NEC N8406-026 10Gb Intelligent L3 Switch Command Reference Guide (ISCLI) Part number: 856-127950-302-00 First edition: Oct 2008 456-01800-000 PN# 456-01800-000
Legal notices © 2008 NEC Corporation The information contained herein is subject to change without notice. The only warranties for NEC products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. NEC shall not be liable for technical or editorial errors or omissions contained herein. Microsoft®, Windows®, and Windows NT® are U.S. registered trademarks of Microsoft Corporation.
Contents ISCLI Reference Introduction .................................................................................................................................................................. 8 Additional references ................................................................................................................................................. 8 Connecting to the switch ..................................................................................................................
OSPF Database information ..............................................................................................................................43 OSPF route codes information...........................................................................................................................44 Routing Information Protocol information ............................................................................................................44 RIP Routes information ............................
Introduction ................................................................................................................................................................84 Viewing and saving changes .................................................................................................................................84 Saving the configuration ..........................................................................................................................................
OSPF Summary Range configuration .............................................................................................................125 OSPF Interface configuration ..........................................................................................................................125 OSPF Virtual Link configuration ........................................................................................................................126 OSPF Host Entry configuration .........................
Selecting a configuration block ...........................................................................................................................153 Resetting the switch ................................................................................................................................................153 Accessing the AOS CLI .....................................................................................................................................
ISCLI Reference Introduction The 10Gb Intelligent L3 Switch is ready to perform basic switching functions right out of the box. Some of the more advanced features, however, require some administrative configuration before they can be used effectively.
To establish a console connection with the switch: 1. Connect the terminal to the console port using the null modem cable. 2. Power on the terminal. 3. Press the Enter key a few times on the terminal to establish the connection. 4. You will be required to enter a password for access to the switch. Setting an IP address To access the switch via a Telnet or an SSH connection, you need to have an Internet Protocol (IP) address set for the switch.
The supported SSH encryption and authentication methods are listed below. Server Host Authentication—Client RSA authenticates the switch in the beginning of every connection Key Exchange—RSA Encryption: AES256-CBC AES192-CBC AES128-CBC 3DES-CBC 3DES ARCFOUR User Authentication—Local password authentication; Remote Authentication Dial-in User Service (RADIUS) The following SSH clients are supported: SSH 3.0.1 for Linux (freeware) SecureCRT® 4.1.8 (VanDyke Technologies, Inc.) OpenSSH_3.
NOTE: It is recommended that you change default switch passwords after initial configuration and as regularly as required under your network security policies. For more information, see the ―Setting passwords‖ section in the ―First-time configuration‖ chapter. Table 2 User access levels User account Description and tasks performed User The User has no direct responsibility for switch management.
Typeface or symbol Meaning brackets [ ] Indicate optional elements in syntax descriptions. Do not type the brackets when entering the command. Example: If the command syntax is show ip interface [<1-256>] you can enter show ip interface or show ip interface 1 italic text Indicates variables in command syntax descriptions. Also indicates new terms and book titles. Where a variable is two or more words, the words are connected by a hyphen.
ISCLI basics Introduction The ISCLI is used for viewing switch information and statistics. In addition, the administrator can use the CLI for performing all levels of switch configuration. This chapter describes the ISCLI Command Modes, and provides a list of commands and shortcuts that are commonly available from all the command modes within the ISCLI. Accessing the ISCLI The first time you start this switch, it boots into the AOS CLI.
Table 3 ISCLI Command Modes Command Mode/Prompt Command used to enter or exit.
Table 4 Global commands Command Action telnet Allows you to Telnet out of the switch. The format is as follows: telnet | [] show history Displays the 10 most recent commands. Error! Use the Home tab to apply 見出し 1 to the text that you want to appear here.
Command line interface shortcuts The following shortcuts allow you to enter commands quickly and easily. Command abbreviation Most commands can be abbreviated by entering the first characters that distinguish the command from the others in the same mode.
Information Commands Introduction You can view configuration information for the switch in the ISCLI. This chapter discusses how to use the ISCLI to display switch information. The following table describes general information commands. Table 5 Information commands Command Usage show sys-info Displays system information. Command mode: All Displays Layer 2 information. Command mode: All Displays Layer 3 information. Command mode: All Displays Remote Monitoring Information.
System Information commands The following table describes the System Information commands. Table 6 System Information commands Command Usage show snmp-server v3 Displays SNMP v3 information.
SNMPv3 USM User Table information The following command displays SNMPv3 user information: show snmp-server v3 user Command mode: All usmUser Table User Name -------------------------------adminmd5 adminsha v1v2only Protocol -------------------------------HMAC_MD5, DES PRIVACY HMAC_SHA, DES PRIVACY NO AUTH, NO PRIVACY The User-based Security Model (USM) in SNMPv3 provides security services such as authentication and privacy of messages.
The following table describes the SNMPv3 View Table information. Table 9 View Table parameters Field Description View Name Subtree Displays the name of the view. Displays the MIB subtree as an OID string. A view subtree is the set of all MIB object instances which have a common Object Identifier prefix to their names. Displays the bit mask. Displays whether a family of view subtrees is included or excluded from the MIB view.
SNMPv3 Group Table information The following command displays SNMPv3 group information: show snmp-server v3 group Command mode: All Sec Model ---------snmpv1 usm usm User Name ----------------------------v1v2only adminmd5 adminsha Group Name ------------------------------v1v2grp admingrp admingrp A group is a combination of security model and security name that defines the access rights assigned to all the security names belonging to that group. The group is identified by a group name.
SNMPv3 Target Address Table information The following command displays SNMPv3 target address information: show snmp-server v3 target-address Command mode: All Name Transport Addr Port Taglist Params ---------- --------------- ---- ---------- --------------trap1 47.81.25.66 162 v1v2trap v1v2param This command displays the SNMPv3 target address table information, which is stored in the SNMP engine. The following table describes the SNMPv3 Target Address Table information.
SNMPv3 Notify Table information The following command displays the SNMPv3 Notify Table: show snmp-server v3 notify Command mode: All Name Tag -------------------- -------------------v1v2trap v1v2trap The following table describes the SNMPv3 Notify Table information. Table 15 SNMPv3 Notify Table information Field Description Name Tag The locally arbitrary, but unique identifier associated with this snmpNotifyEntry.
SNMPv3 dump The following command displays SNMPv3 information: show snmp-server v3 Command mode: All Engine ID = 80:00:07:50:03:00:0F:6A:F8:EF:00 usmUser Table: User Name Protocol -------------------------------- -------------------------------admin NO AUTH, NO PRIVACY adminmd5 HMAC_MD5, DES PRIVACY adminsha HMAC_SHA, DES PRIVACY v1v2only NO AUTH, NO PRIVACY vacmAccess Table: Group Name Prefix Model ---------- ------ ------admin usm v1v2grp snmpv1 admingrp usm Level -----------noAuthNoPriv noAuthNoPriv aut
System information The following command displays system information: show sys-info Command mode: All System Information at 6:56:22 Thu Jan 11, 2006 Time zone: Asia/Tokyo Daylight Savings Time Status: Disabled Blade Network Technologies 10Gb Intelligent L3 Switch sysName: Groly sysLocation: RackName: emfw-rack EnclosureName: Default_Chassis_Name BayNumber: 1 System temperature: 42.5C Switch has been up for 7 days, 14 hours, 56 minutes and 22 seconds.
Show recent syslog messages The following command displays system log messages: show logging messages Command mode: All Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul Jul 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:41 17:25:42 17:25:42 17:25:42 17:25:42 17:25:42 17:25:42 NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTIC
The following table describes the user status information. Table 16 User status Information Field Usage user oper admin Current User ID Table Displays the status of the user access level. Displays the status of the oper (operator) access level. Displays the status of the admin (administrator) access level. Displays the status of configured user IDs. Layer 2 information The following table describes the Layer 2 Information commands. The following sections provide more detailed information and commands.
FDB information commands The forwarding database (FDB) contains information that maps the media access control (MAC) address of each known device to the switch port where the device address was learned. The FDB also shows which other ports have seen frames destined for a particular MAC address. NOTE: The master forwarding database supports up to 8K MAC address entries on the management processor (MP) per switch.
Link Aggregation Control Protocol information The following table describes the Link Aggregation Control Protocol information commands. Table 19 LACP information commands Command Usage show interface port lacp information Displays LACP aggregator information for the port. Command mode: All show lacp Displays LACP information for the port. Command mode: All show lacp information Displays all LACP information parameters.
802.1x information The following command displays 802.
Table 20 802.1x information Field Description Backend Auth State Displays the Backend Authorization State. The Backend Authorization state can be one of the following: initialize request response success fail timeout idle Spanning Tree information The following table describes the Spanning Tree Protocol (STP) information commands. Table 21 STP information commands Command Usage show spanning-tree stp <1-128> Displays information about the spanning tree group.
Max Age Forwarding Delay Aging Time You can also refer to the following port-specific STP information: Port number and priority Cost State Port Fast Forwarding state Designated bridge Designated port The following table describes the STP parameters. Table 22 STP parameters Parameter Description Current Root Shows information about the root bridge for the Spanning Tree. Information includes the priority (hex) and MAC address of the root. Path-cost is the total path cost to the root bridge.
Rapid Spanning Tree and Multiple Spanning Tree information The following command displays RSTP/MSTP information: show spanning-tree Command mode: All -----------------------------------------------------------------upfast disabled, update 40 -----------------------------------------------------------------Spanning Tree Group 1: On (RSTP) VLANs: 1-3 4095 Current Root: 8000 00:00:01:00:19:00 Parameters: Port ---1 2 3 4 5 6 7 8 9 10 11 12 Prio ---0 0 0 0 0 0 0 0 0 0 0 0 Priority 32768 Path-Cost 0 Hello 9
The following table describes the STP parameters in RSTP or MSTP mode. Table 23 Rapid Spanning Tree parameter descriptions Parameter Description Current Root Shows information about the root bridge for the Spanning Tree. Information includes the priority (hex) and MAC address of the root. Path-cost is the total path cost to the root bridge. It is the summation of the path cost between bridges (up to the root bridge).
Common Internal Spanning Tree information The following command displays Common Internal Spanning Tree (CIST) information: show spanning-tree mstp cist information Command mode: All Mstp Digest: 0xac36177f50283cd4b83821d8ab26de62 Common Internal Spanning Tree: VLANs: 1 3-4094 Current Root: 8000 00:03:42:fa:3b:80 Path-Cost 11 Port 1 MaxAge 20 FwdDel 15 CIST Regional Root: Path-Cost 8000 00:03:42:fa:3b:80 11 Parameters: Port ---1 2 3 4 5 6 7 8 9 10 11 12 Prio ---128 128 128 128 128 128 128 128 128 128 1
The following table describes the CIST parameters. Table 24 Common Internal Spanning Tree parameter descriptions Parameter Description CIST Root Shows information about the root bridge for the Common Internal Spanning Tree (CIST). Values on this row of information refer to the CIST root. Shows information about the root bridge for this MSTP region. Values on this row of information refer to the regional root.
Trunk group information The following command displays Trunk Group information: show portchannel information Command mode: All Trunk group 1, Enabled port state: 18: STG 1 forwarding 19: STG 1 forwarding When trunk groups are configured, you can view the state of each port in the various trunk groups. NOTE: If Spanning Tree Protocol on any port in the trunk group is set to forwarding, the remaining ports in the trunk group are set to forwarding.
Layer 3 information The following table describes basic Layer 3 Information commands. The following sections provide more detailed information and commands. Table 26 Layer 3 information commands Command Usage show ip route Displays all routes configured in the switch. Command mode: All Displays general IP information. Command mode: All Displays Address Resolution Protocol (ARP) Information. Command mode: All Displays the OSPF information. Command mode: All Displays RIP user‘s configuration.
Show all IP Route information The following command displays IP route information: show ip route Command mode: All Status code: * Destination --------------* 11.0.0.0 * 11.0.0.1 * 11.255.255.255 * 12.0.0.0 * 12.0.0.1 * 12.255.255.255 * 13.0.0.0 * 47.0.0.0 * 47.133.88.0 * 172.30.52.223 * 224.0.0.0 * 224.0.0.5 best Mask --------------255.0.0.0 255.255.255.255 255.255.255.255 255.0.0.0 255.255.255.255 255.255.255.255 255.0.0.0 255.0.0.0 255.255.255.0 255.255.255.255 224.0.0.0 255.255.255.
ARP information The Address Resolution Protocol (ARP) information includes IP address and MAC address of each entry, address status flags, VLAN, and port for the address, and port referencing information. The following table describes the Address Resolution Protocol commands. Table 30 ARP information Command Usage show ip arp find Displays a single ARP entry by IP address. Command mode: All Displays the ARP entries on a single port.
OSPF information The following table describes the OSPF commands. Table 32 OSPF information commands Command Usage show ip ospf general-information Displays general OSPF information. Command mode: All show ip ospf area information [<0-2>] Displays area information for a particular area index. If no parameter is supplied, it displays area information for all the areas. Command mode: All show ip ospf interface Displays interface information.
OSPF general information The following command displays general OSPF information: show ip ospf general-information Command mode: All OSPF Version 2 Router ID: 10.10.10.
OSPF Database information The following table describes the OSPF Database information commands. Table 33 OSPF Database information commands Command Usage show ip ospf database advertising-router Takes advertising router as a parameter. Displays all the Link State Advertisements (LSAs) in the LS database that have the advertising router with the specified router ID. Command mode: All show ip ospf database asbr-summary [advertising-router |linkstate-id
OSPF route codes information The following command displays OSPF route information: show ip ospf routes Command mode: All Codes: IA - OSPF inter area, N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 IA 10.10.0.0/16 via 200.1.1.2 IA 40.1.1.0/28 via 20.1.1.2 IA 80.1.1.0/24 via 200.1.1.2 IA 100.1.1.0/24 via 20.1.1.2 IA 140.1.1.0/27 via 20.1.1.2 IA 150.1.1.0/28 via 200.1.1.2 E2 172.18.1.1/32 via 30.1.1.2 E2 172.18.1.2/32 via 30.1.1.2 E2 172.18.
RIP user configuration The following command displays RIP user information: show interface ip [<1-250>] rip Command mode: All Current RIP Interface 2: 0.0.0.0 disabled version 2, listen enabled, supply enabled, default none poison disabled, split horizon enabled, trigg enabled, mcast enabled, metric 1 auth none,key none RIP Interface 3 : 103.1.1.
IGMP multicast group information The following table describes the commands used to display information about IGMP groups learned by the switch. Table 35 IGMP Multicast Group commands Command Usage show ip igmp groups address show ip igmp groups vlan <1-4094> show ip igmp groups interface show ip igmp groups PortChannel <1-40> show ip igmp groups Displays a single IGMP multicast group by its IP address. Command mode: All Displays all IGMP multicast groups on a single VLAN.
VRRP information Virtual Router Redundancy Protocol (VRRP) support on this switch provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address.
802.1p information The following command displays 802.1p information: show qos transmit-queue information Command mode: All Current priority to COS queue information: Priority COSq Weight -------- ---- -----0 0 1 1 0 1 2 0 1 3 0 1 4 1 2 5 1 2 6 1 2 7 1 2 Current port priority information: Port Priority COSq Weight ----- -------- ---- -----1 0 0 1 2 0 0 1 3 0 0 1 4 0 0 1 … 20 0 0 1 21 0 0 1 The following table describes the IEEE 802.1p priority to COS queue information. Table 37 802.
ACL information The following table describes the commands used to display information about Access Control Lists and Groups. Table 39 ACL information commands Command Usage show access-control list <1-384> Displays information about the selected ACL. Command mode: All show access-control group <1-384> Displays information about ACL Groups. Command mode: All show access-control Displays information about all ACLs.
The following table describes the RMON History Information parameters. Table 40 RMON History Information Command Usage Index IFOID Interval Rbnum Displays the index number that identifies each history instance. Displays the MIB Object Identifier. Displays the time interval for each for each sampling bucket. Displays the number of requested buckets, which is the number of data slots into which data is to be saved. Displays the number of granted buckets that may hold sampled data.
The following table describes the RMON Alarm Information parameters. Table 41 RMON Alarm Information Command Usage Index Interval Displays the index number that identifies each alarm instance. Displays the time interval over which data is sampled and compared with the rising and falling thresholds.
Link status information The following command displays link information: show interface link Command mode: All ----------------------------------------------------------------Port Speed Duplex Flow Ctrl Link ---------------- --TX-----RX------1 10000 full no yes up 2 10000 full yes yes disabled 3 10000 full yes yes disabled 4 10000 full yes yes disabled 5 10000 full yes yes disabled 6 10000 full yes yes disabled 7 10000 full yes yes disabled 8 10000 full yes yes disabled 9 10000 full yes yes up 10 10000 full
Port information The following command displays port information: show interface information Command mode: All Port Tag RMON PVID NAME ---- --- ---- ---- -------------1 y d 1*Downlink1 2 n d 1*Downlink2 3 n d 1*Downlink3 4 n d 1*Downlink4 5 n d 1*Downlink5 6 n d 1*Downlink6 7 n d 1*Downlink7 8 n d 1*Downlink8 9 n d 1*Downlink9 10 n d 1*Downlink10 11 n d 1*Downlink11 12 n d 1*Downlink12 13 n d 1*Downlink13 14 n d 1*Downlink14 15 n d 1*Downlink15 16 n d 1*Downlink16 17 n d 4095 Mgmt 18 n d 1*Uplink1 19 n d 1*
Logical Port to GEA Port mapping The following command displays information about GEA ports: show geaport Command mode: All Logical Port -----------1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 GEA Port(0-based) ----------------2 4 6 8 10 12 14 16 3 5 7 9 11 13 15 17 255 18 19 0 1 GEA Unit --------0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 This display correlates the logical port number to the GEA unit on which each port resides.
Uplink Failure Detection information The following command displays Uplink Failure Detection (UFD) information: show ufd Command mode: All Uplink Failure Detection 1: Enabled LtM status: Down Member STG STG State Link Status -------------------------------port 20 down 1 DISABLED 10 DISABLED * 15 DISABLED * * = STP turned off for this port.
Statistics commands Introduction You can view switch performance statistics in the user, operator, and administrator command modes. This chapter discusses how to use the ISCLI to display switch statistics. The following table describes general Statistics commands. Table 43 Statistics commands Command Usage show layer3 counters Displays Layer 3 Statistics. Command mode: All Displays SNMP statistics. Command mode: All Displays Network Time Protocol (NTP) Statistics.
802.1x statistics Use the following command to display the 802.
Table 45 802.1x statistics for port Statistics Description authFailWhileAuthenticating Total number of times that the state machine transitions from AUTHENTICATING to HELD, as a result of the Backend Authentication state machine indicating authentication failure.
Bridging statistics Use the following command to display the bridging statistics of the selected port: show interface port bridging-counters Command mode: All Bridging statistics for port 1: dot1PortInFrames: dot1PortOutFrames: dot1PortInDiscards: dot1TpLearnedEntryDiscards: dot1StpPortForwardTransitions: 63242584 63277826 0 0 0 The following table describes the bridging statistics for a selected port: Table 46 Bridging statistics for port Statistics Description dot1PortInFrames The numbe
The following table describes the Ethernet statistics for a selected port: Table 47 Ethernet statistics for port Statistics Description dot3StatsAlignmentErrors A count of frames received on a particular interface that are not an integral number of octets in length and do not pass the Frame Check Sequence (FCS) check. The count represented by an instance of this object is incremented when the alignmentError status is returned by the MAC service to the Logical Link Control (LLC) (or other MAC user).
Table 47 Ethernet statistics for port Statistics Description dot3StatsFrameTooLongs A count of frames received on a particular interface that exceeds the maximum permitted frame size. The count represented by an instance of this object is incremented when the frameTooLong status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions obtained are, according to the conventions of IEEE 802.
Table 48 Interface statistics for port Statistics Description BroadcastPkts—IfHCOut The total number of packets that higher-level protocols requested to be transmitted, and which were addressed to a broadcast address at this sublayer, including those that were discarded or not sent. The total number of packets that higher-level protocols requested to be transmitted, and which were addressed to a multicast address at this sublayer, including those that were discarded or not sent.
Port RMON statistics Use the following command to display the RMON statistics of the selected port: show interface port rmon-counters Command mode: All RMON statistics for port 2: etherStatsDropEvents: etherStatsOctets: etherStatsPkts: etherStatsBroadcastPkts: etherStatsMulticastPkts: etherStatsCRCAlignErrors: etherStatsUndersizePkts: etherStatsOversizePkts: etherStatsFragments: etherStatsJabbers: etherStatsCollisions: etherStatsPkts64Octets: etherStatsPkts65to127Octets: etherStatsPkts128to255
Table 51 RMON statistics Statistic Description etherStatsPkts64 Octets The total number of packets (including bad packets) received that were less than or equal to 64 octets in length (excluding framing bits but including FCS octets). The total number of packets (including bad packets) received that were greater than 64 octets in length (excluding framing bits but including FCS octets).
Layer 2 statistics The following table describes the Layer 2 statistics commands. The following sections provide more detailed information and commands. Table 52 Layer 2 Statistics commands Command Usage show mac-address-table counters Displays the Forwarding Database statistics. Command mode: All Displays Link Aggregation Control Protocol (LACP) statistics.
Layer 3 statistics The following table describes basic Layer 3 statistics commands. The following sections provide more detailed information and commands. Layer 3 functionality is limited in this release. Table 54 Layer 3 Statistics commands Command Usage show ip counters Displays IP statistics. Command mode: All Clears IP statistics. Use this command with caution as it deletes all the IP statistics. Command mode: All except UserEXEC Displays route statistics.
IP statistics The following command displays IP statistics: show ip counters Command mode: All IP statistics: ipInReceives: 36475 ipInAddrErrors: 905 ipInUnknownProtos: 0 ipInDelivers: 4103 ipOutDiscards: 0 ipDefaultTTL: 255 ipInHdrErrors: 0 ipInDiscards: 0 ipOutRequests: 30974 The following table describes the IP statistics: Table 55 IP statistics Statistics Description ipInReceives The total number of input datagrams received from interfaces, including those received in error.
Route statistics The following command displays route statistics: show ip route counters Command mode: All Route statistics: ipRoutesCur: ipRoutesMax: 7 1024 ipRoutesHighWater: 7 The following table describes the Route statistics: Table 56 Route statistics Statistics Description ipRoutesCur The total number of outstanding routes in the route table. ipRoutesMax The maximum number of supported routes. ipRoutesHighWater The highest number of routes ever recorded in the route table.
ICMP statistics The following command displays ICMP statistics: show ip icmp counters Command mode: All ICMP statistics: icmpInMsgs: icmpInDestUnreachs: icmpInParmProbs: icmpInRedirects: icmpInEchoReps: icmpInTimestampReps: icmpInAddrMaskReps: icmpOutErrors: icmpOutTimeExcds: icmpOutSrcQuenchs: icmpOutEchos: icmpOutTimestamps: icmpOutAddrMasks: 245802 41 0 0 244350 0 0 0 0 0 253777 0 0 icmpInErrors: icmpInTimeExcds: icmpInSrcQuenchs: icmpInEchos: icmpInTimestamps: icmpInAddrMasks: icmpOutMsgs: icmpOutDest
TCP statistics The following command displays TCP statistics: show ip tcp counters Command mode: All TCP statistics: tcpRtoAlgorithm: tcpRtoMax: tcpActiveOpens: tcpAttemptFails: tcpInSegs: tcpRetransSegs: tcpCurrEstab: tcpOutRsts: 4 240000 252214 528 756401 0 0 417 tcpRtoMin: tcpMaxConn: tcpPassiveOpens: tcpEstabResets: tcpOutSegs: tcpInErrs: tcpCurrConn: 0 2048 7 4 756655 0 3 The following table describes the Transmission Control Protocol (TCP) statistics: Table 60 TCP statistics Statistics Descriptio
UDP statistics The following command displays UDP statistics: show ip udp counters Command mode: All UDP statistics: udpInDatagrams: udpInErrors: 54 0 udpOutDatagrams: udpNoPorts: 43 1578077 The following table describes the User Datagram Protocol (UDP) statistics: Table 61 UDP statistics Statistics Description udpInDatagrams udpOutDatagrams udpInErrors The total number of UDP datagrams delivered to the switch. The total number of UDP datagrams sent from this switch.
OSPF statistics The following table describes OSPF statistics commands. Table 63 OSPF Statistics commands Command Usage show ip ospf counters Displays OSPF global statistics. Command mode: All show ip ospf area <0-2> counters Displays area index statistics. Command mode: All show ip ospf interface <1-249> counters Displays interface statistics.
Table 64 OSPF global statistics Statistic Description Rx Hello The sum total of all Hello packets received on all OSPF areas and interfaces. Tx Hello The sum total of all Hello packets transmitted on all OSPF areas and interfaces. Rx Database The sum total of all Database Description packets received on all OSPF areas and interfaces. Tx Database The sum total of all Database Description packets transmitted on all OSPF areas and interfaces.
Table 64 OSPF global statistics Statistic Description down The total number of Neighboring routers down (that is, in the initial state of a neighbor conversation) across all OSPF areas and interfaces. Intf Change Stats: up The sum total number of interfaces up in all OSPF areas. down The sum total number of interfaces down in all OSPF areas. loop The sum total of interfaces no longer connected to the attached network across all OSPF areas and interfaces.
VRRP statistics Virtual Router Redundancy Protocol (VRRP) support on this switch provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address.
RIP statistics The following command displays RIP statistics: show ip rip counters Command mode: All RIP ALL STATS INFORMATION: RIP packets received = 12 RIP packets sent = 75 RIP request received = 0 RIP response received = 12 RIP request sent = 3 RIP response sent = 72 RIP route timeout = 0 RIP bad size packet received = 0 RIP bad version received = 0 RIP bad zeros received = 0 RIP bad src port received = 0 RIP bad src IP received = 0 RIP packets from self received = 0 The following table describes the ba
GEA Layer 3 statistics The following table describes the Layer 3 GEA statistics commands. Table 67 Layer 3 GEA statistics commands Command Usage show ip gea bucket Displays GEA statistics for a specific IP address. Command mode: All show ip gea Displays all GEA statistics.
Management Processor statistics The following table describes the MP-specific Statistics commands. The following sections provide more detailed information and commands. Table 68 MP-specific Statistics commands Command Usage show mp packet Displays packet statistics, to check for leads and load. Command mode: All Displays all Transmission Control Protocol (TCP) control blocks (TCB) that are in use. Command mode: All Displays all User Datagram Protocol (UDP) control blocks (UCB) that are in use.
TCP statistics The following command displays TCP statistics: show mp tcp-block Command mode: All All TCP allocated control blocks: 10ad41e8: 0.0.0.0 0 <=> 0.0.0.0 10ad5790: 47.81.27.5 1171 <=> 47.80.23.
ACL statistics The following command displays the statistics for Access Control Lists (ACLs): show access-control counters Command mode: All Hits for ACL 1: 26057515 Hits for ACL 2: 26057497 SNMP statistics The following command displays SNMP statistics: show snmp-server counters Command mode: All SNMP statistics: snmpInPkts: snmpInBadC'tyNames: snmpInASNParseErrs: snmpOutPkts: snmpInTooBigs: snmpInBadValues: snmpInGenErrs: snmpInTotalSetVars: snmpInGetNexts: snmpInGetResponses: snmpOutTooBigs: snmpOutBadV
Table 73 SNMP statistics Statistics Description snmpInBadTypes snmpInTooBigs The total number of SNMP messages which failed ASN.1 parsing. The total number of SNMP Protocol Data Units (PDUs) that were delivered to the SNMP protocol entity and for which the value of the error-status field is too big. The total number of SNMP Protocol Data Units (PDUs) that were delivered to the SNMP protocol entity and for which the value of the error-status field is noSuchName.
Table 73 SNMP statistics Statistics Description snmpProxyDrops The total number of GetRequest-PDUs, GetNextRequestPDUs,GetBulkRequest-PDUs, SetRequest-PDUs, and InformRequest-PDUs delivered to the SNMP entity which were silently dropped because the transmission of the message to a proxy target failed in a manner (other than a time-out) such that no Response-PDU could be returned.
Uplink Failure Detection statistics The following command allows you to display Uplink Failure Detection (UFD) statistics.
Configuration Commands Introduction The Configuration commands are available only from an administrator login. They include commands for configuring every aspect of the switch. Changes can be saved to non-volatile memory (NVRAM). The following table describes the basic Configuration commands. The following sections provide more detailed information and commands. Table 76 Configuration commands Command Usage show running-config Dumps current configuration to a script file.
System configuration These commands allow you to configure switch management parameters such as user and administrator privilege mode passwords, browser-based management settings, and management access list. The following table describes the System Configuration commands. Table 77 System Configuration commands Command Usage system date - Prompts the user for the system date. Command mode: Global configuration Configures the system time using a 24-hour clock format.
System host log configuration The following table describes the Syslog Configuration commands. Table 78 Syslog Configuration commands Command Description [no] logging host <1-2> address {data-port|mgt-port} Sets the IP address of the first or second syslog host. For example, 100.10.1.1 Command mode: Global configuration Sets the severity level of the first or second syslog host displayed. The default is 7, which means log all the severity levels.
Secure Shell Server configuration Telnet traffic on the network is not secure. These commands enable Secure Shell (SSH) access from any SSH client. The SSH program securely logs into another computer over a network and executes commands in a secure environment. All data using SSH is encrypted. Secure Shell can be configured on the switch using the console port and Telnet only. The commands are not available if you access the switch using the Browser-based Interface (BBI).
RADIUS server configuration NOTE: See the N8406-026 10Gb Intelligent L3 Switch Application Guide for information on RADIUS. The following table describes the RADIUS Server Configuration commands.
TACACS+ server configuration TACACS+ (Terminal Access Controller Access Control System) is an authentication protocol that allows a remote access server to forward a user's logon password to an authentication server to determine whether access can be allowed to a given system. TACACS+ and Remote Authentication Dial-In User Service (RADIUS) protocols are more secure than the TACACS encryption protocol. TACACS+ is described in RFC 1492.
IMPORTANT: If TACACS+ is enabled, you must login using TACACS+ authentication when connecting via the console or Telnet/SSH/HTTP/HTTPS. Backdoor for console is always enabled, so you can connect using notacacs and the administrator password even if the backdoor (telnetbackdoor) or secure backdoor (secure-backdoor) are disabled. If Telnet backdoor is enabled (telnet-backdoor), type in notacacs as a backdoor to bypass TACACS+ checking, and use the administrator password to log into the switch.
System SNMP configuration The switch software supports SNMP-based network management. In SNMP model of network management, a management station (client/manager) accesses a set of variables known as MIBs (Management Information Base) provided by the managed device (agent).
SNMPv3 configuration SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: a new SNMP message format security for messages access control remote configuration of SNMP parameters For more details on the SNMPv3 architecture please see RFC2271 to RFC2275. The following table describes the SNMPv3 Configuration commands.
SNMPv3 User Security Model configuration The following table describes the User Security Model Configuration commands. Table 85 User Security Model Configuration commands Command Description snmp-server user <1-16> name <1-32 characters> Configures a string up to 32 characters long that represents the name of the user. This is the login name that you need in order to access the switch. Command mode: Global configuration Configures the authentication protocol and password.
SNMPv3 View-based Access Control Model configuration The view-based Access Control Model defines a set of services that an application can use for checking access rights of the user. Access control is needed when the user has to process SNMP retrieval or modification request from an SNMP entity. The following table describes the User Access Control Configuration commands.
SNMPv3 Community Table configuration These commands are used for configuring the community table entry. The configured entry is stored in the community table list in the SNMP engine. This table is used to configure community strings in the Local Configuration Datastore (LCD) of SNMP engine. The following table describes the SNMPv3 Community Table Configuration commands.
SNMPv3 Target Parameters Table configuration You can configure the target parameters entry and store it in the target parameters table in the SNMP engine. This table contains parameters that are used to generate a message. The parameters include the message processing model (for example: SNMPv3, SNMPv2c, SNMPv1), the security model (for example: USM), the security name, and the security level (noAuthnoPriv, authNoPriv, or authPriv).
System Access configuration The following table describes the System Access Configuration commands. Table 93 System Access Configuration commands Command Description [no] access http enable Enables or disables HTTP (Web) access to the Browser-based Interface. It is enabled by default. Command mode: Global configuration Sets the switch port used for serving switch Web content. The default is HTTP port 80. Command mode: Global configuration Disables or provides read-only/write-read SNMP access.
User Access Control configuration The following table describes the User Access Control commands. Table 95 User Access Control Configuration commands Command Description access user eject access user userpassword <1-128 characters> Ejects the selected user from the switch. Command mode: Global configuration Sets the user (user) password (maximum of 128 characters). The user has no direct responsibility for switch management.
HTTPS Access configuration The following table describes the HTTPS Access Configuration commands. Table 97 HTTPS Access Configuration commands Command Description [no] access https enable Enables or disables BBI access (Web access) using HTTPS. The default value is disabled. Command mode: Global configuration Defines the HTTPS Web server port number. The default is 443. Command mode: Global configuration Allows you to generate a certificate to connect to the SSL to be used during the key exchange.
Port configuration Use the port configuration commands to configure settings for individual switch ports. NOTE: Port 17 is reserved for switch management interface. The following table describes the Port Configuration commands. The following sections provide more detailed information and commands. Table 98 Port Configuration commands Command Description interface port dot1p <0-7> Enter Interface Port configuration mode for the selected port.
Temporarily disabling a port To temporarily disable a port without changing its stored configuration attributes, enter the following command at any prompt: Router# interface port shutdown Because this configuration sets a temporary state for the port, you do not need to perform a save operation. The port state reverts to its original configuration when the switch is reloaded. Port link configuration Use these commands to set port parameters for the port link.
Table 100 ACL Port Configuration commands Command Description show interface port [] Displays current ACL QoS parameters. access-control Command mode: All Layer 2 configuration The following table describes the Layer 2 Configuration commands. The following sections provide more detailed information and commands. Table 101 Layer 2 Configuration commands Command Description vlan <1-4094> Enter VLAN configuration mode.
802.1x Global configuration The global 802.1x commands allow you to configure parameters that affect all ports in the switch. The following table describes the 802.1x Global Configuration commands. Table 103 802.1x Global Configuration commands Command Description dot1x mode {[force-unauthorized| auto|force-authorized]} Sets the type of access control for all ports: force-unauth : the port is unauthorized unconditionally.
802.1x Port configuration The 802.1x port commands allow you to configure parameters that affect the selected port in the switch. These settings override the global 802.1x parameters. The following table describes the 802.1x Port Configuration commands. Table 104 802.1x Port Configuration commands Command Description dot1x mode {[force-unauthorized| auto|force-authorized]} Sets the type of access control for the port: force-unauth : the port is unauthorized unconditionally.
Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration The switch supports the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) and IEEE 802.1s Multiple Spanning Tree Protocol (MSTP). MSTP allows you to map many VLANs to a small number of spanning tree groups, each with its own topology. You can configure up to 32 spanning tree groups on the switch. NOTE: When Multiple Spanning Tree is turned on, VLAN 1 is moved from Spanning Tree Group 1 to the Common Internal Spanning Tree (CIST).
Common Internal Spanning Tree configuration The Common Internal Spanning Tree (CIST) provides compatibility with different MSTP regions and with devices running different Spanning Tree instances. It is equivalent to Spanning Tree Group 0. The following table describes the commands used to configure CIST commands. Table 106 CIST Configuration commands Command Description spanning-tree mstp cist-add-vlan <1-4095> Adds VLANs to the CIST. Enter one VLAN per line, and press Enter to add the VLANs.
CIST port configuration CIST port parameters are used to modify MRST operation on an individual port basis. CIST parameters do not affect operation of STP/PVST+. For each port, CIST is turned on by default. Port parameters include: Port priority Port path cost Port Hello time Link type Edge On and off Current port configuration The port option of MRST is turned on by default. The following table describes the commands used to configure CIST Port Configuration commands.
Spanning Tree configuration The switch supports the IEEE 802.1D Spanning Tree Protocol (STP) and Cisco proprietary PVST and PVST+ protocols. You can configure up to 127 spanning tree groups on the switch (STG 128 is reserved for switch management). Spanning Tree is turned on by default. NOTE: When RSTP is turned on, only STP group 1 can be configured. The following table describes the Spanning Tree Configuration commands.
Bridge Spanning Tree configuration Spanning tree bridge parameters can be configured for each Spanning Tree Group. STP bridge parameters include: Bridge priority Hello Time Max Age Forwarding delay Current bridge configuration The following table describes the Bridge Spanning Tree Configuration commands. Table 110 Bridge Spanning Tree Configuration commands Command Description spanning-tree stp <1-128> bridge priority <0-65535> Configures the bridge priority.
Spanning Tree port configuration By default for STP/PVST+, Spanning tree is turned Off for downlink ports (1-16), and turned On for uplink ports (18-21). By default for RSTP/MSTP, Spanning tree is turned Off for all downlink ports (1-16) configured as Edge ports, and turned On for uplink ports (18-21). Spanning tree port parameters are used to modify STP operation on an individual port basis.
Forwarding Database configuration The following table describes the Forwarding Database Configuration commands. Table 112 FDB Configuration commands Command Description mac-address-table aging <0-65535> show mac-address-table Configures the aging value for FDB entries. The default value is 300. Command mode: Global configuration Displays current FDB parameters. Command mode: All Static FDB configuration The following table describes the Static FDB Configuration commands.
Layer 2 IP Trunk Hash configuration Trunk hash parameters are set globally for this switch. You can enable one or two parameters, to configure any of the following valid combinations: SMAC (source MAC only) DMAC (destination MAC only) SIP (source IP only) DIP (destination IP only) SIP + DIP (source IP and destination IP) SMAC + DMAC (source MAC and destination MAC) The following table describes the IP Trunk Hash Configuration commands.
LACP Port configuration The following table describes the LACP Port Configuration commands. Table 117 LACP Port Configuration commands Command Description lacp mode {off|active|passive} Set the LACP mode for this port, as follows: off Turn LACP off for this port. You can use this port to manually configure a static trunk. The default value is off. active Turn LACP on and set this port to active. Active ports initiate LACPDUs. passive Turn LACP on and set this port to passive.
Table 118 VLAN Configuration commands Command Description show vlan <1-4095> Displays the current VLAN configuration. Command mode: All IMPORTANT: All ports must belong to at least one VLAN. Any port which is removed from a VLAN and which is not a member of any other VLAN is automatically added to default VLAN 1. You cannot remove a port from VLAN 1 if the port has no membership in any other VLAN. Also, you cannot add a port to more than one VLAN unless the port has VLAN tagging turned on.
NOTE: If you enter an IP address for interface 1, you are prompted to change the BOOTP setting. Interface 250 is reserved for switch management interface. Error! Use the Home tab to apply 見出し 1 to the text that you want to appear here.
Default Gateway configuration The switch supports up to four gateways, plus management gateway 254. By default, no gateways are configured on the switch. Enter 1, 2, 3, 4, or 254 in the command as the ip gateway instance, depending upon which gateway you want to configure. The following table describes the Default IP Gateway Configuration commands.
Table 123 ARP Configuration commands Command Description ip arp rearp <2-120> Defines re-ARP period in minutes. You can set this duration between 2 and 120 minutes. The default is 10 minutes. Command mode: Global configuration Displays the current ARP configurations. Command mode: All show ip arp Static ARP configuration The following table describes the Static ARP Configuration commands.
Network Filter configuration The following table describes the Network Filter Configuration commands. Table 126 Network Filter Configuration commands Command Description ip match-address <1-256> Sets the starting IP address and the IP subnet mask for this filter. Command mode: Global configuration ip match-address <1-256> enable Enables the Network Filter configuration.
Route Map configuration Routing maps control and modify routing information. The map number (1-32) represents the routing map you wish to configure. The following table describes the basic Route Map Configuration commands. The following sections provide more detailed information and commands. Table 127 Route Map Configuration commands Command Description route-map <1-32> Enter Route Map configuration mode. Command mode: Global configuration [no] access-list <1-8> Configures the Access List.
IP Access List configuration The route map number (1-32) and the access list number (1-8) represent the IP access list you wish to configure. The following table describes the IP Access List Configuration commands. Table 128 IP Access List Configuration commands Command Description [no] access-list <1-8> matchaddress <1-256> Sets the network filter number. Command mode: Route Map [no] access-list <1-8> metric <1-1677214> Sets the metric value in the AS-External (ASE) LSA.
Routing Information Protocol configuration The RIP commands are used for configuring Routing Information Protocol parameters. This option is turned off by default. The following table describes the basic RIP Configuration commands. The following section provides more detailed information and commands. Table 129 RIP Configuration commands Command Description router rip Enter router RIP configuration mode.
Table 130 RIP Interface Configuration commands Command Description [no] ip rip default-action {both|listen|supply} When listen, the switch accepts RIP default routes from other routers, but gives them lower priority than configured default gateways. When supply, the switch sends RIP default routes to other routers. When both, the switch operates as both "listen" and "supply". When no, the switch rejects RIP default routes. This command is disabled by default.
Open Shortest Path First configuration The following table describes the basic Open Shortest Path First (OSPF) commands. The following sections provide more detailed information and commands. Table 132 OSPF Configuration commands Command Description router ospf Enter Router OSPF configuration mode. Command mode: Router OSPF area <0-2> Configures the OSPF area. You have to configure the additional option for this command. For more information, see the " OSPF Area Index configuration " section.
OSFP Area Index configuration The following table describes the Area Index Configuration commands. Table 133 OSPF Area Index Configuration commands Command Description area <0-2> area-id Defines the area ID of the OSPF area number. Command mode: Router OSPF area <0-2> type {transit|stub|nssa} Defines the type of area. For example, when a virtual link has to be established with the backbone, the area type must be defined as transit.
OSPF Summary Range configuration The following table describes the OSPF Summary Range Configuration commands. Table 134 OSPF Summary Range Configuration commands Command Description area-range <1-16> address Configures the base IP address and IP address mask for the range. Command mode: Router OSPF area-range <1-16> area <0-2> Configures the area index used by the switch. The default is 0. Command mode: Router OSPF [no] area-range <1-16> hide Hides the OSPF summary range.
Table 135 OSPF Interface Configuration commands Command Description ip ospf enable Enables the OSPF interface. Command mode: Interface IP no ip ospf enable Disables the OSPF interface. The default is disabled. Command mode: Interface IP no ip ospf Deletes the OSPF interface. Command mode: Interface IP show interface ip <1-250> ospf Displays the current settings for OSPF interface.
Table 137 OSPF Host Entry Configuration commands Command Description host <1-128> address Configures the base IP address for the host entry. Command mode: Router OSPF host <1-128> area <0-2> Configures the area index of the host. The default is 0. Command mode: Router OSPF host <1-128> cost <1-65535> Configures the cost value of the host. The default value is 1. Command mode: Router OSPF host <1-128> enable Enables OSPF host entry.
IGMP configuration IGMP Snooping allows the switch to forward multicast traffic only to those ports that request it. IGMP Snooping prevents multicast traffic from being flooded to all ports. The switch learns which server hosts are interested in receiving multicast traffic, and forwards it only to ports connected to those servers. IGMP snooping configuration The following table describes the IGMP Snooping Configuration commands.
IGMPv3 Snooping configuration The following table describes the IGMP version 3 Snooping Configuration commands. Table 141 IGMPv3 Snooping commands Command Description ip igmp snoop igmpv3 sources {<1-64>} Configures the maximum number of IGMP multicast sources to snoop from within the group record. The default is 8. Command mode: Global configuration [no] ip igmp snoop igmpv3 v1v2 Enables or disables snooping on IGMP version 1 and version 2 reports. The default value is enabled.
IGMP filter definition The following table describes the IGMP Filter Definition commands. Table 144 IGMP Filter Definition commands Command Description ip igmp profile <1-16> range Configures the range of IP multicast addresses for this filter. Enter the first IP multicast address of the ranger, followed by the second IP multicast address of the range.
Bootstrap Protocol Relay configuration Bootstrap Protocol (BOOTP) Relay is used to allow hosts to obtain their configurations from a Dynamic Host Configuration Protocol (DHCP) server. The BOOTP configuration enables the switch to forward a client request for an IP address to two DHCP/BOOTP servers with IP addresses that have been configured on this switch. BOOTP relay is turned off by default. The following table describes the BOOTP Configuration commands.
Virtual Router Redundancy Protocol configuration Virtual Router Redundancy Protocol (VRRP) support on this switch provides redundancy between routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each participating VRRP-capable routing device. One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of the shared virtual router IP address.
Table 149 Virtual Router Configuration commands Command Description virtual-router <1-250> interface <1-249> Selects a switch IP interface (between 1 and 250). If the IP interface has the same IP address as the address option above, this switch is considered the ―owner‖ of the defined virtual router. An owner has a special priority of 255 (highest) and will always assume the role of master router, even if it must preempt another virtual router which has assumed master routing authority.
VRRP Virtual Router Priority Tracking configuration These commands are used to modify the priority system used when electing the master router from a pool of virtual routers. Various tracking criteria can be used to bias the election results. Each time one of the tracking criteria is met, the priority level for the virtual router is increased by an amount defined through VRRP Tracking. Criteria are tracked dynamically, continuously updating virtual router priority levels when enabled.
Table 151 Virtual Router Group Configuration commands Command Description group priority <1-254> Defines the election priority bias for this virtual router group. This can be any integer between 1 and 254. The default value is 100. During the master router election process, the routing device with the highest virtual router priority number wins. If there is a tie, the device with the highest IP interface address wins.
VRRP Interface configuration These commands are used for configuring VRRP authentication parameters for the IP interfaces used with the virtual routers. The interface-number represents the IP interface on which authentication parameters must be configured. The following table describes the VRRP Interface Configuration commands.
Quality of Service configuration Use the Quality of Service (QoS) commands to configure the IEEE 802.1p priority value of incoming packets. This allows you to differentiate between various types of traffic, and provide different priority levels. QoS 802.1p configuration This feature provides the switch the capability to filter IP packets based on the IEEE 802.1p bits in the packet's VLAN header. The 802.1p bits specify the priority that you should give to the packets while forwarding them.
Access Control configuration Use these commands to create Access Control Lists (ACLs) and ACL Groups. ACLs define matching criteria used for IP filtering and Quality of Service functions. NOTE: ACL number is available from 1 to 384. Access Control List configuration These commands allow you to define filtering criteria for each Access Control List (ACL). The following table describes the basic ACL Configuration commands.
Table 157 Ethernet Filter Configuration commands Command Description default access-control list ethernet Resets Ethernet parameters for the ACL to their default values. Command mode: Global configuration show access-control list ethernet Displays the current Ethernet parameters for the ACL. Command mode: All ACL IP Version 4 Filter configuration These commands allow you to define IPv4 matching criteria for an ACL.
ACL TCP/UDP Filter configuration These commands allow you to define TCP/UDP matching criteria for an ACL. The following table describes the TCP/UDP Filter Configuration commands. Table 159 TCP/UDP Filter Configuration commands Command Description [no] access-control list tcp-udp sourceport <1-65535> [] Defines a source port for the ACL. If defined, traffic with the specified TCP or UDP source port will match this ACL. Specify the port number.
ACL Metering configuration The following table describes the ACL Metering Configuration commands. Table 161 ACL Metering Configuration commands Command Description access-control list meter committed-rate <1000-10000000> Configures the committed rate, in Kilobits per second. The committed rate must be a multiple of 1000. The default is 1000. Command mode: Global configuration access-control list meter maximum-burstsize <32-4096> Configures the maximum burst size, in Kilobits.
ACL Re-Mark Update User Priority configuration The following table describes the Update User Priority Configuration commands. Table 164 ACL Update User Priority Configuration commands Command Description [no] access-control list re-mark inprofile dot1p <0-7> Defines 802.1p value. The value is the priority bits information in the packet structure.
Remote Monitoring configuration Remote Monitoring (RMON) allows you to monitor traffic flowing through the switch. The RMON MIB is described in RFC 1757. The following table describes the RMON Configuration commands. Table 167 RMON commands Command Description show rmon Displays the current RMON configuration. Command mode: All RMON history configuration The switch supports up to five History Groups. The following table describes the RMON History commands.
Table 169 RMON Event commands Command Description [no] rmon event <1-65535> owner <1-127 characters> Enter a text string that identifies the person or entity that uses this event index. The owner can have a maximum of 127 characters. Command mode: Global configuration Deletes this event index. Command mode: Global configuration Displays the current RMON Event parameters.
Table 170 RMON Alarm commands Command Description show rmon alarm Displays the current RMON Alarm parameters. Command mode: All Port mirroring Port Mirroring is used to configure, enable, and disable the monitored port. When enabled, network packets being sent and/or received on a target port are duplicated and sent to a monitor port. By attaching a network analyzer to the monitor port, you can collect detailed information about your network performance and usage. Port mirroring is disabled by default.
Uplink Failure Detection configuration Uplink Failure Detection (UFD) supports network fault tolerance in network adapter teams. Use these commands to configure 4 Failure Detection Pair of one Links to Monitor (LtM) group and one Links to Disable (LtD) group. When UFD is enabled and a Failure Detection Pair is configured, the switch automatically disables ports in the LtD if it detects a failure in the LtM.
Link to Disable configuration The following table describes the Link to Disable (LtD) commands. The LtD can consist of any mix of downlink ports (ports 1-16) and trunk groups that contain only downlink ports and LACP trunk groups that contain only downlink ports. Table 176 Link to Disable commands Command Description ltd port Adds a port to the current LtD group. Only downlink ports (1-16) are allowed in the LtD. Command mode: FDP configuration Removes a port from the current LtD group.
Configuration Dump The dump program writes the current switch configuration to the terminal screen. To start the dump program, at the prompt, enter: Router(config)# show running-config The configuration is displayed with parameters that have been changed from the default values. The screen display can be captured, edited, and placed in a script file, which can be used to configure other switches. Paste the configuration commands from the script file at the command line prompt of the switch.
Operations Commands Introduction Operations-level commands are used for making immediate and temporary changes to switch configuration. Operations commands are used for bringing ports temporarily in and out of service. These commands are available only from an administrator and operator login. The following table describes basic Operations commands. The following sections provide more detailed information and commands.
Table 179 Operations-Level Port 802.1x commands Command Description interface port {} dot1x reauthenticate Re-authenticates the supplicant (client) attached to the port. This command only applies if the port‘s 802.1x mode is configured as auto. Command Mode: All Operations-level VRRP options Operations-level VRRP options are described in the following table.
Boot Options Introduction You must be logged in to the switch as the administrator to use the Boot Options commands. The Boot Options allow you to perform the following functions: Select a switch software image to be used when the switch is next reloaded. Select a configuration block to be used when the switch is next reloaded. Download or upload a new software image to the switch via FTP/TFTP. Each of the Boot Options commands is discussed in the following sections.
Source file name: The exact form of the name will vary by TFTP server. However, the file location is normally relative to the FTP or TFTP directory. 5. Enter the user name, if you are using a FTP server: Enter username for FTP server or hit return for TFTP server: 6. Enter the password for the FTP server (if prompted): Enter password for username on FTP server: 7. The system prompts you to confirm your request.
Enter name of switch software image to be uploaded ["image1"|"image2"|"boot"]: 3. Enter the name of the FTP/TFTP server or the IP address: Address or name of remote host: 4. Enter the name of the file into which the image will be uploaded on the FTP/TFTP server: Destination file name: 5. Enter the user name, if you are using a FTP server: Enter username for FTP server or hit return for TFTP server: 6.
To display current boot options, enter: >> Router# show boot Accessing the AOS CLI To access the AOS CLI, enter the following command from the ISCLI, and reload the switch: >> Router(config)# boot cli-mode aos The default command-line interface for this switch is the AOS CLI.
Maintenance Commands Introduction The Maintenance commands are used for debugging purposes, enabling you to generate a technical support dump of the critical state information in the switch, and to clear entries in the Forwarding Database (FDB)and the Address Resolution Protocol (ARP) and routing tables. These commands are available only from an administrator login.
Debugging options The Miscellaneous Debug commands display trace buffer information about events that can be helpful in understanding switch operation. You can view the following information using Debug commands: Events traced by the management processor (MP) Events traced to a buffer area when a reset occurs If the switch resets for any reason, the management processor (MP) trace buffer is saved into the snap trace buffer area.
IGMP Snooping maintenance The following table describes the IGMP Snooping Maintenance commands. Table 185 IGMP Snooping Maintenance commands Command Usage show ip igmp groups address show ip igmp groups vlan <1-4094> Shows a single IGMP Multicast group by IP address. Command mode: All Shows IGMP Multicast groups on a single VLAN. Command mode: All Shows IGMP Multicast groups on a single port. Command mode: All Shows all IGMP Multicast groups.
Uuencode flash dump show flash-dump-uuencode Command mode: All Using this command, dump information is presented in uuencoded format. This format makes it easy to capture the dump information as a file or a string of characters. If you want to capture dump information to a file, set your communication software on your workstation to capture session data prior to issuing the command. This will ensure that you do not lose any information.
Panic command The panic command causes the switch to dump state information immediately to flash memory and reboot. To select panic, at the prompt, enter: >> Router# debug panic A FLASH dump already exists. Confirm replacing existing dump and reboot [y/n]: Enter y to confirm the command: Dump and reboot [y/n]: y A list of messages is displayed: Starting system dump...done. Reboot at 11:54:08 Wednesday October 30, 2006... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
