Deployment Guide
Table Of Contents
- Dell EMC Networking Command-Line Reference Guide for the C9010 Series Version 9.14.2.1
- About this Guide
- CLI Basics
- Control and Monitoring
- asf-mode
- banner exec
- banner login
- banner motd
- cam-acl
- cam-audit linecard
- clear alarms
- clear average-power
- clear line
- configure
- debug cpu-traffic-stats
- debug ftpserver
- disable
- do
- enable
- enable cpu-clock-monitor
- enable optic-info-update interval
- end
- exec-timeout
- exit
- ftp-server enable
- ftp-server topdir
- ftp-server username
- hostname
- ip ftp password
- ip ftp source-interface
- ip ftp username
- ip http source-interface
- ip telnet server enable
- ip telnet source-interface
- ip tftp source-interface
- line
- logging coredump server
- login concurrent-session
- login statistics
- ping
- power on
- reload
- send
- service timestamps
- show alarms
- show asf
- show chassis
- show command-history
- show console lp
- show cpu-traffic-stats
- show cpu-interface-stats
- show debugging
- show environment
- show inventory
- show linecard
- show login statistics
- show memory
- show processes cpu
- show processes ipc
- show processes ipc flow-control
- show processes memory
- show reset-reason
- show rpm
- show software ifm
- show system linecard
- show tech-support
- show util-threshold cpu
- show util-threshold memory
- show version
- telnet
- terminal length
- traceroute
- undebug all
- upload trace-log
- util-threshold cpu
- util-threshold memory
- virtual-ip
- write
- File Management
- 802.1X
- debug dot1x
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x auth-type mab-only
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x critical-vlan
- dot1x guest-vlan
- dot1x host-mode
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x max-supplicants
- dot1x port-control
- dot1x profile
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x static-mab
- dot1x supplicant-timeout
- dot1x tx-period
- mac
- show dot1x cos-mapping interface
- show dot1x interface
- show dot1x profile
- Access Control Lists (ACL)
- Commands Common to all ACL Types
- Common IP ACL Commands
- Standard IP ACL Commands
- Extended IP ACL Commands
- ACL VLAN Group Commands
- Common MAC ACL Commands
- Standard MAC ACL Commands
- Extended MAC ACL Commands
- IP Prefix List Commands
- Route Map Commands
- continue
- description
- match as-path
- match community
- match interface
- match ip address
- match ip next-hop
- match ip route-source
- match metric
- match origin
- match route-type
- match tag
- route-map
- set as-path
- set automatic-tag
- set comm-list delete
- set community
- set level
- set local-preference
- set metric
- set metric-type
- set next-hop
- set origin
- set tag
- set weight
- show config
- show route-map
- AS-Path Commands
- IP Community List Commands
- Bidirectional Forwarding Detection (BFD)
- Border Gateway Protocol
- BGP IPv4 Commands
- address-family
- aggregate-address
- bgp add-path
- bgp always-compare-med
- bgp asnotation
- bgp bestpath as-path ignore
- bgp bestpath as-path multipath-relax
- bgp bestpath med confed
- bgp bestpath med missing-as-best
- bgp bestpath router-id ignore
- bgp client-to-client reflection
- bgp cluster-id
- bgp confederation identifier
- bgp confederation peers
- bgp dampening
- bgp default local-preference
- bgp dmzlink-bw
- bgp enforce-first-as
- bgp fast-external-fallover
- bgp four-octet-as-support
- bgp graceful-restart
- bgp log-neighbor-changes
- bgp non-deterministic-med
- bgp outbound-optimization
- bgp recursive-bgp-next-hop
- bgp regex-eval-optz-disable
- bgp router-id
- bgp soft-reconfig-backup
- capture bgp-pdu neighbor
- capture bgp-pdu max-buffer-size
- clear ip bgp
- clear ip bgp dampening
- clear ip bgp flap-statistics
- clear ip bgp peer-group
- debug ip bgp
- debug ip bgp dampening
- debug ip bgp events
- debug ip bgp keepalives
- debug ip bgp notifications
- debug ip bgp soft-reconfiguration
- debug ip bgp updates
- default-metric
- deny bandwidth
- description
- distance bgp
- maximum-paths
- neighbor activate
- neighbor add-path
- neighbor advertisement-interval
- neighbor advertisement-start
- neighbor allowas-in
- neighbor default-originate
- neighbor description
- neighbor distribute-list
- neighbor dmzlink-bw
- neighbor ebgp-multihop
- neighbor fall-over
- neighbor filter-list
- neighbor local-as
- neighbor maximum-prefix
- neighbor next-hop-self
- neighbor password
- neighbor peer-group (assigning peers)
- neighbor peer-group (creating group)
- neighbor peer-group passive
- neighbor remote-as
- neighbor remove-private-as
- neighbor route-map
- neighbor route-reflector-client
- neighbor send-community
- neighbor shutdown
- neighbor soft-reconfiguration inbound
- neighbor subnet
- neighbor timers
- neighbor timers extended
- neighbor update-source
- neighbor weight
- network
- network backdoor
- permit bandwidth
- redistribute
- redistribute ospf
- router bgp
- set extcommunity bandwidth
- shutdown all
- shutdown address-family-ipv4–multicast
- shutdown address-family-ipv4–unicast
- shutdown address-family-ipv6–unicast
- show capture bgp-pdu neighbor
- show config
- show ip bgp
- show ip bgp cluster-list
- show ip bgp community
- show ip bgp community-list
- show ip bgp dampened-paths
- show ip bgp detail
- show ip bgp extcommunity-list
- show ip bgp filter-list
- show ip bgp flap-statistics
- show ip bgp inconsistent-as
- show ip bgp neighbors
- show ip bgp next-hop
- show ip bgp paths
- show ip bgp paths as-path
- show ip bgp paths community
- show ip bgp peer-group
- show ip bgp regexp
- show ip bgp summary
- show running-config bgp
- timers bgp
- timers bgp extended
- MBGP Commands
- BGP Extended Communities (RFC 4360)
- IPv6 BGP Commands
- address-family
- address family ipv6 unicast
- aggregate-address
- bgp always-compare-med
- bgp bestpath as-path ignore
- bgp bestpath med confed
- bgp bestpath med missing-as-best
- bgp client-to-client reflection
- bgp cluster-id
- bgp confederation identifier
- bgp dampening
- bgp default local-preference
- bgp enforce-first-as
- bgp fast-external-fallover
- bgp four-octet-as-support
- bgp graceful-restart
- bgp log-neighbor-changes
- bgp non-deterministic-med
- bgp recursive-bgp-next-hop
- bgp regex-eval-optz-disable
- bgp router-id
- bgp soft-reconfig-backup
- capture bgp-pdu max-buffer-size
- capture bgp-pdu neighbor (ipv6)
- clear ip bgp ipv6-address
- clear ip bgp * (asterisk)
- clear ip bgp as-number
- clear ip bgp ipv6 dampening
- clear ip bgp ipv6 flap-statistics
- clear ip bgp ipv6 unicast
- clear ip bgp ipv6 unicast dampening
- clear ip bgp ipv6 unicast flap-statistics
- debug ip bgp keepalives
- debug ip bgp ipv6 dampening
- debug ip bgp ipv6 unicast peer-group updates
- debug ip bgp ipv6 unicast dampening
- debug ip bgp ipv6 unicast updates
- debug ip bgp notifications
- debug ip bgp updates
- default-metric
- description
- distance bgp
- ipv6 prefix-list
- maximum-paths
- neighbor activate
- neighbor advertisement-interval
- neighbor allowas-in
- neighbor default-originate
- neighbor description
- neighbor distribute-list
- neighbor ebgp-multihop
- neighbor fall-over
- neighbor filter-list
- neighbor maximum-prefix
- neighbor next-hop-self
- neighbor peer-group (assigning peers)
- neighbor peer-group (creating group)
- neighbor peer-group passive
- neighbor remote-as
- neighbor remove-private-as
- neighbor route-map
- neighbor route-reflector-client
- neighbor send-community
- neighbor soft-reconfiguration inbound
- neighbor subnet
- neighbor shutdown
- neighbor timers
- neighbor update-source
- neighbor weight
- neighbor X:X:X::X password
- network
- network backdoor
- redistribute
- redistribute ospf
- router bgp
- show capture bgp-pdu neighbor
- show config
- show ip bgp next-hop
- show ip bgp paths
- show ip bgp paths as-path
- show ip bgp paths community
- show ip bgp paths extcommunity
- show ip bgp regexp
- show ipv6 prefix-list
- show ip bgp ipv6 unicast
- show ip bgp ipv6 unicast cluster-list
- show ip bgp ipv6 unicast community
- show ip bgp ipv6 unicast community-list
- show ip bgp ipv6 unicast dampened-paths
- show ip bgp ipv6 unicast detail
- show ip bgp ipv6 unicast extcommunity-list
- show ip bgp ipv6 unicast filter-list
- show ip bgp ipv6 unicast flap-statistics
- show ip bgp ipv6 unicast inconsistent-as
- show ip bgp ipv6 unicast neighbors
- show ip bgp ipv6 unicast peer-group
- show ip bgp ipv6 unicast summary
- timers bgp
- IPv6 MBGP Commands
- BGP IPv4 Commands
- Content Addressable Memory (CAM)
- Control Plane Policing (CoPP)
- clear control-traffic protocol
- clear control-traffic queue
- control-plane-cpuqos
- service-policy rate-limit-cpu-queues
- service-policy rate-limit-protocols
- show control-traffic protocol
- show control-traffic queue
- show cpu-queue rate
- show ip protocol-queue-mapping
- show ipv6 protocol-queue-mapping
- show mac protocol-queue-mapping
- show protocol-queue-mapping
- Data Center Bridging (DCB)
- DCB Commands
- PFC Commands
- ETS Commands
- DCBX Commands
- dcb-map
- priority-pgid
- priority-group bandwidth pfc
- dcb-map stack-unit all stack-ports all
- dcb pfc-shared-buffer-size
- dcb-buffer-threshold
- priority
- qos-policy-buffer
- dcb-policy buffer-threshold (Interface Configuration)
- show qos dcb-buffer-threshold
- show hardware stack-unit buffer-stats-snapshot
- dcb pfc-total-buffer-size
- show running-config dcb-buffer-threshold
- dcb pfc-queues
- dcb {ets | pfc} enable
- Debugging and Diagnostics
- Dynamic Host Configuration Protocol (DHCP)
- Configure a DHCP Server and DHCP Clients
- clear ip dhcp
- debug ip dhcp client events
- debug ip dhcp client packets
- debug ip dhcp server
- default-router
- disable
- dns-server
- domain-name
- excluded-address
- hardware-address
- host-address
- ip address dhcp
- ip address dhcp relay information-option
- ip address dhcp vendor-class-identifier
- ip dhcp relay secondary-subnet
- ip dhcp server
- ip helper-address
- ipv6 helper-address
- lease
- netbios-name-server
- netbios-node-type
- network
- pool
- show ip dhcp client statistics
- show ip dhcp configuration
- show ip dhcp conflict
- show ip dhcp lease
- show ip dhcp server statistics
- Configure Secure DHCP and DHCP Relay
- arp inspection
- arp inspection-trust
- clear ip dhcp snooping
- ip dhcp relay information-option
- ip dhcp relay source-interface
- ipv6 dhcp relay source-interface
- ip dhcp snooping
- ip dhcp snooping binding
- ip dhcp snooping database
- ip dhcp snooping database renew
- ip dhcp snooping trust
- ip dhcp snooping verify mac-address
- ip dhcp snooping vlan
- ip dhcp source-address-validation
- show ip dhcp binding
- show ip dhcp snooping
- Configure a DHCP Server and DHCP Clients
- Equal Cost Multi-Path (ECMP)
- FCoE Transit
- clear fip-snooping database interface vlan
- clear fip-snooping statistics
- debug fip snooping
- debug fip snooping rx
- feature fip-snooping
- fip-snooping enable
- fip-snooping fc-map
- fip-snooping max-sessions-per-enodemac
- fip-snooping port-mode fcf
- fip-snooping port-mode fcoe-trusted
- show fip-snooping config
- show fip-snooping enode
- show fip-snooping fcf
- show fip-snooping sessions
- show fip-snooping statistics
- show fip-snooping system
- show fip-snooping vlan
- FIPS Cryptography
- Flex Hash and Optimized Boot-Up
- Force10 OS Resilient Ring Protocol (FRRP)
- GARP VLAN Registration (GVRP)
- High Availability (HA)
- ICMP Message Types
- Interfaces
- Basic Interface Commands
- clear counters
- clear dampening
- combo-port-type
- combo-port-type
- dampening
- description
- default interface
- encapsulation dot1q
- flowcontrol
- interface
- interface loopback
- interface ManagementEthernet
- interface null
- interface range
- interface range macro (define)
- interface range macro name
- interface vlan
- keepalive
- linecard portmode
- monitor interface
- mtu
- portmode hybrid
- rate-interval
- rate-interval (Configuration Mode)
- show config
- show config (from INTERFACE RANGE mode)
- show interfaces
- show interfaces configured
- show interfaces dampening
- show interfaces phy
- show interfaces status
- show interfaces switchport
- show interfaces transceiver
- show interfaces vlan
- show range
- show running-config ecmp-group
- shutdown
- speed (for 10/100/1000/10000 interfaces)
- speed (Management interface)
- switchport
- wavelength
- Egress Interface Selection (EIS) Commands
- Port Channel Commands
- HiGig Port Channel Commands
- Time Domain Reflectometer (TDR) Commands
- Basic Interface Commands
- Intermediate System to Intermediate System (IS-IS)
- adjacency-check
- advertise
- area-password
- clear isis
- clns host
- debug isis
- debug isis adj-packets
- debug isis graceful-restart
- debug isis local-updates
- debug isis snp-packets
- debug isis spf-triggers
- debug isis update-packets
- default-information originate
- description
- distance
- distribute-list in
- distribute-list out
- distribute-list redistributed-override
- domain-password
- graceful-restart ietf
- graceful-restart interval
- graceful-restart restart-wait
- graceful-restart t1
- graceful-restart t2
- graceful-restart t3
- hello padding
- hostname dynamic
- ignore-lsp-errors
- ip router isis
- ipv6 router isis
- isis circuit-type
- isis csnp-interval
- isis hello-interval
- isis hello-multiplier
- isis hello padding
- isis ipv6 metric
- isis metric
- isis network point-to-point
- isis password
- isis priority
- is-type
- log-adjacency-changes
- lsp-gen-interval
- lsp-mtu
- lsp-refresh-interval
- max-area-addresses
- max-lsp-lifetime
- maximum-paths
- metric-style
- multi-topology
- net
- passive-interface
- redistribute
- redistribute bgp
- redistribute ospf
- router isis
- set-overload-bit
- show config
- show isis database
- show isis graceful-restart detail
- show isis hostname
- show isis interface
- show isis neighbors
- show isis protocol
- show isis traffic
- spf-interval
- Internet Group Management Protocol (IGMP)
- IGMP Commands
- clear ip igmp groups
- debug ip igmp
- ip igmp access-group
- ip igmp group-join-limit
- ip igmp immediate-leave
- ip igmp last-member-query-interval
- ip igmp querier-timeout
- ip igmp query-interval
- ip igmp query-max-resp-time
- ip igmp ssm-map
- ip igmp static-group
- ip igmp version
- show ip igmp groups
- show ip igmp interface
- show ip igmp ssm-map
- IGMP Snooping Commands
- IGMP Commands
- Internet Protocol Security (IPSec)
- IPv4 Routing
- arp
- arp backoff-time
- arp learn-enable
- arp retries
- arp timeout
- clear arp-cache
- clear host
- clear ip fib linecard
- clear ip route
- clear ip traffic
- clear tcp statistics
- debug arp
- debug ip dhcp
- debug ip icmp
- debug ip packet
- deny arp (for Extended MAC ACLs)
- icmp6-redirect enable
- ip address
- ip directed-broadcast
- ip domain-list
- ip domain-lookup
- ip domain-name
- ip helper-address hop-count disable
- ip host
- ip max-frag-count
- ip name-server
- ip proxy-arp
- ip route
- ip source-route
- ip unreachables
- ipv4 unicast-host-route
- load-balance
- management route
- show arp
- show arp retries
- show hosts
- show ip cam linecard
- show ip fib linecard
- show ip flow
- show ip interface
- show ip management-route
- show ipv6 management-route
- show ip protocols
- show ip route
- show ip route list
- show ip route summary
- show ip traffic
- show tcp statistics
- IPv6 Access Control Lists (IPv6 ACLs)
- cam-acl
- cam-acl-egress
- clear counters ipv6 access-group
- deny (for IPv6 ACLs)
- deny icmp (for Extended IPv6 ACLs)
- deny tcp (for IPv6 ACLs)
- deny udp (for IPv6 ACLs)
- ipv6 access-list
- ipv6 control-plane egress-filter
- permit (for IPv6 ACLs)
- permit icmp (for IPv6 ACLs)
- permit tcp (for IPv6 ACLs)
- permit udp (for IPv6 ACLs)
- seq (for IPv6 ACLs)
- show cam-usage
- show ipv6 access-list
- show ipv6 accounting access-list
- show running-config
- IPv6 Basics
- cam-ipv6 extended-prefix
- clear ipv6 fib
- clear ipv6 mld_host
- clear ipv6 neighbors
- ipv6 address
- ipv6 address autoconfig
- ipv6 address eui64
- ipv6 control-plane icmp error-rate-limit
- ipv6 flowlabel-zero
- ipv6 host
- ipv6 name-server
- ipv6 nd dad attempts
- ipv6 nd disable-reachable-timer
- ipv6 nd dns-server
- ipv6 nd prefix
- ipv6 neighbor
- ipv6 route
- ipv6 unicast-host-route
- ipv6 unicast-routing
- show cam-ipv6 extended-prefix
- show ipv6 cam linecard
- show ipv6 control-plane icmp
- show ipv6 fib linecard
- show ipv6 flowlabel-zero
- show ipv6 interface
- show ipv6 mld_host
- show ipv6 neighbors
- show ipv6 route
- iSCSI Optimization
- Layer 2
- MAC Addressing Commands
- clear mac-address-table
- mac-address-table aging-time
- mac-address-table disable-learning
- mac-address-table static
- mac-address-table station-move refresh-arp
- mac-address-table station-move threshold
- mac learning-limit
- mac learning-limit learn-limit-violation
- mac learning-limit mac-address-sticky
- mac learning-limit station-move-violation
- mac learning-limit reset
- mac port-security
- show cam mac linecard (dynamic or static)
- show mac-address-table
- show mac-address-table aging-time
- show mac learning-limit
- Virtual LAN (VLAN) Commands
- Far-End Failure Detection (FEFD)
- MAC Addressing Commands
- Link Aggregation Control Protocol (LACP)
- Link Layer Discovery Protocol (LLDP)
- LLPD Commands
- advertise dot1-tlv
- advertise dot3-tlv
- advertise interface-port-desc
- advertise dot3-tlv
- advertise management-tlv
- advertise management-tlv (Interface)
- clear lldp counters
- clear lldp neighbors
- debug lldp interface
- disable
- hello
- management-interface
- mode
- multiplier
- protocol lldp (Configuration)
- protocol lldp (Interface)
- show lldp neighbors
- show lldp statistics
- show management-interface
- show running-config lldp
- snmp-notification-interval
- LLDP-MED Commands
- LLPD Commands
- Multicast
- Multicast Listener Discovery Protocol
- Multicast Source Discovery Protocol (MSDP)
- clear ip msdp peer
- clear ip msdp sa-cache
- clear ip msdp statistic
- debug ip msdp
- ip msdp cache-rejected-sa
- ip msdp default-peer
- ip msdp log-adjacency-changes
- ip msdp mesh-group
- ip msdp originator-id
- ip msdp peer
- ip msdp redistribute
- ip msdp sa-filter
- ip msdp sa-limit
- ip msdp shutdown
- ip multicast-msdp
- show ip msdp
- show ip msdp sa-cache rejected-sa
- Multiple Spanning Tree Protocol (MSTP)
- Neighbor Discovery Protocol (NDP)
- Object Tracking
- Open Shortest Path First (OSPFv2 and OSPFv3)
- OSPFv2 Commands
- area default-cost
- area nssa
- area range
- area stub
- auto-cost
- clear ip ospf
- clear ip ospf statistics
- debug ip ospf
- default-information originate
- default-metric
- description
- distance
- distance ospf
- distribute-list in
- distribute-list out
- enable inverse-mask
- fast-convergence
- graceful-restart grace-period
- graceful-restart helper-reject
- graceful-restart mode
- graceful-restart role
- ip ospf auth-change-wait-time
- ip ospf authentication-key
- ip ospf cost
- ip ospf dead-interval
- ip ospf hello-interval
- ip ospf message-digest-key
- ip ospf mtu-ignore
- ip ospf network
- ip ospf priority
- ip ospf retransmit-interval
- ip ospf transmit-delay
- log-adjacency-changes
- maximum-paths
- network area
- passive-interface
- redistribute
- redistribute bgp
- redistribute isis
- router-id
- router ospf
- show config
- show ip ospf
- show ip ospf asbr
- show ip ospf database
- show ip ospf database asbr-summary
- show ip ospf database external
- show ip ospf database network
- show ip ospf database nssa-external
- show ip ospf database opaque-area
- show ip ospf database opaque-as
- show ip ospf database opaque-link
- show ip ospf database router
- show ip ospf database summary
- show ip ospf interface
- show ip ospf neighbor
- show ip ospf routes
- show ip ospf statistics
- show ip ospf timers rate-limit
- show ip ospf topology
- summary-address
- timers spf
- timers throttle lsa all
- timers throttle lsa arrival
- OSPFv3 Commands
- area authentication
- area encryption
- area nssa
- auto-cost
- clear ipv6 ospf process
- clear ipv6 route
- debug ipv6 ospf bfd
- debug ipv6 ospf events
- debug ipv6 ospf packet
- debug ipv6 ospf spf
- default-information originate
- graceful-restart grace-period
- graceful-restart mode
- ipv6 neighbor
- ipv6 ospf area
- ipv6 ospf authentication
- ipv6 ospf bfd all-neighbors
- ipv6 ospf cost
- ipv6 ospf dead-interval
- ipv6 ospf encryption
- ipv6 ospf graceful-restart helper-reject
- ipv6 ospf hello-interval
- ipv6 ospf priority
- ipv6 router ospf
- maximum-paths
- passive-interface
- redistribute
- router-id
- show crypto ipsec policy
- show crypto ipsec sa ipv6
- show ipv6 ospf interface
- show ipv6 ospf database
- show ipv6 ospf neighbor
- snmp context
- OSPFv2 Commands
- PE Console Commands
- PE Stacking
- Per-VLAN Spanning Tree Plus (PVST+)
- PIM-Source Specific Mode (PIM-SSM)
- PIM-Sparse Mode (PIM-SM)
- IPv4 PIM-Sparse Mode Commands
- clear ip pim rp-mapping
- clear ip pim tib
- debug ip pim
- ip pim bsr-border
- ip pim bsr-candidate
- ip pim dr-priority
- ip pim graceful-restart
- ip pim join-filter
- ip pim ingress-interface-map
- ip pim neighbor-filter
- ip pim query-interval
- ip pim register-filter
- ip pim rp-address
- ip pim rp-candidate
- ip pim sparse-mode
- ip pim spt-threshold
- ip pim sparse-mode sg-expiry-timer
- show ip pim bsr-router
- show ip pim snooping neighbor
- show ip pim interface
- show ip pim neighbor
- show ip pim rp
- show ip pim snooping interface
- show ip pim summary
- show ip pim tib
- show running-config pim
- IPv6 PIM-Sparse Mode Commands
- clear ipv6 pim tib
- debug ipv6 pim
- ipv6 pim bsr-border
- ipv6 pim bsr-candidate
- ipv6 pim dr-priority
- ipv6 pim query-interval
- ipv6 pim rp-address
- ipv6 pim rp-candidate
- ipv6 pim sparse-mode
- ipv6 pim sparse-mode sg-expiry-timer
- ipv6 pim spt-threshold
- show ipv6 pim bsr-router
- show ipv6 pim interface
- show ipv6 pim neighbor
- show ipv6 pim rp
- show ipv6 pim summary
- show ipv6 pim tib
- IPv4 PIM-Sparse Mode Commands
- Policy-based Routing (PBR)
- Port Extenders (PE)
- Port Monitoring
- Private VLAN (PVLAN)
- Quality of Service (QoS)
- Global Configuration Commands
- Per-Port QoS Commands
- Policy-Based QoS Commands
- bandwidth-percentage
- buffer-stats-snapshot
- class-map
- clear qos statistics
- description
- match ip access-group
- match ip dscp
- match ip precedence
- match ip vlan
- match mac access-group
- match mac dot1p
- match mac vlan
- policy-aggregate
- policy-map-input
- policy-map-output
- qos-policy-input
- qos-policy-output
- rate-police
- rate-shape
- service-class buffer shared-threshold-weight
- service-policy input
- service-policy output
- service-queue
- set
- show qos class-map
- show qos policy-map
- show qos policy-map-input
- show qos policy-map-output
- show qos qos-policy-input
- show qos qos-policy-output
- show qos statistics
- show qos wred-profile
- threshold
- trust
- wred
- wred weight
- wred ecn
- wred-profile
- show hardware
- DSCP Color Map Commands
- Rapid Spanning Tree Protocol (RSTP)
- Remote Monitoring (RMON)
- Routing Information Protocol (RIP)
- auto-summary
- clear ip rip
- debug ip rip
- default-information originate
- default-metric
- description
- distance
- distribute-list in
- distribute-list out
- ip poison-reverse
- ip rip receive version
- ip rip send version
- ip split-horizon
- maximum-paths
- neighbor
- network
- offset-list
- output-delay
- passive-interface
- redistribute
- redistribute isis
- redistribute ospf
- router rip
- show config
- show ip rip database
- show running-config rip
- timers basic
- version
- Security
- Role-Based Access Control Commands
- AAA Accounting Commands
- Authorization and Privilege Commands
- Authentication and Password Commands
- aaa authentication enable
- aaa authentication login
- aaa reauthenticate enable
- access-class
- enable password
- enable sha256-password
- enable restricted
- enable secret
- login authentication
- password
- password-attributes
- service obscure-passwords
- service password-encryption
- secure-cli enable
- show privilege
- show users
- timeout login response
- username
- RADIUS Commands
- aaa radius auth-method
- client
- client-key
- coa-bounce-port
- coa-disable-port
- coa-reauthenticate
- debug radius
- da-rsp-timeout
- disconnect-user
- dynamic-auth-enable
- ip radius source-interface
- port
- radius dynamic-auth
- radius-server deadtime
- radius-server host
- radius-server key
- radius-server retransmit
- radius-server timeout
- rate-limit
- replay-protection-window
- terminate-session
- TACACS+ Commands
- Port Authentication (802.1X) Commands
- dot1x authentication (Configuration)
- dot1x authentication (Interface)
- dot1x auth-fail-vlan
- dot1x auth-server
- dot1x guest-vlan
- dot1x mac-auth-bypass
- dot1x max-eap-req
- dot1x port-control
- dot1x quiet-period
- dot1x reauthentication
- dot1x reauth-max
- dot1x server-timeout
- dot1x supplicant-timeout
- dot1x tx-period
- show dot1x interface
- SSH Server and SCP Commands
- crypto cert generate
- crypto key generate
- crypto key zeroize rsa
- debug ip ssh
- ip scp topdir
- ip ssh authentication-retries
- ip ssh challenge–response–authentication
- ip ssh cipher
- ip ssh connection-rate-limit
- ip ssh hostbased-authentication
- ip ssh key-size
- ip ssh mac
- ip ssh password-authentication
- ip ssh pub-key-file
- ip ssh mac
- ip ssh rekey
- ip ssh rhostsfile
- ip ssh rsa-authentication (Config)
- ip ssh rsa-authentication (EXEC)
- ip ssh server
- ip ssh server dns enable
- ip ssh source-interface
- show crypto
- show ip ssh
- show ip ssh client-pub-keys
- show ip ssh rsa-authentication
- ssh
- Secure DHCP Commands
- ICMP Vulnerabilities
- System Security Commands
- Service Provider Bridging
- sFlow
- Simple Network Management Protocol (SNMP) and Syslog
- SNMP Commands
- show snmp
- show snmp engineID
- show snmp group
- show snmp supported-mibs
- show snmp supported-traps
- show snmp user
- snmp context
- snmp ifmib ifalias long
- snmp mib community-map
- snmp-server contact
- snmp-server context
- snmp-server community
- snmp-server enable traps
- snmp-server engineID
- snmp-server group
- snmp-server host
- snmp-server location
- snmp-server packetsize
- snmp-server trap-source
- snmp-server user
- snmp-server view
- snmp-server vrf
- snmp trap link-status
- Syslog Commands
- clear logging
- clear logging auditlog
- default logging buffered
- default logging console
- default logging monitor
- default logging trap
- logging
- logging buffered
- logging console
- logging coredump stack-unit
- logging extended
- logging facility
- logging history
- logging history size
- logging monitor
- logging on
- logging source-interface
- logging synchronous
- logging trap
- logging version
- show logging
- show logging auditlog
- show logging driverlog
- show logging kernellog
- terminal monitor
- SNMP Commands
- SNMP Traps
- Spanning Tree Protocol (STP)
- Storm Control
- show storm-control broadcast
- show storm-control multicast
- show storm-control unknown-unicast
- storm-control broadcast (Configuration)
- storm-control broadcast (Interface)
- storm-control multicast (Configuration)
- storm-control multicast (Interface)
- storm-control pfc-llfc
- storm-control unknown-unicast (Configuration)
- storm-control unknown-unicast (Interface)
- SupportAssist
- System Time and Date
- clock set
- clock summer-time date
- clock summer-time recurring
- clock timezone
- debug ntp
- ntp authenticate
- ntp authentication-key
- ntp control-key-passwd
- ntp broadcast client
- ntp disable
- ntp master
- ntp offset-threshold
- ntp server
- ntp source
- ntp trusted-key
- show clock
- show ntp associations
- show ntp status
- show ntp vrf associations
- Tunneling Commands
- Uplink Failure Detection (UFD)
- Virtual Link Trunking (VLT)
- back-up destination
- clear vlt statistics
- delay-restore
- lacp ungroup member-independent
- multicast peer-routing timeout
- peer-link port-channel
- peer-routing
- peer-routing-timeout
- primary-priority
- show vlt brief
- show vlt backup-link
- show vlt counters
- show vlt detail
- show vlt inconsistency
- show vlt mismatch
- show vlt private-vlan
- show vlt role
- show vlt statistics
- system-mac
- unit-id
- vlt domain
- vlt-peer-lag port-channel
- VLT Proxy Gateway
- Virtual Router Redundancy Protocol (VRRP)
- Virtual Routing and Forwarding (VRF)
- VLAN Stacking
- X.509v3
Chapter 6: Access Control Lists (ACL).......................................................................................216
Commands Common to all ACL Types....................................................................................................................... 216
remark...........................................................................................................................................................................216
show config................................................................................................................................................................. 218
Common IP ACL Commands.........................................................................................................................................219
clear counters ip access-group.............................................................................................................................. 219
ip access-group......................................................................................................................................................... 220
ip control-plane egress-filter...................................................................................................................................221
show ip accounting access-list.............................................................................................................................. 222
Standard IP ACL Commands........................................................................................................................................223
deny.............................................................................................................................................................................. 223
feature acloptimized.................................................................................................................................................225
ip access-list standard............................................................................................................................................. 225
permit...........................................................................................................................................................................226
resequence access-list.............................................................................................................................................228
resequence prefix-list ipv4......................................................................................................................................229
seq................................................................................................................................................................................ 229
show ip access-lists...................................................................................................................................................231
Extended IP ACL Commands....................................................................................................................................... 232
deny.............................................................................................................................................................................. 233
deny icmp....................................................................................................................................................................234
deny tcp.......................................................................................................................................................................237
deny udp......................................................................................................................................................................240
ip access-list extended............................................................................................................................................ 242
permit...........................................................................................................................................................................243
permit icmp.................................................................................................................................................................245
permit tcp................................................................................................................................................................... 246
permit udp...................................................................................................................................................................249
resequence prefix-list ipv4...................................................................................................................................... 251
seq................................................................................................................................................................................ 252
ACL VLAN Group Commands...................................................................................................................................... 254
acl-vlan-group............................................................................................................................................................254
cam-acl-vlan...............................................................................................................................................................255
description (ACL VLAN Group).............................................................................................................................256
ip access-group (ACL VLAN Group)....................................................................................................................256
member vlan (ACL VLAN Group)..........................................................................................................................257
show acl-vlan-group ................................................................................................................................................257
show cam-acl-vlan....................................................................................................................................................258
show running config acl-vlan-group.....................................................................................................................259
Common MAC ACL Commands.................................................................................................................................. 260
clear counters mac access-group.........................................................................................................................260
mac control-plane egress-acl..................................................................................................................................261
mac access-group..................................................................................................................................................... 261
show mac access-lists............................................................................................................................................. 262
show mac accounting access-list......................................................................................................................... 264
Standard MAC ACL Commands.................................................................................................................................. 265
deny..............................................................................................................................................................................265
mac access-list standard.........................................................................................................................................266
permit........................................................................................................................................................................... 267
6
Contents