CLI Guide
Table Of Contents
- Dell Command Line Reference Guide for the S6100–ON System 9.14.2.8
- About this Guide
- CLI Basics
- File Management
- Control and Monitoring
- alias
- banner exec
- banner login
- banner motd
- boot-type
- cam-acl
- clear average-power
- clear line
- configure
- disable
- do
- enable
- enable cpu-clock-monitor
- enable optic-info-update interval
- end
- exec-timeout
- exit
- ftp-server enable
- ftp-server topdir
- ftp-server username
- hostname
- ip ftp password
- ip ftp source-interface
- ip tftp vrf
- ip ftp username
- ip ftp vrf
- ip telnet server enable
- ip telnet server vrf
- ip telnet source-interface
- ip tftp vrf
- line
- logging disable-syslog snmp auth-failure
- login concurrent-session
- login statistics
- motd-banner
- ping
- reload
- reload-type
- send
- service timestamps
- show alias
- show alarms
- show cpu-traffic-stats
- show debugging
- show environment
- show inventory
- show login statistics
- show memory
- show processes cpu
- show processes ipc flow-control
- show processes memory
- show reload-type
- show reset-reason
- show software ifm
- show system
- show tech-support
- ssh-peer-stack-unit
- stack-unit location-led
- telnet
- telnet-peer-stack-unit
- terminal length
- traceroute
- undebug all
- warmboot-failure-action
- write
- 802.1X
- debug dot1x
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x auth-type mab-only
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x critical-vlan
- dot1x guest-vlan
- dot1x host-mode
- mac
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x max-supplicants
- dot1x port-control
- dot1x profile
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x static-mab
- dot1x supplicant-timeout
- dot1x tx-period
- show dot1x cos-mapping interface
- show dot1x interface
- show dot1x profile
- Access Control Lists (ACL)
- Commands Common to all ACL Types
- Common IP ACL Commands
- Standard IP ACL Commands
- Extended IP ACL Commands
- Extended IPv6 ACL Commands
- Common MAC Access List Commands
- Standard MAC ACL Commands
- Extended MAC ACL Commands
- IP Prefix List Commands
- Route Map Commands
- continue
- description
- match as-path
- match community
- match interface
- match ip address
- match ip next-hop
- match ip route-source
- match metric
- match origin
- match route-type
- match tag
- route-map
- set as-path
- set automatic-tag
- set comm-list delete
- set community
- set level
- set local-preference
- set metric
- set metric-type
- set next-hop
- set origin
- set tag
- set weight
- show config
- show route-map
- deny (for Standard IP ACLs)
- deny (for Extended IP ACLs)
- seq (for Standard IPv4 ACLs)
- deny tcp (for Extended IP ACLs)
- deny ether-type (for Extended MAC ACLs)
- deny (for Standard MAC ACLs)
- deny (for Extended MAC ACLs)
- permit (for Standard IP ACLs)
- permit arp (for Extended MAC ACLs)
- permit ether-type (for Extended MAC ACLs)
- permit icmp (for Extended IP ACLs)
- permit udp (for Extended IP ACLs)
- permit (for Extended IP ACLs)
- permit (for Standard MAC ACLs)
- seq (for Standard MAC ACLs)
- permit tcp (for Extended IP ACLs)
- seq arp (for Extended MAC ACLs)
- seq ether-type (for Extended MAC ACLs)
- seq (for IP ACLs)
- permit icmp (for IPv6 ACLs)
- permit tcp (for IPv6 ACLs)
- permit udp (for IPv6 ACLs)
- seq (for IPv6 ACLs)
- permit (for IPv6 ACLs)
- deny arp (for Extended MAC ACLs)
- deny icmp (for Extended IPv6 ACLs)
- deny tcp (for IPv6 ACLs)
- deny udp (for Extended IP ACLs)
- deny (for IPv6 ACLs)
- Bidirectional Forwarding Detection (BFD)
- Border Gateway Protocol
- BGP IPv4 Commands
- address-family
- aggregate-address
- bgp add-path
- bgp always-compare-med
- bgp asnotation
- bgp bestpath as-path ignore
- bgp bestpath as-path multipath-relax
- bgp bestpath med confed
- bgp bestpath med missing-as-best
- bgp bestpath router-id ignore
- bgp client-to-client reflection
- bgp cluster-id
- bgp confederation identifier
- bgp confederation peers
- bgp dampening
- bgp default local-preference
- bgp dmzlink-bw
- bgp enforce-first-as
- bgp fast-external-fallover
- bgp four-octet-as-support
- bgp graceful-restart
- bgp non-deterministic-med
- bgp outbound-optimization
- bgp recursive-bgp-next-hop
- bgp regex-eval-optz-disable
- bgp router-id
- clear ip bgp
- clear ip bgp dampening
- clear ip bgp flap-statistics
- clear ip bgp peer-group
- debug ip bgp
- debug ip bgp dampening
- debug ip bgp events
- debug ip bgp keepalives
- debug ip bgp notifications
- debug ip bgp soft-reconfiguration
- debug ip bgp updates
- default-metric
- deny bandwidth
- description
- maximum-paths
- neighbor activate
- neighbor add-path
- neighbor advertisement-interval
- neighbor advertisement-start
- neighbor allowas-in
- neighbor default-originate
- neighbor description
- neighbor distribute-list
- neighbor ebgp-multihop
- neighbor fall-over
- neighbor local-as
- neighbor maximum-prefix
- neighbor password
- neighbor peer-group (assigning peers)
- neighbor peer-group (creating group)
- neighbor peer-group passive
- neighbor remote-as
- neighbor remove-private-as
- neighbor route-map
- neighbor route-reflector-client
- neighbor send-community
- neighbor shutdown
- neighbor soft-reconfiguration inbound
- neighbor timers
- neighbor timers extended
- neighbor update-source
- neighbor weight
- network
- network backdoor
- permit bandwidth
- redistribute
- redistribute ospf
- router bgp
- shutdown all
- shutdown address-family-ipv4–multicast
- shutdown address-family-ipv4–unicast
- shutdown address-family-ipv6–unicast
- set extcommunity bandwidth
- show capture bgp-pdu neighbor
- show config
- show ip bgp
- show ip bgp cluster-list
- show ip bgp community
- show ip bgp community-list
- show ip bgp dampened-paths
- show ip bgp detail
- show ip bgp extcommunity-list
- show ip bgp filter-list
- show ip bgp flap-statistics
- show ip bgp inconsistent-as
- show ip bgp neighbors
- show ip bgp next-hop
- show ip bgp paths
- show ip bgp paths community
- show ip bgp peer-group
- show ip bgp regexp
- show ip bgp summary
- show running-config bgp
- timers bgp
- timers bgp extended
- MBGP Commands
- BGP IPv4 Commands
- Content Addressable Memory (CAM)
- Control Plane Policing (CoPP)
- control-plane-cpuqos
- cpu-protocol-group
- copp-profile
- cpu-queue
- copp-policy
- protocol-list
- queue-length
- service-policy rate-limit-cpu-queues
- service-policy rate-limit-protocols
- show cpu-queue rate cp
- show ip protocol-queue-mapping
- show ipv6 protocol-queue-mapping
- show mac protocol-queue-mapping
- show running-config copp-profile
- show running-config cpu-protocol-group
- Data Center Bridging (DCB)
- DCB Command
- PFC Commands
- ETS Commands
- DCBX Commands
- dcb-map
- priority-pgid
- priority-group bandwidth pfc
- dcb-map stack-unit all stack-ports all
- dcb pfc-shared-buffer-size
- dcb pfc-headroom-buffer-size
- dcb-buffer-threshold
- priority
- dcb-policy buffer-threshold (Interface Configuration)
- dcb pfc-total-buffer-size
- show running-config dcb-buffer-threshold
- dcb pfc-queues
- dcb {ets | pfc} enable
- Debugging and Diagnostics
- Diagnostics and Monitoring Commands
- Offline Diagnostic Commands
- Hardware Commands
- clear hardware stack-unit
- clear hardware system-flow
- clear hardware vlan-counters
- hardware watchdog
- show hardware mac
- show hardware ip
- show hardware stack-unit
- show hardware stack-unit buffer
- show hardware buffer headroom-pool
- show hardware buffer service-pool
- show hardware buffer-stats-snapshot
- show hardware counters interface
- show hardware drops
- show hardware system-flow
- show hardware vlan-counters
- show hardware stack-unit buffer-stats-snapshot
- show hardware stack-unit buffer-stats-snapshot (Total Buffer Information)
- Dynamic Host Configuration Protocol (DHCP)
- Commands to Configure the System to be a DHCP Server
- Commands to Configure Secure DHCP
- arp inspection
- arp inspection-limit
- arp inspection-trust
- clear ip dhcp snooping
- clear ipv6 dhcp snooping binding
- ip dhcp relay
- ip dhcp snooping
- ipv6 dhcp snooping
- ipv6 dhcp snooping vlan
- ip dhcp snooping binding
- IPv6 DHCP Snooping Binding
- ip dhcp snooping database
- ipv6 dhcp snooping database write-delay
- ip dhcp snooping database renew
- ipv6 dhcp snooping database renew
- ip dhcp snooping trust
- ipv6 dhcp snooping trust
- ip dhcp source-address-validation
- ip dhcp relay information-option
- ip dhcp relay source-interface
- ipv6 dhcp relay source-interface
- ip dhcp snooping verify mac-address
- ipv6 dhcp snooping verify mac-address
- ip helper-address
- ipv6 helper-address
- show ip dhcp snooping
- show ipv6 dhcp snooping
- Commands to Configure DNS
- Equal Cost Multi-Path (ECMP)
- Flex Hash and Optimized Boot-Up
- FIP Snooping
- clear fip-snooping database interface vlan
- clear fip-snooping statistics
- debug fip snooping
- debug fip snooping rx
- feature fip-snooping
- fip-snooping enable
- fip-snooping fc-map
- fip-snooping max-sessions-per-enodemac
- fip-snooping port-mode fcf
- fip-snooping port-mode fcoe-trusted
- show fip-snooping config
- show fip-snooping enode
- show fip-snooping fcf
- show fip-snooping statistics
- show fip-snooping system
- show fip-snooping vlan
- show fips status
- Force10 Resilient Ring Protocol (FRRP)
- GARP VLAN Registration (GVRP)
- ICMP Message Types
- Internet Group Management Protocol (IGMP)
- Interfaces
- Basic Interface Commands
- clear counters
- clear dampening
- dampening
- description
- default interface
- encapsulation dot1q
- errdisable recovery cause
- errdisable recovery interval
- fec default
- fec enable
- flowcontrol
- interface
- interface group
- interface loopback
- interface managementEthernet
- interface null
- interface range
- interface range macro (define)
- interface range macro name
- interface vlan
- intf-type cr1 autoneg
- intf-type cr2 autoneg
- intf-type cr4 autoneg
- keepalive
- monitor interface
- mtu
- negotiation auto
- no port-delay-restore (Interface Mode)
- port-delay-restore (Configuration Mode)
- portmode hybrid
- rate-interval
- rate-interval (Configuration Mode)
- show config
- show config (for speed)
- show config (from INTERFACE RANGE mode)
- show interfaces
- show interfaces configured
- show interfaces dampening
- show interfaces stack-unit
- show interfaces status
- show interfaces vlan
- show system stack-unit fanout configured
- show interfaces switchport
- show interfaces transceiver
- show range
- shutdown
- speed (for 10/100/1000/10000 interfaces)
- speed (Management interface)
- stack-unit portmode
- switchport
- Port Channel Commands
- Enhanced Validation of Interface Ranges
- ip http source-interface
- Basic Interface Commands
- IPv4 Routing
- arp
- arp backoff-time
- arp learn-enable
- arp max-entries
- arp retries
- arp timeout
- clear arp-cache
- clear host
- clear ip fib stack-unit
- clear ip route
- clear tcp statistics
- debug arp
- debug ip dhcp
- debug ip icmp
- debug ip packet
- icmp6-redirect enable
- ip address
- ip directed-broadcast
- ip domain-list
- ip domain-lookup
- ip domain-name
- ip helper-address
- ip helper-address hop-count disable
- ip host
- ip icmp source-interface
- ipv6 icmp source-interface
- ip max-frag-count
- ip name-server
- ip proxy-arp
- ip route
- ip source-route
- ip tcp initial-time
- ip unknown-unicast
- ipv4 unicast-host-route
- show ip tcp initial-time
- ip unreachables
- load-balance
- load-balance hg
- management route
- show arp
- show arp retries
- show hosts
- show ip cam stack-unit
- show ip fib stack-unit
- show ip flow
- show ip interface
- show ip management-route
- show ipv6 management-route
- show ip protocols
- show ip route
- show ip route list
- show ip route summary
- show ip traffic
- show tcp statistics
- IPv6 Basics
- IPv6 Access Control Lists (IPv6 ACLs)
- Intermediate System to Intermediate System (IS-IS)
- adjacency-check
- advertise
- area-password
- clear config
- clear isis
- clns host
- debug isis
- debug isis adj-packets
- debug isis local-updates
- debug isis snp-packets
- debug isis spf-triggers
- debug isis update-packets
- default-information originate
- description
- distance
- distribute-list in
- distribute-list out
- distribute-list redistributed-override
- domain-password
- graceful-restart ietf
- graceful-restart interval
- graceful-restart restart-wait
- graceful-restart t1
- graceful-restart t2
- graceful-restart t3
- hello padding
- hostname dynamic
- ignore-lsp-errors
- ip router isis
- ipv6 router isis
- isis circuit-type
- isis csnp-interval
- isis hello-interval
- isis hello-multiplier
- isis hello padding
- isis ipv6 metric
- isis metric
- isis network point-to-point
- isis password
- isis priority
- is-type
- log-adjacency-changes
- lsp-gen-interval
- lsp-mtu
- lsp-refresh-interval
- max-area-addresses
- max-lsp-lifetime
- maximum-paths
- metric-style
- multi-topology
- net
- passive-interface
- redistribute
- redistribute bgp
- redistribute ospf
- router isis
- set-overload-bit
- show config
- show isis database
- show isis graceful-restart detail
- show isis hostname
- show isis interface
- show isis neighbors
- show isis protocol
- show isis traffic
- spf-interval
- iSCSI Optimization
- Link Aggregation Control Protocol (LACP)
- Layer 2
- MAC Addressing Commands
- mac-address-table aging-time
- mac-address-table aging-time
- mac-address-table static
- mac-address-table station-move refresh-arp
- mac learning-limit
- mac learning-limit learn-limit-violation
- mac learning-limit mac-address-sticky
- mac learning-limit station-move-violation
- mac learning-limit reset
- mac port-security
- show mac-address-table
- show mac-address-table aging-time
- show mac learning-limit
- Virtual LAN (VLAN) Commands
- Far-End Failure Detection (FEFD)
- MAC Addressing Commands
- Link Layer Discovery Protocol (LLDP)
- Microsoft Network Load Balancing
- Multicast Source Discovery Protocol (MSDP)
- clear ip msdp peer
- clear ip msdp sa-cache
- clear ip msdp statistic
- ip msdp cache-rejected-sa
- ip msdp default-peer
- ip msdp log-adjacency-changes
- ip msdp mesh-group
- ip msdp originator-id
- ip msdp peer
- ip msdp redistribute
- ip msdp sa-filter
- ip msdp sa-limit
- ip msdp shutdown
- ip multicast-msdp
- show ip msdp
- show ip msdp sa-cache rejected-sa
- Multicast Listener Discovery Protocol
- Multiple Spanning Tree Protocol (MSTP)
- Multicast
- Neighbor Discovery Protocol (NDP)
- IPv6 Router Advertisement (RA) Guard
- clear ipv6 neighbors
- debug ipv6 nd ra–guard
- device–role
- hop–limit
- ipv6 nd ra–guard attach–policy
- ipv6 nd ra–guard enable
- ipv6 nd ra–guard policy
- ipv6 neighbor
- managed-config-flag
- match ra
- match ra
- mtu
- other–config–flag
- reachable–time
- retrans-time
- router–lifetime
- router–preference maximum
- show config
- show ipv6 nd ra–guard policy
- show ipv6 neighbors
- trusted–port
- IPv6 Router Advertisement (RA) Guard
- Object Tracking
- Open Shortest Path First (OSPFv2 and OSPFv3)
- OSPFv2 Commands
- area default-cost
- area nssa
- area range
- area stub
- auto-cost
- clear ip ospf
- clear ip ospf statistics
- debug ip ospf
- default-information originate
- default-metric
- description
- distance
- distance ospf
- distribute-list in
- distribute-list out
- fast-convergence
- flood-2328
- graceful-restart grace-period
- graceful-restart helper-reject
- graceful-restart mode
- graceful-restart role
- ip ospf auth-change-wait-time
- ip ospf authentication-key
- ip ospf cost
- ip ospf dead-interval
- ip ospf hello-interval
- ip ospf message-digest-key
- ip ospf mtu-ignore
- ip ospf network
- ip ospf priority
- ip ospf retransmit-interval
- ip ospf transmit-delay
- log-adjacency-changes
- maximum-paths
- mib-binding
- network area
- passive-interface
- redistribute
- redistribute bgp
- redistribute isis
- router-id
- router ospf
- show config
- show ip ospf
- show ip ospf asbr
- show ip ospf database
- show ip ospf database asbr-summary
- show ip ospf database external
- show ip ospf database network
- show ip ospf database nssa-external
- show ip ospf database opaque-area
- show ip ospf database opaque-as
- show ip ospf database opaque-link
- show ip ospf database router
- show ip ospf database summary
- show ip ospf interface
- show ip ospf neighbor
- show ip ospf routes
- show ip ospf statistics
- show ip ospf timers rate-limit
- show ip ospf topology
- summary-address
- timers spf
- timers throttle lsa all
- timers throttle lsa arrival
- OSPFv3 Commands
- area authentication
- area encryption
- area nssa
- area range
- auto-cost
- clear ipv6 ospf process
- debug ipv6 ospf bfd
- debug ipv6 ospf events
- debug ipv6 ospf packet
- debug ipv6 ospf spf
- default-information originate
- graceful-restart grace-period
- graceful-restart mode
- ipv6 ospf area
- ipv6 ospf authentication
- ipv6 ospf cost
- ipv6 ospf dead-interval
- ipv6 ospf encryption
- ipv6 ospf graceful-restart helper-reject
- ipv6 ospf hello-interval
- ipv6 ospf priority
- ipv6 router ospf
- maximum-paths
- max-metric router-lsa
- passive-interface
- redistribute
- router-id
- show crypto ipsec policy
- show crypto ipsec sa ipv6
- show ipv6 ospf database
- show ipv6 ospf interface
- show ipv6 ospf neighbor
- snmp context
- timers spf
- OSPFv2 Commands
- Policy-based Routing (PBR)
- PIM-Sparse Mode (PIM-SM)
- IPv4 PIM-Sparse Mode Commands
- clear ip pim rp-mapping
- clear ip pim tib
- debug ip pim
- ip pim bsr-border
- ip pim bsr-candidate
- ip pim dr-priority
- ip pim join-filter
- ip pim neighbor-filter
- ip pim query-interval
- ip pim register-filter
- ip pim rp-address
- ip pim rp-candidate
- ip pim sparse-mode
- ip pim sparse-mode sg-expiry-timer
- ip pim ssm-range
- ip pim spt-threshold
- show ip pim bsr-router
- show ip pim interface
- show ip pim neighbor
- show ip pim rp
- show ip pim ssm-range
- show ip pim summary
- show ip pim tib
- IPv6 PIM-Sparse Mode Commands
- clear ipv6 pim tib
- debug ipv6 pim
- ipv6 pim bsr-border
- ipv6 pim bsr-candidate
- ipv6 pim dr-priority
- ipv6 pim query-interval
- ipv6 pim rp-address
- ipv6 pim rp-candidate
- ipv6 pim sparse-mode
- ipv6 pim sparse-mode sg-expiry-timer
- ipv6 pim spt-threshold
- show ipv6 pim bsr-router
- show ipv6 pim interface
- show ipv6 pim neighbor
- show ipv6 pim rp
- show ipv6 pim summary
- show ipv6 pim tib
- IPv4 PIM-Sparse Mode Commands
- Port Monitoring
- Private VLAN (PVLAN)
- Per-VLAN Spanning Tree Plus (PVST+)
- Quality of Service (QoS)
- Global Configuration Commands
- Per-Port QoS Commands
- Policy-Based QoS Commands
- bandwidth-percentage
- buffer-stats-snapshot
- class-map
- clear qos statistics
- description
- match ip access-group
- match ip dscp
- match ip precedence
- match mac access-group
- match mac dot1p
- match mac vlan
- policy-aggregate
- policy-map-input
- policy-map-output
- qos-policy-input
- qos-policy-output
- rate-police
- rate-shape
- resequence class-map
- service-policy input
- service-policy output
- service-queue
- set
- show qos class-map
- show qos policy-map
- show qos policy-map-input
- show qos policy-map-output
- show qos qos-policy-input
- show qos qos-policy-output
- show qos statistics
- show qos statistics wred-ecn
- show qos wred-profile
- service-class buffer shared-threshold-weight
- test cam-usage
- threshold
- trust
- unsequence class-map all
- wred
- wred ecn
- wred weight
- wred-profile
- rate shape
- service-pool wred
- DSCP Color Map Commands
- Routing Information Protocol (RIP)
- auto-summary
- clear ip rip
- debug ip rip
- default-information originate
- default-metric
- description
- distance
- distribute-list in
- distribute-list out
- ip poison-reverse
- ip rip receive version
- ip rip send version
- ip split-horizon
- maximum-paths
- neighbor
- network
- offset-list
- output-delay
- passive-interface
- redistribute
- redistribute isis
- redistribute ospf
- router rip
- show config
- show ip rip database
- show running-config rip
- timers basic
- version
- Remote Monitoring (RMON)
- Rapid Spanning Tree Protocol (RSTP)
- Security
- AAA Accounting Commands
- Authorization and Privilege Commands
- Obscure Password Commands
- Authentication and Password Commands
- RADIUS Commands
- client
- client-key
- coa-bounce-port
- coa-disable-port
- coa-reauthenticate
- debug radius
- da-rsp-timeout
- disconnect-user
- dynamic-auth-enable
- ip radius source-interface
- port
- radius dynamic-auth
- radius-server deadtime
- radius-server group
- radius-server host
- radius-server vrf
- radius-server key
- radius-server retransmit
- radius-server timeout
- rate-limit
- replay-protection-window
- terminate-session
- TACACS+ Commands
- Port Authentication (802.1X) Commands
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x guest-vlan
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x port-control
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x supplicant-timeout
- dot1x tx-period
- show dot1x interface
- SSH and SCP Commands
- crypto key generate
- crypto key zeroize rsa
- debug ip ssh
- ip scp topdir
- ip ssh authentication-retries
- ip ssh challenge–response–authentication
- ip ssh connection-rate-limit
- ip ssh connection-rate-interval
- ip ssh connection-rate-lockout
- ip ssh hostbased-authentication
- ip ssh password-authentication
- ip ssh rekey
- ip ssh pub-key-file
- ip ssh rhostsfile
- ip ssh rsa-authentication (Config)
- ip ssh server
- ip ssh server dns enable
- ip ssh server vrf
- ip ssh source-interface
- ip ssh vrf
- show crypto
- show ip ssh
- show ip ssh client-pub-keys
- show ip ssh rsa-authentication
- ssh
- Secure DHCP Commands
- Role-Based Access Control Commands
- ICMP Vulnerabilities
- System Security Commands
- Service Provider Bridging
- sFlow
- Simple Network Management Protocol (SNMP) and Syslog
- SNMP Commands
- show snmp
- show snmp engineID
- show snmp group
- show snmp supported-mibs
- show snmp supported-traps
- show snmp user
- snmp context
- snmp ifmib ifalias long
- snmp-server community
- snmp-server contact
- snmp-server enable traps
- snmp-server engineID
- snmp-server group
- snmp-server host
- snmp-server location
- snmp-server packetsize
- snmp-server trap-source
- snmp-server user
- snmp-server user (for AES128-CFB Encryption)
- snmp-server view
- snmp-server vrf
- snmp trap link-status
- Syslog Commands
- clear logging
- clear logging auditlog
- default logging buffered
- default logging console
- default logging monitor
- default logging trap
- logging
- logging buffered
- logging console
- logging extended
- logging facility
- logging history
- logging history size
- logging monitor
- logging on
- logging source-interface
- logging synchronous
- logging trap
- logging version
- show logging auditlog
- show logging
- show logging driverlog stack-unit
- terminal monitor
- SNMP Commands
- SNMP Traps
- Storm Control
- polling-interval
- xoff-state threshold polling-count
- disable storm-control pfc
- storm-control pfc in queue-drop
- queue-drop backoff-force
- queue-drop backoff-on-norxpfc
- storm-control pfc in queue-drop-state clear
- show storm-control pfc status
- clear storm-control pfc drop-counters
- show storm-control pfc statistics
- clear storm-control pfc statistics
- show storm-control broadcast
- show storm-control multicast
- show storm-control unknown-unicast
- storm-control broadcast (Configuration)
- storm-control broadcast (Interface)
- storm-control multicast (Configuration)
- storm-control multicast (Interface)
- storm-control unknown-unicast (Configuration)
- storm-control unknown-unicast (Interface)
- Spanning Tree Protocol (STP)
- SupportAssist
- System Time and Date
- clock summer-time date
- clock summer-time recurring
- clock timezone
- debug ntp
- ntp authenticate
- ntp broadcast client
- ntp control-key-passwd
- ntp disable
- ntp master
- ntp offset-threshold
- ntp server
- ntp source
- ntp step-threshold
- ntp trusted-key
- ntp authentication-key
- show clock
- show ntp associations
- show ntp vrf associations
- show ntp status
- Uplink Failure Detection (UFD)
- Tunneling
- VLAN Stacking
- Virtual Routing and Forwarding (VRF)
- VLT Proxy Gateway
- Virtual Link Trunking (VLT)
- back-up destination
- clear vlt statistics
- delay-restore
- delay-restore abort-threshold
- lacp ungroup member-independent
- multicast peer-routing timeout
- peer-link port-channel
- peer-routing
- peer-routing-timeout
- primary-priority
- show vlt brief
- show vlt backup-link
- show vlt counters
- show vlt detail
- show vlt inconsistency
- show vlt mismatch
- show vlt role
- show vlt statistics
- show vlt statistics igmp-snoop
- unit-id
- vlt domain
- vlt-peer-lag port-channel
- Virtual Extensible LAN (VXLAN)
- clear vxlan vxlan-instance statistics
- clear mac-address-table dynamic
- controller
- debug vxlan
- disable-mac-learn
- feature vxlan
- fail-mode
- gateway-ip
- local-vtep-ip
- max_backoff
- peer-ovsdbserver-ip
- remote-vtep-ip
- vnid
- vni-profile
- vxlan-instance
- vxlan-instance (VAP)
- vxlan-instance loopback
- vxlan-instance static
- vxlan-vnid
- show running-config vxlan
- show vxlan vxlan-instance
- show vxlan vxlan-instance logical network
- show vxlan vxlan-instance physical-locator
- show vxlan vxlan-instance statistics interface
- show vxlan vxlan-instance statistics remote-vtep-ip
- show vxlan vxlan-instance unicast-mac-local
- show vxlan vxlan-instance unicast-mac-remote
- show vxlan vxlan-instance vtep-vni-map
- Virtual Router Redundancy Protocol (VRRP)
- X.509v3
Version Description
8.3.11.1 Introduced on the Z9000.
8.5.1.0 Added support for the 4-port 40G line cards.
8.3.7.0 Introduced on the S4810.
7.6.1.0 Introduced on the S-Series.
7.5.1.0 Introduced on the C-Series.
6.2.1.1 Introduced.
Usage
Information
NOTE: The vrf option is available only when VRF feature is enabled.
show ip
accounting
access-
lists Field
Description
“Extended IP...” Displays the name of the IP ACL.
“seq 5...” Displays the filter. If the keywords count or byte were configured in the filter,
the number of packets or bytes the filter processes is displayed at the end of the
line.
“order 4” Displays the QoS order of priority for the ACL entry.
Example
Standard IP ACL Commands
When you create an ACL without any rule and then apply it to an interface, the ACL behavior reflects an implicit permit.
The platform supports both Ingress and Egress IP ACLs.
NOTE: Also refer to the Commands Common to all ACL Types and Common IP ACL Commands sections.
deny
To drop packets with a certain IP address, configure a filter.
Syntax
deny {source | any | host {ip-address}} [count [bytes] | log] [dscp value]
[ecn value] [fragments] [monitor] [no-drop] [order]
To remove this filter, you have two choices:
● Use the no seq sequence-number command if you know the filter’s sequence number.
● Use the no deny {source [mask] | any | host ip-address} command.
Parameters
source
Enter the IP address in dotted decimal format of the network from which the
packet was sent.
any Enter the keyword any to specify that all routes are subject to the filter.
host
ip-address
Enter the keyword host and then enter the IP address to specify a host IP address
only.
count (OPTIONAL) Enter the keyword count to count the packets.
bytes (OPTIONAL) Enter the keyword bytes to count the bytes.
log (OPTIONAL) Enter the keyword log to enter ACL matches in the log.
Access Control Lists (ACL) 193