port’s 802.1p priority and TCG is not direct. The mapping depends upon: • The CoS map defining the CoS queue that a packet is egress forwarded for the ingress 802.1p priority. • Traffic Class Group map defining the CoS queue to TCG mapping. The indirect mapping between the 802.1p priorities and the associated Traffic Class Group mapping is advertised by DCBX as part of ETS TLVs.
2CSPC4.X8100-SWUM100.book Page 885 Wednesday, August 29, 2012 6:23 PM DCBX is used to learn about the capabilities of the peer device. It is a means to determine if the peer device supports a particular feature such as PFC. • DCB feature misconfiguration detection DCBX can be used to detect misconfiguration of a feature between the peers on a link. Misconfiguration detection is feature-specific because some features may allow asymmetric configuration.
2CSPC4.X8100-SWUM100.book Page 886 Wednesday, August 29, 2012 6:23 PM 1 Manual 2 Auto-Upstream 3 Auto-Downstream 4 Configuration Source Manual Ports operating in the Manual role do not have their configuration affected by peer devices or by internal propagation of configuration. These ports have their operational mode and TC and bandwidth information specified explicitly by the operator. These ports will advertise their configuration to their peer if DCBX is enabled on that port.
2CSPC4.X8100-SWUM100.book Page 887 Wednesday, August 29, 2012 6:23 PM configuration source may propagate configuration to other ports internally. Auto-upstream ports that receive internally propagated information ignore their local configuration and utilize the internally propagated information. Peer configurations received on auto-upstream ports other than the configuration source result in one of two possibilities.
2CSPC4.X8100-SWUM100.book Page 888 Wednesday, August 29, 2012 6:23 PM configuration is checked against the local port operational values as received from the configuration source, and if compatible, the client marks the port as operationally enabled. If the configuration received from the peer is determined to not be compatible, a message is logged, an error counter is incremented and the DCBX clients become operationally disabled on the port. The port continues to keep link up and exchanges DCBX packets.
2CSPC4.X8100-SWUM100.book Page 889 Wednesday, August 29, 2012 6:23 PM When a new port is selected as configuration source, it is marked as the configuration source, the DCBX configuration is refreshed on all autoconfiguration ports and each port may begin configuration negotiation with their peer again (if any information has changed).
2CSPC4.X8100-SWUM100.book Page 890 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 891 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description auto Automatically select the version based on the peer response. CIN Force the mode to Cisco-Intel-Nuova. (DCBX 1.0) CEE Force the mode to CEE (DCBX 1.06) IEEE Force the mode to IEEE 802.1Qaz Default Configuration The default version is auto.
2CSPC4.X8100-SWUM100.book Page 892 Wednesday, August 29, 2012 6:23 PM Syntax lldp tlv-select dcbxp [ets-config|ets-recommend|pfc|applicationpriority|congestion-notification ] no lldp tlv-select dcbxp [ets-config|ets-recommend|pfc|applicationpriority|congestion-notification ] Parameter Description Parameter Description Ets-config Transmit the ETS configuration TLV. Ets-recommend Transmit the ETS recommendation TLV. Pfc Transmit the PFC configuration TLV.
2CSPC4.X8100-SWUM100.book Page 893 Wednesday, August 29, 2012 6:23 PM lldp dcbx port-role Use the lldp dcbx port-role command in Interface Configuration mode to configure the port role to manual, auto-upstream, auto-downstream and configuration source. The default port role is manual.
2CSPC4.X8100-SWUM100.book Page 894 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Config User Guidelines In order to reduce configuration flapping, ports that obtain configuration information from a configuration source port will maintain that configuration for 2x the LLDP time out, even if the configuration source port becomes operationally disabled.
2CSPC4.X8100-SWUM100.book Page 895 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 896 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC User Guidelines This command has no user guidelines. Example #1 DCBX Status: console# show lldp dcbx interface all status Config DCBX Interface Dscrd Status ---------- ---------- Role Version Rx DCBX Tx Frame Errors Dscrd -------- -------- ------ ------ ------ ------ - te1/0/1 0 Enabled Auto-up CEE 1.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 899 Wednesday, August 29, 2012 6:23 PM console# show lldp dcbx interface te1/0/1 Interface te1/0/1 DCBX Admin Status: Enabled Configured DCBX Version: CIN 1.0 Peer DCBX Version: CEE 1.6 Peer MAC: 00:23:24:A4:21:03 Peer Description: 5.
2CSPC4.X8100-SWUM100.book Page 900 Wednesday, August 29, 2012 6:23 PM Traffic Selection Algorithm: 7:0 0:0 1:1 2:2 3:0 4:0 5:3 6:0 ETS Recommendation (TX Enabled) Peer DCBX Version: CEE 1.6 Peer Description: Cisco Nexus 5020 IOS Version 5.
2CSPC4.X8100-SWUM100.book Page 901 Wednesday, August 29, 2012 6:23 PM Enhanced Transmission Selection Commands classofservice traffic-class-group This command maps the internal Traffic Class to an internal Traffic Class Group (TCG). The Traffic Class can range from 0-6, although the actual number of available traffic classes depends on the platform. Use the no form of this command to return system (Global Config mode) or interface (Interface Config mode) to the default mapping.
2CSPC4.X8100-SWUM100.book Page 902 Wednesday, August 29, 2012 6:23 PM It is recommended that all strict priority traffic classes be mapped to a single TCG. Internally, frames are selected for transmission from the strict priority TCGs first, then, once the constraints of the TCGs are satisfied, frames from the WRR TCGs are selected for transmission.
2CSPC4.X8100-SWUM100.book Page 903 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description bw-0..7 The maximum percentage bandwidth to be transmitted by the TCG. Range 0 to 100. Default Configuration The default maximum bandwidth for all TCGs is 0% (unlimited). Command Mode Global Config, Interface Config modes User Guidelines This command specified in Interface Config mode only affects a single interface; whereas, the Global Config mode setting is applied to all interfaces.
2CSPC4.X8100-SWUM100.book Page 904 Wednesday, August 29, 2012 6:23 PM Example The following example demonstrates how to limit the maximum bandwidth percentage for TCG 1 and 2 to 25% each. console(config)# traffic-class-group max-bandwidth 50 25 25 traffic-class-group min-bandwidth Use this command in Global Config or Interface Config mode to specify the minimum transmission bandwidth guaranteed for each TCG before processing frames from other TCGs on an interface.
2CSPC4.X8100-SWUM100.book Page 905 Wednesday, August 29, 2012 6:23 PM Each bw-x value is a percentage that ranges from 0 to 100 in increments of 1. All n bandwidth values must be specified with this command, and their combined sum must not exceed 100%. The default minimum bandwidth value for each TCG is 0, meaning no bandwidth is guaranteed (best effort).
2CSPC4.X8100-SWUM100.book Page 906 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description tcg-id The TCG identifier. Range is 0 to 2. Default Configuration The default scheduling mode for all TCGs is weighted scheduling. Command Mode Global Config mode, Interface Config mode User Guidelines This command specified in Interface Config mode only affects a single interface, whereas the Global Config mode setting is applied to all interfaces.
2CSPC4.X8100-SWUM100.book Page 907 Wednesday, August 29, 2012 6:23 PM Example The following example demonstrates how to set TCGs 1 and 2 to strict priority scheduling. console(config)# traffic-class-group strict 1 2 traffic-class-group weight Use the traffic-class-group weight command in Global Config or Interface Config mode to specify the scheduling weight for each TCG.
2CSPC4.X8100-SWUM100.book Page 908 Wednesday, August 29, 2012 6:23 PM User Guidelines This command specified in Interface Config mode only affects a single interface, whereas the Global Config mode setting is applied to all interfaces. The Interface Config mode command is only available on platforms that support independent per-port class of service queue configuration. The weight percentage is not considered for Traffic Class Groups that are configured for strict priority scheduling.
2CSPC4.X8100-SWUM100.book Page 909 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode User Guidelines The parameter is optional. If specified, the TCG mapping table of the interface is displayed. If omitted, the global configuration settings are displayed (these may have been subsequently overridden by per-port configuration). Traffic class group 7 is reserved by the system and is not shown.
2CSPC4.X8100-SWUM100.book Page 910 Wednesday, August 29, 2012 6:23 PM Syntax show interfaces traffic-class-group [] Parameter Description Parameter Description interface-id A valid physical interface specifier. Default Configuration The default is to show the global traffic class group configuration. Command Mode Privileged EXEC mode User Guidelines The parameter is optional. If specified, the TCG mapping table of the interface is displayed.
2CSPC4.X8100-SWUM100.book Page 911 Wednesday, August 29, 2012 6:23 PM Field Description Scheduler Type Indicates whether this queue is scheduled for transmission using a strict priority or a weighted scheme. Strict priority scheduler is to provide lower latency to the higher CoS classes of traffic. Weighted scheduling is a round robin mechanism with weights associated to each CoS class of traffic. This is a configured value. Weight Percentage The weight of the TCG used during non-strict scheduling.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 913 Wednesday, August 29, 2012 6:23 PM FIP Snooping Commands 42 NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PC8024 and PC8024F switches. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models. The FCoE Initialization Protocol (FIP) is used to perform the functions of FC_BB_E device discovery, initialization and maintenance.
2CSPC4.X8100-SWUM100.book Page 914 Wednesday, August 29, 2012 6:23 PM feature fip-snooping 2 Configure a VLAN and enable it for FIP Snooping. The example below sets up ports 1 through 16 (CNA connected ports) and port 24 (FCF connected port) to use VLAN 100 and enables VLAN 100 for FIP snooping. vlan 100 fip-snooping enable exit interface range te1/0/1-16,te1/0/24 switchport mode general switchport general allowed vlan add 100 tagged exit 3 Set up the port roles.
2CSPC4.X8100-SWUM100.book Page 915 Wednesday, August 29, 2012 6:23 PM show fip-snooping clear fip-snooping statistics show fip-snooping enode – feature fip-snooping Use the feature fip-snooping command in Global Configuration mode to globally enable Fibre Channel over Ethernet Initialization Protocol (FIP) snooping on the switch. Use the no form of the command to return the settings to the default values and disable FIP snooping. Use the no form of the command to globally disable FIP snooping.
2CSPC4.X8100-SWUM100.book Page 916 Wednesday, August 29, 2012 6:23 PM s1(config)#feature fip-snooping fip-snooping enable Use the fip-snooping command in VLAN Configuration mode to enable snooping of FIP packets on the configured VLANs. FIP snooping is disabled on VLANs by default. Use the no form of the command to return the mode to the default (off). Syntax fip-snooping enable no fip-snooping enable Default Configuration The default mode is off (FIP snooping is disabled.
2CSPC4.X8100-SWUM100.book Page 917 Wednesday, August 29, 2012 6:23 PM fip-snooping fc-map Use the fip-snooping fc-map command in VLAN Configuration mode to configure the FP-MAP value on a VLAN. The FC map value is used to help in securing the switch against misconfiguration. Syntax fip-snooping fc-map 0x0 – 0xffffff no fip-snooping fc-map Parameter Description Valid FC map values are in the range of 0x0 to 0xffffff. Default Configuration The default FC map value is 0x0efc00.
2CSPC4.X8100-SWUM100.book Page 918 Wednesday, August 29, 2012 6:23 PM fip-snooping port-mode To relay the FIP packets received from the hosts toward the Fibre Channel Fabric (FCF), the switch needs to know the interfaces to which the FCFs are connected. Use the fip-snooping port-mode command in Interface Configuration mode to configure the interface that is connected towards FCF. By default, an interface is configured to be a host-facing interface if it is not configured to be an FCF-facing interface.
2CSPC4.X8100-SWUM100.book Page 919 Wednesday, August 29, 2012 6:23 PM Example The following example configures an interface to be connected to an FCF switch. (config)# interface te1/0/1 (config-vlan)# fip-snooping port-mode fcf show fip-snooping Use the show fip-snooping sessions command in User EXEC or Privileged EXEC mode to display information about the global FIP snooping configuration and status. Syntax show fip-snooping Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 920 Wednesday, August 29, 2012 6:23 PM Parameter Description Max VLANs Maximum number of VLANs that can be enabled for FIP snooping on the switch. Max FCFs in VLAN Maximum number of FCFs supported in a VLAN. Max ENodes Maximum number of ENodes supported in the switch. Max Sessions Maximum number of Sessions supported in the switch. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 921 Wednesday, August 29, 2012 6:23 PM show fip-snooping enode Use the show fip-snooping enode command in User EXEC or Privileged EXEC mode to display information about the interfaces connected to ENodes. Syntax show fip-snooping enode [enode-mac] Parameter Description Parameter Description enode-mac MAC address of the enode to display. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 922 Wednesday, August 29, 2012 6:23 PM Parameter Description Sessions Waiting Number of virtual connections waiting for FCF acceptance. Sessions Failed Number of virtual sessions failed. Max-FCoE-PDU Maximum FCoE PDU size the ENode MAC intends to use for FCoE traffic. This is equivalent to the maximum Ethernet frame payload the ENode intends to send. Time elapsed Time elapsed since first successful login session snooped from the ENode.
2CSPC4.X8100-SWUM100.book Page 923 Wednesday, August 29, 2012 6:23 PM Name-ID 000000 ENode-MAC 00:0c:29:65:82:bc FCFs Connected1 Sessions Established3 Sessions Waiting 1 Session Failed 0 Max-FCoE-PDU 2158 Time elapsed 0 days, 1 hours, 20 minutes show fip-snooping fcf Use the show fip-snooping fcf command in User EXEC or Privileged EXEC mode to display information about the interfaces connected to FCFs.
2CSPC4.X8100-SWUM100.book Page 924 Wednesday, August 29, 2012 6:23 PM Parameter Description Interface Interface to which the FCF is connected. VLAN ID number of the VLAN to which the FCF belongs. No. of ENodes Total number of ENodes that are connected to the FCF. FPMA/SPMA Type of the MAC address for ENode as negotiated by the FCF. FCMAP FCMAP value used by the FCF. FCF-MAC MAC address of the FCF. Fabric Name Name of the FCF.
2CSPC4.X8100-SWUM100.book Page 925 Wednesday, August 29, 2012 6:23 PM Parameter Description FKA-ADV FIP keepalive interval (FKA_ADV_PERIOD) in seconds configured on the FCF multiplied by five. For example, if the FKA_ADV period configured on the FCF is 80 seconds, the value of this field is 400. FCF Expiry Time This is timer value to monitor the status of the FCF. FCF entry and all its associated virtual sessions will be removed when the value reaches 0.
2CSPC4.X8100-SWUM100.book Page 926 Wednesday, August 29, 2012 6:23 PM Example #2 The following displays sample output of the command when the optional argument is provided.
2CSPC4.X8100-SWUM100.book Page 927 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description Interface-id ID of an interface on which FIP snooping has been enabled. FCF-MAC MAC address of the FCF that is part of the session. ENode-MAC MAC address of the ENode that is part of the session. VLAN ID number of the VLAN that contains the session. FCoE MAC Source MAC address of the FCoE packets that are originated by the ENode as part of the session.
2CSPC4.X8100-SWUM100.book Page 928 Wednesday, August 29, 2012 6:23 PM The command output format is different when the detail option is used. The information below is displayed. Parameter Description VLAN VLAN to which the session belongs. FC-MAP FCMAP value used by the FCF. FCFs Number of FCFs discovered. ENodes Number of ENodes discovered. Sessions Total virtual sessions in FCoE VLAN. FCF Information Interface Interface on which the FCF is discovered. MAC MAC address of the FCF.
2CSPC4.X8100-SWUM100.book Page 929 Wednesday, August 29, 2012 6:23 PM Parameter Description Expiry Time This is virtual connection/session expiry interval. This is used to monitor the status of the session. Session entry is removed when the value reaches 0. This value is reset to 450 secs (5*90 secs) every time an associated VN_Port FKA is received from the ENode. This is ignored (marked as NA) if the D-bit is set to one in the FCF Discovery Advertisements.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 933 Wednesday, August 29, 2012 6:23 PM TENTATIVE ----------------- FDESC(1,1) -------------- FPMA Example #3 The sample command output below displays sessions between specified FCF and ENode.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 935 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC, Config mode and all Config sub-modes User Guidelines The following table describes the packet counters per FIP Operation. Packet Counter Description VR Number of VLAN Request messages received on the VLAN. VN Number of VLAN Notification messages received on the VLAN.
2CSPC4.X8100-SWUM100.book Page 936 Wednesday, August 29, 2012 6:23 PM Packet Counter Description CVL Number of Clear Virtual Links actions on the VLAN. The following table describes the other interface or session-related counters. Other Counters Description Number of Virtual Session Timeouts Number of Virtual sessions removed due to session timer expiry. Number of FCF Session Timeouts Number of ACTIVE sessions timed out due to Discovery Advertisements expiry from FCFs in the VLAN.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 939 Wednesday, August 29, 2012 6:23 PM Number of Sessions denied with FCF limit: 0 Number of Sessions denied with ENode limit: 0 Number of Sessions denied with System limit: 21 Example #2 Below is the sample command output with optional VLAN argument supplied.
2CSPC4.X8100-SWUM100.book Page 940 Wednesday, August 29, 2012 6:23 PM FDISC_RJT 0 LOGO_ACC 1 LOGO_RJT 0 CVL 0 -------------------------------- Number of Virtual Session Timeouts:2 Number of FCF Session Timeouts: 0 Number of Session configuration failures: 10 Number of Sessions denied with FCF limit: 0 Number of Sessions denied with ENode limit: Number of Sessions denied with System limit: 0 21 Example #3 Below is the sample command output with optional interface argument supplied.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 942 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description vlan-id A VLAN enabled for FIP snooping. VLAN VLAN in which FIP snooping is enabled/operational. FC-MAP FCoE mapped address prefix of the FCoE forwarder for the FCoE VLAN. FCFs Number of FCFs discovered. ENodes Number of ENodes discovered. Sessions Total virtual sessions in FCoE VLAN. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 943 Wednesday, August 29, 2012 6:23 PM Inactive Ports: clear fip-snooping statistics Use the clear fip-snooping statistics command in User EXEC or Privileged EXEC mode to clear the FIP Snooping statistics in the supplied VLAN or on a supplied interface. If the optional (VLAN or interface) argument is not given, this command clears the statistics on all FIP snooping-enabled VLANs.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 945 Wednesday, August 29, 2012 6:23 PM 43 Priority Flow Control Commands NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PC8024 and PC8024F switches. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models. Priority Flow Control (PFC) provides a means of pausing frames based on individual priorities on a single physical link.
2CSPC4.X8100-SWUM100.book Page 946 Wednesday, August 29, 2012 6:23 PM addition to the headroom. With two no-drop priorities per interface and static allocations, there is only about 30 percent of the buffer space available for normal forwarding behavior. The effective default behavior on an interface enabled for PFC without a nodrop priority is that no flow control (legacy or PFC) is enabled. If the user enables PFC but does not create any no-drop priorities, the interface will not be lossless.
2CSPC4.X8100-SWUM100.book Page 947 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description on Enable PFC on the interface. off Disable PFC on the interface. Default Configuration Priority-flow-control mode is off (disabled) by default. Command Mode Datacenter-Bridging Config mode User Guidelines PFC must be enabled before FIP snooping can operate over the interface. Use the no form of the command to return the mode to the default (off).
2CSPC4.X8100-SWUM100.book Page 948 Wednesday, August 29, 2012 6:23 PM Use the no form of the command to return all priorities to their default lossy behavior. Syntax priority-flow-control priority priority-list {drop | no-drop} no priority-flow-control priority Parameter Description Parameter Description drop Disable lossless behavior on the selected priorities. no-drop Enable lossless behavior on the selected priorities. Default Configuration The default behavior for all priorities is drop.
2CSPC4.X8100-SWUM100.book Page 949 Wednesday, August 29, 2012 6:23 PM clear priority-flow-control statistics Use the clear priority-flow-control statistics command to clear all or interface Priority-Flow-Control statistics. Syntax clear priority-flow-control statistics [ethernet interface ] • interface — A valid Ethernet port. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 950 Wednesday, August 29, 2012 6:23 PM Parameter Description interface-id A valid Ethernet port identifier. Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Examples The following examples show the priority flow control status and statistics.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 953 Wednesday, August 29, 2012 6:23 PM 44 Layer 3 Commands The chapters that follow describe commands that conform to the OSI model’s Network Layer (Layer 3). Layer 3 commands perform a series of exchanges over various data links to deliver data between any two nodes in a network. These commands define the addressing and routing structure of the Internet.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 955 Wednesday, August 29, 2012 6:23 PM ARP Commands 45 When a host has an IP packet to send on an Ethernet network, it must encapsulate the IP packet in an Ethernet frame. The Ethernet header requires a destination MAC address. If the destination IP address is on the same network as the sender, the sender uses the Address Resolution Protocol (ARP) to determine the MAC address associated with destination IP address.
2CSPC4.X8100-SWUM100.book Page 956 Wednesday, August 29, 2012 6:23 PM ARP Aging Dynamic entries in the ARP cache are aged. When an entry for a neighbor router reaches its maximum age, the system sends an ARP request to the neighbor router to renew the entry. Entries for neighbor routers should remain in the ARP cache as long as the neighbor continues to respond to ARP requests. ARP cache entries for neighbor hosts are renewed more selectively.
2CSPC4.X8100-SWUM100.book Page 957 Wednesday, August 29, 2012 6:23 PM Syntax arp ip-address hardware-address no arp ip-address • ip-address — IP address of a device on a subnet attached to an existing routing interface. • hardware-address — A unicast MAC address for that device. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 958 Wednesday, August 29, 2012 6:23 PM Default Configuration The default value is 10244096. Command Mode Global Configuration mode User Guidelines The ARP cache size is dependant on the switching hardware used. Values different from the default given above may exist in a given switch model. Example The following example defines an arp cachesize of 500.
2CSPC4.X8100-SWUM100.book Page 959 Wednesday, August 29, 2012 6:23 PM request to the neighbor. If the neighbor responds, the age of the ARP cache entry is reset to 0 without removing the entry from the hardware. Traffic to the host continues to be forwarded in hardware without interruption. If the entry is not being used to forward data packets, then the entry is deleted from the ARP cache, unless the dynamic renew option is enabled.
2CSPC4.X8100-SWUM100.book Page 960 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example removes the specified IP address from arp cache. console#arp purge 192.168.1.10 arp resptime Use the arp resptime command in Global Configuration mode to configure the ARP request response time-out. To return the response time-out to the default value, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 961 Wednesday, August 29, 2012 6:23 PM arp retries Use the arp retries command in Global Configuration mode to configure the ARP count of maximum requests for retries. To return to the default value, use the no form of this command. Syntax arp retries integer no arp retries • integer — The maximum number of requests for retries. (Range: 0-10) Default Configuration The default value is 4 retries.
2CSPC4.X8100-SWUM100.book Page 962 Wednesday, August 29, 2012 6:23 PM Default Configuration The default value is 1200 seconds. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines 900 seconds as the timeout. console(config)#arp timeout 900 clear arp-cache Use the clear arp-cache command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache.
2CSPC4.X8100-SWUM100.book Page 963 Wednesday, August 29, 2012 6:23 PM console#clear arp-cache gateway clear arp-cache management Use the clear arp-cache management command to clear all entries that show as management arp entries in the show arp command. Syntax clear arp-cache management Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 964 Wednesday, August 29, 2012 6:23 PM IP Address MAC Address Interface Type Age --------------- ----------------- -------------- -------- ----------10.27.20.241 001A.A0FF.F662 Management Dynamic n/a 10.27.20.243 0019.B9D1.29A3 Management Dynamic n/a console#clear arp-cache management ip local-proxy-arp Use the ip local proxy-arp command in Interface Configuration mode to enable proxying of ARP requests.
2CSPC4.X8100-SWUM100.book Page 965 Wednesday, August 29, 2012 6:23 PM Syntax ip proxy-arp no ip proxy-arp Default Configuration Enabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines The ip proxy-arp command is not available in interface range mode. Example The following example enables proxy arp for VLAN 15.
2CSPC4.X8100-SWUM100.book Page 966 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC and Privileged EXEC modes, Config mode and all Config submodes User Guidelines The show arp command will display static (user-configured) ARP entries regardless of whether they are reachable over an interface or not. Example The following example shows show arp command output. console#show arp Static ARP entries are only active when the IP address is reachable on a local subnet Age Time (seconds)................
2CSPC4.X8100-SWUM100.book Page 967 Wednesday, August 29, 2012 6:23 PM 46 DHCP Server and Relay Agent Commands DHCP is based on the Bootstrap Protocol (BOOTP). It also captures the behavior of BOOTP relay agents and DHCP participants can inter operate with BOOTP participants. The host RFC’s standardize the configuration parameters which can be supplied by the DHCP server to the client.
2CSPC4.X8100-SWUM100.book Page 968 Wednesday, August 29, 2012 6:23 PM • Internet access cost is greatly reduced by using automatic assignment as Static IP addresses are considerably more expensive to purchase than are automatically allocated IP addresses. • Using DHCP a centralized management policy can be implemented as the DHCP server keeps information about all the subnets. This allows a system operator to update a single server when configuration changes take place.
2CSPC4.X8100-SWUM100.book Page 969 Wednesday, August 29, 2012 6:23 PM Syntax ip dhcp pool [pool-name] no ip dhcp pool [pool-name] Parameter Description Parameter Description pool-name The name of an existing or new DHCP address pool. The pool name can be up to 31 characters in length and can contain the following characters: a-z, A-Z, 0-9, ’-’, ’_’, ’ ’. Enclose the entire pool name in quotes if an embedded blank is to appear in the pool name.
2CSPC4.X8100-SWUM100.book Page 970 Wednesday, August 29, 2012 6:23 PM • Client DNS server – dns-server • NetBIOS WINS Server – netbios-name-server • NetBIOS Node Type – netbios-node-type • Client default router – default-router • Client address lease time – lease Administrators may also configure manual bindings for clients using the host command in DHCP Pool Configuration mode.
2CSPC4.X8100-SWUM100.book Page 971 Wednesday, August 29, 2012 6:23 PM console(config)#ip dhcp pool "Windows PCs" console(config-dhcp-pool)#network 192.168.21.0 /24 console(config-dhcp-pool)#domain-name powerconnect.com console(config-dhcp-pool)#dns-server 192.168.22.3 192.168.23.3 console(config-dhcp-pool)#netbios-name-server 192.168.22.2 192.168.23.2 console(config-dhcp-pool)#netbios-node-type h-node console(config-dhcp-pool)#lease 2 12 console(config-dhcp-pool)#default-router 192.168.22.1 192.168.23.
2CSPC4.X8100-SWUM100.book Page 972 Wednesday, August 29, 2012 6:23 PM Command Mode DHCP Pool Configuration mode User Guidelines This command has no user guidelines. Example console(config-dhcp-pool)#bootfile ntldr clear ip dhcp binding Use the clear ip dhcp binding command in Privileged EXEC mode to remove automatic DHCP server bindings. Syntax clear ip dhcp binding {ip-address | *} Parameter Description Parameter Description * Clear all automatic dhcp bindings.
2CSPC4.X8100-SWUM100.book Page 973 Wednesday, August 29, 2012 6:23 PM clear ip dhcp conflict Use the clear ip dhcp conflict command in Privileged EXEC mode to remove DHCP server address conflicts. Use the show ip dhcp conflict command to display address conflicts detected by the DHCP server. Syntax clear ip dhcp conflict {ip-address | *} Parameter Description Parameter Description * Clear all dhcp conflicts. ip-address Clear a specific address conflict.
2CSPC4.X8100-SWUM100.book Page 974 Wednesday, August 29, 2012 6:23 PM no client-identifier Parameter Description Parameter Description unique-identifier The identifier of the Microsoft DHCP client. The client identifier is specified as 7 bytes of the form XX:XX:XX:XX:XX:XX:XX where X is a hexadecimal digit. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 975 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description name The name of the DHCP client. The client name is specified as up to 31 printable characters. Default Configuration There is no default client name. Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters.
2CSPC4.X8100-SWUM100.book Page 976 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description ip-address1 The IPv4 address of the first default router for the DHCP client. ip-address2 The IPv4 address of the second default router for the DHCP client. Default Configuration No default router is configured. Command Mode DHCP Pool Configuration mode User Guidelines This command has no user guidelines. Example console(config-dhcp-pool)#default-router 192.168.22.1 192.168.23.
2CSPC4.X8100-SWUM100.book Page 977 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode IP DHCP Pool Configuration mode User Guidelines This command has no user guidelines. domain-name (IP DHCP Pool Config) Use the domain-name command in IP DHCP Pool Configuration mode to set the DNS domain name which is provided to a DHCP client by the DHCP server. The DNS name is an alphanumeric string up to 255 characters in length.
2CSPC4.X8100-SWUM100.book Page 978 Wednesday, August 29, 2012 6:23 PM no hardware-address Parameter Description Parameter Description hardware-address MAC address of the client. Either the XXXX.XXXX.XXXX or XX:XX:XX:XX:XX:XX form of MAC address may be used where XX is a hexadecimal digit. Default Configuration There are no default MAC address manual bindings. Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters.
2CSPC4.X8100-SWUM100.book Page 979 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description ip-address IPv4 address to be manually assigned to the host identified by the client identifier. netmask An IPv4 address indicating the applicable bits of the address, typically 255.255.255.255. prefix-length A decimal number ranging from 1-30. Default Configuration The default is a 1 day lease.
2CSPC4.X8100-SWUM100.book Page 980 Wednesday, August 29, 2012 6:23 PM Syntax ip dhcp bootp automatic no ip dhcp bootp automatic Parameter Description This command does not require a parameter description. Default Configuration Automatic BOOTP client address assignment is disabled by default. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 981 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example console#ip dhcp conflict logging ip dhcp excluded-address Use the ip dhcp excluded-address command in Global Configuration mode to exclude one or more DHCP addresses from automatic assignment. Use the no form of the command to allow automatic address assignment for the specified address or address range.
2CSPC4.X8100-SWUM100.book Page 982 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example console#ip dhcp excluded-address 192.168.20.1 192.168.20.3 ip dhcp ping packets Use the ip dhcp ping packets command in Global Configuration mode to configure the number of pings sent to detect if an address is in use prior to assigning an address from the DHCP pool.
2CSPC4.X8100-SWUM100.book Page 983 Wednesday, August 29, 2012 6:23 PM Example console#ip dhcp ping packets 5 lease Use the lease command in DHCP Pool Configuration mode to set the period for which a dynamically assigned DHCP address is valid. Use the infinite parameter to indicate that addresses are to be automatically assigned. Use the no form of the command to return the lease configuration to the default. Use the show ip dhcp pool command to display pool configuration parameters.
2CSPC4.X8100-SWUM100.book Page 984 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example console(config-dhcp-pool)#lease 1 12 59 netbios-name-server Use the netbios-name-server command in DHCP Pool Configuration mode to configure the IPv4 address of the Windows Internet Naming Service (WINS) for a Microsoft DHCP client. Use the no form of the command to remove the NetBIOS name server configuration. Syntax netbios-name-server ip-address [ip-address2...
2CSPC4.X8100-SWUM100.book Page 985 Wednesday, August 29, 2012 6:23 PM Example console(config-dhcp-pool)#netbios-name-server 192.168.21.1 192.168.22.1 netbios-node-type Use the netbios-node-type command in DHCP Pool Configuration mode to set the NetBIOS node type for a Microsoft DHCP client. Use the no form of the command to remove the netbios node configuration.
2CSPC4.X8100-SWUM100.book Page 986 Wednesday, August 29, 2012 6:23 PM Example console(config-dhcp-pool)#netbios-node-type h-node network Use the network command in IP DHCP Pool Configuration mode to define a pool of IPv4 addresses for distributing to clients. Syntax network network-number [mask | prefix-length] Parameter Description Parameter Description network-number A valid IPv4 address mask A valid IPv4 network mask with contiguous left-aligned bits.
2CSPC4.X8100-SWUM100.book Page 987 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description ip-address The IPv4 address of the TFTP server to use during autoconfiguration. Default Configuration There is no default IPv4 next server configured. Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters.
2CSPC4.X8100-SWUM100.book Page 988 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description code The DHCP TLV option code. ascii string1 An ASCII character string. Strings with embedded blanks must be wholly contained in quotes. hex string1 A hexadecimal string containing the characters [0-9A-F]. The string should not begin with 0x. A hex string consists of two characters which are parsed to fill a single byte. Multiple values are separated by blanks.
2CSPC4.X8100-SWUM100.book Page 989 Wednesday, August 29, 2012 6:23 PM Figure 46-1.
2CSPC4.X8100-SWUM100.book Page 990 Wednesday, August 29, 2012 6:23 PM Figure 46-1.
2CSPC4.X8100-SWUM100.book Page 991 Wednesday, August 29, 2012 6:23 PM Figure 46-1.
2CSPC4.X8100-SWUM100.book Page 992 Wednesday, August 29, 2012 6:23 PM Default Configuration The service is disabled by default. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. sntp Use the sntp command in DHCP Pool Configuration mode to set the IPv4 address of the NTP server to be used for time synchronization of the client. Use the no form of the command to remove the NTP server configuration.
2CSPC4.X8100-SWUM100.book Page 993 Wednesday, August 29, 2012 6:23 PM Example console(config-dhcp-pool)#sntp 192.168.21.2 show ip dhcp binding Use the show ip dhcp binding command in Privileged EXEC mode to display the configured DHCP bindings. Syntax show ip dhcp binding [address] Parameter Description Parameter Description address A valid IPv4 address Default Configuration The command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 994 Wednesday, August 29, 2012 6:23 PM show ip dhcp conflict Use the show ip dhcp conflict command in User EXEC mode to display DHCP address conflicts for all relevant interfaces or a specified interface. If an interface is specified, the optional statistics parameter is available to view statistics for the specified interface.
2CSPC4.X8100-SWUM100.book Page 995 Wednesday, August 29, 2012 6:23 PM Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 996 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. show ip dhcp server statistics Use the show ip dhcp server statistics command in Privileged EXEC mode to display the DHCP server binding and message counters. Syntax show ip dhcp server statistics Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 997 Wednesday, August 29, 2012 6:23 PM DHCP REQUEST................................... 132 DHCP DECLINE................................... 0 DHCP RELEASE................................... 32 DHCP INFORM.................................... 0 Messages Sent ---------- ------ DHCP OFFER..................................... 132 DHCP ACK....................................... 132 DHCP NACK......................................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1000 Wednesday, August 29, 2012 6:23 PM Examples The following examples clears DHCPv6 statistics for VLAN 11. console#clear ipv6 dhcp interface vlan 11 statistics\ dns-server (IPv6 DHCP Pool Config) Use the dns-server command in IPv6 DHCP Pool Configuration mode to set the IPv6 DNS server address which is provided to a DHCPv6 client by the DHCPv6 server. DNS server address is configured for stateless server support.
2CSPC4.X8100-SWUM100.book Page 1001 Wednesday, August 29, 2012 6:23 PM Syntax domain-name domain no domain-name domain • domain — DHCPv6 domain name. (Range: 1–255 characters) Default Configuration This command has no default configuration. Command Mode IPv6 DHCP Pool Configuration mode User Guidelines DHCPv6 pool can have multiple number of domain names with maximum of 8. Example The following example sets the DNS domain name "test", which is provided to a DHCPv6 client by the DHCPv6 server.
2CSPC4.X8100-SWUM100.book Page 1002 Wednesday, August 29, 2012 6:23 PM • pool-name — DHCPv6 pool name. (Range: 1-31 characters) Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters IPv6 DHCP Pool Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1003 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN, Tunnel) mode User Guidelines If relay-address is an IPv6 global address, then relay-interface is not required. If relay-address is a link-local or multicast address, then relay-interface is required.
2CSPC4.X8100-SWUM100.book Page 1004 Wednesday, August 29, 2012 6:23 PM • rapid-commit — Is an option that allows for an abbreviated exchange between the client and server. • pref-value — Preference value —used by clients to determine preference between multiple DHCPv6 servers. (Range: 0-4294967295) Default Configuration The default preference value is 20. Rapid commit is not enabled by default.
2CSPC4.X8100-SWUM100.book Page 1005 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description prefix/prefix-length Delegated IPv6 prefix. client-DUID Client DUID (e.g. 00:01:00:09:f8:79:4e:00:04:76:73:43:76'). hostname Client hostname used for logging and tracing. (Range: 0-31 characters.) The command allows spaces in the host name when specified in double quotes. For example, console(config)#snmp-server host "host name" valid-lifetime Valid lifetime for delegated prefix.
2CSPC4.X8100-SWUM100.book Page 1006 Wednesday, August 29, 2012 6:23 PM The following example defines a unique local address prefix with the MAC address 00:1D:BA:06:37:64 converted to EUI-64 format and a preferred lifetime of 5 days. console(config-dhcp6s-pool)#prefix-delegation fc00::/7 00:1D:BA:FF:FE:06:37:64 preferred-lifetime 43200 service dhcpv6 Use the service dhcpv6 command in Global Configuration mode to enable local IPv6 DHCP server on the switch.
2CSPC4.X8100-SWUM100.book Page 1007 Wednesday, August 29, 2012 6:23 PM show ipv6 dhcp Use the show ipv6 dhcp command in Privileged EXEC mode to display the DHCPv6 server name and status. Syntax show ipv6 dhcp Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1008 Wednesday, August 29, 2012 6:23 PM • ipv6-address — Valid IPv6 address. Default Configuration This command has no default configuration. Command Mode Privileged EXEC and User EXEC modes, Config mode and all Config submodes User Guidelines This command has no user guidelines. Example The following example displays the configured DHCP pool based on the entered IPv6 address.
2CSPC4.X8100-SWUM100.book Page 1009 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config submodes User Guidelines Statistics are shown depending on the interface mode (relay, server, or client). Examples The following examples display DHCPv6 information for VLAN 11 when configured in relay mode. console> show ipv6 dhcp interface vlan 11 IPv6 Interface.................................
2CSPC4.X8100-SWUM100.book Page 1010 Wednesday, August 29, 2012 6:23 PM DHCPv6 Rebind Packets Received................. 0 DHCPv6 Release Packets Received................ 0 DHCPv6 Decline Packets Received................ 0 DHCPv6 Inform Packets Received................. 0 DHCPv6 Relay-forward Packets Received.......... 0 DHCPv6 Relay-reply Packets Received............ 0 DHCPv6 Malformed Packets Received.............. 0 Received DHCPv6 Packets Discarded.............. 0 Total DHCPv6 Packets Received...........
2CSPC4.X8100-SWUM100.book Page 1011 Wednesday, August 29, 2012 6:23 PM Syntax Description Parameter Description interface-id Any valid IP interface. See Interface Naming Conventions for interface representation. Default Configuration This command has no default configuration. Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command shows the DHCP status. Information displayed depends on the mode.
2CSPC4.X8100-SWUM100.book Page 1012 Wednesday, August 29, 2012 6:23 PM Term Description Interface IAID An identifier for an identity association chosen by this Client. Leased Address The IPv6 address leased by the DHCPv6 Server for this interface. Preferred Lifetime The preferred life time (in seconds) of the IPv6 Address leased by the DHCPv6 Server. Valid Lifetime The valid life time (in seconds) of the IPv6 Address leased by the DHCPv6 Server.
2CSPC4.X8100-SWUM100.book Page 1013 Wednesday, August 29, 2012 6:23 PM Interface IAID................................. 20 Leased Address................................. 2017::309D:161:4EF1:DBB1/128 Preferred Lifetime............................. 1 days 0 hrs 0 mins 0 secs Valid Lifetime................................. 2 days 0 hrs 0 mins 0 secs Renew Time..................................... 0 days 11 hrs 55 mins 28 secs Expiry Time....................................
2CSPC4.X8100-SWUM100.book Page 1014 Wednesday, August 29, 2012 6:23 PM Server Preference.............................. 20 Option Flags................................... console#show ipv6 dhcp interface vlan 10 statistics DHCPv6 Server Interface Vl10 Statistics DHCPv6 Solicit Packets Received................ 0 DHCPv6 Request Packets Received................ 0 DHCPv6 Confirm Packets Received................ 0 DHCPv6 Renew Packets Received.................. 0 DHCPv6 Rebind Packets Received.................
2CSPC4.X8100-SWUM100.book Page 1015 Wednesday, August 29, 2012 6:23 PM console#show ipv6 dhcp interface vlan 10 statistics DHCPv6 Client Interface Vl10 Statistics -------------------------------------------------------DHCPv6 Advertisement Packets Received................. 0 DHCPv6 Reply Packets Received......................... 0 Received DHCPv6 Advertisement Packets Discarded....... 0 Received DHCPv6 Reply Packets Discarded............... 0 DHCPv6 Malformed Packets Received.....................
2CSPC4.X8100-SWUM100.book Page 1016 Wednesday, August 29, 2012 6:23 PM show ipv6 dhcp pool Use the show ipv6 dhcp pool command in Privileged EXEC mode to display the configured DHCP pool. Syntax show ipv6 dhcp pool poolname • poolname — Name of the pool. (Range: 1-32 characters) Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1017 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the DHCPv6 server name and status. console> show ipv6 dhcp statistics DHCPv6 Interface Global Statistics -----------------------------------DHCPv6 Solicit Packets Received................ 0 DHCPv6 Request Packets Received................ 0 DHCPv6 Confirm Packets Received.........
2CSPC4.X8100-SWUM100.book Page 1018 Wednesday, August 29, 2012 6:23 PM DHCPv6 Relay-forward Packets Transmitted....... 0 Total DHCPv6 Packets Transmitted...............
2CSPC4.X8100-SWUM100.book Page 1019 Wednesday, August 29, 2012 6:23 PM 48 DVMRP Commands Distance Vector Multicast Routing Protocol (DVMRP) is a dense mode multicast protocol and is most appropriate for use in networks where bandwidth is relatively plentiful and there is at least one multicast group member in each subnet. DVMRP assumes that all hosts are part of a multicast group until it is informed of multicast group changes.
2CSPC4.X8100-SWUM100.book Page 1020 Wednesday, August 29, 2012 6:23 PM Default Configuration Disabled is the default configuration. Command Mode Global Configuration Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets VLAN 15’s administrative mode of DVMRP to active.
2CSPC4.X8100-SWUM100.book Page 1021 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example configures a metric of 5 for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip dvmrp metric 5 show ip dvmrp Use the show ip dvmrp command in Privileged EXEC mode to display the system-wide information for DVMRP. Syntax show ip dvmrp Default Configuration This command has no default condition.
2CSPC4.X8100-SWUM100.book Page 1022 Wednesday, August 29, 2012 6:23 PM DVMRP INTERFACE STATUS Interface Interface Mode Protocol State --------- -------------- -------------- show ip dvmrp interface Use the show ip dvmrp interface command in Privileged EXEC mode to display the interface information for DVMRP on the specified interface. Syntax show ip dvmrp interface vlan vlan-id • vlan-id — Valid VLAN ID. Default Configuration This command has no default condition.
2CSPC4.X8100-SWUM100.book Page 1023 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default condition. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the neighbor information for DVMRP. console(config)#show ip dvmrp neighbor No neighbors available.
2CSPC4.X8100-SWUM100.book Page 1024 Wednesday, August 29, 2012 6:23 PM Example The following example displays the next hop information on outgoing interfaces for routing multicast datagrams. console(config)#show ip dvmrp nexthop Next Hop Source IP Source Mask Interface Type -------------- -------------- --------- ------ show ip dvmrp prune Use the show ip dvmrp prune command in Privileged EXEC mode to display the table that lists the router’s upstream prune information.
2CSPC4.X8100-SWUM100.book Page 1025 Wednesday, August 29, 2012 6:23 PM ------------------- -------------- -------------- ----- show ip dvmrp route Use the show ip dvmrp route command in Privileged EXEC mode to display the multicast routing information for DVMRP. Syntax show ip dvmrp route Default Configuration This command has no default condition. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1027 Wednesday, August 29, 2012 6:23 PM IGMP Commands 49 Internet Group Management Protocol (IGMP) is the multicast group membership discovery protocol used for IPv4 multicast groups. Three versions of IGMP exist. Versions one and two are widely deployed. Since IGMP is used between end systems (often desktops) and the multicast router, the version of IGMP required depends on the end-user operating system being supported.
2CSPC4.X8100-SWUM100.book Page 1028 Wednesday, August 29, 2012 6:23 PM IGMPv2 introduced a Leave Group message, which is sent by a host when it leaves a multicast group for which it was the last host to send an IGMP Report message. Receipt of this message causes the Querier possibly to reduce the remaining lifetime of its state for the group, and to send a groupspecific IGMP Query message to the multicast group.
2CSPC4.X8100-SWUM100.book Page 1029 Wednesday, August 29, 2012 6:23 PM Syntax ip igmp no ip igmp Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables IGMP.
2CSPC4.X8100-SWUM100.book Page 1030 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example sets 10 as the number of VLAN 2 Group-Specific Queries.
2CSPC4.X8100-SWUM100.book Page 1031 Wednesday, August 29, 2012 6:23 PM Example The following example configures 2 seconds as the Maximum Response Time inserted in VLAN 15’s Group-Specific Queries. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp last-member-queryinterval 20 ip igmp query-interval Use the ip igmp query-interval command in Interface Configuration mode to configure the query interval for the specified interface.
2CSPC4.X8100-SWUM100.book Page 1032 Wednesday, August 29, 2012 6:23 PM ip igmp query-max-response-time Use the ip igmp query-max-response-time command in Internet Configuration mode to configure the maximum response time interval for the specified interface. It is the maximum query response time advertised in IGMPv2 queries on this interface. The time interval is specified in seconds. Syntax ip igmp query-max-response-time seconds no ip igmp query-max-response-time • seconds — Maximum response time.
2CSPC4.X8100-SWUM100.book Page 1033 Wednesday, August 29, 2012 6:23 PM Syntax ip igmp robustness robustness no ip igmp robustness • robustness — Robustness variable. (Range: 1-255) Default Configuration The default robustness value is 2. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example configures a robustness value of 10 for VLAN 15.
2CSPC4.X8100-SWUM100.book Page 1034 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets for VLAN 15 the number of queries sent out on startup at 10.
2CSPC4.X8100-SWUM100.book Page 1035 Wednesday, August 29, 2012 6:23 PM Example The following example sets at 10 seconds the interval between general queries sent at startup for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp startup-queryinterval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface. Syntax ip igmp version version • version — IGMP version.
2CSPC4.X8100-SWUM100.book Page 1036 Wednesday, August 29, 2012 6:23 PM Syntax show ip igmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays system-wide IGMP information. console#show ip igmp IGMP Admin Mode............................. Enabled IGMP Router-Alert check.....................
2CSPC4.X8100-SWUM100.book Page 1037 Wednesday, August 29, 2012 6:23 PM Syntax show ip igmp groups [interface-type interface-number] [detail] Syntax Description Parameter Description interface-type interface-number Interface type of VLAN and a valid VLAN ID. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1038 Wednesday, August 29, 2012 6:23 PM 225.0.0.5 ----- 1.1.1.5 00:04:15 v2 00:00:05 00:04:15 - show ip igmp interface Use the show ip igmp interface command in Privileged EXEC mode to display the IGMP information for the specified interface. Syntax show ip igmp interface [interface-type interface-number] Syntax Description Parameter Description interface-type interface-number Interface type of VLAN and a valid VLAN ID.
2CSPC4.X8100-SWUM100.book Page 1039 Wednesday, August 29, 2012 6:23 PM Query Interval (secs)......................... 125 Query Max Response Time (1/10 of a second).... 100 Robustness..................................... 2 Startup Query Interval (secs)................. 31 Startup Query Count............................ 2 Last Member Query Interval (1/10 of a second). 10 Last Member Query Count........................
2CSPC4.X8100-SWUM100.book Page 1040 Wednesday, August 29, 2012 6:23 PM console(config)#show ip igmp interface membership 224.5.5.5 detail show ip igmp interface stats Use the show ip igmp interface stats command in User EXEC mode to display the IGMP statistical information for the interface. The statistics are only displayed when the interface is enabled for IGMP. Syntax show ip igmp interface stats vlan vlan-id • vlan-id — Valid VLAN ID Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1041 Wednesday, August 29, 2012 6:23 PM Number of Groups.............................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1043 Wednesday, August 29, 2012 6:23 PM IGMP Proxy Commands 50 IGMP Proxy is used by the router on IPv4 systems to enable the system to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP router interfaces, thus acting as proxy to all its hosts residing on its router interfaces. PowerConnect supports IGMP Version 3, Version 2 and Version 1.
2CSPC4.X8100-SWUM100.book Page 1044 Wednesday, August 29, 2012 6:23 PM Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example enables the IGMP Proxy on the VLAN 15 router.
2CSPC4.X8100-SWUM100.book Page 1045 Wednesday, August 29, 2012 6:23 PM Example The following example resets the host interface status parameters of the IGMP Proxy router. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp-proxy reset-status ip igmp-proxy unsolicited-report-interval Use the ip igmp-proxy unsolicited-report-interval command in Interface Configuration mode to set the unsolicited report interval for the IGMP Proxy router.
2CSPC4.X8100-SWUM100.book Page 1046 Wednesday, August 29, 2012 6:23 PM show ip igmp-proxy Use the show ip igmp-proxy command in Privileged EXEC mode to display a summary of the host interface status parameters. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1047 Wednesday, August 29, 2012 6:23 PM Proxy Start Frequency........................ 1 show ip igmp-proxy interface Use the show ip igmp-proxy interface command in Privileged EXEC mode to display a detailed list of the host interface status parameters. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy interface Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1048 Wednesday, August 29, 2012 6:23 PM 3 0 ----- 0 0 ----- show ip igmp-proxy groups Use the show ip igmp-proxy groups command in Privileged EXEC mode to display a table of information about multicast groups that IGMP Proxy reported. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy groups Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1049 Wednesday, August 29, 2012 6:23 PM 225.0.1.2 MEMBER Exclude 13.13.13.1 0 48 DELAY- show ip igmp-proxy groups detail Use the show ip igmp-proxy groups detail command in Privileged EXEC mode to display complete information about multicast groups that IGMP Proxy has reported. Syntax show ip igmp-proxy groups detail Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1050 Wednesday, August 29, 2012 6:23 PM 225.0.1.2 MEMBER Exclude 1050 13.13.13.
2CSPC4.X8100-SWUM100.book Page 1051 Wednesday, August 29, 2012 6:23 PM 51 IP Helper/DHCP Relay Commands The IP Helper feature provides the ability for a router to forward configured UDP broadcast packets to a particular IP address. This allows applications to reach servers on non-local subnets. This is possible even when the application is designed to assume a server is always on a local subnet or when the application uses broadcast packets to reach the server (with the limited broadcast address 255.255.
2CSPC4.X8100-SWUM100.book Page 1052 Wednesday, August 29, 2012 6:23 PM Protocol UDP Port Number DNS 53 NetBIOS Name Server 137 NetBIOS Datagram Server 138 TACACS Server 49 Time Service 37 DHCP 67 Trivial File Transfer Protocol 69 Certain preexisting configurable DHCP relay options do not apply to relay of other protocols. These options are unchanged. The user may optionally set a DHCP maximum hop count or minimum wait time. The relay agent relays DHCP packets in both directions.
2CSPC4.X8100-SWUM100.book Page 1053 Wednesday, August 29, 2012 6:23 PM • The protocol field in the IP header must be UDP (17). • The destination UDP port must match a configured relay entry. DHCP relay cannot be enabled and disabled globally. IP helper can be enabled or disabled globally. Enabling IP helper enables DHCP relay.
2CSPC4.X8100-SWUM100.book Page 1054 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. Example The following example defines a maximum hopcount of 6. console(config)#bootpdhcprelay maxhopcount 6 bootpdhcprelay minwaittime Use the bootpdhcprelay minwaittime command in Global Configuration mode to configure the minimum wait time in seconds for BootP/DHCP Relay on the system.
2CSPC4.X8100-SWUM100.book Page 1055 Wednesday, August 29, 2012 6:23 PM Example The following example defines a minimum wait time of 10 seconds. console(config)#bootpdhcprelay minwaittime 10 clear ip helper statistics Use the clear ip helper statistics command to reset to 0 the statistics displayed in show ip helper statistics. Syntax clear ip helper statistics Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1056 Wednesday, August 29, 2012 6:23 PM Parameter Description This command has no arguments or keywords. Default Configuration This is enabled by default for a DHCP relay agent. Command Mode Global Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. Interface configuration takes precedence over global configuration. However if there is no interface configuration then global configuration is followed. This check is enabled by default.
2CSPC4.X8100-SWUM100.book Page 1057 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description none (Optional) Disables the command function. Default Configuration This check is enabled by default. Command Mode Interface Configuration (VLAN) mode User Guidelines Enable DHCP Relay using the ip helper enable command. Use the global configuration command ip dhcp relay information option command to enable processing of DHCP circuit ID and remote agent ID options.
2CSPC4.X8100-SWUM100.book Page 1058 Wednesday, August 29, 2012 6:23 PM Default Configuration Disabled is the default configuration. Command Mode Global Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. Example The following example enables the circuit ID and remote agent ID options.
2CSPC4.X8100-SWUM100.book Page 1059 Wednesday, August 29, 2012 6:23 PM Command Mode Interface (VLAN) Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. The interface configuration always takes precedence over global configuration. However, if there is no interface configuration, then global configuration is followed. Example The following example enables the circuit ID and remote agent ID options on vlan 10.
2CSPC4.X8100-SWUM100.book Page 1060 Wednesday, August 29, 2012 6:23 PM (port 53), isakmp (port 500), mobile-ip (port 434), nameserver (port 42), netbios-dgm (port 138), netbios-ns (port 137), ntp (port 123), pim-autorp (port 496), rip (port 520), tacacs (port 49), tftp (port 69), and time (port 37). Other ports must be specified by number. Default Configuration No helper addresses are configured. Command Mode Global Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1061 Wednesday, August 29, 2012 6:23 PM ip helper-address (interface configuration) Use the ip helper-address (interface configuration) command to configure the relay of certain UDP broadcast packets received on a specific interface. To delete a relay entry on an interface, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1062 Wednesday, August 29, 2012 6:23 PM User Guidelines This command can be invoked multiple times on routing interface, either to specify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server. The command no ip helper-address with no arguments clears all helper addresses on the interface. Example To relay DHCP packets received on vlan 5 to two DHCP servers, 192.168.10.1 and 192.168.20.
2CSPC4.X8100-SWUM100.book Page 1063 Wednesday, August 29, 2012 6:23 PM and DNS packets received on vlan 5 to 192.168.40.2, relays SNMP traps (port 162) received on interface vlan 6 to 192.168.23.1, and drops DHCP packets received on vlan 6: console#config console(config)#ip helper-address 192.168.40.1 dhcp console(config)#interface vlan 5 console(config-if-vlan5)#ip helper-address 192.168.40.2 dhcp console(config-if-vlan5)#ip helper-address 192.168.40.
2CSPC4.X8100-SWUM100.book Page 1064 Wednesday, August 29, 2012 6:23 PM User Guidelines This command can be used to temporarily disable IP helper without deleting all IP helper addresses. This command replaces the bootpdhcprelay enable command, but affects not only relay of DHCP packets, but also relay of any other protocols for which an IP helper address has been configured.
2CSPC4.X8100-SWUM100.book Page 1065 Wednesday, August 29, 2012 6:23 PM UDP Port The relay configuration is applied to packets whose destination UDP port is this port. Entries whose UDP port is identified as “any” are applied to packets with the destination UDP ports listed in Table 51-1. Discard If “Yes”, packets arriving on the given interface with the given destination UDP port are discarded rather than relayed.
2CSPC4.X8100-SWUM100.book Page 1066 Wednesday, August 29, 2012 6:23 PM Default Configuration The command has no default configuration. Command Mode User EXEC and Privileged EXEC modes, Config mode and all Config submodes User Guidelines This command has no user guidelines. Example The following example defines the Boot/DHCP Relay information. console#show ip dhcp relay Maximum Hop Count.............................. 4 Minimum Wait Time(Seconds)..................... 0 Circuit Id Option Mode.............
2CSPC4.X8100-SWUM100.book Page 1067 Wednesday, August 29, 2012 6:23 PM User Guidelines Field Description DHCP client messages received The number of valid messages received from a DHCP client. The count is only incremented if IP helper is enabled globally, the ingress routing interface is up, and the packet passes a number of validity checks, such as having a TTL > 1 and having valid source and destination IP addresses.
2CSPC4.X8100-SWUM100.book Page 1068 Wednesday, August 29, 2012 6:23 PM Packets with expired TTL The number of packets received with TTL of 0 or 1 that might otherwise have been relayed. Packets that The number of packets ignored by the relay agent because they matched a discard match a discard relay entry. entry Example console#show ip helper statistics DHCP client messages received.................. 8 DHCP client messages relayed................... 2 DHCP server messages received..................
2CSPC4.X8100-SWUM100.book Page 1069 Wednesday, August 29, 2012 6:23 PM 52 IP Routing Commands The Routing Module provides the base Layer 3 support for Local Area Network (LAN) and Wide Area Network (WAN) environments. The PowerConnect switches allows the network operator to build a complete Layer 3+ configuration with advanced functionality. As the PowerConnect defaults to Layer 2 switching functionality, routing must be explicitly enabled on the PowerConnect to perform Layer 3 forwarding.
2CSPC4.X8100-SWUM100.book Page 1070 Wednesday, August 29, 2012 6:23 PM from different sources have the same preference, PowerConnect routing prefers a static route over a dynamic route. Static Reject Routes To administratively control the traffic destined to a particular network so that it is not forwarded through the router, PowerConnect enables configuring a static reject route for that network on the router.
2CSPC4.X8100-SWUM100.book Page 1071 Wednesday, August 29, 2012 6:23 PM Syntax encapsulation {ethernet | snap} • ethernet — Specifies Ethernet encapsulation. • snap — Specifies SNAP encapsulation. Default Configuration Ethernet encapsulation is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example applies SNAP encapsulation for VLAN 15.
2CSPC4.X8100-SWUM100.book Page 1072 Wednesday, August 29, 2012 6:23 PM • prefix-length — Length of the prefix. Must be preceded by a forward slash (/). (Range: 1-30 bits) • secondary — Indicates the IP address is a secondary address. Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN, Loopback) mode User Guidelines This command also implicitly enables the VLAN or loopback interface for routing (i.e.
2CSPC4.X8100-SWUM100.book Page 1073 Wednesday, August 29, 2012 6:23 PM Packets originated on the router, such as OSPF packets, may be fragmented by the IP stack. The IP stack uses its default IP MTU and ignores the value set using the ip mtu command. OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange.
2CSPC4.X8100-SWUM100.book Page 1074 Wednesday, August 29, 2012 6:23 PM ip netdirbcast Use the ip netdirbcast command in Interface Configuration mode to enable the forwarding of network-directed broadcasts. When enabled, network directed broadcasts are forwarded. When disabled they are dropped. Use the no form of the command to disable the broadcasts. Syntax ip netdirbcast no ip netdirbcast Default Configuration Disabled is the default configuration.
2CSPC4.X8100-SWUM100.book Page 1075 Wednesday, August 29, 2012 6:23 PM Syntax ip route ip addr {subnetmask | prefix length} nextHopRtr [preference] no ip route ip addr {subnetmask | prefix length} nextHopRtr [preference] • ip-address — IP address of destination interface. • subnet-mask — Subnet mask of destination interface. • prefix-length — Length of prefix. Must be preceded with a forward slash (/). (Range: 0-32 bits) • nextHopRtr — IP address of the next hop router.
2CSPC4.X8100-SWUM100.book Page 1076 Wednesday, August 29, 2012 6:23 PM ip route default Use the ip route default command in Global Configuration mode to configure the next hop address of the default route. Use the no form of the command to delete the default route. Syntax ip route default next-hop-ip [preference] no ip route default next-hop-ip [preference] • next-hop-ip — IP address of the next hop router. • preference — Specifies the preference value, a.k.
2CSPC4.X8100-SWUM100.book Page 1077 Wednesday, August 29, 2012 6:23 PM The switch installs a default route for the default gateway whether or not routing is globally enabled. When the user displays the routing table (e.g. show ip route), the display identifies the default gateway, if one is known. Use the show ip route static all command to display the configured static routes and preferences. Example The following example identifies the next-hop-ip and a preference value of 200.
2CSPC4.X8100-SWUM100.book Page 1078 Wednesday, August 29, 2012 6:23 PM User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default route metric to 80. console(config)#ip route distance 80 ip routing Use the ip routing command in Global Configuration mode to globally enable IPv4 routing on the router. To disable IPv4 routing globally, use the no form of the command.
2CSPC4.X8100-SWUM100.book Page 1079 Wednesday, August 29, 2012 6:23 PM Syntax show ip brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays IP summary information. console#show ip brief Default Time to Live....................... 30 Routing Mode............................... Disabled IP Forwarding Mode......................
2CSPC4.X8100-SWUM100.book Page 1080 Wednesday, August 29, 2012 6:23 PM Parameter Description number Interface number. Valid only for loopback and VLAN types. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines The Method field contains one of the following values. Field Description DHCP The address is leased from a DHCP server. Manual The address is manually configured.
2CSPC4.X8100-SWUM100.book Page 1081 Wednesday, August 29, 2012 6:23 PM The Method field contains one of the following values: • DHCP — The address is leased from a DHCP server. • Manual — The address is manually configured. The Method field is also added to the long form. console#show ip interface vlan2 Routing Interface Status......... Up Primary IP Address.........192.168.75.1/255.255.255.0 Method........................... DHCP Routing Mode..................... Enable Administrative Mode...........
2CSPC4.X8100-SWUM100.book Page 1082 Wednesday, August 29, 2012 6:23 PM IP Address............................. 10.131.11.66 Subnet Mask............................ 255.255.255.0 Default Gateway........................ 10.131.11.1 Configured IPv4 Protocol................. DHCP Burned In MAC Address............... 001E.C9AA.AD1C show ip protocols Use the show ip protocols command in Privileged EXEC mode to display a summary of the configuration and status for each unicast routing protocol.
2CSPC4.X8100-SWUM100.book Page 1083 Wednesday, August 29, 2012 6:23 PM Parameter Description Distance The default administrative distance (or route preference) for external, internal, and locally-originated BGP routes. The table that follows lists ranges of neighbor addresses that have been configured to override the default distance with a neighborspecific distance. If a neighbor’s address falls within one of these ranges, routes from that neighbor are assigned the configured distance.
2CSPC4.X8100-SWUM100.book Page 1084 Wednesday, August 29, 2012 6:23 PM Parameter Description Dist List A distribute list used to filter routes of this type. Only routes that pass the distribute list are redistributed. Number of Active Areas The number of OSPF areas with at least one interface running on this router. Also broken down by area type. ABR Status The number of OSPF areas with at least one interface running on this router. Also broken down by area type.
2CSPC4.X8100-SWUM100.book Page 1085 Wednesday, August 29, 2012 6:23 PM Routing Protocol.......................... BGP Router ID................................. 6.6.6.6 Local AS Number........................... 65001 BGP Admin Mode............................ Enable Maximum Paths............................. Internal 32, External 32 Distance.................................. Ext 20 Int 200 Local 200 Address Wildcard Distance Pfx List ------- -------- -------- -------- 172.20.0.0 0.0.255.
2CSPC4.X8100-SWUM100.book Page 1086 Wednesday, August 29, 2012 6:23 PM Routing Protocol.......................... OSPFv2 Router ID................................. 6.6.6.6 OSPF Admin Mode........................... Enable Maximum Paths............................. 32 Routing for Networks...................... 172.24.0.0 0.0.255.255 area 0 10.0.0.0 0.255.255.255 area 1 192.168.75.0 0.0.0.255 area 2 Distance.................................. Intra 110 Inter 110 Ext 110 Default Route Advertise...............
2CSPC4.X8100-SWUM100.book Page 1087 Wednesday, August 29, 2012 6:23 PM RIP Admin Mode............................ Enable Split Horizon Mode........................ Simple Default Metric............................ Not configured Default Route Advertise................... Disable Distance..................................
2CSPC4.X8100-SWUM100.book Page 1088 Wednesday, August 29, 2012 6:23 PM Parameter Description static Show statically originated routes. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines • If the subnet mask is specified, then only routes with an exact match are displayed. • If only an IP address is specified, the best route for the IP address is displayed.
2CSPC4.X8100-SWUM100.book Page 1089 Wednesday, August 29, 2012 6:23 PM show ip route configured Use the show ip route configured command in Privileged EXEC mode to display the configured routes, whether they are reachable or not. Syntax show ip route configured Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1090 Wednesday, August 29, 2012 6:23 PM show ip route connected Use the show ip route connected command in Privileged EXEC mode display connected routes. Connected routes are those that are reachable over a switch interface. Syntax show ip route connected Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1091 Wednesday, August 29, 2012 6:23 PM show ip route preferences Use the show ip route preferences command in Privileged EXEC mode displays detailed information about the route preferences. Route preferences are used in determining the best route. Lower router preference values are preferred over higher router preference values. The user can configure a global default gateway using the ip default-gateway command, creating a default route with a preference of 253.
2CSPC4.X8100-SWUM100.book Page 1092 Wednesday, August 29, 2012 6:23 PM RIP............................................ 120 Configured Default Gateway..................... 253 DHCP Default Gateway........................... 254 show ip route summary Use the show ip route summary command in Privileged EXEC mode to display the routing table summary, including best and non-best routes. Syntax show ip route summary [best] Parameter Description Parameter Description best Shows the number of best routes.
2CSPC4.X8100-SWUM100.book Page 1093 Wednesday, August 29, 2012 6:23 PM OSPF Routes.................................... 0 Intra Area Routes.............................. 0 Inter Area Routes.............................. 0 External Type-1 Routes......................... 0 External Type-2 Routes......................... 0 Total routes................................... 0 show ip traffic Use the show ip traffic command in User EXEC mode to display IP statistical information.
2CSPC4.X8100-SWUM100.book Page 1094 Wednesday, August 29, 2012 6:23 PM IpInHdrErrors.................................. 1 IpInAddrErrors................................. 925 IpForwDatagrams................................ 0 IpInUnknownProtos.............................. 0 IpInDiscards................................... 0 IpInDelivers................................... 18467 IpOutRequests.................................. 295 IpOutDiscards.................................. 0 IpOutNoRoutes...................
2CSPC4.X8100-SWUM100.book Page 1095 Wednesday, August 29, 2012 6:23 PM IcmpInTimestamps............................... 0 IcmpInTimestampReps............................ 0 IcmpInAddrMasks................................ 0 IcmpInAddrMaskReps............................. 0 IcmpOutMsgs.................................... 3 IcmpOutErrors.................................. 0 IcmpOutDestUnreachs............................ 0 IcmpOutTimeExcds............................... 0 IcmpOutParmProbs........................
2CSPC4.X8100-SWUM100.book Page 1096 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays VLAN routing information. console#show ip vlan MAC Address used by Routing VLANs: 00:00:00:01:00:02 VLAN ID IP Address Subnet Mask ------- --------------- --------------10 0.0.0.0 0.0.0.0 20 0.0.0.0 0.0.0.
2CSPC4.X8100-SWUM100.book Page 1097 Wednesday, August 29, 2012 6:23 PM IPv6 Routing Commands 53 The IPv6 version of the routing table manager provides a repository for IPv6 routes learned by dynamic routing protocols or static configuration. RTO6 manages dynamic and static IPv6 routes, redistributes routes to registered protocols, supports ECMP routes, and supports multiple routes to the same destination, sorted by preference. IPv6 routing only operates over VLAN interfaces.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1099 Wednesday, August 29, 2012 6:23 PM Example The following example clears all entries in the IPv6 neighbor table. console(config)#clear ipv6 neighbors clear ipv6 statistics Use the clear ipv6 statistics command in Privileged EXEC mode to clear IPv6 statistics for all interfaces or for a specific interface, including loopback and tunnel interfaces. IPv6 statistics display in the output of the show ipv6 traffic command.
2CSPC4.X8100-SWUM100.book Page 1100 Wednesday, August 29, 2012 6:23 PM ipv6 address Use the ipv6 address command in Interface Configuration mode to configure an IPv6 address on an interface (including tunnel and loopback interfaces) and to enable IPv6 processing on this interface. Multiple globally reachable addresses can be assigned to an interface by using this command. There is no need to assign a link-local address by using this command since one is automatically created.
2CSPC4.X8100-SWUM100.book Page 1101 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example configures an IPv6 address and enables IPv6 processing. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 address 2020:1::1/64 ipv6 enable Use the ipv6 enable command in Interface Configuration mode to enable IPv6 routing on an interface (including tunnel and loopback interfaces) that has not been configured with an explicit IPv6 address.
2CSPC4.X8100-SWUM100.book Page 1102 Wednesday, August 29, 2012 6:23 PM console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 enable ipv6 hop-limit Use the ipv6 hop-limit command to configure the hop limit used in IPv6 PDUs originated by the router. Use the no form of the command to return the hop limit to the default setting. Syntax ipv6 hop-limit count no ipv6 hop-limit Parameter Description Parameter Description count The number of hops before the PDU expires (Range 0-255).
2CSPC4.X8100-SWUM100.book Page 1103 Wednesday, August 29, 2012 6:23 PM Default Configuration No IPv6 hosts are defined. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example console(config)#ipv6 host Dell 2001:DB8::/32 ipv6 mld last-member-query-count The ipv6 mld last-member-query-count command sets the number of listener-specific queries sent before the router assumes that there are no local members on the interface.
2CSPC4.X8100-SWUM100.book Page 1104 Wednesday, August 29, 2012 6:23 PM Example console(config-if-vlan3)#ipv6 mld last-member-querycount 5 ipv6 mld last-member-query-interval The ipv6 mld last-member-query-interval command sets the last member query interval for the MLD interface, which is the value of the maximum response time parameter in the group-specific queries sent out of this interface. Use the “no” form of this command to set the last member query interval to the default.
2CSPC4.X8100-SWUM100.book Page 1105 Wednesday, August 29, 2012 6:23 PM ipv6 mld-proxy Use the ipv6 mld-proxy command to enable MLD Proxy on the router. To enable MLD Proxy on the router, you must also enable multicast forwarding. Also, ensure that there are no other multicast routing protocols enabled on the router. Use the “no” form of this command to disable MLD Proxy. Syntax ipv6 mld-proxy no ipv6 mld-proxy Default Configuration MLD Proxy is disabled by default.
2CSPC4.X8100-SWUM100.book Page 1106 Wednesday, August 29, 2012 6:23 PM Default Configuration There is no default configuration for this command. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld-proxy reset-status ipv6 mld-proxy unsolicit-rprt-interval Use the ipv6 mld-proxy unsolicit-rprt-interval command to set the unsolicited report interval for the MLD Proxy router. This command is only valid when MLD Proxy is enabled on the interface.
2CSPC4.X8100-SWUM100.book Page 1107 Wednesday, August 29, 2012 6:23 PM ipv6 mld query-interval The ipv6 mld query-interval command sets the MLD router's query interval for the interface. The query-interval is the amount of time between the general queries sent when the router is querying on that interface. Use the “no” form of this command to set the query interval to the default. Syntax ipv6 mld query-interval query-interval no ipv6 mld query-interval • query-interval — Query interval (Range: 1–3600).
2CSPC4.X8100-SWUM100.book Page 1108 Wednesday, August 29, 2012 6:23 PM • query-max-response-time — Maximum query response time (Range: 1–65535 milliseconds). Default Configuration The default query maximum response time is 10 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1109 Wednesday, August 29, 2012 6:23 PM Example console(config-if-vlan3)#ipv6 mld router ipv6 mtu Use the ipv6 mtu command in Interface Configuration mode to set the maximum transmission unit (MTU) size, in bytes, of IPv6 packets on an interface. This command replaces the default MTU with a new MTU value. The IPv6 MTU is only observed for packets originating on the switch. Packets forwarded by the hardware ignore the IPv6 MTU.
2CSPC4.X8100-SWUM100.book Page 1110 Wednesday, August 29, 2012 6:23 PM console(config-if-vlan15)#ipv6 mtu 1300 ipv6 nd dad attempts Use the ipv6 nd dad attempts command in Interface Configuration mode to set the number of duplicate address detection probes transmitted while doing neighbor discovery. Duplicate address detection verifies that an IPv6 address on an interface is unique.
2CSPC4.X8100-SWUM100.book Page 1111 Wednesday, August 29, 2012 6:23 PM ipv6 nd managed-config-flag Use the ipv6 nd managed-config-flag command in Interface Configuration mode to set the “managed address configuration” flag in router advertisements. When the value is true, end nodes use DHCPv6. When the value is false, end nodes automatically configure addresses. Syntax ipv6 nd managed-config-flag no ipv6 nd managed-config-flag Default Configuration False is the default configuration.
2CSPC4.X8100-SWUM100.book Page 1112 Wednesday, August 29, 2012 6:23 PM no ipv6 nd ns-interval • milliseconds — Interval duration. (Range: 0, 1000–4294967295) Default Configuration 0 is the default value for milliseconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the interval between router advertisements for advertised neighbor solicitations at 5000 ms.
2CSPC4.X8100-SWUM100.book Page 1113 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example sets to true the “other stateful configuration” flag in router advertisements console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd other-config-flag ipv6 nd prefix Use the ipv6 nd prefix command to configure parameters associated with prefixes that the router advertises in its router advertisements.
2CSPC4.X8100-SWUM100.book Page 1114 Wednesday, August 29, 2012 6:23 PM Default Configuration 604800 seconds is the default value for valid-lifetime, 2592000 seconds for preferred lifetime. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines The router advertises its global IPv6 prefixes in its router advertisements (RAs). An RA only includes the prefixes of the IPv6 addresses configured on the interface where the RA is transmitted.
2CSPC4.X8100-SWUM100.book Page 1115 Wednesday, August 29, 2012 6:23 PM no ipv6 nd ra-interval • maximum — The maximum interval duration (Range: 4–1800 seconds). • minimum — The minimum interval duration (Range: 3 – (0.75 * maximum) seconds). Default Configuration 600 is the default value for seconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines The minimum interval cannot be larger than 75% of the maximum interval.
2CSPC4.X8100-SWUM100.book Page 1116 Wednesday, August 29, 2012 6:23 PM Default Configuration 1800 is the default value for seconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets at 1000 seconds the value that is placed in the Router Lifetime field of the router advertisements.
2CSPC4.X8100-SWUM100.book Page 1117 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example sets the router advertisement time at 5000 milliseconds to consider a neighbor reachable after neighbor discovery confirmation.
2CSPC4.X8100-SWUM100.book Page 1118 Wednesday, August 29, 2012 6:23 PM ipv6 route Use the ipv6 route command in Global Configuration mode to configure an IPv6 static route. Use the no form of the command to remove a preference, an individual next hop, or all next hops for a route. Using the no ipv6 route distance form causes the system to use the system default administrative distance.
2CSPC4.X8100-SWUM100.book Page 1119 Wednesday, August 29, 2012 6:23 PM Default Configuration 1 is the default value for preference. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configure an IPv6 static route. console(config)#ipv6 route 2020:1::1/64 2030:1::2 ipv6 route distance Use the ipv6 route distance command in Global Configuration mode to set the default distance (preference) for static routes.
2CSPC4.X8100-SWUM100.book Page 1120 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default distance to 80. console(config)#ipv6 route distance 80 ipv6 unicast-routing Use the ipv6 unicast-routing command in Global Configuration mode to enable forwarding of IPv6 unicast datagrams.
2CSPC4.X8100-SWUM100.book Page 1121 Wednesday, August 29, 2012 6:23 PM ping ipv6 Use ping ipv6 command in Privileged EXEC mode to determine whether another computer is on the network. To use the command, configure the switch for network (in-band) connection. The source and target devices must have the ping utility enabled and running on top of TCP/IP.
2CSPC4.X8100-SWUM100.book Page 1122 Wednesday, August 29, 2012 6:23 PM ping ipv6 interface Use ping ipv6 interface command in the Privileged EXEC mode to determine whether another computer is on the network. To use the command, configure the switch for network (in-band) connection. The source and target devices must have the ping utility enabled and running on top of TCP/IP.
2CSPC4.X8100-SWUM100.book Page 1123 Wednesday, August 29, 2012 6:23 PM console(config)#ping ipv6 interface loopback 1 FE80::202:BCFF:FE00:3068/128 Send count=3, Receive count=0 from FE80::202:BCFF:FE00:3068/128 Average round trip time = 0.00 ms show ipv6 brief Use the show ipv6 brief command in Privileged EXEC mode to display the IPv6 status of forwarding mode and IPv6 unicast routing mode. Syntax show ipv6 brief Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1124 Wednesday, August 29, 2012 6:23 PM ICMPv6 Rate Limit Burst Size................. 100 messages show ipv6 interface Use the show ipv6 interface command in Privileged EXEC mode to show the usability status of IPv6 interfaces. The output of the command includes the method of assignment for each IPv6 address that is either autoconfigured or leased from a DHCP server. Global addresses with no annotation are assumed to be manually configured.
2CSPC4.X8100-SWUM100.book Page 1125 Wednesday, August 29, 2012 6:23 PM Field Description Config The IPv6 address is manually configured. DHCP The IPv6 address is leased from a DHCP server. TENT Tentative address. The long form of the command includes the same annotations and shows whether address autoconfiguration or DHCP client are enabled on the interface. When the interface acts as a host interface, the output also shows the default gateway on the interface, if one exists.
2CSPC4.X8100-SWUM100.book Page 1126 Wednesday, August 29, 2012 6:23 PM The following example displays the long form of the command, and indicates whether address autoconfiguration or DHCP client are enabled on the interface. When the interface acts as a host interface, the output also shows the default gateway on the interface, if one exists. console#show ipv6 interface vlan2 IPv6 is enabled IPv6 Prefix is ................................
2CSPC4.X8100-SWUM100.book Page 1127 Wednesday, August 29, 2012 6:23 PM Router Advertisement Other Config Flag......... Disabled Router Advertisement Router Preference......... medium Router Advertisement Suppress Flag............. Disabled IPv6 Destination Unreachables.................. Enabled IPv6 Default Router............................
2CSPC4.X8100-SWUM100.book Page 1128 Wednesday, August 29, 2012 6:23 PM DHCPv6 Client Statistics ------------------------DHCPv6 Advertisement Packets Received.......... 0 DHCPv6 Reply Packets Received.................. 0 Received DHCPv6 Advertisement Packets Discard.. 0 Received DHCPv6 Reply Packets Discarded........ 0 DHCPv6 Malformed Packets Received.............. 0 Total DHCPv6 Packets Received.................. 0 DHCPv6 Solicit Packets Transmitted............. 0 DHCPv6 Request Packets Transmitted.......
2CSPC4.X8100-SWUM100.book Page 1129 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The following fields are displayed as a table when vlan vlan-id is specified: Field Description Number of (*, G) entries Displays the number of groups present in the MLD Table. Number of (S, G) entries Displays the number of include and exclude mode sources present in the MLD Table. Group Address The address of the multicast group.
2CSPC4.X8100-SWUM100.book Page 1130 Wednesday, August 29, 2012 6:23 PM Compatibility Mode The compatibility mode of the multicast group on this interface. The values it can take are MLDv1 and MLDv2. Version 1 Host Timer The time remaining until the router assumes there are no longer any MLD version-1 Hosts on the specified interface. The following table is displayed to indicate all the sources associated with this group: Field Description Source Address The IP address of the source.
2CSPC4.X8100-SWUM100.book Page 1131 Wednesday, August 29, 2012 6:23 PM 4001::8 00:03:15 console#show ipv6 mld groups vlan 6 Group Address................................ FF1E::1 Interface..................................... vlan 6 Up Time (hh:mm:ss).......................... 00:04:23 Expiry Time (hh:mm:ss)........................ ------ Group Address................................ FF1E::2 Interface..................................... vlan 6 Up Time (hh:mm:ss)..........................
2CSPC4.X8100-SWUM100.book Page 1132 Wednesday, August 29, 2012 6:23 PM Syntax show ipv6 mld interface { vlan vlan-id | all} • vlan-id — A valid VLAN id. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The following information is displayed for the specified interface: Field Description Interface The interface number in unit/slot/port format.
2CSPC4.X8100-SWUM100.book Page 1133 Wednesday, August 29, 2012 6:23 PM Last Member Query Interval This value indicates the configured Maximum Response Time inserted into Group-Specific Queries sent in response to Leave Group messages. Last Member Query Count This value indicates the configured number of Group-Specific Queries sent before the router assumes that there are no local members.
2CSPC4.X8100-SWUM100.book Page 1134 Wednesday, August 29, 2012 6:23 PM MLD Operational Mode........................ Disabled MLD Version................................. 2 Query Interval (secs)....................... 100 Query Max Response Time(milli-secs)........ 1111 Robustness.................................. 2 Startup Query Interval (secs).............. 31 Startup Query Count......................... 2 Last Member Query Interval (milli-secs)..... 1111 Last Member Query Count.....................
2CSPC4.X8100-SWUM100.book Page 1135 Wednesday, August 29, 2012 6:23 PM Operational Mode Indicates whether MLD Proxy is operationally enabled or disabled. This is a status parameter. Version The present MLD host version that is operational on the proxy interface. Number of Multicast Groups The number of multicast groups that are associated with the MLD-Proxy interface. Unsolicited Report The time interval at which the MLD-Proxy interface sends Interval unsolicited group membership reports.
2CSPC4.X8100-SWUM100.book Page 1136 Wednesday, August 29, 2012 6:23 PM Syntax show ipv6 mld-proxy groups Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines The following parameters are displayed by this command: Field Description Interface The MLD Proxy interface. Group Address The IP address of the multicast group.
2CSPC4.X8100-SWUM100.book Page 1137 Wednesday, August 29, 2012 6:23 PM FF1E::1 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude 2 FF1E::2 FE80::100:2.3 00:02:40 DELAY_MEMBER Include 1 FF1E::3 FE80::100:2.3 00:01:40 DELAY_MEMBER Exclude 0 FF1E::4 FE80::100:2.3 00:02:44 DELAY_MEMBER Include 4 show ipv6 mld-proxy groups detail Use the show ipv6 mld-proxy groups detail command to display information about multicast groups that MLD Proxy reported.
2CSPC4.X8100-SWUM100.book Page 1138 Wednesday, August 29, 2012 6:23 PM Member State Possible values are: • Idle_Member—The interface has responded to the latest group membership query for this group. • Delay_Member—The interface is going to send a group membership report to respond to a group membership query for this group. Filter Mode Possible values are Include or Exclude. Sources The number of sources attached to the multicast group.
2CSPC4.X8100-SWUM100.book Page 1139 Wednesday, August 29, 2012 6:23 PM 5002::2 00:03:40 4001::2 00:03:40 5002::2 00:03:40 show ipv6 mld-proxy interface Use the show ipv6 mld-proxy interface command to display a detailed list of the host interface status parameters. Syntax show ipv6 mld-proxy interface Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1140 Wednesday, August 29, 2012 6:23 PM Example console#show ipv6 mld-proxy interface Interface................................ vlan 10 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent ----------------------------------------------------------------1 2 2 3 0 0 0 4 0 ----- 2 ----- show ipv6 mld traffic The show ipv6 mld traffic command is used to display MLD statistical information for the router.
2CSPC4.X8100-SWUM100.book Page 1141 Wednesday, August 29, 2012 6:23 PM Valid MLD Packets Sent The number of valid MLD packets sent by the router. Queries Received The number of valid MLD queries received by the router. Queries Sent The number of valid MLD queries sent by the router. Reports Received The number of valid MLD reports received by the router. Reports Sent The number of valid MLD reports sent by the router. Leaves Received The number of valid MLD leaves received by the router.
2CSPC4.X8100-SWUM100.book Page 1142 Wednesday, August 29, 2012 6:23 PM Syntax show ipv6 neighbors Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays information about the IPv6 neighbors.
2CSPC4.X8100-SWUM100.book Page 1143 Wednesday, August 29, 2012 6:23 PM Syntax show ipv6 route [ipv6-address | ipv6-prefix/prefix-length | protocol | interface-type interface-number] [best] Syntax Description Parameter Description ipv6-address Specifies an IPv6 address for which the best-matching route would be displayed. protocol Specifies the protocol that installed the routes. Is one of the following keywords: connected, ospf, static.
2CSPC4.X8100-SWUM100.book Page 1144 Wednesday, August 29, 2012 6:23 PM Route Codes: C - connected, S - static O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF Ext 1, OE2 - OSPF Ext 2 ON1 - OSPF NSSA Ext Type 1, ON2 - OSPF NSSA Ext Type 2 Default gateway is 10.1.20.1 S 0.0.0.0/0 [254/0] via 10.1.20.1 C 10.1.20.0/24 [0/1] directly connected, vlan2 C 20.1.20.
2CSPC4.X8100-SWUM100.book Page 1145 Wednesday, August 29, 2012 6:23 PM console#show ipv6 route preferences Local.......................................... 0 Static......................................... 1 OSPF Intra-area routes......................... 110 OSPF Inter-area routes......................... 110 OSPF External routes...........................
2CSPC4.X8100-SWUM100.book Page 1146 Wednesday, August 29, 2012 6:23 PM Static Routes................................ 0 OSPF Routes.................................. 0 Intra Area Routes............................ 0 Inter Area Routes............................ 0 External Type-1 Routes....................... 0 External Type-2 Routes....................... 0 Total routes.................................
2CSPC4.X8100-SWUM100.book Page 1147 Wednesday, August 29, 2012 6:23 PM Examples The following examples show traffic and statistics for IPv6 and ICMPv6, first for all interfaces and an individual VLAN. console> show ipv6 traffic IPv6 STATISTICS Total Datagrams Received........................................... 0 Received Datagrams Locally Delivered.......................................... 0 Received Datagrams Discarded Due To Header Errors.. 0 Received Datagrams Discarded Due To MTU............
2CSPC4.X8100-SWUM100.book Page 1148 Wednesday, August 29, 2012 6:23 PM console> show ipv6 traffic vlan 11 Interface ........................................ 11 IPv6 STATISTICS Total Datagrams Received........................... 0 Received Datagrams Locally Delivered............... 0 Received Datagrams Discarded Due To Header Errors.. 0 Received Datagrams Discarded Due To MTU............ 0 Red Datagrams Discarded Due To No Route............ 0 Received Datagrams With Unknown Protocol...........
2CSPC4.X8100-SWUM100.book Page 1149 Wednesday, August 29, 2012 6:23 PM show ipv6 vlan Use the show ipv6 vlan command in Privileged EXEC mode to display IPv6 VLAN routing interface addresses. Syntax show ipv6 vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays IPv6 VLAN routing interface addresses.
2CSPC4.X8100-SWUM100.book Page 1150 Wednesday, August 29, 2012 6:23 PM • hostname — Hostname to ping (contact). (Range: 1–158 characters). The command allows spaces in the host name when specified in double quotes. For example, console(config)#traceroute "host name" • port — UDP port used as the destination of packets sent as part of the traceroute. This port should be an unused port on the destination system. (Range: 0–65535) Default Configuration 33434 is the default port value.
2CSPC4.X8100-SWUM100.book Page 1151 Wednesday, August 29, 2012 6:23 PM 54 Loopback Interface Commands PowerConnect provides for the creation, deletion, and management of loopback interfaces. They are dynamic interfaces that are created and deleted by user configuration. A loopback interface is always expected to be up. As such, it provides a means to configure a stable IP address on the device which may be referred to by other switches in the network.
2CSPC4.X8100-SWUM100.book Page 1152 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example enters the Interface Loopback 1 configuration mode. console(config)#interface loopback 1 console(config-if-loopback0)#ip address 192.168.22.1 255.255.255.255 console(config-if-loopback0)#exit console(config)#ex console#ping 192.168.22.1 Pinging 192.168.22.1 with 0 bytes of data: Reply From 192.168.22.1: icmp_seq = 0. time <10 msec. Reply From 192.168.
2CSPC4.X8100-SWUM100.book Page 1153 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Examples The following examples display information about configured loopback interfaces. console# show interfaces loopback Loopback Id Interface Packets Sent Packets IP Address Received ----------- -------------------- ---------- ---------------- 1 0.0.0.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1155 Wednesday, August 29, 2012 6:23 PM Multicast Commands 55 The PowerConnect Multicast component is best suited for video and audio traffic requiring multicast packet control for optimal operation. The Multicast component includes support for IGMPv2, IGMPv3, PIM-DM, PIM-SM, and DVMRP. Communication from point to multipoint is called Multicasting.
2CSPC4.X8100-SWUM100.book Page 1156 Wednesday, August 29, 2012 6:23 PM • Applications used for datacasting: Since multimedia transmission has become increasingly popular, multicast transmission use has increased. Multicast transmission may be used to efficiently accommodate this type of communication. For instance, the audio and video signals are captured, compressed and transmitted to a group of receiving stations.
2CSPC4.X8100-SWUM100.book Page 1157 Wednesday, August 29, 2012 6:23 PM ip mcast boundary Use the ip mcast boundary command in Interface Configuration mode to add an administrative scope multicast boundary specified by groupipaddr and mask for which this multicast administrative boundary is applicable. groupipaddr is a group IP address and mask is a group IP mask. Syntax ip mcast boundary groupipaddr mask no ip mcast boundary groupipaddr mask • groupipaddr — IP address of multicast group.
2CSPC4.X8100-SWUM100.book Page 1158 Wednesday, August 29, 2012 6:23 PM Syntax ip mroute source-address mask rpf-address preference no ip mroute source-address mask • source-address — The IP address of the multicast data source. • mask — The IP subnet mask of the multicast data source. • rpf-address — The IP address of the next hop towards the source. • preference — The cost of the route (Range: 1 - 255). Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1159 Wednesday, August 29, 2012 6:23 PM no ip multicast Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables IP multicast on the router.
2CSPC4.X8100-SWUM100.book Page 1160 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example applies a ttlvalue of 5 to the VLAN 15 routing interface. console(config)#interface vlan 15 console(config-if-vlan15)#ip multicast ttl-threshold 5 ip pim Use the ip pimdm command in Interface (VLAN) Configuration mode to administratively configure PIM mode for IP multicast routing on a VLAN interface.
2CSPC4.X8100-SWUM100.book Page 1161 Wednesday, August 29, 2012 6:23 PM console(config)#interface vlan 10 console(if-vlan-10)#ip pim ip pim bsr-border The ip pim bsr-border command is used in Interface (VLAN) Configuration mode to administratively disable bootstrap router (BSR) messages on the interface. Use the no form of this command to return the configuration to the default. Syntax ip pim bsr-border no ip pim bsr-border Default Configuration BSR messages are enabled on the interface by default.
2CSPC4.X8100-SWUM100.book Page 1162 Wednesday, August 29, 2012 6:23 PM Syntax ip pim bsr-candidate vlan {vlan-id hash-mask-length bsr-priority [interval interval]} no ip pim bsr-candidate vlan {vlan-id} Parameter Description Parameter Description vlan-id A valid VLAN identifier with multicast routing enabled. hash-mask-length Length of the BSR hash to be ANDed with the multicast bsr-priority The advertised priority of the BSR candidate. Range 0-255. Default 0.
2CSPC4.X8100-SWUM100.book Page 1163 Wednesday, August 29, 2012 6:23 PM ip pim dense Use the ip pim dense command in Global Configuration mode to administratively configure PIM dense mode for IP multicast routing. Use the no form of this command to disable PIM dense mode. This command replaces the ip pimsm command. Syntax ip pim dense no ip pim dense Default Configuration PIM is not enabled by default.
2CSPC4.X8100-SWUM100.book Page 1164 Wednesday, August 29, 2012 6:23 PM Default Configuration The default election priority is 1. Command Mode Interface (VLAN) Configuration mode User Guidelines This command only has an effect if sparse mode is enabled. Lower values are preferred.
2CSPC4.X8100-SWUM100.book Page 1165 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(config-if-vlan10)#ip pim hello-interval 20 ip pim join-prune-interval The ip pim join-prune-interval command in Interface (VLAN) Configuration mode to administratively configure the frequency of join/prune messages on the specified interface. Use the no form of this command to return the configuration to the default.
2CSPC4.X8100-SWUM100.book Page 1166 Wednesday, August 29, 2012 6:23 PM ip pim register-rate-limit Use the ip pim register-rate-limit command in Global Configuration mode to set a limit on the maximum number of PIM register messages sent per second for each (S,G) entry. Use the no form of this command to return the limit to its default value (0). This command replaces the ip pimsm sptthreshold command.
2CSPC4.X8100-SWUM100.book Page 1167 Wednesday, August 29, 2012 6:23 PM Syntax ip pim rp-address {rp-address group-address group-mask [override]} no ip pim rp-address {rp-address group-address group-mask} Parameter Description Parameter Description rp-address The valid IPv4 address for the rendezvous point. group-address A valid multicast group address to be sourced from the rendezvous point.
2CSPC4.X8100-SWUM100.book Page 1168 Wednesday, August 29, 2012 6:23 PM Syntax ip pim rp-candidate vlan {vlanid group-address group-mask [interval interval]} no ip pim rp-candidate vlan vlanid group-address group-mask} Parameter Description Parameter Description vlan-id A valid VLAN identifier with multicast routing enabled. group-address A valid multicast group address. group-mask A mask indicating the range of multicast groups for which the router should advertise itself as an RP-candidate.
2CSPC4.X8100-SWUM100.book Page 1169 Wednesday, August 29, 2012 6:23 PM Syntax ip pim sparse no ip pim sparse Default Configuration PIM not enabled by default. Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router. Example console(config)#ip pim sparse ip pim ssm Use the ip pim ssm command in Global Configuration mode to administratively configure PIM source specific multicast range of addresses for IP multicast routing.
2CSPC4.X8100-SWUM100.book Page 1170 Wednesday, August 29, 2012 6:23 PM Default Configuration There are no group addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pim ssm 239.0.10.0 255.255.255.0 ip pim spt-threshold Use the ip pim spt-threshold command in Global Configuration mode to set the multicast traffic threshold rate for the last-hop router to switch to the shortest path on the router.
2CSPC4.X8100-SWUM100.book Page 1171 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(config)#ip pim spt-threshold 100 show ip multicast Use the show ip multicast command in Privileged EXEC mode to display the system-wide multicast information. Syntax show ip multicast Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1172 Wednesday, August 29, 2012 6:23 PM Multicast Forwarding Cache Entry Count.. 0 show ip mcast boundary Use the show ip mcast boundary command in Privileged EXEC mode to display all the configured administrative scoped multicast boundaries. Syntax show ip mcast boundary {vlan vlan-id | all} • vlan-id — Valid VLAN ID. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1173 Wednesday, August 29, 2012 6:23 PM Syntax show ip multicast interface [type number] Syntax Description Parameter Description type number Interface type and number for which to display IP multicast information. VLAN Vlan-ID is the only supported type and number Default Configuration Show information for all multicast interfaces. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1174 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays a summary or all the details of the multicast table.
2CSPC4.X8100-SWUM100.book Page 1175 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces. console#show ip mcast mroute group 224.5.5.5 summary console#show ip mcast mroute group 224.5.5.
2CSPC4.X8100-SWUM100.book Page 1176 Wednesday, August 29, 2012 6:23 PM console#show ip mcast mroute source 10.1.1.1 summary console#show ip mcast mroute source 10.1.1.1 224.5.5.5 show ip mcast mroute static Use the show ip mcast mroute static command in Privileged EXEC mode to display all the static routes configured in the static mcast table if it is specified or display the static route associated with the particular sourceipaddr.
2CSPC4.X8100-SWUM100.book Page 1177 Wednesday, August 29, 2012 6:23 PM --------------- --------------- --------------- --------1.1.1.1 255.255.255.0 2.2.2.2 23 show ip pim bsr-router The show ip pim bsr-router command displays information about a bootstrap router (BSR). This command deprecates the show ip pimsm componenttable and show ip pimsm bsr commands. Syntax show ip pim bsr-router {candidate|elected} • candidate – Shows the candidate routers capable of acting as the bootstrap router.
2CSPC4.X8100-SWUM100.book Page 1178 Wednesday, August 29, 2012 6:23 PM Example console#show ip pim bsr-router BSR Address............................. 192.168.10.1 BSR Priority............................ 0 BSR Hash Mask Length.................... 30 C-BSR Advertisement Interval (secs)........60 Next Bootstrap message(hh:mm:ss).......... NA If no configured/elected BSRs exist on the router, the following message is displayed. No BSR’s exist/learned on this router.
2CSPC4.X8100-SWUM100.book Page 1179 Wednesday, August 29, 2012 6:23 PM Field Description BSR Border Whether or not this interface is configured as a BSR Border Neighbor Count Number of PIM Neighbors learnt on this interface Designated-Router IP address of the elected DR on the interface Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1180 Wednesday, August 29, 2012 6:23 PM Hello Interval (secs)30 Join Prune Interval (secs)60 DR Priority1 BSR BorderDisabled Neighbor Count1 Designated Router192.168.10.1 If none of the interfaces are enabled for PIM, the following message is displayed: None of the routing interfaces are enabled for PIM show ip pim neighbor Use the show ip pim neighbor command in User EXEC or Privileged EXEC modes to display PIM neighbors discovered by PIMv2 Hello messages.
2CSPC4.X8100-SWUM100.book Page 1181 Wednesday, August 29, 2012 6:23 PM Field Descriptions Field Description Neighbor Addr IP address of the PIM neighbor Interface Interface number Uptime Time since the neighbor is learned Expiry Time Time remaining for the neighbor to expire Example (console)#show ip pim neighbor vlan 10 Neighbor Addr Interface Up Time Expiry Time hh:mm:ss hh:mm:ss --------------- ---------- --------- ----------192.168.10.
2CSPC4.X8100-SWUM100.book Page 1182 Wednesday, August 29, 2012 6:23 PM Syntax show ip pim rp hash group-address • group-address — A valid multicast address supported by RP. Default Configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The following fields are displayed: Field Description RP Address Address of the RP Type Origin from where this group mapping was learned.
2CSPC4.X8100-SWUM100.book Page 1183 Wednesday, August 29, 2012 6:23 PM Syntax show ip pim rp mapping [rp-address |candidate|static] rp-address — An RP address. Default configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Field Descriptions Field Description RP Address Address of the RP Group Address Address of the multicast group.
2CSPC4.X8100-SWUM100.book Page 1184 Wednesday, August 29, 2012 6:23 PM Next Candidate RP Advertisement (hh:mm:ss). 00:00:15 If no RP Group mapping exists on the router, the following message is displayed: No RP-Group mappings exist on this router. If no static RP Group mapping exists on the router, the following message is displayed: No Static RP-Group mappings exist on this router.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1186 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pim ipv6 pim (VLAN Interface config) Use the ipv6 pim command in VLAN Interface configuration mode to administratively enable PIM-SM multicast routing mode on a particular IPv6 router interface. Use the no form of this command to disable PIM SM on an interface.
2CSPC4.X8100-SWUM100.book Page 1187 Wednesday, August 29, 2012 6:23 PM ipv6 pim bsr-border Use the ipv6 pim bsr-border command to prevent bootstrap router (BSR) messages from being sent or received through an interface. Use the no form of this command to disable the interface from being the BSR border. Syntax ipv6 pim bsr-border no ipv6 pim bsr-border Default Configuration BSR-border is disabled by default.
2CSPC4.X8100-SWUM100.book Page 1188 Wednesday, August 29, 2012 6:23 PM • hash-mask-len —The length of a mask that is to be ANDed with the group address before the hash function is called. All groups with the same seed hash correspond to the same RP. For example, if this value is 24, only the first 24 bits of the group addresses matter. This allows you to get one RP for multiple groups. (Range 0–128 bits). • priority —The priority of the candidate BSR. The BSR with the higher priority is preferred.
2CSPC4.X8100-SWUM100.book Page 1189 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router. Example console(config)#ipv6 pim dense ipv6 pim dr-priority Use the ipv6 pim dr-priority command to set the priority value for which a router is elected as the designated router (DR). Use the no form of this command to set the priority to the default.
2CSPC4.X8100-SWUM100.book Page 1190 Wednesday, August 29, 2012 6:23 PM ipv6 pim hello-interval Use the ipv6 pim hello-interval command to configure the PIM-SM Hello Interval for the specified interface. Use the "no" form of this command to set the hello interval to the default. Syntax ipv6 pim hello-interval interval no ipv6 pim hello-interval • interval— The hello interval (Range: 0–65535 seconds). Default Configuration The default hello interval is 30 seconds.
2CSPC4.X8100-SWUM100.book Page 1191 Wednesday, August 29, 2012 6:23 PM Default Configuration The default join/prune interval is 60 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pim join-prune-interval 90 ipv6 pim register-rate-limit Use the ipv6 pim register-rate-limit command to set a limit on the maximum number of PIM register messages sent per second for each (S,G) entry.
2CSPC4.X8100-SWUM100.book Page 1192 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pim register-rate-limit 10 ipv6 pim register-threshold Use the ipv6 pim register-threshold command to configure the Register Threshold rate for the RP router to switch to the shortest path. Use the "no" form of this command to set the register threshold rate to the default.
2CSPC4.X8100-SWUM100.book Page 1193 Wednesday, August 29, 2012 6:23 PM ipv6 pim rp-address Use the ipv6 pim rp-address command to statically configure the RP address for one or more multicast groups. The optional keyword override indicates that if there is a conflict, the RP configured with this command prevails over the RP learned by BSR. Use the "no" form of this command to remove the RP address for one or more multicast groups.
2CSPC4.X8100-SWUM100.book Page 1194 Wednesday, August 29, 2012 6:23 PM Syntax ipv6 pim rp-candidate vlan vlan-id group-address/prefixlength no ipv6 pim rp-candidate vlan vlan-id • vlan-id— A valid VLAN ID value. • group-address—The group address to display. • prefixlength—This parameter specifies the prefix length of the IP address for the media gateway. (Range: 1–32) Default Configuration The router does not advertise itself as a PIM candidate rendezvous point by default.
2CSPC4.X8100-SWUM100.book Page 1195 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router. Example console(config)#ipv6 pim sparse ipv6 pim spt-threshold Use the ipv6 pim spt-threshold command to configure the Data Threshold rate for the last-hop router to switch to the shortest path. Use the "no" form of this command to set the data threshold to the default.
2CSPC4.X8100-SWUM100.book Page 1196 Wednesday, August 29, 2012 6:23 PM ipv6 pim ssm Use the ipv6 pim ssm command to define the Source Specific Multicast (SSM) range of multicast addresses. Syntax ipv6 pim ssm { default | group-address/prefixlength } • default—Defines the SSM range access list to 232/8. • group-address—Group IP address supported by RP. • prefixlength—This parameter specifies the prefix length of the IP address for the media gateway.
2CSPC4.X8100-SWUM100.book Page 1197 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example console#show ipv6 pim Admin Mode..................................... Enabled Data Threshold Rate (Kbps)..................... 1000 Register Threshold Rate (Kbps).................
2CSPC4.X8100-SWUM100.book Page 1198 Wednesday, August 29, 2012 6:23 PM show ipv6 pim bsr Use the show ipv6 pim bsr command to display the bootstrap router (BSR) information. The output includes elected BSR information and information about the locally configured candidate rendezvous point (RP) advertisement. Syntax show ipv6 pim bsr Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1199 Wednesday, August 29, 2012 6:23 PM Syntax show ipv6 pim bsr-router Default Configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Field descriptions are shown in the following table.
2CSPC4.X8100-SWUM100.book Page 1200 Wednesday, August 29, 2012 6:23 PM No BSR’s exist/learned on this router. show ipv6 pim interface Use the show ipv6 pim interface command to display interface config parameters. If no interface is specified, all interfaces are displayed. Syntax show ipv6 pim interface [ vlan vlan-id ] • vlan-id— A valid VLAN ID value. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1201 Wednesday, August 29, 2012 6:23 PM DR Priority.................................... 1 BSR Border..................................... Disabled show ipv6 pim neighbor Use the show ipv6 pim neighbor command to display IPv6 PIMSM neighbors learned on the routing interfaces. Syntax show ipv6 pim neighbor [ all | interface vlan vlan-id ] • vlan-id —A valid VLAN ID value. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1202 Wednesday, August 29, 2012 6:23 PM show ipv6 pim rphash Use the show ipv6 pim rphash command to display which rendezvous point (RP) is being selected for a specified group. Syntax show ipv6 pim rphash group-address group-address — Group IP address supported by RP. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1203 Wednesday, August 29, 2012 6:23 PM Syntax show ipv6 pim rp mapping [ rp-address ] • rp-address — IP address of RP. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example console#show ipv6 pim rp mapping Group Address.................................. FF1E::/64 RP Address....................................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1205 Wednesday, August 29, 2012 6:23 PM OSPF Commands 57 OSPF is a link-state protocol. PowerConnect OSPF supports variable-length subnet masks. PowerConnect OSPF only operates over VLAN interfaces. OSPF operates within a hierarchy. The largest entity within the hierarchy is the autonomous system (AS), a collection of networks under a common administration sharing a common routing strategy. This is sometimes called a routing domain.
2CSPC4.X8100-SWUM100.book Page 1206 Wednesday, August 29, 2012 6:23 PM Route Preferences Normally, OSPF select routes in the following order: • Local • Static • Intra-area • Inter-area • External • RIP PowerConnect OSPF allows the administrator to change the preference for selecting intra, inter, and external routes according to the following rules: a External route preferences apply to all ospf external routes like type1, type2, nssa-type1, nssa-type2 equally.
2CSPC4.X8100-SWUM100.book Page 1207 Wednesday, August 29, 2012 6:23 PM • Learned Dynamically: Routing protocols can learn ECMP routes. For example, if OSPF is configured on both links connecting Router A to Router B with interface addresses 10.1.1.2 and 10.1.2.2 respectively, and Router B advertises its connection to 20.0.0.0/ 8, then Router A computes an OSPF route to 20.0.0.0/8 with next hops of 10.1.1.2 and 10.1.2.2.
2CSPC4.X8100-SWUM100.book Page 1208 Wednesday, August 29, 2012 6:23 PM Graceful Restart The PowerConnect implementation of OSPFv2 supports graceful restart as specified in RFC 3623. Graceful restart works in concert with PowerConnect nonstop forwarding to enable the hardware to continue forwarding IPv4 packets using OSPFv2 routes while a backup unit takes over management unit responsibility.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1210 Wednesday, August 29, 2012 6:23 PM • integer — The default cost for the stub area. (Range: 1–16777215) Default Configuration 10 is the default configuration for integer. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example identifies a stub area of 10 and default cost of 100.
2CSPC4.X8100-SWUM100.book Page 1211 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description area-id Identifies the OSPF stub area to configure. (Range: IP address or decimal from 0–4294967295) metric-value Specifies the metric of the default route advertised to the NSSA.
2CSPC4.X8100-SWUM100.book Page 1212 Wednesday, August 29, 2012 6:23 PM The following example configures the metric value and type for the default route advertised into the NSSA and configures the NSSA so that summary LSAs are not advertised into the NSSA.
2CSPC4.X8100-SWUM100.book Page 1213 Wednesday, August 29, 2012 6:23 PM Example The following example configures the metric value and type for the default route advertised into the NSSA. console(config-router)#area 20 nssa default-infooriginate 250 non-comparable area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPF Configuration mode to configure the NSSA Area Border router (ABR) so that learned external routes are not redistributed to the NSSA.
2CSPC4.X8100-SWUM100.book Page 1214 Wednesday, August 29, 2012 6:23 PM area nssa no-summary Use the area nssa no-summary command in Router OSPF Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA. Syntax area area-id nssa no-summary no area area-id nssa no-summary • area-id — Identifies the OSPF NSSA to configure. (Range: 0–4294967295) Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1215 Wednesday, August 29, 2012 6:23 PM • always — The router assumes the role of the translator when it becomes a border router. • candidate — The router to participate in the translator election process when it attains border router status. Default Configuration The default role is candidate. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the translator role of the NSSA.
2CSPC4.X8100-SWUM100.book Page 1216 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the translator stability interval of the area 20 NSSA.
2CSPC4.X8100-SWUM100.book Page 1217 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description area-id Identifies the OSPF NSSA to configure. (Range: IP address or decimal from 0–4294967295) prefix netmask The summary prefix to be advertised when the ABR computes a route to one or more networks within this prefix in this area. summarylink When this keyword is given, the area range is used when summarizing prefixes advertised in type 3 summary LSAs.
2CSPC4.X8100-SWUM100.book Page 1218 Wednesday, August 29, 2012 6:23 PM User Guidelines The no form of this command can be used to delete an area range. For example: !! Create area range console (config-router)#area 1 range 10.0.0.0 255.0.0.0 summarylink !! Delete area range console (config-router)#no area 1 range 10.0.0.0 255.0.0.0 summarylink The no form may be used to revert the [advertise | not-advertise] option to its default without deleting the area range.
2CSPC4.X8100-SWUM100.book Page 1219 Wednesday, August 29, 2012 6:23 PM A T3 range with the same prefix is already configured on this area. If the network mask is invalid: console (config-router)#area 1 range 0.0.0.0 0.0.0.0 summarylink An area range mask must have contiguous ones and be no longer than 31 bits. If the prefix is not a valid area range prefix: console (config-router)#area 1 range 0.0.0.0 255.0.0.0 summarylink Cannot create this area range because it represents a default route.
2CSPC4.X8100-SWUM100.book Page 1220 Wednesday, August 29, 2012 6:23 PM Example The following example defines an area range for the area 20. console(config-router)#area 20 range 192.168.6.0 255.255.255.0 summarylink advertise area stub Use the area stub command in Router OSPF Configuration mode to create a stub area for the specified area ID. A stub area is characterized by the fact that AS External LSAs are not propagated into the area.
2CSPC4.X8100-SWUM100.book Page 1221 Wednesday, August 29, 2012 6:23 PM area stub no-summary Use the area stub no-summary command in Router OSPF Configuration mode to prevent Summary LSAs from being advertised into the NSSA. Use the no form of the command to return the Summary LSA mode to the default value. Syntax area area-id stub no-summary no area area-id stub no-summary • area-id — Identifies the OSPF area to configure.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1223 Wednesday, August 29, 2012 6:23 PM Default Configuration Parameter Default area-id No area ID is predefined. router-id No router ID is predefined. hello-interval seconds 10 seconds retransmit-interval seconds 5 seconds transmit-delay seconds 1 second dead-interval seconds 40 seconds authentication-key key No key is predefined. message-digest-key key-id md5 key No key is predefined. Command Mode Router OSPF Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1224 Wednesday, August 29, 2012 6:23 PM The following example establishes a virtual link with MD5 authentication: router ospf network 10.50.50.0 0.0.0.255 area 10 area 10.0.0.0 virtual-link 10.3.4.5 message-digest-key 100 md5 test123 area virtual-link authentication Use the area virtual-link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface identified by the area ID and neighbor ID.
2CSPC4.X8100-SWUM100.book Page 1225 Wednesday, August 29, 2012 6:23 PM User Guidelines Unauthenticated interfaces cannot be configured with an authentication key. If no parameters are specified after the authentication keyword, then plaintext password authentication is used. Example The following example configures the authentication type and key for the area 10 OSPF virtual interface and neighbor ID. console(config-router)#area 10 virtual-link 192.168.2.
2CSPC4.X8100-SWUM100.book Page 1226 Wednesday, August 29, 2012 6:23 PM Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the dead interval for the area 10 OSPF virtual interface on the virtual interface and neighbor router. console(config-router)#area 10 virtual-link 192.168.2.
2CSPC4.X8100-SWUM100.book Page 1227 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example configures a 50-second wait interval. console(config-router)#area 10 virtual-link 192.168.2.
2CSPC4.X8100-SWUM100.book Page 1228 Wednesday, August 29, 2012 6:23 PM Example The following example configures a 500-second retransmit wait interval. console(config-router)#area 10 virtual-link 192.168.2.2 retransmit-interval 500 area virtual-link transmit-delay Use the area virtual-link transmit-delay command in Router OSPF Configuration mode to configure the transmit delay for the OSPF virtual interface identified by the area ID and neighbor ID.
2CSPC4.X8100-SWUM100.book Page 1229 Wednesday, August 29, 2012 6:23 PM console(config-router)#area 10 virtual-link 192.168.2.2 transmit-delay 40 auto-cost By default, OSPF computes the link cost of each interface from the interface bandwidth. The link cost is computed as the ratio of a “reference bandwidth” to the interface bandwidth (ref_bw / interface bandwidth), where interface bandwidth is defined by the “bandwidth” command.
2CSPC4.X8100-SWUM100.book Page 1230 Wednesday, August 29, 2012 6:23 PM bandwidth By default, OSPF computes the link cost of an interface as the ratio of the reference bandwidth to the interface bandwidth. Reference bandwidth is specified with the auto-cost command. For the purpose of the OSPF link cost calculation, the bandwidth command specifies the interface bandwidth. The bandwidth is specified in kilobits per second.
2CSPC4.X8100-SWUM100.book Page 1231 Wednesday, August 29, 2012 6:23 PM no capability opaque Default Configuration Opaque Capability is enabled by default. Command Mode Router Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-router)#capability opaque clear ip ospf Use the clear ip ospf command to reset specific OSPF states. If no parameters are specified, OSPF is disabled and then re-enabled.
2CSPC4.X8100-SWUM100.book Page 1232 Wednesday, August 29, 2012 6:23 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The following example shows the options for the clear ip ospf command. console#clear ip ospf ? Press enter to execute the command.
2CSPC4.X8100-SWUM100.book Page 1233 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode User Guidelines OSPF only exits stub router mode if it entered stub router mode because of a resource limitation or if it is in stub router mode at startup. This command has not effect is OSPF is configured to be in stub router mode permanently. compatible rfc1583 Use the compatible rfc1583 command in Router OSPF Configuration mode to enable OSPF 1583 compatibility.
2CSPC4.X8100-SWUM100.book Page 1234 Wednesday, August 29, 2012 6:23 PM default-information originate (Router OSPF Configuration) Use the default-information originate command in Router OSPF Configuration mode to control the advertisement of default routes. Use the no form of the command to return the default route advertisement settings to the default value.
2CSPC4.X8100-SWUM100.book Page 1235 Wednesday, August 29, 2012 6:23 PM should also have a static default route configured with an upstream ISP router as the destination. The always keyword will cause the router to advertise a default route to its neighbors, even if no valid default route is known. Example The following example always advertises default routes.
2CSPC4.X8100-SWUM100.book Page 1236 Wednesday, August 29, 2012 6:23 PM distance ospf The distance ospf command sets the preference values of OSPF route types in the router. Lower route preference values are preferred when determining the best route. The type of OSPF route can be intra, inter, external. All the external type routes are given the same preference value. Use the no form of this command to reset the preference values to the default.
2CSPC4.X8100-SWUM100.book Page 1237 Wednesday, August 29, 2012 6:23 PM Examples The following examples set route preference values of OSPF in the router. console(config-router)#distance ospf intra 4 console(config-router)#distance ospf type1 19 distribute-list out Use the distribute-list out command in Router OSPF Configuration mode to specify the access list to filter routes received from the source protocol. Use the no form of the command to remove the specified source protocol from the access list.
2CSPC4.X8100-SWUM100.book Page 1238 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example specifies the access list to filter routes received from the RIP source protocol. console(config-router)#distribute-list ACL40 out rip enable Use the enable command in Router OSPF Configuration mode to reset the default administrative mode of OSPF in the router (active). Use the no form of the command to disable the administrative mode for OSPF.
2CSPC4.X8100-SWUM100.book Page 1239 Wednesday, August 29, 2012 6:23 PM exit-overflow-interval Use the exit-overflow-interval command in Router OSPF Configuration mode to configure the exit overflow interval for OSPF. When a router leaves the overflow state it can originate non-default AS-external-LSAs. When set to 0, the router will not leave Overflow State until restarted. Use the no form of the command to return the interval to the default value.
2CSPC4.X8100-SWUM100.book Page 1240 Wednesday, August 29, 2012 6:23 PM overflow state. The router never holds more than the external LSDB limit non-default AS-external-LSAs in it database. Use the no form of the command to return the limit to the default value. Syntax external-lsdb-limit integer no external-lsdb-limit • integer — Maximum number of non-default AS-external-LSAs allowed in the router's link-state database. (Range: –1 to 2147483647) Default Configuration -1 is the default configuration.
2CSPC4.X8100-SWUM100.book Page 1241 Wednesday, August 29, 2012 6:23 PM no ip ospf area [secondaries none] • area-id — The ID of the area (Range: IP address or decimal from 0 –4294967295). Default Configuration OSPFv2 is disabled by default. Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command. Example console(config-if-vlan1)#ip ospf area 192.168.1.
2CSPC4.X8100-SWUM100.book Page 1242 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines Unauthenticated interfaces do not need an authentication key or authentication key ID. Example The following example sets the OSPF Authentication Type and Key for VLAN 15.
2CSPC4.X8100-SWUM100.book Page 1243 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example configures the cost on the OSPF interface at 5. console(config-if-vlan15)#ip ospf cost 5 ip ospf database-filter all out Use the ip ospf database-filter all out command in Interface Configuration mode to prevent flooding of OSPF LSAs on an interface. Use the no form of the command to enable flooding of LSAs on an interface.
2CSPC4.X8100-SWUM100.book Page 1244 Wednesday, August 29, 2012 6:23 PM no ip ospf dead-interval • seconds — Number of seconds that a router's Hello packets have not been seen before its neighbor routers declare that the router is down. (Range: 1–65535) Default Configuration 40 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines The value for the length of time must be the same for all routers attached to a common network.
2CSPC4.X8100-SWUM100.book Page 1245 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines The value for the length of time must be the same for all routers attached to a network. Example The following example sets the OSPF hello interval at 30 seconds. console(config-if-vlan15)#ip ospf hello-interval 30 ip ospf mtu-ignore Use the ip ospf mtu-ignore command in Interface Configuration mode to disable OSPF maximum transmission unit (MTU) mismatch detection.
2CSPC4.X8100-SWUM100.book Page 1246 Wednesday, August 29, 2012 6:23 PM Example The following example disables OSPF MTU mismatch detection on VLAN interface 15. console(config-if-vlan15)#ip ospf mtu-ignore ip ospf network Use the ip ospf network command to configure OSPF to treat an interface as a point-to-point rather than broadcast interface. To return to the default value, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1247 Wednesday, August 29, 2012 6:23 PM broadcast Set the OSPF network type to Broadcast point-to-point Set the OSPF network type to Point-to-Point ip ospf priority Use the ip ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface. Use the no form of the command to return the priority to the default value.
2CSPC4.X8100-SWUM100.book Page 1248 Wednesday, August 29, 2012 6:23 PM Syntax ip ospf retransmit-interval seconds no ip ospf retransmit-interval • seconds — Number of seconds between link-state advertisement retransmissions for adjacencies belonging to this router interface. This value is also used when retransmitting database description and link-state request packets. (Range: 0–3600 seconds) Default Configuration 5 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode.
2CSPC4.X8100-SWUM100.book Page 1249 Wednesday, August 29, 2012 6:23 PM • seconds — Sets the estimated number of seconds it takes to transmit a link state update packet over this interface. (Range: 1–3600 seconds) Default Configuration 1 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the OSPF Transit Delay for VLAN 15 at 20 seconds.
2CSPC4.X8100-SWUM100.book Page 1250 Wednesday, August 29, 2012 6:23 PM Default Configuration Adjacency changes are not logged by default. Command Mode OSPFv2 Router Configuration mode User Guidelines State changes are logged with INFORMATIONAL severity. max-metric router-lsa Use the max-metric router-lsa command in router OSPF Global Configuration mode to configure OSPF to enable stub router mode.
2CSPC4.X8100-SWUM100.book Page 1251 Wednesday, August 29, 2012 6:23 PM Command Mode OSPFv2 Global Configuration mode User Guidelines When OSPF is in stub router mode, as defined by RFC 3137, OSPF sets the metric in the non-stub links in its router LSA to LsInfinity. Other routers therefore compute very long paths through the stub router, and prefer any alternate path. Doing so eliminates all transit traffic through the stub router, when alternate routes are available.
2CSPC4.X8100-SWUM100.book Page 1252 Wednesday, August 29, 2012 6:23 PM maximum-paths Use the maximum-paths command in Router OSPF Configuration mode to set the number of paths that OSPF can report for a given destination. Use the no form of the command to reset the number to the default value. Syntax maximum-paths integer no maximum-paths • integer — Number of paths that OSPF can report for a given destination. (Range: 1–4.) Default Configuration 4 is the integer default value.
2CSPC4.X8100-SWUM100.book Page 1253 Wednesday, August 29, 2012 6:23 PM network area The network area command enables OSPFv2 on an interface and sets its area ID if the ip-address of an interface is covered by this network command. Use the “no” form of this command to disable OSPFv2 on an interface. Syntax network ip-address wildcard-mask area area-id no network ip-address wildcard-mask area area-id • ip-address — Base IPv4 address of the network area.
2CSPC4.X8100-SWUM100.book Page 1254 Wednesday, August 29, 2012 6:23 PM Example console(config-router)#network 10.50.50.0 0.0.0.255 area 4 nsf Use this command to enable OSPF graceful restart. Use the no form of this command to disable graceful restart. Syntax nsf [ietf] [planned-only] no nsf [ietf] ietf — This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations. Since the IETF implementation is the only one supported, this keyword is optional.
2CSPC4.X8100-SWUM100.book Page 1255 Wednesday, August 29, 2012 6:23 PM everything that goes with that (i.e., flooding of LSAs, SPF runs). Helpful neighbors continue to forward packets through the restarting router. The restarting router relearns the network topology from its helpful neighbors. This implementation of graceful restart restarting router behavior is only useful with a router stack. Graceful restart does not work on a standalone, single-unit router.
2CSPC4.X8100-SWUM100.book Page 1256 Wednesday, August 29, 2012 6:23 PM nsf helper strict-lsa-checking Use the nsf-helper strict-lsa-checking command to require that an OSPF helpful neighbor exit helper mode whenever a topology change occurs. Use the “no” form of this command to allow OSPF to continue as a helpful neighbor in spite of topology changes.
2CSPC4.X8100-SWUM100.book Page 1257 Wednesday, August 29, 2012 6:23 PM Syntax nsf [ietf] restart-interval seconds no nsf [ietf] restart-interval • ietf — This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations. Since the IETF implementation is the only one supported, this keyword is optional. • seconds — The number of seconds that the restarting router asks its neighbors to wait before exiting helper mode.
2CSPC4.X8100-SWUM100.book Page 1258 Wednesday, August 29, 2012 6:23 PM Default Configuration Global passive mode is disabled by default. Command Mode Router OSPF Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface passive-interface Use the passive-interface command to set the interface as passive. It overrides the global passive mode that is currently effective on the interface.
2CSPC4.X8100-SWUM100.book Page 1259 Wednesday, August 29, 2012 6:23 PM redistribute Use the redistribute command in Router OSPF Configuration mode to configure OSPF protocol to allow redistribution of routes from the specified source protocol/routers. Use the no version of the command to disable redistribution from the selected source or to reset options to their default values.
2CSPC4.X8100-SWUM100.book Page 1260 Wednesday, August 29, 2012 6:23 PM Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures OSPF protocol to allow redistribution of routes from the specified source protocol/routers.
2CSPC4.X8100-SWUM100.book Page 1261 Wednesday, August 29, 2012 6:23 PM router ospf Use the router ospf command in Global Configuration mode to enter Router OSPF mode. Syntax router ospf Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines The command prompt changes when the router ospf command executes. Example The following example enters into router OSPF mode.
2CSPC4.X8100-SWUM100.book Page 1262 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines Some of the information below displays only if you enable OSPF and configure certain features. The following fields may be displayed: Field Description Router ID A 32-bit integer in dotted decimal format identifying the router about which information is displayed. This is a configured value.
2CSPC4.X8100-SWUM100.book Page 1263 Wednesday, August 29, 2012 6:23 PM AutoCost Ref BW The configured autocost reference bandwidth. This value is used to determine the OSPF metric on its interfaces. The reference bandwidth is divided by the interface speed to compute the metric. Default Passive Setting When enabled, OSPF interfaces are passive by default. Maximum Paths Shows the maximum number of paths that OSPF can report for a given destination.
2CSPC4.X8100-SWUM100.book Page 1264 Wednesday, August 29, 2012 6:23 PM Stub Router Reason One of Configured, Startup, or Resource Limitation. This row is only listed if stub router is active. Stub Router Time The remaining time until OSPF exits stub router mode. This Remaining row is only listed if OSPF is in startup stub router mode. External LSDB Overflow OSPF enters this state when the number of external LSAs exceeds a configured limit, as described in RFC 1765.
2CSPC4.X8100-SWUM100.book Page 1265 Wednesday, August 29, 2012 6:23 PM NSF Support Whether graceful restart is administratively enabled. Possible values are Support Always, Disabled, or Planned. NSF Restart Interval The number of seconds a helpful neighbor allows a restarting router to complete its graceful restart. NSF Restart Status Whether the router is currently performing a graceful restart. NSF Restart Age The number of seconds until a graceful restart expires.
2CSPC4.X8100-SWUM100.book Page 1266 Wednesday, August 29, 2012 6:23 PM External LSDB Limit...................... No Limit Exit Overflow Interval................... 0 Spf Delay Time........................... 5 Spf Hold Time............................ 10 Opaque Capability........................ Disable AutoCost Ref BW.......................... 100 Mbps Default Passive Setting.................. Disabled Maximum Paths........................ 4 Default Metric.......................
2CSPC4.X8100-SWUM100.book Page 1267 Wednesday, August 29, 2012 6:23 PM LSAs Received........................ 7 LSA Count............................ 4 Maximum Number of LSAs............... 18200 LSA High Water Mark.................. 4 Retransmit List Entries.............. 0 Maximum Number of Retransmit Entries..72800 Retransmit Entries High Water Mark... 2 NSF Support........................... Disabled NSF Restart Interval.................. 120 NSF Restart Status....................
2CSPC4.X8100-SWUM100.book Page 1268 Wednesday, August 29, 2012 6:23 PM Flood Pacing Interval.......................... 33 ms LSA Refresh Group Pacing Time.................. 60 sec Opaque Capability.............................. Enable AutoCost Ref BW................................ 100 Mbps Default Passive Setting........................ Disabled Maximum Paths.................................. 4 Default Metric................................. Not configured Stub Router Configuration......................
2CSPC4.X8100-SWUM100.book Page 1269 Wednesday, August 29, 2012 6:23 PM External LSDB Overflow......................... FALSE External LSA Count............................. 0 External LSA Checksum.......................... 0 AS_OPAQUE LSA Count............................ 0 AS_OPAQUE LSA Checksum......................... 0 New LSAs Originated............................ 300269 LSAs Received.................................. 300276 LSA Count...................................... 6020 Maximum Number of LSAs.
2CSPC4.X8100-SWUM100.book Page 1270 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console#show ip ospf abr Type Hop Router Id Next Hop Cost Area ID Next I ntf ----- --------------- ----- --------------- --------- - INTRA 3.3.3.3 lan11 1 0.0.0.1 10.1.23.3 v INTRA 4.4.4.4 lan12 10 0.0.0.1 10.1.24.4 v show ip ospf area Use the show ip ospf area command in Privileged EXEC mode to display information about the identified OSPF area.
2CSPC4.X8100-SWUM100.book Page 1271 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example #1 The following example displays OSPF router information. console#show ip ospf area 10 AreaID......................................... 0.0.0.10 External Routing............................... Import External LSAs Spf Runs....................................... 0 Area Border Router Count.................
2CSPC4.X8100-SWUM100.book Page 1272 Wednesday, August 29, 2012 6:23 PM OSPF NSSA Specific Information. Import Summary LSAs............................ Enable Redistribute into NSSA......................... Enable Default Information Originate.................. TRUE Default Metric................................. 250 Default Metric Type............................ NonComparable Translator Role................................ Candidate Translator Stability Interval.................. 2000 Translator State....
2CSPC4.X8100-SWUM100.book Page 1273 Wednesday, August 29, 2012 6:23 PM show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes (ASBR). This command takes no options. Syntax show ip ospf asbr Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1274 Wednesday, August 29, 2012 6:23 PM show ip ospf database Use the show ip ospf database command in Privileged EXEC mode to display information about the link state database when OSPF is enabled. If parameters are entered, the command displays the LSA headers. Use the optional parameters to specify the type of link state advertisements to display.
2CSPC4.X8100-SWUM100.book Page 1275 Wednesday, August 29, 2012 6:23 PM Example The following example displays information about the link state database when OSPF is enabled. console#show ip ospf database Router Link States (Area 0.0.0.0) Link Id Adv Router Age Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ----5.2.0.0 0.0.0.0 1360 80000006 3a1f ------ ----- 5.2.0.0 5.2.0.0 1360 80000009 a47e ------ ---E- 20.20.20.20 20.20.20.
2CSPC4.X8100-SWUM100.book Page 1276 Wednesday, August 29, 2012 6:23 PM 5.2.0.0 0.0.0.0 1361 80000006 183a ------ Link Opaque States (Area 0.0.0.0) Link Id Adv Router Age Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ----5.2.0.0 0.0.0.0 1361 80000005 ef59 ------ Area Opaque States (Area 0.0.0.0) Link Id Adv Router Age Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ----5.2.0.0 0.0.0.
2CSPC4.X8100-SWUM100.book Page 1277 Wednesday, August 29, 2012 6:23 PM show ip ospf database database-summary Use the show ip ospf database database-summary command to display the number of each type of LSA in the database for each area and for the router. The command also displays the total number of LSAs in the database. This command has been modified. Syntax show ip ospf database database-summary Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1278 Wednesday, August 29, 2012 6:23 PM Total Shows Number of entries for all areas. Example The following example displays the number of each type of LSA in the database for each area and for the router. console#show ip ospf database database-summary OSPF Router with ID (5.5.5.5) Area 0.0.0.0 database summary Router......................................... 0 Network........................................ 0 Summary Net.................................... 0 Summary ASBR....
2CSPC4.X8100-SWUM100.book Page 1279 Wednesday, August 29, 2012 6:23 PM Router database summary Router......................................... 0 Network........................................ 0 Summary Net.................................... 0 Summary ASBR................................... 0 Type-7 Ext..................................... 0 Opaque Link.................................... 0 Opaque Area.................................... 0 Type-5 Ext.....................................
2CSPC4.X8100-SWUM100.book Page 1280 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example #1 The following example displays the information for the IFO object or virtual interface tables associated with VLAN 3. console#show ip ospf interface vlan 10 IP Address..................................... 1.1.1.1 Subnet Mask................................. 255.255.255.
2CSPC4.X8100-SWUM100.book Page 1281 Wednesday, August 29, 2012 6:23 PM Example #2 The following example shows the configuration of flood blocking. console#show ip ospf interface gi2/0/11 IP Address........................... 172.20.11.2 Subnet Mask.......................... 255.255.255.0 Secondary IP Address(es)............. OSPF Admin Mode...................... Enable OSPF Area ID......................... 0.0.0.0 OSPF Network Type.................... Point-to-Point Router Priority......................
2CSPC4.X8100-SWUM100.book Page 1282 Wednesday, August 29, 2012 6:23 PM Syntax show ip ospf interface brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays brief information for the IFO object or virtual interface tables.
2CSPC4.X8100-SWUM100.book Page 1283 Wednesday, August 29, 2012 6:23 PM show ip ospf interface stats Use the show ip ospf interface stats command in User EXEC mode to display the statistics for a specific interface. The information is only displayed if OSPF is enabled. Syntax show ip ospf interface stats vlan vlan-id • vlan-id — Valid VLAN ID. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1284 Wednesday, August 29, 2012 6:23 PM OSPF Interface Events.................................... 1 Virtual Events........................................... 0 Neighbor Events.......................................... 0 External LSA Count....................................... 0 show ip ospf neighbor Use the show ip ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors.
2CSPC4.X8100-SWUM100.book Page 1285 Wednesday, August 29, 2012 6:23 PM Example The following examples display information about OSPF neighbors on the specified Ethernet and IP interfaces. console#show ip ospf neighbor 3.3.3.3 Interface...................................... 0/25 Neighbor IP Address............................ 172.20.25.3 Interface Index................................ 25 Area Id........................................ 0.0.0.0 Options........................................
2CSPC4.X8100-SWUM100.book Page 1286 Wednesday, August 29, 2012 6:23 PM Field Description Dead timer The number of seconds until the dead timer expires. Up Time How long this adjacency has been in FULL state. State The current state of the adjacency. Events Incremented for the following events: • A DD is received from the neighbor with an MTU mismatch. • The neighbor sent an ACK for an LSA not on the neighbor's retransmit list. • The state of the adjacency changed.
2CSPC4.X8100-SWUM100.book Page 1287 Wednesday, August 29, 2012 6:23 PM Field Description Restart Helper Exit Reason One of the following values: • Restart Reason — When the router is in helpful neighbor mode, the output includes the restart reason the restarting router sent in its grace LSA. The Restart Reason is the value in the Graceful Restart Reason TLV in the grace LSA sent by the restarting router.
2CSPC4.X8100-SWUM100.book Page 1288 Wednesday, August 29, 2012 6:23 PM Syntax show ip ospf range area-id Field Descriptions Field Description area-id Identifies the OSPF area whose ranges are being displayed. (Range: IP address or decimal from 0–4294967295) Prefix The summary prefix. Subnet Mask The subnetwork mask of the summary prefix. Type S (Summary Link) or E (External Link) Action Advertise or Suppress Cost Metric to be advertised when the range is active.
2CSPC4.X8100-SWUM100.book Page 1289 Wednesday, August 29, 2012 6:23 PM show ip ospf statistics This command displays information about recent Shortest Path First (SPF) calculations. The SPF is the OSPF routing table calculation. The output lists the number of times the SPF has run for each OSPF area. A table follows this information. For each of the 15 most recent SPF runs, the table lists how long ago the SPF ran, how long the SPF took, and the reasons why the SPF was scheduled.
2CSPC4.X8100-SWUM100.book Page 1290 Wednesday, August 29, 2012 6:23 PM RIB Update The time from the completion of the routing table calculation until all changes have been made in the common routing table (the Routing Information Base, or RIB), in milliseconds. Reason The event or events that triggered the SPF.
2CSPC4.X8100-SWUM100.book Page 1291 Wednesday, August 29, 2012 6:23 PM 00:01:28 X 0 60 50 130 240 00:01:25 SN 0 30 50 110 310 00:01:22 SN 0 0 40 50 260 00:01:19 0 0 00:01:16 R, X 0 0 20 20 0 0 190 X 110 show ip ospf stub table Use the show ip ospf stub table command in Privileged EXEC mode to display the OSPF stub table. The information below will only be displayed if OSPF is initialized on the switch.
2CSPC4.X8100-SWUM100.book Page 1292 Wednesday, August 29, 2012 6:23 PM ------------- ---------------- 0.0.0.1 Normal ---------- ------------- 1 Enable show ip ospf traffic Use the show ip ospf traffic command in Privileged EXEC mode to display OSPFv2 packet and LSA statistics and OSPFv2 message queue statistics. Packet statistics count packets and LSAs since OSPFv2 counters were last cleared (using the clear ip ospf counters command.
2CSPC4.X8100-SWUM100.book Page 1293 Wednesday, August 29, 2012 6:23 PM Parameter Description OSPFv2 Queue Statistics For each OSPFv2 message queue, the current count, the high water mark, the number of packets that failed to be enqueued, and the queue limit. The high water marks are not cleared when OSPF counters are cleared. Default Configuration This command has no default setting.
2CSPC4.X8100-SWUM100.book Page 1294 Wednesday, August 29, 2012 6:23 PM Number of LSAs Received T1 (Router).......................10 T2 (Network)......................0 T3 (Net Summary)..................300 T4 (ASBR Summary).................15 T5 (External).....................20 T7 (NSSA External)................0 T9 (Link Opaque)..................0 T10 (Area Opaque).................0 T11 (AS Opaque)...................0 Total.............................
2CSPC4.X8100-SWUM100.book Page 1295 Wednesday, August 29, 2012 6:23 PM • area-id — Identifies the OSPF area whose ranges are being displayed. (Range: IP address or decimal from 0–4294967295) • neighbor-id — Identifies the neighbor’s router ID. (Range: Valid IP address) Default Configuration Show information for all OSPF Virtual Interfaces. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1296 Wednesday, August 29, 2012 6:23 PM Authentication Key............................. "test123" Authentication Key ID.......................... 100 show ip ospf virtual-links brief Use the show ip ospf virtual-link brief command in Privileged EXEC mode to display the OSPF Virtual Interface information for all areas in the system in table format.Syntax show ip ospf virtual-link brief Syntax Description This command has no arguments or keywords.
2CSPC4.X8100-SWUM100.book Page 1297 Wednesday, August 29, 2012 6:23 PM 0.0.0.2 10 5.5.5.5 40 5 1 show routing heap summary Use the show routing heap summary command in Privileged EXEC mode to display a summary of the memory allocation from the routing heap. The routing heap is a chunk of memory set aside when the system boots for use by the routing applications. Syntax show routing heap summary Parameter Description The command displays the following information.
2CSPC4.X8100-SWUM100.book Page 1298 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Examples The following shows example CLI display output for the command. console# show routing heap summary Heap Size....................... 92594000 bytes Memory In Use................... 149598 bytes (0%) Memory on Free List............. 78721 bytes (0%) Memory Available in Heap........ 92365249 bytes (99%) In Use High Water Mark..........
2CSPC4.X8100-SWUM100.book Page 1299 Wednesday, August 29, 2012 6:23 PM Command Mode OSPFv2 Global Configuration mode User Guidelines OSPF distributes routing information in Link State Advertisements (LSAs), which are bundled into Link State Update (LS Update) packets. To reduce the likelihood of sending a neighbor more packets than it can buffer, OSPF rate limits the transmission of LS Update packets. By default, OSPF sends up to 30 updates per second on each interface (1/the pacing interval).
2CSPC4.X8100-SWUM100.book Page 1300 Wednesday, August 29, 2012 6:23 PM allows OSPF to combine refreshed LSAs into a minimal number of LS Update packets. Minimizing the number of Update packets makes LSA distribution more efficient. When OSPF originates a new or changed LSA, it selects a random refresh delay for the LSA. When the refresh delay expires, OSPF refreshes the LSA.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1302 Wednesday, August 29, 2012 6:23 PM area virtual-link hello-interval ipv6 ospf mtuignore area virtual-link ipv6 ospf network retransmit-interval router-id show ipv6 ospf virtuallinks show ipv6 ospf show ipv6 ospf virtuallink brief area default-cost (Router OSPFv3) Use the area default-cost command in Router OSPFv3 Configuration mode to configure the monetary default cost for the stub area.
2CSPC4.X8100-SWUM100.book Page 1303 Wednesday, August 29, 2012 6:23 PM area nssa (Router OSPFv3) Use the area nssa command in Router OSPF Configuration mode to configure the specified area ID to function as an NSSA. If the area has not been previously created, this command creates the area and then applies the NSSA distinction. If the area already exists, the NSSA distinction is added or modified. Use the no form of the command to remove the NSSA distinction from the area.
2CSPC4.X8100-SWUM100.book Page 1304 Wednesday, August 29, 2012 6:23 PM Default Configuration If no metric is defined, 10 is the default configuration. The default role is candidate. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures not-so-stubby-area 10 as an NSSA.
2CSPC4.X8100-SWUM100.book Page 1305 Wednesday, August 29, 2012 6:23 PM • areaid — Valid OSPFv3 area identifier. • metric — Metric value for default route. (Range: 1-16777214) • comparable — Metric Type (nssa-external 1). • non-comparable — Metric Type (nssa-external 2). Default Configuration If no metric is defined, 10 is the default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1306 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the area 1 NSSA ABR so that learned external routes will not be redistributed to the NSSA.
2CSPC4.X8100-SWUM100.book Page 1307 Wednesday, August 29, 2012 6:23 PM Example The following example configures the area 1 NSSA so that summary LSAs are not advertised into the NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa no-summary area nssa translator-role Use the area nssa translator-role command in Router OSPFv3 Configuration mode to configure the translator role of the NSSA. Use the no form of the command to remove the configuration.
2CSPC4.X8100-SWUM100.book Page 1308 Wednesday, August 29, 2012 6:23 PM console(config-rtr)#area 1 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPFv3 Configuration mode to configure the translator stability interval of the NSSA. The stability interval is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router.
2CSPC4.X8100-SWUM100.book Page 1309 Wednesday, August 29, 2012 6:23 PM area range (Router OSPFv3) Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area. If the area has not been previously created, this command creates the area and then applies the range parameters. There are two types of area ranges. An area range can be configured to summarize intra-area routes.
2CSPC4.X8100-SWUM100.book Page 1310 Wednesday, August 29, 2012 6:23 PM User Guidelines The LSDB type must be specified by either summarylink or nssaexternallink, and the advertising of the area range can be allowed or suppressed. Example The following example creates an area range for the area 1 NSSA.
2CSPC4.X8100-SWUM100.book Page 1311 Wednesday, August 29, 2012 6:23 PM Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example creates a stub area for area 1. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub area stub no-summary Use the area stub no-summary command in Router OSPFv3 Configuration mode disable the import of Summary LSAs for the stub area identified by area-id.
2CSPC4.X8100-SWUM100.book Page 1312 Wednesday, August 29, 2012 6:23 PM Example The following example prevents Summary LSAs from being advertised into the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub no-summary area virtual-link Use the area virtual-link command in Router OSPFv3 Configuration mode to create the OSPF virtual interface for the specified area-id and neighbor router.
2CSPC4.X8100-SWUM100.book Page 1313 Wednesday, August 29, 2012 6:23 PM Default Configuration Parameter Default area-id No area ID is predefined. router-id No router ID is predefined. hello-interval seconds 10 seconds retransmit-interval seconds 5 seconds transmit-delay seconds 1 second dead-interval seconds 40 seconds Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1314 Wednesday, August 29, 2012 6:23 PM area virtual-link dead-interval Use the area virtual-link dead-interval command in Router OSPFv3 Configuration mode to configure the dead interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor. Syntax area areaid virtual-link neighbor dead-interval seconds no area areaid virtual-link neighbor dead-interval • areaid — Valid OSPFv3 area identifier. • neighbor — Router ID of neighbor.
2CSPC4.X8100-SWUM100.book Page 1315 Wednesday, August 29, 2012 6:23 PM Syntax area areaid virtual-link neighbor hello-interval seconds no area areaid virtual-link neighbor hello-interval • areaid — Valid OSPFv3 area identifier. • neighbor — Router ID of neighbor. • seconds — Hello interval. (Range: 1-65535) Default Configuration 10 is the default value for seconds. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1316 Wednesday, August 29, 2012 6:23 PM • neighbor — Router ID of neighbor. • seconds — Retransmit interval. (Range: 0-3600) Default Configuration 5 is the default value for seconds. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the retransmit interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor.
2CSPC4.X8100-SWUM100.book Page 1317 Wednesday, August 29, 2012 6:23 PM Default Configuration 1 is the default value for seconds. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 20-second transmit delay for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor.
2CSPC4.X8100-SWUM100.book Page 1318 Wednesday, August 29, 2012 6:23 PM Parameter Description metric-value The metric (or preference) value of the default route. (Range: 1–16777214) type-value 1 External type-1 route. 2 External type-2 route. Default Configuration The default metric is none and the default type is 2. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1319 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a default of 100 for the metric of distributed routes. console(config)#ipv6 router ospf console(config-rtr)#default-metric 100 distance ospf The distance ospf command sets the preference values of OSPF route types in the router.
2CSPC4.X8100-SWUM100.book Page 1320 Wednesday, August 29, 2012 6:23 PM Command Mode Router OSPF Configuration mode. Router OSPFv3 Configuration mode. User Guidelines There are no user guidelines for this command. Example The following example sets a route preference value of 100 for intra OSPF in the router.
2CSPC4.X8100-SWUM100.book Page 1321 Wednesday, August 29, 2012 6:23 PM console(config)#ipv6 router ospf console(config-rtr)#enable exit-overflow-interval Use the exit-overflow-interval command in Router OSPFv3 Configuration mode to configure the exit overflow interval for OSPF. It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the Overflow State. This allows the router to originate non-default AS-external-LSAs again.
2CSPC4.X8100-SWUM100.book Page 1322 Wednesday, August 29, 2012 6:23 PM external-lsdb-limit Use the external-lsdb-limit command in Router OSPFv3 Configuration mode to configure the external LSDB limit for OSPF. If the value is -1, then there is no limit. When the number of non-default AS-external-LSAs in a router's link-state database reaches the external LSDB limit, the router enters overflow state. The router never holds more than the external LSDB limit non-default AS-external- LSAs in it database.
2CSPC4.X8100-SWUM100.book Page 1323 Wednesday, August 29, 2012 6:23 PM Syntax ipv6 ospf no ipv6 ospf Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example enables OSPF on VLAN 15.
2CSPC4.X8100-SWUM100.book Page 1324 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example defines the OSPF area to which VLAN 15 belongs. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf area 100 ipv6 ospf cost Use the ipv6 ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface.
2CSPC4.X8100-SWUM100.book Page 1325 Wednesday, August 29, 2012 6:23 PM console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf cost 100 ipv6 ospf dead-interval Use the ipv6 ospf dead-interval command in Interface Configuration mode to set the OSPF dead interval for the specified interface.
2CSPC4.X8100-SWUM100.book Page 1326 Wednesday, August 29, 2012 6:23 PM ipv6 ospf hello-interval Use the ipv6 ospf hello-interval command in Interface Configuration mode to set the OSPF hello interval for the specified interface. Syntax ipv6 ospf hello-interval seconds no ipv6 ospf hello-interval • seconds — A valid positive integer which represents the length of time of the OSPF hello interval. The value must be the same for all routers attached to a network.
2CSPC4.X8100-SWUM100.book Page 1327 Wednesday, August 29, 2012 6:23 PM no ipv6 ospf mtu-ignore Default Configuration The default state is Disabled. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface. When a router receives a Database Description packet, it examines the MTU advertised by the neighbor.
2CSPC4.X8100-SWUM100.book Page 1328 Wednesday, August 29, 2012 6:23 PM Default Configuration The default state is point-to-point. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines Normally, the network type is determined from the physical IP network type. By default all Ethernet networks are OSPF-type broadcast. Similarly, tunnel interfaces default to point-to-point.
2CSPC4.X8100-SWUM100.book Page 1329 Wednesday, August 29, 2012 6:23 PM Default Configuration 1, the highest router priority, is the default value. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example sets the OSPF priority at 50 for VLAN 15.
2CSPC4.X8100-SWUM100.book Page 1330 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example sets the OSPF retransmit interval at 100 seconds. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf retransmitinterval 100 ipv6 ospf transmit-delay Use the ipv6 ospf transmit-delay command in Interface Configuration mode to set the OSPF Transmit Delay for the specified interface.
2CSPC4.X8100-SWUM100.book Page 1331 Wednesday, August 29, 2012 6:23 PM console(config-if-vlan15)#ipv6 ospf transmit-delay 100 ipv6 router ospf Use the ipv6 router ospf command in Global Configuration mode to enter Router OSPFv3 Configuration mode. Syntax ipv6 router ospf Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example Use the following command to enable OSPFv3.
2CSPC4.X8100-SWUM100.book Page 1332 Wednesday, August 29, 2012 6:23 PM Default Configuration 2 is the default value for maxpaths. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the number of paths that OSPF can report for a destination to 1. console(config)#ipv6 router ospf console(config-rtr)#maximum-paths 1 nsf Use this command to enable OSPF graceful restart.
2CSPC4.X8100-SWUM100.book Page 1333 Wednesday, August 29, 2012 6:23 PM Command Mode Router OSPFv3 Configuration mode User Guidelines Graceful restart works in concert with nonstop forwarding to enable the hardware to continue forwarding IPv6 packets using OSPFv3 routes while a backup unit takes over management unit responsibility. When OSPF executes a graceful restart, it informs its neighbors that the OSPF control plane is restarting, but that it will be back shortly.
2CSPC4.X8100-SWUM100.book Page 1334 Wednesday, August 29, 2012 6:23 PM User Guidelines The grace LSA announcing the graceful restart includes a restart reason. Reasons 1 (software restart) and 2 (software reload/upgrade) are considered planned restarts. Reasons 0 (unknown) and 3 (switch to redundant control processor) are considered unplanned restarts. nsf ietf helper disable is functionally equivalent to no nsf helper and is supported solely for IS CLI compatibility.
2CSPC4.X8100-SWUM100.book Page 1335 Wednesday, August 29, 2012 6:23 PM A helpful neighbor considers a link down with the restarting router to be a topology change, regardless of the strict LSA checking configuration. nsf restart-interval Use the nsf restart-interval command to configure the length of the grace period on the restarting router. Use the “no” form of this command to revert the grace period to its default.
2CSPC4.X8100-SWUM100.book Page 1336 Wednesday, August 29, 2012 6:23 PM Syntax passive-interface {vlan vlan-id | tunnel tunnel-id} no passive-interface {vlan vlan-id | tunnel tunnel-id} • vlan-id — The vlan number • tunnel-id — Tunnel identifier. (Range: 0–7) Default Configuration Passive interface mode is disabled by default. Command Mode Router OSPFv3 Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1337 Wednesday, August 29, 2012 6:23 PM Command Mode Router OSPFv3 Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-rtr)#passive-interface default redistribute Use the redistribute command in Router OSPFv3 Configuration mode to configure the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers.
2CSPC4.X8100-SWUM100.book Page 1338 Wednesday, August 29, 2012 6:23 PM console(config)#ipv6 router ospf console(config-rtr)#redistribute connected router-id Use the router-id command in Router OSPFv3 Configuration mode to set a 4-digit dotted-decimal number uniquely identifying the Router OSPF ID. Syntax router-id router-id • router-id — Router OSPF identifier. (Range: 0-4294967295) Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1339 Wednesday, August 29, 2012 6:23 PM area-id — Identifier for the OSPF area being displayed. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines Some of the information below displays only if you enable OSPF and configure certain features.
2CSPC4.X8100-SWUM100.book Page 1340 Wednesday, August 29, 2012 6:23 PM Always When this option is configured, OSPF only originates a default route when the router has learned a default route from another source. Metric Shows the metric for the advertised default routes. If the metric is not configured, this field is not configured. Metric Type Shows whether the metric for the default route is advertised as External Type 1 or External Type 2.
2CSPC4.X8100-SWUM100.book Page 1341 Wednesday, August 29, 2012 6:23 PM LSA Count The number of LSAs in the link state database. Maximum Number The limit on the number of LSAs that the router can store in its of LSAs link state database. LSA High Water Mark The maximum number of LSAs that have been in the link state database since OSPF began operation. Retransmit List Entries The current number of entries on all neighbors’ retransmit lists.
2CSPC4.X8100-SWUM100.book Page 1342 Wednesday, August 29, 2012 6:23 PM Tag Shows the decimal value attached to each external route. Subnets When this option is not configured, OSPF will only redistribute classful prefixes. Distribute-List Shows the access list used to filter redistributed routes. Example The following example enables OSPF traps. console#show ipv6 ospf Router ID...................................... 0.0.0.2 OSPF Admin Mode................................ Enable ASBR Mode..............
2CSPC4.X8100-SWUM100.book Page 1343 Wednesday, August 29, 2012 6:23 PM Metric......................................... Metric Type.................................... External Type 2 NSF Support.................................... Disabled NSF Restart Interval........................... 120 seconds NSF Helper Support............................. Always NSF Helper Strict LSA Checking.................
2CSPC4.X8100-SWUM100.book Page 1344 Wednesday, August 29, 2012 6:23 PM Type Hop Router Id Cost Area ID Next Hop Next Intf ------- ------------ ---- -------- ------------------- INTRA 3.3.3.3 3CB3 vlan11 10 0.0.0.1 FE80::211:88FF:FE2A: INTRA 4.4.4.4 8E1 vlan12 10 0.0.0.1 FE80::210:18FF:FE82: show ipv6 ospf area Use the show ipv6 ospf area command in Privileged EXEC mode to display information about the area.
2CSPC4.X8100-SWUM100.book Page 1345 Wednesday, August 29, 2012 6:23 PM External Routing.............................. Import External LSAs Spf Runs...................................... 0 Area Border Router Count...................... 0 Area LSA Count................................ 0 Area LSA Checksum............................. 0 Stub Mode..................................... Disable Import Summary LSAs...........................
2CSPC4.X8100-SWUM100.book Page 1346 Wednesday, August 29, 2012 6:23 PM show ipv6 ospf border-routers Use the show ipv6 ospf command to display internal OSPFv3 routes to reach Area Border Routers (ABR) and Autonomous System Boundary Routers (ASBR). This command takes no options. Syntax show ipv6 ospf border-routers Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1347 Wednesday, August 29, 2012 6:23 PM • prefix — Displays intra-area Prefix LSA. • router — Displays router LSAs. • unknown — Displays unknown area, AS or link-scope LSAs. • link-state-id — Specifies a valid link state identifier (LSID). • adv-router — Shows the LSAs that are restricted by the advertising router. • router-id — Specifies a valid router identifier. • self-originate — Displays the LSAs in that are self originated.
2CSPC4.X8100-SWUM100.book Page 1348 Wednesday, August 29, 2012 6:23 PM Network Link States (Area 0.0.0.0) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------ ------2.2.2.2 6E--R- 636 636 80000001 8B0D V Inter Network States (Area 0.0.0.0) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------ ------1.1.1.1 1 323 80000001 3970 2.2.2.2 1 322 80000001 1B8A 1.1.1.
2CSPC4.X8100-SWUM100.book Page 1349 Wednesday, August 29, 2012 6:23 PM Intra Prefix States (Area 0.0.0.0) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------ ------1.1.1.1 0 1 8000003C 9F31 2.2.2.2 0 2 8000004D 9126 Router Link States (Area 0.0.0.1) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------ ------1.1.1.1 6E--R- --V-B 0 1 8000002E 35AD V 2.2.2.
2CSPC4.X8100-SWUM100.book Page 1350 Wednesday, August 29, 2012 6:23 PM Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------ ------1.1.1.1 16 4 80000001 CA7C 2.2.2.2 18 3 80000001 B28D Link States (Area 0.0.0.1) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------ ------1.1.1.1 6E--R- 634 441 80000003 B877 V 2.2.2.2 6E--R- 634 433 80000003 FE6E V Intra Prefix States (Area 0.0.
2CSPC4.X8100-SWUM100.book Page 1351 Wednesday, August 29, 2012 6:23 PM show ipv6 ospf database database-summary Use the show ipv6 ospf database database-summary command in Privileged EXEC mode to display the number of each type of LSA in the database and the total number of LSAs in the database. Syntax show ipv6 ospf database database-summary Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1352 Wednesday, August 29, 2012 6:23 PM Link........................................... 0 Intra-area Prefix.............................. 0 Link Unknown................................... 0 Area Unknown................................... 0 AS Unknown..................................... 0 Type-5 Ext..................................... 0 Self-Originated Type-5 Ext..................... 0 Total..........................................
2CSPC4.X8100-SWUM100.book Page 1353 Wednesday, August 29, 2012 6:23 PM Example The following example displays the information in VLAN 11’s virtual interface tables. console#show ipv6 ospf interface vlan 11 IP Address..................................... Err ifIndex........................................ 1 OSPF Admin Mode................................ Enable OSPF Area ID................................... 0.0.0.0 Router Priority................................ 1 Retransmit Interval.......................
2CSPC4.X8100-SWUM100.book Page 1354 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays brief ospf interface information. console#show ipv6 ospf interface brief Admin Interface Mode Hello Dead Retrax Int. Int. Int. Retrax Ack Prior. Cost Val. Val. Val.
2CSPC4.X8100-SWUM100.book Page 1355 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays the interface statistics for VLAN 5. console>show ipv6 ospf interface stats vlan 5 OSPFv3 Area ID................................. 0.0.0.1 Spf Runs....................................... 265 Area Border Router Count....................... 1 AS Border Router Count......................... 0 Area LSA Count.................................
2CSPC4.X8100-SWUM100.book Page 1356 Wednesday, August 29, 2012 6:23 PM No Neighbor at Source Address.................. 0 Invalid OSPF Packet Type.......................
2CSPC4.X8100-SWUM100.book Page 1357 Wednesday, August 29, 2012 6:23 PM IPv6 Address............................. FE80::2FC:E3FF:FE90:44 ifIndex.................................. 634 OSPF Admin Mode.......................... Enable OSPF Area ID............................. 0.0.0.1 Router Priority.......................... 1 Retransmit Interval...................... 5 Hello Interval........................... 10 Dead Interval............................ 40 LSA Ack Interval.........................
2CSPC4.X8100-SWUM100.book Page 1358 Wednesday, August 29, 2012 6:23 PM Syntax show ipv6 ospf neighbor [interface-type interface-number] [neighbor-id] Syntax Description Parameter Description interface-type Interface type, vlan or tunnel. interface-number A valid interface number, a valid VLAN ID or tunnel identifier. (Range is 0-7). neighbor-id Valid IP address of the neighbor about which information is displayed. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1359 Wednesday, August 29, 2012 6:23 PM IP Address..................................... Err ifIndex........................................ 619 OSPF Admin Mode................................ Enable OSPF Area ID................................... 0.0.0.0 Router Priority................................ 1 Retransmit Interval............................ 5 Hello Interval................................. 10 Dead Interval.................................. 40 LSA Ack Interval.......
2CSPC4.X8100-SWUM100.book Page 1360 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays information about the area ranges for area 1.
2CSPC4.X8100-SWUM100.book Page 1361 Wednesday, August 29, 2012 6:23 PM console#show ipv6 ospf stub table AreaId SummaryLSA TypeofService Metric Val Import ------------ ------------------ ---------- ----------- 0.0.0.10 Normal 1 Enable show ipv6 ospf virtual-links Use the show ipv6 ospf virtual-links command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor or for all areas in the system.
2CSPC4.X8100-SWUM100.book Page 1362 Wednesday, August 29, 2012 6:23 PM Neighbor Router ID............................. 1.1.1.1 Hello Interval................................. 10 Dead Interval.................................. 40 Iftransit Delay Interval....................... 1 Retransmit Interval............................ 5 State.......................................... point-to-point Metric......................................... 10 Neighbor State.................................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1365 Wednesday, August 29, 2012 6:23 PM Router Discovery Protocol Commands 59 Routers can be configured to periodically send router discovery messages to announce their presence to locally attached hosts. The router discovery message advertises one or more IP addresses on the router that hosts can use as their default gateway.
2CSPC4.X8100-SWUM100.book Page 1366 Wednesday, August 29, 2012 6:23 PM Syntax Description Parameter Description multicast Configure the address that the interface uses to send the router discovery advertisements to be 224.0.0.1, the all-hosts IP multicast address. Use the no form of the command to use 255.255.255.255, the limited broadcast address. holdtime seconds Integer value in seconds of the holdtime field of the router advertisement sent from this interface.
2CSPC4.X8100-SWUM100.book Page 1367 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example enables router discovery on the selected interface. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp ip irdp address Use the ip irdp address command in Interface Configuration mode to configure the address that the interface uses to send the router discovery advertisements.
2CSPC4.X8100-SWUM100.book Page 1368 Wednesday, August 29, 2012 6:23 PM Example The following example sets the limited broadcast address as the IP address for router discovery advertisements. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp address 255.255.255.255 ip irdp holdtime Use the ip irdp holdtime command in Interface Configuration mode to configure the value, in seconds, of the holdtime field of the router advertisement sent from this interface.
2CSPC4.X8100-SWUM100.book Page 1369 Wednesday, August 29, 2012 6:23 PM console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp holdtime 2000 ip irdp maxadvertinterval Use the ip irdp maxadvertinterval command in Interface Configuration mode to configure the maximum time, in seconds, allowed between sending router advertisements from the interface. Use the no form of the command to set the time to the default value.
2CSPC4.X8100-SWUM100.book Page 1370 Wednesday, August 29, 2012 6:23 PM Example The following example sets maximum advertisement interval at 600 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp maxadvertinterval 600 ip irdp minadvertinterval Use the ip irdp minadvertinterval command in Interface Configuration mode to configure the minimum time, in seconds, allowed between sending router advertisements from the interface.
2CSPC4.X8100-SWUM100.book Page 1371 Wednesday, August 29, 2012 6:23 PM console(config-if-vlan15)#ip irdp minadvertinterval 100 ip irdp multicast To send router advertisements as IP multicast packets, use the ip irdp multicast command in Interface Configuration mode. To send router advertisements to the limited broadcast address (255.255.255.255), use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1372 Wednesday, August 29, 2012 6:23 PM ip irdp preference Use the ip irdp preference command in Interface Configuration mode to configure the preference of the address as a default router address relative to other router addresses on the same subnet. Use the no form of the command to set the preference to the default value.
2CSPC4.X8100-SWUM100.book Page 1373 Wednesday, August 29, 2012 6:23 PM • vlan-id — Valid VLAN ID Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example shows router discovery information for VLAN 15.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1375 Wednesday, August 29, 2012 6:23 PM Routing Information Protocol Commands 60 The Routing Information Protocol (RIP) has been a long-standing protocol used by routers for exchanging route information. RIP is a distance vector protocol whereby each route is characterized by the number of gateways, or hops, a packet must traverse to reach its intended destination. Categorized as an interior gateway protocol, RIP operates within the scope of an autonomous system.
2CSPC4.X8100-SWUM100.book Page 1376 Wednesday, August 29, 2012 6:23 PM Syntax auto-summary no auto-summary Default Configuration Disabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#auto-summary default-information originate (Router RIP Configuration) Use the default-information originate command in Router RIP Configuration mode to control the advertisement of default routes.
2CSPC4.X8100-SWUM100.book Page 1377 Wednesday, August 29, 2012 6:23 PM User Guidelines Only routers that actually have Internet connectivity should advertise a default route. All other routers in the network should learn the default route from routers that have connections out to the Internet. Example console(config-router)#default-information originate default-metric Use the default-metric command in Router RIP Configuration mode to set a default for the metric of distributed routes.
2CSPC4.X8100-SWUM100.book Page 1378 Wednesday, August 29, 2012 6:23 PM distance rip Use the distance rip command in Router RIP Configuration mode to set the route preference value of RIP in the router. Lower route preference values are preferred when determining the best route. Use the no form of the command to return the preference to the default value. Syntax distance rip integer no distance rip • integer — RIP route preference. (Range: 1-255) Default Configuration 15 is the default configuration.
2CSPC4.X8100-SWUM100.book Page 1379 Wednesday, August 29, 2012 6:23 PM no distribute-list accesslistname out {ospf | static | connected} • accesslistname — The name used to identify the existing ACL. The range is 1-31 characters. • ospf — Apply the specific access list when OSPF is the source protocol. • static — Apply the specified access list when packets come through a static route. • connected — Apply the specified access list when packets come from a directly connected route.
2CSPC4.X8100-SWUM100.book Page 1380 Wednesday, August 29, 2012 6:23 PM Default Configuration Enabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#enable hostroutesaccept Use the hostroutesaccept command in Router RIP Configuration mode to enable the RIP hostroutesaccept mode. Use the no form of the command to disable the RIP hostroutesaccept mode.
2CSPC4.X8100-SWUM100.book Page 1381 Wednesday, August 29, 2012 6:23 PM ip rip Use the ip rip command in Interface Configuration mode to enable RIP on a router interface. Use the no form of the command to disable RIP on the interface. Syntax ip rip no ip rip Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1382 Wednesday, August 29, 2012 6:23 PM • simple—Use simple authentication on the VLAN. • key — Authentication key for the VLAN. (Range: 16 bytes or less) • encrypt — Use MD5 encryption for the RIP interface. • key-id — Authentication key identifier for authentication type encrypt. (Range: 0-255) Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1383 Wednesday, August 29, 2012 6:23 PM • none — Do not allow any RIP control packets to be received. Default Configuration Both is the default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example allows no RIP control packets to be received by VLAN 11.
2CSPC4.X8100-SWUM100.book Page 1384 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example allows no RIP control packets to be sent by VLAN 11. console(config-if-vlan11)#ip rip send version none redistribute The redistribute command configures RIP protocol to redistribute routes from the specified source protocol/routers. If the source protocol is OSPF, there are five possible match options.
2CSPC4.X8100-SWUM100.book Page 1385 Wednesday, August 29, 2012 6:23 PM • connected — Redistributes directly-connected routes. Default Configuration metric integer — not configured match — internal Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1386 Wednesday, August 29, 2012 6:23 PM Example The following example enters Router RIP mode. console(config)#router rip console(config-router)# show ip rip Use the show ip rip command in Privileged EXEC mode to display information relevant to the RIP router. Syntax show ip rip Default Configuration The command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1387 Wednesday, August 29, 2012 6:23 PM Global route changes........................... 0 Global queries................................. 0 Default Metric................................. 12 Default Route Advertise........................ 0 Redistributing................................. Source......................................... Connected Metric......................................... 2 Distribute List................................ Not configured Redistributing......
2CSPC4.X8100-SWUM100.book Page 1388 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays information related to the VLAN 15 RIP interface. console#show ip rip interface vlan 15 Interface...................................... 15 IP Address..................................... ----Send version................................... RIP-2 Receive version..............
2CSPC4.X8100-SWUM100.book Page 1389 Wednesday, August 29, 2012 6:23 PM Syntax show ip rip interface brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays general information for each RIP interface.
2CSPC4.X8100-SWUM100.book Page 1390 Wednesday, August 29, 2012 6:23 PM Syntax split-horizon {none | simple | poison} no split-horizon • none — RIP does not use split horizon to avoid routing loops. • simple — RIP uses split horizon to avoid routing loops. • poison — RIP uses split horizon with poison reverse (increases routing packet update size). Default Configuration Simple is the default configuration. Command Mode Router RIP Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1391 Wednesday, August 29, 2012 6:23 PM Tunnel Interface Commands 61 PowerConnect provides for the creation, deletion, and management of tunnel interfaces. They are dynamic interfaces that are created and deleted by user configuration. Tunnel interfaces are used for the following purposes. • IPv4 tunnels • IPv6 tunnels Each router interface (port or VLAN interface) may have associated tunnel interfaces. Each interface can have multiple tunnel interfaces.
2CSPC4.X8100-SWUM100.book Page 1392 Wednesday, August 29, 2012 6:23 PM interface tunnel Use the interface tunnel command in Global Configuration mode to enter the interface configuration mode for a tunnel. Syntax interface tunnel tunnel-id no interface tunnel tunnel-id • tunnel-id — Tunnel identifier. (Range: 0–7) Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1393 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Examples The following examples show the parameters related to an individual tunnel and to all tunnel interfaces. console#show interfaces tunnel 1 Interface Link Status.......................... down MTU size.......................................
2CSPC4.X8100-SWUM100.book Page 1394 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (Tunnel) mode. User Guidelines This command has no user guidelines. Example The following example specifies the destination transport address of tunnel 1. console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel destination 10.1.1.1 tunnel mode ipv6ip Use the tunnel mode ipv6ip command in Interface Configuration mode to specify the mode of the tunnel.
2CSPC4.X8100-SWUM100.book Page 1395 Wednesday, August 29, 2012 6:23 PM console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel mode ipv6ip console(config-if-tunnel1)#tunnel mode ipv6ip 6to4 tunnel source Use the tunnel source command in Interface Configuration mode to specify the source transport address of the tunnel, either explicitly or by reference to an interface.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1397 Wednesday, August 29, 2012 6:23 PM 62 Virtual Router Redundancy Protocol Commands An end station running IP needs to know the address of its first hop router. While some network administrators choose to install dynamic router discovery protocols such as DHCP, others prefer to statically allocate router addresses. If the router identified by such a statically allocated address goes down, the end station loses connectivity.
2CSPC4.X8100-SWUM100.book Page 1398 Wednesday, August 29, 2012 6:23 PM RFC defines a new configuration option that allows the router to accept any packet sent to a VRRP address, regardless of whether the VRRP Master is the address owner. The Pingable VRRP Interface feature, when enabled, allows the VRRP master to respond to both fragmented and unfragmented ICMP echo requests packets destined to a VRRP address (or addresses). A virtual router in backup state discards these.
2CSPC4.X8100-SWUM100.book Page 1399 Wednesday, August 29, 2012 6:23 PM Interface Tracking For interface tracking, VRRP is a routing event client. When a routing interface goes up or down (or routing is disabled globally, implying all routing interfaces are down), VRRP checks if the interface is tracked. If so, it adjusts the priority. Interface tracking is useful for tracking interfaces that are not configured for VRRP. Only IP interfaces are tracked.
2CSPC4.X8100-SWUM100.book Page 1400 Wednesday, August 29, 2012 6:23 PM Virtual Router Redundancy Protocol Commands ip vrrp Use the ip vrrp command in Global Configuration mode to enable the administrative mode of VRRP for the router. Use the no form of the command to disable the administrative mode of VRRP for the router. Syntax ip vrrp no ip vrrp Default Configuration VRRP is disabled by default. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1401 Wednesday, August 29, 2012 6:23 PM • vrid — Virtual router identification. (Range: 1-255) Default Configuration The default configuration is disabled. Command Mode Interface Configuration (VLAN) mode. User Guidelines The VRRP IP address is not pingable from within the switch. vrrp authentication Use the vrrp authentication command in Interface Configuration mode to set the authentication details value for the virtual router configured on a specified interface.
2CSPC4.X8100-SWUM100.book Page 1402 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the authorization details value for VRRP router group 5 on VLAN 15.
2CSPC4.X8100-SWUM100.book Page 1403 Wednesday, August 29, 2012 6:23 PM User Guidelines This command accepts any printable characters for the name. Descriptions containing spaces must be wrapped with quotes. Example The following example creates virtual router group 5 on VLAN 15 and configures its description.
2CSPC4.X8100-SWUM100.book Page 1404 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines The virtual router IP addresses must be a valid host address on the local subnet based on the IP address and subnet mask configured on the VLAN interface. The VRRP IP address cannot be either the broadcast address or a network address. To configure vrrp, perform the following steps: 1 Enable ip routing in global configuration mode. 2 Enable ip vrrp globally.
2CSPC4.X8100-SWUM100.book Page 1405 Wednesday, August 29, 2012 6:23 PM vrrp mode Use the vrrp mode command in Interface Configuration mode to enable the virtual router configured on an interface. Enabling the status field starts a virtual router. Use the no form of the command to disable the virtual router. Syntax vrrp vr-id mode no vrrp vr-id mode • vr-id — The virtual router identifier. (Range: 1-255) Default Configuration Disabled is the default configuration.
2CSPC4.X8100-SWUM100.book Page 1406 Wednesday, August 29, 2012 6:23 PM Syntax Description Parameter Description group The virtual router identifier. (Range: 1-255) seconds The number of seconds the VRRP router will wait before issuing an advertisement claiming master ownership. Default Configuration Enabled is the default configuration. Delay defaults to 0 seconds. Command Mode Interface Configuration (VLAN) mode.
2CSPC4.X8100-SWUM100.book Page 1407 Wednesday, August 29, 2012 6:23 PM no vrrp group priority level • group — The virtual router identifier. (Range: 1-255) • level — Priority value for the interface. (Range: 1-254) Default Configuration Priority has a default value of 100. Command Mode Interface Configuration (VLAN) mode. User Guidelines The VRRP router with the highest numerical value for priority will become the VR master.
2CSPC4.X8100-SWUM100.book Page 1408 Wednesday, August 29, 2012 6:23 PM Default Configuration Interval has a default value of 1. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the frequency at which the VLAN 15 virtual router 5 sends a virtual router advertisement.
2CSPC4.X8100-SWUM100.book Page 1409 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following configures VLAN 15 virtual router to learn the advertisement interval used by the master virtual router. console(config-if-vlan15)#vrrp 5 timers learn vrrp track interface Use the vrrp track interface command in Interface Configuration mode to alter the priority of the VRRP router based on the availability of its interfaces.
2CSPC4.X8100-SWUM100.book Page 1410 Wednesday, August 29, 2012 6:23 PM Syntax Description Parameter Description group The virtual router identifier. (Range: 1-255) vlan vlan-id Valid VLAN ID. Priority decrement value for the tracked interface. (Range: 1- priority 254) Default Configuration No interfaces are tracked. The default decrement priority is 10. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1411 Wednesday, August 29, 2012 6:23 PM Use the no form of this command to remove the route from the tracked list or to restore the priority decrement to its default. When removing a tracked IP route from the tracked list, priority should be incremented by the decrement value if the route is not reachable.
2CSPC4.X8100-SWUM100.book Page 1412 Wednesday, August 29, 2012 6:23 PM show vrrp Use the show vrrp command in User EXEC or Privileged EXEC mode to display the global VRRP configuration and status as well as the brief or detailed status of one or all VRRP groups. Syntax show vrrp [brief | group] Syntax Description Parameter Description group The virtual router group identifier. Range 1-255. brief Provide a summary view of the VRRP group information.
2CSPC4.X8100-SWUM100.book Page 1413 Wednesday, August 29, 2012 6:23 PM Vlan 7 – Group 1 Primary IP Address............................. 192.168.5.55 VMAC Address................................... 0000.5E00.0101 Authentication Type............................ None Priority....................................... 60 Configured Priority............................ 100 Advertisement Interval (secs).................. 10 Accept Mode.................................... Enable Pre-empt Mode........................
2CSPC4.X8100-SWUM100.book Page 1414 Wednesday, August 29, 2012 6:23 PM Track Route Reachable ......................... False Track Route DecrementPriority ................. 20 Vlan 7 – Group 2 Primary IP Address............................. 192.168.5.65 VMAC Address................................... 0000.5E00.0202 Authentication Type............................ None Priority....................................... 60 Configured Priority............................ 100 Advertisement Interval (secs).......
2CSPC4.X8100-SWUM100.book Page 1415 Wednesday, August 29, 2012 6:23 PM Track Route (pfx/len) ......................... 10.10.10.0/24 Track Route Reachable ......................... False Track Route DecrementPriority ................. 20 console#show vrrp brief Interface Grp Prio IP Address Mode State --------- --- ---- -------------- ------ ------------ V1 1 2 60 0.0.0.0 Disable Initialize V1 2 5 70 192.168.5.
2CSPC4.X8100-SWUM100.book Page 1416 Wednesday, August 29, 2012 6:23 PM Command Mode User EXEC, Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the VLAN 15 virtual router. console#show vrrp interface vlan 7 Vlan 7 – Group 1 Primary IP Address........................... 192.168.5.55 VMAC Address................................ 0000.5E00.0101 Authentication Type.........
2CSPC4.X8100-SWUM100.book Page 1417 Wednesday, August 29, 2012 6:23 PM vlan2 5 192.168.5.55 Enable Initialize The following example displays all statistical information about the VLAN 15 virtual router. console#show vrrp interface vlan 15 stats Vlan 15 – Group 5 UpTime........................... 0 days 0 hrs 0 mins 0 secs Protocol....................................... IP State Transitioned to Master................... 0 Advertisement Received......................... 0 Advertisement Interval Errors..
2CSPC4.X8100-SWUM100.book Page 1418 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the virtual router on the selected interface. console#show vrrp interface brief Interface VRID IP Address Mode --------- ---- -------------- ------ State ------------ vlan1 2 0.0.0.0 Disable Initialize vlan2 5 192.168.5.
2CSPC4.X8100-SWUM100.book Page 1419 Wednesday, August 29, 2012 6:23 PM Example The following example displays all statistical information about the VLAN 15 virtual router. console#show vrrp interface stats vlan 15 5 UpTime..................... 0 days 0 hrs 0 mins 0 secs Protocol....................................... IP State Transitioned to Master................... 0 Advertisement Received......................... 0 Advertisement Interval Errors.................. 0 Authentication Failure.................
2CSPC4.X8100-SWUM100.book Page 1420 Wednesday, August 29, 2012 6:23 PM no vrrp vrid accept-mode • vrid — Virtual router identification. (Range: 1-255) Default Configuration The default configuration is disabled. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. show ip vrrp interface Use the show ip vrrp interface command in User EXEC or Privileged EXEC mode to display the configured value for Accept Mode.
2CSPC4.X8100-SWUM100.book Page 1421 Wednesday, August 29, 2012 6:23 PM Example The following example displays all configuration information about the VLAN 15 virtual router. console#show ip vrrp interface vlan2 1 Primary IP Address........................... 10.10.10.1 VMAC Address............................. 00:00:5E:00:01:01 Authentication Type............................ None Priority....................................... 100 Configured Priority............................
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1425 Wednesday, August 29, 2012 6:23 PM Auto-Install Commands 64 Auto-Install provides automatic update of the image and configuration of PowerConnect devices on boot up from a TFTP server as controlled by received DHCP options. It plays a critical role in the PowerConnect offering of touchless or low-touch provisioning, in which configuration and imaging of a device is greatly simplified.
2CSPC4.X8100-SWUM100.book Page 1426 Wednesday, August 29, 2012 6:23 PM 4 Support for the Auto-Install process from a TFTP server operationally enabling the DHCP client on designated management interfaces during the Auto-Install process. The end user configuration remains unchanged. Management interfaces include the out-of-band interface or routing interfaces in a saved config.
2CSPC4.X8100-SWUM100.book Page 1427 Wednesday, August 29, 2012 6:23 PM Command Mode Global Config User Guidelines The configuration on the master switch controls the stack as if it is a single switch. No configuration steps need to be taken on the member switches to synchronize the firmware.
2CSPC4.X8100-SWUM100.book Page 1428 Wednesday, August 29, 2012 6:23 PM boot host autoreboot Use the boot host autoreboot command in Global Configuration mode to enable rebooting the device (no administrative intervention) when the autoimage is successfully downloaded. Use the no form of this command to disable rebooting the device (no administrative intervention) when the autoimage is successfully downloaded.
2CSPC4.X8100-SWUM100.book Page 1429 Wednesday, August 29, 2012 6:23 PM boot host autosave Use the boot host autosave command in Global Configuration mode to enable automatically saving the downloaded configuration on the switch. Use the no form of this command to disable automatically saving the downloaded configuration on the switch. Syntax boot host autosave no boot host autosave Parameter Description This command does not require a parameter description.
2CSPC4.X8100-SWUM100.book Page 1430 Wednesday, August 29, 2012 6:23 PM Install process is triggered. Use the no form of this command to disable AutoInstall on the next reboot if the reboot occurs with a saved startup configuration. If you give this command while the Auto-Install process is running, the Auto-Install process terminates. The Auto-Install process has an internal timer that retries failed installations for ten minutes.
2CSPC4.X8100-SWUM100.book Page 1431 Wednesday, August 29, 2012 6:23 PM Syntax boot host retrycount count no boot host retrycount • count —The number of attempts to download a configuration (Range: 1–6). Default Configuration The default number of configuration download attempts is three.
2CSPC4.X8100-SWUM100.book Page 1432 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The show switch command also displays the switch firmware synchronization status.
2CSPC4.X8100-SWUM100.book Page 1433 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1435 Wednesday, August 29, 2012 6:23 PM Captive Portal Commands 65 The Captive Portal feature is a software implementation that blocks both wired and wireless clients from accessing the network until user verification has been established. Verification can be configured to allow access for both guest and authenticated users. Authenticated users must be validated against a database of authorized Captive Portal users before access is granted.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1437 Wednesday, August 29, 2012 6:23 PM Captive Portal Global Commands authentication timeout Use the authentication timeout command to configure the authentication timeout. If the user does not enter valid credentials within this time limit, the authentication page needs to be served again in order for the client to gain access to the network. Use the “no” form of this command to reset the authentication timeout to the default.
2CSPC4.X8100-SWUM100.book Page 1438 Wednesday, August 29, 2012 6:23 PM Syntax captive-portal Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#captive-portal console(config-CP)# enable Use the enable command to globally enable captive portal. Use the “no” form of this command to globally disable captive portal.
2CSPC4.X8100-SWUM100.book Page 1439 Wednesday, August 29, 2012 6:23 PM Example console(config-CP)#enable http port Use the http port command to configure an additional HTTP port for captive portal to monitor. Use the “no” form of this command to remove the additional HTTP port from monitoring. Syntax http port port-num no http port • port-num —The port number to monitor (Range: 1–65535). Default Configuration Captive portal only monitors port 80 by default.
2CSPC4.X8100-SWUM100.book Page 1440 Wednesday, August 29, 2012 6:23 PM no https port • port-num —The port number to monitor (Range: 1–65535). Default Configuration Captive portal only monitors port 443 by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1441 Wednesday, August 29, 2012 6:23 PM Example console#show captive-portal Administrative Mode....................... Disabled Operational Status........................ Disabled Disable Reason................ Administrator Disabled Captive Portal IP Address................. 1.2.3.4 show captive-portal status Use the show captive-portal status command to report the status of all captive portal instances in the system.
2CSPC4.X8100-SWUM100.book Page 1442 Wednesday, August 29, 2012 6:23 PM Configured Captive Portals..................... 1 Active Captive Portals......................... 0 Local Supported Users.......................... 128 Configured Local Users......................... 3 System Supported Users......................... 1024 Authenticated Users............................ 0 Captive Portal Configuration Commands The commands in this section are related to captive portal configurations.
2CSPC4.X8100-SWUM100.book Page 1443 Wednesday, August 29, 2012 6:23 PM configuration Use the configuration command to enter the captive portal instance mode. The captive portal configuration identified by CP ID 1 is the default CP configuration. The system supports a total of ten CP configurations. Use the “no” form of this command to delete a configuration. The default configuration (1) cannot be deleted. Syntax configuration cp-id no configuration cp-id • cp-id —Captive Portal ID (Range: 1–10).
2CSPC4.X8100-SWUM100.book Page 1444 Wednesday, August 29, 2012 6:23 PM Default Configuration Configurations are enabled by default Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#no enable group Use the group command to configure the group number for a captive portal configuration.
2CSPC4.X8100-SWUM100.book Page 1445 Wednesday, August 29, 2012 6:23 PM Example console(config-CP 2)#group 2 interface Use the interface command to associate an interface with a captive portal configuration. Use the “no” form of this command to remove an association. Syntax interface interface no interface interface interface —An interface or range of interfaces. Default Configuration No interfaces are associated with a configuration by default. Command Mode Captive Portal Instance Config mode.
2CSPC4.X8100-SWUM100.book Page 1446 Wednesday, August 29, 2012 6:23 PM • web-id — The locale number (Range: Only locale 1 is supported) Default Configuration Locale 1 is configured by default. Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command. name (Captive Portal) Use the name command to configure the name for a captive portal configuration. Use the “no” form of this command to remove a configuration name.
2CSPC4.X8100-SWUM100.book Page 1447 Wednesday, August 29, 2012 6:23 PM protocol Use the protocol command to configure the protocol mode for a captive portal configuration. Syntax protocol { http | https } Default Configuration The default protocols mode is https. Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1448 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#redirect redirect-url Use the redirect-url command to configure the redirect URL for a captive portal configuration. Syntax redirect-url url • url —The URL for redirection (Range: 1–512 characters). Default Configuration There is no redirect URL configured by default. Command Mode Captive Portal Instance mode.
2CSPC4.X8100-SWUM100.book Page 1449 Wednesday, August 29, 2012 6:23 PM no session-timeout • timeout —Session timeout. 0 indicates timeout not enforced (Range: 0–86400 seconds). Default Configuration There is no session timeout by default. Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1450 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#verification local Captive Portal Client Connection Commands captive-portal client deauthenticate Use the captive-portal client deauthenticate command to deauthenticate a specific captive portal client. Syntax captive-portal client deauthenticate macaddr • macaddr — Client MAC address.
2CSPC4.X8100-SWUM100.book Page 1451 Wednesday, August 29, 2012 6:23 PM Syntax show captive-portal client [ macaddr ] status • macaddr — Client MAC address. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1452 Wednesday, August 29, 2012 6:23 PM Syntax show captive-portal configuration [ cp-id ] client status cp-id —Captive Portal ID. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1453 Wednesday, August 29, 2012 6:23 PM Syntax show captive-portal interface {gigabitethernet unit/slot/port| tengigabitethernet unit/slot/port | fortygigabitethernet unit/slot/port} client status Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1454 Wednesday, August 29, 2012 6:23 PM Captive Portal Interface Commands show captive-portal interface configuration status Use the show captive-portal interface configuration status command to display the interface to configuration assignments for all captive portal configurations or for a specific configuration. Syntax show captive-portal interface configuration [ cp-id ] status • cp-id —Captive Portal ID.
2CSPC4.X8100-SWUM100.book Page 1455 Wednesday, August 29, 2012 6:23 PM Captive Portal Local User Commands clear captive-portal users Use the clear captive-portal users command to delete all captive portal user entries. Syntax clear captive-portal users Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1456 Wednesday, August 29, 2012 6:23 PM Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#no user 1 show captive-portal user Use the show captive-portal user command to display all configured users or a specific user in the captive portal local user database. Syntax show captive-portal user [ user-id ] • user-id — User ID (Range: 1–128).
2CSPC4.X8100-SWUM100.book Page 1457 Wednesday, August 29, 2012 6:23 PM ------- --------------------- ------- ------------ ----------1 user123 Default 14400 1 2 user234 Default 0 1 2 group2 console#show captive-portal user 1 User ID........................................ 1 User Name...................................... user123 Password Configured............................ Yes Session Timeout................................
2CSPC4.X8100-SWUM100.book Page 1458 Wednesday, August 29, 2012 6:23 PM • group-id — Group ID (Range: 1–10). Default Configuration A user is associated with group 1 by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#user 1 group 3 user-logout Use the user-logout command in Captive Portal Instance mode to enable captive portal users to log out of the portal (versus having the session time out).
2CSPC4.X8100-SWUM100.book Page 1459 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example In this example, all classes of entries in the mac address-table are displayed. console(config)#captive-portal console(config-CP)#user 1 name asd console(config-CP)#configuration 1 console(config-CP 1)#user-logout console(config-CP 1)#no user-logout user name Use the user name command to modify the user name for a local captive portal user.
2CSPC4.X8100-SWUM100.book Page 1460 Wednesday, August 29, 2012 6:23 PM user password Use the user password command to create a local user or change the password for an existing user. Syntax user user-id password { password | encrypted enc-password } • user-id — User ID (Range: 1–128). • password —User password (Range: 8–64 characters). • enc-password —User password in encrypted form. Default Configuration There are no users configured by default. Command Mode Captive Portal Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1461 Wednesday, August 29, 2012 6:23 PM • user-id — User ID (Range: 1–128). • timeout —Session timeout. 0 indicates use global configuration (Range: 0–86400 seconds). Default Configuration The global session timeout is used by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1462 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration 1 CP ID..................................... 1 CP Name................................... cp1 Operational Status........................ Disabled Disable Reason............................ Administrator Disabled Blocked Status............................ Not Blocked Configured Locales........................
2CSPC4.X8100-SWUM100.book Page 1463 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console#show captive-portal configuration 1 interface CP ID..................................... 1 CP Name...................................
2CSPC4.X8100-SWUM100.book Page 1464 Wednesday, August 29, 2012 6:23 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1465 Wednesday, August 29, 2012 6:23 PM Example console#show captive-portal configuration status CP ID CP Name Verification Mode Protocol ------- --------------- -------- -------- --------- 1 cp1 Enable https Guest 2 cp2 Enable http Local 3 cp3 Disable https Guest console#show captive-portal configuration 1 status CP ID.......................................... 1 CP Name........................................ cp1 Mode...................................
2CSPC4.X8100-SWUM100.book Page 1466 Wednesday, August 29, 2012 6:23 PM Captive Portal User Group Commands user group Use the user group command to create a user group. Use the “no” form of this command to delete a user group. The default user group (1) cannot be deleted. Syntax user group group-id no user group group-id group-id —Group ID (Range: 1–10). Default Configuration User group 1 is created by default and cannot be deleted. Command Mode Captive Portal Configuration mode.
2CSPC4.X8100-SWUM100.book Page 1467 Wednesday, August 29, 2012 6:23 PM • new-group-id —Group ID (Range: 1–10). Default Configuration There is no default configuration for this command. Command Mode Captive Portal Configuration mode User Guidelines The new group-id must already exist. Example console(config-CP)#user group 2 moveusers 3 user group name Use the user group name command to configure a group name. Syntax user group group-id name name • group-id —Group ID (Range: 1–10).
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1469 Wednesday, August 29, 2012 6:23 PM CLI Macro Commands 66 CLI Macros provides a convenient way to save and distribute common configurations. A CLI macro is a set of the CLI commands having a unique name. When a CLI macro is applied, the CLI commands contained within the macro are executed and added to the Running Configuration File. When the macro is applied to an interface, the existing configuration is not lost; the new commands are added configuration.
2CSPC4.X8100-SWUM100.book Page 1470 Wednesday, August 29, 2012 6:23 PM • profile-wireless, the interface configuration, used when connecting the switch and a wireless access point. • profile-compellent-nas, the interface configuration, used when connecting the switch to a Dell Compellent NAS.
2CSPC4.X8100-SWUM100.book Page 1471 Wednesday, August 29, 2012 6:23 PM Macro Default Definition default global :profile-global default interface :profile-desktop default interface :profile-phone default interface :profile-switch default interface :profile-router default interface :profile-wireless default global :profile-compellent-nas Command Mode Global Configuration mode User Guidelines Macros consist of text commands with one command per line.
2CSPC4.X8100-SWUM100.book Page 1472 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description macro-name The name of the macro. parameter The name of the parameter recognized by the macro. The parameter must begin with a dollar sign ($). value The string to be substituted within the macro for the specified parameter name. Default Configuration No parameters are substituted unless supplied on the command line.
2CSPC4.X8100-SWUM100.book Page 1473 Wednesday, August 29, 2012 6:23 PM Parameter Description value The string to be substituted within the macro for the specified parameter name. Default Configuration No parameters are substituted unless supplied on the command line. Command Mode Global Configuration mode User Guidelines The line number of the first error encountered is printed. The script is aborted after the first error. Commands applied are additive in nature.
2CSPC4.X8100-SWUM100.book Page 1474 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines This command is intended to give the administrator an easy way to remember which macros have been applied globally. All text up to the new line is included in the description. The line is appended to the global description. macro apply Use the macro apply command in Interface Configuration mode to apply a macro.
2CSPC4.X8100-SWUM100.book Page 1475 Wednesday, August 29, 2012 6:23 PM macro trace Use the macro trace command in Interface Configuration mode to apply and trace a macro. The command will display each line of the macro as it is executed and list any errors encountered. Syntax macro trace macro-name [parameter value] [parameter value][parameter value] no macro name name Parameter Description Parameter Description macro-name The name of the macro.
2CSPC4.X8100-SWUM100.book Page 1476 Wednesday, August 29, 2012 6:23 PM macro description Use the macro description command in Interface Configuration mode to append a line to the macro description. Use the no form of the command to clear the description. Syntax macro description line Parameter Description Parameter Description line The macro description. All text up to the new line is included in the description. Default Configuration There is no description by default.
2CSPC4.X8100-SWUM100.book Page 1477 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description brief Shows the list of defined macros and their type. description Shows the macro descriptions. name Shows an individual macro, including its contents. macro The name of the macro to display. interface-id The interface for which to show the macro description. Default Configuration No parameters are substituted unless supplied on the command line.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1479 Wednesday, August 29, 2012 6:23 PM 67 Clock Commands Real-time Clock The PowerConnect supports a real-time clock that maintains the system time across reboots. The system time is used to timestamp messages in the logging subsystem as well as for the application of time based ACLs. The administrator has the ability to configure and view the current time, time zone, and summer time settings. The earliest date that can be configured is Jan 1, 2010.
2CSPC4.X8100-SWUM100.book Page 1480 Wednesday, August 29, 2012 6:23 PM multicast address ff02::101 (reserved for SNTP) for server packets on port number 123. The client logic to handle packet contents doesn’t change with support for IPv6 networks.
2CSPC4.X8100-SWUM100.book Page 1481 Wednesday, August 29, 2012 6:23 PM Example The following example displays the current SNTP configuration of the device. console#show sntp configuration Polling interval: 64 seconds MD5 Authentication keys: Authentication is not required for synchronization. Trusted keys: No trusted keys. Unicast clients: Disable Unicast servers: Server Key Polling Priority ------------- ----------- ----------- ----- 10.27.128.
2CSPC4.X8100-SWUM100.book Page 1482 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Examples console#show sntp server Server Host Address: 2001::01 Server Type: IPv6 Server Stratum: 2 Server Reference Id: 158.108.96.
2CSPC4.X8100-SWUM100.book Page 1483 Wednesday, August 29, 2012 6:23 PM Port: 123 Last Update Time: Dec 22 11:10:00 2009 Last Attempt Time: Dec 22 11:10:00 2009 Last Update Status: Success Total Unicast Requests: 955 Failed Unicast Requests: 1 --More-- or (q)uit Host Address: 3.north-america.pool.ntp.
2CSPC4.X8100-SWUM100.book Page 1484 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Examples The following example shows the status of the SNTP.
2CSPC4.X8100-SWUM100.book Page 1485 Wednesday, August 29, 2012 6:23 PM Default Configuration No authentication. Command Mode Global Configuration mode User Guidelines The command is relevant for both Unicast and Broadcast. Example The following example, after defining the authentication key for SNTP, grants authentication.
2CSPC4.X8100-SWUM100.book Page 1486 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Examples The following examples define the authentication key for SNTP. console(config)# sntp authentication-key 8 md5 ClkKey console(config)# sntp trusted-key 8 console(config)# sntp authenticate sntp broadcast client enable Use the sntp broadcast client enable command in Global Configuration mode to enable a Simple Network Time Protocol (SNTP) Broadcast client.
2CSPC4.X8100-SWUM100.book Page 1487 Wednesday, August 29, 2012 6:23 PM sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time for the Simple Network Time Protocol (SNTP) client. To return to the default settings, use the no form of this command. Syntax sntp client poll timer seconds no sntp client poll timer • seconds — Polling interval. (Range: 64-1024 seconds, in powers of 2) Default Configuration The polling interval is 64 seconds.
2CSPC4.X8100-SWUM100.book Page 1488 Wednesday, August 29, 2012 6:23 PM no sntp server {ip-address | ipv6-address | hostname} • ip-address — IP address of the server. • hostname — Hostname of the server. (Range: 1-158 characters) Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1489 Wednesday, August 29, 2012 6:23 PM Default Configuration No keys are trusted. Command Mode Global Configuration mode User Guidelines This command is relevant for both received Unicast and Broadcast. Example The following defines SNTP trusted-key.
2CSPC4.X8100-SWUM100.book Page 1490 Wednesday, August 29, 2012 6:23 PM Examples The following example enables the device to use Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from servers. console(config)# sntp unicast client enable clock timezone hours-offset Use the clock timezone [ hours-offset ] [minutes minutes-offset] [zone acronym] command to set the offset to Coordinated Universal Time (UTC).
2CSPC4.X8100-SWUM100.book Page 1491 Wednesday, August 29, 2012 6:23 PM Syntax no clock timezone Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines This command has no specific user guidelines.
2CSPC4.X8100-SWUM100.book Page 1492 Wednesday, August 29, 2012 6:23 PM • acronym — The acronym for the time zone to be displayed when summertime is in effect.
2CSPC4.X8100-SWUM100.book Page 1493 Wednesday, August 29, 2012 6:23 PM • acronym — The acronym for the time zone to be displayed when summertime is in effect. (Range: Up to four characters) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1494 Wednesday, August 29, 2012 6:23 PM User Guidelines No specific guidelines Example console(config)#no clock summer-time show clock Use the show clock command in Privileged EXEC or User EXEC mode to display the time and date from the system clock. Use the show clock detail command to show the time zone and summertime configuration. Syntax Description show clock [detail] Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1495 Wednesday, August 29, 2012 6:23 PM Time source is SNTP Time zone: Acronym is PST Offset is UTC-7 Summertime: Acronym is PDT Recurring every year. Begins at first Sunday of April at 2:00. Ends at last Sunday of October at 2:00. Offset is 60 minutes.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1497 Wednesday, August 29, 2012 6:23 PM Command Line Configuration Scripting Commands 68 The Configuration Scripting feature allows the user to generate textformatted files representing the current system configuration. These configuration script files can be uploaded to a computer and edited, then downloaded to the system and applied to the system.
2CSPC4.X8100-SWUM100.book Page 1498 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example applies the config.scr script to the switch. console#script apply config.scr script delete Use the script delete command in Privileged EXEC mode to delete a specified script.
2CSPC4.X8100-SWUM100.book Page 1499 Wednesday, August 29, 2012 6:23 PM console#script delete all script list Use the script list command in Privileged EXEC mode to list all scripts present on the switch as well as the remaining available space. Syntax script list Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays all scripts present on the switch.
2CSPC4.X8100-SWUM100.book Page 1500 Wednesday, August 29, 2012 6:23 PM • scriptname — Name of the script file to be displayed. (Range: 1-31 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the contents of the script file config.scr. console#script show config.scr interface gigabitethernet 1/0/1 ip address 176.242.100.100 255.255.255.
2CSPC4.X8100-SWUM100.book Page 1501 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example validates the contents of the script file config.scr. console#script validate config.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1503 Wednesday, August 29, 2012 6:23 PM Configuration and Image File Commands 69 File System Commands CLI commands allow the user to show the contents of the current directory in the flash file system (dir command). These files may also be deleted from the flash using the delete command or renamed with the rename command. Also, the syntax of the copy command has been changed slightly to add additional flash targets and sources for the above commands.
2CSPC4.X8100-SWUM100.book Page 1504 Wednesday, August 29, 2012 6:23 PM delete backup-config show running-config delete backup-image show startup-config delete startup-config update bootcode dir write erase – boot system Use the boot system command in Privileged EXEC mode to specify the system image that the device loads at startup. Syntax boot system [unit-id][image1|image2][active|backup] Parameter Description The image1 and image2 keywords are deprecated on the PC81xx only.
2CSPC4.X8100-SWUM100.book Page 1505 Wednesday, August 29, 2012 6:23 PM User Guidelines Use the show bootvar command to find out which image is the active image. Example #1 The image1 and image2 keywords are deprecated on the PC81xx only. The following example loads system image image1 for the next device startup. console# boot system image1 Example #2 The following example applies to PC81xx only. console #boot system ? active Marks the given image as active for subsequent reboots.
2CSPC4.X8100-SWUM100.book Page 1506 Wednesday, August 29, 2012 6:23 PM Syntax clear config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example restores the switch to its default configuration. console#clear config copy Use the copy command in Privileged EXEC mode to copy files within the switch and to upload and download files from and to the switch.
2CSPC4.X8100-SWUM100.book Page 1507 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description source-url The location URL or or reserved keyword of the source file being copied. (Range: 1-160 characters.) List of valid source parameters for uploading from the switch: backup-config Uploads Backup Config file. image Uploads code file by xmodem or tftp. operational-log Uploads Operational Log file. running-config Copies system config file.
2CSPC4.X8100-SWUM100.book Page 1508 Wednesday, August 29, 2012 6:23 PM Parameter Description destination-url The URL or reserved keyword of the destination file. (Range: 1-160 characters. List of valid destination parameters for downloading to the switch: backup-config Downloads config file using xmodem, sftp, or tftp. image Downloads code file by xmodem, ftp, sftp, or tftp. script Downloads configuration script by xmodem, sftp, or tftp. startup-config Downloads config file using xmodem or tftp.
2CSPC4.X8100-SWUM100.book Page 1509 Wednesday, August 29, 2012 6:23 PM The following table lists and describes reserved keywords. Reserved Keyword Description running-config Represents the current running configuration file. startup-config Represents the startup configuration file. startup-log Represents the startup syslog file. This can only be the source of a copy operation. operational-log Represents the operational syslog file. This can only be the source of a copy operation.
2CSPC4.X8100-SWUM100.book Page 1510 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode User Guidelines When copying files from the switch, match a source parameter with a destination URL. When copying to the switch, match a source URL to a destination parameter. FTP is only supported for image download to the switch. URLs may not exceed 160 characters in length, including filename, file path, hostname, ip address, user, and reserved keywords.
2CSPC4.X8100-SWUM100.book Page 1511 Wednesday, August 29, 2012 6:23 PM Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y TFTP code transfer starting 9392640 bytes transferred... File contents are valid. File transfer operation completed successfully.
2CSPC4.X8100-SWUM100.book Page 1512 Wednesday, August 29, 2012 6:23 PM ----------------------------------------------------------------- 1 M.9.11.2 M.9.11.3 image1 image1 After the file transfer completes, use the boot system command to select the new image to run. Example – Downloading and applying ias users file console#copy tftp://10.131.17.104/aaa_users.txt iasusers Transfer Mode.................................. TFTP Server IP Address.............................. 10.131.17.104 File Path........
2CSPC4.X8100-SWUM100.book Page 1513 Wednesday, August 29, 2012 6:23 PM Updated IAS users database successfully. Example – USB copy operations console#copy usb://start-config startup-config console#copy operational-log usb://olog.txt console#copy usb://backup-config.txt backup-config console#copy image usb://image1.stk console#copy flash://crashdump.0 usb://crashdump.0 delete Use the delete command to delete files from flash. Syntax delete file • file — Name of the file to be deleted.
2CSPC4.X8100-SWUM100.book Page 1514 Wednesday, August 29, 2012 6:23 PM delete backup-config Use the delete backup-config command in Privileged EXEC mode to delete the backup-config file. Syntax delete backup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes the backup-config file.
2CSPC4.X8100-SWUM100.book Page 1515 Wednesday, August 29, 2012 6:23 PM User Guidelines NOTE: The active image cannote be deleted. Example The following example deletes test file in Flash memory. console#delete backup-image Delete: image2 (y/n)? delete startup-config Use the delete startup-config command in Privileged EXEC mode to delete the startup-config file. Syntax delete startup-config Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1516 Wednesday, August 29, 2012 6:23 PM Syntax dir Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#dir 0 drwx 2048 Jan 13 2031 17:19:54 . 0 drwx 2048 Jan 10 2031 15:58:10 .. 0 -rwx 0 -rwx 16380 Jan 10 2031 15:58:18 log2.bin 0 -rwx 72 Jan 10 2031 15:58:14 boot.dim 0 -rwx 0 -rwx 0 -rwx 0 -rwx 256 Jan 22 2005 08:00:48 vpd.
2CSPC4.X8100-SWUM100.book Page 1517 Wednesday, August 29, 2012 6:23 PM Syntax Description Parameter Description startup-config Erases the contents of the startup configuration file. backup-image Erase the backup image. backup-config Erases the backup configuration. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1518 Wednesday, August 29, 2012 6:23 PM User Guidelines The description accepts any printable characters except a double quote or question mark. Enclose the string in double quotes to include spaces within the name. The surrounding quotes are not used as part of the description. The CLI does not filter illegal combinations of characters on entry and may accept entries up to the first illegal character or reject the entry entirely.
2CSPC4.X8100-SWUM100.book Page 1519 Wednesday, August 29, 2012 6:23 PM show backup-config Use the show backup-config command in Privileged EXEC mode to display the contents of the backup configuration file. Syntax show backup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example shows backup-config data.
2CSPC4.X8100-SWUM100.book Page 1520 Wednesday, August 29, 2012 6:23 PM exit show bootvar Use the show bootvar command in User EXEC mode to display the active system image file that the device loads at startup. Syntax show bootvar [unit ] • unit —Unit number. Default Configuration This command has no default configuration. Command Mode User EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1521 Wednesday, August 29, 2012 6:23 PM show running-config Use the show running-config command in Privileged EXEC mode to display the contents of the currently running configuration file, including banner configuration. The command only displays the configurations that are nondefault. NOTE: All non-default configurations for the Captve Portal branding images and encoded Unicode are not displayed via the standard show running-config command.
2CSPC4.X8100-SWUM100.book Page 1522 Wednesday, August 29, 2012 6:23 PM no exec-banner exit line telnet no login-banner exit banner exec "===exec=====" banner login "===login=====" banner motd "===motd=====" exit show startup-config Use the show startup-config command in Privileged EXEC mode to display the startup configuration file contents. Syntax show startup-config Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1523 Wednesday, August 29, 2012 6:23 PM PC8024 switch example. 1 : !Current Configuration: 2 : !System Description "Powerconnect 8024F, 4.1.0.6, VxWorks 6.6" 3 : !System Software Version 4.1.0.
2CSPC4.X8100-SWUM100.book Page 1524 Wednesday, August 29, 2012 6:23 PM 28 : exit 29 : ! 30 : interface Te1/0/17 31 : switchport mode general 32 : switchport general pvid 1001 33 : switchport general allowed vlan add 1000-1001 34 : switchport general allowed vlan remove 1 35 : exit 36 : snmp-server community "public" rw 37 : exit update bootcode The update bootcode command is deprecated on the PC81xx only.
2CSPC4.X8100-SWUM100.book Page 1525 Wednesday, August 29, 2012 6:23 PM console#update bootcode 2 write Use the write command to copy the running configuration image to the startup configuration. Syntax write Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode Usage Guidelines This command is equivalent to the copy running-config startup-config command functionally.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1527 Wednesday, August 29, 2012 6:23 PM Denial of Service Commands 70 The following list shows the DoS attack detection PowerConnect supports. Some platforms do not support detection for all of the DoS attack types in the list. • SIP=DIP: – • First Fragment: – • • – TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and – TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and – TCP Sequence Number = 0 or TCP Flags SYN and FIN set.
2CSPC4.X8100-SWUM100.book Page 1528 Wednesday, August 29, 2012 6:23 PM • – TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and – TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and – TCP Sequence Number = 0 or TCP Flags SYN and FIN set. TCP Offset: – • TCP SYN: – • TCP Flags FIN and URG and PSH set and TCP Sequence Number = 0. ICMP V6: – • TCP Flags SYN and FIN set. TCP FIN & URG & PSH: – • TCP Flag SYN set. TCP SYN & FIN: – • Checks for TCP header offset =1.
2CSPC4.X8100-SWUM100.book Page 1529 Wednesday, August 29, 2012 6:23 PM dos-control firstfrag Use the dos-control firstfrag command in Global Configuration mode to enable Minimum TCP Header Size Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having a TCP Header Size smaller than the configured value, the packets are dropped. Syntax dos-control firstfrag [size] no dos-control firstfrag • size —TCP header size.
2CSPC4.X8100-SWUM100.book Page 1530 Wednesday, August 29, 2012 6:23 PM Syntax dos-control icmp [size ] no dos-control icmp • size — Maximum ICMP packet size. (Range: 0-16376). If size is unspecified, the value is 512. Default Configuration Denial of Service is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates the Maximum ICMP Packet Denial of Service protection with a maximum packet size of 1023.
2CSPC4.X8100-SWUM100.book Page 1531 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates L4 Port Denial of Service protection. console(config)#dos-control l4port dos-control sipdip Use the dos-control sipdip command in Global Configuration mode to enable Source IP Address = Destination IP Address (SIP=DIP) Denial of Service protection.
2CSPC4.X8100-SWUM100.book Page 1532 Wednesday, August 29, 2012 6:23 PM dos-control tcpflag Use the dos-control tcpflag command in Global Configuration mode to enable TCP Flag Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack.
2CSPC4.X8100-SWUM100.book Page 1533 Wednesday, August 29, 2012 6:23 PM no dos-control tcpfrag Default Configuration Denial of Service is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates TCP Fragment Denial of Service protection. console(config)#dos-control tcpfrag ip icmp echo-reply Use the ip icmp echo-reply command to enable or disable the generation of ICMP Echo Reply messages.
2CSPC4.X8100-SWUM100.book Page 1534 Wednesday, August 29, 2012 6:23 PM Example console(config)#ip icmp echo-reply ip icmp error-interval Use the ip icmp error-interval command to limit the rate at which IPv4 ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst-size and burst-interval. To disable ICMP rate limiting, set burst-interval to zero. Use the no form of this command to return burst-interval and burst-size to their default values.
2CSPC4.X8100-SWUM100.book Page 1535 Wednesday, August 29, 2012 6:23 PM ip unreachables Use the ip unreachables command to enable the generation of ICMP Destination Unreachable messages. Use the no form of this command to prevent the generation of ICMP Destination Unreachable messages. Syntax ip unreachables no ip unreachables Default Configuration ICMP Destination Unreachable messages are enabled.
2CSPC4.X8100-SWUM100.book Page 1536 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan10)#ip redirects ipv6 icmp error-interval Use the icmp error-interval command to limit the rate at which ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst-size and burst interval.
2CSPC4.X8100-SWUM100.book Page 1537 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 icmp error-interval 2000 20 ipv6 unreachables Use the ipv6 unreachables command to enable the generation of ICMPv6 Destination Unreachable messages. Use the no form of this command to prevent the generation of ICMPv6 Destination Unreachable messages.
2CSPC4.X8100-SWUM100.book Page 1538 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays Denial of Service configuration information. console#show dos-control SIPDIP Mode...............................Disable First Fragment Mode.......................Disable Min TCP Hdr Size......................
2CSPC4.X8100-SWUM100.book Page 1539 Wednesday, August 29, 2012 6:23 PM 71 Line Commands This chapter explains the following commands: exec-timeout line history show line history size speed Authentication commands related to line configuration mode are in AAA Commands. exec-timeout Use the exec-timeout command in Line Configuration mode to set the interval that the system waits for user input before timeout. The exectimeout command is also used by the web for timing out web sessions.
2CSPC4.X8100-SWUM100.book Page 1540 Wednesday, August 29, 2012 6:23 PM User Guidelines To specify no timeout, enter the exec-timeout 0 command. Example The following example configures the interval that the system waits until user input is detected to 20 minutes. console(config)#line console console(config-line)#exec-timeout 20 history Use the history command in Line Configuration mode to enable the command history function. To disable the command history function, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1541 Wednesday, August 29, 2012 6:23 PM history size Use the history size command in Line Configuration mode to change the command history buffer size for a particular line. To reset the command history buffer size to the default setting, use the no form of this command. Syntax history size number-of-commands no history size Parameter Description Parameter Description number-ofcommands Specifies the number of commands the system may record in its command history buffer.
2CSPC4.X8100-SWUM100.book Page 1542 Wednesday, August 29, 2012 6:23 PM Syntax line {console | telnet | ssh} • console — Console terminal line. • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH). Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines The default authentication list for telnet and SSH is enableNetList.
2CSPC4.X8100-SWUM100.book Page 1543 Wednesday, August 29, 2012 6:23 PM Syntax show line [console | telnet | ssh] • console — Console terminal line. • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH). Default Configuration This command has no default configuration. Command Mode User EXEC and Privileged EXEC mode, Config mode and all Config submodes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1544 Wednesday, August 29, 2012 6:23 PM Interactive timeout: 10 minutes 10 seconds History: 10 speed Use the speed command in Line Configuration mode to set the line baud rate. Use the no form of the command to restore the default settings. Syntax speed {bps} no speed • bps — Baud rate in bits per second (bps). The options are 2400, 9600, 19200, 38400, 57600, and 115200. Default Configuration This default speed is 9600.
2CSPC4.X8100-SWUM100.book Page 1545 Wednesday, August 29, 2012 6:23 PM Management ACL Commands 72 In order to ensure the security of the switch management features, the administrator may elect to configure a management access control list. The Management Access Control and Administration List (ACAL) component is used to ensure that only known and trusted devices are allowed to remotely manage the switch via TCP/IP.
2CSPC4.X8100-SWUM100.book Page 1546 Wednesday, August 29, 2012 6:23 PM deny (management) Use the deny command in Management Access-List Configuration mode to set conditions for the management access list.
2CSPC4.X8100-SWUM100.book Page 1547 Wednesday, August 29, 2012 6:23 PM Command Mode Management Access-list Configuration mode User Guidelines Rules with gigabitethernet, tengigabitethernet, fortygigabitethernet, vlan, and port-channel parameters are valid only if an IP address is defined on the appropriate interface. Ensure that each rule has a unique priority. Example The following example shows how all ports are denied in the access-list called mlist.
2CSPC4.X8100-SWUM100.book Page 1548 Wednesday, August 29, 2012 6:23 PM Example The following example configures an access-list called mlist as the management access-list. console(config)# management access-class mlist management access-list Use the management access-list command in Global Configuration mode to define an access list for management, and enter the access-list for configuration.
2CSPC4.X8100-SWUM100.book Page 1549 Wednesday, August 29, 2012 6:23 PM Management access list names can consist of any printable character, including blanks. Enclose the name in quotes to embed blanks in the name. Examples The following example shows how to configure two management interfaces, gigabit Ethernet 1/0/1 and gigabit Ethernet 2/0/9.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1551 Wednesday, August 29, 2012 6:23 PM User Guidelines Rules with gigabitethernet, tengigabitethernet, fortygigabitethernet, vlan, and port-channel parameters are valid only if an IP address is defined on the appropriate interface. Ensure that each rule has a unique priority. Examples The following example shows how to configure two management interfaces, gigabit Ethernet 1/0/1 and gigabit Ethernet 2/0/9.
2CSPC4.X8100-SWUM100.book Page 1552 Wednesday, August 29, 2012 6:23 PM Syntax show management access-class Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the management access-list information.
2CSPC4.X8100-SWUM100.book Page 1553 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays the active management access-list.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1555 Wednesday, August 29, 2012 6:23 PM 73 Mode Commands This chapter explains the following commands: configure terminal do configure terminal Use the configure terminal command to get to the configure line. This command is equivalent to the configure command. Syntax configure terminal Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1556 Wednesday, August 29, 2012 6:23 PM using this command. When in modes other than Global Configuration mode, the do command will not appear in the list of commands shown in the help, nor will prompting be available. Syntax do line do ? • line — Command to be executed. It should be an unambiguous command from the Privileged EXEC mode. Commands such as configure are forbidden. Command line completion for the line parameter is supported.
2CSPC4.X8100-SWUM100.book Page 1557 Wednesday, August 29, 2012 6:23 PM arp Purge a dynamic or gateway ARP entry. boot next reload. Select a boot image for use on the captive-portal Manage captive portal clients. clear statistics. Clear learned configuration or configure Enter global config mode. copy Copy files to or from the switch. crypto Request a crypto certificate. debug Configure debug flags. delete Delete a file. dir Display directory information.
2CSPC4.X8100-SWUM100.book Page 1558 Wednesday, August 29, 2012 6:23 PM reload stack. Reload stack or a switch in the rename Rename a file. renew address. Renew an in-band DHCP assigned script scripts. Manage and execute configuration show operational status. Show configured settings and telnet Open a telnet connection. terminal Set per session configuration test first!. Test a copper port. Disable EEE modes traceroute Trace route to destination. udld UDLD protocol commands.
2CSPC4.X8100-SWUM100.book Page 1559 Wednesday, August 29, 2012 6:23 PM 74 Password Management Commands The Password Management component supports the features below. Passwords are masked when entered by the user and in the running config. Configurable Minimum Password Length The administrator has the option of requiring user passwords to be a minimum length. The administrator can choose to have the switch enforce a minimum length between 8 and 64 characters.
2CSPC4.X8100-SWUM100.book Page 1560 Wednesday, August 29, 2012 6:23 PM The administrator can access the serial port even if he/she is locked out and reset the password or clear the config to regain control of the switch. This ensures that if a hacker tries to log in as admin and causes the account to be locked out, then the administrator with physical access to the switch can still log in and reactivate the admin account.
2CSPC4.X8100-SWUM100.book Page 1561 Wednesday, August 29, 2012 6:23 PM Configuring minimum value of 0 for the above parameters means no restriction on that set of characters and configuring maximum of 0 means disabling the restriction (or no limit on the maximum number of course limited by minimum password length). The Password strength feature applies to all login passwords (user, line and enable).
2CSPC4.X8100-SWUM100.book Page 1562 Wednesday, August 29, 2012 6:23 PM passwords aging Use the passwords aging command in Global Configuration mode to implement aging on passwords for local users. When a user’s password expires, the user is prompted to change it before logging in again. Use the no form of this command to set the password aging to the default value. Syntax passwords aging 1-365 no passwords aging Parameter Description This command does not require a parameter description.
2CSPC4.X8100-SWUM100.book Page 1563 Wednesday, August 29, 2012 6:23 PM Syntax passwords history 0-10 no passwords history Parameter Description This command does not require a parameter description. Default Configuration The default value is 0. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the number of previous passwords remembered by the system at 10.
2CSPC4.X8100-SWUM100.book Page 1564 Wednesday, August 29, 2012 6:23 PM Parameter Description This command does not require a parameter description. Default Behavior The default value is 0 or no lockout count is enforced. Command Mode Global Configuration mode. User Guidelines Password lockout only applies to users with authentication configured to local. RADIUS or TACACS authenticated users will use policies configured on the respective RADIUS/TACACS servers.
2CSPC4.X8100-SWUM100.book Page 1565 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures user bob with password xxxyymmmm and user level 15. (config)# username bob password xxxyyymmm level 15 passwords strength-check Use the passwords strength-check command in Global Configuration mode to enable the Password Strength feature.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1567 Wednesday, August 29, 2012 6:23 PM Example console(config)#passwords strength minimum uppercaseletters 6 passwords strength minimum lowercase-letters Use this command to enforce a minimum number of lowercase letters that a password must contain. The valid range is 0–16. The default is 1. A setting of 0 means no restriction. Use the no form of this command to reset the minimum lowercase letters to the default value.
2CSPC4.X8100-SWUM100.book Page 1568 Wednesday, August 29, 2012 6:23 PM passwords strength minimum numericcharacters Use this command to enforce a minimum number of numeric numbers that a password should contain. The valid range is 0–16. The default is 1. A minimum of 0 means no restriction on that set of characters. Use the no form of this command to reset the minimum numeric characters to the default value.
2CSPC4.X8100-SWUM100.book Page 1569 Wednesday, August 29, 2012 6:23 PM passwords strength minimum special-characters Use this command to enforce a minimum number of special characters that a password may contain. The valid range is 0–16. The default is 1. A setting of 0 means no restriction. Special characters are one of the following characters (`! $ % ^ & * ( ) _ - + = { [ } ] : ; @ ' ~ # | \ < , > . / ) Use the no form of this command to reset the minimum special characters to the default value.
2CSPC4.X8100-SWUM100.book Page 1570 Wednesday, August 29, 2012 6:23 PM A maximum of 0 means there is no restriction on consecutive characters. Examples of consecutive characters are ABCDEF or 123456 or !”#$%&’(). Use the no form of this command to reset the maximum consecutive characters accepted to the default value.
2CSPC4.X8100-SWUM100.book Page 1571 Wednesday, August 29, 2012 6:23 PM Syntax passwords strength max-limit repeated-characters 0-15 no passwords strength max-limit repeated-characters Parameter Description This command does not require parameter descriptions. Default Behavior The default value is 0. Command Mode Global Configuration User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1572 Wednesday, August 29, 2012 6:23 PM Default Behavior The default value is 0. This limit is not enforced unless the passwords strength minimum character-classes command is configured with a value greater than 0.
2CSPC4.X8100-SWUM100.book Page 1573 Wednesday, August 29, 2012 6:23 PM Parameter Description This command does not require parameter descriptions. Default Behavior This command has no default configuration. Command Mode Global Configuration User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1574 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. show passwords configuration Use the show passwords configuration command in Privileged EXEC mode to display the configured password management settings. Syntax show passwords configuration Parameter Description The following fields are displayed by this command. Parameter Description Minimum Password Length Minimum number of characters required when changing passwords.
2CSPC4.X8100-SWUM100.book Page 1575 Wednesday, August 29, 2012 6:23 PM Parameter Description Maximum Password Repeated Characters Maximum number of repetition of characters that the password should contain when configuring passwords. Minimum Password Character Classes Minimum number of character classes (uppercase, lowercase, numeric and special) required when configuring passwords.
2CSPC4.X8100-SWUM100.book Page 1576 Wednesday, August 29, 2012 6:23 PM Password Strength Check........................ Enable Minimum Password Uppercase Letters............. 4 Minimum Password Lowercase Letters............. 4 Minimum Password Numeric Characters............ 3 Minimum Password Special Characters............ 3 Maximum Password Consecutive Characters........ 3 Maximum Password Repeated Characters........... 3 Minimum Password Character Classes............. 4 Password Exclude Keywords..........
2CSPC4.X8100-SWUM100.book Page 1577 Wednesday, August 29, 2012 6:23 PM Example The following example displays the command output. console#show passwords result Last User whose password is set ...................... brcm Password strength check ........................... Enable Last Password Set Result: Reason for failure: Could not set user password! Password should contain at least 4 uppercase letters.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1579 Wednesday, August 29, 2012 6:23 PM PHY Diagnostics Commands 75 This chapter explains the following commands: show copper-ports tdr test copper-port tdr show fiber-ports optical-transceiver – show copper-ports tdr Use the show copper-ports tdr command in Privileged EXEC mode to display the stored information regarding cable lengths. Syntax show copper-ports tdr [interface] • interface — A valid Ethernet port. The full syntax is unit / port.
2CSPC4.X8100-SWUM100.book Page 1580 Wednesday, August 29, 2012 6:23 PM Port Result Length [meters] ---- -------- --------------- Date 1/0/1 OK 1/0/2 2004 Short 1/0/3 Test has not been performed 1/0/4 2004 Open 128 1/0/5 Fiber - 50 --------------- 13:32:00 23 July 13:32:08 23 July - show fiber-ports optical-transceiver Use the show fiber-ports optical-transceiver command in Privileged EXEC mode to display the optical transceiver diagnostics.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1582 Wednesday, August 29, 2012 6:23 PM User Guidelines. During the test, shut down the port under test unless it is a combo port with an active fiber port. The maximum distance VCT can function is 120 meters. Examples The following example results in a report on the cable attached to port 1/0/3. console#test copper-port tdr 1/0/3 Cable is open at 64 meters The following example results in a failure to report on the cable attached to port 2/0/3.
2CSPC4.X8100-SWUM100.book Page 1583 Wednesday, August 29, 2012 6:23 PM 76 RMON Commands The PowerConnect SNMP component includes an RMON (remote monitoring) agent. RMON is a base technology used by network management applications to manage a network. Troubleshooting and network planning can be accomplished through the network management applications. The network monitor monitors traffic on a network and records selected portions of the network traffic and statistics.
2CSPC4.X8100-SWUM100.book Page 1584 Wednesday, August 29, 2012 6:23 PM Syntax rmon alarm number variable interval {delta | absolute} rising-threshold value [event-number] falling-threshold value [event-number] [owner string] [startup direction] no rmon alarm number Syntax Description Parameter Description number The alarm index. (Range: 1–65535) variable A fully qualified SNMP object identifier that resolves to a particular instance of a MIB object.
2CSPC4.X8100-SWUM100.book Page 1585 Wednesday, August 29, 2012 6:23 PM Parameter Description startup direction The alarm that may be sent when this entry is first set to valid. If the first sample (after this entry becomes valid) is greater than or equal to the rising-threshold, and direction is equal to rising or rising-falling, then a single rising alarm is generated.
2CSPC4.X8100-SWUM100.book Page 1586 Wednesday, August 29, 2012 6:23 PM rmon collection history Use the rmon collection history command in Interface Configuration mode to enable a Remote Monitoring (RMON) MIB history statistics group on an interface. To remove a specified RMON history statistics group, use the no form of this command. Also see the show rmon collection history command.
2CSPC4.X8100-SWUM100.book Page 1587 Wednesday, August 29, 2012 6:23 PM console(config)#interface gigabitethernet 1/0/8 console(config-if-1/0/8)#rmon collection history 1 interval 2400 rmon event Use the rmon event command in Global Configuration mode to configure an event. To remove an event, use the no form of this command. See also the show rmon events command.
2CSPC4.X8100-SWUM100.book Page 1588 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example configures an event with the trap index of 10. console(config)#rmon event 10 log show rmon alarm Use the show rmon alarm command in User EXEC mode to display alarm configuration. Also see the rmon alarm command. Syntax show rmon alarm number • number — Alarm index. (Range: 1–65535) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1589 Wednesday, August 29, 2012 6:23 PM Interval: 30 Sample Type: delta Startup Alarm: rising Rising Threshold: 8700000 Falling Threshold: 78 Rising Event: 1 Falling Event: 1 Owner: CLI The following table describes the significant fields shown in the display: Field Description Alarm Alarm index. OID Monitored variable OID. Last Sample Value The statistic value during the last sampling period.
2CSPC4.X8100-SWUM100.book Page 1590 Wednesday, August 29, 2012 6:23 PM Field Description Rising Threshold A sampled statistic threshold. When the current sampled value is greater than or equal to this threshold, and the value at the last sampling interval is less than this threshold, a single event is generated. Falling Threshold A sampled statistic threshold.
2CSPC4.X8100-SWUM100.book Page 1591 Wednesday, August 29, 2012 6:23 PM ----- ---------------------- ------- 1 1.3.6.1.2.1.2.2.1.10.1 CLI 2 1.3.6.1.2.1.2.2.1.10.1 Manager 3 1.3.6.1.2.1.2.2.1.10.9 CLI The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the entry. OID Monitored variable OID. Owner The entity that configured this entry.
2CSPC4.X8100-SWUM100.book Page 1592 Wednesday, August 29, 2012 6:23 PM Example The following example displays all RMON group statistics.
2CSPC4.X8100-SWUM100.book Page 1593 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode User EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the RMON event table.
2CSPC4.X8100-SWUM100.book Page 1594 Wednesday, August 29, 2012 6:23 PM show rmon history Use the show rmon history command in User EXEC mode to display RMON Ethernet Statistics history. Also see the rmon collection history command. Syntax show rmon history index [throughput | errors | other] [period seconds] • index — The requested set of samples. (Range: 1–65535) • throughput — Displays throughput counters. • errors — Displays error counters. • other — Displays drop and collision counters.
2CSPC4.X8100-SWUM100.book Page 1595 Wednesday, August 29, 2012 6:23 PM 09-Mar-2005 18:29:42 287696304 275686 2789 5878 20 The following example displays RMON Ethernet Statistics history for errors on index number 1.
2CSPC4.X8100-SWUM100.book Page 1596 Wednesday, August 29, 2012 6:23 PM 10-Mar-2005 22:06:00 3 0 10-Mar-2005 22:06:20 3 0 The following table describes the significant fields shown in the display: Field Description Time Date and Time the entry is recorded. Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets).
2CSPC4.X8100-SWUM100.book Page 1597 Wednesday, August 29, 2012 6:23 PM Field Description Jabbers The number of packets received during this sampling interval that were longer than 1518 octets (excluding framing bits but including FCS octets), and had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1599 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode User EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays RMON Ethernet Statistics for port 1/0/1.
2CSPC4.X8100-SWUM100.book Page 1600 Wednesday, August 29, 2012 6:23 PM Field Description Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). Packets The total number of packets (including bad packets, Broadcast packets, and Multicast packets) received. Broadcast The total number of good packets received and directed to the Broadcast address. This does not include Multicast packets.
2CSPC4.X8100-SWUM100.book Page 1601 Wednesday, August 29, 2012 6:23 PM Field Description 65 to 127 Octets The total number of packets (including bad packets) received that are between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). 128 to 255 Octets The total number of packets (including bad packets) received that are between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1603 Wednesday, August 29, 2012 6:23 PM SDM Templates Commands 77 On PowerConnect devices, the total available H/W route entries are divided statically (at compile-time) among IPV4 and IPv6 routes. If a switch is deployed in network environments where no IPv6 routes are needed, then H/W resources allocated for IPv6 routes are unused.
2CSPC4.X8100-SWUM100.book Page 1604 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description dual-ipv4-and-ipv6 This keyword filters subsequent template choices to those that support both IPv4 and IPv6. There is only one such template. It is selected using the keyword default. ipv4-routing This keyword filters subsequent template choices to those that support IPv4 and not IPv6.
2CSPC4.X8100-SWUM100.book Page 1605 Wednesday, August 29, 2012 6:23 PM Message Type Message Description Error Completion Message None show sdm prefer Use the show sdm prefer command in Privileged EXEC mode to view the currently active SDM template and its scaling parameters, or to view the scaling parameters for an inactive template.
2CSPC4.X8100-SWUM100.book Page 1606 Wednesday, August 29, 2012 6:23 PM Parameter Description IPv4 Multicast Routes The maximum number of IPv4 multicast forwarding table entries. IPv6 Multicast Routes The maximum number of IPv6 multicast forwarding table entries. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1607 Wednesday, August 29, 2012 6:23 PM console# show sdm prefer The current template is the Dual IPv4 and IPv6 template. ARP Entries..................................6144 IPv4 Unicast Routes..........................8160 IPv6 NDP Entries.............................2560 IPv6 Unicast Routes..........................4096 ECMP Next Hops...............................4 IPv4 Multicast Routes........................1536 IPv6 Multicast Routes........................
2CSPC4.X8100-SWUM100.book Page 1608 Wednesday, August 29, 2012 6:23 PM ARP Entries..................................6144 IPv4 Unicast Routes..........................8160 IPv6 NDP Entries.............................2560 IPv6 Unicast Routes..........................4096 ECMP Next Hops...............................4 IPv4 Multicast Routes........................1536 IPv6 Multicast Routes........................512 On the next reload, the template will be the IPv4routing Default template.
2CSPC4.X8100-SWUM100.book Page 1609 Wednesday, August 29, 2012 6:23 PM 78 Serviceability Tracing Packet Commands Debug commands cause the output of the enabled trace to display on a serial port or telnet console. Note that the output resulting from enabling a debug trace always displays on the serial port. The output resulting from enabling a debug trace displays on all login sessions for which any debug trace has been enabled.
2CSPC4.X8100-SWUM100.book Page 1610 Wednesday, August 29, 2012 6:23 PM debug console debug ip pimsm packet debug lacp debug dot1x debug ip vrrp debug mldsnooping show debugging debug igmpsnooping debug ipv6 dhcp debug ospf debug ip acl debug ipv6 mcache debug ospfv3 – debug ip dvmrp debug ipv6 mld – debug ping debug vrrp – NOTE: Debug commands are not persistent across resets. debug arp Use the debug arp command to enable tracing of ARP packets.
2CSPC4.X8100-SWUM100.book Page 1611 Wednesday, August 29, 2012 6:23 PM debug auto-voip Use the debug auto-voip command to enable Auto VOIP debug messages. Use the optional parameters to trace H323, SCCP, or SIP packets respectively. Use the “no” form of this command to disable Auto VOIP debug messages. Syntax debug auto-voip [ H323 | SCCP | SIP ] no debug auto-voip [ H323 | SCCP | SIP ] Default Configuration Auto VOIP tracing is disabled by default. Command Mode Privileged EXEC mode.
2CSPC4.X8100-SWUM100.book Page 1612 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no usage guidelines for this command. Example console#debug clear debug console Use the debug console to enable the display of “debug” trace output on the login session in which it is executed. Debug console display must be enabled in order to view any trace output. The output of debug trace commands appears on all login sessions for which debug console has been enabled.
2CSPC4.X8100-SWUM100.book Page 1613 Wednesday, August 29, 2012 6:23 PM Syntax debug dot1x packet [ receive | transmit ] no debug dot1x packet [ receive | transmit ] Default Configuration Display of dot1x traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug dot1x packet debug igmpsnooping Use the debug igmpsnooping to enable tracing of IGMP Snooping packets transmitted and/or received by the switch.
2CSPC4.X8100-SWUM100.book Page 1614 Wednesday, August 29, 2012 6:23 PM User Guidelines There are no usage guidelines for this command. Example console#debug igmpsnooping packet debug ip acl Use the debug ip acl command to enable debug of IP Protocol packets matching the ACL criteria. Use the “no” form of this command to disable IP ACL debugging. Syntax debug ip acl acl no debug ip acl acl • acl — The number of the IP ACL to debug. Default Configuration Display of IP ACL traces is disabled by default.
2CSPC4.X8100-SWUM100.book Page 1615 Wednesday, August 29, 2012 6:23 PM information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Syntax debug ip dvmrp packet [ receive | transmit ] no debug ip dvmrp packet [ receive | transmit ] Default Configuration Display of DVMRP traces is disabled by default. Command Mode Privileged EXEC mode.
2CSPC4.X8100-SWUM100.book Page 1616 Wednesday, August 29, 2012 6:23 PM Default Configuration Display of IGMP traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug ip igmp packet debug ip mcache Use the debug ip mcache command for tracing MDATA packet reception and transmission. The receive option traces only received data packets and the transmit option traces only transmitted data packets.
2CSPC4.X8100-SWUM100.book Page 1617 Wednesday, August 29, 2012 6:23 PM Example console#debug ip mcache packet debug ip pimdm packet Use the debug ip pimdm packet command to trace PIMDM packet reception and transmission. The receive option traces only received PIMDM packets and the transmit option traces only transmitted PIMDM packets. When neither keyword is used in the command, then all PIMDM packet traces are dumped.
2CSPC4.X8100-SWUM100.book Page 1618 Wednesday, August 29, 2012 6:23 PM debug ip pimsm packet Use the debug ip pimsm command to trace PIMSM packet reception and transmission. The receive option traces only received PIMSM packets and the transmit option traces only transmitted PIMSM packets. When neither keyword is used in the command, then all PIMSM packet traces are dumped.
2CSPC4.X8100-SWUM100.book Page 1619 Wednesday, August 29, 2012 6:23 PM Default Configuration Display of VRRP traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console#debug ip vrrp debug ipv6 dhcp Use the debug ipv6 dhcp command in Privileged EXEC mode to display debug information about DHCPv6 client activities and to trace DHCPv6 packets to and from the local DHCPv6 client.
2CSPC4.X8100-SWUM100.book Page 1620 Wednesday, August 29, 2012 6:23 PM Examples console#debug ipv6 dhcp debug ipv6 mcache Use the debug ipv6 mcache command to trace MDATAv6 packet reception and transmission. The receive option traces only received data packets and the transmit option traces only transmitted data packets. When neither keyword is used in the command, then all data packet traces are dumped.
2CSPC4.X8100-SWUM100.book Page 1621 Wednesday, August 29, 2012 6:23 PM is used in the command, then all MLD packet traces are dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Use the “no” form of this command to disable MLD tracing.
2CSPC4.X8100-SWUM100.book Page 1622 Wednesday, August 29, 2012 6:23 PM no debug ipv6 pimdm packet [ receive | transmit ] Default Configuration Display of PIMDMv6 traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug ipv6 pimdm packet debug ipv6 pimsm Use the debug ipv6 pimsm command to trace PIMSMv6 packet reception and transmission.
2CSPC4.X8100-SWUM100.book Page 1623 Wednesday, August 29, 2012 6:23 PM Usage Guidelines There are no usage guidelines for this command. Example console#debug ipv6 pimsm packet debug isdp Use the debug isdp command to trace ISDP packet reception and transmission. The receive option traces only received ISDP packets and the transmit option traces only transmitted ISDP packets. When neither keyword is used in the command, then all ISDP packet traces are dumped.
2CSPC4.X8100-SWUM100.book Page 1624 Wednesday, August 29, 2012 6:23 PM debug lacp Use the debug lacp command to enable tracing of LACP packets received and transmitted by the switch. Use the “no” form of this command to disable tracing of LACP packets. Syntax debug lacp packet no debug lacp packet Default Configuration Display of LACP traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1625 Wednesday, August 29, 2012 6:23 PM no debug mldsnooping packet [ receive | transmit ] Default Configuration Display of MLD Snooping traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug mldsnooping debug ospf Use the debug ospf command to enable tracing of OSPF packets received and transmitted by the switch.
2CSPC4.X8100-SWUM100.book Page 1626 Wednesday, August 29, 2012 6:23 PM debug ospfv3 Use the debug ospfv3 command to enable tracing of OSPFv3 packets received and transmitted by the switch. Use the “no” form of this command to disable tracing of OSPFv3 packets. Syntax debug ospfv3 packet no debug ospfv3 packet Default Configuration Display of OSPFv3 traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1627 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example The following example displays. console#debug ping packet debug rip Use the debug rip command to enable tracing of RIP requests and responses. Use the “no” form of this command to disable tracing of RIP requests and responses.
2CSPC4.X8100-SWUM100.book Page 1628 Wednesday, August 29, 2012 6:23 PM debug sflow Use the debug sflow command to enable sFlow debug packet trace. Use the “no” form of this command to disable sFlow packet tracing. Syntax debug sflow packet no debug sflow packet Default Configuration Display of sFlow traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1629 Wednesday, August 29, 2012 6:23 PM Default Configuration Display of spanning tree BPDU traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug spanning-tree bpdu debug vrrp Use the debug vrrp command in Privileged EXEC mode to enable VRRP debug protocol messages. Use the no form of this command to disable VRRP debug protocol messages.
2CSPC4.X8100-SWUM100.book Page 1630 Wednesday, August 29, 2012 6:23 PM Syntax show debugging no show debugging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes Usage Guidelines Enabled packet tracing configurations are displayed. Example console #debug arp Arp packet tracing enabled. console #show debugging Arp packet tracing enabled.
2CSPC4.X8100-SWUM100.book Page 1631 Wednesday, August 29, 2012 6:23 PM 79 Sflow Commands sFlow® is the standard for monitoring high-speed switched and routed networks. sFlow technology is built into network equipment and gives complete visibility into network activity, enabling effective management and control of network resources. The sFlow monitoring system consists of an sFlow Agent (embedded in a switch or router or in a stand-alone probe) and a central sFlow Collector.
2CSPC4.X8100-SWUM100.book Page 1632 Wednesday, August 29, 2012 6:23 PM Syntax sflow rcvr_index destination { ip-address [ port ] | maxdatagram size | owner "owner_string" {notimeout|timeout rcvr_timeout} no sflow rcvr_index destination [ip-address | maxdatagram | owner ] • rcvr_index — The index of this sFlow Receiver (Range: 1–8). • ip-address — The sFlow receiver IP address. If set to 0.0.0.0, no sFlow datagrams will be sent.
2CSPC4.X8100-SWUM100.book Page 1633 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode. User Guidelines An sflow destination entry must have an owner name defined in order for polling or sampling to be configured. The last set of command parameters are optional in the no form of the command. Sflow commands with a timeout value supplied do not show in the running config. Because the timer is actively running, the command is ephemeral and is therefore not shown in the running config.
2CSPC4.X8100-SWUM100.book Page 1634 Wednesday, August 29, 2012 6:23 PM • poll-interval — The sFlow instance polling interval. A poll interval of 0 disables counter sampling. A value of n means once in n seconds a counter sample is generated. (Range: 0–86400). Default Configuration There are no pollers configured by default. The default poll interval is 0. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1635 Wednesday, August 29, 2012 6:23 PM The default poll interval is 0. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example console(config-if-1/0/2)#sflow 1 polling 6055 sflow sampling Use the sflow sampling command to enable a new sflow sampler instance for this data source if rcvr_idx is valid. Use the “no” form of this command to reset sampler parameters to the default.
2CSPC4.X8100-SWUM100.book Page 1636 Wednesday, August 29, 2012 6:23 PM Default Configuration There are no samplers configured by default. The default sampling rate is 0. The default maximum header size is 128. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1637 Wednesday, August 29, 2012 6:23 PM Default Configuration There are no samplers configured by default. The default sampling rate is 0. The default maximum header size is 128. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example console(config-if-1/0/15)#sflow 1 sampler 1500 50 show sflow agent Use the show sflow agent command to display the sflow agent information.
2CSPC4.X8100-SWUM100.book Page 1638 Wednesday, August 29, 2012 6:23 PM sFlow Version Uniquely identifies the version and implementation of this MIB. The version string must have the following structure: MIB Version; Organization; Software Revision where: MIB Version: 1.3, the version of this MIB. Organization: Dell Corp. Revision: 1.0 IP Address The IP address associated with this agent. Example console#show sflow agent sFlow Version.......................... 1.3;Dell Corp.;10.23.18.28 IP Address.....
2CSPC4.X8100-SWUM100.book Page 1639 Wednesday, August 29, 2012 6:23 PM Owner String The identity string for receiver, the entity making use of this sFlowRcvrTable entry. Time Out The time (in seconds) remaining before the receiver is released and stops sending samples to sFlow receiver. Max Datagram Size The maximum number of bytes that can be sent in a single sFlow datagram. Port The destination Layer4 UDP port for sFlow datagrams.
2CSPC4.X8100-SWUM100.book Page 1640 Wednesday, August 29, 2012 6:23 PM Poller Data Source The sFlowDataSource (unit/slot/port) for this sFlow sampler. This agent will support Physical ports only. Receiver Index The sFlowReceiver associated with this sFlow counter poller. Poller Interval The number of seconds between successive samples of the counters associated with this data source.
2CSPC4.X8100-SWUM100.book Page 1641 Wednesday, August 29, 2012 6:23 PM User Guidelines The following fields are displayed: Sampler Data Source The sFlowDataSource (unit/slot/port) for this sFlow sampler. This agent will support Physical ports only. Receiver Index The sFlowReceiver configured for this sFlow sampler. Packet Sampling Rate The statistical sampling rate for packet sampling from this source.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1643 Wednesday, August 29, 2012 6:23 PM 80 SNMP Commands The SNMP component provides a machine-to-machine interface for the PowerConnect product family. This includes the ability to configure the network device, view settings and statistics, and upload or download code or configuration images.
2CSPC4.X8100-SWUM100.book Page 1644 Wednesday, August 29, 2012 6:23 PM Syntax show snmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the SNMP communications status. Console # show snmp Community-String Community-Access View name address IP ---------------- ---------------- -------------- ----- public private 172.16.1.
2CSPC4.X8100-SWUM100.book Page 1645 Wednesday, August 29, 2012 6:23 PM Authentication trap is enabled. Version 1,2 notifications Target Address Type Filter TO Retries Community Version UDP Port name -------------- -------- ----192.122.173.42 15 3 192.122.173.
2CSPC4.X8100-SWUM100.book Page 1646 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the SNMP engine ID.
2CSPC4.X8100-SWUM100.book Page 1647 Wednesday, August 29, 2012 6:23 PM Example The following examples display the configuration of filters with and without a filter name specification. console # show snmp filters Name OID Tree Type ------------------- --------------------------------user-filter1 1.3.6.1.2.1.1 Included user-filter1 1.3.6.1.2.1.1.7 Excluded user-filter2 Included 1.3.6.1.2.1.2.2.1.*.
2CSPC4.X8100-SWUM100.book Page 1648 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The group name accepts any printable characters except a double quote or question mark. Enclose the string in double quotes to include spaces within the name. The surrounding quotes are not used as part of the name.
2CSPC4.X8100-SWUM100.book Page 1649 Wednesday, August 29, 2012 6:23 PM Model Level Read Write Notify ----------------- -------- ------user-group "" V3 ------ Auth-Priv -------- ----Default "" The following table contains field descriptions. Field Description Name Name of the group Security Model SNMP model in use (v1, v2 or v3) Security Level Authentication of a packet with encryption. Applicable only to SNMP Version 3 security model.
2CSPC4.X8100-SWUM100.book Page 1650 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines The user name accepts any printable characters except a double quote or question mark. Enclose the string in double quotes to include spaces within the name. The surrounding quotes are not used as part of the name. The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely.
2CSPC4.X8100-SWUM100.book Page 1651 Wednesday, August 29, 2012 6:23 PM show snmp views Use the show snmp views command in Privileged EXEC mode to display the configuration of views. Syntax show snmp views [viewname] • viewname — Specifies the name of the view. (Range: 1-30) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1652 Wednesday, August 29, 2012 6:23 PM show trapflags Use the show trapflags command in Privileged EXEC mode to display the trap settings. Syntax show trapflags [ospf|ospfv3|captive-portal] Parameter Description Parameter Description ospf Display OSPFv2 specific trap settings. ospfv3 Display OSPFv3 specific trap settings. captive-portal Display captive-portal specific trap settings. Default Configuration There is no default configuration for this command.
2CSPC4.X8100-SWUM100.book Page 1653 Wednesday, August 29, 2012 6:23 PM Spanning Tree Flag........................ Enable VRRP trap................................. Enable ACL Traps................................. Enable DVMRP Traps............................... Disable OSPFv2 Traps.............................. Disable PIM Traps................................. Disable OSPFv3 Traps.............................. Disable FIP snooping Traps........................
2CSPC4.X8100-SWUM100.book Page 1654 Wednesday, August 29, 2012 6:23 PM virtpackets......................Disabled rtb: rtb-entryinfo...............Disabled state-change: all..............................Disabled if state change..................Enabled neighbor state change............Enabled virtif state change..............Disabled virtneighbor state change........
2CSPC4.X8100-SWUM100.book Page 1655 Wednesday, August 29, 2012 6:23 PM Default Configuration No community is defined. Default to read–only access if not specified. Command Mode Global Configuration mode User Guidelines You can not specify viewname for su, which has an access to the whole MIB. You can use the view name to restrict the access rights of a community string. When it is specified: • An internal security name is generated.
2CSPC4.X8100-SWUM100.book Page 1656 Wednesday, August 29, 2012 6:23 PM snmp-server community-group Use the snmp-server community-group command in Global Configuration mode to map the internal security name for SNMP v1 and SNMP v2 security models to the group name. To remove the specified community string, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1657 Wednesday, August 29, 2012 6:23 PM snmp-server contact Use the snmp-server contact command in Global Configuration mode to set up a system contact (sysContact) string. To remove the system contact information, use the no form of the command. Syntax snmp-server contact text no snmp-server contact • text — Character string, 0 to 160 characters, describing the system contact information. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1659 Wednesday, August 29, 2012 6:23 PM Parameter Description ospf Enable OSPF event traps. ospfv3 Enable OSPFv3 event traps. pim Enable pim traps (pim-sm and pim-dm). poe Enable poe traps. port-aggregator lagfailover Enable traps for LAG failover on port-aggregator links. snmp authentication Enable snmp authentication traps. spanning-tree Enable traps on topology changes. stack Enable stack firmware synchronization traps. vrrp Enable vrrp traps.
2CSPC4.X8100-SWUM100.book Page 1660 Wednesday, August 29, 2012 6:23 PM authentication fails. dvmrp dvmrp link Up/Down trap flag. Enable/Disable switch level Link multiple-users multiple logins Enable/Disable sending traps when active. ospf Enable/Disable OSPF Traps. ospfv3 Enable/Disable OSPF Traps. pim pim spanning-tree Tree traps.
2CSPC4.X8100-SWUM100.book Page 1661 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines If you want to use SNMPv3, you need to specify an engine ID for the device. You can specify your own ID or use a default string that is generated using the MAC address of the device. If the SNMPv3 engine ID is deleted, or the configuration file is erased, then SNMPv3 cannot be used.
2CSPC4.X8100-SWUM100.book Page 1662 Wednesday, August 29, 2012 6:23 PM no snmp-server filter filter-name [oid-tree] • filter-name — Specifies the label for the filter record that is being updated or created. The name is used to reference the record. (Range: 1-30 characters.) • oid-tree — Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system.
2CSPC4.X8100-SWUM100.book Page 1663 Wednesday, August 29, 2012 6:23 PM console(config)# snmp-server filter user-filter system.7 excluded console(config)# snmp-server filter user-filter ifEntry.*.1 included snmp-server group Use the snmp-server group command in Global Configuration mode to configure a new Simple Management Protocol (SNMP) group or a table that maps SNMP users to SNMP views. To remove a specified SNMP group, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1664 Wednesday, August 29, 2012 6:23 PM • readview — A string that is the name of the view that enables the you to view only the contents of the agent. If unspecified, all the objects except for the community-table and SNMPv3 user and access tables are available. (Range: 1-30 characters.) • writeview — A string that is the name of the view that enables the user to enter data and configure the contents of the agent. If unspecified, nothing is defined for the write view.
2CSPC4.X8100-SWUM100.book Page 1665 Wednesday, August 29, 2012 6:23 PM Syntax snmp-server host host-addr [informs [timeout seconds] [retries retries] | traps version {1 | 2 }]] community-string [udp-port port] [filter filtername] no snmp-server host host-addr { traps | informs } Parameter Description Parameter Description host-addr Specifies the IP address of the host (targeted recipient) or the name of the host.
2CSPC4.X8100-SWUM100.book Page 1666 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines If a DNS host name is entered instead of an IP address, the switch attempts to resolve the host name immediately using DNS. Use the ip domain-lookup command on page 514 and the ip name-server command on page 516 to enable resolution of DNS host names. Example The following example enables SNMP traps for host 192.16.12.143. console(config)# snmp-server host 192.16.12.
2CSPC4.X8100-SWUM100.book Page 1667 Wednesday, August 29, 2012 6:23 PM Example The following example sets the device location as "New_York". console(config)# snmp-server location New_York snmp-server user Use the snmp-server user command in Global Configuration mode to configure a new SNMP Version 3 user. To delete a user, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1668 Wednesday, August 29, 2012 6:23 PM • priv-des — The CBC-DES Symmetric Encryption privacy level. Enter a password. • priv-des-key — The CBC-DES Symmetric Encryption privacy level. The user should enter a pregenerated MD5 or SHA key depending on the authentication level selected. • des-key — The pregenerated DES encryption key.
2CSPC4.X8100-SWUM100.book Page 1669 Wednesday, August 29, 2012 6:23 PM • view-name — Specifies the label for the view record that is being created or updated. The name is used to reference the record. (Range: 1-30 characters.) • oid-tree — Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system.
2CSPC4.X8100-SWUM100.book Page 1670 Wednesday, August 29, 2012 6:23 PM console(config)# snmp-server view user-view ifEntry.*.1 included console(config)#snmp-server view "A beautiful view!" 1.1.2.1 included snmp-server v3-host Use the snmp-server v3-host command in Global Configuration mode to specify the recipient of Simple Network Management Protocol Version 3 (SNMPv3) notifications. To remove the specified host, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1671 Wednesday, August 29, 2012 6:23 PM • port — UDP port of the host to use. The default is 162. (Range: 1-65535.) • filtername — A string that is the name of the filter that define the filter for this host. If unspecified, does not filter anything. (Range: 1-30 characters.) Default Configuration Default configuration is 3 retries and 15 seconds timeout.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1673 Wednesday, August 29, 2012 6:23 PM 81 SSH Commands Management access to the switch is supported via telnet, SSH, or the serial console. The PowerConnect supports secure shell (SSH) and secure sockets layer (SSL) to help ensure the security of network transactions. Keys and certificates can be generated externally (that is, offline) and downloaded to the target or generated directly by the PowerConnect.
2CSPC4.X8100-SWUM100.book Page 1674 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines DSA keys are generated in pairs: one public DSA key and one private DSA key. If your switch already has DSA keys when you issue this command, you are warned and prompted to replace the existing keys. The keys are not saved in the switch configuration; they are saved in the file system and the private key is never displayed to the user.
2CSPC4.X8100-SWUM100.book Page 1675 Wednesday, August 29, 2012 6:23 PM the switch configuration; they are saved in the file system and the private key is never displayed to the user. RSA keys, along with other switch credentials, are distributed to all units in a stack on a configuration save. Example The following example generates RSA key pairs.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1677 Wednesday, August 29, 2012 6:23 PM ip ssh pubkey-auth Use the ip ssh pubkey-auth command in Global Configuration mode to enable public key authentication for incoming SSH sessions. To disable this function, use the no form of this command. Syntax ip ssh pubkey-auth no ip ssh pubkey-auth Default Configuration The function is disabled. Command Mode Global Configuration mode User Guidelines AAA authentication is independent from this configuration.
2CSPC4.X8100-SWUM100.book Page 1678 Wednesday, August 29, 2012 6:23 PM Default Configuration The SSH server is disabled by default. Command Mode Global Configuration mode User Guidelines To generate SSH server keys, use the commands crypto key generate rsa, and crypto key generate dsa. Example The following example enables the switch to be configured using SSH. console(config)#ip ssh server key-string Use the key-string SSH Public Key Configuration mode to specify an SSH public key manually.
2CSPC4.X8100-SWUM100.book Page 1679 Wednesday, August 29, 2012 6:23 PM User Guidelines Use the key-string row command to specify which SSH public key you will configure interactively next. To complete the interactive command, you must enter key-string row with no characters. Examples The following example shows how to enter a public key string for a user called "bob.
2CSPC4.X8100-SWUM100.book Page 1680 Wednesday, August 29, 2012 6:23 PM console(config-pubkey-key)#key-string row C1yc2 show crypto key mypubkey Use the show crypto key mypubkey command in Privileged EXEC mode to display the SSH public keys of the switch. Syntax show crypto key mypubkey [rsa | dsa] • rsa — RSA key. • dsa — DSA key. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1682 Wednesday, August 29, 2012 6:23 PM Example The following example displays all SSH public keys stored on the switch. console#show crypto key pubkey-chain ssh Username Fingerprint -------- --------------------------------------------------bob 1:86 9A:CC:01:C5:78:39:27:86:79:CC:23:C5:98:59:F john 7:C8 98:F7:6E:28:F2:79:87:C8:18:F8:88:CC:F8:89:8 The following example displays the SSH public called "dana.
2CSPC4.X8100-SWUM100.book Page 1683 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays the SSH server configuration. console#show ip ssh SSH server enabled. Port: 22 RSA key was generated. DSA key was generated. SSH Public Key Authentication is enabled.
2CSPC4.X8100-SWUM100.book Page 1684 Wednesday, August 29, 2012 6:23 PM no user-key username • username — Specifies the remote SSH client username. (Range: 1 to 40 characters) • rsa — RSA key • dsa — DSA key Default Configuration By default, there are no keys. Command Mode SSH Public Key Chain Configuration mode User Guidelines This command has no user guidelines. Example The following example enables a SSH public key to be manually configured for the SSH public key chain called "bob.
2CSPC4.X8100-SWUM100.book Page 1685 Wednesday, August 29, 2012 6:23 PM 82 Syslog Commands The PowerConnect supports a centralized logging subsystem with support for local in memory logs, crash dump logs, and forwarding messages to syslog servers. All switch components use the logging subsystem.
2CSPC4.X8100-SWUM100.book Page 1686 Wednesday, August 29, 2012 6:23 PM <190> JAN 10 18:59:17 10.27.21.22-2 CLI_WEB[209809328]: cmd_logger_api.c(260) 369 %% [CLI:----:EIA-232] Access level of user admin has been set to 15 If enabled, the CLI command logger subsystem begins to log commands immediately after the user is authenticated. After authentication, the CLI generates an explicit message and invokes the command logger. The format of the message at login is: <189> JAN 10 18:58:56 10.27.21.
2CSPC4.X8100-SWUM100.book Page 1687 Wednesday, August 29, 2012 6:23 PM logging console – clear logging Use the clear logging command in Privileged EXEC mode to clear messages from the internal logging buffer. Syntax clear logging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example clears messages from the internal syslog message logging buffer.
2CSPC4.X8100-SWUM100.book Page 1688 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC User Guidelines This command has no user guidelines. Example The following example shows the clear logging file command and confirmation response. console#clear logging file Clear logging file [y/n] description (Logging) Use the description command in Logging mode to describe the syslog server. Syntax description description • description — Sets the description of the syslog server.
2CSPC4.X8100-SWUM100.book Page 1689 Wednesday, August 29, 2012 6:23 PM level Use the level command in Logging mode to specify the severity level of syslog messages. To reset to the default value, use the no form of the command. Syntax level level no level Parameter Description Parameter Description level The severity level for syslog messages. (Range: emergency, alert, critical, error, warning, notice, info, debug) Default Configuration The default value for level is info.
2CSPC4.X8100-SWUM100.book Page 1690 Wednesday, August 29, 2012 6:23 PM Syntax logging cli-command no logging cli-command Default Configuration Disabled Command Mode Global Configuration User Guidelines See the CLI commands by using the show logging command. Example console(config)#logging cli-command console(config)#do show logging Logging is enabled Console Logging: level warnings. Console Messages: 384 Dropped. Buffer Logging: level informational.
2CSPC4.X8100-SWUM100.book Page 1691 Wednesday, August 29, 2012 6:23 PM Syslog server a1234567890123456789012345678901234567890123456789012 3456789012 logging: informational. Messages: 0 dropped 170 Messages dropped due to lack of resources. Buffer Log: <189> JAN 10 18:59:09 10.27.21.22-2 CMDLOGGER[209809328]: cmd_logger_api.c(83) 367 %% CLI:EIA-232:----:configure <190> JAN 10 18:59:17 10.27.21.22-2 CLI_WEB[209809328]: cmd_logger_api.
2CSPC4.X8100-SWUM100.book Page 1692 Wednesday, August 29, 2012 6:23 PM logging Use the logging command in Global Configuration mode to log messages to a syslog server. To delete the syslog server with the specified address from the list of syslogs, use the no form of this command. Syntax logging {ip-address | hostname} no logging {ip-address | hostname} • ip-address — IP address of the host to be used as a syslog server. • hostname — Hostname of the host to be used as a syslog server.
2CSPC4.X8100-SWUM100.book Page 1693 Wednesday, August 29, 2012 6:23 PM |||||||Line Number ||||||| ||||||File Name |||||| |||||Thread ID ||||| ||||Component Name |||| |||Stack ID ||| ||Host IP Address |Timestamp PRI PRI This consists of the facility code (see RFC 3164) multiplied by 8 and added to the severity. See below for more information on severity. Timestamp The system up time. For systems that use SNTP, this is UTC. When time zones are enabled, local time will be used.
2CSPC4.X8100-SWUM100.book Page 1694 Wednesday, August 29, 2012 6:23 PM Sequence Number The message sequence number for this stack component. Sequence numbers may be skipped because of filtering but are always monotonically increasing on a per stack member basis. Message An informative message regarding the event. Example The following example places the designated server in logging configuration mode. console(config)#logging 192.168.15.
2CSPC4.X8100-SWUM100.book Page 1695 Wednesday, August 29, 2012 6:23 PM Syntax logging buffered [severity–level] no logging buffered Parameter Description Parameter Description severity–level (Optional) The number or name of the desired severity level. Range: [0 | emergencies] [1 | alerts] [2 | critical] [3 | errors] [4 | warnings] [5 | notifications] [6 | informational] [7 | debugging] Default Configuration The default value for level is info.
2CSPC4.X8100-SWUM100.book Page 1696 Wednesday, August 29, 2012 6:23 PM logging console Use the logging console command in Global Configuration mode to limit messages logged to the console based on severity. To disable logging to the console terminal, use the no form of this command. Syntax logging console [severity–level] no logging console Parameter Description Parameter Description severity–level (Optional) The number or name of the desired severity level.
2CSPC4.X8100-SWUM100.book Page 1697 Wednesday, August 29, 2012 6:23 PM Example The following example limits messages logged to the console based on severity level "alert". console(config)#logging console alert logging facility Use the logging facility command in Global Config mode to configure the facility to be used in log messages. Syntax logging facility no logging facility Parameter Description Parameter Description facility The facility that will be indicated in the message.
2CSPC4.X8100-SWUM100.book Page 1698 Wednesday, August 29, 2012 6:23 PM logging file Use the logging file command in Global Configuration mode to limit syslog messages sent to the logging file based on severity. To cancel the buffer, use the no form of this command. Syntax logging file [severity–level-number | type] no logging file Parameter Description Parameter Description severity–level–number (Optional) The number or name of the desired severity level.
2CSPC4.X8100-SWUM100.book Page 1699 Wednesday, August 29, 2012 6:23 PM Example The following example limits syslog messages sent to the logging file based on the severity level "warning." console(config)#logging file warning logging monitor Use the logging monitor command in Global Config mode to enable logging messages to telnet and SSH sessions with the default severity level. Use the no logging monitor command to disable logging messages.
2CSPC4.X8100-SWUM100.book Page 1700 Wednesday, August 29, 2012 6:23 PM Command Mode Global Config mode User Guidelines Messages logged to the console are filtered based on severity. Selecting a severity level will log that severity and higher (numerically lower) level messages. logging on Use the logging on command in Global Configuration mode to control error messages logging. This command globally enables the sending of logging messages to the currently configured locations.
2CSPC4.X8100-SWUM100.book Page 1701 Wednesday, August 29, 2012 6:23 PM Example The following example shows how logging is enabled. console(config)#logging on logging snmp Use the logging snmp command in Global Configuration mode to enable SNMP Set command logging. To disable, use the no form of this command. Syntax logging snmp no logging snmp Default Configuration Disabled. Command Mode Global Configuration mode User Guidelines To see SNMP Set command logs use the show logging command.
2CSPC4.X8100-SWUM100.book Page 1702 Wednesday, August 29, 2012 6:23 PM Default Configuration Disabled. Command Mode Global Configuration mode User Guidelines To see web session logs use the show logging command. Example console(config)#logging web-session <133> MAR 24 07:46:07 10.131.7.165-2 UNKN[83102768]: cmd_logger_api.c(140) 764 %% WEB:10.131.7.67:<>:EwaSessionLookup : session[0] created <133> MAR 24 07:46:07 10.131.7.165-2 UNKN[83102768]: cmd_logger_api.c(140) 765 %% WEB:10.131.7.
2CSPC4.X8100-SWUM100.book Page 1703 Wednesday, August 29, 2012 6:23 PM Default Configuration The default port number is 514. Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server, the command can be executed to set the port number for the server. Example The following example sets the syslog message port to 300.
2CSPC4.X8100-SWUM100.book Page 1704 Wednesday, August 29, 2012 6:23 PM console#show logging Logging is enabled. Console Logging: level warnings. Console Messages: 1778 Dropped. Buffer Logging: level informational. Buffer Messages: 983 Logged, File Logging: level notActive. File Messages: 1783 Dropped. CLI Command Logging : disabled Switch Auditing : disabled Web Session Logging : disabled SNMP Set Command Logging : disabled 1141 Messages dropped due to lack of resources.
2CSPC4.X8100-SWUM100.book Page 1705 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example The following example displays the state of logging and syslog messages sorted in the logging file. console#show logging file Persistent Logging : enabled Persistent Log Count : 1 <186> JAN 01 00:00:05 0.0.0.0-1 UNKN[268434928]: bootos.
2CSPC4.X8100-SWUM100.book Page 1706 Wednesday, August 29, 2012 6:23 PM IP address tion Port Severity Facility Descrip -------------------------------------------------------192.180.2.275 14 Info local7 7 192.180.2.285 14 Warning local7 7 terminal monitor Use the terminal monitor command in Privileged EXEC mode to enable the display of logging messages on the terminal. Syntax terminal monitor no terminal monitor Default Configuration The default setting is terminal monitor.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1708 Wednesday, August 29, 2012 6:23 PM Syntax asset-tag [unit] tag no asset-tag [unit] • unit — Switch number. (Range: 1–12) • tag — The switch asset tag. Default Configuration No asset tag is defined by default. Command Mode Global Configuration mode User Guidelines The asset-tag command accepts any printable characters for a tag name except a double quote or question mark. Enclose the string in double quotes to include spaces within the name.
2CSPC4.X8100-SWUM100.book Page 1709 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines The exec message may consist of multiple lines. Enter a quote to complete the message and return to configuration mode. Up to 2000 characters may be entered into a banner. Each line entered will consume an extra two characters to account for the carriage return and line feed.
2CSPC4.X8100-SWUM100.book Page 1710 Wednesday, August 29, 2012 6:23 PM User Guidelines The login banner can consist of multiple lines. Enter a quote to end the banner text and return to the configuration prompt. Up to 2000 characters may be entered into a banner. Each line entered will consume an extra two characters to account for the carriage return and line feed. Different terminal emulators will exhibit different behaviors when logging in over SSH.
2CSPC4.X8100-SWUM100.book Page 1711 Wednesday, August 29, 2012 6:23 PM The motd banner is usually displayed prior to logging into the switch, although some protocols, for example SSH, may enforce different behavior. See the user guidelines for banner motd acknowledge for some examples. Example console(config)# banner motd “IMPORTANT: There is a power shutdown at 23:00hrs today, duration 1 hr 30 minutes.
2CSPC4.X8100-SWUM100.book Page 1712 Wednesday, August 29, 2012 6:23 PM telnet). See below for some examples where the MOTD prompt occurs either before or after the acknowledge prompt. The banner motd in this example is "If you need to utilize this device or otherwise make changes to the configuration, you may contact Kevin at x911. Please be advised this unit is under test by Kevin." and the banner login is "Welcome to the M6220 in the Bottom Chassis 192.168.12.190.
2CSPC4.X8100-SWUM100.book Page 1713 Wednesday, August 29, 2012 6:23 PM SSH (xterm): [root@kevin ~]# ssh 192.168.12.84 -l dellradius If you need to utilize this device or otherwise make changes to the configuration, you may contact Kevin at x911. Please, be advised this unit is under test by Kevin. dellradius@192.168.12.84's password: Press 'y' to continue (within 30 seconds) (y/n) Welcome to the M6220 in the Bottom Chassis - 192.168.12.190. This unit is located in A2 and is currently under test.
2CSPC4.X8100-SWUM100.book Page 1714 Wednesday, August 29, 2012 6:23 PM Press ‘y’ to continue If ‘y’ is entered, the following displays: console > If ‘n’ is entered, the session will get disconnected, unless it is a serial connection. clear checkpoint statistics Use the clear checkpoint statistics command to clear the statistics for the checkpointing process. Syntax clear checkpoint statistics Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1715 Wednesday, August 29, 2012 6:23 PM cut-through mode Use the cut-through mode command to enable the cut-through mode on the switch. The mode takes effect on all ports on next reload of the switch. To disable the cut-through mode on the switch, use the no form of this command. Syntax cut-through mode no cut-through mode Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines No specific guidelines.
2CSPC4.X8100-SWUM100.book Page 1716 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Line Configuration User Guidelines The exec banner can consist of multiple lines. Enter a quote to complete the message and return to configuration mode. Example console(config-telnet)# no exec-banner hardware profile portmode Use the hardware profile portmode command in Interface Config mode to configure a 40G port in 4x10G mode or 1x40G mode.
2CSPC4.X8100-SWUM100.book Page 1717 Wednesday, August 29, 2012 6:23 PM Command Mode Interface Config mode User Guidelines This command can only be executed on the 40G interface. Entering this command on any of the 4x10G interfaces (or any other 10G port) will give an error. This command takes effect only after rebooting the switch. hostname Use the hostname command in Global Configuration mode to specify or modify the switch host name. To restore the default host name, use the no form of the command.
2CSPC4.X8100-SWUM100.book Page 1718 Wednesday, August 29, 2012 6:23 PM Example The following example specifies the switch host name. console(config)# hostname Dell initiate failover To manually force a failover from the management unit to the backup unit in a stack, use the initiate failover command in Stack Configuration mode. Syntax This command has no user guidelines. Default Configuration There is no default configuration.
2CSPC4.X8100-SWUM100.book Page 1719 Wednesday, August 29, 2012 6:23 PM locate Use the locate command to locate a switch by LED blinking. Syntax locate [switch unit] [time time] Parameter Description Parameter Description switch unit If multiple devices are stacked, you can choose which switch to identify. time time LED blinking duration in seconds. Range 1-3600 seconds. Default Configuration Default value is 20 seconds.
2CSPC4.X8100-SWUM100.book Page 1720 Wednesday, August 29, 2012 6:23 PM Syntax login-banner no login-banner • MESSAGE — Quoted text Default Configuration This command has no default configuration. Command Mode Line Configuration User Guidelines This command has no user guidelines. Example console(config-telnet)# no login-banner media-type Select the media-type command for the interface. This command is only valid on combo ports.
2CSPC4.X8100-SWUM100.book Page 1721 Wednesday, August 29, 2012 6:23 PM Default Configuration The default is media-type auto-select sfp. Command Mode Interface Config User Guidelines When both media types are connected, the preference as determined by the auto-select keyword parameter selects the active media. When the auto-select keyword is not specified, the selected media type is powered on and the alternate media type is powered off.
2CSPC4.X8100-SWUM100.book Page 1722 Wednesday, August 29, 2012 6:23 PM • unit — The switch identifier of the switch to be added or removed from the stack. (Range: 1–12) • switchindex — The index into the database of the supported switch types, indicating the type of the switch being preconfigured. The switch index is a 32-bit integer obtained from the show supported switchtype command. Default configuration This command has no defaults.
2CSPC4.X8100-SWUM100.book Page 1723 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Line Configuration User Guidelines This command has no user guidelines. Example console(config-telnet)# motd-banner nsf Use this command to enable non-stop forwarding. The no form of the command will disable NSF. Syntax nsf no nsf Default Configuration Non-stop forwarding is enabled by default.
2CSPC4.X8100-SWUM100.book Page 1724 Wednesday, August 29, 2012 6:23 PM ping Use the ping command in User EXEC mode to check the accessibility of the desired node on the network. Syntax ping [ ip | ipv6 ] ipaddress | hostname [ repeat count ] [ timeout interval ] [ size size ] • ipaddress — IP address to ping (contact). • hostname — Hostname to ping (contact). (Range: 1–158 characters).
2CSPC4.X8100-SWUM100.book Page 1725 Wednesday, August 29, 2012 6:23 PM Reply From 10.27.65.60: icmp_seq = 0. time <10 msec. Reply From 10.27.65.60: icmp_seq = 1. time <10 msec. Reply From 10.27.65.60: icmp_seq = 2. time <10 msec. Reply From 10.27.65.60: icmp_seq = 3. time <10 msec. ----10.27.65.60 PING statistics---4 packets transmitted, 4 packets received, 0% packet loss round-trip (msec) min/avg/max = <10/<10/<10 console# The following example displays a ping to yahoo.com. console#ping yahoo.
2CSPC4.X8100-SWUM100.book Page 1726 Wednesday, August 29, 2012 6:23 PM Syntax reload [stack–member–number] Parameter Description Parameter Description stack–member–number The stack member to be reloaded. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines If no unit is specified, all units are reloaded. Example The following example displays how to reload the stack. console#reload 1 Management switch has unsaved changes.
2CSPC4.X8100-SWUM100.book Page 1727 Wednesday, August 29, 2012 6:23 PM • unit — The switch identifier. (Range: 1–12) • description — The text description. (Range: 1–80 alphanumeric characters) Default Configuration This command has no default configuration. Command Mode Stack Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1728 Wednesday, August 29, 2012 6:23 PM • PowerConnect 7048R-RA • CX4 Expansion Card • 10GBaseT Expansion Card • SFP+ Expansion Card Use the no form of the command to return the unit/slot configuration to the default value. Syntax slot unit/slot cardindex no slot unit/slot • unit/slot — The slot identifier of the slot.
2CSPC4.X8100-SWUM100.book Page 1729 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example console#show banner Banner:Exec Line Console...................... Enable Line SSH.......................... Disable Line Telnet....................... Enable ===exec===== Banner:Login Line Console...................... Enable Line SSH.......................... Enable Line Telnet.......................
2CSPC4.X8100-SWUM100.book Page 1730 Wednesday, August 29, 2012 6:23 PM show boot-version The show boot-version command is deprecated on the PC81xx only. Use the show boot-version command to display the boot image version details. The details available to the user include the build date and time. Syntax show boot-version [ unit ] • unit — The switch identifier. (Range: 1–12) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1731 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines When nonstop forwarding is enabled on a stack, the stack's management unit checkpoints operational data to the backup unit. If the backup unit takes over as the management unit, the control plane on the new management unit uses the checkpointed data when initializing its state.
2CSPC4.X8100-SWUM100.book Page 1732 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. User Guidelines No specific guidelines. Example Console#show cut-through mode Current mode : Enable Configured mode : Disable (This mode is effective on next reload) show hardware profile Use the show hardware profile command in Privileged EXEC mode to display the hardware profile information for the 40G ports.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1734 Wednesday, August 29, 2012 6:23 PM Example console#show interfaces advanced firmware Port Revision Part number -------- ----------- ----------Te1/0/1 0x411 BCM8727 Te1/0/2 0x411 BCM8727 Te1/0/3 0x411 BCM8727 Te1/0/4 0x411 BCM8727 Te1/0/5 0x411 BCM8727 show interfaces media-type Use the show interfaces media-type command in Privileged EXEC mode to display the configured and active media type for the combo ports.
2CSPC4.X8100-SWUM100.book Page 1735 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1736 Wednesday, August 29, 2012 6:23 PM Total Memory........................... 262144 KBytes Available Memory Space................. 121181 KBytes show nsf Use the show nsf command to show the status of non-stop forwarding. Syntax show nsf Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command.
2CSPC4.X8100-SWUM100.book Page 1737 Wednesday, August 29, 2012 6:23 PM Warm Restart Ready............................. Yes Copy of Running Configuration to Backup Unit: Status...................................... Stale Time Since Last Copy........................ 0 days 4 hrs 53 mins 22 secs Time Until Next Copy........................
2CSPC4.X8100-SWUM100.book Page 1738 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines There are no user guidelines for this command. Example console#show power-usage-history unit 1 Sampling Interval (sec)........................ 30 Total No. of Samples to Keep................... 168 Current Power Consumption (mWatts)............. 56172 Sample No.
2CSPC4.X8100-SWUM100.book Page 1739 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC, Config mode and all Config sub-modes Default Configuration This command has no default configuration. User Guidelines No specific guidelines. Example console#show process cpu Memory Utilization Report status bytes ------ ---------free 64022608 alloc 151568112 CPU Utilization: PID Min Name 5 Sec 1 Min 5 -------------------------------------------------------328bb20 tTffsPTask 0.02% 0.
2CSPC4.X8100-SWUM100.book Page 1740 Wednesday, August 29, 2012 6:23 PM 3295410 tXbdService 0.03% 0.00% 0.00% 347dcd0 ipnetd 0.01% 0.00% 0.00% 348a440 osapiTimer 1.21% 1.20% 1.43% 358ee70 bcmL2X.0 0.12% 0.40% 0.30% 359d2e0 bcmCNTR.0 0.50% 0.80% 0.42% 3b5b750 bcmRX 0.12% 0.00% 0.13% 3d3f6d0 MAC Send Task 0.10% 0.00% 0.07% 3d48bd0 MAC Age Task 0.03% 0.00% 0.00% 40fdbf0 bcmLINK.0 0.46% 0.00% 0.14% 4884e70 tL7Timer0 0.02% 0.00% 0.06% 48a1250 osapiMonTask 0.17% 0.00% 0.
2CSPC4.X8100-SWUM100.book Page 1741 Wednesday, August 29, 2012 6:23 PM 58e9bc0 Dynamic ARP Inspection 0.03% 0.00% 0.06% 62038a0 dot1s_timer_task 0.03% 0.00% 0.00% 687f360 dot1xTimerTask 0.07% 0.00% 0.06% 6e23370 radius_task 0.01% 0.00% 0.00% 6e2c870 radius_rx_task 0.03% 0.00% 0.06% 7bc9030 spmTask 0.01% 0.00% 0.09% 7c58730 ipMapForwardingTask 0.03% 0.00% 0.06% 7f6eee0 tRtrDiscProcessingTask 0.01% 0.00% 0.00% b1516d0 dnsRxTask 0.01% 0.00% 0.00% b194d60 tCptvPrtl 0.03% 0.00% 0.
2CSPC4.X8100-SWUM100.book Page 1742 Wednesday, August 29, 2012 6:23 PM Total CPU Utilization 3.45% 2.40% 3.62% show sessions Use the show sessions command in Privileged EXEC mode to display a list of the open telnet sessions to remote hosts. Syntax show sessions Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1743 Wednesday, August 29, 2012 6:23 PM The following table describes the significant fields shown in the display. Field Description Connection Connection number Host Remote host to which the switch is connected through a Telnet session Address IP address of the remote host Port Telnet TCP port number show slot Use the show slot command in User EXEC mode to display information about all the slots in the system or for a specific slot.
2CSPC4.X8100-SWUM100.book Page 1744 Wednesday, August 29, 2012 6:23 PM Parameter Description Inserted Card Model Identifier The model identifier of the card inserted in the slot. Model identifier is a 32character field used to identify a card. This field is displayed only if the slot is full. Inserted Card Description The card description. This field is displayed only if the slot is full. Configured Card Description The description of the card preconfigured in the slot.
2CSPC4.X8100-SWUM100.book Page 1745 Wednesday, August 29, 2012 6:23 PM The following table explains the output parameters. Parameter Description Card Index (CID) The index into the database of the supported card types. This index is used when preconfiguring a slot. Card Model Identifier The model identifier for the supported card type. If you supply a value for cardindex, the following additional information appears as shown in the table below.
2CSPC4.X8100-SWUM100.book Page 1746 Wednesday, August 29, 2012 6:23 PM Syntax show supported switchtype [switchindex] • switchindex — Specifies the index into the database of the supported switch types, indicating the type of the switch being preconfigured. The switch index is a 32-bit integer. (Range: 0–65535) Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1747 Wednesday, August 29, 2012 6:23 PM Field Description Management Preference This field indicates the management preference value of the switch type. Code Version This field displays the code load target identifier of the switch type. The following example displays the format of the show supported switchtype [switchindex] command. console#show supported switchtype 1 Switch Type....................... 0xd8200001 Model Identifier..................
2CSPC4.X8100-SWUM100.book Page 1748 Wednesday, August 29, 2012 6:23 PM Use the show switch command in User EXEC mode to display information about units in the stack. The show switch command shows the configuration and status of the stacking units, including the active and standby stack management units, the pre-configured model identifier, the plugged in model identifier, the switch status and the current code version.
2CSPC4.X8100-SWUM100.book Page 1749 Wednesday, August 29, 2012 6:23 PM Parameter Description diag Display front panel stacking diagnostics for each port. stack–standby Display the configured or automatically selected standby unit number. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1750 Wednesday, August 29, 2012 6:23 PM Detected Code Version............. 4.1.0.6 Detected Code in Flash............ 4.1.0.6 SFS Last Attempt Status........... None CPLD Version...................... 3 Serial Number..................... Up Time........................... 0 days 0 hrs 11 mins 34 secs console#The following table describes the fields in the example. Unit Description Switch This field displays the unit identifier assigned to the switch.
2CSPC4.X8100-SWUM100.book Page 1751 Wednesday, August 29, 2012 6:23 PM Unit Description Detected Code Version This field displays the version of code running on this switch. If the switch is not present and the data is from preconfiguration, the code version is "None." Detected Code in Flash This field displays the version of code that is currently stored in FLASH memory on the switch. This code will execute after the switch is reset.
2CSPC4.X8100-SWUM100.book Page 1752 Wednesday, August 29, 2012 6:23 PM Unit Description Preconfigured Model Identifier This field displays the model identifier of a preconfigured switch ready to join the stack. The Model Identifier is a 32-character field assigned by the switch manufacturer to identify the switch. Plugged-In Model Identifier This field displays the model identifier of the switch in the stack.
2CSPC4.X8100-SWUM100.book Page 1753 Wednesday, August 29, 2012 6:23 PM Parameter Description Range Default Last Startup Reason The type of activation that caused the software to start the last time. There are four options. “Power-On” means that the switch rebooted. This could have been caused by a power cycle or an administrative “Reload” command. “Administrative Move” means that the administrator issued a command for the stand-by manager to take over.
2CSPC4.X8100-SWUM100.book Page 1754 Wednesday, August 29, 2012 6:23 PM Parameter Description Range Time Since Last Copy When the running configuration was last copied from the management unit to the backup unit. Time Stamp Time Until Next Copy The number of seconds until the running configuration will be copied to the backup unit. This line only appears when the running configuration on the backup unit is Stale.
2CSPC4.X8100-SWUM100.book Page 1755 Wednesday, August 29, 2012 6:23 PM Unit NSF Support ---- ----------- 1 Yes 2 Yes 3 Yes Per Unit Status Parameters are explained as follows: Parameter Description Range Default NSF Support Whether a unit supports NSF Yes or No — Example – Switch Firmware Stack Status The following example displays the Switch Firmware stack status information for the switch.
2CSPC4.X8100-SWUM100.book Page 1756 Wednesday, August 29, 2012 6:23 PM Management Status................. Management Switch Hardware Management Preference.... Unassigned Admin Management Preference....... Unassigned Switch Type....................... 0xb6340001 Preconfigured Model Identifier.... PCT7048 Plugged-in Model Identifier....... PCT7048 Switch Status..................... OK Switch Description................ PowerConnect 7048 Expected Code Type................ 0x100b000 Detected Code Version......
2CSPC4.X8100-SWUM100.book Page 1757 Wednesday, August 29, 2012 6:23 PM 2ANFirebolt-48ANFirebolt-48SDM Mismatch 2.24.17.48 show system Use the show system command in User EXEC mode to display system information. Syntax show system [unit] • unit — The unit number. Default Configuration This command has no default configuration. Command Mode User EXEC mode, Config mode and all Config sub-modes User Guidelines This command has no user guidelines.
2CSPC4.X8100-SWUM100.book Page 1758 Wednesday, August 29, 2012 6:23 PM User Guidelines This command has no user guidelines. Example console>show system fan Fans: Unit Description Status ---- ----------- -----1 Fan 1 OK 1 Fan 2 OK 1 Fan 3 OK show system id Use the show system id command in User EXEC mode to display the system identity information. Syntax show system id [unit] • unit — The unit number. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1759 Wednesday, August 29, 2012 6:23 PM console>show system id Service Tag: 89788978 Serial number: 8936589782 Asset tag: 7843678957 Unit Service tag Serial number Asset tag ----- ------------ -------------- ----------- 1 89788978 8936589782 7843678957 2 4254675 3216523877 5621987728 show system power Use the show system power command in User EXEC or Privileged EXEC mode to display information about the system level power consumption.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1762 Wednesday, August 29, 2012 6:23 PM 1 Fan 3 OK show tech-support Use the show tech-support command to display system and configuration information for use in debugging or contacting technical support.
2CSPC4.X8100-SWUM100.book Page 1763 Wednesday, August 29, 2012 6:23 PM Example console#show tech-support ***************** Show Version ****************** Switch: 2 System Description............................. PowerConnect 6248P, 1.23.0.33 VxWorks 6.5 Machine Type................................... PowerConnect 6248P Machine Model.................................. PCT6248P Serial Number.................................. CN0PK4632829881C0067 FRU Number.....................................
2CSPC4.X8100-SWUM100.book Page 1764 Wednesday, August 29, 2012 6:23 PM Network Processing Device...................... BCM56314_A0 Additional Packages............................ QOS Multicast Stacking Routing ***************** Show SysInfo ****************** System Location................................ System Contact................................. System Object ID............................... 1.3.6.1.4.1.674.10895.3013 System Up Time.................................
2CSPC4.X8100-SWUM100.book Page 1765 Wednesday, August 29, 2012 6:23 PM show users Use the show users command in Privileged EXEC mode to display information about the active users. The command also shows which administrative profiles have been assigned to local user accounts and to show which profiles are active for logged-in users. Syntax show users [long] Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1766 Wednesday, August 29, 2012 6:23 PM Administrative Profile(s): network-admin user 1 --- --- False Administrative Profile(s): network-operator console# show version Use the show version command in User EXEC mode to displays the system version information. Syntax show version [unit ] • unit — The unit number. Default Configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1767 Wednesday, August 29, 2012 6:23 PM ----------------------------------------------------------------unit image1 active image2 current-active next- ---------------------------------------------------------------1 K.3.9.1 0.0.0.0 image1 image1 2 K.3.9.1 0.0.0.0 image1 image1 stack Use the stack command in Global Configuration mode to set the mode to Stack Global Config. Syntax stack Default Configuration This command has no default mode.
2CSPC4.X8100-SWUM100.book Page 1768 Wednesday, August 29, 2012 6:23 PM console(config-stack)# stack-port Use the stack-port command in Stack Configuration mode to configure ports as either Stacking ports or as Ethernet ports. This command is used to configure Ethernet ports to operate as either stacking or Ethernet ports.
2CSPC4.X8100-SWUM100.book Page 1769 Wednesday, August 29, 2012 6:23 PM console(config-stack)# standby Use the standby command to configure the standby in the stack. This unit comes up as the master when the stack failover occurs. Use the no form of this command to reset to default, in which case, a standby is automatically selected from the existing stack units if there no preconfiguration. Syntax standby unit no standby • unit — Valid unit number in the stack. (Range: 1–6 maximum.
2CSPC4.X8100-SWUM100.book Page 1770 Wednesday, August 29, 2012 6:23 PM switch renumber Use the switch renumber command in Global Configuration mode to change the identifier for a switch in the stack. Upon execution, the switch is configured with the configuration information for the new switch, if any is available. The old switch configuration information is retained; however, the old switch will be operationally unplugged. Syntax switch oldunit renumber newunit • oldunit — The current switch identifier.
2CSPC4.X8100-SWUM100.book Page 1771 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description ip-address Valid IP address of the destination host. hostname Hostname of the destination host. (Range: 1–158 characters). port A decimal TCP port number, or one of the keywords from the port table in the usage guidelines (see Port Table below). keyword One or more keywords from the keywords table in the user guidelines (see Keywords Table below).
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1773 Wednesday, August 29, 2012 6:23 PM Default Configuration port — Telnet port (decimal 23) on the host. Command Mode User EXEC, Privileged EXEC mode User Guidelines This command has no user guidelines. Example Following is an example of using the telnet command to connect to 176.213.10.50. console#telnet 176.213.10.
2CSPC4.X8100-SWUM100.book Page 1774 Wednesday, August 29, 2012 6:23 PM Parameter Description initTtl The initial time-to-live (TTL); the maximum number of router hops between the local and remote system (Range: 0–255). maxTtl The largest TTL value that can be used (Range:1–255). maxFail Terminate the traceroute after failing to receive a response for this number of consecutive probes (Range: 0–255). interval The timeout period.
2CSPC4.X8100-SWUM100.book Page 1775 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Examples The following example discovers the routes that packets will actually take when traveling to the destination specified in the command. console#traceroute 192.168.77.171 Tracing route over a maximum of 20 hops 1 192.168.21.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1777 Wednesday, August 29, 2012 6:23 PM Telnet Server Commands 84 The Telnet protocol (outlined in RFC 854) allows users (clients) to connect to multiuser computers (servers) on the network. Telnet is often employed when a user communicates with a remote login service. Telnet is the terminal emulation protocol in the TCP/IP suite. Telnet uses TCP as the transport protocol to initiate a connection between server and client.
2CSPC4.X8100-SWUM100.book Page 1778 Wednesday, August 29, 2012 6:23 PM Examples 1 SSH (putty): login as: dellradius If you need to utilize this device or otherwise make changes to the configuration, you may contact the owner at x38525. Please, be advised this unit is under test. dellradius@192.168.12.84's password: Press 'y' to continue (within 30 seconds) (y/n) Welcome to the M6220 in the Bottom Chassis 192.168.12.190. This unit is located in A2 and is currently under test.
2CSPC4.X8100-SWUM100.book Page 1779 Wednesday, August 29, 2012 6:23 PM 3 SSH (xterm): [root ~]# ssh 192.168.12.84 -l dellradius If you need to utilize this device or otherwise make changes to the configuration, you may contact the owner at x38525. Please, be advised this unit is under test. dellradius@192.168.12.84's password: Press 'y' to continue (within 30 seconds) (y/n) Welcome to the M6220 in the Bottom Chassis 192.168.12.190. This unit is located in A2 and is currently under test.
2CSPC4.X8100-SWUM100.book Page 1780 Wednesday, August 29, 2012 6:23 PM Commands in this Chapter This chapter explains the following commands: ip telnet server disable show ip telnet ip telnet port – ip telnet server disable The ip telnet server disable command is used to enable/disable the Telnet service on the switch. Syntax ip telnet server disable no ip telnet server disable Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines No specific guidelines.
2CSPC4.X8100-SWUM100.book Page 1781 Wednesday, August 29, 2012 6:23 PM ip telnet port The ip telnet port command is used to configure the Telnet TCP port number on the switch. Syntax ip telnet port port number • port number — Telnet TCP port number (Range: 1–65535) Default Configuration The default value for the Telnet TCP port is 23.
2CSPC4.X8100-SWUM100.book Page 1782 Wednesday, August 29, 2012 6:23 PM Command Mode Privileged EXEC, Config mode and all Config sub-modes Example (console)#show ip telnet Telnet Server is Enabled.
2CSPC4.X8100-SWUM100.book Page 1783 Wednesday, August 29, 2012 6:23 PM Terminal Length Commands 85 This chapter provides information about terminal length commands. terminal length Use the terminal length command to set the terminal length. Use the no form of the command to reset the terminal length to the default. Syntax terminal length value no terminal length • value — The length in number of lines. Range: 0–512 Default Configuration This default value is 24.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1785 Wednesday, August 29, 2012 6:23 PM Time Ranges Commands 86 Time ranges are used with time-based ACLs to restrict their application due to specific time slots. This chapter explains the following commands: time-range periodic absolute show time-range time-range Use the time-range command in Global Configuration mode to create a time range identified by name, consisting of one absolute time entry and/or one or more periodic time entries.
2CSPC4.X8100-SWUM100.book Page 1786 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration User Guidelines The CLI mode changes to Time-Range Configuration mode when you successfully execute this command. Example console(config)#time-range timeRange_1 absolute Use the absolute command in Time Range Configuration mode to add an absolute time entry to a time range. Use the no form of this command to delete the absolute time entry in the time range.
2CSPC4.X8100-SWUM100.book Page 1787 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Time Range Configuration User Guidelines Only one absolute time entry is allowed per time-range. The time parameter is referenced to the currently configured time zone. Example console#time-range timeRange_1 console(Config-time-range)#absolute end 12:00 16 Dec 2010 periodic Use the periodic command to add a periodic time entry to a time range.
2CSPC4.X8100-SWUM100.book Page 1788 Wednesday, August 29, 2012 6:23 PM Parameter Description Parameter Description days-of-the-week The first occurrence of this argument is the starting day or days from which the configuration that referenced the time range starts going into effect. The second occurrence is the ending day or days from which the configuration that referenced the time range is no longer in effect. If the end days-of-the-week are the same as the start, they can be omitted.
2CSPC4.X8100-SWUM100.book Page 1789 Wednesday, August 29, 2012 6:23 PM When both periodic and absolute time entries are specified within a time range, the periodic time entries limit the time range to only those times specified within the periodic time range and bounded by the absolute time range. In this case, the absolute time entry specifies the absolute start and end dates/times and the periodic entries specify the start/stop times within the limits of the absolute time entry dates and times.
2CSPC4.X8100-SWUM100.book Page 1790 Wednesday, August 29, 2012 6:23 PM Syntax show time-range [name] Parameter Description Parameter Description Number of Time Ranges Number of time ranges configured in the system. Time Range Name Name of the time range. Time Range Status Status of the time range(active/inactive). Absolute start Start time and day for absolute time entry. Absolute end End time and day for absolute time entry. Periodic Entries Number of periodic entries in a time-range.
2CSPC4.X8100-SWUM100.book Page 1791 Wednesday, August 29, 2012 6:23 PM Entry Number: 1 Absolute End Time.............................. 12:00 16 Dec 2010 Periodic Entries: 4 Entry Number: 2 Periodic Start Time............................ MON 00:00 Periodic End Time.............................. TUE 12:30 Entry Number: 3 Periodic Start Time............................ TUE 13:00 Periodic End Time.............................. WED 12:00 Entry Number: 4 Periodic Start Time............................
2CSPC4.X8100-SWUM100.book Page 1792 Wednesday, August 29, 2012 6:23 PM Periodic End Time..............................
2CSPC4.X8100-SWUM100.book Page 1793 Wednesday, August 29, 2012 6:23 PM User Interface Commands 87 This chapter explains the following commands: enable – end – exit quit enable Use the enable command in User EXEC mode to enter the Privileged EXEC mode. Syntax enable Default Configuration The default privilege level is 15.
2CSPC4.X8100-SWUM100.book Page 1794 Wednesday, August 29, 2012 6:23 PM end Use the end command to get the CLI user control back to the privileged execution mode or user execution mode. Syntax end Default Configuration This command has no default configuration. Command Mode All command modes User Guidelines No specific guidelines.
2CSPC4.X8100-SWUM100.book Page 1795 Wednesday, August 29, 2012 6:23 PM Command Mode All command modes. In User EXEC mode, this command behaves identically with the quit command. User Guidelines There are no user guidelines for this command. Example The following example changes the configuration mode from Interface Configuration mode to User EXEC mode to the login prompt.
2CSPC4.X8100-SWUM100.book Page 1796 Wednesday, August 29, 2012 6:23 PM Example The following example closes an active terminal session.
2CSPC4.X8100-SWUM100.book Page 1797 Wednesday, August 29, 2012 6:23 PM Web Server Commands 88 If enabled, the PowerConnect is manageable via industry standard web browsers. User privilege levels are the same as for the CLI. Over 95% of the management functions are available via the web interface, including configuration and firmware upgrades. Web Sessions The HTTP protocol does not provide support for persistent connections.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1799 Wednesday, August 29, 2012 6:23 PM Default Configuration This command has no default configuration. Command Mode Crypto Certification mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command. Example The following example displays how to specify the name of "router.gm.com." console(config-crypto-cert)#common-name router.gm.
2CSPC4.X8100-SWUM100.book Page 1800 Wednesday, August 29, 2012 6:23 PM Example The following example displays how to specify the country as "us." console(config-crypto-cert)#country us crypto certificate generate Use the crypto certificate generate command in Global Configuration mode to generate a self-signed HTTPS certificate. Syntax crypto certificate number generate Parameter Description Parameter Description number Specifies the certificate number.
2CSPC4.X8100-SWUM100.book Page 1801 Wednesday, August 29, 2012 6:23 PM console(config)#crypto certificate 1 generate console(config-crypto-cert)#common-name DELL console(config-crypto-cert)#country US console(config-crypto-cert)#Duration 3650 console(config-crypto-cert)#email no-reply@dell.com console(config-crypto-cert)#location "Round Rock" console(config-crypto-cert)#organization-unit "PowerConnect Networking" console(config-crypto-cert)#organization-name "Dell, Inc.
2CSPC4.X8100-SWUM100.book Page 1802 Wednesday, August 29, 2012 6:23 PM User Guidelines Use this command to enter an external certificate (signed by the Certification Authority) to the switch. To end the session, add a period (.) on a separate line after the input, and press ENTER. The imported certificate must be based on a certificate request created by the crypto certificate request Privileged EXEC command.
2CSPC4.X8100-SWUM100.book Page 1803 Wednesday, August 29, 2012 6:23 PM Issued to: router.gm.com Issued by: www.verisign.com Valid from: 8/9/2005 to 8/9/2005 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 crypto certificate request Use the crypto certificate request command in Privileged EXEC mode to generate and display a certificate request for HTTPS. This command takes you to Crypto Certificate Request mode.
2CSPC4.X8100-SWUM100.book Page 1804 Wednesday, August 29, 2012 6:23 PM Use the end command to exit Crypto Certificate Request mode without generating a certificate request. Use the exit command to exit Crypto Certificate Request mode and generate a certificate request. duration Use the duration command in Crypto Certificate Generation mode to specify the duration. Syntax duration days • days — Specifies the number of days a certification would be valid.
2CSPC4.X8100-SWUM100.book Page 1805 Wednesday, August 29, 2012 6:23 PM Syntax ip http port port-number no ip http port • port-number — Port number for use by the HTTP server. (Range: 1–65535) Default Configuration This default port number is 80. Command Mode Global Configuration mode User Guidelines The HTTP TCP port should not be set to a value that might conflict with other well-known protocol port numbers used on this switch.
2CSPC4.X8100-SWUM100.book Page 1806 Wednesday, August 29, 2012 6:23 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables the switch to be configured from a browser. console(config)#ip http server ip http secure-certificate Use the ip http secure-certificate command in Global Configuration mode to configure the active certificate for HTTPS. To return to the default setting, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1807 Wednesday, August 29, 2012 6:23 PM User Guidelines The HTTPS certificate is generated using the crypto certificate generate command in Global Configuration mode. Example The following example configures the active certificate for HTTPS. console(config)#ip http secure-certificate 1 ip http secure-port Use the ip http secure-port command in Global Configuration mode to configure a TCP port for use by a secure web browser to configure the switch.
2CSPC4.X8100-SWUM100.book Page 1808 Wednesday, August 29, 2012 6:23 PM Example The following example configures the HTTPS port number to 100. console(config)#ip http secure–port 2 ip http secure-server Use the ip http secure-server command in Global Configuration mode to enable the switch to be configured, monitored, or modified securely from a browser. To disable this function, use the no form of this command.
2CSPC4.X8100-SWUM100.book Page 1809 Wednesday, August 29, 2012 6:23 PM • length — Specifies the length of the SSL RSA key. If left unspecified, this parameter defaults to 1024. (Range: 512–2048) Default Configuration This command has no default configuration. Command Mode Crypto Certificate Generation mode User Guidelines This command mode is entered using the crypto certificate request command.
2CSPC4.X8100-SWUM100.book Page 1810 Wednesday, August 29, 2012 6:23 PM User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command. Example The following example displays how to specify the city location of "austin." console(config-crypto-cert)#location austin organization-unit Use the organization-unit command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the organization unit.
2CSPC4.X8100-SWUM100.book Page 1811 Wednesday, August 29, 2012 6:23 PM show crypto certificate mycertificate Use the show crypto certificate mycertificate command in Privileged EXEC mode to view the SSL certificates of your switch. Syntax show crypto certificate mycertificate [number] • number — Specifies the certificate number. (Range: 1–2 digits) Default configuration This command has no default configuration.
2CSPC4.X8100-SWUM100.book Page 1812 Wednesday, August 29, 2012 6:23 PM Issued by: www.verisign.com Valid from: 8/9/2003 to 8/9/2004 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 show ip http server status Use the show ip http server command in User EXEC or Privileged EXEC mode to display the HTTP server status information. Syntax show ip http server status Syntax Description This command has no arguments or keywords.
2CSPC4.X8100-SWUM100.book Page 1813 Wednesday, August 29, 2012 6:23 PM Syntax show ip http server secure status Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes, Config mode and all Config sub-modes User Guidelines This command has no user guidelines. Example The following example displays an HTTPS server configuration with DH Key exchange enabled.
2CSPC4.X8100-SWUM100.book Page 1814 Wednesday, August 29, 2012 6:23 PM Finger print: 1873B936 88DC3411 BC8932EF 782134BA The following example displays the HTTPS server configuration with DH Key exchange disabled. console#show ip https HTTPS server enabled. Port: 443 DH Key exchange disabled, parameters are being generated. Certificate 1 is active Issued by: www.verisign.com Valid from: 8/9/2003 to 8/9/2004 Subject: CN= router.gm.
2CSPC4.X8100-SWUM100.book Page 1815 Wednesday, August 29, 2012 6:23 PM Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command. Example The following example shows how to specify the state of "texas.
2CSPC4.X8100-SWUM100.
2CSPC4.X8100-SWUM100.book Page 1817 Wednesday, August 29, 2012 6:23 PM Appendix A: List of Commands A aaa accounting dot1x default start-stop . . . . . . . . . . . . . . . . . . . . . . . . . . 709 aaa authentication dot1x default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 aaa authentication enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 aaa authentication login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1818 Wednesday, August 29, 2012 6:23 PM area virtual-link retransmit-interval . . . . . . . . . . . . . . . . . . . . . . . 1227, 1315 area virtual-link transmit-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . 1228, 1316 arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 956 arp access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1819 Wednesday, August 29, 2012 6:23 PM channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624 class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 647 class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 648 class-map rename . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1820 Wednesday, August 29, 2012 6:23 PM clear mac address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 clear priority-flow-control statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 949 clear spanning-tree detected-protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 739 client-identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 client-name . . . . . .
2CSPC4.X8100-SWUM100.book Page 1821 Wednesday, August 29, 2012 6:23 PM debug ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1615 debug ip mcache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1616 debug ip pimdm packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1617 debug ip pimsm packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1618 debug ip vrrp .
2CSPC4.X8100-SWUM100.book Page 1822 Wednesday, August 29, 2012 6:23 PM dhcp l2relay (Interface Configuration) . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 dhcp l2relay circuit-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 dhcp l2relay remote-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344 dhcp l2relay trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1823 Wednesday, August 29, 2012 6:23 PM drop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 660 duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416 duration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1804 dvlan-tunnel ethertype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1824 Wednesday, August 29, 2012 6:23 PM gvrp enable (global) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . gvrp enable (interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . gvrp registration-forbid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . gvrp vlan-creation-forbid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1825 Wednesday, August 29, 2012 6:23 PM ip dhcp conflict logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 980 ip dhcp excluded-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 981 ip dhcp ping packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 982 ip dhcp pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1826 Wednesday, August 29, 2012 6:23 PM ip igmp snooping (global) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486 ip igmp snooping (interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487 ip igmp snooping (VLAN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494 ip igmp snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1827 Wednesday, August 29, 2012 6:23 PM ip ospf database-filter all out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1243 ip ospf dead-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1243 ip ospf hello-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1244 ip ospf mtu-ignore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1828 Wednesday, August 29, 2012 6:23 PM ip verify source port-security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558 ip vrrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1400 ip vrrp accept-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1419 ipv6 access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1829 Wednesday, August 29, 2012 6:23 PM ipv6 mld-proxy reset-status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld-proxy unsolicit-rprt-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 nd dad attempts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 nd managed-config-flag . . . . . .
2CSPC4.X8100-SWUM100.book Page 1830 Wednesday, August 29, 2012 6:23 PM ipv6 router ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1331 ipv6 traffic-filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534 ipv6 unicast-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1120 ipv6 unreachables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1831 Wednesday, August 29, 2012 6:23 PM logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1692 logging audit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1694 logging buffered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1694 logging cli-command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1832 Wednesday, August 29, 2012 6:23 PM macro trace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1475 mail-server ip-address | hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 management access-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1547 management access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1548 mark cos . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1833 Wednesday, August 29, 2012 6:23 PM mvr type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607 mvr vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606 mvr vlan group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609 N name (Captive Portal) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1834 Wednesday, August 29, 2012 6:23 PM passwords strength minimum lowercase-letters . . . . . . . . . . . . . . . . . . . 1567 passwords strength minimum numeric-characters . . . . . . . . . . . . . . . . 1568 passwords strength minimum special-characters . . . . . . . . . . . . . . . . . . 1569 passwords strength minimum uppercase-letters . . . . . . . . . . . . . . . . . . 1566 passwords strength-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1835 Wednesday, August 29, 2012 6:23 PM radius-server source-ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724 radius-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724 random-detect exponential-weighting-constant . . . . . . . . . . . . . . . . . . . 682 random-detect queue-parms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 680 redirect . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1836 Wednesday, August 29, 2012 6:23 PM sflow sampling (Interface Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1636 show aaa ias-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260 show aaa servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 726 show aaa statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1837 Wednesday, August 29, 2012 6:23 PM show cut-through mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1731 show debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1629 show dhcp l2relay agent-option vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 show dhcp l2relay all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1838 Wednesday, August 29, 2012 6:23 PM show gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483 show hardware profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1732 show hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523 show interfaces advanced firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1839 Wednesday, August 29, 2012 6:23 PM show ip dvmrp prune . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1024 show ip dvmrp route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1025 show ip helper statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1066 show ip helper-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1840 Wednesday, August 29, 2012 6:23 PM show ip ospf range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1287 show ip ospf statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1289 show ip ospf stub table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1291 show ip ospf traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1841 Wednesday, August 29, 2012 6:23 PM show ipv6 interface out-of-band . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528 show ipv6 mld groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1128 show ipv6 mld interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1131 show ipv6 mld snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1842 Wednesday, August 29, 2012 6:23 PM show iscsi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570 show iscsi sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571 show isdp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 show isdp entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1843 Wednesday, August 29, 2012 6:23 PM show nsf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1736 show parser macro . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1476 show passwords configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1574 show passwords result . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1844 Wednesday, August 29, 2012 6:23 PM show spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744 show spanning-tree summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 751 show startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1522 show statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1845 Wednesday, August 29, 2012 6:23 PM snmp-server community-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1656 snmp-server contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1657 snmp-server enable traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1657 snmp-server engineID local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1660 snmp-server filter . . . . . .
2CSPC4.X8100-SWUM100.book Page 1846 Wednesday, August 29, 2012 6:23 PM spanning-tree port-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 768 spanning-tree priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 769 spanning-tree tcnguard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 770 spanning-tree transmit hold-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771 speed . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1847 Wednesday, August 29, 2012 6:23 PM timers spf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1300 traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1773 traceroute ethernet cfm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458 traceroute ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1848 Wednesday, August 29, 2012 6:23 PM vlan database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 827 vlan makestatic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 828 vlan protocol group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 829 vlan protocol group add protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.X8100-SWUM100.book Page 1 Wednesday, August 29, 2012 6:23 PM Printed in the U.S.A. w w w. del l . co m | s upp ort . del l .
