2CSPC4.XModular-SWUM201.
CSPC4.XModular-SWUM201.book Page 2 Monday, October 3, 2011 2:21 PM Notes NOTE: A NOTE indicates important information that helps you make better use of your computer. ____________________ Information in this publication is subject to change without notice. © 2011 Dell Inc. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.
2CSPC4.XModular-SWUM201.book Page 3 Monday, October 3, 2011 2:21 PM Contents 1 Command Groups Introduction . . . . . . . . . . . . . . . . . . 75 . . . . . . . . . . . . . . . . . . . . . . . 75 Command Groups Mode Types . . . . . . . . . . . . . . . . . . . . 76 . . . . . . . . . . . . . . . . . . . . . . . 79 Layer 2 Commands . Data Center Technology Commands. . . . . . . . . . . 116 . . . . . . . . . . . . . . . . . . . 118 . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 4 Monday, October 3, 2011 2:21 PM 3 Layer 2 Switching Commands . . . . . . . . 239 4 AAA Commands . . . . . . . . . . . . . . . . . . . 241 Commands in this Chapter . . . . . . . . . . . . . . . aaa authentication dot1x default . . . . . . . . . . . 242 . . . . . . . . . . . . . . 244 . . . . . . . . . . . . . . . 245 aaa authentication enable . aaa authentication login . aaa authorization network default radius . . . . . . . 247 . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 5 Monday, October 3, 2011 2:21 PM show users accounts show users login-history username . . . . . . . . . . . . . . . . . 262 . . . . . . . . . . . . . . . . . . . . . . . . 263 username password encrypted username unlock 5 260 . . . . . . . . . . . . . . . . . . ACL Commands ACL Logging . . . . . . . . . . . . . 264 . . . . . . . . . . . . . . . . . . . . 266 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 6 Monday, October 3, 2011 2:21 PM 6 Address Table Commands . . . . . . . . . . . 287 . . . . . . . . . . . . . . 287 . . . . . . . . . . . . . . . 288 Commands in this Chapter . clear mac address-table . mac address-table aging-time . . . . . . . . . . . . . mac address-table multicast filtering . . . . . . . . . mac address-table multicast forbidden address 289 290 . . . 291 . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 7 Monday, October 3, 2011 2:21 PM show mac address-table interface . . . . . . . . . . . 307 show mac address-table static . . . . . . . . . . . . . 308 show mac address-table vlan . . . . . . . . . . . . . . 309 . . . . . . . . . . . . . . . . . . . 310 show ports security show ports security addresses 7 Auto-VoIP Commands Commands in this Chapter . show switchport voice . . . . . . . . . . . . . . 313 . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 8 Monday, October 3, 2011 2:21 PM show isdp neighbors . show isdp traffic . 9 . . . . . . . . . . . . . . . . . 327 . . . . . . . . . . . . . . . . . . . 329 DHCP Layer 2 Relay Commands . Commands in this Chapter . . . . . . . 331 . . . . . . . . . . . . . . 331 dhcp l2relay (Global Configuration) . . . . . . . . . . dhcp l2relay (Interface Configuration). . . . . . . . . 332 dhcp l2relay circuit-id . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 9 Monday, October 3, 2011 2:21 PM 10 DHCP Management Interface Commands . . . . . . . . . . . . . . . Commands in this Chapter . 347 . . . . . . . . . . . . . . . 347 . . . . . . . . . . . . . . . . . . . . . . 348 . . . . . . . . . . . . . . . . . . . . . . . 349 release dhcp . renew dhcp . . . . . . . . debug dhcp packet show dhcp lease . . . . . . . . . . . . . . . . . . . . 350 . . . . . . . . . . . . . . . . . . . . 351 11 DHCP Snooping Commands .
2CSPC4.XModular-SWUM201.book Page 10 Monday, October 3, 2011 2:21 PM show ip dhcp snooping database . . . . . . . . . . . show ip dhcp snooping interfaces show ip dhcp snooping statistics . . . . . . . . . . 367 . . . . . . . . . . . 368 12 Dynamic ARP Inspection Commands . . . 371 . . . . . . . . . . . . . . 371 . . . . . . . . . . . . . . . . . . . . . 371 Commands in this Chapter . arp access-list clear ip arp inspection statistics . . . . . . . . . . . 372 ip arp inspection filter .
2CSPC4.XModular-SWUM201.book Page 11 Monday, October 3, 2011 2:21 PM logging traps . logging email message-type to-addr logging email from-addr . . . . . . . . . . . 390 . . . . . . . . . . . . . . . . 391 logging email message-type subject logging email logtime . . . . . . . . . . 391 . . . . . . . . . . . . . . . . . . 392 logging email test message-type . . . . . . . . . . . . 393 . . . . . . . . . . . . . 394 . . . . . . . . . . . . . . 394 . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 12 Monday, October 3, 2011 2:21 PM interface range . mtu . . . . . . . . . . . . . . . . . . . . 406 . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 show interfaces advertise . . . . . . . . . . . . . . . show interfaces configuration. show interfaces counters . . . . . . . . . . . . 410 . . . . . . . . . . . . . . . 412 show interfaces description . . . . . . . . . . . . . . 415 show interfaces detail . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 13 Monday, October 3, 2011 2:21 PM ethernet cfm domain . service . . . . . . . . . . . . . . . . . . 438 . . . . . . . . . . . . . . . . . . . . . . . . . . 439 ethernet cfm cc level 440 . . . . . . . . . . . . . . . . . . ethernet cfm mep level 441 . . . . . . . . . . . . . . . . . ethernet cfm mep enable . . . . . . . . . . . . . . . . 442 ethernet cfm mep active . . . . . . . . . . . . . . . . . 443 ethernet cfm mep archive-hold-time . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 14 Monday, October 3, 2011 2:21 PM gvrp enable (interface) . . . . . . . . . . . . . . . . . 460 gvrp registration-forbid . . . . . . . . . . . . . . . . 461 gvrp vlan-creation-forbid . . . . . . . . . . . . . . . 462 show gvrp configuration . . . . . . . . . . . . . . . . 462 show gvrp error-statistics . . . . . . . . . . . . . . . 464 . . . . . . . . . . . . . . . . . . 465 show gvrp statistics 17 IGMP Snooping Commands . . . . . . . . . . 467 . . .
2CSPC4.XModular-SWUM201.book Page 15 Monday, October 3, 2011 2:21 PM ip igmp snooping maxresponse . ip igmp snooping mcrtrexpiretime ip igmp snooping querier . . . 481 . . . . . . . . . . . . . . . 481 . . . . . . . . . . . . . . . . 481 ip igmp snooping querier election participate . . . . . 483 . . . . . . . . 484 . . . . . . . . . 485 . . . . . . . . . . . 485 . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 16 Monday, October 3, 2011 2:21 PM ip domain-name ip host . . . . . . . . . . . . . . . . . . . . 497 . . . . . . . . . . . . . . . . . . . . . . . . . 498 ip name-server . . . . . . . . . . . . . . . . . . . . . ipv6 address (Interface Config) . . . . . . . . . . . . 499 . . . . . . . . . . . . . . . . 501 . . . . . . . . . . . . . . . . . . . 502 ipv6 address (OOB Port) ipv6 address dhcp ipv6 enable (Interface Config) . ipv6 enable (OOB Config) . . . . .
2CSPC4.XModular-SWUM201.book Page 17 Monday, October 3, 2011 2:21 PM 21 IPv6 MLD Snooping Commands . Commands in this Chapter . . . . . . . ipv6 mld snooping maxresponse 524 . . . . . . . . . . ipv6 mld snooping groupmembership-interval . . . . . 525 . . . . . . . . . . . . 525 ipv6 mld snooping mcrtexpiretime . . . . . . . . . . . 526 . . . . . . . . . . . . . . . 527 ipv6 mld snooping (Interface) . . . . . . . . . . . . . . 528 . . . . . . . . . . . . . . . 529 . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 18 Monday, October 3, 2011 2:21 PM 23 IP Source Guard Commands . . . . . . . . . 543 . . . . . . . . . . . . . . 543 . . . . . . . . . . . . . . . . . . . . 543 Commands in this Chapter . ip verify source . ip verify source port-security ip verify binding . . . . . . . . . . . . . 544 . . . . . . . . . . . . . . . . . . . . 545 show ip verify interface . . . . . . . . . . . . . . . . show ip verify source interface show ip source binding . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 19 Monday, October 3, 2011 2:21 PM add gigabitethernet add tengigabitethernet . . . . . . . . . . . . . . . . . 563 . . . . . . . . . . . . . . . . . . . . 564 . . . . . . . . . . . . . . . . . . . . . . . 565 add port-channel . depends-on. show link-dependency 26 LLDP Commands . . . . . . . . . . . . . . . . . . 570 . . . . . . . . . . . . . . . . . 570 . . . . . . . . . . . . . . . . . . . 571 . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 20 Monday, October 3, 2011 2:21 PM 27 Multicast VLAN Registration Commands . . . . . . . . . . . . . . . . . . . . . . . 585 . . . . . . . . . . . . . . 586 . . . . . . . . . . . . . . . . . . . . . . . . . . . 586 Commands in this Chapter . mvr mvr group . . . . . . . . . . . . . . . . . . . . . . . . 587 mvr mode . . . . . . . . . . . . . . . . . . . . . . . . 588 mvr querytime mvr vlan . . . . . . . . . . . . . . . . . . . . . 588 . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 21 Monday, October 3, 2011 2:21 PM port-aggregator group . show bridge address-table speed . 605 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606 . . . . . . . . . . . . . . . . . . . . . . . . . . 607 29 Port Channel Commands Static LAGS . . . . . . . . . . . . 609 . . . . . . . . . . . . . . . . . . . . . . . VLANs and LAGs . 609 . . . . . . . . . . . . . . . . . . . . 610 . . . . . . . . . . . . . . . . . . . . . 610 Port Channels .
2CSPC4.XModular-SWUM201.book Page 22 Monday, October 3, 2011 2:21 PM lacp static . . . . . . . . . . . . . . . . . . . . . . . lacp system-priority . . . . . . . . . . . . . . . . . . 620 . . . . . . . . . . . . . . . . . . . . . . 621 . . . . . . . . . . . . . . . . . . . . . . . . . 622 lacp timeout no lacp port-channel min-links. . . . . . . . . . . . . . . . . show interfaces port-channel . show lacp 623 . . . . . . . . . . . . . . . . . . . . . . . 624 . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 23 Monday, October 3, 2011 2:21 PM assign-queue. class . . . . . . . . . . . . . . . . . . . . . . 639 . . . . . . . . . . . . . . . . . . . . . . . . . . . 640 class-map . . . . . . . . . . . . . . . . . . . . . . . . class-map rename . . . . . . . . . . . . . . . . . . . . classofservice dot1p-mapping . . . . . . . . . . . . . classofservice ip-dscp-mapping 641 642 . . . . . . . . . . . . 643 . . . . . . . . . . . . . . . . . . . 644 . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 24 Monday, October 3, 2011 2:21 PM match dstl4port . . . . . . . . . . . . . . . . . . . . . 657 match ethertype . . . . . . . . . . . . . . . . . . . . 658 match ip6flowlbl . match ip dscp . . . . . . . . . . . . . . . . . . . 658 . . . . . . . . . . . . . . . . . . . . . 659 match ip precedence. match ip tos . . . . . . . . . . . . . . . . . 660 . . . . . . . . . . . . . . . . . . . . . . 661 match protocol . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 25 Monday, October 3, 2011 2:21 PM show diffserv. 679 . . . . . . . . . . . . . . . . . . . . . . show diffserv service interface . 680 . . . . . . . . . . . . show diffserv service interface port-channel . . . . . 681 show diffserv service brief . . . . . . . . . . . . . . . 682 show interfaces cos-queue . . . . . . . . . . . . . . . 682 show interfaces random-detect . show policy-map . . . . . . . . . . . . 685 . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 26 Monday, October 3, 2011 2:21 PM priority . . . . . . . . . . . . . . . . . . . . . . . . . radius-server deadtime . . . . . . . . . . . . . . . . 702 radius-server host . . . . . . . . . . . . . . . . . . . 703 radius-server key . . . . . . . . . . . . . . . . . . . 704 radius-server retransmit . . . . . . . . . . . . . . . . 705 . . . . . . . . . . . . . . . . 705 . . . . . . . . . . . . . . . . . 706 . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 27 Monday, October 3, 2011 2:21 PM show spanning-tree summary . spanning-tree . . . . . . . . . . . . . 729 . . . . . . . . . . . . . . . . . . . . . . 731 spanning-tree auto-portfast . . . . . . . . . . . . . . . 732 spanning-tree bpdu flooding . . . . . . . . . . . . . . 732 spanning-tree bpdu-protection spanning-tree cost . . . . . . . . . . . . . . 733 . . . . . . . . . . . . . . . . . . . 734 spanning-tree disable . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 28 Monday, October 3, 2011 2:21 PM spanning-tree priority . . . . . . . . . . . . . . . . . spanning-tree tcnguard . . . . . . . . . . . . . . . . spanning-tree transmit hold-count 34 TACACS+ Commands 748 . . . . . . . . . . 749 . . . . . . . . . . . . . . . 751 Commands in this Chapter . . . . . . . . . . . . . . . 752 key . . . . . . . . . . . . . . . . . . . . . . . . . . . 752 port . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 29 Monday, October 3, 2011 2:21 PM dvlan-tunnel ethertype . interface vlan . . . . . . . . . . . . . . . . . 762 . . . . . . . . . . . . . . . . . . . . . . 763 interface range vlan . . . . . . . . . . . . . . . . . . . 764 mode dvlan-tunnel . . . . . . . . . . . . . . . . . . . . 765 name (VLAN Configuration) protocol group . . . . . . . . . . . . . . . 766 . . . . . . . . . . . . . . . . . . . . . . 767 protocol vlan group . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 30 Monday, October 3, 2011 2:21 PM switchport general pvid . . . . . . . . . . . . . . . . 784 . . . . . . . . . . . . . . . . . . . 785 . . . . . . . . . . . . . . . . . . . . 786 . . . . . . . . . . . . . . . . . . . . . . . . . . 788 switchport mode . switchport trunk vlan . vlan (Global Config) . . . . . . . . . . . . . . . . . . vlan association mac . . . . . . . . . . . . . . . . . vlan association subnet vlan database 790 . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 31 Monday, October 3, 2011 2:21 PM 37 802.1x Commands . . . . . . . . . . . . . . . . . Local 802.1X Authentication Server . . . . . . . . . . . 805 . . . . . . . . . . . . . . 806 . . . . . . . . . . . . . . . . . . . . . . . 807 MAC Authentication Bypass. Guest VLAN 805 802.1x Monitor Mode . . . . . . . . . . . . . . . . . . RADIUS-based Dynamic VLAN Assignment 807 . . . . . . 808 Commands in this Chapter . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 32 Monday, October 3, 2011 2:21 PM dot1x timeout tx-period show dot1x . . . . . . . . . . . . . . . . . 821 . . . . . . . . . . . . . . . . . . . . . . 822 show dot1x authentication-history show dot1x clients . . . . . . . . . . . 823 . . . . . . . . . . . . . . . . . . 825 show dot1x interface. . . . . . . . . . . . . . . . . . 827 show dot1x statistics . . . . . . . . . . . . . . . . . 829 . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 33 Monday, October 3, 2011 2:21 PM lldp tlv-select dcbxp . . . . . . . . . . . . . . . . . . . 848 lldp dcbx port-role . . . . . . . . . . . . . . . . . . . . 849 show lldp tlv-select . . . . . . . . . . . . . . . . . . . 850 . . . . . . . . . . . . . . . . . . . . . 852 show lldp dcbx . 40 FIP Snooping Commands . Setting Up FIP Snooping . . . . . . . . . . . . 859 859 . . . . . . . . . . . . . . . . Commands in this Chapter . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 34 Monday, October 3, 2011 2:21 PM priority-flow-control mode . . . . . . . . . . . . . . priority-flow-control priority. . . . . . . . . . . . . . clear priority-flow-control statistics . . . . . . . . . show interfaces priority-flow-control . . . . . . . . . . . . . . . . . 899 . . . . . . . . . . . . . . . . . . . 901 . . . . . . . . . . . . . . . . . . . . . . . 902 Commands in this Chapter . . . . . . . . . . . . . . . 902 . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 35 Monday, October 3, 2011 2:21 PM 44 DHCP Server and Relay Agent Commands . . . . . . . . . . . . . . . . Commands in this Chapter . 913 . . . . . . . . . . . . . . . 914 . . . . . . . . . . . . . . . . . . . . . . . 914 . . . . . . . . . . . . . . . . . . . . . . . . . 917 ip dhcp pool bootfile . . . . . . . . clear ip dhcp binding . . . . . . . . . . . . . . . . . . 918 clear ip dhcp conflict . . . . . . . . . . . . . . . . . . 919 . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 36 Monday, October 3, 2011 2:21 PM next-server . option . . . . . . . . . . . . . . . . . . . . . . . 933 . . . . . . . . . . . . . . . . . . . . . . . . . 934 service dhcp sntp . . . . . . . . . . . . . . . . . . . . . . . 938 . . . . . . . . . . . . . . . . . . . . . . . . . . 938 show ip dhcp binding . . . . . . . . . . . . . . . . . 939 show ip dhcp conflict . . . . . . . . . . . . . . . . . 940 show ip dhcp global configuration show ip dhcp pool . . .
2CSPC4.XModular-SWUM201.book Page 37 Monday, October 3, 2011 2:21 PM show ipv6 dhcp interface (Privileged EXEC) show ipv6 dhcp pool . . . . . . . 956 . . . . . . . . . . . . . . . . . . 959 show ipv6 dhcp statistics 46 DVMRP Commands . . . . . . . . . . . . . . . . Commands in this Chapter . ip dvmrp 960 . . . . . . . . . . . . . . . . 963 . . . . . . . . . . . . . . . 963 . . . . . . . . . . . . . . . . . . . . . . . . . 963 ip dvmrp metric show ip dvmrp . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 38 Monday, October 3, 2011 2:21 PM ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp last-member-query-count . . . . . . . . . . . ip igmp last-member-query-interval . ip igmp query-interval 978 . . . . . . . . . . . . . . . . . 979 . . . . . . . . . . 980 . . . . . . . . . . . . . . . . . . 980 ip igmp startup-query-count . . . . . . . . . . . . . . ip igmp startup-query-interval . 982 . . . . . . . . . . . . . . . . . . . . 983 . . . . .
2CSPC4.XModular-SWUM201.book Page 39 Monday, October 3, 2011 2:21 PM show ip igmp-proxy interface . show ip igmp-proxy groups . . . . . . . . . . . . . 995 . . . . . . . . . . . . . . . 996 show ip igmp-proxy groups detail 50 IP Helper/DHCP Relay Commands . Commands in this Chapter . . . . . 999 . . . . . . . . . . . . . . 1001 bootpdhcprelay maxhopcount . . . . . . . . . . . . . 1001 . . . . . . . . . . . . . 1002 . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 40 Monday, October 3, 2011 2:21 PM Static Reject Routes Default Routes . . . . . . . . . . . . . . . . . . 1018 . . . . . . . . . . . . . . . . . . . . . 1018 Commands in this Chapter . . . . . . . . . . . . . . . 1018 . . . . . . . . . . . . . . . . . . . . . 1019 . . . . . . . . . . . . . . . . . . . . . . . 1019 . . . . . . . . . . . . . . . . . . . . . . . . . 1021 encapsulation ip address ip mtu . ip netdirbcast. ip route . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 41 Monday, October 3, 2011 2:21 PM 52 IPv6 PIM Commands ipv6 pim . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 pim sparse (Global config) ipv6 pim dense . 1041 . . . . . . . . . . . . 1042 . . . . . . . . . . . . . . . . . . . . 1042 ipv6 pim bsr-border . . . . . . . . . . . . . . . . . . ipv6 pim bsr-candidate ipv6 pim dr-priority . 1044 . . . . . . . . . . . . . . . . . . 1045 . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 42 Monday, October 3, 2011 2:21 PM 53 IPv6 Routing Commands . . . . . . . . . . . IPv6 Limitations & Restrictions . . . . . . . . . . . . 1061 . . . . . . . . . . . . . . 1061 . . . . . . . . . . . . . . . . . 1063 . . . . . . . . . . . . . . . . . . 1063 ipv6 address . . . . . . . . . . . . . . . . . . . . . . 1064 ipv6 enable . . . . . . . . . . . . . . . . . . . . . . . 1065 Commands in this Chapter . clear ipv6 neighbors .
2CSPC4.XModular-SWUM201.book Page 43 Monday, October 3, 2011 2:21 PM ipv6 nd other-config-flag ipv6 nd prefix. . . . . . . . . . . . . . . . 1077 . . . . . . . . . . . . . . . . . . . . . 1077 ipv6 nd ra-interval . . . . . . . . . . . . . . . . . . . 1079 ipv6 nd ra-lifetime . . . . . . . . . . . . . . . . . . . 1080 ipv6 nd reachable-time . . . . . . . . . . . . . . . . 1080 . . . . . . . . . . . . . . . . . . 1081 . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 44 Monday, October 3, 2011 2:21 PM show ipv6 neighbors . show ipv6 route . . . . . . . . . . . . . . . . . 1105 . . . . . . . . . . . . . . . . . . . . 1106 show ipv6 route preferences . . . . . . . . . . . . . 1107 . . . . . . . . . . . . . . . 1108 . . . . . . . . . . . . . . . . . . . . 1109 . . . . . . . . . . . . . . . . . . . . . 1112 show ipv6 route summary show ipv6 traffic show ipv6 vlan traceroute ipv6 . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 45 Monday, October 3, 2011 2:21 PM ip pim dense . . . . . . . . . . . . . . . . . . . . . . ip pim dr-priority . . . . . . . . . . . . . . . . . . . . ip pim hello-interval . . . . . . . . . . . . . . . . . . ip pim join-prune-interval . 1128 1129 . . . . . . . . . . . . . . . 1130 . . . . . . . . . . . . . . . . . . . 1130 ip pim rp-candidate . . . . . . . . . . . . . . . . . . 1131 . . . . . . . . . . . . . . . . . . . . . 1132 . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 46 Monday, October 3, 2011 2:21 PM show ip pim rp hash . . . . . . . . . . . . . . . . . . show ip pim rp mapping . . . . . . . . . . . . . . . . 56 IPv6 Multicast Commands . ipv6 pimsm (Global config) . . . . . . . . . . . . . . . . . . . . . . . ipv6 pimsm (VLAN Interface config) . ipv6 pimsm bsr-border . 1149 . . . . . . . . . . . . . . . . 1150 . . . . . . . . . . . . . . . 1151 . . . . . . . . . . . . . . . . . 1152 . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 47 Monday, October 3, 2011 2:21 PM 57 OSPF Commands Route Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . OSPF Equal Cost Multipath (ECMP) . . . . . . . . . . 1165 1166 1166 Forwarding of OSPF Opaque LSAs Enabled by Default . . . . . . . . . . . . . . . . . . . . . . . Passive Interfaces . Graceful Restart . . . . . . . . . . . . . . . . . . 1167 . . . . . . . . . . . . . . . . . . . . 1168 Commands in this Chapter . . . . .
2CSPC4.XModular-SWUM201.book Page 48 Monday, October 3, 2011 2:21 PM area virtual-link hello-interval . . . . . . . . . . . . area virtual-link retransmit-interval . . . . . . . . . . 1184 . . . . . . . . . . . . 1185 . . . . . . . . . . . . . . . . . . . . . . . . 1186 area virtual-link transmit-delay auto-cost bandwidth . . . . . . . . . . . . . . . . . . . . . . . capability opaque clear ip ospf 1188 . . . . . . . . . . . . . . . . . . . . . . 1188 . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 49 Monday, October 3, 2011 2:21 PM ip ospf network ip ospf priority . . . . . . . . . . . . . . . . . . . . 1202 . . . . . . . . . . . . . . . . . . . . . 1203 ip ospf retransmit-interval . . . . . . . . . . . . . . . 1203 . . . . . . . . . . . . . . . . . 1204 . . . . . . . . . . . . . . . . . . . . 1205 . . . . . . . . . . . . . . . . . . . . . 1206 . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 50 Monday, October 3, 2011 2:21 PM show ip ospf interface . . . . . . . . . . . . . . . . . show ip ospf interface brief . . . . . . . . . . . . . . show ip ospf interface stats . 1231 . . . . . . . . . . . . . . . . . 1232 . . . . . . . . . . . . . . . . . . 1235 show ip ospf statistics . . . . . . . . . . . . . . . . . 1236 show ip ospf stub table . . . . . . . . . . . . . . . . 1237 show ip ospf virtual-link . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 51 Monday, October 3, 2011 2:21 PM area virtual-link . . . . . . . . . . . . . . . . . . . . 1254 area virtual-link dead-interval . . . . . . . . . . . . 1256 area virtual-link hello-interval . . . . . . . . . . . . 1256 area virtual-link retransmit-interval . . . . . . . . . 1257 . . . . . . . . . . . 1258 . . . . . . . . . . . . . 1259 default-metric . . . . . . . . . . . . . . . . . . . . . 1260 distance ospf . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 52 Monday, October 3, 2011 2:21 PM ipv6 router ospf . . . . . . . . . . . . . . . . . . . . . 1272 maximum-paths . . . . . . . . . . . . . . . . . . . . 1273 . . . . . . . . . . . . . . . . . . . . . . . . . . . 1274 nsf nsf helper . . . . . . . . . . . . . . . . . . . . . . . . nsf helper strict-lsa-checking . . . . . . . . . . . . . 1276 . . . . . . . . . . . . . . . . . . 1276 . . . . . . . . . . . . . . . . . . . 1277 nsf restart-interval .
2CSPC4.XModular-SWUM201.book Page 53 Monday, October 3, 2011 2:21 PM show ipv6 ospf neighbor . show ipv6 ospf range . . . . . . . . . . . . . . . 1297 . . . . . . . . . . . . . . . . . 1298 show ipv6 ospf stub table . . . . . . . . . . . . . . . show ipv6 ospf virtual-links . . . . . . . . . . . . . . show ipv6 ospf virtual-link brief . . . . . . . . . . . 59 Router Discovery Protocol Commands . . . . . . . . . . . . . Commands in this Chapter . ip irdp . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 54 Monday, October 3, 2011 2:21 PM default-metric distance rip . . . . . . . . . . . . . . . . . . . . . . 1315 . . . . . . . . . . . . . . . . . . . . . . 1315 distribute-list out . enable . . . . . . . . . . . . . . . . . . . 1316 . . . . . . . . . . . . . . . . . . . . . . . . . 1317 hostroutesaccept . ip rip . . . . . . . . . . . . . . . . . . . 1318 . . . . . . . . . . . . . . . . . . . . . . . . . . 1318 ip rip authentication . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 55 Monday, October 3, 2011 2:21 PM tunnel mode ipv6ip . tunnel source . . . . . . . . . . . . . . . . . . 1332 . . . . . . . . . . . . . . . . . . . . . 1333 62 Virtual Router Redundancy Protocol Commands . . . . . . . . . . . . . . . . . . . . . Pingable VRRP Interface . . . . . . . . . . . . . . . VRRP Route/Interface Tracking . . . . . . . . . . . . . . . . . . . 1337 . . . . . . . . . . . . . . . . . . . . 1337 . . . . . . . . . . . . . . 1337 . . . . . .
2CSPC4.XModular-SWUM201.book Page 56 Monday, October 3, 2011 2:21 PM show vrrp . . . . . . . . . . . . . . . . . . . . . . . . show vrrp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1355 show vrrp interface stats . . . . . . . . . . . . . . . 1356 . . . . . . . . . . . . . . . . . . 1357 show ip vrrp interface 63 Utility Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Auto-Install Commands Commands in this Chapter .
2CSPC4.XModular-SWUM201.book Page 57 Monday, October 3, 2011 2:21 PM authentication timeout. . . . . . . . . . . . . . . . . 1375 . . . . . . . . . . . . . . . . . . . . . 1375 . . . . . . . . . . . . . . . . . . . . . . . . . 1376 captive-portal enable http port . . . . . . . . . . . . . . . . . . . . . . . . https port . . . . . . . . . . . . . . . . . . . . . . . . show captive-portal . . . . . . . . . . . . . . . . . . show captive-portal status block 1377 1377 1378 . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 58 Monday, October 3, 2011 2:21 PM show captive-portal configuration client status . . . 1389 . . . . . 1390 . . . . . . . . . . . . . . . . . . . . . . . . . 1392 show captive-portal interface client status . show captive-portal interface configuration status . clear captive-portal users . no user . . . . . . . . . . . . . . 1393 . . . . . . . . . . . . . . . . . . . . . . . . . 1393 show captive-portal user user group . . . . . . . . . . . . . . . 1394 .
2CSPC4.XModular-SWUM201.book Page 59 Monday, October 3, 2011 2:21 PM macro name . . . . . . . . . . . . . . . . . . . . . . 1408 macro global apply . . . . . . . . . . . . . . . . . . 1409 macro global trace . . . . . . . . . . . . . . . . . . . 1410 macro global description . . . . . . . . . . . . . . . 1411 macro apply . . . . . . . . . . . . . . . . . . . . . . 1412 macro trace . . . . . . . . . . . . . . . . . . . . . . 1413 macro description . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 60 Monday, October 3, 2011 2:21 PM sntp unicast client enable . . . . . . . . . . . . . . . clock timezone hours-offset . no clock timezone . . . . . . . . . . . . . 1428 . . . . . . . . . . . . . . . . . . . 1428 clock summer-time recurring . . . . . . . . . . . . . 1429 . . . . . . . . . . . . . . . 1430 . . . . . . . . . . . . . . . . 1431 . . . . . . . . . . . . . . . . . . . . . . 1432 clock summer-time date . no clock summer-time . show clock .
2CSPC4.XModular-SWUM201.book Page 61 Monday, October 3, 2011 2:21 PM clear config copy . . . . . . . . . . . . . . . . . . . . . . 1443 . . . . . . . . . . . . . . . . . . . . . . . . . . 1443 delete . . . . . . . . . . . . . . . . . . . . . . . . . . 1449 delete backup-config . . . . . . . . . . . . . . . . . 1450 delete backup-image . . . . . . . . . . . . . . . . . 1450 delete startup-config . . . . . . . . . . . . . . . . . 1451 . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 62 Monday, October 3, 2011 2:21 PM dos-control sipdip . . . . . . . . . . . . . . . . . . . dos-control tcpflag . . . . . . . . . . . . . . . . . . . 1468 dos-control tcpfrag . . . . . . . . . . . . . . . . . . . 1468 ip icmp echo-reply . . . . . . . . . . . . . . . . . . . 1469 ip icmp error-interval . . . . . . . . . . . . . . . . . 1470 . . . . . . . . . . . . . . . . . . . . 1471 . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 63 Monday, October 3, 2011 2:21 PM management access-class . . . . . . . . . . . . . . 1483 . . . . . . . . . . . . . . . 1484 . . . . . . . . . . . . . . . . . 1485 management access-list permit (management) show management access-class show management access-list 73 Mode Commands . configure terminal . do . . . . . . . . . . . . 1487 . . . . . . . . . . . . 1488 . . . . . . . . . . . . . . . . 1489 . . . . . . . . . . . . . . . . . . 1489 . . . . . . .
2CSPC4.XModular-SWUM201.book Page 64 Monday, October 3, 2011 2:21 PM passwords min-length . . . . . . . . . . . . . . . . . passwords strength-check . . . . . . . . . . . . . . 1496 1497 passwords strength minimum uppercase-letters . . . 1498 passwords strength minimum lowercase-letters . . . 1499 . . . . . . . . . . . . . . . . . . 1500 passwords strength minimum numeric-characters passwords strength minimum special-characters . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 65 Monday, October 3, 2011 2:21 PM 77 RMON Commands . . . . . . . . . . . . . . . . Commands in this Chapter . rmon alarm . . . . . . . . . . . . . . . 1513 . . . . . . . . . . . . . . . . . . . . . . 1513 rmon collection history rmon event . . . . . . . . . . . . . . . . . 1516 . . . . . . . . . . . . . . . . . . . . . . 1517 show rmon alarm . . . . . . . . . . . . . . . . . . . show rmon alarms . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 66 Monday, October 3, 2011 2:21 PM debug auto-voip debug clear . . . . . . . . . . . . . . . . . . . . . 1541 . . . . . . . . . . . . . . . . . . . . . . 1541 debug console debug dot1x . . . . . . . . . . . . . . . . . . . . . 1542 . . . . . . . . . . . . . . . . . . . . . . 1542 debug igmpsnooping . debug ip acl . . . . . . . . . . . . . . . . . 1543 . . . . . . . . . . . . . . . . . . . . . . 1544 debug ip dvmrp . debug ip igmp . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 67 Monday, October 3, 2011 2:21 PM debug ospfv3 . . . . . . . . . . . . . . . . . . . . . . 1556 . . . . . . . . . . . . . . . . . . . . . . 1556 . . . . . . . . . . . . . . . . . . . . . . . 1557 debug ping . debug rip . debug sflow . . . . . . . . . . . . . . . . . . . . . . debug spanning-tree . debug vrrp 1558 . . . . . . . . . . . . . . . . . 1558 . . . . . . . . . . . . . . . . . . . . . . . 1559 show debugging . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 68 Monday, October 3, 2011 2:21 PM show snmp . . . . . . . . . . . . . . . . . . . . . . . show snmp engineID . . . . . . . . . . . . . . . . . . 1575 show snmp filters . . . . . . . . . . . . . . . . . . . 1576 show snmp group . . . . . . . . . . . . . . . . . . . 1577 . . . . . . . . . . . . . . . . . . . . 1578 show snmp user show snmp views show trapflags . . . . . . . . . . . . . . . . . . . 1580 . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 69 Monday, October 3, 2011 2:21 PM crypto key generate dsa . crypto key generate rsa . . . . . . . . . . . . . . . 1601 . . . . . . . . . . . . . . . . 1602 crypto key pubkey-chain ssh ip ssh port . . . . . . . . . . . . . 1603 . . . . . . . . . . . . . . . . . . . . . . . 1604 ip ssh pubkey-auth . . . . . . . . . . . . . . . . . . . 1605 . . . . . . . . . . . . . . . . . . . . . . 1605 . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 70 Monday, October 3, 2011 2:21 PM logging buffered . . . . . . . . . . . . . . . . . . . . 1622 logging console . . . . . . . . . . . . . . . . . . . . 1623 . . . . . . . . . . . . . . . . . . . . . . 1624 . . . . . . . . . . . . . . . . . . . . . . . 1625 logging file . logging on logging snmp . . . . . . . . . . . . . . . . . . . . . . logging web-session . port . . . . . . . . . . . . . . . . . 1626 . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 71 Monday, October 3, 2011 2:21 PM ip address . . . . . . . . . . . . . . . . . . . . . . . ip address none . . . . . . . . . . . . . . . . . . . . ip address {dhcp/bootp} 1643 . . . . . . . . . . . . . . . . . . . . . . 1644 . . . . . . . . . . . . . . . . . . . . . . . . 1644 motd-banner nsf . . . . . . . . . . . . . . . . . . . . . . 1645 . . . . . . . . . . . . . . . . . . . . . . . . . . . 1646 ping . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 72 Monday, October 3, 2011 2:21 PM show slot . . . . . . . . . . . . . . . . . . . . . . . . show supported cardtype . . . . . . . . . . . . . . . show supported switchtype . 1666 show switch . . . . . . . . . . . . . . . . . . . . . . 1668 show system . . . . . . . . . . . . . . . . . . . . . . 1676 . . . . . . . . . . . . . . . . . . . . show system power . . . . . . . . . . . . . . . . . . show system temperature show users . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 73 Monday, October 3, 2011 2:21 PM 86 Terminal Length Commands terminal length . . . . . . . . . . . . . . . . . . . . . 87 Time Ranges Commands time-range . . . . . . . . . . . . . . . . . . . 1699 1699 1701 . . . . . . . . . . . . . . . . . . . . . . . 1701 absolute . . . . . . . . . . . . . . . . . . . . . . . . 1702 periodic . . . . . . . . . . . . . . . . . . . . . . . . 1703 show time-range . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 74 Monday, October 3, 2011 2:21 PM crypto certificate generate . . . . . . . . . . . . . . 1718 crypto certificate import . . . . . . . . . . . . . . . . 1719 crypto certificate request . . . . . . . . . . . . . . . 1721 . . . . . . . . . . . . . . . . . . . . . . . . 1722 duration. ip http port . . . . . . . . . . . . . . . . . . . . . . . ip http server . . . . . . . . . . . . . . . . . . . . . . ip http secure-certificate ip http secure-port 1724 . . .
2CSPC4.XModular-SWUM201.book Page 75 Monday, October 3, 2011 2:21 PM 1 Command Groups Introduction The Command Line Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphic User Interface (GUI) driven software application. By directly entering commands, the user has greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.
2CSPC4.XModular-SWUM201.book Page 76 Monday, October 3, 2011 2:21 PM Command Groups The system commands can be broken down into four sets of functional groups: Layer 2, Data Center Technology, Layer 3, and Utility. Table 1-1. System Command Groups Command Group Description Layer 2 Commands AAA Configures connection security including authorization and passwords. ACL Configures and displays ACL information. Address Table Configures bridging address tables.
2CSPC4.XModular-SWUM201.book Page 77 Monday, October 3, 2011 2:21 PM Table 1-1. System Command Groups (continued) Command Group Description LLDP Configures and displays LLDP information. Port Aggregator Provides server administrators the ability to map internal ports to external ports easily. Port Channel Configures and displays Port channel information. Port Monitor Monitors activity on specific target ports. QoS Configures and displays QoS information.
2CSPC4.XModular-SWUM201.book Page 78 Monday, October 3, 2011 2:21 PM Table 1-1. System Command Groups (continued) Command Group Description DHCP Server and Relay Agent (IPv4) Manages DHCP/BOOTP operations on the system. DHCPv6 Configures IPv6 DHCP functions. DVMRP (Mcast) Configures DVMRP operations. IGMP (Mcast) Configures IGMP operations. IGMP Proxy (Mcast) Manages IGMP Proxy on the system. IP Helper/DHCP Relay Configures relay of UDP packets.
2CSPC4.XModular-SWUM201.book Page 79 Monday, October 3, 2011 2:21 PM Table 1-1. System Command Groups (continued) Command Group Description Clock Configures the system clock. Command Line Configuration Scripting Manages the switch configuration files. Denial of Service Provides several Denial of Service options. Line Configures the console, SSH, and remote Telnet connection. Management ACL Configures and displays management access-list information.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 82 Monday, October 3, 2011 2:21 PM Command Description Modea enable password Sets a local password to control access to the normal level. GC ip http authentication Specifies authentication methods for http. GC ip https authentication Specifies authentication methods for https. GC login authentication Specifies the login authentication method list for a remote telnet or console. LC password (IAS) Configures a password for a user.
2CSPC4.XModular-SWUM201.book Page 83 Monday, October 3, 2011 2:21 PM Command Description Modea ip access-group Attaches a specified access-control list to an interface. GC or IC mac access-group Attaches a specific MAC Access Control List (ACL) to an interface in the in-bound direction. GC or IC mac access-list extended Creates the MAC Access Control List (ACL) identified by the name parameter. GC mac access-list extended rename Renames the existing MAC Access Control List GC (ACL) name.
2CSPC4.XModular-SWUM201.book Page 84 Monday, October 3, 2011 2:21 PM Command Description Modea mac address-table multicast Enables forwarding of all Multicast packets on a IC forward-all port. mac address-table multicast Enables the forwarding of unregistered forward-unregistered multicast addresses. IC mac address-table multicast Registers MAC-layer Multicast addresses to the IC static bridge table, and adds static ports to the group.
2CSPC4.XModular-SWUM201.book Page 85 Monday, October 3, 2011 2:21 PM a. For the meaning of each Mode abbreviation, see Mode Typeson page 79. Auto-VoIP Modea Command Description switchport voice detect auto Enables the VoIP Profile on all the interfaces of GC or the switch. IC show switchport voice Displays the status of auto-voip on an interface PE or all interfaces. a. For the meaning of each Mode abbreviation, see Mode Types on page 79.
2CSPC4.XModular-SWUM201.book Page 86 Monday, October 3, 2011 2:21 PM a. For the meaning of each Mode abbreviation, see Mode Types on page 79. DHCP L2 Relay Command Description Modea dhcp l2relay Enables the Layer 2 DHCP Relay agent for an interface or globally. GC or IC dhcp l2relay circuit-id Enables user to set the DHCP Option 82 Circuit ID for a VLAN. GC dhcp l2relay remote-id Enables user to set the DHCP Option 82 Remote ID for a VLAN.
2CSPC4.XModular-SWUM201.book Page 87 Monday, October 3, 2011 2:21 PM DHCP Snooping Command Description Modea clear ip dhcp snooping binding Clears all DHCP Snooping entries. PE clear ip dhcp snooping statistics Clears all DHCP Snooping statistics. PE ip dhcp snooping Enables DHCP snooping globally or on a specific VLAN. GC or IC ip dhcp snooping binding Configures a static DHCP Snooping binding. GC ip dhcp snooping database Configures the persistent location of the DHCP GC snooping database.
2CSPC4.XModular-SWUM201.book Page 88 Monday, October 3, 2011 2:21 PM Dynamic ARP Inspection Command Description Modea arp access-list Creates an ARP ACL. GC clear ip arp inspection statistics Resets the statistics for Dynamic ARP Inspection on all VLANs. PE ip arp inspection filter Configures the ARP ACL to be used for a single GC VLAN or a range of VLANs to filter invalid ARP packets. ip arp inspection limit Configures the rate limit and burst interval values for an interface.
2CSPC4.XModular-SWUM201.book Page 89 Monday, October 3, 2011 2:21 PM Email Alerting Command Description Modea logging email Enables email alerting and sets the lowest severity level for which log messages are emailed. GC logging email urgent Sets the lowest severity level at which log messages are emailed in an urgent manner. GC logging traps Sets the lowest severity level at which SNMP traps are logged. GC logging email message-type Configures the To address field of the email.
2CSPC4.XModular-SWUM201.book Page 90 Monday, October 3, 2011 2:21 PM Modea Command Description show mail-server Displays the configuration of all the mail servers PE or a particular mail server. a. For the meaning of each Mode abbreviation, see Mode Types on page 79. Ethernet Configuration Command Description Modea clear counters Clears statistics on an interface. PE description Adds a description to an interface.
2CSPC4.XModular-SWUM201.book Page 91 Monday, October 3, 2011 2:21 PM Modea Command Description show statistics switchport Displays detailed statistics for a specific port or PE for the entire switch. show storm-control Displays the storm control configuration. PE shutdown Disables interfaces. IC speed Configures the speed of a given Ethernet interface when not using auto-negotiation. IC storm-control broadcast Enables Broadcast storm control.
2CSPC4.XModular-SWUM201.book Page 92 Monday, October 3, 2011 2:21 PM Command Description Modea ethernet cfm mep archive- Maintains internal information on a missing hold-time MEP. IC ethernet cfm mip level Creates a Maintenance Intermediate Point (MIP) at the specified level. IC ping ethernet cfm Generates a loopback message (LBM) from PE traceroute ethernet cfm Generates a link trace message (LTM) from the PE configured MEP. show ethernet cfm errors Displays the cfm errors.
2CSPC4.XModular-SWUM201.book Page 93 Monday, October 3, 2011 2:21 PM Command Description Modea show gvrp configuration Displays GVRP configuration information, PE show gvrp error-statistics Displays GVRP error statistics. UE show gvrp statistics Displays GVRP statistics. UE a. including timer values, whether GVRP and dynamic VLAN creation is enabled, and which ports are running GVRP. For the meaning of each Mode abbreviation, see Mode Types on page 79.
2CSPC4.XModular-SWUM201.book Page 94 Monday, October 3, 2011 2:21 PM Command Description Modea ip igmp snooping Sets the IGMP Group Membership Interval groupmembership-interval time on a VLAN. VLAN ip igmp snooping maxresponse Sets the IGMP Maximum Response time on a particular VLAN. VLAN ip igmp snooping mcrtrexpiretime Sets the Multicast Router Present Expiration time. VLAN a. For the meaning of each Mode abbreviation, see Mode Types on page 79.
2CSPC4.XModular-SWUM201.book Page 95 Monday, October 3, 2011 2:21 PM Command Description Modea interface out-of-band Brings up the OOB port configuration menu. GC ip address (Out-of-Band) Sets an IP address for the service port. IC ip address-conflict-detect run Triggers the switch to run active address conflict GC detection by sending gratuitous ARP packets for IPv4 addresses on the switch. ip address dhcp (Interface Config) Acquires an IP address on an interface from the IC DHCP server.
2CSPC4.XModular-SWUM201.book Page 96 Monday, October 3, 2011 2:21 PM Command Description Modea show ipv6 dhcp interface out-of-band statistics Displays IPv6 DHCP statistics for the out-ofband interface. PE show ipv6 interface out-of- Displays the IPv6 out-of-band port band configuration. a. PE For the meaning of each Mode abbreviation, see Mode Types on page 79. IPv6 ACL Command Description Modea {deny | permit} Creates a new rule for the current IPv6 access list.
2CSPC4.XModular-SWUM201.book Page 97 Monday, October 3, 2011 2:21 PM Command Description Modea ipv6 mld snooping mcrtexpiretime Sets the Multicast Router Present Expiration time. IC ipv6 mld snooping (Global) Enables MLD Snooping on the system (Global GC Config Mode). ipv6 mld snooping (Interface) Enables MLD Snooping on an interface. IC ipv6 mld snooping (VLAN) Enables MLD Snooping on a particular VLAN and all interfaces participating in that VLAN.
2CSPC4.XModular-SWUM201.book Page 98 Monday, October 3, 2011 2:21 PM IP Source Guard Command Description Modea ip verify source Enables filtering of IP packets matching the source IP address. IC ip verify source portsecurity Enables filtering of IP packets matching the IC source IP address and the source MAC address. ip verify binding Configures static bindings. GC show ip verify interface Displays the IPSG interface configuration.
2CSPC4.XModular-SWUM201.book Page 99 Monday, October 3, 2011 2:21 PM iSCSI Optimization Link Dependency Command Description Modea iscsi aging time Sets aging time for iSCSI sessions. GC iscsi cos Sets the quality of service profile that will be applied to iSCSI flows. GC iscsi enable Enables Global Configuration mode command GC globally enables iSCSI awareness. iscsi target port Configures an iSCSI target port (optionally configures target port address and name).
2CSPC4.XModular-SWUM201.book Page 100 Monday, October 3, 2011 2:21 PM LLDP Command Description Modea clear lldp remote-data Deletes all data from the remote data table. PE clear lldp statistics Resets all LLDP statistics. PE lldp notification Enables remote data change notifications. IC lldp notification-interval Limits how frequently remote data change notifications are sent. GC lldp receive Enables the LLDP receive capability.
2CSPC4.XModular-SWUM201.book Page 101 Monday, October 3, 2011 2:21 PM Command Description Modea mvr querytime Sets the MVR query response time. GC mvr vlan Sets the MVR multicast VLAN. GC mvr immediate Enables MVR Immediate Leave mode. IC mvr type Sets the MVR port type. IC mvr vlan group Use to participate in the specific MVR group. IC show mvr Displays global MVR settings. PE show mvr members Displays the MVR membership groups allocated.
2CSPC4.XModular-SWUM201.book Page 102 Monday, October 3, 2011 2:21 PM Command Description Modea lacp system-priority Configures the system LACP priority. GC lacp timeout Assigns an administrative LACP timeout. IC no lacp Sets the LACP (Link Aggregation) mode to default for that Aggregator Group. PA port-channel min-links Sets the minimum number of links that must IC be up in order for the port channel interface to be declared up. show interfaces portchannel Displays port-channel information.
2CSPC4.XModular-SWUM201.book Page 103 Monday, October 3, 2011 2:21 PM Command Description Modea show bridge address-table Shows the MAC address table for a particular aggregator group. PE speed Configures the speed of all member PA ports in the aggregator group/zone. a. For the meaning of each Mode abbreviation, see Mode Types. Port Monitor Command Description Modea monitor session Configures a port monitoring session. GC show monitor session Displays the port monitoring status. PE a.
2CSPC4.XModular-SWUM201.book Page 104 Monday, October 3, 2011 2:21 PM Command Description Modea conform-color Specifies for each outcome, the only possible actions are drop, setdscp-transmit, set-prectransmit, or transmit. PCMC cos-queue min-bandwidth Specifies the minimum transmission bandwidth for each interface queue. GC or IC cos-queue random-detect Configures WRED queue management policy IC on an interface CoS queue.
2CSPC4.XModular-SWUM201.book Page 105 Monday, October 3, 2011 2:21 PM Command Description Modea match dstip6 Adds to the specified class definition a match condition based on the destination IPv6 address of a packet. v6CMC match dstl4port Adds to the specified class definition a match CMC condition based on the destination layer 4 port of a packet using a single keyword, or a numeric notation.
2CSPC4.XModular-SWUM201.book Page 106 Monday, October 3, 2011 2:21 PM Modea Command Description match srcl4port Adds to the specified class definition a match CMC condition based on the source layer 4 port of a packet using a single keyword, a numeric notation, or a numeric range notation. match vlan Adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field.
2CSPC4.XModular-SWUM201.book Page 107 Monday, October 3, 2011 2:21 PM Modea Command Description show diffserv service brief Displays all interfaces in the system to which a PE DiffServ policy has been attached. show interfaces cos-queue Displays the class-of-service queue configuration for the specified interface. PE show interfaces randomdetect Displays the WRED policy on an interface. PE show policy-map Displays all configuration information for the specified policy.
2CSPC4.XModular-SWUM201.book Page 108 Monday, October 3, 2011 2:21 PM Modea Command Description msgauth Enables the message authenticator attribute to R be used for the RADIUS Authenticating server being configured. name Assigns a name to a RADIUS server. primary Specifies that a configured server should be the R primary server in the group of authentication servers which have the same server name.
2CSPC4.XModular-SWUM201.book Page 109 Monday, October 3, 2011 2:21 PM Command Description Modea timeout Sets the timeout value in seconds for the designated radius server. R usage Specifies the usage type of the server. R a. For the meaning of each Mode abbreviation, see Mode Types on page 79. Spanning Tree Command Description Modea clear spanning-tree detected-protocols Restarts the protocol migration process on all interfaces or on the specified interface.
2CSPC4.XModular-SWUM201.book Page 110 Monday, October 3, 2011 2:21 PM Command Description Modea spanning-tree loopguard Enables loop guard on all ports. GC spanning-tree max-age Configures the spanning tree bridge maximum GC age. spanning-tree max-hops Sets the MSTP Max Hops parameter to a new value for the common and internal spanning tree. GC spanning-tree mode Configures the spanning tree protocol.
2CSPC4.XModular-SWUM201.book Page 111 Monday, October 3, 2011 2:21 PM TACACS+ Modea Command Description key Specifies the authentication and encryption key TC for all TACACS communications between the device and the TACACS server. port Specifies a server port number. TC priority Specifies the order in which servers are used. TC show tacacs Displays TACACS+ server settings and statistics. PE tacacs-server host Specifies a TACACS+ server host.
2CSPC4.XModular-SWUM201.book Page 112 Monday, October 3, 2011 2:21 PM Modea Command Description protocol vlan group all Adds all physical unit/slot/port interfaces to the GC protocol-based VLAN identified by groupid. show dvlan-tunnel Displays all interfaces enabled for Double VLAN Tunneling. PE show dvlan-tunnel interface Displays detailed information about Double VLAN Tunneling for the specified interface. PE show interfaces switchport Displays switchport configuration.
2CSPC4.XModular-SWUM201.book Page 113 Monday, October 3, 2011 2:21 PM Command Description Modea vlan Creates a VLAN. VLAN vlan (Global Config) Configures a VLAN. GC vlan association mac Associates a MAC address to a VLAN. VLAN vlan association subnet Associates an IP subnet to a VLAN. VLAN vlan database Enters the VLAN database configuration mode. GC vlan makestatic Changes a dynamically created VLAN to a static VLAN VLAN.
2CSPC4.XModular-SWUM201.book Page 114 Monday, October 3, 2011 2:21 PM Modea Command Description dot1x max-users Sets the maximum number of clients supported IC on the port when MAC-based 802.1X authentication is enabled on the port. dot1x port-control Enables manual control of the authorization state of the port. IC dot1x re-authenticate Manually initiates a re-authentication of all 802.1x-enabled ports or a specified 802.1X enabled port.
2CSPC4.XModular-SWUM201.book Page 115 Monday, October 3, 2011 2:21 PM Command Description Modea show dot1x clients Displays detailed information about the users who have successfully authenticated on the system or on a specified port. PE show dot1x interface Shows the status of MAC Authentication Bypass. PE show dot1x statistics Displays 802.1X statistics for the specified interface. PE show dot1x users Displays active 802.1X authenticated users for the switch.
2CSPC4.XModular-SWUM201.book Page 116 Monday, October 3, 2011 2:21 PM Data Center Technology Commands Data Center Bridging Commands Command Description Modea datacenter-bridging Enters the Data Center Bridging mode. IC lldp dcbx version Enables the switch to support a specific version GC of the Data Center Bridging Capability Exchange (DCBX) protocol or to detect the peer version and match it. lldp tlv-select dcbxp Sends specific DCBX TLVs if LLDP is enabled IC, to transmit on the given interface.
2CSPC4.XModular-SWUM201.book Page 117 Monday, October 3, 2011 2:21 PM Command Description Modea show fip-snooping enode Displays information about the interfaces connected to ENodes UE, PE show fip-snooping fcf Displays information about the interfaces connected to FCFs. UE, PE show fip-snooping sessions Displays information about the active FIP snooping sessions. UE, PE show fip-snooping statistics Displays the statistics of the FIP packets snooped in the VLAN or on an interface.
2CSPC4.XModular-SWUM201.book Page 118 Monday, October 3, 2011 2:21 PM Layer 3 Commands ARP (IPv4) Command Description Modea arp Creates an Address Resolution Protocol (ARP) entry. GC arp cachesize Configures the maximum number of entries in the ARP cache. GC arp dynamicrenew Enables the ARP component to automatically renew dynamic ARP entries when they age out. GC arp purge Causes the specified IP address to be removed from the ARP cache.
2CSPC4.XModular-SWUM201.book Page 119 Monday, October 3, 2011 2:21 PM DHCP Server and Relay Agent (IPv4) Modea Command Description ip dhcp pool Defines a DHCP address pool that can be used GC to supply addressing information to DHCP client. This command puts the user into DHCP Pool Configuration mode. bootfile Sets the name of the image for the DHCP client to load. DP clear ip dhcp binding Removes automatic DHCP server bindings. PE clear ip dhcp conflict Removes DHCP server address conflicts.
2CSPC4.XModular-SWUM201.book Page 120 Monday, October 3, 2011 2:21 PM Command Description Modea netbios-name-server Configures the IPv4 address of the Windows® Internet Naming Service (WINS) for a Microsoft DHCP client. DP netbios-node-type Sets the NetBIOS node type for a Microsoft DHCP client. DP network Defines a pool of IPv4 addresses for distributing DP to clients. next-server Sets the IPv4 address of the TFTP server to be used during auto-install.
2CSPC4.XModular-SWUM201.book Page 121 Monday, October 3, 2011 2:21 PM Command Description Modea domain-name Sets the DNS domain name which is provided to a DHCPv6 client by the DHCPv6 server. v6DP ipv6 dhcp pool Enters IPv6 DHCP Pool Configuration mode. GC ipv6 dhcp relay Configures an interface for DHCPv6 Relay functionality. IC ipv6 dhcp server Configures DHCPv6 server functionality on an IC interface.
2CSPC4.XModular-SWUM201.book Page 122 Monday, October 3, 2011 2:21 PM Command Description Modea show ip dvmrp nexthop Displays the next hop information on PE show ip dvmrp prune Displays the table that lists the router’s upstream prune information. PE show ip dvmrp route Displays the multicast routing information for DVMRP. PE a. outgoing interfaces for routing multicast datagrams. For the meaning of each Mode abbreviation, see Mode Types on page 79.
2CSPC4.XModular-SWUM201.book Page 123 Monday, October 3, 2011 2:21 PM Command Description Modea ip igmp query-maxresponse-time Configures the maximum response time interval for the specified interface. IC ip igmp robustness Configures the robustness that allows tuning of the interface. IC ip igmp startup-query-count Sets the number of queries sent out on startup—at intervals equal to the startup query interval for the interface.
2CSPC4.XModular-SWUM201.book Page 124 Monday, October 3, 2011 2:21 PM Modea Command Description show ip igmp-proxy Displays a summary of the host interface status PE parameters. show ip igmp-proxy interface Displays a detailed list of the host interface status parameters. PE show ip igmp-proxy groups Displays a table of information about multicast PE groups that IGMP Proxy reported.
2CSPC4.XModular-SWUM201.book Page 125 Monday, October 3, 2011 2:21 PM Command Description Modea ip helper-address (global configuration) Configures the relay of certain UDP broadcast packets received on any interface. GC ip helper-address (interface Configures the relay of certain UDP broadcast configuration) packets received on a specific interface. IC ip helper enable Enables relay of UDP packets. GC show ip helper-address Displays the IP helper address configuration.
2CSPC4.XModular-SWUM201.book Page 126 Monday, October 3, 2011 2:21 PM Modea Command Description show ip interface Displays all pertinent information about the IP PE interface. show ip protocols Displays the parameters and current state of the PE active routing protocols. show ip route Displays the routing table. PE show ip route preferences Displays detailed information about the route preferences. PE show ip route summary Shows the number of all routes, including best and non-best routes.
2CSPC4.XModular-SWUM201.book Page 127 Monday, October 3, 2011 2:21 PM Command Description Modea ipv6 pimsm registerthreshold Configures the Register Threshold rate for the RP router to switch to the shortest path. GC ipv6 pimsm rp-address Statically configures the Rendezvous Point (RP) GC address of a PIM for one or more multicast groups. ipv6 pimsm rp-candidate Configures the router to advertise itself to the bootstrap router (BSR) as a PIM candidate rendezvous point (RP).
2CSPC4.XModular-SWUM201.book Page 128 Monday, October 3, 2011 2:21 PM Modea Command Description clear ipv6 statistics Clears IPv6 statistics for all interfaces or for a PE specific interface, including loopback and tunnel interfaces. ipv6 address Configures an IPv6 address on an interface (including tunnel and loopback interfaces). ipv6 enable Enables IPv6 routing on an interface IC (including tunnel and loopback interfaces) that has not been configured with an explicit IPv6 address.
2CSPC4.XModular-SWUM201.book Page 129 Monday, October 3, 2011 2:21 PM Modea Command Description ipv6 mtu Sets the maximum transmission unit (MTU) IC size, in bytes, of IPv6 packets on an interface. ipv6 nd dad attempts Sets the number of duplicate address detection probes transmitted while doing neighbor discovery. IC ipv6 nt managed-configflag Sets the managed address configuration flag in router advertisements.
2CSPC4.XModular-SWUM201.book Page 130 Monday, October 3, 2011 2:21 PM Command Description Modea show ipv6 brief Displays the IPv6 status of forwarding mode and IPv6 unicast routing mode. PE show ipv6 interface Shows the usability status of IPv6 interfaces. PE show ipv6 mld groups Displays information about multicast groups PE that MLD reported. show ipv6 mld interface Displays MLD related information for an interface.
2CSPC4.XModular-SWUM201.book Page 131 Monday, October 3, 2011 2:21 PM Loopback Interface Command Description Modea interface loopback Enters the Interface Loopback configuration mode. GC show interface loopback Displays information about configured loopback interfaces. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 79. Multicast Command Description Modea ip mcast boundary Adds an administrative scope multicast boundary.
2CSPC4.XModular-SWUM201.book Page 132 Monday, October 3, 2011 2:21 PM Modea Command Description ip pim register-rate-limit Sets a limit on the maximum number of PIM GC register messages sent per second for each (S,G) entry. ip pim rp-address Defines the address of a PIM RP for a specific multicast group range. GC ip pim rp-candidate Configures the router to advertise itself to the bootstrap router (BSR) as a PIM candidate rendezvous point (RP) for a specific multicast group range.
2CSPC4.XModular-SWUM201.book Page 133 Monday, October 3, 2011 2:21 PM Command Description Modea show ip pim bsr-router Displays the bootstrap router (BSR) information. PE show ip pim interface Displays PIM interface status parameters. If no UE or interface is specified, the command displays the PE status parameters of all PIM-enabled interfaces. show ip pim neighbor Displays PIM neighbors discovered by PIMv2 UE or Hello messages.
2CSPC4.XModular-SWUM201.book Page 134 Monday, October 3, 2011 2:21 PM Command Description Modea area stub Creates a stub area for the specified area ID. ROSPF area stub no-summary Prevents Summary LSAs from being advertised into the NSSA. ROSPF area virtual-link Creates the OSPF virtual interface for the specified area-id and neighbor router.
2CSPC4.XModular-SWUM201.book Page 135 Monday, October 3, 2011 2:21 PM Command Description Modea distribute-list out Specifies the access list to filter routes received from the source protocol. ROSPF enable Resets the default administrative mode of OSPF ROSPF in the router (active). exit-overflow-interval Configures the exit overflow interval for OSPF. ROSPF external-lsdb-limit Configures the external LSDB limit for OSPF.
2CSPC4.XModular-SWUM201.book Page 136 Monday, October 3, 2011 2:21 PM Modea Command Description nsf restart-interval Configures the length of the grace period on the ROSPF restarting router. network area Enables OSPFv2 on an interface and sets its area ROSPF ID if the IP address of an interface is covered by this network command. passive-interface Sets the interface or tunnel as passive. IC passive-interface default Enables the global passive mode by default for all ROSPF interfaces.
2CSPC4.XModular-SWUM201.book Page 137 Monday, October 3, 2011 2:21 PM Command Description Modea show ip ospf interface stats Displays the statistics for a specific interface. PE show ip ospf neighbor Displays information about OSPF neighbors. PE show ip ospf range Displays information about the area ranges for the specified area-id. PE show ip ospf statistics Displays information about recent Shortest Path PE First (SPF) calculations. show ip ospf stub table Displays the OSPF stub table.
2CSPC4.XModular-SWUM201.book Page 138 Monday, October 3, 2011 2:21 PM Command Description Modea area range Creates an area range for a specified NSSA. ROSV3 area stub Creates a stub area for the specified area ID. ROSV3 area stub no-summary Disables the import of Summary LSAs for the stub area identified by areaid. ROSV3 area virtual-link Creates the OSPF virtual interface for the specified areaid and neighbor.
2CSPC4.XModular-SWUM201.book Page 139 Monday, October 3, 2011 2:21 PM Command Description Modea ipv6 ospf dead-interval Sets the OSPF dead interval for the specified interface. IC ipv6 ospf hello-interval Sets the OSPF hello interval for the specified interface. IC ipv6 ospf mtu-ignore Disables OSPF maximum transmission unit (MTU) mismatch detection. IC ipv6 ospf network Changes the default OSPF network type for the interface.
2CSPC4.XModular-SWUM201.book Page 140 Monday, October 3, 2011 2:21 PM Command Description Modea show ipv6 ospf Displays information relevant to the OSPF router. PE show ipv6 ospf abr Displays the internal OSPFv3 routes to reach Area Border Routers (ABR). PE show ipv6 ospf area Displays information about the area. PE show ipv6 ospf asbr Displays the internal OSPFv3 routes to reach Autonomous System Boundary Routes (ASBR).
2CSPC4.XModular-SWUM201.book Page 141 Monday, October 3, 2011 2:21 PM Router Discovery Protocol Command Description Modea ip irdp Enables Router Discovery on an interface. IC ip irdp address Configures the address that the interface uses to send the router discovery advertisements. IC ip irdp holdtime Configures the value, in seconds, of the IC holdtime field of the router advertisement sent from this interface.
2CSPC4.XModular-SWUM201.book Page 142 Monday, October 3, 2011 2:21 PM Modea Command Description distribute-list out Specifies the access list to filter routes received RIP from the source protocol. enable Resets the default administrative mode of RIP in the router (active). RIP hostroutesaccept Enables the RIP hostroutesaccept mode. RIP ip rip Enables RIP on a router interface. IC ip rip authentication Sets the RIP Version 2 Authentication Type and IC Key for the specified interface.
2CSPC4.XModular-SWUM201.book Page 143 Monday, October 3, 2011 2:21 PM Command Description Modea tunnel destination Specifies the destination transport address of the tunnel. IC tunnel mode ipv6ip Specifies the mode of the tunnel. IC tunnel source Specifies the source transport address of the tunnel, either explicitly or by reference to an interface. IC a. For the meaning of each Mode abbreviation, see Mode Types on page 79.
2CSPC4.XModular-SWUM201.book Page 144 Monday, October 3, 2011 2:21 PM Modea Command Description vrrp timers learn Configures the router, when it is acting as IC backup virtual router for a VRRR group, to learn the advertisement interval used by the master virtual router. vrrp track interface Alters the priority of the VRRP router based on IC the availability of its interfaces. vrrp track ip route Tracks route reachability.
2CSPC4.XModular-SWUM201.book Page 145 Monday, October 3, 2011 2:21 PM Modea Command Description boot auto-copy-sw allowdowngrade Enables downgrading the firmware version on GC the stack member if the firmware version on the manager is older than the firmware version on the member. boot host autoreboot Enables rebooting the device (no administrative GC intervention) when the auto-image is successfully downloaded.
2CSPC4.XModular-SWUM201.book Page 146 Monday, October 3, 2011 2:21 PM Command Description Modea configuration Enables the captive portal instance mode. CP enable Enables a captive portal configuration. CPI group Configures the group number for a captive portal configuration. CPI interface Associates an interface with a captive portal configuration. CPI locale Associates an interface with a captive portal configuration. CPI name Configures the name for a captive portal configuration.
2CSPC4.XModular-SWUM201.book Page 147 Monday, October 3, 2011 2:21 PM Modea Command Description show captive-portal interface configuration status Displays the clients authenticated to all captive PE portal configurations or a to specific configuration. clear captive-portal users Deletes all captive portal user entries. PE no user Deletes a user from the local user database.
2CSPC4.XModular-SWUM201.book Page 148 Monday, October 3, 2011 2:21 PM CLI Macro Command Description Modea macro name Creates a user-defined macro. GC macro global apply Use to apply a macro. GC macro global trace Applies and traces a macro. GC macro global description Appends a line to the global macro description. GC macro apply Use to apply a macro. IC macro trace Applies and traces a macro. IC macro description Appends a line to the macro description.
2CSPC4.XModular-SWUM201.book Page 149 Monday, October 3, 2011 2:21 PM Command Description Modea sntp unicast client enable Enables clients to use Simple Network Time Protocol (SNTP) predefined Unicast clients. GC clock timezone hours-offset Sets the offset to Coordinated Universal Time. GC clock summer-time recurring Sets the summertime offset to UTC recursively GC every year. clock summer-time date Sets the summertime offset to UTC.
2CSPC4.XModular-SWUM201.book Page 150 Monday, October 3, 2011 2:21 PM Command Description Modea erase Erases the startup configuration, the backup configuration, or the backup image. PE filedescr Adds a description to a file. PE rename Renames the file present in flash. PE show backup-config Displays contents of a backup configuration file. PE show bootvar Displays the active system image file that the switch loads at startup.
2CSPC4.XModular-SWUM201.book Page 151 Monday, October 3, 2011 2:21 PM Command Description Modea ip icmp echo-reply Enables or disables the generation of ICMP Echo Reply messages. GC ip icmp error-interval Limits the rate at which IPv4 ICMP error messages are sent. GC ip unreachables Enables the generation of ICMP Destination Unreachable messages. IC ip redirects Enables the generation of ICMP Redirect messages.
2CSPC4.XModular-SWUM201.book Page 152 Monday, October 3, 2011 2:21 PM Management ACL Command Description Modea deny (management) Defines a deny rule. MA management access-class Defines which management access-list is used. GC management access-list Defines a management access-list, and enters the access-list for configuration. GC permit (management) Defines a permit rule. MA show management accessclass Displays the active management access-list.
2CSPC4.XModular-SWUM201.book Page 153 Monday, October 3, 2011 2:21 PM Modea Command Description passwords lock-out Enables the administrator to strengthen the GC security of the switch by enabling the user lockout feature. When a lockout count is configured, a user who is logging in must enter the correct password within that count. passwords min-length Enables the administrator to enforce a minimum length required for a password. GC passwords strength-check Enables the Password Strength feature.
2CSPC4.XModular-SWUM201.book Page 154 Monday, October 3, 2011 2:21 PM Command Description Modea show passwords result Displays the last password set result information. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 79. PHY Diagnostics Command Description Modea show copper-ports tdr Displays the last TDR (Time Domain Reflectometry) tests on specified ports. PE show fiber-ports opticaltransceiver Displays the optical transceiver diagnostics.
2CSPC4.XModular-SWUM201.book Page 155 Monday, October 3, 2011 2:21 PM Command Description Modea show rmon statistics Displays RMON Ethernet Statistics. UE a. For the meaning of each Mode abbreviation, see Mode Types on page 79. SDM Templates Command Description Modea sdm prefer Changes the template that will be active after the next reboot. GC show sdm prefer Views the currently active SDM template and its scaling parameters, or views the scaling parameters for an inactive template. PE a.
2CSPC4.XModular-SWUM201.book Page 156 Monday, October 3, 2011 2:21 PM Command Description Modea debug ip pimdm Traces PIMDM packet reception and transmission. PE debug ip pimsm Traces PIMSM packet reception and transmission. PE debug ip vrrp Enables VRRP debug protocol messages. PE debug ipv6 dhcp Displays debug information about DHCPv6 PE client activities and to trace DHCPv6 packets to and from the local DHCPv6 client. debug ipv6 mcache Traces MDATAv6 packet reception and transmission.
2CSPC4.XModular-SWUM201.book Page 157 Monday, October 3, 2011 2:21 PM a. For the meaning of each Mode abbreviation, see Mode Types on page 79. sFlow Command Description Modea sflow destination Configures sFlow collector parameters (owner string, receiver timeout, ip address, and port). GC sflow polling Enables a new sflow poller instance for the data GC source if rcvr_idx is valid. sflow polling (Interface Mode) Enable a new sflow poller instance for this data IC source if rcvr_idx is valid.
2CSPC4.XModular-SWUM201.book Page 158 Monday, October 3, 2011 2:21 PM Command Description Modea show trapflags Displays SNMP traps globally or displays specific SNMP traps. PE snmp-server community Sets up the community access string to permit access to SNMP protocol. GC snmp-server communitygroup Maps SNMP v1 and v2 security models to the group name. GC snmp-server contact Sets up a system contact (sysContact) string.
2CSPC4.XModular-SWUM201.book Page 159 Monday, October 3, 2011 2:21 PM Modea Command Description ip ssh port Specifies the port to be used by the SSH server. GC ip ssh pubkey-auth Enables public key authentication for incoming GC SSH sessions. ip ssh server Enables the switch to be configured from a SSH GC server connection. key-string Manually specifies a SSH public key. SK show crypto key mypubkey Displays its own SSH public keys stored on the PE switch.
2CSPC4.XModular-SWUM201.book Page 160 Monday, October 3, 2011 2:21 PM Modea Command Description logging console Limits messages logged to the console based on GC severity. logging file Limits syslog messages sent to the logging file based on severity. GC logging on Controls error messages logging. GC logging snmp Enables SNMP Set command logging. GC logging web-session Enables web session logging. GC port Specifies the port number of syslog messages.
2CSPC4.XModular-SWUM201.book Page 161 Monday, October 3, 2011 2:21 PM Command Description Modea initiate failover Forces failover of management unit. GC ip address Sets a static OOB port IP address. IC (outof-band) ip address none Disables DHCP/BOOTP on the OOB port. IC (outof-band) ip address {dhcp/bootp} Enables DHCP/BOOTP on the OOB port. IC (outof-band) login-banner Enables login banner on the console, telnet, or LC SSH connection. member Configures the switch.
2CSPC4.XModular-SWUM201.book Page 162 Monday, October 3, 2011 2:21 PM Modea Command Description show power-usagehistory Shows the history of unit power consumption PE for the unit specified in the command and total stack power consumption. show process cpu Checks the CPU utilization for each process currently running on the switch. PE show sessions Displays a list of the open telnet sessions to remote hosts.
2CSPC4.XModular-SWUM201.book Page 163 Monday, October 3, 2011 2:21 PM Command Description Modea standby Configures the standby in the stack. SG switch renumber Changes the identifier for a switch in the stack. GC telnet Logs into a host that supports Telnet. PE traceroute Discovers the IP routes that packets actually take when travelling to their destinations. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 79.
2CSPC4.XModular-SWUM201.book Page 164 Monday, October 3, 2011 2:21 PM Command Description Modea show time-range Displays a time range and all the absolute/periodic time entries that are defined for the time range. PE a. For the meaning of each Mode abbreviation, see Mode Types on page 79. User Interface Command Description Modea enable Enters the privileged EXEC mode. UE end Gets the CLI user control back to the privileged Any execution mode or user execution mode.
2CSPC4.XModular-SWUM201.book Page 165 Monday, October 3, 2011 2:21 PM Modea Command Description ip http port Specifies the TCP port for use by a web browser GC to configure the switch. ip http server Enables the switch to be configured from a browser. GC ip http secure-certificate Configures the active certificate for HTTPS. GC ip http secure-port Configures a TCP port for use by a secure web browser to configure the switch.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 167 Monday, October 3, 2011 2:21 PM 2 Using the CLI Introduction This chapter describes the basics of entering and editing the Dell PowerConnect 70xx Series Command Line Interface (CLI) commands and defines the command hierarchy. It also explains how to activate the CLI and implement its major functions.
2CSPC4.XModular-SWUM201.book Page 168 Monday, October 3, 2011 2:21 PM • Partial keyword lookup — A command is incomplete and the key is entered in place of a parameter. The matched parameters for this command are displayed.
2CSPC4.XModular-SWUM201.book Page 169 Monday, October 3, 2011 2:21 PM Table 2-1. History Buffer Keyword Source or Destination Up-arrow key Recalls commands in the history buffer, beginning with the most recent command. Repeats the key sequence to recall successively older commands. + Down-arrow key + Returns to more recent commands in the history buffer after recalling commands with the up-arrow key. Repeating the key sequence recalls more recent commands in succession.
2CSPC4.XModular-SWUM201.book Page 170 Monday, October 3, 2011 2:21 PM Short Form Commands The CLI supports the short forms of all commands. As long as it is possible to recognize the entered command unambiguously, the CLI accepts the short form of the command as if the user typed the full command. Keyboard Shortcuts The CLI has a range of keyboard shortcuts to assist in editing the CLI commands. The help command, when used in the User EXEC and Privileged EXEC modes, displays the keyboard short cuts.
2CSPC4.XModular-SWUM201.book Page 171 Monday, October 3, 2011 2:21 PM Table 2-2. CLI Shortcuts Keyboard Key Description Delete previous character + Go to beginning of line + Go to end of line + Go forward one character + Go backward one character + Delete current character + Delete to beginning of line + Delete to the end of the line.
2CSPC4.XModular-SWUM201.book Page 172 Monday, October 3, 2011 2:21 PM • The range key word is used to identify the range of objects on which to operate. • The range may be specified in the following manner: (#-#) — a range from a particular instance to another instance (inclusive). For example, 1/0/1-10 indicates that the operation applies to the gigabit Ethernet ports 1 to 10 on unit 1. (#, #, #) — a list of non-consecutive instances.
2CSPC4.XModular-SWUM201.book Page 173 Monday, October 3, 2011 2:21 PM Command Scripting The CLI can be used as a programmable management interface. To facilitate this function, any characters entered after the character are treated as a comment and ignored by the CLI. Also, the CLI allows the user to disable session timeouts. CLI Command Notation Conventions When entering commands there are certain command-entry notations which apply to all commands.
2CSPC4.XModular-SWUM201.book Page 174 Monday, October 3, 2011 2:21 PM • Unit#/Slot#/Port# — Identifies a specific interface by the interface type tag followed by the Unit# followed by a / symbol, then the Slot# followed by a / symbol, and then the Port#. For example, gi2/0/10 identifies the gigabit port 10 in slot 0 within the second unit on a non-blade switch. Table 2-4 below lists the supported interface type tags.
2CSPC4.XModular-SWUM201.book Page 175 Monday, October 3, 2011 2:21 PM Port Channel Interfaces Port-channel (or LAG) interfaces are represented in the CLI by the variable port-channel-number., which can can assume values from 1-48. When listed in command line output, port channel interfaces are preceded by the characters Po. Loopback Interfaces Loopback interfaces are represented in the CLI by the variable loopback-id, which can assume values from 0–7.
2CSPC4.XModular-SWUM201.book Page 176 Monday, October 3, 2011 2:21 PM 1 default Po1-48, Default Gi1/0/1-24 Example #3 CLI Command Modes Since the set of CLI commands is very large, the CLI is structured as a command-tree hierarchy, where related command sets are assigned to command modes for easier access. At each level, only the commands related to that level are available to the user and only those commands are shown in the context sensitive help for that level.
2CSPC4.XModular-SWUM201.book Page 177 Monday, October 3, 2011 2:21 PM When starting a session, the initial mode is the User EXEC mode. Only a limited subset of commands is available in this mode. This level is reserved for tasks that do not change the configuration. To enter the next level, the Privileged EXEC mode, a password is required. The Privileged EXEC mode provides access to commands that can not be executed in the User EXEC mode and permits access to the switch Configuration mode.
2CSPC4.XModular-SWUM201.book Page 178 Monday, October 3, 2011 2:21 PM Global Configuration Mode Global Configuration commands apply to features that affect the system as a whole, rather than just a specific interface. The Privileged EXEC mode command configure is used to enter the Global Configuration mode. console(config)# The following are the Global Configuration modes: • SNMP v3 Host Configuration — Configures the parameters for the SNMP v3 server host.
2CSPC4.XModular-SWUM201.book Page 179 Monday, October 3, 2011 2:21 PM • Management Access List — Contains commands to define management access administration lists. The Global Configuration mode command management access-list is used to enter the Management Access List configuration mode. • Policy-map — Use the policy-map command to access the QoS policy map configuration mode to configure the QoS policy map.
2CSPC4.XModular-SWUM201.book Page 180 Monday, October 3, 2011 2:21 PM • SSH Public Key-string — Contains commands to manually specify the SSH Public-key of a remote SSH Client. The SSH Public-Key Chain Configuration mode command user-key command is used to enter the SSH Public-Key Configuration mode. • MAC Access-List — Configures conditions required to allow traffic based on MAC addresses. The Global Configuration mode command macaccess-list is used to enter the MAC Access-List configuration mode.
2CSPC4.XModular-SWUM201.book Page 181 Monday, October 3, 2011 2:21 PM [# | >] — The # sign is used to indicate that the system is in the Privileged EXEC mode. The > symbol indicates that the system is in the User EXEC mode, which is a read-only mode in which the system does not allow configuration. Navigating CLI Command Modes Table 2-5 describes how to navigate through the CLI Command Mode hierarchy.
2CSPC4.XModular-SWUM201.book Page 182 Monday, October 3, 2011 2:21 PM Table 2-5. Navigating CLI Command Modes Command Mode Access Method Command Prompt User EXEC The user is automatically in User EXEC mode unless the user is defined as a privileged user. console> Exit or Access Previous Mode logout console# Privileged EXEC Use the enable command to enter into this mode. This mode is password protected. Use the exit command, or press + to return to the User EXEC mode.
2CSPC4.XModular-SWUM201.book Page 183 Monday, October 3, 2011 2:21 PM Command Mode Access Method Policy-Class-Map From Global Configuration mode, use the policy-map class command. Class-Map Command Prompt Exit or Access Previous Mode console(config-policyclassmap)# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode. console(config-classmap)# From Global Configuration mode, use the classmap command.
2CSPC4.XModular-SWUM201.book Page 184 Monday, October 3, 2011 2:21 PM Command Mode Access Method SSH Public Key String console(config-pubkey-key)# To return to the From the SSH Public Key- Chain SSH Public keymode, use the userchain mode, use key the exit command, or {rsa | dsa} press command. + to Privileged EXEC mode. TACACS From Global Configuration mode, use the tacacs-server host command.
2CSPC4.XModular-SWUM201.book Page 185 Monday, October 3, 2011 2:21 PM Command Mode Access Method Command Prompt Exit or Access Previous Mode SNMP v3 Host Configuration console(config-snmp)# From Global Configuration mode, use the snmp-server v3-host command. To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode. SNMP Community Configuration From Global Configuration mode, use the snmp-server community command.
2CSPC4.XModular-SWUM201.book Page 186 Monday, October 3, 2011 2:21 PM Command Mode Access Method Stack console(config-stack)# From Global Configuration mode, use the stack command. To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode. Logging From Global Configuration mode, use the logging command. console(config-logging)# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 187 Monday, October 3, 2011 2:21 PM Command Mode Access Method Command Prompt Exit or Access Previous Mode Router OSPF Conf From Global Configuration mode, use the router ospf command. console(config-router)# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode Router RIP Config From Global Configuration mode, use the router rip command.
2CSPC4.XModular-SWUM201.book Page 188 Monday, October 3, 2011 2:21 PM Command Mode Command Prompt Exit or Access Previous Mode Gigabit Ethernet From Global Configuration mode, use the interface gigabitethernet command. Or, use the abbreviation interface gi. console (config-ifGiunit/slot/port# To exit to Global Configuration mode, use the exit command, or press + to Privileged EXEC mode. 10 Gigabit Ethernet From Global Configuration mode, use the interface tengigabitethernet command.
2CSPC4.XModular-SWUM201.book Page 189 Monday, October 3, 2011 2:21 PM Command Mode Access Method Command Prompt Tunnel From Global Configuration mode, use the interface tunnel command. Or, use the abbreviation interface tu. console(config-tunneltunnel- To exit to Global id)# Configuration Loopback Exit or Access Previous Mode mode, use the exit command, or press + to Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 190 Monday, October 3, 2011 2:21 PM Easy Setup Wizard The Easy Setup Wizard guides the user in the basic initial configuration of a newly installed switch so that it can be immediately deployed and functional in its basic operation and be completely manageable through the Web, CLI and the remote Dell Network Manager. After initial setup, the user may enter to the system to set up more advanced configurations.
2CSPC4.XModular-SWUM201.book Page 191 Monday, October 3, 2011 2:21 PM If the user chooses not to use the wizard initially, the session defaults to the CLI mode with a warning to refer the documentation. During a subsequent login, the user may again elect not to run the setup wizard. Once the wizard has established configuration, however, the wizard is presented only if the user resets the switch to the factory default settings.
2CSPC4.XModular-SWUM201.book Page 192 Monday, October 3, 2011 2:21 PM Figure 2-1.
2CSPC4.XModular-SWUM201.book Page 193 Monday, October 3, 2011 2:21 PM Example Session This section describes an Easy Setup Wizard session. Refer to the state diagram in the previous section for general flow. The following values used by the example session are not the only possible ones: • IP address for the VLAN 1 is 192.168.1.2:255.255.255.0. This address is on a different subnet than the OOB interface and in the same subnet as the default gateway.
2CSPC4.XModular-SWUM201.book Page 194 Monday, October 3, 2011 2:21 PM NOTE: In the following Easy Setup Wizard example, the possible user options are enclosed in [ ]. Also, where possible, default values are enclosed in []. If the user enters with no options defined, the default value is accepted. Help text is in parentheses.
2CSPC4.XModular-SWUM201.book Page 195 Monday, October 3, 2011 2:21 PM Network Manager or other management interfaces to change this setting, and to add additional management system later. For more information on adding management systems, see the user documentation. To add a management station: Please enter the SNMP community string to be used. {public}: public Please enter the IP address of the Management System (A.B.C.D) or wildcard (0.0.0.0) to manage from any Management Station. {0.0.0.0}: 192.
2CSPC4.XModular-SWUM201.book Page 196 Monday, October 3, 2011 2:21 PM Optionally you may request that the system automatically retrieve an IP address from the network via DHCP (this requires that you have a DHCP server running on the network). To setup an IP address: Please enter the IP address of the device (A.B.C.D) or enter "DHCP" (without the quotes) to automatically request an IP address from the network DHCP server. 192.168.1.2 Please enter the IP subnet mask (A.B.C.D or /nn): 255.255.255.
2CSPC4.XModular-SWUM201.book Page 197 Monday, October 3, 2011 2:21 PM Thank you for using the Dell Easy Setup Wizard. You will now enter CLI mode. ..... console> Using CLI Functions and Tools The CLI has been designed to manage the switch’s configuration file system and to manage switch security. A number of resident tools exist to support these and other functions. Configuration Management All managed systems have software images and databases that must be configured, backed up and restored.
2CSPC4.XModular-SWUM201.book Page 198 Monday, October 3, 2011 2:21 PM Table 2-6. File System Commands Command Description delete file Deletes file. filedescr file description Adds a description to a file (up to 20 characters can be used). copy source destination Copies a file from source file to destination file. Copying Files The copy command not only provides a method for copying files within the file system, but also to and from remote servers.
2CSPC4.XModular-SWUM201.book Page 199 Monday, October 3, 2011 2:21 PM Special System Files The following special filenames are used to refer to special virtual system files, which are under control of the system and may not be removed or added. These file names are reserved and may not be used as user-defined files. When the user copies a local source file into one of these special files and the source file has an attached file description, it also is copied as the file description for the special file.
2CSPC4.XModular-SWUM201.book Page 200 Monday, October 3, 2011 2:21 PM • The CLI is accessible from remote telnet through the IP address for the switch. IP addresses are assigned separately for the service port and the inband ports. • The CLI is accessible from a secure shell interface. • The CLI generates keys for SSH locally. • The serial session defaults to 9600 baud rate, eight data bits, non-parity and one stop bit.
2CSPC4.XModular-SWUM201.book Page 201 Monday, October 3, 2011 2:21 PM User Access Control In addition to authenticating a user, the CLI also assigns the user access to one of two security levels. Level 1 has read-only access. This level allow the user to read information but not configure the switch. The access to this level cannot be modified. Level 15 is the special access level assigned to the superuser of the switch.
2CSPC4.XModular-SWUM201.book Page 202 Monday, October 3, 2011 2:21 PM Syslogs The CLI uses syslog support to send logging messages to a remote syslog server. The user configures the switch to generate all logging messages to a remote log server. If no remote log server exists, then the CLI maintains a rolling log of at most the last 1000 critical system events.
2CSPC4.XModular-SWUM201.book Page 203 Monday, October 3, 2011 2:21 PM this case, the CLI suppresses repeated events from the same source and instead the CLI records one event within a period of time and includes that count as part of the log. Management ACL In addition to user access control, the system also manages access for in-band interfaces. The system allows individual hosts or subnets to access only specific management protocols.
2CSPC4.XModular-SWUM201.book Page 204 Monday, October 3, 2011 2:21 PM • Operational code date • The board type • The CPU • Memory size To start the normal booting process, select item 1 in the Boot Menu. The following is a sample log for booting information. Boot Menu 4.1.0.6 CPU Card ID: 0x508548 CFI Probe: Found 2x16 devices in x16 mode /DskVol// - disk check in progress ...
2CSPC4.XModular-SWUM201.book Page 205 Monday, October 3, 2011 2:21 PM current volume configuration: - volume label: - volume Id: NO LABEL ; (in boot sector: ) 0xbb - total number of sectors: 124,408 - bytes per sector: 512 - # of sectors per cluster: 4 - # of reserved sectors: - FAT entry size: 1 FAT16 - # of sectors per FAT copy: 122 - # of FAT table copies: 2 - # of hidden sectors: 8 - first cluster is in sector # 260 - Update last access date for open-read-close = FALSE Boot Menu 4.1.0.
2CSPC4.XModular-SWUM201.book Page 206 Monday, October 3, 2011 2:21 PM Bulk Class Driver Successfully Initialized Adding 0 symbols for standalone.
2CSPC4.XModular-SWUM201.book Page 207 Monday, October 3, 2011 2:21 PM PCI unit 0: Dev 0xb634, Rev 0x11, Chip BCM56634_B0, Driver BCM56634_B0 SOC unit 0 attached to PCI device BCM56634_B0 soc_reset_bcm56634_a0: TCAM PLL not locked. Adding BCM transport pointers Configuring CPUTRANS TX Configuring CPUTRANS RX hpc - No stack ports. Starting in stand-alone mode. Instantiating /download as rawFs, device = 0x20001 Formatting /download for DOSFS Instantiating /download as rawFs, device = 0x20001 Formatting...OK.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 209 Monday, October 3, 2011 2:21 PM 6 - 38400 7 - 57600 8 - 115200 0 - no change Baud rate is not changed [Boot Menu] 3 Sending event log, start XMODEM receive..... File asciilog.bin Ready to SEND in binary mode Estimated File Size 0K, 12 Sectors, 89 Bytes Estimated transmission time 14 seconds Send several Control-X characters to cancel before transfer starts. [Boot Menu] 4 Ready to receive the file with XMODEM/CRC.... Ready to RECEIVE File xcode.
2CSPC4.XModular-SWUM201.book Page 210 Monday, October 3, 2011 2:21 PM The following image is in the Flash File System: File Name......................................image2 CRC............................................0x3431 (13361) Target Device..................................0x00508548 Size...........................................0xc178 dc (12679388) Number of Components...........................3 Operational Code Size..........................0xa73af4 (10959604) Operational Code Offset.........
2CSPC4.XModular-SWUM201.book Page 211 Monday, October 3, 2011 2:21 PM Boot Code CRC..................................0x578 VPD - rel 4 ver 1 maint_lvl 0 build_num 6 Timestamp - Mon Feb 28 16:43:14 2011 File - PC7000_M6348v4.1.0.6.opr [Boot Menu] 6 [Boot Menu] 7 Do you wish to update Boot Code and reset? (y/n) y Validating image2....OK Extracting boot code from image...CRC valid Erasing Boot Flash.....Done. Wrote 0x10000 bytes. Wrote 0x20000 bytes. Wrote 0x30000 bytes. Wrote 0x40000 bytes.
2CSPC4.XModular-SWUM201.book Page 212 Monday, October 3, 2011 2:21 PM Wrote 0xa0000 bytes. Wrote 0xb0000 bytes. Wrote 0xc0000 bytes. Wrote 0xd0000 bytes. Wrote 0xe0000 bytes. Wrote 0xf0000 bytes. Wrote 0x100000 bytes. Validating Flash.....Passed Flash update completed. Rebooting... CPU Card ID: 0x508548 CFI Probe: Found 2x16 devices in x16 mode /DskVol// - disk check in progress ...
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 214 Monday, October 3, 2011 2:21 PM 2 - Start Boot Menu. Select (1, 2):2 Boot Menu 4.1.0.
2CSPC4.XModular-SWUM201.book Page 215 Monday, October 3, 2011 2:21 PM [Boot Menu] 10 Are you SURE you want to delete the configuration? (y/n):y [Boot Menu] 11 Backup image - image1 activated. [Boot Menu] 12 Operational Code Date: Mon Feb 28 16:43:14 2011 Uncompressing..... Bulk Class Driver Successfully Initialized Adding 0 symbols for standalone.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 217 Monday, October 3, 2011 2:21 PM PCI unit 0: Dev 0xb634, Rev 0x11, Chip BCM56634_B0, Driver BCM56634_B0 SOC unit 0 attached to PCI device BCM56634_B0 soc_reset_bcm56634_a0: TCAM PLL not locked. Adding BCM transport pointers Configuring CPUTRANS TX Configuring CPUTRANS RX Instantiating /download as rawFs, device = 0x20001 Formatting /download for DOSFS Instantiating /download as rawFs, device = 0x20001 Formatting...OK. <186> NOV 15 10:03:48 0.0.0.
2CSPC4.XModular-SWUM201.book Page 218 Monday, October 3, 2011 2:21 PM Welcome to Dell Easy Setup Wizard The setup wizard guides you through the initial switch configuration, and gets you up and running as quickly as possible. You can skip the setup wizard, and enter CLI mode to manually configure the switch. You must respond to the next question to run the setup wizard within 60 seconds, otherwise the system will continue with normal operation using the default system configuration.
2CSPC4.XModular-SWUM201.book Page 219 Monday, October 3, 2011 2:21 PM console#reload Management switch has unsaved changes. Are you sure you want to continue? (y/n) y Configuration Not Saved! Are you sure you want to reload the stack? (y/n) y Reloading all switches. Boot Menu 4.1.0.6 CPU Card ID: 0x508548 CFI Probe: Found 2x16 devices in x16 mode /DskVol// - disk check in progress ... /DskVol//files /DskVol//files/image2 /DskVol//files/boot.dim /DskVol//files/crashdump.ctl /DskVol//files/dh512.
2CSPC4.XModular-SWUM201.book Page 220 Monday, October 3, 2011 2:21 PM /DskVol//files/ssh_host_key /DskVol//files/ssh_host_dsa_key /DskVol//files/ssh_host_rsa_key /DskVol//files/log2.bin /DskVol//files/hpc_broad.cfg /DskVol//files/slog0.txt /DskVol//files/olog0.txt /DskVol//files/sslt.
2CSPC4.XModular-SWUM201.book Page 221 Monday, October 3, 2011 2:21 PM - volume Id: 0x79 - total number of sectors: - bytes per sector: 124,408 512 - # of sectors per cluster: 4 - # of reserved sectors: - FAT entry size: 1 FAT16 - # of sectors per FAT copy: - # of FAT table copies: 122 2 - # of hidden sectors: 8 - first cluster is in sector # 260 - Update last access date for open-read-close = FALSE Boot Menu 4.1.0.6 Select an option.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 223 Monday, October 3, 2011 2:21 PM copying file /DskVol/files/boot.dim -> /RamDisk/boot.dim copying file /DskVol/files/dh512.pem -> /RamDisk/dh512.pem copying file /DskVol/files/dh1024.pem -> /RamDisk/dh1024.pem copying file /DskVol/files/sslt_cert1.pem -> /RamDisk/sslt_cert1.pem copying file /DskVol/files/sslt_key1.pem -> /RamDisk/sslt_key1.
2CSPC4.XModular-SWUM201.book Page 224 Monday, October 3, 2011 2:21 PM ssh_host_key 0:20:24 517 5/30/113 ssh_host_dsa_key 0:20:24 672 5/30/113 ssh_host_rsa_key 0:20:24 887 5/30/113 Filesystem size 25484288 Bytes used 12683956 Bytes free 12800332 Erasing FFS: CFI Probe: Found 2x16 devices in x16 mode Formatted 1 of 251 units = 0.3 % Formatted 2 of 251 units = 0.7 % Formatted 3 of 251 units = 1.1 % Formatted 4 of 251 units = 1.5 % Formatted 5 of 251 units = 1.9 % Formatted 6 of 251 units = 2.
2CSPC4.XModular-SWUM201.book Page 225 Monday, October 3, 2011 2:21 PM Formatted 17 of 251 units = 6.7 % Formatted 18 of 251 units = 7.1 % Formatted 19 of 251 units = 7.5 % Formatted 20 of 251 units = 7.9 % Formatted 21 of 251 units = 8.3 % Formatted 22 of 251 units = 8.7 % Formatted 23 of 251 units = 9.1 % Formatted 24 of 251 units = 9.5 % Formatted 25 of 251 units = 9.9 % Formatted 26 of 251 units = 10.3 % Formatted 27 of 251 units = 10.7 % Formatted 28 of 251 units = 11.
2CSPC4.XModular-SWUM201.book Page 226 Monday, October 3, 2011 2:21 PM Formatted 43 of 251 units = 17.1 % Formatted 44 of 251 units = 17.5 % Formatted 45 of 251 units = 17.9 % Formatted 46 of 251 units = 18.3 % Formatted 47 of 251 units = 18.7 % Formatted 48 of 251 units = 19.1 % Formatted 49 of 251 units = 19.5 % Formatted 50 of 251 units = 19.9 % Formatted 51 of 251 units = 20.3 % Formatted 52 of 251 units = 20.7 % Formatted 53 of 251 units = 21.1 % Formatted 54 of 251 units = 21.
2CSPC4.XModular-SWUM201.book Page 227 Monday, October 3, 2011 2:21 PM Formatted 69 of 251 units = 27.4 % Formatted 70 of 251 units = 27.8 % Formatted 71 of 251 units = 28.2 % Formatted 72 of 251 units = 28.6 % Formatted 73 of 251 units = 29.0 % Formatted 74 of 251 units = 29.4 % Formatted 75 of 251 units = 29.8 % Formatted 76 of 251 units = 30.2 % Formatted 77 of 251 units = 30.6 % Formatted 78 of 251 units = 31.0 % Formatted 79 of 251 units = 31.4 % Formatted 80 of 251 units = 31.
2CSPC4.XModular-SWUM201.book Page 228 Monday, October 3, 2011 2:21 PM Formatted 95 of 251 units = 37.8 % Formatted 96 of 251 units = 38.2 % Formatted 97 of 251 units = 38.6 % Formatted 98 of 251 units = 39.0 % Formatted 99 of 251 units = 39.4 % Formatted 100 of 251 units = 39.8 % Formatted 101 of 251 units = 40.2 % Formatted 102 of 251 units = 40.6 % Formatted 103 of 251 units = 41.0 % Formatted 104 of 251 units = 41.4 % Formatted 105 of 251 units = 41.8 % Formatted 106 of 251 units = 42.
2CSPC4.XModular-SWUM201.book Page 229 Monday, October 3, 2011 2:21 PM Formatted 121 of 251 units = 48.2 % Formatted 122 of 251 units = 48.6 % Formatted 123 of 251 units = 49.0 % Formatted 124 of 251 units = 49.4 % Formatted 125 of 251 units = 49.8 % Formatted 126 of 251 units = 50.1 % Formatted 127 of 251 units = 50.5 % Formatted 128 of 251 units = 50.9 % Formatted 129 of 251 units = 51.3 % Formatted 130 of 251 units = 51.7 % Formatted 131 of 251 units = 52.1 % Formatted 132 of 251 units = 52.
2CSPC4.XModular-SWUM201.book Page 230 Monday, October 3, 2011 2:21 PM Formatted 147 of 251 units = 58.5 % Formatted 148 of 251 units = 58.9 % Formatted 149 of 251 units = 59.3 % Formatted 150 of 251 units = 59.7 % Formatted 151 of 251 units = 60.1 % Formatted 152 of 251 units = 60.5 % Formatted 153 of 251 units = 60.9 % Formatted 154 of 251 units = 61.3 % Formatted 155 of 251 units = 61.7 % Formatted 156 of 251 units = 62.1 % Formatted 157 of 251 units = 62.5 % Formatted 158 of 251 units = 62.
2CSPC4.XModular-SWUM201.book Page 231 Monday, October 3, 2011 2:21 PM Formatted 173 of 251 units = 68.9 % Formatted 174 of 251 units = 69.3 % Formatted 175 of 251 units = 69.7 % Formatted 176 of 251 units = 70.1 % Formatted 177 of 251 units = 70.5 % Formatted 178 of 251 units = 70.9 % Formatted 179 of 251 units = 71.3 % Formatted 180 of 251 units = 71.7 % Formatted 181 of 251 units = 72.1 % Formatted 182 of 251 units = 72.5 % Formatted 183 of 251 units = 72.9 % Formatted 184 of 251 units = 73.
2CSPC4.XModular-SWUM201.book Page 232 Monday, October 3, 2011 2:21 PM Formatted 199 of 251 units = 79.2 % Formatted 200 of 251 units = 79.6 % Formatted 201 of 251 units = 80.0 % Formatted 202 of 251 units = 80.4 % Formatted 203 of 251 units = 80.8 % Formatted 204 of 251 units = 81.2 % Formatted 205 of 251 units = 81.6 % Formatted 206 of 251 units = 82.0 % Formatted 207 of 251 units = 82.4 % Formatted 208 of 251 units = 82.8 % Formatted 209 of 251 units = 83.2 % Formatted 210 of 251 units = 83.
2CSPC4.XModular-SWUM201.book Page 233 Monday, October 3, 2011 2:21 PM Formatted 225 of 251 units = 89.6 % Formatted 226 of 251 units = 90.0 % Formatted 227 of 251 units = 90.4 % Formatted 228 of 251 units = 90.8 % Formatted 229 of 251 units = 91.2 % Formatted 230 of 251 units = 91.6 % Formatted 231 of 251 units = 92.0 % Formatted 232 of 251 units = 92.4 % Formatted 233 of 251 units = 92.8 % Formatted 234 of 251 units = 93.2 % Formatted 235 of 251 units = 93.6 % Formatted 236 of 251 units = 94.
2CSPC4.XModular-SWUM201.book Page 234 Monday, October 3, 2011 2:21 PM Formatted 251 of 251 units = 100.
2CSPC4.XModular-SWUM201.book Page 235 Monday, October 3, 2011 2:21 PM - # of reserved sectors: - FAT entry size: 1 FAT16 - # of sectors per FAT copy: - # of FAT table copies: - # of hidden sectors: 122 2 8 - first cluster is in sector # 260 - Update last access date for open-read-close = FALSE done . ..
2CSPC4.XModular-SWUM201.book Page 236 Monday, October 3, 2011 2:21 PM copying file /RamDisk/boot.dim -> /DskVol/files/boot.dim copying file /RamDisk/dh512.pem -> /DskVol/files/dh512.pem copying file /RamDisk/dh1024.pem -> /DskVol/files/dh1024.pem copying file /RamDisk/sslt_cert1.pem -> /DskVol/files/sslt_cert1.pem copying file /RamDisk/sslt_key1.pem -> /DskVol/files/sslt_key1.
2CSPC4.XModular-SWUM201.book Page 237 Monday, October 3, 2011 2:21 PM sslt_key1.pem 5:09:30 887 6/2/113 ssh_host_key 0:20:24 517 5/30/113 ssh_host_dsa_key 0:20:24 672 5/30/113 ssh_host_rsa_key 0:20:24 887 5/30/113 Filesystem size 63567872 Bytes used 12683956 Bytes free 50883916 [Boot Menu] Monitoring Traps from CLI It is possible to connect to the CLI session and monitor the events or faults that are being sent as traps from the system.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 239 Monday, October 3, 2011 2:21 PM Layer 2 Switching Commands 3 The chapters that follow describe commands that conform to the OSI model data link layer (Layer 2). Layer 2 commands provide a logical organization for transmitting data bits on a particular medium. This layer defines the framing, addressing, and checksum functions for Ethernet packets.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 241 Monday, October 3, 2011 2:21 PM 4 AAA Commands Management access to the switch is via telnet, HTTP, SSH, or the serial console (SNMP access is discussed in SNMP Commands). To ensure that only authorized users can access and change the configuration of the switch, users must be authenticated.
2CSPC4.XModular-SWUM201.book Page 242 Monday, October 3, 2011 2:21 PM support the concept of timeout, subsequent entries in the list are never attempted. For example, the local authentication method implementation does not supply a time-out value. If a list contains the local method, followed by the radius authentication method, the radius method is not attempted.
2CSPC4.XModular-SWUM201.book Page 243 Monday, October 3, 2011 2:21 PM Syntax aaa authentication dot1x default {radius| ias|local|none} no aaa authentication dot1x default Parameter Description Parameter Description radius Uses the list of all authentication servers for authentication. ias Uses the internal authentication server. local Use the local authentication method. none Uses no authentication. Default Configuration No default authentication method is defined.
2CSPC4.XModular-SWUM201.book Page 244 Monday, October 3, 2011 2:21 PM console(config)#aaa authentication dot1x default radius aaa authentication enable Use the aaa authentication enable command in Global Configuration mode to set authentication for accessing higher privilege levels. To return to the default configuration, use the no form of this command. Syntax aaa authentication enable {default | list-name} method1 [method2...
2CSPC4.XModular-SWUM201.book Page 245 Monday, October 3, 2011 2:21 PM User Guidelines The default and optional list names created with the aaa authentication enable command are used with the enable authentication command. Create a list by entering the aaa authentication enable list-name method command where list-name is any character string used to name this list. The method argument identifies the list of methods that the authentication algorithm tries in the given sequence.
2CSPC4.XModular-SWUM201.book Page 246 Monday, October 3, 2011 2:21 PM no aaa authentication login {default | list-name} • default — Uses the listed authentication methods that follow this argument as the default list of methods when a user logs in. • list-name — Character string used to name the list of authentication methods activated when a user logs in. (Range: 1-15 characters) • method1 [method2...
2CSPC4.XModular-SWUM201.book Page 247 Monday, October 3, 2011 2:21 PM the final method in the command line. For example, if none is specified as an authentication method after radius, no authentication is used if the RADIUS server is down. Example The following example configures authentication login.
2CSPC4.XModular-SWUM201.book Page 248 Monday, October 3, 2011 2:21 PM aaa ias-user username Use the aaa ias-user username command in Global Configuration mode to configure IAS users and their attributes. Username and password attributes are supported. The ias-user name is composed of up to 64 alphanumeric characters. This command also changes the mode to a user config mode. Use the no form of this command to remove the user from the internal user database.
2CSPC4.XModular-SWUM201.book Page 249 Monday, October 3, 2011 2:21 PM aaa new-model The aaa new-model command in Global Configuration mode is a no-op command. It is present only for compatibility purposes. PowerConnect switches only support the new model command set. Syntax aaa new-model Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 250 Monday, October 3, 2011 2:21 PM Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 251 Monday, October 3, 2011 2:21 PM Command Mode Line Configuration mode User Guidelines Use of the no form of the command does not disable authentication. Instead, it sets the authentication list to the default list (same as enable authentication default). Example The following example specifies the default authentication method when accessing a higher privilege level console.
2CSPC4.XModular-SWUM201.book Page 252 Monday, October 3, 2011 2:21 PM User Guidelines The 4.x firmware emulates industry standard behavior for enable mode authentication over SSH and telnet. In 4.x, the default enable authentication method for telnet and SSH uses the enableNetList method, which requires an enable password. If users are unable to enter privileged mode when accessing the switch via telnet or SSH, the administrator will need to either change the enable authentication method, e.g.
2CSPC4.XModular-SWUM201.book Page 253 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line. For example, if none is specified as an authentication method after radius, no authentication is used if the RADIUS server is down.
2CSPC4.XModular-SWUM201.book Page 254 Monday, October 3, 2011 2:21 PM Default Configuration The local user database is checked. This action has the same effect as the command ip https authentication local. Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify none as the final method in the command line.
2CSPC4.XModular-SWUM201.book Page 255 Monday, October 3, 2011 2:21 PM Command Mode Line Configuration mode User Guidelines This command has no user guidelines. Example The following example specifies the default authentication method for a console. console(config)# line console console(config-line)# login authentication default password (aaa IAS User Configuration) Use the password command in aaa IAS User Configuration mode to configure a password for a user.
2CSPC4.XModular-SWUM201.book Page 256 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 257 Monday, October 3, 2011 2:21 PM Default Configuration No password is specified. Command Mode Line Configuration mode User Guidelines This command has no user guidelines. Example The following example specifies a password "mcmxxyyy" on a line. console(config-line)# password mcmxxyyy password (User EXEC) Use the password command in User EXEC mode to allow a currently logged in user to change the password for only that user without having read/write privileges.
2CSPC4.XModular-SWUM201.book Page 258 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example shows the prompt sequence for executing the password command. console>password Enter old password:******** Enter new password:******** Confirm new password:******** show aaa ias-users Use the show aaa ias-users command in Privileged EXEC mode to display configured IAS users and their attributes.
2CSPC4.XModular-SWUM201.book Page 259 Monday, October 3, 2011 2:21 PM Example console#show aaa ias-users UserName ------------------Client-1 Client-2 Following are the IAS configuration commands shown in the output of the show running-config command. Passwords shown in the command output are always encrypted.
2CSPC4.XModular-SWUM201.book Page 260 Monday, October 3, 2011 2:21 PM Example The following example displays the authentication configuration.
2CSPC4.XModular-SWUM201.book Page 261 Monday, October 3, 2011 2:21 PM Syntax show users accounts Parameter Description The following fields are displayed by this command. Parameter Description User Name Local user account’s user name. Privilege User’s access level (read only or read/write). Lockout Status Indicates whether the user account is locked out or not. Password Expiration Date Current password expiration date in date format. Lockout Displays the user’s lockout status (True or False).
2CSPC4.XModular-SWUM201.book Page 262 Monday, October 3, 2011 2:21 PM admin 15 --- --- False guest 15 --- --- False brcm1 1 --- --- False console#show users accounts long User Name -----------asd thisisaverylongusernameitisquitelong show users login-history Use the show users login-history command in Global Configuration mode to display information about the login history of users. Syntax show users login-history [long] • name — name of user.
2CSPC4.XModular-SWUM201.book Page 263 Monday, October 3, 2011 2:21 PM console#show users login-history Login Time Username Protocol Location -------------------- --------- --------- ----------- Jan 19 2005 08:23:48 Bob Serial Jan 19 2005 08:29:29 Robert HTTP 172.16.0.8 Jan 19 2005 08:42:31 John SSH 172.16.0.1 Jan 19 2005 08:49:52 Betty Telnet 172.16.1.7 username Use the username command in Global Configuration mode to add a new user to the local user database.
2CSPC4.XModular-SWUM201.book Page 264 Monday, October 3, 2011 2:21 PM Parameter Description level The user level. Level 0 can be assigned by a level 15 user to another user to suspend that user’s access. Range: 0-15. Enter access level 1 for Read Access or 15 for Read/Write Access. encrypted Encrypted password entered, copied from another switch configuration. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 265 Monday, October 3, 2011 2:21 PM exactly 128 hexadecimal characters. The user represented by the username parameter must be a pre-existing local user. If the password strength feature is enabled, it checks for password strength and returns an appropriate error if it fails to meet the password strength criteria. Syntax username name password password [level level] [encrypted] Parameter Description This command does not require a parameter description.
2CSPC4.XModular-SWUM201.book Page 266 Monday, October 3, 2011 2:21 PM Message Type Reason behind the failure Message Description 1 Exceeds Minimum Length of a Password. Password should be in the range of 8-64 characters in length. Set minimum password length to 0 by using the passwords min-length 0 command.
2CSPC4.XModular-SWUM201.book Page 267 Monday, October 3, 2011 2:21 PM Syntax username username unlock Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 269 Monday, October 3, 2011 2:21 PM 5 ACL Commands Access to a switch or router can be made more secure through the use of Access Control Lists (ACLs) to control the type of traffic allowed into or out of specific ports. An ACL consists of a series of rules, each of which describes the type of traffic to be processed and the actions to take for packets that meet the classification criteria. Rules within an ACL are evaluated sequentially until a match is found, if any.
2CSPC4.XModular-SWUM201.book Page 270 Monday, October 3, 2011 2:21 PM classifier rule. The ACL logging feature allows these hardware hit counts to be collected on a per-rule basis and reported periodically to the network administrator using the system logging facility and an SNMP trap. The PowerConnect ACL permit/deny rule specification supports a log parameter that enables hardware hit count collection and reporting.
2CSPC4.XModular-SWUM201.book Page 271 Monday, October 3, 2011 2:21 PM Table 5-1. Common Ethertypes EtherType Protocol 0x0800 Internet Protocol version 4 (IPv4) 0x0806 Address Resolution Protocol (ARP) 0x0842 Wake-on LAN Packet 0x8035 Reverse Address Resolution Protocol (RARP) 0x8100 VLAN tagged frame (IEEE 802.1Q) 0x86DD Internet Protocol version 6 (IPv6) 0x8808 MAC Control 0x8809 Slow Protocols (IEEE 802.3) 0x8870 Jumbo frames 0x888E EAP over LAN (EAPOL – 802.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 273 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description list-name Access-list name up to 31 characters in length. deny | permit Specifies whether the IP ACL rule permits or denies an action. every Allows all protocols. eq Equal. Refers to the Layer 4 port number being used as match criteria. The first reference is source match criteria, the second is destination match criteria. number Standard protocol number.
2CSPC4.XModular-SWUM201.book Page 274 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines Access list names can consist of any printable character. Names can be up to 31 characters in length. Examples The following examples create an ACL to discard any HTTP traffic from 192.168.77.171, but allow all other traffic from 192.168.77.171: console(config)#access-list alpha deny ip 192.168.77.171 0.0.0.0 0.0.0.0 255.255.255.
2CSPC4.XModular-SWUM201.book Page 275 Monday, October 3, 2011 2:21 PM {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | number} srcip srcmask [{eq {portkey | 0-65535} dstip dstmask [{eq {portkey| 0-65535}] [precedence precedence | tos tos tosmask | dscp dscp] [log] [time-range time-range-name] [assign-queue queue-id] [{mirror | redirect} interface-id] Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 276 Monday, October 3, 2011 2:21 PM Ethertype Protocol 0x8809 Slow Protocols (IEEE 802.3) 0x8870 Jumbo frames 0x888E EAP over LAN (EAPOL – 802.1x) 0x88CC Link Layer Discovery Protocol 0x8906 Fibre Channel over Ethernet 0x8914 FCoE Initialization Protocol 0x9100 Q in Q deny | permit (Mac-Access-List-Configuration) Use the deny command in Mac-Access-List Configuration mode to deny traffic if the conditions defined in the deny statement are matched.
2CSPC4.XModular-SWUM201.book Page 277 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description srcmac Valid source MAC address in format xxxx.xxxx.xxxx. srcmacmask Valid MAC address bitmask for the source MAC address in format xxxx.xxxx.xxxx. any Packets sent to or received from any MAC address dstmac Valid destination MAC address in format xxxx.xxxx.xxxx. destmacmask Valid MAC address bitmask for the destination MAC address in format xxxx.xxxx.xxxx.
2CSPC4.XModular-SWUM201.book Page 278 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Mac-Access-List Configuration mode User Guidelines The no form of this command is not supported, as the rules within an ACL cannot be deleted individually. Rather the entire ACL must be deleted and respecified. The assign-queue and redirect parameters are only valid for permit commands.
2CSPC4.XModular-SWUM201.book Page 279 Monday, October 3, 2011 2:21 PM • direction — Direction of the ACL. (Range: in or out. Default is in.) • seqnum — Precedence for this interface and direction. A lower sequence number has higher precedence. Range: 1 – 4294967295. Default is1. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 280 Monday, October 3, 2011 2:21 PM • direction — Only the in-bound direction is supported. • sequence — Order of access list relative to other access lists already assigned to this interface and direction. (Range: 1-4294967295) Default Configuration The default direction is in (in-bound).
2CSPC4.XModular-SWUM201.book Page 281 Monday, October 3, 2011 2:21 PM Syntax mac access-list extended name no mac access-list extended name • name — Name of the access list. (Range: 1-31 characters) Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Use this command to create a mac access control list. The CLI mode is changed to Mac-Access-List Configuration when this command is successfully executed.
2CSPC4.XModular-SWUM201.book Page 282 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines Command fails if the new name is the same as the old one. Example The following example shows the mac access-list extended rename command. console(config)#mac access-list extended rename DELL1 DELL2 service-acl input Use the service-acl input command in Interface Configuration mode to block Link Local Protocol Filtering (LLPF) protocol(s) on a given port.
2CSPC4.XModular-SWUM201.book Page 283 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Interface Configuration (Ethernet, Port-channel) User Guidelines To specify multiple protocols, enter the protocol parameters together on the command line, separated by spaces. This command can only be entered once per interface if no intervening no service-acl input command has been entered.
2CSPC4.XModular-SWUM201.book Page 284 Monday, October 3, 2011 2:21 PM Example console#show service-acl interface gi1/0/1 Block CDP................................ Enable Block VTP.................................Enable Block DTP..................................Enable Block UDLD................................ Enable Block PAGP.................................Enable Block SSTP................................ Enable Block All.................................
2CSPC4.XModular-SWUM201.book Page 285 Monday, October 3, 2011 2:21 PM Examples The following example displays IP ACLs configured on a device. console#show ip access-lists Current number of ACLs: 2 ACL Name Vlan(s) Maximum number of ACLs: 100 Rules Interface(s) ----------------------------------------------------ACL40 1 ACL41 1 show mac access-list Use the show mac access-list command in Privileged EXEC mode to display a MAC access list and all of the rules that are defined for the MAC ACL.
2CSPC4.XModular-SWUM201.book Page 286 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays a MAC access list and all associated rules. console#show mac access-list DELL123 The command output provides the following information: Fields Description MAC ACL Name The name of the MAC access list. Rules The number of user-configured rules defined for the MAC ACL.
2CSPC4.XModular-SWUM201.book Page 287 Monday, October 3, 2011 2:21 PM Address Table Commands 6 Static MAC Filtering allows the administrator to add a number of unicast or multicast MAC addresses directly to the forwarding database. This is typically a small number relative to the total size of the database. Associated with each static MAC address is a set of source ports, a set of destination ports and VLAN information.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 289 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In this example, the mac address-table tables are cleared. console#clear mac address-table dynamic mac address-table aging-time Use the mac address-table aging-time command in Global Configuration mode to set the aging time of the address.
2CSPC4.XModular-SWUM201.book Page 290 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In this example the MAC Address Table aging time is set to 400. console(config)#mac address-table aging-time 400 mac address-table multicast filtering Use the mac address-table multicast filtering command in Global Configuration mode to enable filtering of Multicast addresses.
2CSPC4.XModular-SWUM201.book Page 291 Monday, October 3, 2011 2:21 PM User Guidelines If switches exist on the VLAN, and IGMP snooping is not enabled, use the mac address-table multicast forward-all command to enable forwarding all Multicast packets to the Multicast routers.
2CSPC4.XModular-SWUM201.book Page 292 Monday, October 3, 2011 2:21 PM Parameter Description mac-multicastaddress MAC Multicast address in the format xxxx.xxxx.xxxx. ip-multicast-address IP Multicast address. interface-list Specify a comma separated list of interfaces, a range of interfaces, or a combination of both. Interfaces can be portchannel numbers or physical ports in unit/slot/port format. Default Configuration No forbidden addresses are defined.
2CSPC4.XModular-SWUM201.book Page 293 Monday, October 3, 2011 2:21 PM no mac address-table multicast forbidden forward-unregistered vlan vlan-id Parameter Description Parameter Description vlan vlan-id Valid VLAN ID (Range 1-4093). Default Configuration The default for this command is not forbidden. Command Mode Global configuration mode User Guidelines This command has no user guidelines. Example The following example forbids forwarding unregistered multicast addresses on VLAN8.
2CSPC4.XModular-SWUM201.book Page 294 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description vlan vlan-id A valid VLAN ID (Range 1-4093). Default Configuration Forward-unregistered. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example In this example, all VLAN1 Multicast packets are forwarded.
2CSPC4.XModular-SWUM201.book Page 295 Monday, October 3, 2011 2:21 PM Default Configuration Forward-unregistered Command Mode Global Configuration mode User Guidelines If routers exist on the VLAN, do not change the unregistered multicast addresses state to drop on the routers ports. NOTE: Do not use the mac address-table multicast forbidden forward-unregistered command with the mac address-table multicast forward-unregistered command on the same interface.
2CSPC4.XModular-SWUM201.book Page 296 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description add Adds ports to the group. If no option is specified, this is the default option. remove Removes ports from the group. vlan vlan-id Valid vlan ID (1-4093). mac-multicastaddress MAC multicast address in the format xxxx.xxxx.xxxx. ip-multicast-address IP multicast address.
2CSPC4.XModular-SWUM201.book Page 297 Monday, October 3, 2011 2:21 PM console(config)# mac address-table vlan 8 multicast static 0100.5e02.0203 add interface gigabitethernet 1/0/1-9, 1/0/2 mac address-table static Use the mac address-table static command in Global Configuration mode to add a static MAC-layer station source address to the bridge table. To delete the MAC address, use the no form of the mac address-table static command.
2CSPC4.XModular-SWUM201.book Page 298 Monday, October 3, 2011 2:21 PM Example The following example adds a permanent static MAC-layer station source address 3aa2.64b3.a245 to the MAC address table. console(config)# mac address-table static 3AA2.64B3.A245 vlan 1 interface gigabitethernet 1/0/8 port security Use the port security command in Interface Configuration mode to disable the learning of new addresses on an interface. To enable new address learning, use the no form of the port security command.
2CSPC4.XModular-SWUM201.book Page 299 Monday, October 3, 2011 2:21 PM console(config)#interface gigabitethernet 1/0/1 console(config-if-1/0/1)#port security trap 100 port security max Use the port security max command in Interface Configuration mode to configure the maximum addresses that can be learned on the port while the port is in port security mode. To return to the system default, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 300 Monday, October 3, 2011 2:21 PM Syntax show mac address-table multicast [vlan vlan-id] [address {mac-multicastaddress | ip-multicast-address}] [format {ip | mac}] • vlan_id — A valid VLAN ID value. • mac-multicast-address — A valid MAC Multicast address. • ip- multicast-address — A valid IP Multicast address. • format — Multicast address format. Can be ip or mac. Default Configuration If format is unspecified, the default is mac.
2CSPC4.XModular-SWUM201.book Page 301 Monday, October 3, 2011 2:21 PM Example In this example, Multicast MAC address table information is displayed. console#show mac address-table multicast Vlan MAC Address ----1 ------------------- Type ------- 0100.5E05.0505 Ports ------------------ Static Forbidden ports for multicast addresses: Vlan MAC Address ---- ----------------------- 1 Ports --------------------------- 0100.5E05.
2CSPC4.XModular-SWUM201.book Page 302 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example In this example, the Multicast configuration for VLAN 1 is displayed. console#show mac address-table filtering 1 Filtering: Enabled VLAN: 1 Mode: Forward-Unregistered show mac address-table Use the show mac address-table command in User EXEC or Privileged EXEC mode to display all entries in the bridge-forwarding database.
2CSPC4.XModular-SWUM201.book Page 303 Monday, October 3, 2011 2:21 PM Example In this example, all classes of entries in the mac address-table are displayed. console#show mac address-table Aging time is 300 Sec Vlan Mac Address Type Port ---- ---------------- ---------- ----------0 001E.C9AA.AE19 Management CPU Interface: 1 001E.C9AA.AC19 Dynamic Gi1/0/21 1 001E.C9AA.AE1B Management Vl1 10 001E.C9AA.AE1B Management Vl10 10 001E.C9AA.AE1C FIP Dynamic Vl10 90 001E.C9AA.
2CSPC4.XModular-SWUM201.book Page 304 Monday, October 3, 2011 2:21 PM Parameter Description interface-id Display information for a specific interface. Valid interfaces include physical ports and port channels. vlan-id Display entries for the specific VLAN only. The range is 1 to 4093. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 305 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description interface-id Specify an interface type; valid interfaces include physical ports and port channels. vlan-id Specify a valid VLAN, the range is 1 to 4093. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 306 Monday, October 3, 2011 2:21 PM Syntax show mac address-table dynamic [address mac-address] [interface interfaceid] [vlan vlan-id] Parameter Description Parameter Description mac-address A MAC address with the format xxxx.xxxx.xxxx. interface-id Display information for a specific interface. Valid interfaces include physical ports and port channels. vlan-id Display entries for the specific VLAN only. The range is 1 to 4093.
2CSPC4.XModular-SWUM201.book Page 307 Monday, October 3, 2011 2:21 PM 1 0001.02F1.0B33 Dynamic gi1/0/1 show mac address-table interface Use the show mac address-table command in User EXEC or Privileged EXEC mode to display all entries in the mac address-table. Syntax show mac address-table interface interface-id [vlan vlan-id] Parameter Description Parameter Description interface-id Specify an interface type.Valid interfaces include physical ports and port channels. vlan-id Specify a valid VLAN.
2CSPC4.XModular-SWUM201.book Page 308 Monday, October 3, 2011 2:21 PM ---- -------------- ---- ------------- 1 0000.0001.0000 Dynamic gi1/0/1 1 0000.8420.5010 Dynamic gi1/0/1 1 0000.E26D.2C2A Dynamic gi1/0/1 1 0000.E89A.596E Dynamic gi1/0/1 1 0001.02F1.0B33 Dynamic gi1/0/1 show mac address-table static Use the show mac address-table static command in User EXEC or Privileged EXEC mode to display static entries in the bridge-forwarding database.
2CSPC4.XModular-SWUM201.book Page 309 Monday, October 3, 2011 2:21 PM Example In this example, all static entries in the bridge-forwarding database are displayed. console#show mac address-table static Vlan Mac Address Type Port ---- -------------- ----- ----- 1 gi1/0/1 0001.0001.0001 Static show mac address-table vlan Use the show mac address-table vlan command in User EXEC or Privileged EXEC mode to display all entries in the bridge-forwarding database for the specified VLAN.
2CSPC4.XModular-SWUM201.book Page 310 Monday, October 3, 2011 2:21 PM Example In this example, all classes of entries in the bridge-forwarding database are displayed. console#show mac address-table vlan 1 Mac Address Table ------------------------------------Vlan Mac Address Type Ports ---- --------------- ------- ------- 1 0000.0001.0000 Dynamic gi1/0/1 1 0000.8420.5010 Dynamic gi1/0/1 1 0000.E26D.2C2A Dynamic gi1/0/1 1 0000.E89A.596E Dynamic gi1/0/1 1 0001.02F1.
2CSPC4.XModular-SWUM201.book Page 311 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example In this example, all classes of entries in the port-lock status are displayed. console#show ports security Port Status ---- ------ 1/0/1 Locked Action ---------Discard 1/0/2 Unlocked 1/0/3 Locked Maximum Trap Frequency --------- ------- ------3 Enable 100 28 - - Disable - Discard, Shutdown 8 The following table describes the fields in this example.
2CSPC4.XModular-SWUM201.book Page 312 Monday, October 3, 2011 2:21 PM Syntax show ports security addresses {gigabitethernet unit/slot/port | port-channel port-channel-number | tengigabitethernet unit/slot/port } Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples The following example displays dynamic addresses for port channel number 1/0/1.
2CSPC4.XModular-SWUM201.book Page 313 Monday, October 3, 2011 2:21 PM 7 Auto-VoIP Commands Voice over Internet Protocol (VoIP) allows network users to make telephone calls using a computer network over a data network like the Internet. With the increased prominence of delay-sensitive applications (voice, video, and other multimedia applications) deployed in networks today, proper QoS configuration ensures high-quality application performance.
2CSPC4.XModular-SWUM201.book Page 314 Monday, October 3, 2011 2:21 PM show switchport voice Use the show switchport voice command to show the status of Auto-VoIP on an interface or all interfaces. Syntax show switchport voice [gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port] Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 317 Monday, October 3, 2011 2:21 PM Syntax switchport voice detect auto no switchport voice detect auto Default Configuration This feature is disabled by default.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 319 Monday, October 3, 2011 2:21 PM CDP Interoperability Commands 8 Industry Standard Discovery Protocol (ISDP) is a proprietary Layer 2 network protocol which inter-operates with Cisco network equipment and is used to share information between neighboring devices. PowerConnect switches participate in the ISDP protocol and are able to both discover and be discovered by devices that support the Cisco Discovery Protocol (CDP).
2CSPC4.XModular-SWUM201.book Page 320 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console#clear isdp counters clear isdp table The clear isdp table command clears entries in the ISDP table. Syntax clear isdp table Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 321 Monday, October 3, 2011 2:21 PM Default Configuration ISDP sends version 2 packets by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#isdp advertise-v2 isdp enable The isdp enable command enables ISDP on the switch. User the “no” form of this command to disable ISDP. Use this command in global configuration mode to enable the ISDP function on the switch.
2CSPC4.XModular-SWUM201.book Page 322 Monday, October 3, 2011 2:21 PM Example The following example enables isdp on interface 1/0/1. console(config)#interface gigabitethernet 1/0/1 console(config-if-1/0/1)#isdp enable isdp holdtime The isdp holdtime command configures the hold time for ISDP packets that the switch transmits. The hold time specifies how long a receiving device should store information sent in the ISDP packet before discarding it. The range is given in seconds.
2CSPC4.XModular-SWUM201.book Page 323 Monday, October 3, 2011 2:21 PM isdp timer The isdp timer command sets period of time between sending new ISDP packets. The range is given in seconds. Use the “no” form of this command to reset the timer to the default. Syntax isdp timer time no isdp timer Parameter Description Parameter Description time The time in seconds (range: 5–254 seconds). Default Configuration The default timer is 30 seconds.
2CSPC4.XModular-SWUM201.book Page 324 Monday, October 3, 2011 2:21 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show isdp Timer................................ 30 Hold Time............................ 180 Version 2 Advertisements............. Enabled Neighbors table last time changed.... 0 days 00:06:01 Device ID............................
2CSPC4.XModular-SWUM201.book Page 325 Monday, October 3, 2011 2:21 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show isdp entry Switch Device ID Switch Address(es): IP Address: 172.20.1.18 IP Address: 172.20.1.
2CSPC4.XModular-SWUM201.book Page 326 Monday, October 3, 2011 2:21 PM Compiled Wed 21-Mar-07 12:20 by tinhuang show isdp interface The show isdp interface command displays ISDP settings for the specified interface. Syntax show isdp interface { all | gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port } Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 328 Monday, October 3, 2011 2:21 PM Syntax show isdp neighbors {[ gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port | detail] } Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 329 Monday, October 3, 2011 2:21 PM Interface 1/0/1 Port ID GigabitEthernet1/1 Holdtime 162 Advertisement Version 2 Entry last changed time 0 days 00:55:20 Version : Cisco IOS Software, Catalyst 4000 L3 Switch Software (cat4000-I9K91S-M), Version 12.2(25)EWA9, RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc.
2CSPC4.XModular-SWUM201.book Page 330 Monday, October 3, 2011 2:21 PM ISDP Packets Transmitted....................... 127 ISDPv1 Packets Received........................ 0 ISDPv1 Packets Transmitted..................... 0 ISDPv2 Packets Received........................ 4253 ISDPv2 Packets Transmitted..................... 4351 ISDP Bad Header................................ 0 ISDP Checksum Error............................ 0 ISDP Transmission Failure...................... 0 ISDP Invalid Format..............
2CSPC4.XModular-SWUM201.book Page 331 Monday, October 3, 2011 2:21 PM DHCP Layer 2 Relay Commands 9 In the majority of network configurations, DHCP clients and their associated servers do not reside on the same IP network or subnet. Therefore, some kind of third-party agent is required to transfer DHCP messages between clients and servers. Such an agent is known as a DHCP Relay agent. The DHCP Relay agent accepts DHCP requests from any routed interface, including VLANs.
2CSPC4.XModular-SWUM201.book Page 332 Monday, October 3, 2011 2:21 PM Syntax dhcp l2relay no dhcp l2relay Default Configuration DHCP L2 Relay is disabled by default. Command Mode Global Configuration. User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay dhcp l2relay (Interface Configuration) Use the dhcp l2relay command to enable DHCP L2 Relay for an interface. Use the "no" form of this command to disable DHCP L2 Relay for an interface.
2CSPC4.XModular-SWUM201.book Page 333 Monday, October 3, 2011 2:21 PM Example console(config-if-1/0/1)#dhcp l2relay dhcp l2relay circuit-id Use the dhcp l2relay circuit-id command to enable setting the DHCP Option 82 Circuit ID for a VLAN. When enabled, the interface number is added as the Circuit ID in DHCP option 82. Use the "no" form of this command to disable setting the DHCP Option 82 Circuit ID.
2CSPC4.XModular-SWUM201.book Page 334 Monday, October 3, 2011 2:21 PM dhcp l2relay remote-id Use the dhcp l2relay remote-id command to enable setting the DHCP Option 82 Remote ID for a VLAN. When enabled, the supplied string is used for the Remote ID in DHCP Option 82. Use the "no" form of this command to disable setting the DHCP Option 82 Remote ID.
2CSPC4.XModular-SWUM201.book Page 335 Monday, October 3, 2011 2:21 PM Syntax dhcp l2relay trust no dhcp l2relay trust Default Configuration DHCP Option 82 is discarded by default. Configuration Mode Interface Configuration (Ethernet, Port-channel). User Guidelines There are no user guidelines for this command. Example console(config-if-1/0/1)#dhcp l2relay trust dhcp l2relay vlan Use the dhcp l2relay vlan command to enable the L2 DHCP Relay agent for a set of VLANs.
2CSPC4.XModular-SWUM201.book Page 336 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#dhcp l2relay vlan 10,340-345 show dhcp l2relay all Use the show dhcp l2relay all command in Privileged EXEC mode to display the summary of DHCP L2 Relay configuration. Syntax show dhcp l2relay all Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 338 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show dhcp l2relay interface all DHCP L2 Relay is Interface ---------- Enabled.
2CSPC4.XModular-SWUM201.book Page 339 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show dhcp l2relay stats interface all DHCP L2 Relay is Enabled.
2CSPC4.XModular-SWUM201.book Page 340 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. show dhcp l2relay agent-option vlan Use the show dhcp l2relay agent-option vlan command in Privileged EXEC mode to display DHCP L2 Relay Option-82 configuration specific to VLANs.
2CSPC4.XModular-SWUM201.book Page 341 Monday, October 3, 2011 2:21 PM DHCP L2 Relay is VLAN Id Enabled.
2CSPC4.XModular-SWUM201.book Page 342 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show dhcp l2relay vlan 100 DHCP L2 Relay is Enabled.
2CSPC4.XModular-SWUM201.book Page 343 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console#show dhcp l2relay circuit-id vlan 300 DHCP L2 Relay is Enabled. DHCP Circuit-Id option is enabled on the following VLANs: 300 show dhcp l2relay remote-id vlan Use the show dhcp l2relay remote-id vlan command in Privileged EXEC mode to display whether DHCP L2 Relay is globally enabled and shows the remote ID configured on the specified VLAN or VLAN range.
2CSPC4.XModular-SWUM201.book Page 344 Monday, October 3, 2011 2:21 PM Example console#show dhcp l2relay remote-id vlan 200 DHCP L2 Relay is Enabled. VLAN ID Remote Id -------- ------------- 200 remote_22 clear dhcp l2relay statistics interface Use the show dhcp l2relay statistics interface command in Privileged EXEC mode to reset the DHCP L2 Relay counters to zero. Specify the port with the counters to clear, or use the all keyword to clear the counters on all ports.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 347 Monday, October 3, 2011 2:21 PM DHCP Management Interface Commands 10 PowerConnect switches support an embedded DHCP client. Any IP interface can use DHCP to obtain an IP address. The DHCP client can run on multiple interfaces simultaneously. For IPv4, an IP interface can either use manually configured addresses or be enabled for DHCP. The options are mutually exclusive.
2CSPC4.XModular-SWUM201.book Page 348 Monday, October 3, 2011 2:21 PM renew dhcp show dhcp lease release dhcp Use the release dhcp command in Privileged EXEC mode to force the DHCPv4 client to release a leased address. Syntax release dhcp interface-id Parameter Description Parameter Description interface-id Any valid VLAN interface. See Interface Naming Conventions for interface representation. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 349 Monday, October 3, 2011 2:21 PM Example console#release dhcp vlan2 renew dhcp Use the renew dhcp command in Privileged EXEC mode to force the DHCP client to immediately renew an IPv4 address lease. Syntax renew dhcp {interface-id | out-of-band} Parameter Description Parameter Description interface-id Any valid routing interface. See Interface Naming Conventions for interface representation. out-of-band Keyword to identify the out-of-band interface.
2CSPC4.XModular-SWUM201.book Page 350 Monday, October 3, 2011 2:21 PM Examples The first example is for routing interfaces. console#renew dhcp vlan 2 The second example is for out-of-band port. console#renew dhcp out-of-band debug dhcp packet Use the debug dhcp packet command in Privileged EXEC mode to display debug information about DHCPv4 client activities and to trace DHCPv4 packets to and from the local DHCPv4 client. To disable debugging, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 351 Monday, October 3, 2011 2:21 PM console#debug dhcp packet transmit The third example is for receive flow. console#debug dhcp packet receive show dhcp lease Use the show dhcp lease command in Privileged EXEC mode to display IPv4 addresses leased from a DHCP server. Syntax show dhcp lease [interface interface-id] Parameter Description Parameter Description interface-id Any valid IP interface (VLAN only).
2CSPC4.XModular-SWUM201.book Page 352 Monday, October 3, 2011 2:21 PM Term Description DHCP Lease server The IPv4 address of the DHCP server that leased the address. State State of the DHCPv4 Client on this interface. DHCP transaction id The transaction ID of the DHCPv4 Client. Lease The time (in seconds) that the IP address was leased by the server. Renewal The time (in seconds) when the next DHCP renew Request is sent by DHCPv4 Client to renew the leased IP address.
2CSPC4.XModular-SWUM201.book Page 353 Monday, October 3, 2011 2:21 PM Subnet mask: 255.255.255.0 DHCP Lease server: 10.1.20.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 355 Monday, October 3, 2011 2:21 PM DHCP Snooping Commands 11 DHCP Snooping is a security feature that monitors DHCP messages between DHCP clients and DHCP server to filter harmful DHCP messages and build a bindings database of {MAC address, IP address, VLAN ID, interface} tuples that are considered authorized. The DHCP snooping application processes incoming DHCP messages.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 357 Monday, October 3, 2011 2:21 PM clear ip dhcp snooping statistics Use the clear ip dhcp snooping statistics command to clear all DHCP Snooping statistics. Syntax clear ip dhcp snooping statistics Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 358 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping console(config-if-vlan1)#ip dhcp snooping ip dhcp snooping binding Use the ip dhcp snooping binding command to configure a static DHCP Snooping binding. Use the “no” form of this command to remove a static binding.
2CSPC4.XModular-SWUM201.book Page 359 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping binding 00:00:00:00:00:01 vlan 10 10.131.12.134 interface 1/0/1 ip dhcp snooping database Use the ip dhcp snooping database command to configure the persistent storage location of the DHCP snooping database. This can be local to the switch or on a remote machine.
2CSPC4.XModular-SWUM201.book Page 360 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example The following example configures the storage location of the snooping database as local. console(config)#ip dhcp snooping database local The following example configures the storage location of the snooping database as remote. console(config)#ip dhcp snooping database tftp://10.131.11.1/db.
2CSPC4.XModular-SWUM201.book Page 361 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ip dhcp snooping database write-delay 500 ip dhcp snooping limit Use the ip dhcp snooping limit command to control the maximum rate of DHCP messages. Use the no form of this command to reset the limit to the default.
2CSPC4.XModular-SWUM201.book Page 362 Monday, October 3, 2011 2:21 PM ip dhcp snooping log-invalid Use the ip dhcp snooping log-invalid command to enable logging of DHCP messages filtered by the DHCP Snooping application. Use the “no” form of this command to disable logging. Syntax ip dhcp snooping log-invalid no ip dhcp snooping log-invalid Default Configuration Logging of filtered messages is disabled by default.
2CSPC4.XModular-SWUM201.book Page 363 Monday, October 3, 2011 2:21 PM Default Configuration Ports are untrusted by default. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 364 Monday, October 3, 2011 2:21 PM Example console(config)#ip dhcp snooping verify mac-address show ip dhcp snooping Use the show ip dhcp snooping command to display the DHCP snooping global configuration. Syntax show ip dhcp snooping Syntax Description This command has no arguments or keywords. Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 365 Monday, October 3, 2011 2:21 PM --------- -------- ---------------- 1/0/1 Yes No 1/0/2 No Yes 1/0/3 No Yes 1/0/4 No No 1/0/6 No No show ip dhcp snooping binding Use the show ip dhcp snooping binding command to display the DHCP snooping binding entries. Syntax show ip dhcp snooping binding [{ static | dynamic } ] [ interface interfaceid ] [ vlan vlan-id ] • static | dynamic— Use these keywords to filter by static or dynamic bindings.
2CSPC4.XModular-SWUM201.book Page 366 Monday, October 3, 2011 2:21 PM MAC Address IP Address VLAN Interface Lease time(Secs) ------------------ ------------ ---- --------- ------------- 00:02:B3:06:60:80 210.1.1.3 10 1/0/1 86400 00:0F:FE:00:13:04 210.1.1.4 10 1/0/1 86400 show ip dhcp snooping database Use the show ip dhcp snooping database command to display the DHCP snooping configuration related to the database persistence.
2CSPC4.XModular-SWUM201.book Page 367 Monday, October 3, 2011 2:21 PM show ip dhcp snooping interfaces Use the show ip dhcp snooping interfaces command to show the DHCP Snooping status of the interfaces. Syntax show ip dhcp snooping interfaces [interface] • interface—A valid physical interface. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 368 Monday, October 3, 2011 2:21 PM 1/0/15 Yes 15 1 show ip dhcp snooping statistics Use the show ip dhcp snooping statistics command to display the DHCP snooping filtration statistics. Syntax show ip dhcp snooping statistics Syntax Description This command has no arguments or keywords. Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 371 Monday, October 3, 2011 2:21 PM Dynamic ARP Inspection Commands 12 Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and malicious ARP packets. The feature prevents a class of man-in-the-middle attacks, where an unfriendly station intercepts traffic for other stations by poisoning the ARP caches of its neighbors. The miscreant sends ARP requests or responses mapping another station IP address to its own MAC address.
2CSPC4.XModular-SWUM201.book Page 372 Monday, October 3, 2011 2:21 PM Default Configuration There are no ARP ACLs created by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#arp access-list tier1 clear ip arp inspection statistics Use the clear ip arp inspection statistics command in Privileged EXEC mode to reset the statistics for Dynamic Address Resolution Protocol (ARP) inspection on all VLANs.
2CSPC4.XModular-SWUM201.book Page 373 Monday, October 3, 2011 2:21 PM Example console#clear ip arp inspection statistics ip arp inspection filter Use the ip arp inspection filter command to configure the ARP ACL to be used for a single VLAN or a range of VLANs to filter invalid ARP packets. If the static keyword is given, packets that do not match a permit statement are dropped without consulting the DHCP snooping bindings. Use the “no” form of this command to unconfigure the ARP ACL.
2CSPC4.XModular-SWUM201.book Page 374 Monday, October 3, 2011 2:21 PM Configuring none for the limit means the interface is not rate limited for Dynamic ARP Inspection. Syntax ip arp inspection limit { none | rate pps [ burst interval seconds ] } no ip arp inspection limit • none — To set no rate limit. • pps — The number of packets per second (Range: 0–300). • seconds — The number of seconds (Range: 1–15). Default Configuration The default rate limit is 15 packets per second.
2CSPC4.XModular-SWUM201.book Page 375 Monday, October 3, 2011 2:21 PM no ip arp inspection trust Default Configuration Interfaces are configured as untrusted by default. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 376 Monday, October 3, 2011 2:21 PM Default Configuration There is no additional validation enabled by default.
2CSPC4.XModular-SWUM201.book Page 377 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ip arp inspection vlan 200-300 console(config)#ip arp inspection vlan 200-300 logging permit ip host mac host Use the permit ip host mac host command to configure a rule for a valid IP address and MAC address combination used in ARP packet validation. Use the “no” form of this command to delete an ARP ACL rule.
2CSPC4.XModular-SWUM201.book Page 378 Monday, October 3, 2011 2:21 PM show arp access-list Use the show arp access-list command to display the configured ARP ACLs with the rules. Giving an ARP ACL name as the argument would display only the rules in that ARP ACL. Syntax show arp access-list [ acl-name ] acl-name — A valid ARP ACL name (Range: 1–31 characters). Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 379 Monday, October 3, 2011 2:21 PM Syntax show ip arp inspection [interfaces [interface-id] | statistics [vlan vlan-range] | vlan vlan-range] Parameter Description Parameter Description interfaces [interface-id] Display the Dynamic ARP Inspection configuration on all the DAI enabled interfaces. Giving an interface argument, it displays the values for that interface.
2CSPC4.XModular-SWUM201.book Page 380 Monday, October 3, 2011 2:21 PM DHCP Drops The number of packets dropped due to DHCP Snooping binding database match failure. ACL Drops The number of packets dropped due to ARP ACL rule match failure. DHCP Permits The number of packets permitted due to DHCP snooping binding database match. ACL Permits The number of packets permitted due to ARP ACL rule match. Bad Src MAC The number of packets dropped due to Source MAC validation failure.
2CSPC4.XModular-SWUM201.book Page 381 Monday, October 3, 2011 2:21 PM (pps) --------------- ----------- (seconds) ---------- --------------- 1/0/1 Untrusted 15 1 1/0/2 Untrusted 10 10 Following is an example of the show ip arp inspection statistics command.
2CSPC4.XModular-SWUM201.book Page 382 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description vlan-range A valid VLAN range. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines The following global parameters are displayed: Parameter Description Source Mac Validation If Source Mac validation of ARP frame is enabled. Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 385 Monday, October 3, 2011 2:21 PM Email Alerting Commands 13 Email Alerting is an extension of the logging system. The PowerConnect logging system allows the user to configure a variety of destinations for log messages. This feature adds email configuration capabilities, by which the log messages are sent to a configured SMTP server such that an operator may receive the log in an e-mail account of their choice.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 387 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description severity If you specify a severity level, log messages at or above the severity level are emailed. The severity level may either be specified by keyword or as an integer from 0 to 7. The accepted keywords, and the numeric severity level each represents, are as follows.
2CSPC4.XModular-SWUM201.book Page 388 Monday, October 3, 2011 2:21 PM logging email urgent Use the logging email urgent command in Global Configuration mode to set the lowest severity level at which log messages are emailed in an urgent manner. To revert the urgent severity level to its default value, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 389 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines Log messages at or above this severity level are considered urgent. By default, Emergency and Alert log messages are considered urgent. Urgent log messages are emailed immediately, one log message per email message, and do not wait for the log time to expire. Urgent log messages are not emailed unless you enable email alerting with the logging email command.
2CSPC4.XModular-SWUM201.book Page 390 Monday, October 3, 2011 2:21 PM Default Configuration The default severity level is info(6). Command Mode Global Configuration mode User Guidelines You can filter log messages that appear in the buffered log by severity level. You can specify the severity level of log messages that are emailed.
2CSPC4.XModular-SWUM201.book Page 391 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration User Guidelines This command removes the configured to-addr field of email. logging email from-addr Use the logging email from-addr command in Global Configuration mode to configure the From address of the email. Use the no form of this command to remove the email source address.
2CSPC4.XModular-SWUM201.book Page 392 Monday, October 3, 2011 2:21 PM Syntax logging email message-type message-type subject subject no logging email message-type message-type subject Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines The user must enter the message-type parameter manually as tab and space bar completion do not work for this parameter.
2CSPC4.XModular-SWUM201.book Page 393 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration User Guidelines This command has no user guidelines. logging email test message-type Use the logging email test message-type command in Global Configuration mode to test whether or not an e-mail is being sent to an SMTP server.
2CSPC4.XModular-SWUM201.book Page 394 Monday, October 3, 2011 2:21 PM show logging email statistics Use the show logging email statistics command in Privileged EXEC mode to show the statistics about the emails. The command displays information on how many emails are sent, how many emails failed, when the last email was sent, how long it has been since the last email was sent, how long it has been since the email changed to disabled mode.
2CSPC4.XModular-SWUM201.book Page 395 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines. security Use the security command in Mail Server Configuration mode to set the email alerting security protocol. This enables and disables the switch to use TLS authentication with the SMTP Server.
2CSPC4.XModular-SWUM201.book Page 396 Monday, October 3, 2011 2:21 PM mail-server ip-address | hostname Use the mail-server ip-address | hostname command in Global Configuration mode to configure the SMTP server IP address and change the mode to Mail Server Configuration mode. The server address can be in the IPv4, IPv6, or DNS name format. Use the no form of this command to remove the configured SMTP server address.
2CSPC4.XModular-SWUM201.book Page 397 Monday, October 3, 2011 2:21 PM port (Mail Server Configuration Mode) Use the port command in Mail Server Configuration mode to configure the TCP port to use for communication with the SMTP server. Port can be set to 465 or 25. Use the no form of the command to revert the SMTP port to the default port. Syntax port port no port Parameter Description This command does not require a parameter description. Default Configuration The default value is 25.
2CSPC4.XModular-SWUM201.book Page 398 Monday, October 3, 2011 2:21 PM Parameter Description This command does not require a parameter description. Default Configuration The default value for username is admin. Command Mode Mail Server Configuration User Guidelines This command has no user guidelines. password (Mail Server Configuration Mode) Use the password command in Mail Server Configuration mode to configure the password required to authenticate to the email server.
2CSPC4.XModular-SWUM201.book Page 399 Monday, October 3, 2011 2:21 PM show mail-server Use the show mail-server command in Privileged EXEC mode to display the configuration of all the mail servers or a particular mail server. Syntax show mail-server {ip-address | hostname | all} Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 400 Monday, October 3, 2011 2:21 PM SMTP server authentication details: Username: admin Mail server2 configuration: SMTP server IP Address: 10.131.1.31 SMTP server Port: 465 SMTP server security protocol: tls SMTP server authentication details: Username: admin console#show mail-server ip-address 10.131.1.11 SMTP server IP Address: 10.131.1.
2CSPC4.XModular-SWUM201.book Page 401 Monday, October 3, 2011 2:21 PM 14 Ethernet Configuration Commands PowerConnect switches support a variety of configuration options to optimize network operations. Features such as flow-control and jumbo frames are supported along with a variety of commands to display traffic statistics as well as limit the effects of network loops or other network issues.
2CSPC4.XModular-SWUM201.book Page 402 Monday, October 3, 2011 2:21 PM On a storm control enabled interface, if the ingress rate of that type of packet (L2 broadcast, multicast, or unicast) is greater than the configured threshold level (as a percentage of port speed or as an absolute packets-per-second rate), the switch forwarding-plane discards the excess traffic. The speed and duplex commands control interface link speeds and autonegotiation.
2CSPC4.XModular-SWUM201.book Page 403 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example In the following example, the counters for port 1/0/1 are cleared. console#clear counters gigabitethernet 1/0/1 description Use the description command in Interface Configuration mode to add a description to an interface. To remove the description use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 404 Monday, October 3, 2011 2:21 PM console(config)#interface gigabitethernet 1/0/5 console(config-if-1/0/5)# description RD_SW#3 duplex Use the duplex command in Interface Configuration mode to configure the duplex operation of a given Ethernet interface. To restore the default, use the no form of this command. Syntax duplex {auto | half | full} no duplex Parameter Description Parameter Description auto Auto negotiation is enabled for the port.
2CSPC4.XModular-SWUM201.book Page 405 Monday, October 3, 2011 2:21 PM Example The following example configures the duplex operation of gigabit Ethernet port 1/0/5 to force full duplex operation. console(config)# interface gigabitethernet 1/0/5 console(config-if)# duplex full flowcontrol Use the flowcontrol command in Global Configuration mode to configure the flow control. To disable flow control, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 406 Monday, October 3, 2011 2:21 PM NOTE: Additional forms of the interface command enable configuring VLANs, tunnels, the loopback interface, the out-of-band interface, and ranges of interfaces. See interface vlan, interface tunnel, interface loopback, and interface range. Syntax interface {gigabitethernet unit/slot/port | port-channel port-channel-number | tengigabitethernet unit/slot/port} Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 407 Monday, October 3, 2011 2:21 PM Parameter Description port-range A list of valid ports to configure. Separate non-consecutive ports with a comma and no spaces; use a hyphen to designate a range of ports. For more detailed information, see Operating on Multiple Objects (Range). port-type Shows all interfaces of the specified type. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 409 Monday, October 3, 2011 2:21 PM show interfaces advertise Use the show interfaces advertise command in Privileged EXEC mode to display information about auto-negotiation advertisement. Syntax show interfaces advertise [{gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port}] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 410 Monday, October 3, 2011 2:21 PM Admin Local Link ------ ------ ------ ------ -----Advertisement yes yes yes yes no show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 412 Monday, October 3, 2011 2:21 PM show interfaces counters Use the show interfaces counters command in User EXEC mode to display traffic seen by the interface. Use the command in either User EXEC mode or Privileged EXEC mode to display Priority Flow Control (PFC) traffic seen by the interface, including Received PFC Frames and Transmitted PFC Frames for a given ethernet or port-channel interface.
2CSPC4.XModular-SWUM201.book Page 413 Monday, October 3, 2011 2:21 PM 2/0/1 0 0 3/0/1 8789 27 Ch InOctets InUcastPkts ---- ---------- --------- 1 27889 928 Ch OutOctets OutUcastPkts ---- ---------- --------- 1 23739 882 The following example displays counters for Ethernet port 1/0/1.
2CSPC4.XModular-SWUM201.book Page 414 Monday, October 3, 2011 2:21 PM Deferred Transmissions: 0 Late Collisions: 0 Excessive Collisions: 0 Oversize Packets: 0 Internal MAC Rx Errors: 0 Received Pause Frames: 0 Transmitted Pause Frames: 0 The following table describes the fields shown in the display: Field Description InOctets Counted received octets. InUcastPkts Counted received Unicast packets. InMcastPkts Counted received Multicast packets. InBcastPkts Counted received Broadcast packets.
2CSPC4.XModular-SWUM201.book Page 415 Monday, October 3, 2011 2:21 PM Field Description Late Collisions Counted times that a collision is detected later than one slot time into the transmission of a packet. Excessive Collisions Counted frames for which transmission fails due to excessive collisions. Oversize Packets Counted frames received that exceed the maximum permitted frame size. Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error.
2CSPC4.XModular-SWUM201.book Page 416 Monday, October 3, 2011 2:21 PM console>show interfaces description Port Description ---- ----------------------------------------------------1/0/1 Port that should be used for management only 2/0/1 2/0/2 Ch Description ---- ----------- 1 Output show interfaces detail Use the show interfaces detail command in Privileged EXEC mode to display detailed status and configuration of the specified interface.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 419 Monday, October 3, 2011 2:21 PM Port id: 128.1 Cost: 0 Port Port Fast: No (Configured: no ) Protection: No Root Designated bridge Priority: 32768 Address: 001E.C9AA.AF51 Designated port id: 128.1 Designated path cost: 40000 CST Regional Root: 80:00:00:1E:C9:AA:AF:51 Port Cost: 0 CST BPDU: sent 121, received 316356 show interfaces status Use the show interfaces status command in Privileged EXEC mode to display the status for all configured interfaces.
2CSPC4.XModular-SWUM201.book Page 420 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the status for all configured interfaces.
2CSPC4.XModular-SWUM201.book Page 421 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following example shows statistics for port 1/0/1. console#show statistics gigabitethernet 1/0/1 Total Packets Received (Octets)............... 779533115 Packets Received 64 Octets..................... 48950 Packets Received 65-127 Octets................. 482426 Packets Received 128-255 Octets................
2CSPC4.XModular-SWUM201.book Page 422 Monday, October 3, 2011 2:21 PM Multicast Packets Received..................... 48339 --More-- or (q)uit Broadcast Packets Received..................... 76702 Total Packets Received with MAC Errors......... 0 Jabbers Received............................... 0 Fragments/Undersize Received................... 0 Alignment Errors............................... 0 FCS Errors..................................... 0 Overruns.......................................
2CSPC4.XModular-SWUM201.book Page 423 Monday, October 3, 2011 2:21 PM Multicast Packets Transmitted.................. 44432 Broadcast Packets Transmitted.................. 4 Total Transmit Errors.......................... 0 FCS Errors..................................... 0 Tx Oversized................................... 0 Underrun Errors................................ 0 Total Transmit Packets Discarded............... 0 Single Collision Frames........................ 0 Multiple Collision Frames............
2CSPC4.XModular-SWUM201.book Page 424 Monday, October 3, 2011 2:21 PM Receive Packets Discarded...................... 0 Octets Transmitted............................. 6451988 Packets Transmitted Without Errors............. 91652 Unicast Packets Transmitted.................... 2746 Multicast Packets Transmitted.................. 88892 Broadcast Packets Transmitted.................. 14 Transmit Packets Discarded..................... 0 --More-- or (q)uit Most Address Entries Ever Used.................
2CSPC4.XModular-SWUM201.book Page 425 Monday, October 3, 2011 2:21 PM Octets Transmitted............................. 0 Packets Transmitted Without Errors............. 0 Unicast Packets Transmitted.................... 0 Multicast Packets Transmitted.................. 0 Broadcast Packets Transmitted.................. 0 Transmit Packets Discarded..................... 0 Most Address Entries Ever Used................. 3 Address Entries Currently in Use............... 3 Maximum VLAN Entries...................
2CSPC4.XModular-SWUM201.book Page 426 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines It is possible to enter interface configuration mode from global configuration mode or from interface configuration mode. Example The following example shows statistics for the entire switch. console#show statistics switchport Total Packets Received (Octets)................ 0 Packets Received Without Error..............
2CSPC4.XModular-SWUM201.book Page 427 Monday, October 3, 2011 2:21 PM Most Address Entries Ever Used................. 3 Address Entries Currently in Use............... 3 Maximum VLAN Entries........................... 1024 Most VLAN Entries Ever Used.................... 2 Static VLAN Entries............................ 2 Dynamic VLAN Entries........................... 0 VLAN Deletes................................... 0 Time Since Counters Last Cleared...............
2CSPC4.XModular-SWUM201.book Page 428 Monday, October 3, 2011 2:21 PM Examples The following example shows storm control configurations for all valid Ethernet ports. The second example shows flow control mode status.
2CSPC4.XModular-SWUM201.book Page 429 Monday, October 3, 2011 2:21 PM Examples The following example disables gigabit Ethernet port 1/0/5. console(config)#interface gigabitethernet 1/0/5 console(config-if-1/0/5)# shutdown The following example re-enables gigabit ethernet port 1/0/5.
2CSPC4.XModular-SWUM201.book Page 430 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (Ethernet) mode User Guidelines When auto is used with a set of speeds, only those speeds are used by the port for the negotiation capabilities. Alternatively, if no speed arguments are configured, then all the speed capabilities are considered. SFP transceivers support auto-negotiation mode only.
2CSPC4.XModular-SWUM201.book Page 431 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example console(config-if-1/0/1)#storm-control broadcast level 5 storm-control multicast Use the storm-control multicast command in Interface Configuration mode to enable multicast storm recovery mode for an interface.
2CSPC4.XModular-SWUM201.book Page 432 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console(config-if-1/0/1)#storm-control multicast level 5 storm-control unicast Use the storm-control unicast command in Interface Configuration mode to enable unknown unicast storm control for an interface.
2CSPC4.XModular-SWUM201.book Page 433 Monday, October 3, 2011 2:21 PM Example console(config-if-1/0/1)#storm-control unicast level 5 switchport protected Use the switchport protected command in Interface Configuration mode to configure a protected port. The groupid parameter identifies the set of protected ports to which this interface is assigned. You can only configure an interface as protected in one group. You are required to remove an interface from one group before adding it to another group.
2CSPC4.XModular-SWUM201.book Page 434 Monday, October 3, 2011 2:21 PM console(config-if-1/0/1)#switchport protected 1 switchport protected name Use the switchport protected name command in Global Configuration mode to adds the port to the protected group 1 and also sets the group name to "protected". Syntax switchport protected groupid name name no switchport protected groupid name • groupid — Identifies which group the port is to be protected in. (Range: 0–2) • name — Name of the group.
2CSPC4.XModular-SWUM201.book Page 435 Monday, October 3, 2011 2:21 PM Syntax show switchport protected groupid • groupid — Identifies which group the port is to be protected in. (Range: 0–2) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example identifies test as the protected group. console#show switchport protected 0 Name.........................................
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 437 Monday, October 3, 2011 2:21 PM Ethernet CFM Commands 15 Connectivity Fault Management (CFM) is the OAM Protocol provision for end-to-end service layer OAM in carrier Ethernet networks. CFM provides mechanisms to support the operator in performing connectivity checks, fault detection, fault verification and isolation, and fault notification per service in the network domain of interest. Unlike Ethernet OAM defined in IEEE 802.
2CSPC4.XModular-SWUM201.book Page 438 Monday, October 3, 2011 2:21 PM ethernet cfm mep archive-hold-time show ethernet cfm statistics ethernet cfm mip level debug cfm ethernet cfm domain Use the ethernet cfm domain command in Global Configuration mode to enter into maintenance domain config mode for an existing domain. Use the optional level parameter to create a domain and enter into maintenance domain config mode.
2CSPC4.XModular-SWUM201.book Page 439 Monday, October 3, 2011 2:21 PM User Guidelines Each domain must have a unique name and level, for example, one cannot create a domain qwerty at level 2 if domain qwerty already exists at level 1. Likewise, one cannot create a domain dvorak at level 2 if a domain of any name exists at level 2. Example In this example, a domain vin is created at level 1.
2CSPC4.XModular-SWUM201.book Page 440 Monday, October 3, 2011 2:21 PM Command Mode Maintenance domain config mode User Guidelines This command has no user guidelines. Example console(config-cfm-mdomain)#service serv1 vlan 10 ethernet cfm cc level Use the ethernet cfm cc level command in Global Configuration mode to initiate sending continuity checks (CCMs) at the specified interval and level on a VLAN monitored by an existing domain. Use the no form of the command to cease send CCMs.
2CSPC4.XModular-SWUM201.book Page 441 Monday, October 3, 2011 2:21 PM Default Configuration CCMs are not sent by default. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example console(config)#ethernet cfm cc level 1 vlan 15 interval 10 ethernet cfm mep level Use the ethernet cfm mep level command in Interface Configuration mode to create a Maintenance End Point (MEP) on an interface at the specified level and direction.
2CSPC4.XModular-SWUM201.book Page 442 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration User Guidelines This command has no user guidelines. Example The following example creates a maintenance endpoint at level 1 with mpid 1010 on vlan 10. console(config-if-Gi1/0/3)#ethernet cfm mep level 1 direction up mpid 1010 vlan 10 ethernet cfm mep enable Use the ethernet cfm mep enable command in Interface Configuration mode to enable a MEP at the specified level and direction.
2CSPC4.XModular-SWUM201.book Page 443 Monday, October 3, 2011 2:21 PM User Guidelines The maintenance domain must exist for it to be enabled. Example The following example enables a maintenance endpoint at level 1 with mpid 1010 on vlan 10. console(config-if-Gi1/0/3)#ethernet cfm mep enable level 1 vlan 10 mpid 1010 ethernet cfm mep active Use the ethernet cfm mep active command in Interface Configuration mode to activate a MEP at the specified level and direction.
2CSPC4.XModular-SWUM201.book Page 444 Monday, October 3, 2011 2:21 PM ethernet cfm mep archive-hold-time Use the ethernet cfm mep archive-hold-time command in Interface Configuration mode to maintain internal information on a missing MEP. Use the no form of the command to return the interval to the default value. Syntax ethernet cfm mep archive-hold-time hold-time Parameter Description Parameter Description hold-time The time in seconds to maintain the data for a missing MEP before removing the data.
2CSPC4.XModular-SWUM201.book Page 445 Monday, October 3, 2011 2:21 PM Syntax ethernet cfm mip level 0-7 Parameter Description Parameter Description level Maintenance association level Default Configuration No MIPs are preconfigured. Command Mode Interface Configuration User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 446 Monday, October 3, 2011 2:21 PM Parameter Description mac-addr The destination MAC address for which the connectivity needs to be verified. Either MEP ID or the MAC address option can be used. remote-mpid The MEP ID for which connectivity is to be verified; i.e. the destination MEP ID. domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). vlan-id A VLAN associated with the maintenance domain. Range: 14094.
2CSPC4.XModular-SWUM201.book Page 447 Monday, October 3, 2011 2:21 PM Syntax traceroute ethernet cfm {mac mac-addr| remote-mpid 1-8191} {domain domain name | level 0-7 } vlan vlan-id mpid 1-8191 [ttl 1-255] Parameter Description Parameter Description level Maintenance association level mac-addr The destination MAC address for which the route needs to be traced. Either MEP ID or the MAC address option can be used. remote-mpid The MEP ID for which connectivity needs to be verified; i.e.
2CSPC4.XModular-SWUM201.book Page 448 Monday, October 3, 2011 2:21 PM show ethernet cfm errors Use the show ethernet cfm errors command in Privileged EXEC mode to display the cfm errors. Syntax show ethernet cfm errors {domain domain-id | level 0-7} Parameter Description Parameter Description domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). level Maintenance association level Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 449 Monday, October 3, 2011 2:21 PM Syntax show ethernet cfm domain {brief |domain-id} Parameter Description Parameter Description domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 450 Monday, October 3, 2011 2:21 PM Syntax show ethernet cfm maintenance-points local {level 0-7 | interface interfaceid | domain domain-name} Parameter Description Parameter Description domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). level Maintenance association level interface-id Show all MPs associated with the interface. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 451 Monday, October 3, 2011 2:21 PM Syntax show ethernet cfm maintenance-points remote {level 0-7 | domain domainname | detail [ mac mac-address | mep MEPId] [domain domain-name | level 0-7] [vlan vlan-id]} Parameter Description Parameter Description domain Name of the maintenance domain (an alphanumeric string of up to 43 characters in length). level Maintenance association level mac-address The destination MAC address for which the information is desired.
2CSPC4.XModular-SWUM201.book Page 452 Monday, October 3, 2011 2:21 PM show ethernet cfm statistics Use the show ethernet cfm maintenance-points remote command in Privileged EXEC mode to display the CFM statistics. Syntax show ethernet cfm statistics [domain domain-name | level 0-7] Parameter Description Parameter Description domain-name Name of the maintenance domain (an alphanumeric string of up to 43 characters in length).
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 454 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description event CFM events pdu CFM PDUs ccm Continuity check messages ltm Link trace messages lbm Loopback messages tx Transmit only rx Receive only all Everything Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 457 Monday, October 3, 2011 2:21 PM 16 GVRP Commands GARP VLAN Registration Protocol (GVRP) is used to propagate VLAN membership information throughout the network. GVRP is based on the Generic Attribute Registration Protocol (GARP), which defines a method of propagating a defined attribute (that is, VLAN membership) throughout the network. GVRP allows both end stations and the networking device to issue and revoke declarations relating to membership in VLANs.
2CSPC4.XModular-SWUM201.book Page 458 Monday, October 3, 2011 2:21 PM Syntax clear gvrp statistics [{gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port }] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example clears all the GVRP statistics information on port 1/0/8.
2CSPC4.XModular-SWUM201.book Page 459 Monday, October 3, 2011 2:21 PM Default Configuration The default timer values are as follows: • Join timer — 20 centiseconds • Leave timer — 60 centiseconds • Leaveall timer — 1000 centiseconds Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines The following relationships for the various timer values must be maintained: • Leave time must be greater than or equal to three times the join time.
2CSPC4.XModular-SWUM201.book Page 460 Monday, October 3, 2011 2:21 PM Default Configuration GVRP is globally disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables GVRP on the device. console(config)#gvrp enable gvrp enable (interface) Use the gvrp enable command in Interface Configuration mode to enable GVRP on an interface. To disable GVRP on an interface, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 461 Monday, October 3, 2011 2:21 PM Membership in untagged VLAN would be propagated in a same way as a tagged VLAN. In such cases it is the administrator’s responsibility to set the PVID to be the untagged VLAN VID. Example The following example enables GVRP on gigabit ethernet 1/0/8.
2CSPC4.XModular-SWUM201.book Page 462 Monday, October 3, 2011 2:21 PM console(config-if-1/0/8)#gvrp registration-forbid gvrp vlan-creation-forbid Use the gvrp vlan-creation-forbid command in Interface Configuration mode to disable dynamic VLAN creation. To disable dynamic VLAN creation, use the no form of this command. Syntax gvrp vlan-creation-forbid no gvrp vlan-creation-forbid Default Configuration By default, dynamic VLAN creation is enabled.
2CSPC4.XModular-SWUM201.book Page 463 Monday, October 3, 2011 2:21 PM Syntax show gvrp configuration [{gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port } ] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 464 Monday, October 3, 2011 2:21 PM show gvrp error-statistics Use the show gvrp error-statistics command in User EXEC mode to display GVRP error statistics. Syntax show gvrp error-statistics [{gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port }] Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 465 Monday, October 3, 2011 2:21 PM 1/0/3 0 0 0 0 0 1/0/4 0 0 0 0 0 show gvrp statistics Use the show gvrp statistics command in User EXEC mode to display GVRP statistics. Syntax show gvrp statistics [{gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port }] Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 467 Monday, October 3, 2011 2:21 PM IGMP Snooping Commands 17 Snooping of Internet Group Management Protocol (IGMP) messages is a feature that allows PowerConnect switches to forward multicast traffic intelligently on the switch. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255.
2CSPC4.XModular-SWUM201.book Page 468 Monday, October 3, 2011 2:21 PM interface within a specified length of time (multicast router present expiration time), that interface is removed from the list of interfaces with multicast routers attached. The multicast router present expiration time is configurable using management. The default value for the multicast router expiration time is zero, which indicates an infinite timeout (that is, no expiration).
2CSPC4.XModular-SWUM201.book Page 469 Monday, October 3, 2011 2:21 PM User Guidelines IGMP snooping is enabled on static VLANs only and is not enabled on Private VLANs or their community VLANs. Example The following example globally enables IGMP snooping. console(config)# ip igmp snooping ip igmp snooping (interface) Use the ip igmp snooping command in Interface Configuration mode to enable Internet Group Management Protocol (IGMP) snooping on a specific interface.
2CSPC4.XModular-SWUM201.book Page 470 Monday, October 3, 2011 2:21 PM ip igmp snooping host-time-out Use the ip igmp snooping host-time-out command in Interface Configuration mode to configure the host-time-out. If an IGMP report for a Multicast group is not received for a host time-out period from a specific port, this port is deleted from the member list of that Multicast group. To reset to the default host time-out, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 471 Monday, October 3, 2011 2:21 PM IGMP leave was received from a specific port, the current port is deleted from the member list of that Multicast group. To configure the default leave-timeout, use the no form of this command. Syntax ip igmp snooping leave-time-out [time-out | immediate-leave] no ip igmp snooping leave-time-out • time-out — Specifies the leave-time-out in seconds.
2CSPC4.XModular-SWUM201.book Page 472 Monday, October 3, 2011 2:21 PM Syntax ip igmp snooping mrouter-time-out time-out no ip igmp snooping mrouter-time-out • time-out — mrouter timeout in seconds for IGMP. (Range: 1–3600) Default Configuration The default value is 300 seconds. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines This command has no user guidelines. Example The following example configures the mrouter timeout to 200 seconds.
2CSPC4.XModular-SWUM201.book Page 473 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC User Guidelines This command has no user guidelines. show ip igmp snooping groups Use the show ip igmp snooping groups command in User EXEC mode to display the Multicast groups learned by IGMP snooping. Syntax show ip igmp snooping groups [vlan vlan-id] [address ip-multicast-address] • vlan_id — Specifies a VLAN ID value.
2CSPC4.XModular-SWUM201.book Page 474 Monday, October 3, 2011 2:21 PM ---- ----------- ------- 1 224-239.130 | 2.2.3 1/0/1, 2/0/2 19 224-239.130 | 2.2.8 1/0/9-1/0/11 IGMP Reporters that are forbidden statically: --------------------------------------------Vlan IP Address ---- ------------------ 1 224-239.130 | 2.2.
2CSPC4.XModular-SWUM201.book Page 475 Monday, October 3, 2011 2:21 PM IGMP Snooping Admin Mode.................... Disabled Fast Leave Mode............................. Disabled Group Membership Interval................... 260 Max Response Time........................... 10 Multicast Router Present Expiration Time.... 300 show ip igmp snooping mrouter Use the show ip igmp snooping mrouter command in Privileged EXEC mode to display information on dynamically learned Multicast router interfaces.
2CSPC4.XModular-SWUM201.book Page 476 Monday, October 3, 2011 2:21 PM Syntax ip igmp snooping vlan-id no ip igmp snooping Default Configuration IGMP snooping is disabled on VLAN interfaces by default. Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines. Example The following example enables IGMP snooping on VLAN 2.
2CSPC4.XModular-SWUM201.book Page 477 Monday, October 3, 2011 2:21 PM no ip igmp snooping fast-leave • vlan id — Number assigned to the VLAN. Default Configuration IGMP snooping fast-leave mode is disabled on VLANs by default. Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines. Example The following example enables IGMP snooping fast-leave mode on VLAN 2.
2CSPC4.XModular-SWUM201.book Page 478 Monday, October 3, 2011 2:21 PM Default Configuration The default group membership interval time is 260 seconds. Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines. Example The following example configures an IGMP snooping group membership interval of 520 seconds.
2CSPC4.XModular-SWUM201.book Page 479 Monday, October 3, 2011 2:21 PM Command Mode VLAN Configuration mode User Guidelines When using IGMP Snooping Querier, this parameter should be less than the value for the IGMP Snooping Querier query interval. Example The following example sets the maximum response time to 60 seconds on VLAN 2. console(config-vlan)#ip igmp snooping maxresponse 2 60 ip igmp snooping mcrtrexpiretime This command sets the Multicast Router Present Expiration time.
2CSPC4.XModular-SWUM201.book Page 480 Monday, October 3, 2011 2:21 PM User Guidelines The mcrexpiretime should be less than the group membership interval. Example The following example sets the multicast router present expiration time on VLAN 2 to 60 seconds.
2CSPC4.XModular-SWUM201.book Page 481 Monday, October 3, 2011 2:21 PM 18 IGMP Snooping Querier Commands The IGMP/MLD Snooping Querier is an extension to the IGMP/MLD Snooping feature. IGMP/MLD Snooping Querier allows the switch to simulate an IGMP/MLD router in a Layer 2-only network, thus removing the need to have an IGMP/MLD Router to collect and refresh the multicast group membership information. The querier function simulates a small subset of the IGMP/MLD router functionality.
2CSPC4.XModular-SWUM201.book Page 482 Monday, October 3, 2011 2:21 PM source address when generating periodic queries. The no form of this command disables IGMP Snooping Querier on the system. Use the optional address parameter to set or reset the querier address. If a VLAN has IGMP Snooping Querier enabled, and IGMP Snooping is operationally disabled on it, IGMP Snooping Querier functionality is disabled on that VLAN.
2CSPC4.XModular-SWUM201.book Page 483 Monday, October 3, 2011 2:21 PM Example The following example enables IGMP snooping querier in VLAN Configuration mode. console(config-vlan)#ip igmp snooping querier 1 address 10.19.67.1 ip igmp snooping querier election participate This command enables the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN.
2CSPC4.XModular-SWUM201.book Page 484 Monday, October 3, 2011 2:21 PM console#vlan database console(config-vlan)#ip igmp snooping querier election participate ip igmp snooping querier query-interval This command sets the IGMP Querier Query Interval time, which is the amount of time in seconds that the switch waits before sending another periodic query. The no form of this command sets the IGMP Querier Query Interval time to its default value.
2CSPC4.XModular-SWUM201.book Page 485 Monday, October 3, 2011 2:21 PM ip igmp snooping querier timer expiry This command sets the IGMP Querier timer expiration period which is the time period that the switch remains in Non-Querier mode after it has discovered that there is a Multicast Querier in the network. The no form of this command sets the IGMP Querier timer expiration period to its default value.
2CSPC4.XModular-SWUM201.book Page 486 Monday, October 3, 2011 2:21 PM Syntax ip igmp snooping querier version version no ip igmp snooping querier version • version — IGMP version. (Range: 1–2) Default Configuration The querier version default is 2. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the IGMP version of the querier to 1.
2CSPC4.XModular-SWUM201.book Page 487 Monday, October 3, 2011 2:21 PM Parameter Description Admin Mode Indicates whether or not IGMP Snooping Querier is active on the switch. Admin Version Indicates the version of IGMP that will be used while sending out the queries. Source IP Address Shows the IP address that is used in the IPv4 header when sending out IGMP queries. It can be configured using the appropriate command.
2CSPC4.XModular-SWUM201.book Page 488 Monday, October 3, 2011 2:21 PM Parameter Description Elected Querier Indicates the IP address of the Querier that has been designated as the Querier based on its source IP address. This field will be 0.0.0.0 when Querier Election Participate mode is disabled. When the optional argument detail is used, the command shows the global information and the information for all Querier enabled VLANs. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 489 Monday, October 3, 2011 2:21 PM IP Addressing Commands 19 Interfaces on the PowerConnect switches support a variety of capabilities to support management of the switch. In addition to performing switching and routing of network traffic, PowerConnect switches act as a host for management of the switch.
2CSPC4.XModular-SWUM201.book Page 490 Monday, October 3, 2011 2:21 PM clear host Use the clear host command in Privileged EXEC mode to delete entries from the host name-to-address cache. Syntax clear host {name | *} • name — Host name to be deleted from the host name-to-address cache. (Range: 1-255 characters) • * — Deletes all entries in the host name-to-address cache. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 491 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console# console#configure console(config)#clear ip address-conflict-detect interface out-of-band Use the interface out-of-band command to bring up the OOB port configuration menu.
2CSPC4.XModular-SWUM201.book Page 492 Monday, October 3, 2011 2:21 PM console(config-if)# ip address (Out-of-Band) Use the ip address command in Interface Configuration mode to set an IP address for the service port. Use the no form of this command to return the ip address configuration to its default value. Syntax ip address {ip-address {mask | prefix-length} | dhcp} no ip address Parameter Description Parameter Description ip-address Specifies a valid IP address.
2CSPC4.XModular-SWUM201.book Page 493 Monday, October 3, 2011 2:21 PM User Guidelines When setting the netmask/prefix length on an IPv4 address, a space is required between the address and the mask or prefix length. Setting an IP address on the out-of-band port enables switch management over the service port. Example The following examples configure the service port with IP address 131.108.1.27 and subnet mask 255.255.255.0 and the same IP address with prefix length of 24 bits.
2CSPC4.XModular-SWUM201.book Page 494 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console# console#configure console(config)#ip address-conflict-detect run ip address dhcp (Interface Config) Use the ip address dhcp command in Interface (VLAN) Configuration mode to enable the DHCPv4 client on an interface. Syntax ip address dhcp no ip address dhcp Parameter Description This command does not require a parameter description.
2CSPC4.XModular-SWUM201.book Page 495 Monday, October 3, 2011 2:21 PM • The command no ip address removes the interface’s primary address only if configured through DHCP and sets the interface method to None. It does not remove a manually configured address. In addition to leasing an IP address and subnet mask, the DHCP client may learn the following parameters from a DHCP server: • The IPv4 address of a default gateway.
2CSPC4.XModular-SWUM201.book Page 496 Monday, October 3, 2011 2:21 PM Default Configuration No default gateway is defined. Command Mode Global Configuration mode User Guidelines When the system does not have a more specific route to a packet’s destination, it sends the packet to the default gateway. The system installs a default IPv4 route with the gateway address as the next hop address. The route preference is 253.
2CSPC4.XModular-SWUM201.book Page 497 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables the IP Domain Naming System (DNS)-based host name-to-address translation. console(config)#ip domain-lookup ip domain-name Use the ip domain-name command in Global Configuration mode to define a default domain name used to complete unqualified host names.
2CSPC4.XModular-SWUM201.book Page 498 Monday, October 3, 2011 2:21 PM Example The following example defines a default domain name of dell.com. console(config)#ip domain-name dell.com ip host Use the ip host command in Global Configuration mode to define static host name-to-address mapping in the host cache. To delete the name-to-address mapping, use the no form of this command. Syntax ip host name address no ip host name • name — Host name. • address — IP address of the host.
2CSPC4.XModular-SWUM201.book Page 499 Monday, October 3, 2011 2:21 PM ip name-server Use the ip name-server command in Global Configuration mode to define available IPv4 or IPv6 name servers. To delete a name server, use the no form of this command. Syntax ip name-server server-address1 [server-address2 … server-address8] no ip name-server [server-address1 … server-address8] • server-address — Valid IPv4 or IPv6 addresses of the name server.
2CSPC4.XModular-SWUM201.book Page 500 Monday, October 3, 2011 2:21 PM Syntax ipv6 address { prefix/prefix-length [eui64] | autoconfig | dhcp } no ipv6 address • prefix —Consists of the bits of the address to be configured. • prefix-length —Designates how many of the high-order contiguous bits of the address make up the prefix. • eui64— The optional eui-64 field designates that IPv6 processing on the interfaces is enabled using an EUI-64 interface ID in the low order 64 bits of the address.
2CSPC4.XModular-SWUM201.book Page 501 Monday, October 3, 2011 2:21 PM Configure a default gateway on vlan 10 console(config)#no ipv6 address autoconfig console(config)#no ipv6 address 2003::6/64 console(config)#no ipv6 address 2001::/64 eui64 console(config)#no ipv6 address ipv6 address (OOB Port) Use the ipv6 address command in Interface (out-of-band) Config mode to set the IPv6 prefix on the out-of-band port.
2CSPC4.XModular-SWUM201.book Page 502 Monday, October 3, 2011 2:21 PM Parameter Description eui64 Formulate the prefix in EUI-64 format. autoconfig Perform IPv6 auto-configuration. dhcp Obtain the prefix via DHCP. Default Configuration No address is assigned to the out-of-band interface by default.
2CSPC4.XModular-SWUM201.book Page 503 Monday, October 3, 2011 2:21 PM Default Configuration DHCPv6 is disabled by default on routing interfaces. Command Mode Interface (VLAN) Configuration mode User Guidelines This command only applies to VLAN routing interfaces. When DHCPv6 is enabled on a VLAN routing interface, the system automatically deletes all manually configured IPv6 addresses on the interface. Use the no ipv6 address dhcp command to release a leased address and to disable DHCPv6 on an interface.
2CSPC4.XModular-SWUM201.book Page 504 Monday, October 3, 2011 2:21 PM Default Configuration IPv6 is not enabled by default. Command Mode Interface Configuration mode (VLAN, loopback) User Guidelines There are no user guidelines for this command. Example console(config)#no ipv6 enable ipv6 enable (OOB Config) Use the ipv6 enable command in Interface (out-of-band) Config mode to enable IPv6 operation on the out-of-band interface.
2CSPC4.XModular-SWUM201.book Page 505 Monday, October 3, 2011 2:21 PM ipv6 gateway (OOB Config) Use the ipv6 gateway command in Interface (out-of-band) Config mode to configure the address of the IPv6 gateway. The gateway is used as a default route for packets addressed to network devices not present on the local subnet. Use the no form of the command to remove the gateway configuration.
2CSPC4.XModular-SWUM201.book Page 506 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays information about IP hosts. console>show hosts Host name: Default domain: gm.com, sales.gm.com, usa.sales.gm.com Name/address lookup is enabled Name servers (Preference order): 176.16.1.18 176.16.1.
2CSPC4.XModular-SWUM201.book Page 507 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode User Guidelines This command has no user guidelines. The command provides the following information. Term Description Address Conflict Detection Status Whether the switch has detected an address conflict on any IP address. Set to Conflict Detected if detected, No Conflict Detected otherwise.
2CSPC4.XModular-SWUM201.book Page 508 Monday, October 3, 2011 2:21 PM show ip helper-address Use the show ip helper-address command in Privileged EXEC mode to display IP helper addresses configuration. Syntax show ip helper-address [intf-address] • intf-address — IP address of a routing interface. (Range: Any valid IP address) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 509 Monday, October 3, 2011 2:21 PM show ipv6 dhcp interface out-of-band statistics Use the show ipv6 dhcp interface out-of-band statistics command in Privileged EXEC mode to display IPv6 DHCP statistics for the out-of-band interface. Syntax show ipv6 dhcp interface out-of-band statistics Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 510 Monday, October 3, 2011 2:21 PM DHCPv6 Request Packets Transmitted............. 0 DHCPv6 Renew Packets Transmitted............... 0 DHCPv6 Rebind Packets Transmitted.............. 0 DHCPv6 Release Packets Transmitted............. 0 Total DHCPv6 Packets Transmitted............... 8 show ipv6 interface out-of-band Use the show ipv6 interface out-of-band command in Privileged EXEC mode to show the ipv6 out-of-band port configuration.
2CSPC4.XModular-SWUM201.book Page 511 Monday, October 3, 2011 2:21 PM IPv6 Default Router............................ FE80::A912:FEC2:A145:FEAD Configured IPv6 Protocol....................... None IPv6 AutoConfig Mode........................... Enabled Burned In MAC Address.......................... 001E.C9AA.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 513 Monday, October 3, 2011 2:21 PM IPv6 Access List Commands 20 Access to a switch or router can be made more secure through the use of Access Control Lists (ACLs) to control the type of traffic allowed into or out of specific ports. An ACL consists of a series of rules, each of which describes the type of traffic to be processed and the actions to take for packets that meet the classification criteria.
2CSPC4.XModular-SWUM201.book Page 514 Monday, October 3, 2011 2:21 PM { deny | permit} (IPv6 ACL) This command creates a new rule for the current IPv6 access list. Each rule is appended to the list of configured rules for the list. A rule may either deny or permit traffic according to the specified classification fields. At a minimum, either the every keyword or the protocol, source address, and destination address values must be specified.
2CSPC4.XModular-SWUM201.book Page 515 Monday, October 3, 2011 2:21 PM Parameter Description every Allows all protocols. icmpv6 | ipv6 | tcp Protocol to match, specified as keywords icmp, igmp, ipv6, tcp, | udp | udp or as a standard protocol number from 1–255. protocolnumber any | sourceipv6 prefix/ prefixlength any matches any source IP address. Or, you can specify a source IPv6 addressed expressed as a prefix/prefixlength.
2CSPC4.XModular-SWUM201.book Page 516 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode IPv6-Access-List Configuration mode User Guidelines Users are permitted to add rules, but if a packet does not match any userspecified rules, the packet is dropped by the implicit “deny all” rule. The 'no' form of this command is not supported, since the rules within an IPv6 ACL cannot be deleted individually.
2CSPC4.XModular-SWUM201.book Page 517 Monday, October 3, 2011 2:21 PM Syntax ipv6 access-list name no ipv6 access-list name • name — Alphanumeric string of 1 to 31 characters uniquely identifying the IPv6 access list. Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 518 Monday, October 3, 2011 2:21 PM Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(Config)#ipv6 access-list rename DELL_IP6 DELL_IP6_NEW_NAME ipv6 traffic-filter The ipv6 traffic-filter command either attaches a specific IPv6 Access Control List (ACL) to an interface or associates it with a VLAN ID in a given direction.
2CSPC4.XModular-SWUM201.book Page 519 Monday, October 3, 2011 2:21 PM • sequence seq-num — Order of access list relative to other access lists already assigned to this interface and direction. (Range: 1–4294967295) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 520 Monday, October 3, 2011 2:21 PM Parameter Description Rule Status Status (Active/Inactive) of the IPv6 ACL rule. Default Configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays configuration information for the IPv6 ACLs.
2CSPC4.XModular-SWUM201.book Page 521 Monday, October 3, 2011 2:21 PM Action......................................... permit Protocol....................................... 255(ipv6) Source IP Address.............................. 2001:DB8::/32 The command output provides the following information: Field Description Rule Number The ordered rule number identifier defined within the IPv6 ACL. Action Displays the action associated with each rule. The possible values are Permit or Deny.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 523 Monday, October 3, 2011 2:21 PM 21 IPv6 MLD Snooping Commands In IPv6, Multicast Listener Discover (MLD) snooping performs functions similar to IGMP snooping in IPv4. With MLD snooping, IPv6 multicast data is selectively forwarded to a list of ports that want to receive the data, instead of being flooded to all ports in a VLAN. This list is constructed by snooping IPv6 multicast control packets.
2CSPC4.XModular-SWUM201.book Page 524 Monday, October 3, 2011 2:21 PM ipv6 mld snooping immediate-leave The ipv6 mld snooping immediate-leave command enables or disables MLD Snooping snooping immediate-leave admin mode on a selected interface or VLAN. Enabling fast-leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an MLD done message for that multicast group without first sending out MAC-based general queries to the interface.
2CSPC4.XModular-SWUM201.book Page 525 Monday, October 3, 2011 2:21 PM ipv6 mld snooping groupmembership-interval The ipv6 mld snooping groupmembership-interval command sets the MLD Group Membership Interval time on a VLAN or interface. The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry. This value must be greater than the MLDv2 Maximum Response time value.
2CSPC4.XModular-SWUM201.book Page 526 Monday, October 3, 2011 2:21 PM interface because it did not receive a report for a particular group in that interface. This value must be less than the MLD Query Interval time value. The range is 1 to 3599 seconds. Syntax ipv6 mld snooping maxresponse [vlan-id] [seconds] no ipv6 mld snooping maxresponse [vlan-id] • vlan_id — Specifies a VLAN ID value in VLAN Database mode. • seconds — MLD maximum response time in seconds.
2CSPC4.XModular-SWUM201.book Page 527 Monday, October 3, 2011 2:21 PM no ipv6 mld snooping mcrtexpiretime [vlan-id] • • vlan_id — Specifies a VLAN ID value in VLAN Database mode. seconds — multicast router present expiration time in seconds. (Range: 1–3600) Default Configuration The default multicast router present expiration time is 300 seconds. Command Mode Interface Configuration mode. VLAN Database mode.
2CSPC4.XModular-SWUM201.book Page 528 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping ipv6 mld snooping (Interface) The ipv6 mld snooping (Interface) command enables MLD Snooping on an interface. If an interface has MLD Snooping enabled and it becomes a member of a port-channel (LAG), MLD Snooping functionality is disabled on that interface.
2CSPC4.XModular-SWUM201.book Page 529 Monday, October 3, 2011 2:21 PM Syntax ipv6 mld snooping no ipv6 mld snooping Default Configuration MLD Snooping is disabled. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 530 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping 1 show ipv6 mld snooping The show ipv6 mld snooping command displays MLD Snooping information. Configured information is displayed whether or not MLD Snooping is enabled.
2CSPC4.XModular-SWUM201.book Page 531 Monday, October 3, 2011 2:21 PM • VLANs Enabled for MLD Snooping — VLANs on which MLD Snooping is enabled. When you specify an interface or VLAN, the following information displays: • MLD Snooping Admin Mode — Indicates whether MLD Snooping is active on the interface or VLAN. • Fast Leave Mode — Indicates whether MLD Snooping Fast-leave is active on the VLAN.
2CSPC4.XModular-SWUM201.book Page 532 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines To see the full Multicast address table (including static addresses) use the show bridge address-table command. Example console#show ipv6 mld snooping groups Vlan Ipv6 Address Type Ports ---- ----------------------- ------- --------------------------- 1 3333.0000.0003 Dynamic 1/0/1,1/0/3 2 3333.0000.0004 Dynamic 1/0/1,1/0/3 2 3333.0000.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 535 Monday, October 3, 2011 2:21 PM IPv6 MLD Snooping Querier Commands 22 IGMP/MLD Snooping Querier is an extension of the IGMP/MLD Snooping feature. IGMP/MLD Snooping Querier allows the switch to simulate an IGMP/MLD router in a Layer 2-only network, thus removing the need to have an IGMP/MLD Router to collect the multicast group membership information. The querier function simulates a small subset of the IGMP/MLD router functionality.
2CSPC4.XModular-SWUM201.book Page 536 Monday, October 3, 2011 2:21 PM ipv6 mld snooping querier Use the ipv6 mld snooping querier command to enable MLD Snooping Querier on the system. Use the "no" form of this command to disable MLD Snooping Querier. Syntax ipv6 mld snooping querier no ipv6 mld snooping querier Default Configuration MLD Snooping Querier is disabled by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 537 Monday, October 3, 2011 2:21 PM Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command. Example console(config-vlan)#ipv6 mld snooping querier 10 ipv6 mld snooping querier address Use the ipv6 mld snooping querier address command to set the global MLD Snooping Querier address. Use the "no" form of this command to reset the global MLD Snooping Querier address to the default.
2CSPC4.XModular-SWUM201.book Page 538 Monday, October 3, 2011 2:21 PM ipv6 mld snooping querier election participate Use the ipv6 mld snooping querier election participate command to enable the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN. When this mode is enabled, if the Snooping Querier finds that the other Querier's source address is higher than the Snooping Querier's address, it stops sending periodic queries.
2CSPC4.XModular-SWUM201.book Page 539 Monday, October 3, 2011 2:21 PM Syntax ipv6 mld snooping querier query-interval interval ipv6 mld snooping querier query-interval • interval — Amount of time that the switch waits before sending another general query. (Range: 1–1800 seconds) Default Configuration The default query interval is 60 seconds.
2CSPC4.XModular-SWUM201.book Page 540 Monday, October 3, 2011 2:21 PM Default Configuration The default timer expiration period is 60 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 mld snooping querier timer expiry 222 show ipv6 mld snooping querier Use the show ipv6 mld snooping querier command to display MLD Snooping Querier information.
2CSPC4.XModular-SWUM201.book Page 541 Monday, October 3, 2011 2:21 PM MLD Snooping Querier Mode Indicates whether or not MLD Snooping Querier is active on the switch. Querier Address Shows the IP Address which will be used in the IPv6 header while sending out MLD queries. MLD Version Indicates the version of MLD that will be used while sending out the queries. This is defaulted to MLD v1 and it can not be changed.
2CSPC4.XModular-SWUM201.book Page 542 Monday, October 3, 2011 2:21 PM Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received. MLD Version Indicates the version of MLD.
2CSPC4.XModular-SWUM201.book Page 543 Monday, October 3, 2011 2:21 PM IP Source Guard Commands 23 IP Source Guard (IPSG) is a security feature that filters IP packets based on source ID. The source ID may either be source IP address or a {source IP address, source MAC address} pair. The network administrator configures whether enforcement includes the source MAC address. The network administrator can configure static authorized source IDs.
2CSPC4.XModular-SWUM201.book Page 544 Monday, October 3, 2011 2:21 PM Syntax ip verify source Default Configuration By default, IPSG is disabled on all interfaces. Command Mode Interface Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 545 Monday, October 3, 2011 2:21 PM Example console(config-if-1/0/1)#ip verify source portsecurity ip verify binding Use the ip verify binding command in Global Configuration mode to configure static bindings. Use the no form of the command to remove the IPSG entry. Syntax ip verify binding macaddr vlan ipaddr interface Default Configuration By default, there will not be any static bindings configured.
2CSPC4.XModular-SWUM201.book Page 546 Monday, October 3, 2011 2:21 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ip verify interface gigabitethernet 1/0/1 show ip verify source interface Use the show ip verify source interface command in Privileged EXEC mode to display the bindings configured on a particular interface.
2CSPC4.XModular-SWUM201.book Page 547 Monday, October 3, 2011 2:21 PM Syntax show ip source binding Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 549 Monday, October 3, 2011 2:21 PM 24 iSCSI Optimization Commands NOTE: The iSCSI commands are only supported on the PCM6348, PCM8024, and PCM8024-k switches. The commands will have different capabilties depending on the switch. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models.
2CSPC4.XModular-SWUM201.book Page 550 Monday, October 3, 2011 2:21 PM QoS treatment is accomplished by monitoring traffic to detect packets used by iSCSI stations to establish iSCSI sessions and connections. Data from these exchanges is used to create classification rules that assign the traffic between the stations to a configured traffic class. Packets in the flow are queued and scheduled for egress on the destination port based on these rules.
2CSPC4.XModular-SWUM201.book Page 551 Monday, October 3, 2011 2:21 PM Default Configuration The default aging time is 10 minutes. Command Mode Global Configuration mode. User Guidelines Changing the aging time has the following behavior: • When aging time is increased, current sessions will be timed out according to the new value. • When aging time is decreased, any sessions that have been dormant for a time exceeding the new setting will be immediately deleted from the table.
2CSPC4.XModular-SWUM201.book Page 552 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description enable Enables application of preferential QoS treatment to iSCSI frames. disable Disables application of preferential QoS treatment to iSCSI frames. vpt/dscp The VLAN Priority Tag or DSCP value to assign received iSCSI session packets. remark Mark the iSCSI frames with the configured DSCP when egressing the switch. Default Configuration By default, frames are not remarked.
2CSPC4.XModular-SWUM201.book Page 553 Monday, October 3, 2011 2:21 PM (under heavy high priority traffic), other lower priority traffic may get starved. In WRR the queue to which the flow is assigned to can be set to get the required percentage. If an EqualLogic array is detected when QoS is enabled, two additional TCP ports receive preferential QoS treatment (TCP ports 25555 and 9876). This QoS policy is applied globally.
2CSPC4.XModular-SWUM201.book Page 554 Monday, October 3, 2011 2:21 PM These changes appear in the running config. Disabling iSCSI Optimization does not disable flow control, portfast or storm control configuration applied as a result of enabling iSCSI Optimization.
2CSPC4.XModular-SWUM201.book Page 555 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description tcp-port TCP port number or list of TCP port numbers on which iSCSI target(s) listen to requests. Up to 16 TCP ports can be defined in the system in one command or by using multiple commands. ip-address IP address of the iSCSI target. When the no form is used, and the tcp port to be deleted is one bound to a specific IP address, the address field must be present.
2CSPC4.XModular-SWUM201.book Page 556 Monday, October 3, 2011 2:21 PM • When a port is already defined and not bound to an IP address, and you want to bind the port to an IP address, first remove the port by using the no form of the command and then add it again, this time together with the relevant IP address. • Target names are only for display when using the show iscsi command. These names are not used to match (or for doing any sanity check) with the iSCSI session information acquired by snooping.
2CSPC4.XModular-SWUM201.book Page 557 Monday, October 3, 2011 2:21 PM iSCSI enabled iSCSI CoS enabled iSCSI vpt is 5 Session aging time: 10 min Maximum number of sessions is 192 -----------------------------------------------iSCSI Targets and TCP Ports: -----------------------------------------------TCP Port 860 3260 Target IP Address - Name - 30001 172.16.1.1 iqn.1993-11.com.diskvendor:diskarrays.sn.45678.tape:sys1.xyz 30033 172.16.1.
2CSPC4.XModular-SWUM201.book Page 558 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example The following examples show summary and detailed information about the iSCSI sessions. console#show iscsi sessions Target: iqn.1993-11.com.diskvendor:diskarrays.sn.45678 ----------------------------------------------------Initiator: iqn.1992-04.com.os-vendor.plan9:cdrom.12 ISID: 11 Initiator: iqn.1995-05.com.os-vendor.plan9:cdrom.
2CSPC4.XModular-SWUM201.book Page 559 Monday, October 3, 2011 2:21 PM Session 1: Initiator: iqn.1992-04.com.os vendor.plan9:cdrom.12.storage:sys1.xyz ----------------------------------------------------Time started: 17-Jul-2008 10:04:50 Time for aging out: 10 min ISID: 11 Initiator Initiator Target Target IP address TCP port IP address IP port 172.16.1.3 49154 172.16.1.20 30001 172.16.1.4 49155 172.16.1.21 30001 172.16.1.5 49156 172.16.1.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 561 Monday, October 3, 2011 2:21 PM Link Dependency Commands 25 Link dependency allows the link status of a group of interfaces to be made dependent on the link status of other interfaces. The effect is that the link status of a group that depends on another interface either mirrors or inverts the link status of the depended-on interface.
2CSPC4.XModular-SWUM201.book Page 562 Monday, October 3, 2011 2:21 PM Default Configuration The default configuration for a group is down, i.e. the group members will mirror the depended-on link status by going down when all depended-on interfaces are down. Command Mode Link Dependency mode User Guidelines The action up command will cause the group members to be up when no depended-on interfaces are up.
2CSPC4.XModular-SWUM201.book Page 563 Monday, October 3, 2011 2:21 PM Example console(config)#link-dependency group 1 console(config-linkDep-group-1)# add gigabitethernet Use this command to add member gigabit Ethernet port(s) to the dependency list. Syntax add gigabitethernet intf-list • intf-list — List of Ethernet interfaces in unit/slot/port format. Separate nonconsecutive ports with a comma and no spaces. Use a hyphen to designate the range of ports.
2CSPC4.XModular-SWUM201.book Page 564 Monday, October 3, 2011 2:21 PM • intf-list — List of Ethernet interfaces in unit/slot/port format. Separate nonconsecutive ports with a comma and no spaces. Use a hyphen to designate the range of ports. (Range: Valid Ethernet interface list or range) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 565 Monday, October 3, 2011 2:21 PM Command Mode Link Dependency mode User Guidelines No specific guidelines Example console(config-depend-1)#add port-channel 10-12 depends-on Use this command command to add the dependent Ethernet ports or port channels list. Use the no depends-on command to remove the dependent Ethernet ports or port-channels list.
2CSPC4.XModular-SWUM201.book Page 566 Monday, October 3, 2011 2:21 PM Examples console(config-linkDep-group-1)#depends-on gigabitethernet 1/0/10 console(config-linkDep-group-1)#depends-on portchannel 6 show link-dependency Use the show link-dependency command to show the link dependencies configured for a particular group. If no group is specified, then all the configured link-dependency groups are displayed.
2CSPC4.XModular-SWUM201.book Page 567 Monday, October 3, 2011 2:21 PM console#show link-dependency GroupId Member Ports ------- --------------1 Ports Depended On Link Action Group State ------------------ ---------- ---------- Gi4/0/2-3,Gi4/0/5 Gi4/0/10-12 Link Up Up/Down The following command shows link dependencies for group 1 only.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 569 Monday, October 3, 2011 2:21 PM LLDP Commands 26 The IEEE 802.1AB standard defines the Link Layer Discovery Protocol (LLDP). This protocol allows stations residing on an 802 LAN to advertise major capabilities, physical descriptions, and management information to physically adjacent devices, allowing a network management system (NMS) to access and display this information.
2CSPC4.XModular-SWUM201.book Page 570 Monday, October 3, 2011 2:21 PM The receive function accepts incoming LLDPDU frames and stores information about the remote stations. Both local and remote data may be displayed by the user interface and retrieved using SNMP as defined in the LLDP MIB definitions. The component maintains one remote entry per physical network connection.
2CSPC4.XModular-SWUM201.book Page 571 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays how to clear the LLDP remote data. console#clear lldp remote-data clear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics. Syntax clear lldp statistics Default Configuration By default, the statistics are only cleared on a system reset.
2CSPC4.XModular-SWUM201.book Page 572 Monday, October 3, 2011 2:21 PM lldp notification Use the lldp notification command in Interface Configuration mode to enable remote data change notifications. To disable notifications, use the no form of this command. Syntax lldp notification no lldp notification Default Configuration By default, notifications are disabled on all supported interfaces. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 573 Monday, October 3, 2011 2:21 PM • interval — The smallest interval in seconds at which to send remote data change notifications. (Range: 5–3600 seconds) Default Configuration The default value is 5 seconds. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to set the interval value to 10 seconds.
2CSPC4.XModular-SWUM201.book Page 574 Monday, October 3, 2011 2:21 PM Example The following example displays how to enable the LLDP receive capability. console(config-if-1/0/3)#lldp receive lldp timers Use the lldp timers command in Global Configuration mode to set the timing parameters for local data transmission on ports enabled for LLDP. To return any or all parameters to factory default, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 575 Monday, October 3, 2011 2:21 PM Examples The following example displays how to configure LLDP to transmit local information every 1000 seconds. console(config)#lldp timers interval 1000 The following example displays how to set the timing parameter at 1000 seconds with a hold multiplier of 8 and a 5 second delay before reinitialization.
2CSPC4.XModular-SWUM201.book Page 576 Monday, October 3, 2011 2:21 PM lldp transmit-mgmt Use the lldp transmit-mgmt command in Interface Configuration mode to include transmission of the local system management address information in the LLDPDUs. To cancel inclusion of the management information, use the no form of this command. Syntax lldp transmit-mgmt no lldp transmit-mgmt Default Configuration By default, management address information is not included.
2CSPC4.XModular-SWUM201.book Page 577 Monday, October 3, 2011 2:21 PM • sys-name — Transmits the system name TLV • sys-desc — Transmits the system description TLV • sys-cap — Transmits the system capabilities TLV • port desc — Transmits the port description TLV Default Configuration By default, no optional TLVs are included. Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 578 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays the current LLDP configuration summary.
2CSPC4.XModular-SWUM201.book Page 579 Monday, October 3, 2011 2:21 PM Examples This example show how the information is displayed when you use the command with the all parameter.
2CSPC4.XModular-SWUM201.book Page 580 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Examples These examples show advertised LLDP local data in two levels of detail.
2CSPC4.XModular-SWUM201.book Page 581 Monday, October 3, 2011 2:21 PM System Capabilities Enabled: bridge Management Address: Type: IPv4 Address: 192.168.17.25 — — — show lldp remote-device Use the lldp remote-device command in Privileged EXEC mode to display the current LLDP remote data. This command can display summary information or detail for each interface. Syntax show lldp remote-device {detail interface | interface | all} • detail — Includes detailed version of remote data.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 583 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Examples The following examples shows an example of the display of current LLDP traffic statistics. console#show lldp statistics all LLDP Device Statistics Last Update.................................. 0 days 22:58:29 Total Inserts................................ 1 Total Deletes................................ 0 Total Drops.................................. 0 Total Ageouts............
2CSPC4.XModular-SWUM201.book Page 584 Monday, October 3, 2011 2:21 PM Fields Description Total Drops Number of times a complete set of information advertised by a remote device could not be inserted due to insufficient resources. Total Ageouts Number of times any remote data entry has been deleted due to time-to-live (TTL) expiration. Transmit Total Total number of LLDP frames transmitted on the indicated port. Receive Total Total number of valid LLDP frames received on the indicated port.
2CSPC4.XModular-SWUM201.book Page 585 Monday, October 3, 2011 2:21 PM Multicast VLAN Registration Commands 27 Multicast VLAN registration (MVR) is a method for consolidating multicast traffic from multiple VLANs onto a single VLAN. A typical usage scenario would be the distribution of a multicast group to a switch using a single VLAN where the switch has users in different VLANs subscribing to the multicast group.
2CSPC4.XModular-SWUM201.book Page 586 Monday, October 3, 2011 2:21 PM Commands in this Chapter This chapter explains the following commands: mvr mvr type mvr group mvr vlan group mvr mode show mvr mvr querytime show mvr members mvr vlan show mvr interface mvr immediate show mvr traffic mvr Use the mvr command in Global Config and Interface Config modes to enable MVR. Use the no form of this command to disable MVR.
2CSPC4.XModular-SWUM201.book Page 587 Monday, October 3, 2011 2:21 PM mvr group Use the mvr group command in Global Config mode to add an MVR membership group. Use the no form of the command to remove an MVR membership group. Syntax mvr group A.B.C.D [count] no mvr group A.B.C.D [count] Parameter Description Parameter Description A.B.C.D Specify a multicast group. count Specifies the number of multicast groups to configure.
2CSPC4.XModular-SWUM201.book Page 588 Monday, October 3, 2011 2:21 PM console(config)#mvr group 239.0.1.0 100 console(config)#mvr vlan 10 mvr mode Use the mvr mode command in Global Config mode to change the MVR mode type. Use the no form of the command to set the mode type to the default value. Syntax mvr mode {compatible | dynamic} no mvr mode Parameter Description Parameter Description compatible Do not allow membership joins on source ports.
2CSPC4.XModular-SWUM201.book Page 589 Monday, October 3, 2011 2:21 PM Syntax mvr querytime 1–100 no mvr querytime Parameter Description Parameter Description querytime The query time is a maximum time to wait for an IGMP membership report on a receiver port before removing the port from the multicast group. The query time only applies to receiver ports. The query time is specified in tenths of a second. Default Configuration The default value is 5 tenths of a second.
2CSPC4.XModular-SWUM201.book Page 590 Monday, October 3, 2011 2:21 PM mvr vlan Use the mvr vlan command in Global Config mode to set the MVR multicast VLAN. Use the no form of the command to set the MVR multicast VLAN to the default value. Syntax mvr vlan 1–4094 no mvr vlan Parameter Description Parameter Description vlan The VLAN specifies the port on which multicast data is expected to be received. Source ports should belong to this VLAN. Default Configuration The default value is 1.
2CSPC4.XModular-SWUM201.book Page 591 Monday, October 3, 2011 2:21 PM Syntax mvr immediate no mvr immediate Parameter Description This command does not require a parameter description. Default Configuration The default value is Disabled. Command Mode Interface Config User Guidelines Immediate leave should only be configured on ports with a single receiver. When immediate leave is enabled, a receiver port will leave a group on receipt of a leave message.
2CSPC4.XModular-SWUM201.book Page 592 Monday, October 3, 2011 2:21 PM Syntax mvr type { receiver | source } no mvr type Parameter Description Parameter Description receiver Configure the port as a receiver port. Receiver ports are ports over which multicast data will be sent but not received. source Configure the port as a source port. Source ports are ports over which multicast data is received or sent. Default Configuration The default value is None.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 594 Monday, October 3, 2011 2:21 PM User Guidelines This command statically configures a port to receive the specified multicast group on the specified VLAN. This command only applies to receiver ports in compatible mode. It also applies to source ports in dynamic mode. In dynamic mode, receiver ports can also join multicast groups using IGMP messages.
2CSPC4.XModular-SWUM201.book Page 595 Monday, October 3, 2011 2:21 PM Parameter Description MVR Max Multicast Groups The maximum number of multicast groups that is supported by MVR. MVR Current Multicast groups The current number of MVR groups allocated. MVR Query Response Time The current MVR query response time. MVR Mode The current MVR mode. It can be compatible or dynamic. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 596 Monday, October 3, 2011 2:21 PM show mvr members Use the show mvr members command in Privileged EXEC mode to display the MVR membership groups allocated. Syntax show mvr members [A.B.C.D] Parameter Description The parameter is a valid multicast address in IPv4 dotted notation. The following table explains the output parameters. Parameter Description MVR Group IP MVR group multicast IP address. Status The status of the specific MVR group.
2CSPC4.XModular-SWUM201.book Page 597 Monday, October 3, 2011 2:21 PM MVR Group IP Status Members ------------------ --------------- --------------------- 224.1.1.1 INACTIVE 1/0/1, 1/0/2, 1/0/3 console#show mvr members 224.1.1.1 MVR Group IP Status Members ------------------ --------------- --------------------- 224.1.1.1 INACTIVE 1/0/1, 1/0/2, 1/0/3 show mvr interface Use the show mvr interface command in Privileged EXEC mode to display the MVR enabled interfaces configuration.
2CSPC4.XModular-SWUM201.book Page 598 Monday, October 3, 2011 2:21 PM Parameter Description Immediate Leave The state of immediate mode. It can be enabled or disabled. Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines The following table lists the completion messages.
2CSPC4.XModular-SWUM201.book Page 599 Monday, October 3, 2011 2:21 PM show mvr traffic Use the show mvr traffic command in Privileged EXEC mode to display global MVR statistics. Syntax show mvr traffic Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines The following table lists the completion messages.
2CSPC4.XModular-SWUM201.book Page 600 Monday, October 3, 2011 2:21 PM Parameter Description IGMP Report V1 Transmitted Number of transmitted IGMP Reports V1. IGMP Report V2 Transmitted Number of transmitted IGMP Reports V2. IGMP Leave Transmitted Number of transmitted IGMP Leaves. IGMP Packet Receive Failures Number of failures on receiving the IGMP packets. IGMP Packet Transmit Failures Number of failures on transmitting the IGMP packets. console#show mvr traffic IGMP Query Received..........
2CSPC4.XModular-SWUM201.book Page 601 Monday, October 3, 2011 2:21 PM Port Aggregator Commands 28 This chapter explains the following commands: add ethernet negotiation duplex port-aggregator group minimum active uplinks show bridge address-table mtu disable speed add ethernet Use the add ethernet command to add member Ethernet ports to the Aggregator Group. To remove member Ethernet ports from the Aggregator Group/Zone, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 602 Monday, October 3, 2011 2:21 PM Example console(config)#port-aggregator group 1 console(config-aggregator-1)#add ethernet 1/g1 console(config-aggregator-1)# duplex Use the duplex command in port aggregator configuration mode to configure the full/half duplex operation of all member ports in the aggregator group/zone. To restore the default, use the no form of this command. Syntax duplex [half | full] no duplex • half — Force half-duplex operation.
2CSPC4.XModular-SWUM201.book Page 603 Monday, October 3, 2011 2:21 PM minimum active uplinks Use the minimum active uplinks command to set the minimum number of uplinks to be active for the Group. For example, if the number of uplink ports in the group is 2 and the number of internal ports is 4. If the user sets the minimum active uplink ports to be 2, then both the uplink ports should be active; otherwise, all the internal ports in the Group will be brought down.
2CSPC4.XModular-SWUM201.book Page 604 Monday, October 3, 2011 2:21 PM Syntax mtu disable no mtu disable Default Configuration This command has no default configuration. Command Mode Port Aggregator mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 605 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 1 console(config-aggregator-1)#negotiation console(config-aggregator-1)# port-aggregator group Use the port-aggregator group command to enter the Port Aggregator mode to configure aggregator group attributes. To remove all the attributes on the specified group, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 606 Monday, October 3, 2011 2:21 PM show bridge address-table Use the show bridge address-table command to show the MAC address table for a particular aggregator group. [port-aggregator group is an optional parameter in the command, and if not specified, it shows all the MAC entries in all the Groups. Syntax show bridge address-table [port-aggregator group < GroupId >] • GroupId — Port Aggregator group identifier.
2CSPC4.XModular-SWUM201.book Page 607 Monday, October 3, 2011 2:21 PM speed Use the speed command in port aggregator configuration mode to configure the speed of all member ports in the aggregator group/zone. To restore the default, use the no form of this command. Syntax speed [10 | 100 ] no speed • 10 — Configures the port to 10 Mbps operation. • 100 — Configures the port to 100 Mbps operation. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 609 Monday, October 3, 2011 2:21 PM Port Channel Commands 29 Care must be taken while enabling this type of configuration. If the Partner System is not 802.3AD compliant or the Link Aggregation Control protocol is not enabled, there may be network instability.
2CSPC4.XModular-SWUM201.book Page 610 Monday, October 3, 2011 2:21 PM A LAG can be either static or dynamic not both. It cannot have some members participate in the protocol while other members not participate. Additionally, it is not possible to change a LAG from static to dynamic via the CLI. You must remove the member ports from the static LAG and then add them to the dynamic LAG. VLANs and LAGs When members are added to a LAG, they are removed from all existing VLAN membership.
2CSPC4.XModular-SWUM201.book Page 611 Monday, October 3, 2011 2:21 PM A LAG failure of one or more of the links does not stop traffic in any manner. Upon failure, the flows mapped to a link are dynamically reassigned to the remaining links of the LAG. Similarly when links are added to a LAG, the conversations may need to be shifted to a new link. The purpose of link aggregation is to increase bandwidth between two switches. It is achieved by aggregating multiple ports in one logical group.
2CSPC4.XModular-SWUM201.book Page 612 Monday, October 3, 2011 2:21 PM The hashing algorithm is configurable for each LAG. Typically, an administrator is able to choose from hash algorithms utilizing the following attributes of a packet to determine the outgoing port: • Source MAC, VLAN, EtherType, and incoming port associated with the packet. • Source IP and Source TCP/UDP fields of the packet. • Destination MAC, VLAN, EtherType, and incoming port associated with the packet.
2CSPC4.XModular-SWUM201.book Page 613 Monday, October 3, 2011 2:21 PM Manual Aggregation of LAGs PowerConnect switching supports the manual addition and deletion of links to aggregates. In the manual configuration of aggregates, the ports send their Actor Information (LACPDUs) to the partner system in order to find a suitable Partner to form an aggregation. When the Partner System neglects to respond using LACPDUs, the PowerConnect switching aggregates manually.
2CSPC4.XModular-SWUM201.book Page 614 Monday, October 3, 2011 2:21 PM lacp static channel-group Use the channel-group command in Interface Configuration mode to associate a port with a port channel. To remove the channel-group configuration from the interface, use the no form of this command. Syntax channel-group port-channel-number mode {on | active} no channel-group • port-channel-number — Number of a valid port-channel with which to associate the current interface.
2CSPC4.XModular-SWUM201.book Page 615 Monday, October 3, 2011 2:21 PM console(config-if-1/0/6)# channel-group 1 mode active interface port-channel Use the interface port-channel command in Global Configuration mode to configure a port-channel type and enter port-channel configuration mode. Syntax interface port-channel port-channel-number Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 616 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines Commands in the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, it stops the execution of the command on subsequent interfaces.
2CSPC4.XModular-SWUM201.book Page 617 Monday, October 3, 2011 2:21 PM • 6 — Source/destination IP and source/destination TCP/UDP port • 7 — Enhanced hashing mode Default Configuration This command has no default configuration. Command Mode Interface Configuration (port-channel) User Guidelines No specific guidelines.
2CSPC4.XModular-SWUM201.book Page 618 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 2 console(config-aggregator-2)#lacp auto console(config-aggregator-2)# lacp off Use the lacp off command to set the LACP (Link Aggregation) mode to off for that Aggregator Group. This means that when more than one uplink port is in the Group, all the uplinks are shut down except the lowest numbered one.
2CSPC4.XModular-SWUM201.book Page 619 Monday, October 3, 2011 2:21 PM lacp port-priority Use the lacp port-priority command in Interface Configuration mode to configure the priority value for physical ports. To reset to default priority value, use the no form of this command. Syntax lacp port-priority value no lacp port-priority • value — Port priority value. (Range: 1–65535) Default Configuration The default port priority value is 1.
2CSPC4.XModular-SWUM201.book Page 620 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Port Aggregator mode User Guidelines This command has no user guidelines. Example console(config)#port-aggregator group 2 console(config-aggregator-2)#lacp static console(config-aggregator-2)# lacp system-priority Use the lacp system-priority command in Global Configuration mode to configure the Link Aggregation system priority.
2CSPC4.XModular-SWUM201.book Page 621 Monday, October 3, 2011 2:21 PM Example The following example configures the system priority to 120. console(config)#lacp system-priority 120 lacp timeout Use the lacp timeout command in Interface Configuration mode to assign an administrative LACP timeout. To reset the default administrative LACP timeout, use the no form of this command. Syntax lacp timeout {long | short} no lacp timeout • long — Specifies a long timeout value.
2CSPC4.XModular-SWUM201.book Page 622 Monday, October 3, 2011 2:21 PM no lacp Use the no lacp command to set the LACP (Link Aggregation) mode to default for that Aggregator Group. The default LACP mode is dynamic. Syntax no lacp Default Configuration This command has no default configuration. Command Mode Port Aggregator mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 623 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description min-links The minimum number of links that must be active before the link is declared up. Range 1-8. The default is 1. Default Configuration This command has no default configuration. Command Mode Interface Configuration (port-channel) mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 625 Monday, October 3, 2011 2:21 PM Example The following example shows how to display LACP Ethernet interface information.
2CSPC4.XModular-SWUM201.book Page 626 Monday, October 3, 2011 2:21 PM port Oper timeout: LONG LACP Activity: ASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Port 1/0/1 LACP Statistics: LACP PDUs sent: 2 LACP PDUs received: 2 show statistics port-channel Use the show statistics port-channel command in Privileged EXEC mode to display statistics about a specific port-channel.
2CSPC4.XModular-SWUM201.book Page 627 Monday, October 3, 2011 2:21 PM Total Packets Received (Octets)................ 0 Packets Received > 1522 Octets................. 0 Packets RX and TX 64 Octets.................... 1064 Packets RX and TX 65-127 Octets................ 140 Packets RX and TX 128-255 Octets............... 201 Packets RX and TX 256-511 Octets............... 418 Packets RX and TX 512-1023 Octets.............. 1 Packets RX and TX 1024-1518 Octets.............
2CSPC4.XModular-SWUM201.book Page 628 Monday, October 3, 2011 2:21 PM Unacceptable Frame Type........................ 0 Multicast Tree Viable Discards................. 0 Reserved Address Discards...................... 0 Broadcast Storm Recovery....................... 0 CFI Discards................................... 0 Upstream Threshold............................. 0 Total Packets Transmitted (Octets)............. 263567 Max Frame Size.................................
2CSPC4.XModular-SWUM201.book Page 629 Monday, October 3, 2011 2:21 PM GVRP Failed Registrations...................... 0 Time Since Counters Last Cleared...............
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 631 Monday, October 3, 2011 2:21 PM Port Monitor Commands 30 PowerConnect switches allow the user to monitor traffic with an external network analyzer. The external network analyzer can use any of the Ethernet ports as a probe port. The probe port transmits a mirror copy of the traffic being probed. Network traffic transmission is always disrupted whenever a configuration change is made for port monitoring.
2CSPC4.XModular-SWUM201.book Page 632 Monday, October 3, 2011 2:21 PM monitor session show monitor session monitor session Use the monitor session command in Global Configuration mode to configure a probe port and a monitored port for monitor session (port monitoring). Use the src-interface parameter to specify the interface to monitor. Use rx to monitor only ingress packets, or use tx to monitor only egress packets.
2CSPC4.XModular-SWUM201.book Page 633 Monday, October 3, 2011 2:21 PM User Guidelines The source of a monitoring session must be configured before the destination can be configured. Example The following examples show a simple port level configuration that mirrors both transmitted and received packet from one port to another.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 635 Monday, October 3, 2011 2:21 PM QoS Commands 31 Quality of Service (QoS) technologies are intended to provide guaranteed timely delivery of specific application data to a particular destination. In contrast, standard IP-based networks are designed to provide best effort data delivery service. Best effort service implies that the network delivers the data in a timely fashion, although there is no guarantee.
2CSPC4.XModular-SWUM201.book Page 636 Monday, October 3, 2011 2:21 PM A user configures an ACL permit rule to force its matching traffic stream to a specific egress interface, bypassing any forwarding decision normally performed by the device. The interface can be a physical port or a LAG. The redirect interface rule action is independent of, but compatible with, the assign queue rule action. ACLs can be configured to apply to a VLAN instead of an interface.
2CSPC4.XModular-SWUM201.book Page 637 Monday, October 3, 2011 2:21 PM – • Untrusted Port Default Priority Queue Configuration This enables PowerConnect switches to support a wide variety of delay sensitive video and audio multicast applications. CoS mapping tables, port default priority, and hardware queue parameters may be configured on LAG interfaces as well as physical port interfaces.
2CSPC4.XModular-SWUM201.book Page 638 Monday, October 3, 2011 2:21 PM process is also used for cases where a trusted port mapping is unable to be honored, such as when a nonIP packet arrives at a port configured to trust the IP precedence or IP DSCP value. PCM6220 Limitations The PCM6220 switch does not support out-bound service policies or ACLs.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 640 Monday, October 3, 2011 2:21 PM Example The following example displays how to change the queue ID to 4 for the associated traffic stream. console(config-policy-classmap)#assign-queue 4 class Use the class command in Policy-Map Class Configuration mode to create an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent policy attribute statements.
2CSPC4.XModular-SWUM201.book Page 641 Monday, October 3, 2011 2:21 PM class-map Use the class-map command in Global Configuration mode to define a new DiffServ class of type match-all. To delete the existing class, use the no form of this command. Syntax class-map match-all class-map-name [{ipv4 | ipv6}] no class-map match-all class-map-name • class-map-name — a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying an existing DiffServ class.
2CSPC4.XModular-SWUM201.book Page 642 Monday, October 3, 2011 2:21 PM • classname — The name of an existing DiffServ class. (Range: 1–31 characters) • newclassname — A case-sensitive alphanumeric string. (Range: 1–31 characters) Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to change the name of a DiffServ class from "DELL" to "DELL1.
2CSPC4.XModular-SWUM201.book Page 643 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Global Configuration or Interface Configuration (Ethernet, Port-channel) mode User Guidelines None Example The following example configures mapping for user priority 1 and traffic class 2.
2CSPC4.XModular-SWUM201.book Page 644 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays mapping for IP DSCP 1 and traffic class 2. console(config)#classofservice ip-dscp-mapping 1 2 classofservice trust Use the classofservice trust command in either Global Configuration mode or Interface Configuration mode to set the class of service trust mode of an interface.
2CSPC4.XModular-SWUM201.book Page 645 Monday, October 3, 2011 2:21 PM Examples The following example displays how you set the class of service trust mode of an interface to trust dot1p (802.1p) packet markings when in Global Configuration mode.
2CSPC4.XModular-SWUM201.book Page 646 Monday, October 3, 2011 2:21 PM cos-queue min-bandwidth Use the cos-queue min-bandwidth command in either Global Configuration mode or Interface Configuration mode to specify the minimum transmission bandwidth for each interface queue. To restore the default for each queue’s minimum bandwidth value, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 647 Monday, October 3, 2011 2:21 PM Syntax cos-queue {random-detect queue-id1 [queue-id2..queue-idn]} no cos-queue {random-detect queue-id1 [queue-id2..queue-idn]} Parameter Description Parameter Description queue-id An integer indicating the queue-id which is to be enabled for WRED. Range 0-6. Up to 7 queues may be simultaneously specified. Default Configuration WRED queue management policy is disabled by default.
2CSPC4.XModular-SWUM201.book Page 648 Monday, October 3, 2011 2:21 PM cos-queue strict Use the cos-queue strict command in either Global Configuration mode or Interface Configuration mode to activate the strict priority scheduler mode for each specified queue. To restore the default weighted scheduler mode for each specified queue, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 649 Monday, October 3, 2011 2:21 PM diffserv Use the diffserv command in Global Configuration mode to set the DiffServ operational mode to active. While disabled, the DiffServ configuration is retained and can be changed, but it is not activated. When enabled, DiffServ services are activated. To set the DiffServ operational mode to inactive, use the no form of this command. Syntax diffserv no diffserv Default Configuration This command default is enabled.
2CSPC4.XModular-SWUM201.book Page 650 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Policy-Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays how to specify that matching packets are to be dropped at ingress.
2CSPC4.XModular-SWUM201.book Page 651 Monday, October 3, 2011 2:21 PM Example The following example displays how to mark all packets with a CoS value. console(config-policy-classmap)#mark cos 7 mark ip-dscp Use the mark ip-dscp command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified IP DSCP value.
2CSPC4.XModular-SWUM201.book Page 652 Monday, October 3, 2011 2:21 PM mark ip-precedence Use the mark ip-precedence command in Policy-Class-Map Configuration mode to mark all packets for the associated traffic stream with the specified IP precedence value. Syntax mark ip-precedence prec-value • prec-value — Specifies the IP precedence value as an integer. (Range: 0–7) Default Configuration This command has no default configuration. Command Mode Policy-Class-Map Configuration mode User Guidelines.
2CSPC4.XModular-SWUM201.book Page 653 Monday, October 3, 2011 2:21 PM Syntax match class-map refclassname no match class-map refclassname • refclassname — The name of an existing DiffServ class whose match conditions are being referenced by the specified class definition. Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines • The parameters refclassname and class-map-name can not be the same.
2CSPC4.XModular-SWUM201.book Page 654 Monday, October 3, 2011 2:21 PM console(config-classmap)#no match class-map Dell match cos Use the match cos command in Class-Map Configuration mode to add to the specified class definition a match condition for the class of service value (the only tag in a single-tagged packet or the first or outer 802.1Q tag of a doubleVLAN tagged packet).
2CSPC4.XModular-SWUM201.book Page 655 Monday, October 3, 2011 2:21 PM • macaddr — Specifies any valid layer 2 MAC address formatted as six twodigit hexadecimal numbers separated by colons. • macmask — Specifies a valid layer 2 MAC address bit mask formatted as six two-digit hexadecimal numbers separated by colons. This address bit mask does not need to be contiguous. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 656 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Class-Map Configuration mode User Guidelines This command has no user guidelines. Example The following example displays adding a match condition using the specified IP address and bit mask. console(config-classmap)#match dstip 10.240.1.1 10.240.0.
2CSPC4.XModular-SWUM201.book Page 657 Monday, October 3, 2011 2:21 PM Example console(config-classmap)#match dstip6 2001:DB8::/32 match dstl4port Use the match dstl4port command in Class-Map Configuration mode to add to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation. Syntax match dstl4port {portkey | port-number} • portkey — Specifies one of the supported port name keywords.
2CSPC4.XModular-SWUM201.book Page 658 Monday, October 3, 2011 2:21 PM match ethertype Use the match ethertype command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the ethertype. Syntax match ethertype {keyword | 0x0600-0xffff } • keyword — Specifies either a valid keyword or a valid hexadecimal number. The supported keywords are appletalk, arp, ibmsna, ipv4, ipv6, ipx, mplsmcast, mplsucast, netbios, novell, pppoe, rarp.
2CSPC4.XModular-SWUM201.book Page 659 Monday, October 3, 2011 2:21 PM • label - The value to match in the Flow Label field of the IPv6 header (Range 0-1048575). Default Configuration There is no default configuration for this command. Command Mode Ipv6-Class-Map Configuration mode. User Guidelines There are no user guidelines for this command. Example The following example adds a rule to match packets whose IPv6 Flow Label equals 32312.
2CSPC4.XModular-SWUM201.book Page 660 Monday, October 3, 2011 2:21 PM Command Mode Class-Map Configuration mode User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation. To specify a match on all DSCP values, use the match ip tos tosbits tosmask command with tosbits set to "0" (zero) and tosmask set to hex "03.
2CSPC4.XModular-SWUM201.book Page 661 Monday, October 3, 2011 2:21 PM User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation. To specify a match on all precedence values, use the match ip tos tosbits tosmask command with tosbits set to "0" (zero) and tosmask set to hex "1F.
2CSPC4.XModular-SWUM201.book Page 662 Monday, October 3, 2011 2:21 PM User Guidelines The ip dscp, ip precedence, and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation. This specification is the free form version of the IP DSCP/Precedence/TOS match specification in that you have complete control of specifying which bits of the IP Service Type field are checked.
2CSPC4.XModular-SWUM201.book Page 663 Monday, October 3, 2011 2:21 PM Example The following example displays adding a match condition based on the "ip" protocol name keyword. console(config-classmap)#match protocol ip match source-address mac Use the match source-address mac command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source MAC address of the packet.
2CSPC4.XModular-SWUM201.book Page 664 Monday, October 3, 2011 2:21 PM match srcip Use the match srcip command in Class-Map Configuration mode to add to the specified class definition a match condition based on the source IP address of a packet. Syntax match srcip ipaddr ipmask • ipaddr — Specifies a valid IP address. • ipmask — Specifies a valid IP address bit mask. Note that although this IP address bit mask is similar to a subnet mask, it does not need to be contiguous.
2CSPC4.XModular-SWUM201.book Page 665 Monday, October 3, 2011 2:21 PM • source-ipv6-prefix —IPv6 prefix in IPv6 global address format. • prefix-length —IPv6 prefix length value. Default Configuration There is no default configuration for this command. Command Mode Ipv6-Class-Map Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 666 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays how to add a match condition using the "snmp" port name keyword. console(config-classmap)#match srcl4port snmp match vlan Use the match vlan command in Class-Map Configuration mode to add to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field.
2CSPC4.XModular-SWUM201.book Page 667 Monday, October 3, 2011 2:21 PM mirror Use the mirror command in Policy-Class-Map Configuration mode to mirror all the data that matches the class defined to the destination port specified. Syntax mirror interface • interface — Specifies the Ethernet port to which data needs to be copied. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 668 Monday, October 3, 2011 2:21 PM • datarate — Data rate in kilobits per second (kbps). (Range: 1–4294967295) • burstsize — Burst size in Kbps (Range: 1–128) • conform action — Indicates what happens when the packet is conforming to the policing rule: it could be dropped, it could have its COS modified, it could have its IP precedence modified, or it could have its DSCP modified. The same actions are available for packets that do not conform to the policing rule.
2CSPC4.XModular-SWUM201.book Page 669 Monday, October 3, 2011 2:21 PM Syntax policy-map policyname [in|out] no policy-map policyname Parameter Description Parameter Description policyname Specifies the DiffServ policy name as a unique case-sensitive alphanumeric string of characters. (Range: 1–31 alphanumeric characters.) in The policy is applied on ingress. Must be specified to create new DiffServ policies. An existing policy can be selected without specifying "in" or "out".
2CSPC4.XModular-SWUM201.book Page 670 Monday, October 3, 2011 2:21 PM redirect Use the redirect command in Policy-Class-Map Configuration mode to specify that all incoming packets for the associated traffic stream are redirected to a specific egress interface (physical port or port-channel). Syntax redirect interface • interface — Specifies any valid interface.
2CSPC4.XModular-SWUM201.book Page 671 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description policymapname Specifies the DiffServ policy name as a unique case-sensitive alphanumeric string. (Range: 1–31 alphanumeric characters.) in Apply the policy on ingress. out Apply the policy on egress. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 672 Monday, October 3, 2011 2:21 PM show class-map Use the show class-map command in Privileged EXEC mode to display all configuration information for the specified class. Syntax show class-map [classname] • classname — Specifies the valid name of an existing DiffServ class. (Range: 1–31 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 673 Monday, October 3, 2011 2:21 PM Class Name..................................... ipv4 Class Type..................................... All Class Layer3 Protocol.......................... ipv4 Match Criteria Values ---------------------------- ------------------------------------Source IP Address 2.2.2.2 (255.255.255.0) console#show class-map stop_http_class Class Name..................................... stop_http_class Class Type...................................
2CSPC4.XModular-SWUM201.book Page 674 Monday, October 3, 2011 2:21 PM User Guidelines If the interface is specified, the 802.1p mapping table of the interface is displayed. If omitted, the most recent global configuration settings are displayed. Example The following example displays the dot1p traffic class mapping and user priorities.
2CSPC4.XModular-SWUM201.book Page 675 Monday, October 3, 2011 2:21 PM show classofservice ip-dscp-mapping Use the show classofservice ip-dscp-mapping command in Privileged EXEC mode to display the current IP DSCP mapping to internal traffic classes for a specific interface. Syntax show classofservice ip-dscp-mapping • Command is supported only globally. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 678 Monday, October 3, 2011 2:21 PM 58 3 59 3 60 3 61 3 62 3 63 3 console# show classofservice trust Use the show classofservice trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface. Syntax show classofservice trust [{gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port}] Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 679 Monday, October 3, 2011 2:21 PM show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information, which includes the current administrative mode setting as well as the current and maximum number of DiffServ components. Syntax show diffserv Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 680 Monday, October 3, 2011 2:21 PM show diffserv service interface Use this command in Privileged EXEC mode to display policy service information for the specified interface. Syntax show diffserv service interface {gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port} {in|out} Parameter Description Parameter Description in Show ingress policies. out Show engress policies. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 681 Monday, October 3, 2011 2:21 PM No policy is attached to this interface in this direction. show diffserv service interface port-channel Syntax Description show diffserv service interface port-channel channel-group {in|out} Parameter Description Parameter Description channel-group A valid port-channel in the system. (Range: 1–18) in Show ingress policies. out Show engress policies. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 682 Monday, October 3, 2011 2:21 PM show diffserv service brief Use the show diffserv service brief command in Privileged EXEC mode to display all interfaces in the system to which a DiffServ policy has been attached. Syntax show diffserv service brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 683 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines If the interface is specified, the class-of-service queue configuration of the interface is displayed. If omitted, the most recent global configuration settings are displayed. Examples The following example displays the COS configuration with no unit/slot/port or port-channel parameter.
2CSPC4.XModular-SWUM201.book Page 684 Monday, October 3, 2011 2:21 PM console#show interfaces cos-queue gigabitethernet 1/0/1 Interface...................................... 1/0/1 Interface Shaping Rate......................... 0 Queue Id Min.
2CSPC4.XModular-SWUM201.book Page 685 Monday, October 3, 2011 2:21 PM Parameter Description Minimum Bandwidth The minimum transmission bandwidth guarantee for the queue, expressed as a percentage. A value of 0 means bandwidth is not guaranteed and the queue operates using best-effort. This value is a configured value. Scheduler Type Indicates whether this queue is scheduled for transmission using a strict priority or a weighted scheme. This value is a configured value.
2CSPC4.XModular-SWUM201.book Page 686 Monday, October 3, 2011 2:21 PM show policy-map Use the show policy-map command in Privileged EXEC mode to display all configuration information for the specified policy. Syntax show policy-map [policyname] • policyname — Specifies the name of a valid existing DiffServ policy. (Range: 1-31) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 687 Monday, October 3, 2011 2:21 PM Syntax show policy-map interface {gigabithethernet | tengigabitethernet unit/slot/port} {in|out} Parameter Description Parameter Description in Show inbound service policies. out Show outbound service policies. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 688 Monday, October 3, 2011 2:21 PM In Discarded Packets......................... 0 Class Name................................... DELL In Discarded Packets......................... 0 show service-policy Use the show service-policy command in Privileged EXEC mode to display a summary of policy-oriented statistics information for all interfaces. Syntax show service-policy Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 689 Monday, October 3, 2011 2:21 PM 1/0/5 Down DELL 1/0/6 Down DELL 1/0/7 Down DELL 1/0/8 Down DELL 1/0/9 Down DELL 1/0/10 Down DELL traffic-shape Use the traffic-shape command in Global Configuration mode and Interface Configuration mode to specify the maximum transmission bandwidth limit for the interface as a whole.
2CSPC4.XModular-SWUM201.book Page 690 Monday, October 3, 2011 2:21 PM Example The following example displays the setting of traffic-shape to a maximum bandwidth of 1024 Kbps.
2CSPC4.XModular-SWUM201.book Page 691 Monday, October 3, 2011 2:21 PM 32 RADIUS Commands Managing and determining the validity of users in a large network can be significantly simplified by making use of a single database of accessible information supplied by an Authentication Server. These servers commonly use the Remote Authentication Dial In User Service (RADIUS) protocol as defined by RFC 2865.
2CSPC4.XModular-SWUM201.book Page 692 Monday, October 3, 2011 2:21 PM Table 32-1. RADIUS Attributes Supported by PowerConnect Switch Service Type RADIUS Attribute Name 802.
2CSPC4.XModular-SWUM201.book Page 693 Monday, October 3, 2011 2:21 PM Table 32-1. RADIUS Attributes Supported by PowerConnect Switch Service Type RADIUS Attribute Name 802.
2CSPC4.XModular-SWUM201.book Page 694 Monday, October 3, 2011 2:21 PM • FILTER-ID – • TUNNEL-TYPE – • Used to indicate that a VLAN is to be assigned to the user when set to tunnel type VLAN (13). TUNNEL-MEDIUM-TYPE – • Name of the filter list for this user. Used to indicate the tunnel medium type. Must be set to medium type 802 (6) to enable VLAN assignment. TUNNEL-PRIVATE-GROUP-ID – Used to indicate the VLAN to be assigned to the user.
2CSPC4.XModular-SWUM201.book Page 695 Monday, October 3, 2011 2:21 PM aaa accounting network default start-stop group radius Use the aaa accounting network default start-stop group radius command to enable RADIUS accounting on the switch. Use the “no” form of this command to disable RADIUS accounting. Syntax aaa accounting network default start-stop group radius no aaa accounting network default start-stop group radius Default Configuration RADIUS accounting is disabled by default.
2CSPC4.XModular-SWUM201.book Page 696 Monday, October 3, 2011 2:21 PM Default Configuration The default value of the port number is 1813. Command Mode Radius (accounting) mode User Guidelines There are no user guidelines for this command. Example The following example sets port number 56 for accounting requests. console(config)#radius-server host acct 3.2.3.
2CSPC4.XModular-SWUM201.book Page 697 Monday, October 3, 2011 2:21 PM Example The following example sets the port number 2412 for authentication requests. console(config)#radius-server host 192.143.120.123 console(config-radius)#auth-port 2412 deadtime Use the deadtime command in Radius mode to configure the minimum amount of time to wait before attempting to re-contact an unresponsive RADIUS server.
2CSPC4.XModular-SWUM201.book Page 698 Monday, October 3, 2011 2:21 PM key Use the key command to specify the encryption key which is shared with the RADIUS server. Use the "no" form of this command to remove the key. Syntax key key-string • key-string — A string specifying the encryption key (Range: 0 - 128 characters). Default Configuration There is no key configured by default. Command Mode Radius mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 699 Monday, October 3, 2011 2:21 PM Default Configuration The message authenticator attribute is enabled by default. Command Mode Radius mode User Guidelines There are no user guidelines for this command. Example console(Config-auth-radius)#msgauth name (RADIUS server) Use the name command to assign a name to a RADIUS server. Use the no form of the command to return the name to the default (unspecified).
2CSPC4.XModular-SWUM201.book Page 700 Monday, October 3, 2011 2:21 PM User Guidelines Names may only be set for authentication servers, not for accounting servers. Names may consist of alphanumeric characters and the underscore, dash and blanks.Embed the name in double quotes to use a name with blanks. NOTE: When multiple radius servers are configured with different names, e.g.. ServerName is name1 and address is 1.1.1.1 ServerName is name2 and address is 1.1.1.
2CSPC4.XModular-SWUM201.book Page 701 Monday, October 3, 2011 2:21 PM Syntax primary Default Configuration There is no primary authentication server by default. Command Mode Radius mode User Guidelines There are no user guidelines for this command. Example console(Config-auth-radius)#primary priority Use the priority command in Radius mode to specify the order in which the servers are to be used, with 0 being the highest priority. Syntax priority priority • priority — Sets server priority level.
2CSPC4.XModular-SWUM201.book Page 702 Monday, October 3, 2011 2:21 PM Example The following example specifies a priority of 10 for the designated server. console(config)#radius-server host 192.143.120.123 console(config-radius)#priority 10 radius-server deadtime Use the radius-server deadtime command in Global Configuration mode to configure the minimum amount of time to wait before attempting to recontact an unresponsive RADIUS server.
2CSPC4.XModular-SWUM201.book Page 703 Monday, October 3, 2011 2:21 PM Example The following example sets the minimum interval for a RADIUS server will not be contacted after becoming unresponsive. console(config)#radius-server deadtime 10 radius-server host Use the radius-server host command in Global Configuration mode to specify a RADIUS server host and enter RADIUS Configuration mode. To delete the specified Radius host, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 704 Monday, October 3, 2011 2:21 PM Example The following example specifies a Radius server host with the following characteristics: Server host IP address — 192.168.10.1 console(config)#radius-server host 192.168.10.1 radius-server key Use the radius-server key command in Global Configuration mode to set the authentication and encryption key for all Radius communications between the switch and the Radius server. To reset to the default, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 705 Monday, October 3, 2011 2:21 PM radius-server retransmit Use the radius-server retransmit command in Global Configuration mode to specify the number of times the Radius client will retransmit requests to the Radius server. To reset the default configuration, use the no form of this command. Syntax radius-server retransmit retries no radius-server retransmit • retries — Specifies the retransmit value. (Range: 1–10) Default Configuration The default is 3 attempts.
2CSPC4.XModular-SWUM201.book Page 706 Monday, October 3, 2011 2:21 PM no radius-server source-ip • source — Specifies the source IP address. Default Configuration The default IP address is the outgoing IP interface. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the source IP address used for communication with Radius servers to 10.1.1.1. console(config)#radius-server source-ip 10.1.1.
2CSPC4.XModular-SWUM201.book Page 707 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example sets the interval for which a switch waits for a server host to reply to 5 seconds. console(config)#radius-server timeout 5 retransmit Use the retransmit command in Radius mode to specify the number of times the Radius client retransmits requests to the Radius server. Syntax retransmit retries • retries — Specifies the retransmit value.
2CSPC4.XModular-SWUM201.book Page 708 Monday, October 3, 2011 2:21 PM show aaa servers Use the show aaa servers command to display the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS client. Syntax show aaa servers [accounting | authentication ] [name [servername ]] Parameter Description Parameter Description accounting This optional parameter will cause accounting servers to be displayed.
2CSPC4.XModular-SWUM201.book Page 709 Monday, October 3, 2011 2:21 PM Field Description Configured Accounting Servers The number of RADIUS Accounting servers that have been configured. Named Authentication Server Groups The number of configured named RADIUS server groups. Named Accounting Server Groups The number of configured named RADIUS server groups. Timeout The configured timeout value, in seconds, for request retransmissions.
2CSPC4.XModular-SWUM201.book Page 710 Monday, October 3, 2011 2:21 PM Number of Named Authentication Server Groups... Number of Named Accounting Server Groups....... Number of Retransmits.......................... Timeout Duration............................... Deadtime....................................... Source IP...................................... RADIUS Accounting Mode......................... RADIUS Attribute 4 Mode........................ --More-- or (q)uit RADIUS Attribute 4 Value..............
2CSPC4.XModular-SWUM201.book Page 711 Monday, October 3, 2011 2:21 PM console#show radius-servers accounting name Server Name Host Address Port Type ---------------------- -------------- ------ ---------Default-RADIUS-Server 2.2.2.2 1813 Secondary console#show radius-servers name Default-RADIUS-Server RADIUS Server Name.......................... Default-RADIUS-Server Current Server IP Address................... 1.1.1.1 Retransmits................................. 4 Timeout........................
2CSPC4.XModular-SWUM201.book Page 712 Monday, October 3, 2011 2:21 PM Parameter Description ipaddress The RADIUS server host IP address. hostname Host name of the Radius server host. (Range: 1–158 characters). The command allows spaces in the host name when specified in double quotes. For example, console(config)#snmp-server host "host name" servername The alias used to identify the server. Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 713 Monday, October 3, 2011 2:21 PM Field Description Malformed Responses The number of malformed RADIUS Accounting Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed accounting responses. Bad Authenticators The number of RADIUS Accounting Response packets containing invalid authenticators received from this accounting server.
2CSPC4.XModular-SWUM201.book Page 714 Monday, October 3, 2011 2:21 PM Field Description Malformed Access The number of malformed RADIUS Access Response packets Responses received from this server. Malformed packets include packets with an invalid length. Bad authenticators or signature attributes or unknown types are not included as malformed access responses.
2CSPC4.XModular-SWUM201.book Page 715 Monday, October 3, 2011 2:21 PM Packets Dropped............................... 0 console#show radius statistics name Default_RADIUS_Server RADIUS Server Name............................ Default_RADIUS_Server Server Host Address........................... 192.168.37.200 Access Requests............................... 0.00 Access Retransmissions........................ 0 Access Accepts................................ 0 Access Rejects................................
2CSPC4.XModular-SWUM201.book Page 716 Monday, October 3, 2011 2:21 PM Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command. Example The following example specifies 10.240.1.23 as the source IP address. console(config)#radius-server host 192.143.120.123 console(config-radius)#source-ip 10.240.1.23 timeout Use the timeout command in Radius mode to set the timeout value in seconds for the designated Radius server.
2CSPC4.XModular-SWUM201.book Page 717 Monday, October 3, 2011 2:21 PM Example The following example specifies the timeout setting for the designated Radius Server. console(config)#radius-server host 192.143.120.123 console(config-radius)#timeout 20 usage Use the usage command in Radius mode to specify the usage type of the server. Syntax usage type • type — Variable can be one of the following values: login, 802.1x or all. Default Configuration The default variable setting is all.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 719 Monday, October 3, 2011 2:21 PM Spanning Tree Commands 33 The Multiple Spanning Tree Protocol (MSTP) component complies with IEEE 802.1s by efficiently navigating VLAN traffic over separate interfaces for multiple instances of Spanning Tree. IEEE 802.1D, Spanning Tree and IEEE 802.1w, Rapid Spanning Tree are supported through the IEEE 802.1s implementation. The difference between the RSTP and STP (IEEE 802.
2CSPC4.XModular-SWUM201.book Page 720 Monday, October 3, 2011 2:21 PM port. In this way, the root guard enforces the position of the root bridge. In MSTP scenario the port may be designated in one of the instances while being alternate in the CIST, and so on. Root guard is a per port (not a per port per instance command) configuration so all the MSTP instances this port participates in should not be in root role. STP BPDU Filtering - STP BPDU filtering applies to all operational edge ports.
2CSPC4.XModular-SWUM201.book Page 721 Monday, October 3, 2011 2:21 PM clear spanning-tree detected-protocols Use the clear spanning-tree detected-protocols command in Privileged EXEC mode to restart the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface.
2CSPC4.XModular-SWUM201.book Page 722 Monday, October 3, 2011 2:21 PM Command Mode MST mode User Guidelines This command has no user guidelines. Example The following example shows how to exit the MST configuration mode and save changes. console(config)#spanning-tree mst configuration console(config-mst)#exit instance (mst) Use the instance command in MST mode to map VLANS to an MST instance. Syntax instance instance-id {add | remove} vlan vlan-range • instance-ID — ID of the MST instance.
2CSPC4.XModular-SWUM201.book Page 723 Monday, October 3, 2011 2:21 PM All VLANs that are not explicitly mapped to an MST instance are mapped to the common and internal spanning tree (CIST) instance (instance 0) and cannot be unmapped from the CIST. For two or more switches to be in the same MST region, they must have the same VLAN mapping, the same configuration revision number, and the same name.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 725 Monday, October 3, 2011 2:21 PM Example The following example sets the configuration name to “region1”. console(config)#spanning-tree mst configuration console(config-mst)#name region1 revision (mst) Use the revision command in MST mode to identify the configuration revision number. To return to the default setting, use the no form of this command. Syntax revision version no revision • version — Configuration revision number.
2CSPC4.XModular-SWUM201.book Page 726 Monday, October 3, 2011 2:21 PM Syntax show spanning-tree [{gigabitethernet unit/slot/port | port-channel portchannel-number | tengigabitethernet unit/slot/port}] [instance instance-id] show spanning-tree [detail] [active | blockedports] | [instance instance-id] show spanning-tree mst-configuration Parameter Description Parameter Description detail Displays detailed information. active Displays active ports only. blockedports Displays blocked ports only.
2CSPC4.XModular-SWUM201.book Page 727 Monday, October 3, 2011 2:21 PM Root Port Gi1/0/1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec TxHoldCount 6 sec Bridge ID Priority 32768 Address 001E.C9AA.AD1B Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State ------ -------- --------- --------- ---- ----- ---------- Prio.Nbr Cost Sts Role Restricted Gi1/0/1 Enabled 128.1 20000 FWD Root No Gi1/0/2 Enabled 128.2 0 DIS Disb No Gi1/0/3 Enabled 128.
2CSPC4.XModular-SWUM201.book Page 728 Monday, October 3, 2011 2:21 PM Path Cost 20000 Root Port Gi1/0/1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 001E.C9AA.AD1B Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 1 last change occurred 0d0h17m7s ago Times: hold 6, hello 2, max age 20, forward delay 15 Port Gi1/0/1 Enabled State: Forwarding Role: Root Port id: 128.
2CSPC4.XModular-SWUM201.book Page 729 Monday, October 3, 2011 2:21 PM Designated bridge Priority: 32768 Address: 0010.1882.1C53 Designated port id: 128.48 Designated path cost: 0 CST Regional Root: 80:00:00:10:18:82:1C:53 CST Port Cost: 0 BPDU: sent 24, received 504 Port Gi1/0/5 Enabled State: Forwarding Role: Designated Port id: 128.5 Port Cost: 20000 Root Protection: No Designated bridge Priority: 32768 Address: 001E.C9AA.AD1B Designated port id: 128.
2CSPC4.XModular-SWUM201.book Page 730 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines The following fields are displayed: Field Description Spanning Tree Admin Mode Enabled or disabled Spanning Tree Version Version of 802.1 currently supported (IEEE 802.1s, IEEE 802.1w, or IEEE 802.1d) based upon the mode parameter. BPDU Protection Mode Enabled or disabled. BPDU Filter Mode Enabled or disabled. BPDU Flooding Mode Enabled or disabled.
2CSPC4.XModular-SWUM201.book Page 731 Monday, October 3, 2011 2:21 PM BPDU Filter Mode.................. Disabled Configuration Name................ 00-1E-C9-AA-AC-84 Configuration Revision Level...... 0 Configuration Digest Key.......... 0xac36177f50283cd4b83821d8ab26de62 Configuration Format Selector..... 0 spanning-tree Use the spanning-tree command in Global Configuration mode to enable spanning-tree functionality. To disable spanning-tree functionality, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 732 Monday, October 3, 2011 2:21 PM spanning-tree auto-portfast Use the spanning-tree auto-portfast command to set the port to auto portfast mode. This enables the port to become a portfast port if it does not see any BPDUs for 3 seconds. Use the “no” form of this command to disable auto portfast mode. Syntax spanning-tree auto-portfast no spanning-tree auto-portfast Default Configuration Auto portfast mode is disabled by default.
2CSPC4.XModular-SWUM201.book Page 733 Monday, October 3, 2011 2:21 PM no spanning-tree bpdu flooding Default Configuration This feature is disabled by default. Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example console#spanning-tree bpdu flooding spanning-tree bpdu-protection Use the spanning-tree bpdu-protection command in Global Configuration mode to enable BPDU protection on a switch.
2CSPC4.XModular-SWUM201.book Page 734 Monday, October 3, 2011 2:21 PM Default Configuration BPDU protection is not enabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables BPDU protection. console(config)#spanning-tree bpdu-protection spanning-tree cost Use the spanning-tree cost command in Interface Configuration mode to configure the external spanning-tree path cost for a port.
2CSPC4.XModular-SWUM201.book Page 735 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines This command configures the external cost. Since by default each switch is in its own region, the external cost is considered in determining the spanning tree of the network. This command is also used to configure the rstp path cost. Example The following example configures the spanning-tree cost on 1/0/5 to 35000.
2CSPC4.XModular-SWUM201.book Page 736 Monday, October 3, 2011 2:21 PM Example The following example disables spanning-tree on 1/0/5. console(config)#interface gigabitethernet 1/0/5 console(config-if-1/0/5)#spanning-tree disable spanning-tree forward-time Use the spanning-tree forward-time command in Global Configuration mode to configure the spanning-tree bridge forward time, which is the amount of time a port remains in the listening and learning states before entering the forwarding state.
2CSPC4.XModular-SWUM201.book Page 737 Monday, October 3, 2011 2:21 PM spanning-tree guard The spanning-tree guard command selects whether loop guard or root guard is enabled on an interface. If neither is enabled, the port operates in accordance with the multiple spanning tree protocol. Use the “no” form of this command to disable loop guard or root guard on the interface. Syntax spanning-tree guard { root | loop | none } • root — Enables root guard.
2CSPC4.XModular-SWUM201.book Page 738 Monday, October 3, 2011 2:21 PM Syntax spanning-tree loopguard default no spanning-tree loopguard default Default Configuration Loop guard is disabled by default. Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example The following example enables spanning-tree loopguard functionality on all ports.
2CSPC4.XModular-SWUM201.book Page 739 Monday, October 3, 2011 2:21 PM User Guidelines When configuring the Max-Age the following relationships should be satisfied: 2*(Forward-Time - 1) >= Max-Age Max-Age >= 2*(Hello-Time + 1) Example The following example configures the spanning-tree bridge maximum-age to 10 seconds.
2CSPC4.XModular-SWUM201.book Page 740 Monday, October 3, 2011 2:21 PM spanning-tree mode Use the spanning-tree mode command in Global Configuration mode to configure the spanning-tree protocol. To return to the default configuration, use the no form of this command. Syntax spanning-tree mode {stp | rstp | mst} no spanning-tree mode • stp — Spanning Tree Protocol (STP) is enabled. • rstp — Rapid Spanning Tree Protocol (RSTP) is enabled. • mst — Multiple Spanning Tree Protocol (MSTP) is enabled.
2CSPC4.XModular-SWUM201.book Page 741 Monday, October 3, 2011 2:21 PM Syntax spanning-tree mst configuration Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines For two or more switches to be in the same MST region, they must have the same VLAN mapping, the same configuration revision number and the same name. Example The following example configures an MST region.
2CSPC4.XModular-SWUM201.book Page 742 Monday, October 3, 2011 2:21 PM • cost — The port path cost. (Range: 0–200,000,000) Default Configuration The default value is 0, which signifies that the cost will be automatically calculated based on port speed.
2CSPC4.XModular-SWUM201.book Page 743 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description instance-id ID of the spanning-tree instance. (Range: 1-4094) priority The port priority. (Range: 0-240 in multiples of 16.) Default Configuration The default port-priority for IEEE STP is 128.
2CSPC4.XModular-SWUM201.book Page 744 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description instance-id ID of the spanning-tree instance. (Range: 1-4094) priority Sets the switch priority for the specified spanning-tree instance. This setting affects the likelihood that the switch is selected as the root switch. A lower value increases the probability that the switch is selected as the root switch.
2CSPC4.XModular-SWUM201.book Page 745 Monday, October 3, 2011 2:21 PM Default Configuration PortFast mode is disabled. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines This command only applies to access ports. The command is to be used only with interfaces connected to end stations. Otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operations.
2CSPC4.XModular-SWUM201.book Page 746 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command. Example The following example discards BPDUs received on spanning-tree ports in portfast mode. console#spanning-tree portfast bpdufilter default spanning-tree portfast default Use the spanning-tree portfast default command to enable Portfast mode only on access ports.
2CSPC4.XModular-SWUM201.book Page 747 Monday, October 3, 2011 2:21 PM Example The following example enables Portfast mode on all access ports. console(config)#spanning-tree portfast default spanning-tree port-priority Use the spanning-tree port-priority command in Interface Configuration mode to configure port priority. To reset the default port priority, use the no form of this command. Syntax spanning-tree port-priority priority no spanning-tree port-priority • priority — The port priority.
2CSPC4.XModular-SWUM201.book Page 748 Monday, October 3, 2011 2:21 PM spanning-tree priority Use the spanning-tree priority command in Global Configuration mode to configure the spanning-tree priority. The priority value is used to determine which bridge is elected as the root bridge. To reset the default spanning-tree priority use the no form of this command. Syntax spanning-tree priority priority no spanning-tree priority • priority — Priority of the bridge.
2CSPC4.XModular-SWUM201.book Page 749 Monday, October 3, 2011 2:21 PM Default Configuration TCN propagation is disabled by default. Command Mode Interface Configuration (Ethernet, Port Channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures spanning-tree tcnguard on 4/0/1.
2CSPC4.XModular-SWUM201.book Page 750 Monday, October 3, 2011 2:21 PM Example The following example sets the maximum number of BPDUs sent to 6.
2CSPC4.XModular-SWUM201.book Page 751 Monday, October 3, 2011 2:21 PM TACACS+ Commands 34 TACACS+ provides access control for networked devices via one or more centralized servers, similar to RADIUS this protocol simplifies authentication by making use of a single database that can be shared by many clients on a large network. TACACS+ is based on the TACACS protocol (described in RFC1492) but additionally provides for separate authentication, authorization and accounting services.
2CSPC4.XModular-SWUM201.book Page 752 Monday, October 3, 2011 2:21 PM Commands in this Chapter This chapter explains the following commands: key tacacs-server host port tacacs-server key priority tacacs-server timeout show tacacs timeout key Use the key command in TACACS Configuration mode to specify the authentication and encryption key for all TACACS communications between the device and the TACACS server. This key must match the key used on the TACACS daemon.
2CSPC4.XModular-SWUM201.book Page 753 Monday, October 3, 2011 2:21 PM port Use the port command in TACACS Configuration mode to specify a server port number. Syntax port [ port-number ] • port-number — The server port number. If left unspecified, the default port number is 49. (Range: 0–65535) Default Configuration The default port number is 49. Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 754 Monday, October 3, 2011 2:21 PM Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines. Example The following example shows how to specify a server priority of 10000. console(tacacs)#priority 10000 show tacacs Use the show tacacs command in Privileged EXEC mode to display the configuration and statistics of a TACACS+ server. Syntax show tacacs [ip-address] • ip-address — The name or IP address of the host.
2CSPC4.XModular-SWUM201.book Page 755 Monday, October 3, 2011 2:21 PM IP address Port Timeout Priority --------------- ----- ------- -------- 10.254.24.162 49 Global 0 tacacs-server host Use the tacacs-server host command in Global Configuration mode to configure a TACACS+ server. This command enters into the TACACS+ configuration mode. To delete the specified hostname or IP address, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 756 Monday, October 3, 2011 2:21 PM console(config)#tacacs-server host 172.16.1.1 console(tacacs)# tacacs-server key Use the tacacs-server key command in Global Configuration mode to set the authentication and encryption key for all TACACS+ communications between the switch and the TACACS+ daemon. To disable the key, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 757 Monday, October 3, 2011 2:21 PM console(config)#tacacs-server key @#$%^&*()_+={}][<>.,/';:| tacacs-server timeout Use the tacacs-server timeout command in Global Configuration mode to set the interval during which a switch waits for a server host to reply. To restore the default, use the no form of this command. Syntax tacacs-server timeout [ timeout ] no tacacs-server timeout • timeout — The timeout value in seconds.
2CSPC4.XModular-SWUM201.book Page 758 Monday, October 3, 2011 2:21 PM • timeout — The timeout value in seconds. (Range: 1–30) Default Configuration If left unspecified, the timeout defaults to the global value. Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines. Example This example shows how to specify the timeout value.
2CSPC4.XModular-SWUM201.book Page 759 Monday, October 3, 2011 2:21 PM VLAN Commands 35 PowerConnect 802.1Q VLANs are an implementation of the Virtual Local Area Network, specification 802.1Q. Operating at Layer 2 of the OSI model, the VLAN is a means of parsing a single network into logical user groups or organizations as if they physically resided on a dedicated LAN segment of their own. In reality, this virtually defined community may have individual members scattered across a large, extended LAN.
2CSPC4.XModular-SWUM201.book Page 760 Monday, October 3, 2011 2:21 PM two TPID values can be different or the same. VLAN normalization, source MAC learning, and forwarding are based on the S-TAG value in a received frame. PowerConnect supports configuring one outer VLAN TPID value per switch. The global default TPID is 0x88A8, which indicates a Virtual Metropolitan Area Network (VMAN).
2CSPC4.XModular-SWUM201.book Page 761 Monday, October 3, 2011 2:21 PM its own VLAN. Additionally, protocol-based classification allows an administrator to assign nonroutable protocols, such as NetBIOS or DECnet, to larger VLANs than routable protocols like IPX or IP. This maximizes the efficiency gains that are possible with VLANs. In port-based VLAN classification, the Port VLAN Identifier (PVID) is associated with the physical ports.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 763 Monday, October 3, 2011 2:21 PM Default Configuration The default for this command is 802.1Q. The default S-TAG TPID, when double-tagging is enabled, is 0x88A8. The default C-TAG TPID when double vlan tagging is enabled is 0x8100. Command Mode Global Configuration, Interface Configuration mode User Guidelines This command configures the TPID value on the outer VLAN (S-VLAN).
2CSPC4.XModular-SWUM201.book Page 764 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the VLAN 1 IP address of 131.108.1.27 and subnet mask 255.255.255.0. console(config)#interface vlan 1 console(config-vlan)#ip address 131.108.1.27 255.255.255.
2CSPC4.XModular-SWUM201.book Page 765 Monday, October 3, 2011 2:21 PM User Guidelines Commands used in the interface range context are executed independently on each interface in the range. If the command returns an error on one of the interfaces, an error message is displayed and execution continues on other interfaces. Example The following example groups VLAN 221 till 228 and VLAN 889 to receive the same command.
2CSPC4.XModular-SWUM201.book Page 766 Monday, October 3, 2011 2:21 PM Example The following example displays how to enable Double VLAN Tunneling at gigabit ethernet port 1/0/1. console(config-if-1/0/1)#mode dvlan-tunnel name (VLAN Configuration) Use the name command in VLAN Configuration mode to configure the VLAN name. To return to the default configuration, use the no form of this command. NOTE: This command cannot be configured for a range of interfaces (range context).
2CSPC4.XModular-SWUM201.book Page 767 Monday, October 3, 2011 2:21 PM Example The following example configures a VLAN name of office2 for VLAN 2. console(config)#interface vlan 2 console(config-vlan)#name "RDU-NOC Management VLAN" protocol group Use the protocol group command in VLAN Database mode to attach a VLAN ID to the protocol-based group identified by groupid. A group may only be associated with one VLAN at a time. However, the VLAN association can be changed.
2CSPC4.XModular-SWUM201.book Page 768 Monday, October 3, 2011 2:21 PM Example The following example displays how to attach the VLAN ID "100" to the protocol-based VLAN group "3." console#vlan database console(config-vlan)#protocol group 3 100 protocol vlan group Use the protocol vlan group command in Interface Configuration mode to add the physical unit/slot/port interface to the protocol-based group identified by groupid. A group may have more than one interface associated with it.
2CSPC4.XModular-SWUM201.book Page 769 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays how to add a physical port interface to the group ID of "2." console(config-if-1/0/1)#protocol vlan group 2 protocol vlan group all Use the protocol vlan group all command in Global Configuration mode to add all physical interfaces to the protocol-based group identified by groupid. A group may have more than one interface associated with it.
2CSPC4.XModular-SWUM201.book Page 770 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays how to add all physical interfaces to the protocol-based group identified by group ID "2." console(config)#protocol vlan group all 2 show dvlan-tunnel Use the show dvlan-tunnel command in Privileged EXEC mode to display all interfaces enabled for Double VLAN Tunneling.
2CSPC4.XModular-SWUM201.book Page 771 Monday, October 3, 2011 2:21 PM show dvlan-tunnel interface Use the show dvlan-tunnel interface command in Privileged EXEC mode to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces. Syntax show dvlan-tunnel interface {gigabithethernet unit/slot/port | tengigabitethernet unit/slot/port | all} • all — Displays information for all interfaces. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 772 Monday, October 3, 2011 2:21 PM EtherType This field represents a 2-byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel. The three different EtherType tags are: (1) 802.1Q, which represents the commonly used value of 0x8100. (2) vMAN, which represents the commonly used value of 0x88A8. (3) If EtherType is not one of these two values, it is a custom tunnel value, representing any value in the range of 0 to 65535.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 774 Monday, October 3, 2011 2:21 PM 73 Out The following example displays switchport configuration individually for 1/0/2.
2CSPC4.XModular-SWUM201.book Page 775 Monday, October 3, 2011 2:21 PM ---- --------- 73 Out The following example displays switchport configuration individually for 2/0/19.
2CSPC4.XModular-SWUM201.book Page 776 Monday, October 3, 2011 2:21 PM 2922 Community A1 untagged Static show port protocol Use the show port protocol command in Privileged EXEC mode to display the Protocol-Based VLAN information for either the entire system or for the indicated group. Syntax show port protocol {groupid | all} • groupid — The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command.
2CSPC4.XModular-SWUM201.book Page 777 Monday, October 3, 2011 2:21 PM show vlan Use the show vlan command in Privileged EXEC mode to display detailed information, including interface information and dynamic VLAN type, for a specific VLAN. The ID is a valid VLAN identification number.
2CSPC4.XModular-SWUM201.book Page 778 Monday, October 3, 2011 2:21 PM ----- --------------- ------------- -------------- 2 VLAN0002 Gi1/0/11-20 Dynamic (DOT1X) console#show vlan id 3 VLAN Name Ports Type ----- --------------- ------------- -------------- 3 VLAN0003 Gi1/0/21-24 Dynamic (GVRP) show vlan association mac Use the show vlan association mac command in Privileged EXEC mode to display the VLAN associated with a specific configured MAC address.
2CSPC4.XModular-SWUM201.book Page 779 Monday, October 3, 2011 2:21 PM MAC Address VLAN ID ----------------------- ------- 0001.0001.0001.0001 1 console# show vlan association subnet Use the show vlan association subnet command in Privileged EXEC mode to display the VLAN associated with a specific configured IP-Address and netmask. If no IP Address and net mask are specified, the VLAN associations of all the configured IP-subnets are displayed.
2CSPC4.XModular-SWUM201.book Page 780 Monday, October 3, 2011 2:21 PM The IP Subnet to VLAN association does not exist. switchport access vlan Use the switchport access vlan command in Interface Configuration mode to configure the VLAN ID when the interface is in access mode. To reconfigure the default, use the no form of this command. Syntax switchport access vlan vlan-id no switchport access vlan • vlan-id — A valid VLAN ID of the VLAN to which the port is configured.
2CSPC4.XModular-SWUM201.book Page 781 Monday, October 3, 2011 2:21 PM switchport forbidden vlan Use the switchport forbidden vlan command in Interface Configuration mode to forbid adding specific VLANs to a port. To revert to allowing the addition of specific VLANs to the port, use the remove parameter of this command. Syntax switchport forbidden vlan {add vlan-list | remove vlan-list} • add vlan-list — List of valid VLAN IDs to add to the forbidden list.
2CSPC4.XModular-SWUM201.book Page 782 Monday, October 3, 2011 2:21 PM switchport general acceptable-frame-type tagged-only Use the switchport general acceptable-frame-type tagged-only command in Interface Configuration mode to discard untagged frames at ingress. To enable untagged frames at ingress, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 783 Monday, October 3, 2011 2:21 PM switchport general allowed vlan remove vlan-list • add vlan-list — List of VLAN IDs to add. Separate nonconsecutive VLAN IDs with a comma and no spaces. Use a hyphen to designate a range of IDs. • remove vlan-list — List of VLAN IDs to remove. Separate nonconsecutive VLAN IDs with a comma and no spaces. Use a hyphen to designate a range of IDs. • tagged — Sets the port to transmit tagged packets for the VLANs.
2CSPC4.XModular-SWUM201.book Page 784 Monday, October 3, 2011 2:21 PM Syntax switchport general ingress-filtering disable no switchport general ingress-filtering disable Default Configuration Ingress filtering is enabled. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines This command has no user guidelines. Example The following example shows how to enables port ingress filtering on 1/0/8.
2CSPC4.XModular-SWUM201.book Page 785 Monday, October 3, 2011 2:21 PM Default Configuration The default value for the vlan-id parameter is 1 when the VLAN is enabled. Otherwise, the value is 4093. Command Mode Interface Configuration (gigabitethernet, port-channel, tengigabitethernet) mode User Guidelines This command has no user guidelines. Example The following example shows how to configure the PVID for 1/0/8, when the interface is in general mode.
2CSPC4.XModular-SWUM201.book Page 786 Monday, October 3, 2011 2:21 PM Parameter Description trunk A trunk port connects two switches. A trunk port may belong to multiple VLANs. A trunk port accepts only packets tagged with the VLAN IDs of the VLANs to which the trunk is a member or untagged packets if configured with a PVID. A trunk only transmits tagged packets. general Full 802.1q support VLAN interface. A general mode port is a combination of both trunk and access ports capabilities.
2CSPC4.XModular-SWUM201.book Page 787 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description vlan–list Set the list of allowed VLANs that can receive and send traffic on this interface in tagged format when in trunking mode. The default is all. The vlan–list format is as follows: The vlan-list format is all | [add | remove | except] vlan–atom [, vlan–atom...] where: all specifies all VLANs from 1 to 4093.
2CSPC4.XModular-SWUM201.book Page 788 Monday, October 3, 2011 2:21 PM Example console(config-if-Gi1/0/1)#switchport trunk allowed vlan 1-1024 console(config-if-Gi1/0/1)#switchport trunk allowed vlan except 1,2,3,5,7,11,13 vlan Use the vlan command in VLAN Database mode to configure a VLAN. To delete a VLAN, use the no form of this command. Syntax vlan vlan-range no vlan vlan-range • vlan-range — A list of valid VLAN IDs to be added.
2CSPC4.XModular-SWUM201.book Page 789 Monday, October 3, 2011 2:21 PM vlan (Global Config) Use the vlan command in Global Configuration mode to configure a VLAN. To delete a VLAN, use the no form of this command. Syntax vlan {vlan–id | vlan–range} no vlan {vlan–id | vlan–range} Parameter Description Parameter Description vlan–id A valid VLAN ID. (Range: 2–4093) vlan–range A list of valid VLAN IDs. List separate, non-consecutive VLAN IDs separated by commas (without spaces).
2CSPC4.XModular-SWUM201.book Page 790 Monday, October 3, 2011 2:21 PM vlan association mac Use the vlan association mac command in VLAN Database mode to associate a MAC address to a VLAN. The maximum number of MAC-based VLANs is 256. Syntax vlan association mac mac-address vlanid no vlan association mac mac-address mac-address — MAC address to associate. (Range: Any MAC address in the format xxxx.xxxx.xxxx) vlanid — VLAN to associate with subnet.
2CSPC4.XModular-SWUM201.book Page 791 Monday, October 3, 2011 2:21 PM • ip-address — Source IP address. (Range: Any valid IP address) • subnet-mask — Subnet mask. (Range: Any valid subnet mask) • vlanid — VLAN to associated with subnet. (Range: 1-4093) Default Configuration No assigned ip-subnet. Command Mode VLAN Database mode User Guidelines This command has no user guidelines. Example The following example associates IP address with VLAN ID 100. console(config-vlan)#vlan association subnet 192.
2CSPC4.XModular-SWUM201.book Page 792 Monday, October 3, 2011 2:21 PM Example The following example enters the VLAN database mode. console(config)#vlan database console(config-vlan)# vlan makestatic This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined). The ID is a valid VLAN identification number. VLAN range is 24093. Syntax vlan makestatic vlan-id • vlan-id — Valid vlan ID. Range is 2–4093.
2CSPC4.XModular-SWUM201.book Page 793 Monday, October 3, 2011 2:21 PM vlan protocol group Use the vlan protocol group command in Global Configuration mode to add protocol-based groups to the system. When a protocol group is created, it is assigned a unique group ID number. The group ID is used to identify the group in subsequent commands. Use the no form of the command to remove the specified VLAN protocol group name from the system.
2CSPC4.XModular-SWUM201.book Page 794 Monday, October 3, 2011 2:21 PM vlan protocol group add protocol Use the vlan protocol group add protocol command in Global Configuration mode to add a protocol to the protocol-based VLAN groups identified by groupid. A group may have more than one protocol associated with it. Each interface and protocol combination can be associated with one group only.
2CSPC4.XModular-SWUM201.book Page 795 Monday, October 3, 2011 2:21 PM console(config)#vlan protocol group add protocol 2 ethertype 0xXXXX vlan protocol group name This is a new command for assigning a group name to vlan protocol group id. Syntax vlan protocol group name groupid groupName no vlan protocol group name groupid • groupid—The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command.
2CSPC4.XModular-SWUM201.book Page 796 Monday, October 3, 2011 2:21 PM Syntax vlan protocol group remove groupid • groupid — The protocol-based VLAN group ID, which is automatically generated when you create a protocol-based VLAN group with the vlan protocol group command. To see the group ID associated with the name of a protocol group, use the show port protocol all command. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 797 Monday, October 3, 2011 2:21 PM Parameter Description index Internal interface ID. This optional parameter is listed in the configuration file for all VLAN routing interfaces. When a nonstop forwarding failover occurs, this information enables the system to correlate checkpointed state information with the proper interfaces and their configuration. Default Configuration Routing is enabled on VLAN 1 by default.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 799 Monday, October 3, 2011 2:21 PM Voice VLAN Commands 36 The Voice VLAN feature enables switch ports to carry voice traffic with an administrator-defined priority so as to enable prioritization of voice traffic over data traffic. Using Voice VLAN helps to ensure that the sound quality of an IP phone is protected from deterioration when the data traffic utilization on the port is high.
2CSPC4.XModular-SWUM201.book Page 800 Monday, October 3, 2011 2:21 PM Commands in this Chapter This chapter explains the following commands: voice vlan voice vlan data priority voice vlan (Interface) show voice vlan voice vlan This command is used to enable the voice vlan capability on the switch. Syntax voice vlan no voice vlan Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines Not applicable Default Value This feature is disabled by default.
2CSPC4.XModular-SWUM201.book Page 801 Monday, October 3, 2011 2:21 PM Syntax voice vlan {vlanid | dot1p priority | none | untagged | data priority { trust | untrust } | auth { enable | disable } | dscp dscp } no voice vlan Parameter Description Parameter Description auth Enables/disables authentication on the voice vlan port. data Observe the priority on received voice vlan traffic (trusted mode). dot1p Configure Voice VLAN 802.1p priority tagging for voice traffic.
2CSPC4.XModular-SWUM201.book Page 802 Monday, October 3, 2011 2:21 PM Example console(config-if-Gi1/0/1)#voice vlan 1 console(config-if-Gi1/0/1)#voice vlan dot1p 1 console(config-if-Gi1/0/1)#voice vlan none console(config-if-Gi1/0/1)#voice vlan untagged voice vlan data priority This command is to either trust or not trust (untrust) the data traffic arriving on the voice VLAN port.
2CSPC4.XModular-SWUM201.book Page 803 Monday, October 3, 2011 2:21 PM Syntax When the interface parameter is not specified, only the global mode of the voice VLAN is displayed. When the interface parameter is specified, the following is displayed: When the interface parameter is specified: Voice VLAN Mode The admin mode of the voice VLAN on the interface. Voice VLAN ID The voice VLAN ID. Voice VLAN Priority The Dot1p priority for the voice VLAN on the port.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 805 Monday, October 3, 2011 2:21 PM 37 802.1x Commands Local Area Networks (LANs) are often deployed in environments that permit the attachment of unauthorized devices. The networks also permit unauthorized users to attempt to access the LAN through existing equipment. In such environments, the administrator may desire to restrict access to the services offered by the LAN.
2CSPC4.XModular-SWUM201.book Page 806 Monday, October 3, 2011 2:21 PM Whenever an operator configures a port in Dot1x authentication mode and selects the authentication method as internal, then the user credentials received from the Dot1x supplicant is validated against the IDAS by Dot1x component. The Dot1x application accesses the Dot1x user database to check whether the user credentials present in the authentication message corresponds to a valid user or not.
2CSPC4.XModular-SWUM201.book Page 807 Monday, October 3, 2011 2:21 PM Guest VLAN The Guest VLAN feature allows a PowerConnect switch to provide a distinguished service to unauthenticated users (not rogue users who fail authentication). This feature provides a mechanism to allow visitors and contractors to have network access to reach external network with no ability to surf internal LAN. When a client that does not support 802.1X is connected to an unauthorized port that is 802.
2CSPC4.XModular-SWUM201.book Page 808 Monday, October 3, 2011 2:21 PM client is authenticated and is undisturbed by the failure condition(s). The reasons for failure are logged and buffered into the local logging database such that the operator can track the failure conditions. RADIUS-based Dynamic VLAN Assignment If VLAN assignment is enabled in the RADIUS server then as part of the response message, the RADIUS server sends the VLAN ID which the client is requested to use in the 802.1x tunnel attributes.
2CSPC4.XModular-SWUM201.book Page 809 Monday, October 3, 2011 2:21 PM 802.1x Advanced Features dot1x guest-vlan dot1x unauth-vlan show dot1x advanced 802.1x Option 81 radius-server attribute 4 dot1x dynamic-vlan enable Use the dot1x dynamic-vlan enable command in Global Configuration mode to enable the capability of creating VLANs dynamically when a RADIUS–assigned VLAN does not exist in the switch. Use the no form of the command to disable this capability.
2CSPC4.XModular-SWUM201.book Page 810 Monday, October 3, 2011 2:21 PM dot1x initialize This command begins the initialization sequence on the specified port. This command is only valid if the control mode for the specified port is auto or mac-based. If the control mode is not auto or mac-based, an error will be returned. Syntax dot1x initialize [interface interface-id] Syntax Description Parameter Description interface-id The port to be initialized.
2CSPC4.XModular-SWUM201.book Page 811 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 812 Monday, October 3, 2011 2:21 PM Example The following example sets the number of times that the switch sends an EAP-request/identity frame to 6. console(config)# interface gigabitethernet 1/0/16 console(config-if-1/0/16)# dot1x max-req 6 dot1x max-users Use the dot1x max-users command in Interface Configuration mode to set the maximum number of clients supported on the port when MAC-based 802.1X authentication is enabled on the port.
2CSPC4.XModular-SWUM201.book Page 813 Monday, October 3, 2011 2:21 PM console(config-if-1/0/2)#dot1x max-users 3 dot1x port-control Use the dot1x port-control command in Interface Configuration mode to enable the IEEE 802.1X operation on the port. Syntax dot1x port-control {force-authorized | force-unauthorized | auto | macbased} no dot1x port-control • auto — Enables 802.1x authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.
2CSPC4.XModular-SWUM201.book Page 814 Monday, October 3, 2011 2:21 PM User Guidelines It is recommended that you disable the spanning tree or enable spanning-tree PortFast mode on 802.1x edge ports (ports in auto state that are connected to end stations), in order to go immediately to the forwarding state after successful authentication. When configuring a port to use MAC-based authentication, the port must be in switchport general mode.
2CSPC4.XModular-SWUM201.book Page 815 Monday, October 3, 2011 2:21 PM console# dot1x re-authenticate gigabitethernet 1/0/16 dot1x reauthentication Use the dot1x reauthentication command in Interface Configuration mode to enable periodic re-authentication of the client. To return to the default setting, use the no form of this command. Syntax dot1x reauthentication no dot1x reauthentication Default Configuration Periodic re-authentication is disabled.
2CSPC4.XModular-SWUM201.book Page 816 Monday, October 3, 2011 2:21 PM Parameter Description This command has no arguments or keywords. Default Configuration Dot1x monitor mode is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables 802.1x globally.
2CSPC4.XModular-SWUM201.book Page 817 Monday, October 3, 2011 2:21 PM User Guidelines It is recommended that the user set the dot1x timeout guest-vlan-period to at least three times the while timer, so that at least three EAP Requests are sent, before assuming that the client is a dot1x unaware client. Example The following example sets the dot1x timeout guest vlan period to 100 seconds.
2CSPC4.XModular-SWUM201.book Page 818 Monday, October 3, 2011 2:21 PM Change the default value of this command only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers. To provide a faster response time to the user, enter a smaller number than the default. Example The following example sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange to 3600.
2CSPC4.XModular-SWUM201.book Page 819 Monday, October 3, 2011 2:21 PM Example The following example sets the number of seconds between re-authentication attempts to 300. console(config)# interface gigabitethernet 1/0/16 console(config-if-1/0/16)# dot1x timeout reauthperiod 300 dot1x timeout server-timeout Use the dot1x timeout server-timeout command in Interface Configuration mode to set the time that the switch waits for a response from the authentication server.
2CSPC4.XModular-SWUM201.book Page 820 Monday, October 3, 2011 2:21 PM console(config-if-1/0/1)# dot1x timeout servertimeout 3600 dot1x timeout supp-timeout Use the dot1x timeout supp-timeout command in Interface Configuration mode to set the time that the switch waits for a response before retransmitting an Extensible Authentication Protocol (EAP)-request frame to the client. To return to the default setting, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 821 Monday, October 3, 2011 2:21 PM dot1x timeout tx-period Use the dot1x timeout tx-period command in Interface Configuration mode to set the number of seconds that the switch waits for a response to an Extensible Authentication Protocol (EAP)-request/identity frame from the client before resending the request. To return to the default setting, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 822 Monday, October 3, 2011 2:21 PM show dot1x Use the show dot1x command in Privileged EXEC mode to display: • A summary of the global dot1x configuration. • Summary information of the dot1x configuration for a specified port or all ports. • Detailed dot1x configuration for a specified port • Dot1x statistics for a specified port, depending on the tokens used.
2CSPC4.XModular-SWUM201.book Page 823 Monday, October 3, 2011 2:21 PM Field Description Monitor Mode Indicates whether the Dot1x Monitor mode on the switch is enabled or disabled. Example console#show dot1x Administrative Mode..............Enabled VLAN Assignment Mode.............Disabled Monitor Mode.....................
2CSPC4.XModular-SWUM201.book Page 824 Monday, October 3, 2011 2:21 PM Parameter Description Reason Actual reason behind the successful or failure authentication. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show dot1x authentication-history all detail Time Stamp............................... Mar 22 2010 01:16:31 Interface................................ Gi1/0/2 MAC-Address....
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 826 Monday, October 3, 2011 2:21 PM User Guidelines The following fields are displayed by this command. Field Description Clients Indicates the number of Dot1x clients authenticated using Authenticated using Monitor mode. Monitor Mode Clients Indicates the number of Dot1x clients authenticated using Authenticated using 802.1x authentication process. Dot1x The following table describes the significant fields shown in the display.
2CSPC4.XModular-SWUM201.book Page 827 Monday, October 3, 2011 2:21 PM Clients Authenticated using Dot1x.............. 1 Logical Interface.............................. 16 Interface...................................... gi1/0/2 User Name...................................... 000102030405 Supp MAC Address............................... 00:01:02:03:04:05 Session Time................................... 518 Filter Id...................................... VLAN Id........................................
2CSPC4.XModular-SWUM201.book Page 828 Monday, October 3, 2011 2:21 PM Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show dot1x interface gigabitethernet 1/0/10 Administrative Mode............... Disabled Dynamic VLAN Creation Mode........ Disabled Monitor Mode......................
2CSPC4.XModular-SWUM201.book Page 829 Monday, October 3, 2011 2:21 PM VLAN Assigned.................................. Supplicant Timeout............................. 30 Guest-vlan Timeout............................. 30 Server Timeout (secs).......................... 30 MAB mode (configured).......................... Disabled MAB mode (operational)......................... Disabled Authenticator PAE State........................ Initialize Backend Authentication State...................
2CSPC4.XModular-SWUM201.book Page 830 Monday, October 3, 2011 2:21 PM console#show dot1x statistics gigabitethernet 1/0/2 Port........................................... 1/0/2 EAPOL Frames Received.......................... 0 EAPOL Frames Transmitted....................... 0 EAPOL Start Frames Received.................... 0 EAPOL Logoff Frames Received................... 0 Last EAPOL Frame Version....................... 0 Last EAPOL Frame Source........................ 0000.0000.
2CSPC4.XModular-SWUM201.book Page 831 Monday, October 3, 2011 2:21 PM Field Description EapolRespFramesRx The number of valid EAP Response frames (other than Resp/Id frames) that have been received by this Authenticator. EapolReqIdFramesTx The number of EAP Req/Id frames that have been transmitted by this Authenticator. EapolReqFramesTx The number of EAP Request frames (other than Rq/Id frames) that have been transmitted by this Authenticator.
2CSPC4.XModular-SWUM201.book Page 832 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays 802.1x users. console#show dot1x users Port Username --------- --------1/0/1 Bob 1/0/2 John Switch# show dot1x users username Bob Port Username --------- --------1/0/1 Bob The following table describes the significant fields shown in the display: Field Description Username The username representing the identity of the Supplicant.
2CSPC4.XModular-SWUM201.book Page 833 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description interface–id Any valid interface. See Interface Naming Conventions for interface representation. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#clear dot1x authentication-history Purge all entries from the log.
2CSPC4.XModular-SWUM201.book Page 834 Monday, October 3, 2011 2:21 PM no dot1x guest-vlan • vlan-id — The ID of a valid VLAN to use as the guest VLAN (Range: 04093). Default Configuration The guest VLAN is disabled on the interface by default. Command Mode Interface Configuration (Ethernet) mode User Guidelines Configure the guest VLAN before using this command. Example The following example sets the guest VLAN on port 1/0/2 to VLAN 10.
2CSPC4.XModular-SWUM201.book Page 835 Monday, October 3, 2011 2:21 PM User Guidelines Configure the unauthenticated VLAN before using this command. Example The following example set the unauthenticated VLAN on port 1/0/2 to VLAN 20. console(config-if-1/0/2)#dot1x unauth-vlan 20 show dot1x advanced Use the show dot1x advanced command in Privileged EXEC mode to display 802.1x advanced features for the switch or for the specified interface. The output of this command has been updated in release 2.
2CSPC4.XModular-SWUM201.book Page 836 Monday, October 3, 2011 2:21 PM VLAN --------- --------- Vlan --------------- 1/0/1 Disabled Disabled 1/0/2 10 20 1/0/3 Disabled Disabled 1/0/4 Disabled Disabled 1/0/5 Disabled Disabled 1/0/6 Disabled Disabled console#show dot1x advanced gigabitethernet 1/0/2 Port Guest Unauthenticated VLAN --------1/0/2 --------- Vlan --------------- 10 20 802.
2CSPC4.XModular-SWUM201.book Page 837 Monday, October 3, 2011 2:21 PM Default Configuration If a RADIUS server has been configured on the switch, the default attribute 4 value is the RADIUS server IP address. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the NAS IP address in RADIUS attribute 4 to 192.168.10.22. console(config)#radius-server attribute 4 192.168.10.22 802.
2CSPC4.XModular-SWUM201.book Page 838 Monday, October 3, 2011 2:21 PM 838 802.
2CSPC4.XModular-SWUM201.book Page 839 Monday, October 3, 2011 2:21 PM 38 Data Center Technology Commands NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PCM8024-k switch. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 841 Monday, October 3, 2011 2:21 PM 39 Data Center Bridging Commands NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PCM8024-k switch. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models. Data Center Bridging Exchange Protocol The Data Center Bridging Exchange Protocol (DCBX) is used by DCB devices to exchange configuration information with directly connected peers.
2CSPC4.XModular-SWUM201.book Page 842 Monday, October 3, 2011 2:21 PM DCBX can be used by a device to perform configuration of DCB features in its peer device if the peer device is willing to accept configuration. Interoperability with IEEE DCBX The PowerConnect switch automatically detects if a peer is operating with either of the two CEE DCBX versions or the IEEE standard DCBX version. This is the default mode.
2CSPC4.XModular-SWUM201.book Page 843 Monday, October 3, 2011 2:21 PM explicitly by the operator. These ports will advertise their configuration to their peer if DCBX is enabled on that port. Incompatible peer configurations will be logged and counted with an error counter. The default operating mode for each port is Manual for PowerConnect releases; however, customer platforms may change the default mode for selected ports to either Auto-Upstream or Auto-Downstream mode.
2CSPC4.XModular-SWUM201.book Page 844 Monday, October 3, 2011 2:21 PM the port. The expectation is that the network administrator configures the upstream devices appropriately so that all such devices advertise a compatible configuration. Auto-Downstream Advertises a configuration but is not willing to accept one from the link partner. However, the port will accept a configuration propagated internally by the configuration source. Specifically, the willing parameter is disabled on auto-downstream.
2CSPC4.XModular-SWUM201.book Page 845 Monday, October 3, 2011 2:21 PM • No other port is the configuration source. • The port role is auto-upstream. • The port is enabled with link up and DCBX enabled. • The port has negotiated a DCBX relationship with the partner. • The switch is capable of supporting the received configuration values, either directly or by translating the values into an equivalent configuration N.B.
2CSPC4.XModular-SWUM201.book Page 846 Monday, October 3, 2011 2:21 PM lldp tlv-select dcbxp show lldp dcbx datacenter-bridging Use the datacenter-bridging command for an ethernet interface in order to enter the DataCenterBridging mode. Priority-Flow-Control is configurable from within the DataCenterBridging mode. Syntax datacenter-bridging Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 847 Monday, October 3, 2011 2:21 PM it. DCBX can be configured to operate in IEEE mode or CEE mode or CIN mode. In auto mode, version detection is based on the peer device DCBX version. The switch operates in either IEEE or one of the legacy modes on each interface. NOTE: CIN is Cisco Intel Nuova DCBX (version 1.0). CEE is converged enhanced ethernet DCBX (version 1.06). Use the no form of the command to reset the dcbx version to the default value of auto.
2CSPC4.XModular-SWUM201.book Page 848 Monday, October 3, 2011 2:21 PM Example The following example configures the switch to use CEE DCBX. s1(config)#lldp dcbx version cee lldp tlv-select dcbxp Use the lldp tlv-select dcbxp command in Interface Configuration or Global Configuration mode to send specific DCBX TLVs if LLDP is enabled to transmit on the given interface. If no parameter is given, all DCBX TLVs are enabled for transmission. The default is all DCBX TLVs are enabled for transmission.
2CSPC4.XModular-SWUM201.book Page 849 Monday, October 3, 2011 2:21 PM User Guidelines Interface configuration overrides the global configuration on the designated interface. Example The following example configures the port to transmit all TLVs. console(interface-config)#no lldp tlv-select dcbxp lldp dcbx port-role Use the lldp dcbx port-role command in Interface Configuration mode to configure the port role to manual, auto-upstream, auto-downstream and configuration source.
2CSPC4.XModular-SWUM201.book Page 850 Monday, October 3, 2011 2:21 PM Parameter Description Configuration Source In this role, the port has been manually selected to be the configuration source. Configuration received over this port is propagated to the other auto-configuration ports. Selection of a port based upon compatibility of the received configuration is suppressed. These ports should be connected to a trusted FCF. These ports have the willing bit enabled.
2CSPC4.XModular-SWUM201.book Page 851 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description interface-id A valid physical interface specifier. all All interfaces. Default Configuration The default is to show the per interface TLV configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 852 Monday, October 3, 2011 2:21 PM system-description system-name switch(config)# show lldp tlv-select interface all Interface PFC App Priority -------------- --- ------------ te1/0/1 Yes No te1/0/2 Yes No show lldp dcbx Use the show lldp dcbx command in Privileged EXEC mode to display the per interface DCBX configuration and status.
2CSPC4.XModular-SWUM201.book Page 853 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example 1 The following example displays DCBX status. switch(config)# show lldp dcbx interface all status Interface Dscrd Status ---------- ----------- Role Version DCBX DCBX Tx Rx Frame TLV Dscrd -------- -------- ------ ------ ------ - te1/0/1 0 Enabled Auto-up CEE 1.06 32 37 0 te1/0/2 0 Enabled Auto-up IEEE 32 37 0 te2/0/1 0 Enabled Auto-dn CIN 1.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 855 Monday, October 3, 2011 2:21 PM Type Application Priority Status --------------------------------------------------Ethernet FC0E 3 Enabled TCP/SCTP 860 4 Disabled TCP/SCTP 3260 4 Disabled Error Counters: ETS Incompatible Configuration: 0 PFC Incompatible Configuration: 0 Disappearing Neighbor: 0 Multiple Neighbors Detected: 0 Example 3 The following example displays DCBX enabled – IEEE device (DCBX Version Forced).
2CSPC4.XModular-SWUM201.book Page 856 Monday, October 3, 2011 2:21 PM Multiple Neighbors Detected: 0 Example 5 The following example displays DCBX enabled—detailed view. Displays the transmitted and received TLV information. The ETS information is documented in IEEE 802.1az D2.4, tables D-2, D-3, and D-4. The PFC Enable Vector information is documented in IEEE 802.1az D2.4, table D-5. The transmitted recommendation TLV is never displayed because it is always the same as the configured TLV.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 859 Monday, October 3, 2011 2:21 PM FIP Snooping Commands 40 NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PCM8024-k switch. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models. The FCoE Initialization Protocol (FIP) is used to perform the functions of FC_BB_E device discovery, initialization and maintenance.
2CSPC4.XModular-SWUM201.book Page 860 Monday, October 3, 2011 2:21 PM feature fip-snooping 2 Configure a VLAN and enable it for FIP Snooping. The example below sets up ports 1 through 16 (CNA connected ports) and port 24 (FCF connected port) to use VLAN 100 and enables VLAN 100 for FIP snooping. vlan 100 fip-snooping enable exit interface range te1/0/1-16,te1/0/24 switchport mode general switchport general allowed vlan add 100 tagged exit 3 Set up the port roles.
2CSPC4.XModular-SWUM201.book Page 861 Monday, October 3, 2011 2:21 PM show fip-snooping clear fip-snooping statistics show fip-snooping enode – feature fip-snooping Use the feature fip-snooping command in Global Configuration mode to globally enable Fibre Channel over Ethernet Initialization Protocol (FIP) snooping on the switch. Use the no form of the command to return the settings to the default values and disable FIP snooping. Use the no form of the command to globally disable FIP snooping.
2CSPC4.XModular-SWUM201.book Page 862 Monday, October 3, 2011 2:21 PM s1(config)#feature fip-snooping fip-snooping enable Use the fip-snooping command in VLAN Configuration mode to enable snooping of FIP packets on the configured VLANs. FIP snooping is disabled on VLANs by default. Use the no form of the command to return the mode to the default (off). Syntax fip-snooping enable no fip-snooping enable Default Configuration The default mode is off (FIP snooping is disabled.
2CSPC4.XModular-SWUM201.book Page 863 Monday, October 3, 2011 2:21 PM fip-snooping fc-map Use the fip-snooping fc-map command in VLAN Configuration mode to configure the FP-MAP value on a VLAN. The FC map value is used to help in securing the switch against misconfiguration. Syntax fip-snooping fc-map 0x0 – 0xffffff no fip-snooping fc-map Parameter Description Valid FC map values are in the range of 0x0 to 0xffffff. Default Configuration The default FC map value is 0x0efc00.
2CSPC4.XModular-SWUM201.book Page 864 Monday, October 3, 2011 2:21 PM fip-snooping port-mode To relay the FIP packets received from the hosts toward the Fibre Channel Fabric (FCF), the switch needs to know the interfaces to which the FCFs are connected. Use the fip-snooping port-mode command in Interface Configuration mode to configure the interface that is connected towards FCF. By default, an interface is configured to be a host-facing interface if it is not configured to be an FCF-facing interface.
2CSPC4.XModular-SWUM201.book Page 865 Monday, October 3, 2011 2:21 PM Example The following example configures an interface to be connected to an FCF switch. (config)# interface te1/0/1 (config-vlan)# fip-snooping port-mode fcf show fip-snooping Use the show fip-snooping sessions command in User EXEC or Privileged EXEC mode to display information about the global FIP snooping configuration and status. Syntax show fip-snooping Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 866 Monday, October 3, 2011 2:21 PM Parameter Description Max VLANs Maximum number of VLANs that can be enabled for FIP snooping on the switch. Max FCFs in VLAN Maximum number of FCFs supported in a VLAN. Max ENodes Maximum number of ENodes supported in the switch. Max Sessions Maximum number of Sessions supported in the switch. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 867 Monday, October 3, 2011 2:21 PM show fip-snooping enode Use the show fip-snooping enode command in User EXEC or Privileged EXEC mode to display information about the interfaces connected to ENodes. Syntax show fip-snooping enode [enode-mac] Parameter Description Parameter Description enode-mac MAC address of the enode to display. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 868 Monday, October 3, 2011 2:21 PM Parameter Description Sessions Waiting Number of virtual connections waiting for FCF acceptance. Sessions Failed Number of virtual sessions failed. Max-FCoE-PDU Maximum FCoE PDU size the ENode MAC intends to use for FCoE traffic. This is equivalent to the maximum Ethernet frame payload the ENode intends to send. Time elapsed Time elapsed since first successful login session snooped from the ENode.
2CSPC4.XModular-SWUM201.book Page 869 Monday, October 3, 2011 2:21 PM Name-ID 000000 ENode-MAC 00:0c:29:65:82:bc FCFs Connected1 Sessions Established3 Sessions Waiting 1 Session Failed 0 Max-FCoE-PDU 2158 Time elapsed 0 days, 1 hours, 20 minutes show fip-snooping fcf Use the show fip-snooping fcf command in User EXEC or Privileged EXEC mode to display information about the interfaces connected to FCFs.
2CSPC4.XModular-SWUM201.book Page 870 Monday, October 3, 2011 2:21 PM Parameter Description Interface Interface to which the FCF is connected. VLAN ID number of the VLAN to which the FCF belongs. No. of ENodes Total number of ENodes that are connected to the FCF. FPMA/SPMA Type of the MAC address for ENode as negotiated by the FCF. FCMAP FCMAP value used by the FCF. FCF-MAC MAC address of the FCF. Fabric Name Name of the FCF.
2CSPC4.XModular-SWUM201.book Page 871 Monday, October 3, 2011 2:21 PM Parameter Description FKA-ADV FIP keepalive interval (FKA_ADV_PERIOD) in seconds configured on the FCF multiplied by five. For example, if the FKA_ADV period configured on the FCF is 80 seconds, the value of this field is 400. FCF Expiry Time This is timer value to monitor the status of the FCF. FCF entry and all its associated virtual sessions will be removed when the value reaches 0.
2CSPC4.XModular-SWUM201.book Page 872 Monday, October 3, 2011 2:21 PM Example #2 The following displays sample output of the command when the optional argument is provided.
2CSPC4.XModular-SWUM201.book Page 873 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description Interface-id ID of an interface on which FIP snooping has been enabled. FCF-MAC MAC address of the FCF that is part of the session. ENode-MAC MAC address of the ENode that is part of the session. VLAN ID number of the VLAN that contains the session. FCoE MAC Source MAC address of the FCoE packets that are originated by the ENode as part of the session.
2CSPC4.XModular-SWUM201.book Page 874 Monday, October 3, 2011 2:21 PM The command output format is different when the detail option is used. The information below is displayed. Parameter Description VLAN VLAN to which the session belongs. FC-MAP FCMAP value used by the FCF. FCFs Number of FCFs discovered. ENodes Number of ENodes discovered. Sessions Total virtual sessions in FCoE VLAN. FCF Information Interface Interface on which the FCF is discovered. MAC MAC address of the FCF.
2CSPC4.XModular-SWUM201.book Page 875 Monday, October 3, 2011 2:21 PM Parameter Description Expiry Time This is virtual connection/session expiry interval. This is used to monitor the status of the session. Session entry is removed when the value reaches 0. This value is reset to 450 secs (5*90 secs) every time an associated VN_Port FKA is received from the ENode. This is ignored (marked as NA) if the D-bit is set to one in the FCF Discovery Advertisements.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 879 Monday, October 3, 2011 2:21 PM TENTATIVE ----------------- FDESC(1,1) -------------- FPMA Example #3 The sample command output below displays sessions between specified FCF and ENode.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 881 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC User Guidelines The following table describes the packet counters per FIP Operation. Packet Counter Description VR Number of VLAN Request messages received on the VLAN. VN Number of VLAN Notification messages received on the VLAN. MDS Number of Multicast Discovery Solicitation messages snooped on the VLAN.
2CSPC4.XModular-SWUM201.book Page 882 Monday, October 3, 2011 2:21 PM Packet Counter Description CVL Number of Clear Virtual Links actions on the VLAN. The following table describes the other interface or session-related counters. Other Counters Description Number of Virtual Session Timeouts Number of Virtual sessions removed due to session timer expiry. Number of FCF Session Timeouts Number of ACTIVE sessions timed out due to Discovery Advertisements expiry from FCFs in the VLAN.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 885 Monday, October 3, 2011 2:21 PM Number of Sessions denied with FCF limit: 0 Number of Sessions denied with ENode limit: 0 Number of Sessions denied with System limit: 21 Example #2 Below is the sample command output with optional VLAN argument supplied.
2CSPC4.XModular-SWUM201.book Page 886 Monday, October 3, 2011 2:21 PM FDISC_RJT 0 LOGO_ACC 1 LOGO_RJT 0 CVL 0 -------------------------------- Number of Virtual Session Timeouts:2 Number of FCF Session Timeouts: 0 Number of Session configuration failures: 10 Number of Sessions denied with FCF limit: 0 Number of Sessions denied with ENode limit: Number of Sessions denied with System limit: 0 21 Example #3 Below is the sample command output with optional interface argument supplied.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 888 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description vlan-id A VLAN enabled for FIP snooping. VLAN VLAN in which FIP snooping is enabled/operational. FC-MAP FCoE mapped address prefix of the FCoE forwarder for the FCoE VLAN. FCFs Number of FCFs discovered. ENodes Number of ENodes discovered. Sessions Total virtual sessions in FCoE VLAN. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 889 Monday, October 3, 2011 2:21 PM Inactive Ports: clear fip-snooping statistics Use the clear fip-snooping statistics command in User EXEC or Privileged EXEC mode to clear the FIP Snooping statistics in the supplied VLAN or on a supplied interface. If the optional (VLAN or interface) argument is not given, this command clears the statistics on all FIP snooping-enabled VLANs.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 891 Monday, October 3, 2011 2:21 PM 41 Priority Flow Control Commands NOTE: Fiber Channel over Ethernet (FCoE) commands are only supported on the PCM8024-k switch. CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models. Priority Flow Control (PFC) provides a means of pausing frames based on individual priorities on a single physical link.
2CSPC4.XModular-SWUM201.book Page 892 Monday, October 3, 2011 2:21 PM addition to the headroom. With two no-drop priorities per interface and static allocations, there is only about 30 percent of the buffer space available for normal forwarding behavior. The effective default behavior on an interface enabled for PFC without a nodrop priority is that no flow control (legacy or PFC) is enabled. If the user enables PFC but does not create any no-drop priorities, the interface will not be lossless.
2CSPC4.XModular-SWUM201.book Page 893 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description on Enable PFC on the interface. off Disable PFC on the interface. Default Configuration Priority-flow-control mode is off (disabled) by default. Command Mode Datacenter-Bridging Config mode User Guidelines PFC must be enabled before FIP snooping can operate over the interface. Use the no form of the command to return the mode to the default (off).
2CSPC4.XModular-SWUM201.book Page 894 Monday, October 3, 2011 2:21 PM Use the no form of the command to return all priorities to their default lossy behavior. Syntax priority-flow-control priority priority-list {drop | no-drop} no priority-flow-control priority Parameter Description Parameter Description drop Disable lossless behavior on the selected priorities. no-drop Enable lossless behavior on the selected priorities. Default Configuration The default behavior for all priorities is drop.
2CSPC4.XModular-SWUM201.book Page 895 Monday, October 3, 2011 2:21 PM clear priority-flow-control statistics Use the clear priority-flow-control statistics command to clear all or interface Priority-Flow-Control statistics. Syntax clear priority-flow-control statistics [ethernet interface ] • interface — A valid Ethernet port. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 896 Monday, October 3, 2011 2:21 PM Parameter Description interface-id A valid Ethernet port identifier. Command Mode Privileged EXEC User Guidelines This command has no user guidelines. Examples The following examples show the priority flow control status and statistics.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 899 Monday, October 3, 2011 2:21 PM 42 Layer 3 Commands The chapters that follow describe commands that conform to the OSI model’s Network Layer (Layer 3). Layer 3 commands perform a series of exchanges over various data links to deliver data between any two nodes in a network. These commands define the addressing and routing structure of the Internet.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 901 Monday, October 3, 2011 2:21 PM ARP Commands 43 When a host has an IP packet to send on an Ethernet network, it must encapsulate the IP packet in an Ethernet frame. The Ethernet header requires a destination MAC address. If the destination IP address is on the same network as the sender, the sender uses the Address Resolution Protocol (ARP) to determine the MAC address associated with destination IP address.
2CSPC4.XModular-SWUM201.book Page 902 Monday, October 3, 2011 2:21 PM ARP Aging Dynamic entries in the ARP cache are aged. When an entry for a neighbor router reaches its maximum age, the system sends an ARP request to the neighbor router to renew the entry. Entries for neighbor routers should remain in the ARP cache as long as the neighbor continues to respond to ARP requests. ARP cache entries for neighbor hosts are renewed more selectively.
2CSPC4.XModular-SWUM201.book Page 903 Monday, October 3, 2011 2:21 PM Syntax arp ip-address hardware-address no arp ip-address • ip-address — IP address of a device on a subnet attached to an existing routing interface. • hardware-address — A unicast MAC address for that device. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 904 Monday, October 3, 2011 2:21 PM Default Configuration The default integer value is 896. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines an arp cachesize of 500. console(config)#arp cachesize 500 arp dynamicrenew Use the arp dynamicrenew command in Global Configuration mode to enable the ARP component to automatically renew dynamic ARP entries when they age out.
2CSPC4.XModular-SWUM201.book Page 905 Monday, October 3, 2011 2:21 PM entry is reset to 0 without removing the entry from the hardware. Traffic to the host continues to be forwarded in hardware without interruption. If the entry is not being used to forward data packets, then the entry is deleted from the ARP cache, unless the dynamic renew option is enabled. If the dynamic renew option is enabled, the system sends an ARP request to renew the entry.
2CSPC4.XModular-SWUM201.book Page 906 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example removes the specified IP address from arp cache. console#arp purge 192.168.1.10 arp resptime Use the arp resptime command in Global Configuration mode to configure the ARP request response timeout. To return the response timeout to the default value, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 907 Monday, October 3, 2011 2:21 PM arp retries Use the arp retries command in Global Configuration mode to configure the ARP count of maximum requests for retries. To return to the default value, use the no form of this command. Syntax arp retries integer no arp retries • integer — The maximum number of requests for retries. (Range: 0-10) Default Configuration The default value is 4 retries.
2CSPC4.XModular-SWUM201.book Page 908 Monday, October 3, 2011 2:21 PM Default Configuration The default value is 1200 seconds. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example defines 900 seconds as the timeout. console(config)#arp timeout 900 clear arp-cache Use the clear arp-cache command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache.
2CSPC4.XModular-SWUM201.book Page 909 Monday, October 3, 2011 2:21 PM console#clear arp-cache gateway clear arp-cache management Use the clear arp-cache management command to clear all entries that show as management arp entries in the show arp command. Syntax clear arp-cache management Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 910 Monday, October 3, 2011 2:21 PM IP Address MAC Address Interface Type Age --------------- ----------------- -------------- -------- ----------10.27.20.241 001A.A0FF.F662 Management Dynamic n/a 10.27.20.243 0019.B9D1.29A3 Management Dynamic n/a console#clear arp-cache management ip local-proxy-arp Use the ip local proxy-arp command in Interface Configuration mode to enable proxying of ARP requests.
2CSPC4.XModular-SWUM201.book Page 911 Monday, October 3, 2011 2:21 PM next hops in its route to the destination are through interfaces other than the interface that received the ARP request. Use the no form of the command to disable proxy ARP on a router interface. Syntax ip proxy-arp no ip proxy-arp Default Configuration Enabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 912 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC and Privileged EXEC modes User Guidelines The show arp command will display static (user-configured) ARP entries regardless of whether they are reachable over an interface or not. Example The following example shows show arp command output.
2CSPC4.XModular-SWUM201.book Page 913 Monday, October 3, 2011 2:21 PM 44 DHCP Server and Relay Agent Commands DHCP is based on the Bootstrap Protocol (BOOTP). It also captures the behavior of BOOTP relay agents and DHCP participants can inter operate with BOOTP participants. The host RFC’s standardize the configuration parameters which can be supplied by the DHCP server to the client.
2CSPC4.XModular-SWUM201.book Page 914 Monday, October 3, 2011 2:21 PM • Internet access cost is greatly reduced by using automatic assignment as Static IP addresses are considerably more expensive to purchase than are automatically allocated IP addresses. • Using DHCP a centralized management policy can be implemented as the DHCP server keeps information about all the subnets. This allows a system operator to update a single server when configuration changes take place.
2CSPC4.XModular-SWUM201.book Page 915 Monday, October 3, 2011 2:21 PM Syntax ip dhcp pool [pool-name] no ip dhcp pool [pool-name] Parameter Description Parameter Description pool-name The name of an existing or new DHCP address pool. The pool name can be up to 31 characters in length and can contain the following characters: a-z, A-Z, 0-9, ’-’, ’_’, ’ ’. Enclose the entire pool name in quotes if an embedded blank is to appear in the pool name.
2CSPC4.XModular-SWUM201.book Page 916 Monday, October 3, 2011 2:21 PM • Client DNS server – dns-server • NetBIOS WINS Server – netbios-name-server • NetBIOS Node Type – netbios-node-type • Client default router – default-router • Client address lease time – lease Administrators may also configure manual bindings for clients using the host command in DHCP Pool Configuration mode.
2CSPC4.XModular-SWUM201.book Page 917 Monday, October 3, 2011 2:21 PM console(config)#ip dhcp pool "Windows PCs" console(config-dhcp-pool)#network 192.168.21.0 /24 console(config-dhcp-pool)#domain-name powerconnect.com console(config-dhcp-pool)#dns-server 192.168.22.3 192.168.23.3 console(config-dhcp-pool)#netbios-name-server 192.168.22.2 192.168.23.2 console(config-dhcp-pool)#netbios-node-type h-node console(config-dhcp-pool)#lease 2 12 console(config-dhcp-pool)#default-router 192.168.22.1 192.168.23.
2CSPC4.XModular-SWUM201.book Page 918 Monday, October 3, 2011 2:21 PM Command Mode DHCP Pool Configuration mode User Guidelines This command has no user guidelines. Example console(config-dhcp-pool)#bootfile ntldr clear ip dhcp binding Use the clear ip dhcp binding command in Privileged EXEC mode to remove automatic DHCP server bindings. Syntax clear ip dhcp binding {ip-address | *} Parameter Description Parameter Description * Clear all automatic dhcp bindings.
2CSPC4.XModular-SWUM201.book Page 919 Monday, October 3, 2011 2:21 PM clear ip dhcp conflict Use the clear ip dhcp conflict command in Privileged EXEC mode to remove DHCP server address conflicts. Use the show ip dhcp conflict command to display address conflicts detected by the DHCP server. Syntax clear ip dhcp conflict {ip-address | *} Parameter Description Parameter Description * Clear all dhcp conflicts. ip-address Clear a specific address conflict.
2CSPC4.XModular-SWUM201.book Page 920 Monday, October 3, 2011 2:21 PM no client-identifier Parameter Description Parameter Description unique-identifier The identifier of the Microsoft DHCP client. The client identifier is specified as 7 bytes of the form XX:XX:XX:XX:XX:XX:XX where X is a hexadecimal digit. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 921 Monday, October 3, 2011 2:21 PM no client-name Parameter Description Parameter Description name The name of the DHCP client. The client name is specified as up to 31 printable characters. Default Configuration There is no default client name. Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters.
2CSPC4.XModular-SWUM201.book Page 922 Monday, October 3, 2011 2:21 PM no default-router Parameter Description Parameter Description ip-address1 The IPv4 address of the first default router for the DHCP client. ip-address2 The IPv4 address of the second default router for the DHCP client. Default Configuration No default router is configured. Command Mode DHCP Pool Configuration mode User Guidelines This command has no user guidelines. Example console(config-dhcp-pool)#default-router 192.168.22.
2CSPC4.XModular-SWUM201.book Page 923 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description ip-address1 Valid IPv4 address. Default Configuration This command has no default configuration. Command Mode IP DHCP Pool Configuration mode User Guidelines This command has no user guidelines. domain-name (IP DHCP Pool Config) Use the domain-name command in IP DHCP Pool Configuration mode to set the DNS domain name which is provided to a DHCP client by the DHCP server.
2CSPC4.XModular-SWUM201.book Page 924 Monday, October 3, 2011 2:21 PM hardware-address Use the hardware-address command in DHCP Pool Configuration mode to specify the MAC address of a client to be manually assigned an address. Use the no form of the command to remove the MAC address assignment. Syntax hardware-address hardware-address no hardware-address Parameter Description Parameter Description hardware-address MAC address of the client. Either the XXXX.XXXX.
2CSPC4.XModular-SWUM201.book Page 925 Monday, October 3, 2011 2:21 PM host Use the host command in DHCP Pool Configuration mode to specify a manual binding for a DHCP client host. Use the no form of the command to remove the manual binding. Syntax host ip-address [netmask|prefix-length] no host Parameter Description Parameter Description ip-address IPv4 address to be manually assigned to the host identified by the client identifier.
2CSPC4.XModular-SWUM201.book Page 926 Monday, October 3, 2011 2:21 PM ip dhcp bootp automatic Use the ip dhcp bootp automatic command in Global Configuration mode to enable automatic BOOTP address assignment. By default, BOOTP clients are not automatically assigned addresses, although they may be assigned a static address. Use the no form of the command to disable automatic BOOTP client address assignment.
2CSPC4.XModular-SWUM201.book Page 927 Monday, October 3, 2011 2:21 PM no ip dhcp conflict logging Parameter Description This command does not require a parameter description. Default Configuration Conflict logging is enabled by default. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 928 Monday, October 3, 2011 2:21 PM Parameter Description High-address An IPv4 address indicating the ending range for exclusion from automatic DHCP address assignment. The high-address must be numerically greater than the low-address. Default Configuration By default, no IP addresses are excluded from the lists configured by the IP DHCP pool configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 929 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description count The number of ping packets sent to detect an address in use. The default is 2 packets. Range 0, 2-10. A value of 0 turns off address detection. Use the no form of the command to return the setting to the default value. Default Configuration The command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 930 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description days The number of days for the lease duration. Range 0-59. Default is 1. hours The number of hours for the lease duration. Range 0-23. There is no default. minutes The number of minutes for the lease duration. Range 0-59. There is no default. infinite The lease does not expire. Default Configuration The default is a 1 day lease.
2CSPC4.XModular-SWUM201.book Page 931 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description ip-address IPv4 address Default Configuration There is no default name server configured. Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters. Up to eight name server addresses may be specified.
2CSPC4.XModular-SWUM201.book Page 932 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description type The NetBIOS node type can be b-node, h-node, m-node or pnode. Default Configuration There is no default NetBIOS node type configured. Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters.
2CSPC4.XModular-SWUM201.book Page 933 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description network-number A valid IPv4 address mask A valid IPv4 network mask with contiguous left-aligned bits. prefix-length An integer indicating the number of leftmost bits in the network-number to use as a prefix for allocating cells. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 934 Monday, October 3, 2011 2:21 PM User Guidelines Use the show ip dhcp pool command to display pool configuration parameters. The IPv4 address is conveyed in the SIADDR field of the DHCP OFFER, DHCP ACK, DHCP INFORM ACK and DHCP BOOTREPLY messages. Example console(config-dhcp-pool)#next-server 192.168.21.2 option Use the option command in DHCP Pool Configuration mode to supply arbitrary configuration information to a DHCP client.
2CSPC4.XModular-SWUM201.book Page 935 Monday, October 3, 2011 2:21 PM Command Mode DHCP Pool Configuration mode User Guidelines The option information must match the selected option type and length. Options cannot be longer than 255 characters in length. The option information is conveyed in the TLV specified by the code parameter in the DHCP OFFER, DHCP ACK, DHCP INFORM ACK and DHCP BOOTREPLY messages.
2CSPC4.XModular-SWUM201.book Page 936 Monday, October 3, 2011 2:21 PM Figure 44-1.
2CSPC4.XModular-SWUM201.book Page 937 Monday, October 3, 2011 2:21 PM Figure 44-1.
2CSPC4.XModular-SWUM201.book Page 938 Monday, October 3, 2011 2:21 PM Example console(config-dhcp-pool)#option 4 ascii "ntpservice.com " console(config-dhcp-pool)#option 42 ip 192.168.21.1 console(config-dhcp-pool)#option 29 hex 01 console(config-dhcp-pool)#option 59 hex 00 00 10 01 console(config-dhcp-pool)#option 25 hex 01 ff service dhcp Use the service dhcp command in Global Configuration mode to enable local IPv4 DHCP server on the switch. Use the no form of the command to disable the DHCPv4 service.
2CSPC4.XModular-SWUM201.book Page 939 Monday, October 3, 2011 2:21 PM Syntax sntp ip-address no sntp Parameter Description Parameter Description ip-address The IPv4 address of the NTP server to use for time services. Default Configuration There is no default IPv4 NTP server configured. Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters.
2CSPC4.XModular-SWUM201.book Page 940 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description address A valid IPv4 address Default Configuration The command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console(config)# show ip dhcp binding IP address DUID Hardware Address Expires Type --------------------------------------------------------------------- ----- 10.10.10.
2CSPC4.XModular-SWUM201.book Page 941 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description address A valid IPv4 address for which the conflict information is desired. Default Configuration The command has no default configuration. Command Mode Privileged EXEC modes User Guidelines This command has no user guidelines. show ip dhcp global configuration Use the show ip dhcp global configuration command in Privileged EXEC mode to display the DHCP global configuration.
2CSPC4.XModular-SWUM201.book Page 942 Monday, October 3, 2011 2:21 PM Example console#show ip dhcp server statistics show ip dhcp pool Use the show ip dhcp pool command in User EXEC or Privileged EXEC mode to display the configured DHCP pool or pools. If no pool name is specified, information about all pools is displayed. Syntax show ip dhcp pool [all | poolname ] Parameter Description Parameter Description poolname Name of the pool.
2CSPC4.XModular-SWUM201.book Page 943 Monday, October 3, 2011 2:21 PM Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ip dhcp server statistics Automatic Bindings............................. 100 Expired Bindings............................... 32 Malformed Bindings.............................
2CSPC4.XModular-SWUM201.book Page 944 Monday, October 3, 2011 2:21 PM DHCP ACK....................................... 132 DHCP NACK......................................
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 946 Monday, October 3, 2011 2:21 PM Examples The following examples clears DHCPv6 statistics for VLAN 11. console#clear ipv6 dhcp interface vlan 11 statistics\ dns-server (IPv6 DHCP Pool Config) Use the dns-server command in IPv6 DHCP Pool Configuration mode to set the IPv6 DNS server address which is provided to a DHCPv6 client by the DHCPv6 server. DNS server address is configured for stateless server support.
2CSPC4.XModular-SWUM201.book Page 947 Monday, October 3, 2011 2:21 PM Syntax domain-name domain no domain-name domain • domain — DHCPv6 domain name. (Range: 1–255 characters) Default Configuration This command has no default configuration. Command Mode IPv6 DHCP Pool Configuration mode User Guidelines DHCPv6 pool can have multiple number of domain names with maximum of 8. Example The following example sets the DNS domain name "test", which is provided to a DHCPv6 client by the DHCPv6 server.
2CSPC4.XModular-SWUM201.book Page 948 Monday, October 3, 2011 2:21 PM • pool-name — DHCPv6 pool name. (Range: 1-31 characters) Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enters IPv6 DHCP Pool Configuration mode.
2CSPC4.XModular-SWUM201.book Page 949 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Interface Configuration (VLAN, Tunnel) mode User Guidelines If relay-address is an IPv6 global address, then relay-interface is not required. If relay-address is a link-local or multicast address, then relay-interface is required.
2CSPC4.XModular-SWUM201.book Page 950 Monday, October 3, 2011 2:21 PM • rapid-commit — Is an option that allows for an abbreviated exchange between the client and server. • pref-value — Preference value —used by clients to determine preference between multiple DHCPv6 servers. (Range: 0-4294967295) Default Configuration The default preference value is 20. Rapid commit is not enabled by default.
2CSPC4.XModular-SWUM201.book Page 951 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description prefix/prefix-length Delegated IPv6 prefix. client-DUID Client DUID (e.g. 00:01:00:09:f8:79:4e:00:04:76:73:43:76'). hostname Client hostname used for logging and tracing. (Range: 0-31 characters.) The command allows spaces in the host name when specified in double quotes. For example, console(config)#snmp-server host "host name" valid-lifetime Valid lifetime for delegated prefix.
2CSPC4.XModular-SWUM201.book Page 952 Monday, October 3, 2011 2:21 PM The following example defines a unique local address prefix with the MAC address 00:1D:BA:06:37:64 converted to EUI-64 format and a preferred lifetime of 5 days. console(config-dhcp6s-pool)#prefix-delegation fc00::/7 00:1D:BA:FF:FE:06:37:64 preferred-lifetime 43200 service dhcpv6 Use the service dhcpv6 command in Global Configuration mode to enable local IPv6 DHCP server on the switch.
2CSPC4.XModular-SWUM201.book Page 953 Monday, October 3, 2011 2:21 PM show ipv6 dhcp Use the show ipv6 dhcp command in Privileged EXEC mode to display the DHCPv6 server name and status. Syntax show ipv6 dhcp Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 954 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC and User EXEC modes User Guidelines This command has no user guidelines. Example The following example displays the configured DHCP pool based on the entered IPv6 address.
2CSPC4.XModular-SWUM201.book Page 955 Monday, October 3, 2011 2:21 PM Command Mode User EXEC, Privileged EXEC modes User Guidelines Statistics are shown depending on the interface mode (relay, server, or client). Examples The following examples display DHCPv6 information for VLAN 11 when configured in relay mode. console> show ipv6 dhcp interface vlan 11 IPv6 Interface................................. vlan11 Mode........................................... Relay Relay Address..............................
2CSPC4.XModular-SWUM201.book Page 956 Monday, October 3, 2011 2:21 PM DHCPv6 Malformed Packets Received.............. 0 Received DHCPv6 Packets Discarded.............. 0 Total DHCPv6 Packets Received.................. 0 DHCPv6 Advertisement Packets Transmitted....... 0 DHCPv6 Reply Packets Transmitted............... 0 DHCPv6 Reconfig Packets Transmitted............ 0 DHCPv6 Relay-reply Packets Transmitted......... 0 DHCPv6 Relay-forward Packets Transmitted....... 0 Total DHCPv6 Packets Transmitted.........
2CSPC4.XModular-SWUM201.book Page 957 Monday, October 3, 2011 2:21 PM User Guidelines This command shows the DHCP status. Information displayed depends on the mode. The command output provides the following information for an interface configured in client mode. Not all fields will be shown for an inactive client. Term Description Mode Displays whether the specified interface is in Client, Relay, or Server mode. State State of the DHCPv6 Client on this interface.
2CSPC4.XModular-SWUM201.book Page 958 Monday, October 3, 2011 2:21 PM Example The following example shows the output from this command when the device has leased an IPv6 address from the DHCPv6 server on interface 1/0/1. NOTE: Note that the interface is in client mode. console#show ipv6 dhcp interface vlan 2 IPv6 Interface................................. Vl2 Mode........................................... Client State.......................................... ACTIVE Server DUID............................
2CSPC4.XModular-SWUM201.book Page 959 Monday, October 3, 2011 2:21 PM DHCPv6 Solicit Packets Received................ 0 DHCPv6 Request Packets Received................ 0 DHCPv6 Confirm Packets Received................ 0 DHCPv6 Renew Packets Received.................. 0 DHCPv6 Rebind Packets Received................. 0 DHCPv6 Release Packets Received................ 0 DHCPv6 Decline Packets Received................ 0 DHCPv6 Inform Packets Received................. 0 DHCPv6 Relay-forward Packets Received....
2CSPC4.XModular-SWUM201.book Page 960 Monday, October 3, 2011 2:21 PM Syntax show ipv6 dhcp pool poolname • poolname — Name of the pool. (Range: 1-32 characters) Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines. Example The following example displays the configured DHCP pool.
2CSPC4.XModular-SWUM201.book Page 961 Monday, October 3, 2011 2:21 PM Example The following example displays the DHCPv6 server name and status. console> show ipv6 dhcp statistics DHCPv6 Interface Global Statistics -----------------------------------DHCPv6 Solicit Packets Received................ 0 DHCPv6 Request Packets Received................ 0 DHCPv6 Confirm Packets Received................ 0 DHCPv6 Renew Packets Received.................. 0 DHCPv6 Rebind Packets Received.................
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 963 Monday, October 3, 2011 2:21 PM 46 DVMRP Commands Distance Vector Multicast Routing Protocol (DVMRP) is a dense mode multicast protocol and is most appropriate for use in networks where bandwidth is relatively plentiful and there is at least one multicast group member in each subnet. DVMRP assumes that all hosts are part of a multicast group until it is informed of multicast group changes.
2CSPC4.XModular-SWUM201.book Page 964 Monday, October 3, 2011 2:21 PM Default Configuration Disabled is the default configuration. Command Mode Global Configuration Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets VLAN 15’s administrative mode of DVMRP to active.
2CSPC4.XModular-SWUM201.book Page 965 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example configures a metric of 5 for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip dvmrp metric 5 show ip dvmrp Use the show ip dvmrp command in Privileged EXEC mode to display the system-wide information for DVMRP. Syntax show ip dvmrp Default Configuration This command has no default condition.
2CSPC4.XModular-SWUM201.book Page 966 Monday, October 3, 2011 2:21 PM DVMRP INTERFACE STATUS Interface Interface Mode Protocol State --------- -------------- -------------- show ip dvmrp interface Use the show ip dvmrp interface command in Privileged EXEC mode to display the interface information for DVMRP on the specified interface. Syntax show ip dvmrp interface vlan vlan-id • vlan-id — Valid VLAN ID. Default Configuration This command has no default condition.
2CSPC4.XModular-SWUM201.book Page 967 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the neighbor information for DVMRP. console(config)#show ip dvmrp neighbor No neighbors available.
2CSPC4.XModular-SWUM201.book Page 968 Monday, October 3, 2011 2:21 PM Example The following example displays the next hop information on outgoing interfaces for routing multicast datagrams. console(config)#show ip dvmrp nexthop Next Hop Source IP Source Mask Interface Type -------------- -------------- --------- ------ show ip dvmrp prune Use the show ip dvmrp prune command in Privileged EXEC mode to display the table that lists the router’s upstream prune information.
2CSPC4.XModular-SWUM201.book Page 969 Monday, October 3, 2011 2:21 PM show ip dvmrp route Use the show ip dvmrp route command in Privileged EXEC mode to display the multicast routing information for DVMRP. Syntax show ip dvmrp route Default Configuration This command has no default condition. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the multicast routing information for DVMRP.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 971 Monday, October 3, 2011 2:21 PM 44 GMRP Commands The GARP Multicast Registration Protocol provides a mechanism that allows networking devices to dynamically register (and de-register) Group membership information with the MAC networking devices attached to the same segment, and for that information to be disseminated across all networking devices in the bridged LAN that support Extended Filtering Services.
2CSPC4.XModular-SWUM201.book Page 972 Monday, October 3, 2011 2:21 PM The registration and de-registration of membership results in the multicast table being updated with a new entry or the existing entry modified. This ensures that the networking device receives multicast frames from all ports but forwards them through only those ports for which GMRP has created Group registration entry (for that multicast address).
2CSPC4.XModular-SWUM201.book Page 973 Monday, October 3, 2011 2:21 PM Example In this example, GMRP is globally enabled. console(config)#gmrp enable show gmrp configuration Use the show gmrp configuration command in Global Configuration mode and Interface Configuration mode to display GMRP configuration. Syntax show gmrp configuration Parameter Description This command does not require a parameter description. Default Configuration GMRP is disabled by default.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 975 Monday, October 3, 2011 2:21 PM IGMP Commands 45 Internet Group Management Protocol (IGMP) is the multicast group membership discovery protocol used for IPv4 multicast groups. Three versions of IGMP exist. Versions one and two are widely deployed. Since IGMP is used between end systems (often desktops) and the multicast router, the version of IGMP required depends on the end-user operating system being supported.
2CSPC4.XModular-SWUM201.book Page 976 Monday, October 3, 2011 2:21 PM IGMPv2 introduced a Leave Group message, which is sent by a host when it leaves a multicast group for which it was the last host to send an IGMP Report message. Receipt of this message causes the Querier possibly to reduce the remaining lifetime of its state for the group, and to send a groupspecific IGMP Query message to the multicast group.
2CSPC4.XModular-SWUM201.book Page 977 Monday, October 3, 2011 2:21 PM Syntax ip igmp no ip igmp Default Configuration Disabled is the default state. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables IGMP.
2CSPC4.XModular-SWUM201.book Page 978 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example sets 10 as the number of VLAN 2 Group-Specific Queries.
2CSPC4.XModular-SWUM201.book Page 979 Monday, October 3, 2011 2:21 PM Example The following example configures 2 seconds as the Maximum Response Time inserted in VLAN 15’s Group-Specific Queries. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp last-member-queryinterval 20 ip igmp query-interval Use the ip igmp query-interval command in Interface Configuration mode to configure the query interval for the specified interface.
2CSPC4.XModular-SWUM201.book Page 980 Monday, October 3, 2011 2:21 PM ip igmp query-max-response-time Use the ip igmp query-max-response-time command in Internet Configuration mode to configure the maximum response time interval for the specified interface. It is the maximum query response time advertised in IGMPv2 queries on this interface. The time interval is specified in seconds. Syntax ip igmp query-max-response-time seconds no ip igmp query-max-response-time • seconds — Maximum response time.
2CSPC4.XModular-SWUM201.book Page 981 Monday, October 3, 2011 2:21 PM Syntax ip igmp robustness robustness no ip igmp robustness • robustness — Robustness variable. (Range: 1-255) Default Configuration The default robustness value is 2. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example configures a robustness value of 10 for VLAN 15.
2CSPC4.XModular-SWUM201.book Page 982 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example sets for VLAN 15 the number of queries sent out on startup at 10.
2CSPC4.XModular-SWUM201.book Page 983 Monday, October 3, 2011 2:21 PM Example The following example sets at 10 seconds the interval between general queries sent at startup for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp startup-queryinterval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface. Syntax ip igmp version version • version — IGMP version.
2CSPC4.XModular-SWUM201.book Page 984 Monday, October 3, 2011 2:21 PM Syntax show ip igmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays system-wide IGMP information. console#show ip igmp IGMP Admin Mode............................. Enabled IGMP Router-Alert check.....................
2CSPC4.XModular-SWUM201.book Page 985 Monday, October 3, 2011 2:21 PM Syntax show ip igmp groups [interface-type interface-number] [detail] Syntax Description Parameter Description interface-type interface-number Interface type of VLAN and a valid VLAN ID. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines. Example The following example displays the registered multicast groups for VLAN 1.
2CSPC4.XModular-SWUM201.book Page 986 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description interface-type interface-number Interface type of VLAN and a valid VLAN ID. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines. Example The following example displays IGMP information for VLAN 11. console#show ip igmp vlan 11 Interface.....................................
2CSPC4.XModular-SWUM201.book Page 987 Monday, October 3, 2011 2:21 PM show ip igmp membership Use the show ip igmp membership command in Privileged EXEC mode to display the list of interfaces that have registered in the multicast group. If detail is specified, this command displays detailed information about the listed interfaces. Syntax show ip igmp membership [groupaddr] [detail] • groupaddr — Group IP address Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 988 Monday, October 3, 2011 2:21 PM • vlan-id — Valid VLAN ID Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines. Examples The following example displays the IGMP statistical information for VLAN 7. console#show ip igmp interface stats vlan 7 Querier Status............................... Querier Querier IP Address........................... 7.7.7.7 Querier Up Time (secs) ...
2CSPC4.XModular-SWUM201.book Page 989 Monday, October 3, 2011 2:21 PM Default Value The Router-Alert field is not required by default.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 991 Monday, October 3, 2011 2:21 PM IGMP Proxy Commands 46 IGMP Proxy is used by the router on IPv4 systems to enable the system to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP router interfaces, thus acting as proxy to all its hosts residing on its router interfaces. PowerConnect supports IGMP Version 3, Version 2 and Version 1.
2CSPC4.XModular-SWUM201.book Page 992 Monday, October 3, 2011 2:21 PM Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode User Guidelines This command has no user guidelines. Example The following example enables the IGMP Proxy on the VLAN 15 router.
2CSPC4.XModular-SWUM201.book Page 993 Monday, October 3, 2011 2:21 PM Example The following example resets the host interface status parameters of the IGMP Proxy router. console(config)#interface vlan 15 console(config-if-vlan15)#ip igmp-proxy reset-status ip igmp-proxy unsolicited-report-interval Use the ip igmp-proxy unsolicited-report-interval command in Interface Configuration mode to set the unsolicited report interval for the IGMP Proxy router.
2CSPC4.XModular-SWUM201.book Page 994 Monday, October 3, 2011 2:21 PM show ip igmp-proxy Use the show ip igmp-proxy command in Privileged EXEC mode to display a summary of the host interface status parameters. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 995 Monday, October 3, 2011 2:21 PM Proxy Start Frequency........................ 1 show ip igmp-proxy interface Use the show ip igmp-proxy interface command in Privileged EXEC mode to display a detailed list of the host interface status parameters. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy interface Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 996 Monday, October 3, 2011 2:21 PM show ip igmp-proxy groups Use the show ip igmp-proxy groups command in Privileged EXEC mode to display a table of information about multicast groups that IGMP Proxy reported. It displays status parameters only when IGMP Proxy is enabled. Syntax show ip igmp-proxy groups Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 997 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays complete information about multicast groups that IGMP Proxy has reported. console#show ip igmp-proxy groups detail Interface Index................................
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 999 Monday, October 3, 2011 2:21 PM 47 IP Helper/DHCP Relay Commands The IP Helper feature provides the ability for a router to forward configured UDP broadcast packets to a particular IP address. This allows applications to reach servers on non-local subnets. This is possible even when the application is designed to assume a server is always on a local subnet or when the application uses broadcast packets to reach the server (with the limited broadcast address 255.255.
2CSPC4.XModular-SWUM201.book Page 1000 Monday, October 3, 2011 2:21 PM Protocol UDP Port Number DNS 53 NetBIOS Name Server 137 NetBIOS Datagram Server 138 TACACS Server 49 Time Service 37 DHCP 67 Trivial File Transfer Protocol 69 Certain preexisting configurable DHCP relay options do not apply to relay of other protocols. These options are unchanged. The user may optionally set a DHCP maximum hop count or minimum wait time. The relay agent relays DHCP packets in both directions.
2CSPC4.XModular-SWUM201.book Page 1001 Monday, October 3, 2011 2:21 PM • The protocol field in the IP header must be UDP (17). • The destination UDP port must match a configured relay entry. DHCP relay cannot be enabled and disabled globally. IP helper can be enabled or disabled globally. Enabling IP helper enables DHCP relay.
2CSPC4.XModular-SWUM201.book Page 1002 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. Example The following example defines a maximum hopcount of 6. console(config)#bootpdhcprelay maxhopcount 6 bootpdhcprelay minwaittime Use the bootpdhcprelay minwaittime command in Global Configuration mode to configure the minimum wait time in seconds for BootP/DHCP Relay on the system.
2CSPC4.XModular-SWUM201.book Page 1003 Monday, October 3, 2011 2:21 PM Example The following example defines a minimum wait time of 10 seconds. console(config)#bootpdhcprelay minwaittime 10 clear ip helper statistics Use the clear ip helper statistics command to reset to 0 the statistics displayed in show ip helper statistics. Syntax clear ip helper statistics Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 1004 Monday, October 3, 2011 2:21 PM Parameter Description This command has no arguments or keywords. Default Configuration This is enabled by default for a DHCP relay agent. Command Mode Global Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. Interface configuration takes precedence over global configuration. However if there is no interface configuration then global configuration is followed. This check is enabled by default.
2CSPC4.XModular-SWUM201.book Page 1005 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description none (Optional) Disables the command function. Default Configuration This check is enabled by default. Command Mode Interface Configuration (VLAN) mode User Guidelines Enable DHCP Relay using the ip helper enable command. Use the global configuration command ip dhcp relay information option command to enable processing of DHCP circuit ID and remote agent ID options.
2CSPC4.XModular-SWUM201.book Page 1006 Monday, October 3, 2011 2:21 PM Default Configuration Disabled is the default configuration. Command Mode Global Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. Example The following example enables the circuit ID and remote agent ID options.
2CSPC4.XModular-SWUM201.book Page 1007 Monday, October 3, 2011 2:21 PM Command Mode Interface (VLAN) Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command. The interface configuration always takes precedence over global configuration. However, if there is no interface configuration, then global configuration is followed. Example The following example enables the circuit ID and remote agent ID options on vlan 10.
2CSPC4.XModular-SWUM201.book Page 1008 Monday, October 3, 2011 2:21 PM (port 53), isakmp (port 500), mobile-ip (port 434), nameserver (port 42), netbios-dgm (port 138), netbios-ns (port 137), ntp (port 123), pim-autorp (port 496), rip (port 520), tacacs (port 49), tftp (port 69), and time (port 37). Other ports must be specified by number. Default Configuration No helper addresses are configured. Command Mode Global Configuration mode.
2CSPC4.XModular-SWUM201.book Page 1009 Monday, October 3, 2011 2:21 PM ip helper-address (interface configuration) Use the ip helper-address (interface configuration) command to configure the relay of certain UDP broadcast packets received on a specific interface. To delete a relay entry on an interface, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1010 Monday, October 3, 2011 2:21 PM User Guidelines This command can be invoked multiple times on routing interface, either to specify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server. The command no ip helper-address with no arguments clears all helper addresses on the interface. Example To relay DHCP packets received on vlan 5 to two DHCP servers, 192.168.10.1 and 192.168.20.
2CSPC4.XModular-SWUM201.book Page 1011 Monday, October 3, 2011 2:21 PM and DNS packets received on vlan 5 to 192.168.40.2, relays SNMP traps (port 162) received on interface vlan 6 to 192.168.23.1, and drops DHCP packets received on vlan 6: console#config console(config)#ip helper-address 192.168.40.1 dhcp console(config)#interface vlan 5 console(config-if-vlan5)#ip helper-address 192.168.40.2 dhcp console(config-if-vlan5)#ip helper-address 192.168.40.
2CSPC4.XModular-SWUM201.book Page 1012 Monday, October 3, 2011 2:21 PM User Guidelines This command can be used to temporarily disable IP helper without deleting all IP helper addresses. This command replaces the bootpdhcprelay enable command, but affects not only relay of DHCP packets, but also relay of any other protocols for which an IP helper address has been configured.
2CSPC4.XModular-SWUM201.book Page 1013 Monday, October 3, 2011 2:21 PM UDP Port The relay configuration is applied to packets whose destination UDP port is this port. Entries whose UDP port is identified as “any” are applied to packets with the destination UDP ports listed in Table 47-1. Discard If “Yes”, packets arriving on the given interface with the given destination UDP port are discarded rather than relayed.
2CSPC4.XModular-SWUM201.book Page 1014 Monday, October 3, 2011 2:21 PM Default Configuration The command has no default configuration. Command Mode User EXEC and Privileged EXEC modes User Guidelines This command has no user guidelines. Example The following example defines the Boot/DHCP Relay information. console#show ip dhcp relay Maximum Hop Count.............................. 4 Minimum Wait Time(Seconds)..................... 0 Circuit Id Option Mode.......................
2CSPC4.XModular-SWUM201.book Page 1015 Monday, October 3, 2011 2:21 PM User Guidelines Field Description DHCP client messages received The number of valid messages received from a DHCP client. The count is only incremented if IP helper is enabled globally, the ingress routing interface is up, and the packet passes a number of validity checks, such as having a TTL > 1 and having valid source and destination IP addresses.
2CSPC4.XModular-SWUM201.book Page 1016 Monday, October 3, 2011 2:21 PM Packets with expired TTL The number of packets received with TTL of 0 or 1 that might otherwise have been relayed. Packets that The number of packets ignored by the relay agent because they matched a discard match a discard relay entry. entry Example console#show ip helper statistics DHCP client messages received.................. 8 DHCP client messages relayed................... 2 DHCP server messages received..................
2CSPC4.XModular-SWUM201.book Page 1017 Monday, October 3, 2011 2:21 PM 48 IP Routing Commands The Routing Module provides the base Layer 3 support for Local Area Network (LAN) and Wide Area Network (WAN) environments. The PowerConnect switches allows the network operator to build a complete Layer 3+ configuration with advanced functionality. As the PowerConnect defaults to Layer 2 switching functionality, routing must be explicitly enabled on the PowerConnect to perform Layer 3 forwarding.
2CSPC4.XModular-SWUM201.book Page 1018 Monday, October 3, 2011 2:21 PM The addition of a preference option has a side benefit. The preference option allows the operator to control the preference of individual static routes relative to routes learned from other sources (such as OSPF). When routes from different sources have the same preference, PowerConnect routing prefers a static route over a dynamic route.
2CSPC4.XModular-SWUM201.book Page 1019 Monday, October 3, 2011 2:21 PM encapsulation Use the encapsulation command in Interface Configuration (VLAN) mode to configure the Link Layer encapsulation type for the packet. Routed frames are always ethernet-encapsulated when a frame is routed to a VLAN. Syntax encapsulation {ethernet | snap} • ethernet — Specifies Ethernet encapsulation. • snap — Specifies SNAP encapsulation. Default Configuration Ethernet encapsulation is the default configuration.
2CSPC4.XModular-SWUM201.book Page 1020 Monday, October 3, 2011 2:21 PM Syntax ip address ip-address {subnet-mask | prefix-length} [ secondary ] no ip address ip-address {subnet-mask | prefix-length} [ secondary ] • ip-address — IP address of the interface. • subnet-mask — Subnet mask of the interface • prefix-length — Length of the prefix. Must be preceded by a forward slash (/). (Range: 1-30 bits) • secondary — Indicates the IP address is a secondary address.
2CSPC4.XModular-SWUM201.book Page 1021 Monday, October 3, 2011 2:21 PM ip mtu Use the ip mtu command in Interface Configuration mode to set the IP Maximum Transmission Unit (MTU) on a routing interface. The IP MTU is the size of the largest IP packet that can be transmitted on the interface without fragmentation. Packets forwarded in hardware ignore the IP MTU. Packets forwarded in software are dropped if they exceed the IP MTU of the outgoing interface.
2CSPC4.XModular-SWUM201.book Page 1022 Monday, October 3, 2011 2:21 PM Example The following example defines 1480 as the MTU for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip mtu 1480 ip netdirbcast Use the ip netdirbcast command in Interface Configuration mode to enable the forwarding of network-directed broadcasts. When enabled, network directed broadcasts are forwarded. When disabled they are dropped. Use the no form of the command to disable the broadcasts.
2CSPC4.XModular-SWUM201.book Page 1023 Monday, October 3, 2011 2:21 PM ip route Use the ip route command in Global Configuration mode to configure a static route. Use the no form of the command to delete the static route. The IP route command sets a value for the route preference. Among routes to the same destination, the route with the lowest preference value is the route entered into the forwarding database.
2CSPC4.XModular-SWUM201.book Page 1024 Monday, October 3, 2011 2:21 PM Example The following example identifies the ip-address subnet-mask, next-hop-ip and a preference value of 200. console(config)#ip route 192.168.10.10 255.255.255.0 192.168.20.1 metric 200 ip route default Use the ip route default command in Global Configuration mode to configure the next hop address of the default route. Use the no form of the command to delete the default route.
2CSPC4.XModular-SWUM201.book Page 1025 Monday, October 3, 2011 2:21 PM Using this command, the administrator may manually configure a single, global default gateway. The switch installs a default route for a configured default gateway with a preference of 253, making it more preferred than the default gateways learned via DHCP, but less preferred than a static default route. The preference of these routes is not configurable.
2CSPC4.XModular-SWUM201.book Page 1026 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route. Example The following example sets the default route metric to 80. console(config)#ip route distance 80 ip routing To globally enable IPv4 routing on the router, use the "ip routing" command in Global Configuration mode. To disable IPv4 routing globally, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1027 Monday, October 3, 2011 2:21 PM routing Use the routing command in Interface Configuration mode to enable IPv4 and IPv6 routing for an interface. View the current value for this function with the show ip brief command. The value is labeled Routing Mode in the output display. Use the no form of the command to disable routing for an interface. Syntax routing no routing Default Configuration Disabled is the default configuration.
2CSPC4.XModular-SWUM201.book Page 1028 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays IP summary information. console#show ip brief Default Time to Live....................... 30 Routing Mode............................... Disabled IP Forwarding Mode......................... Enabled Maximum Next Hops..........................
2CSPC4.XModular-SWUM201.book Page 1029 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines The Method field contains one of the following values. Field Description DHCP The address is leased from a DHCP server. Manual The address is manually configured. ds The following examples display all IP information and information specific to VLAN 2. console#show ip interface Default Gateway............
2CSPC4.XModular-SWUM201.book Page 1030 Monday, October 3, 2011 2:21 PM The Method field is also added to the long form. console#show ip interface vlan2 Routing Interface Status......... Up Primary IP Address.........192.168.75.1/255.255.255.0 Method........................... DHCP Routing Mode..................... Enable Administrative Mode.............. Enable Forward Net Directed Broadcasts.... Disable Proxy ARP.......................... Enable Local Proxy ARP.................... Disable Active State...
2CSPC4.XModular-SWUM201.book Page 1031 Monday, October 3, 2011 2:21 PM Burned In MAC Address............... 001E.C9AA.AD1C show ip protocols Use the show ip protocols command in User EXEC or Privileged EXEC mode to display the parameters and current state of the active routing protocols. Syntax show ip protocols Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1032 Monday, October 3, 2011 2:21 PM -------- --------- ----------- ---------176.1.1.1 1 1 flowers 176.2.1.1 passive 2 Routing Information Sources: Gateway Last Update 176.1.1.2 0:00:17 Preference: 60 Routing Protocol is "ospf" Redistributing: OSPF, External direct, Static, RIP Interfaces: Interface Metric Key-chain -------- --------- ----------- ---------176.1.1.1 10 flowers 176.2.1.1 1 Routing Information Sources: Gateway State 176.1.1.
2CSPC4.XModular-SWUM201.book Page 1033 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description ip-address Specifies the network for which the route is to be displayed and displays the best matching best-route for the address. mask Subnet mask of the IP address. prefix-length Length of prefix, in bits. Must be preceded with a forward slash (/). (Range: 0-32 bits.
2CSPC4.XModular-SWUM201.book Page 1034 Monday, October 3, 2011 2:21 PM S 0.0.0.0/0 [254/0] via 10.1.20.1 C 10.1.20.0/24 [0/1] directly connected, Vl2 C 4.4.0.0/16 [0/1] directly connected, Lo1 C 20.1.20.0/24 [0/1] directly connected, Vl4 show ip route configured Use the show ip route configured command in Privileged EXEC mode to display the configured routes, whether they are reachable or not. Syntax show ip route configured Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1035 Monday, October 3, 2011 2:21 PM Default Gateway is not configured S 10.0.0.0/8 [1/0] via 1.2.3.5 show ip route preferences Use the show ip route preferences command in Privileged EXEC mode displays detailed information about the route preferences. Route preferences are used in determining the best route. Lower router preference values are preferred over higher router preference values.
2CSPC4.XModular-SWUM201.book Page 1036 Monday, October 3, 2011 2:21 PM Local.......................................... 0 Static......................................... 1 OSPF Intra..................................... 110 OSPF Inter..................................... 110 OSPF External.................................. 110 RIP............................................ 120 Configured Default Gateway..................... 253 DHCP Default Gateway...........................
2CSPC4.XModular-SWUM201.book Page 1037 Monday, October 3, 2011 2:21 PM Example The following example displays the IP route summary. console#show ip route summary Connected Routes............................... 0 Static Routes.................................. 0 RIP Routes..................................... 0 OSPF Routes.................................... 0 Intra Area Routes.............................. 0 Inter Area Routes.............................. 0 External Type-1 Routes.........................
2CSPC4.XModular-SWUM201.book Page 1038 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays IP route preferences. console>show ip traffic IpInReceives................................... 24002 IpInHdrErrors.................................. 1 IpInAddrErrors................................. 925 IpForwDatagrams................................ 0 IpInUnknownProtos.............................. 0 IpInDiscards.................................
2CSPC4.XModular-SWUM201.book Page 1039 Monday, October 3, 2011 2:21 PM IcmpInTimeExcds................................ 0 IcmpInParmProbs................................ 0 IcmpInSrcQuenchs............................... 0 IcmpInRedirects................................ 0 IcmpInEchos.................................... 3 IcmpInEchoReps................................. 0 IcmpInTimestamps............................... 0 IcmpInTimestampReps............................ 0 IcmpInAddrMasks.........................
2CSPC4.XModular-SWUM201.book Page 1040 Monday, October 3, 2011 2:21 PM Syntax show ip vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays VLAN routing information. console#show ip vlan MAC Address used by Routing VLANs: 00:00:00:01:00:02 VLAN ID IP Address Subnet Mask ------- --------------- --------------10 0.0.0.0 0.0.0.0 20 0.0.0.0 0.0.0.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1042 Monday, October 3, 2011 2:21 PM Example console(if-vlan-10)#ipv6 pim ipv6 pim sparse (Global config) Use the ipv6 pim sparse command to administratively configure PIM sparse mode for multicast routing. Use the no form of this command to disable PIM sparse mode. Syntax ipv6 pim sparse no ipv6 pim sparse Default Configuration IPv6 PIM is disabled by default.
2CSPC4.XModular-SWUM201.book Page 1043 Monday, October 3, 2011 2:21 PM Default Configuration PIM is disabled by default. Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router. Example console(config)#ipv6 pim dense ipv6 pim bsr-border Use the ipv6 pim bsr-border command to administratively disable bootstrap router (BSR) messages from being sent or received through an interface.
2CSPC4.XModular-SWUM201.book Page 1044 Monday, October 3, 2011 2:21 PM ipv6 pim bsr-candidate Use the ipv6 pim bsr-candidate command to configure the router to advertise itself as a bootstrap router (BSR). Use the no form of this command to return to the default configuration.
2CSPC4.XModular-SWUM201.book Page 1045 Monday, October 3, 2011 2:21 PM Example console(config)#ipv6 pim bsr-candidate vlan 10 16 0 interval 30 ipv6 pim dr-priority Use the ipv6 pim dr-priority command to administratively configure the advertised designated router (DR) priority. Use the no form of this command to return the configuration to the default.
2CSPC4.XModular-SWUM201.book Page 1046 Monday, October 3, 2011 2:21 PM ipv6 pim hello-interval Use the ipv6 pim hello-interval command to administratively configure the frequency of PIM Hello messages for the specified interface. Use the no form of this command to return the configuration to the default. Syntax ipv6 pim hello-interval interval no ipv6 pim hello-interval Parameter Description Parameter Description interval The number of seconds between successive hello transmissions. Range 0-18000.
2CSPC4.XModular-SWUM201.book Page 1047 Monday, October 3, 2011 2:21 PM no ipv6 pim join-prune-interval Parameter Description Parameter Description interval The number of seconds between successive join-prune transmissions. Range 0-18000 seconds. Default 60 seconds. Default Configuration The join/prune interval defaults to 60 seconds. Command Mode Interface (VLAN) Configuration mode User Guidelines This command only has an effect if sparse mode is enabled.
2CSPC4.XModular-SWUM201.book Page 1048 Monday, October 3, 2011 2:21 PM Default Configuration The default threshold is 0. This indicates that the register limit is infinite. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pim register-rate-limit 10 ipv6 pim rp-address Use the ipv6 pim rp-address command to define the address of a PIM Rendezvous Point (RP) for a specific multicast group range.
2CSPC4.XModular-SWUM201.book Page 1049 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pim rp-address 2001:db8:85a3:0:0:8a2e:370:7334 ffe8::0 /16 override ipv6 pim rp-candidate Use the ipv6 pim rp-candidate command to configure the router to advertise itself to the bootstrap router (BSR) as a PIM candidate Rendezvous Point (RP) for a specific multicast group range.
2CSPC4.XModular-SWUM201.book Page 1050 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example Console(config)# ipv6 pim rp-candidate vlan 10 239.1.0.0 255.255.0.0 interval 30 ipv6 pim spt-threshold Use the ipv6 pim spt-threshold command to set the multicast traffic threshold rate for the last-hop router to switch to the shortest path on the router.
2CSPC4.XModular-SWUM201.book Page 1051 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pim spt-threshold 1000 ipv6 pim ssm Use the ipv6 pim ssm command to administratively configure PIM Source Specific Multicast (SSM) range of addresses for IPv6 multicast routing. Use the no form of this command to removed configured ranges of addresses from the router.
2CSPC4.XModular-SWUM201.book Page 1052 Monday, October 3, 2011 2:21 PM Example console(config)#ipv6 pim ssm ffe8::01::00:00:00 /96 show ipv6 pimsm Use the show ipv6 pimsm command to display global status of IPv6 PIMSM and its IPv6 routing interfaces. Syntax show ipv6 pimsm Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show ipv6 pimsm Admin Mode.................
2CSPC4.XModular-SWUM201.book Page 1053 Monday, October 3, 2011 2:21 PM FF1E::/64 PIM-SM INTERFACE STATUS Interface Interface-Mode Operational-Status --------- -------------- ---------------- vlan 3 Enabled Operational vlan 6 Enabled Operational vlan 9 Enabled Operational show ipv6 pim bsr-router Use the show ipv6 pim bsr-router command to display the bootstrap router (BSR) information. Syntax show ipv6 pimsm bsr Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 1054 Monday, October 3, 2011 2:21 PM Field Description Next Bootstrap Message Remaining time until a BSR message is sent Next Candidate RP Time remaining until the next RP advertisement is sent. Advertisement Example console#show ipv6 pim bsr-router candidate BSR Address...................... 2001:0db8:0:badc::1 BSR Priority.............................. 0 BSR Hash Mask Length...................... 32 C-BSR Advertisement Interval (secs).......
2CSPC4.XModular-SWUM201.book Page 1055 Monday, October 3, 2011 2:21 PM Command Mode User EXEC, Privileged EXEC modes User Guidelines There are no user guidelines for this command. Field descriptions are shown in the table below.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1057 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Field descriptions are shown in the table below.
2CSPC4.XModular-SWUM201.book Page 1058 Monday, October 3, 2011 2:21 PM show ipv6 pim rp hash Use the show ipv6 pim rp hash command to display the rendezvous point (RP) selected for the specified group address. Syntax show ipv6 pim rp hash {group-address} Parameter Description Parameter Description group-address A valid group IP address supported by RP. Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 1059 Monday, October 3, 2011 2:21 PM If no RP Group mapping exist on the router, the following message is displayed: No RP-Group mappings exist/learnt on this router. show ipv6 pim rp mapping Use the show ipv6 pim rp mapping command to display the mappings for the PIM group to the active Rendezvous Points (RPs).
2CSPC4.XModular-SWUM201.book Page 1060 Monday, October 3, 2011 2:21 PM RP Address..................................................... 2001:db8:85a3:0:0:8a2e:370:7334 Group Address............................................ ff1e:abcd:def1::0 Group Mask................................................ /24 Origin......................................................... BSR C-RP Advertisement Interval (secs)......... 60 Next Candidate RP Advertisement (hh:mm:ss)...
2CSPC4.XModular-SWUM201.book Page 1061 Monday, October 3, 2011 2:21 PM IPv6 Routing Commands 50 The IPv6 version of the routing table manager provides a repository for IPv6 routes learned by dynamic routing protocols or static configuration. RTO6 manages dynamic and static IPv6 routes, redistributes routes to registered protocols, supports ECMP routes, and supports multiple routes to the same destination, sorted by preference. IPv6 routing only operates over VLAN interfaces.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1063 Monday, October 3, 2011 2:21 PM clear ipv6 neighbors Use the clear ipv6 neighbors command in Privileged EXEC mode to clear all entries in the IPv6 neighbor table or an entry on a specific interface. Syntax clear ipv6 neighbors [vlan vlan-id ] • vlan-id — Valid VLAN ID. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1064 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example clears IPv6 statistics for VLAN 11.
2CSPC4.XModular-SWUM201.book Page 1065 Monday, October 3, 2011 2:21 PM • prefix — Consists of the bits of the address to be configured. • prefix-length — Designates how many of the high-order contiguous bits of the address make up the prefix. • eui64 — The optional eui-64 field designates that IPv6 processing on the interfaces is enabled using an EUI-64 interface ID in the low order 64 bits of the address. If this option is used, the value of prefix_length must be 64 bits.
2CSPC4.XModular-SWUM201.book Page 1066 Monday, October 3, 2011 2:21 PM Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines This command has no user guidelines. Example The following example enables IPv6 routing, which has not been configured with an explicit IPv6 address.
2CSPC4.XModular-SWUM201.book Page 1067 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration ipv6 host The ipv6 host command is used to define static host name-to- ipv6 address mapping in the host cache. Syntax ipv6 host name ipv6-address no ipv6 host name • name — Host name. • ipv6-address — IPv6 address of the host. Default Configuration No IPv6 hosts are defined. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1068 Monday, October 3, 2011 2:21 PM no ipv6 mld last-member-query-count • last-member-query-count — Query count (Range: 1–20). Default Configuration The default last member query count is 2. Command Mode Interface Configuration (VLAN) mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1069 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld last-member-queryinterval 5000 ipv6 mld-proxy Use the ipv6 mld-proxy command to enable MLD Proxy on the router. To enable MLD Proxy on the router, you must also enable multicast forwarding. Also, ensure that there are no other multicast routing protocols enabled on the router. Use the “no” form of this command to disable MLD Proxy.
2CSPC4.XModular-SWUM201.book Page 1070 Monday, October 3, 2011 2:21 PM Syntax ipv6 mld-proxy reset-status Command Mode Interface Configuration (VLAN) mode. Default Configuration There is no default configuration for this command. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1071 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines Example console(config-if-vlan3)#ipv6 mld-proxy unsolicitrprt-interval 10 ipv6 mld query-interval The ipv6 mld query-interval command sets the MLD router's query interval for the interface. The query-interval is the amount of time between the general queries sent when the router is querying on that interface. Use the “no” form of this command to set the query interval to the default.
2CSPC4.XModular-SWUM201.book Page 1072 Monday, October 3, 2011 2:21 PM ipv6 mld query-max-response-time The ipv6 mld query-max-response-time command sets MLD query maximum response time for the interface. This value is used in assigning the maximum response time in the query messages that are sent on that interface. Use the “no” form of this command to set the maximum query response time to the default.
2CSPC4.XModular-SWUM201.book Page 1073 Monday, October 3, 2011 2:21 PM no ipv6 mld router Default Configuration MLD is disabled by default. Command Mode Global Configuration mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 mld router ipv6 mtu Use the ipv6 mtu command in Interface Configuration mode to set the maximum transmission unit (MTU) size, in bytes, of IPv6 packets on an interface.
2CSPC4.XModular-SWUM201.book Page 1074 Monday, October 3, 2011 2:21 PM Default Configuration The default MTU is 1500. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets the maximum transmission unit (MTU) size, in bytes, of IPv6 packets.
2CSPC4.XModular-SWUM201.book Page 1075 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example sets at 10 the number of duplicate address detection probes transmitted while doing neighbor discovery.
2CSPC4.XModular-SWUM201.book Page 1076 Monday, October 3, 2011 2:21 PM Example In the following example, the end node uses DHCPv6. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd managed-config-flag ipv6 nd ns-interval Use the ipv6 nd ns-interval command in Interface Configuration mode to set the interval between router advertisements for advertised neighbor solicitations. An advertised value of 0 means the interval is unspecified.
2CSPC4.XModular-SWUM201.book Page 1077 Monday, October 3, 2011 2:21 PM ipv6 nd other-config-flag Use the ipv6 nd other-config-flag command in Interface Configuration mode to set the “other stateful configuration” flag in router advertisements sent from the interface. Syntax ipv6 nd other-config-flag no ipv6 nd other-config-flag Default Configuration False is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1078 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description ipv6-prefix IPv6 prefix. prefix-length IPv6 prefix length. valid-lifetime Valid lifetime of the router in seconds. (Range: 0–4294967295 seconds.) infinite Indicates lifetime value is infinite. preferred-lifetime Preferred-lifetime of the router in seconds. (Range: 0–4294967295 seconds.) no-autoconfig Do not use Prefix for autoconfiguration.
2CSPC4.XModular-SWUM201.book Page 1079 Monday, October 3, 2011 2:21 PM Example The following example sets the IPv6 prefixes to include in the router advertisement. console(config)#interface vlan 11 console(config-if-vlan11)#ipv6 nd prefix 2020:1::1/64 ipv6 nd ra-interval Use the ipv6 nd ra-interval command in Interface Configuration mode to set the transmission interval between router advertisements.
2CSPC4.XModular-SWUM201.book Page 1080 Monday, October 3, 2011 2:21 PM ipv6 nd ra-lifetime Use the ipv6 nd ra-lifetime command in Interface Configuration mode to set the value that is placed in the Router Lifetime field of the router advertisements sent from the interface. Syntax ipv6 nd ra-lifetime seconds no ipv6 nd ra-lifetime • seconds — Lifetime duration. The value must be zero, or it must be an integer between the value of the router advertisement transmission interval and 9000 seconds.
2CSPC4.XModular-SWUM201.book Page 1081 Monday, October 3, 2011 2:21 PM Syntax ipv6 nd reachable-time milliseconds no ipv6 nd reachable-time • milliseconds — Reachable-time duration. A value of zero means the time is unspecified by the router. (Range: 0-3600000 milliseconds) Default Configuration The default value for neighbor discovery reachable times is 0 milliseconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1082 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example suppresses router advertisement transmission. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 nd suppress-ra ipv6 route Use the ipv6 route command in Global Configuration mode to configure an IPv6 static route.
2CSPC4.XModular-SWUM201.book Page 1083 Monday, October 3, 2011 2:21 PM Parameter Description prefix-length The length of the IPv6 prefix — a decimal value (usually 0-64) that shows how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must separate the prefix from the prefixlength with no spaces on either side of the slash mark.
2CSPC4.XModular-SWUM201.book Page 1084 Monday, October 3, 2011 2:21 PM the distance of existing static routes, even if they were assigned the original default distance. The new default distance is applied to static routes created after invoking the ipv6 route distance command. Syntax ipv6 route distance integer no ipv6 route distance integer • integer — Specifies the distance (preference) of an individual static route. (Range 1-255) Default Configuration Default value of integer is 1.
2CSPC4.XModular-SWUM201.book Page 1085 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example globally enables Ipv6 unicast datagram forwarding. console(config)#ipv6 unicast-routing console(config)#no ipv6 unicast-routing ping ipv6 Use ping ipv6 command in Privileged EXEC mode to determine whether another computer is on the network. To use the command, configure the switch for network (in-band) connection.
2CSPC4.XModular-SWUM201.book Page 1086 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example determines whether another computer is on the network at the IPv6 address specified. console#ping ipv6 2030:1::1/64 Send count=3, Receive count=0 from 2030:1::1/64 Average round trip time = 0.
2CSPC4.XModular-SWUM201.book Page 1087 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example determines whether another computer is on the network at the IPv6 address specified. console(config)#ping ipv6 interface loopback 1 FE80::202:BCFF:FE00:3068/128 Send count=3, Receive count=0 from FE80::202:BCFF:FE00:3068/128 Average round trip time = 0.
2CSPC4.XModular-SWUM201.book Page 1088 Monday, October 3, 2011 2:21 PM Example The following example displays the IPv6 status of forwarding mode and IPv6 unicast routing mode. console#show ipv6 brief IPv6 Unicast Routing Mode.................... Enable IPv6 Hop Limit............................... Unconfigured ICMPv6 Rate Limit Error Interval............. 1000 msec ICMPv6 Rate Limit Burst Size.................
2CSPC4.XModular-SWUM201.book Page 1089 Monday, October 3, 2011 2:21 PM User Guidelines The Method field contains one of the following values. Field Description Auto The IPv6 address is automatically generated using IPv6 auto address configuration (RFC 2462). Config The IPv6 address is manually configured. DHCP The IPv6 address is leased from a DHCP server.
2CSPC4.XModular-SWUM201.book Page 1090 Monday, October 3, 2011 2:21 PM The following example displays the long form of the command, and indicates whether address autoconfiguration or DHCP client are enabled on the interface. When the interface acts as a host interface, the output also shows the default gateway on the interface, if one exists. console#show ipv6 interface vlan2 IPv6 is enabled IPv6 Prefix is ................................
2CSPC4.XModular-SWUM201.book Page 1091 Monday, October 3, 2011 2:21 PM Syntax show ipv6 interface management statistics Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#show ipv6 interface management statistics DHCPv6 Client Statistics ------------------------DHCPv6 Advertisement Packets Received..........
2CSPC4.XModular-SWUM201.book Page 1092 Monday, October 3, 2011 2:21 PM DHCPv6 Release Packets Transmitted............. 0 Total DHCPv6 Packets Transmitted............... 0 show ipv6 mld groups The show ipv6 mld groups command is used to display information about multicast groups that MLD reported. The information is displayed only when MLD is enabled on at least one interface. If MLD was not enabled on any interfaces, there is no group information to be displayed.
2CSPC4.XModular-SWUM201.book Page 1093 Monday, October 3, 2011 2:21 PM Expiry Time Time left in seconds before the entry is removed from the MLD membership table. If vlan vlan-id is not specified, the following fields are displayed for each multicast group and each interface: Field Description Group Address The address of the multicast group. Interface Interface through which the multicast group is reachable. Uptime Time elapsed in seconds since the multicast group has been known.
2CSPC4.XModular-SWUM201.book Page 1094 Monday, October 3, 2011 2:21 PM Interface..................................... vlan 6 Group Address................................ FF1E::5 Last Reporter................... FE80::200:FF:FE00:22 Up Time (hh:mm:ss).......................... 00:03:43 Expiry Time (hh:mm:ss)......................... ----Filter Mode..........................................Include Version1 Host Timer............................ ----Group compat mode..............................
2CSPC4.XModular-SWUM201.book Page 1095 Monday, October 3, 2011 2:21 PM Group Address................................ FF1E::3 Interface..................................... vlan 6 Up Time (hh:mm:ss).......................... 00:04:23 Expiry Time (hh:mm:ss)........................ ------ Group Address................................ FF1E::4 Interface..................................... vlan 6 Up Time (hh:mm:ss).......................... 00:04:23 Expiry Time (hh:mm:ss)........................
2CSPC4.XModular-SWUM201.book Page 1096 Monday, October 3, 2011 2:21 PM MLD Global Admin Mode This field displays the configured global administrative status of MLD. MLD Interface Admin Mode This field displays the configured interface administrative status of MLD. MLD Operational The operational status of MLD on the interface. Mode MLD Version This field indicates the version of MLD configured on the interface. Query Interval This field indicates the configured query interval for the interface.
2CSPC4.XModular-SWUM201.book Page 1097 Monday, October 3, 2011 2:21 PM Querier Expiry Time Time left in seconds before the Querier losses its title as querier. Wrong Version Queries Indicates the number of queries received whose MLD version does not match the MLD version of the interface. Number of Joins The number of times a group membership has been added on this interface. Number of Leaves The number of times a group membership has been removed on this interface.
2CSPC4.XModular-SWUM201.book Page 1098 Monday, October 3, 2011 2:21 PM Syntax show ipv6 mld-proxy Command Mode Privileged EXEC mode Default Configuration There is no default configuration for this command. User Guidelines The command displays the following parameters only when you enable MLD Proxy: Field Description Interface Index The interface number of the MLD Proxy interface. Admin Mode Indicates whether MLD Proxy is enabled or disabled. This is a configured value.
2CSPC4.XModular-SWUM201.book Page 1099 Monday, October 3, 2011 2:21 PM Interface Index.............................. vlan 10 Admin Mode................................... Enabled Operational Mode............................. Enabled Version...................................... 3 Num of Multicast Groups...................... 0 Unsolicited Report Interval.............. 1 Querier IP Address on Proxy Interface..... fe80::1:2:5 Older Version 1 Querier Timeout.......... 00:00:00 Proxy Start Frequency...........
2CSPC4.XModular-SWUM201.book Page 1100 Monday, October 3, 2011 2:21 PM Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD-Proxy interface (upstream interface). Up Time (in secs) The time elapsed in seconds since last created. Member State Possible values are: • Idle_Member—The interface has responded to the latest group membership query for this group.
2CSPC4.XModular-SWUM201.book Page 1101 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC User Guidelines The following parameters are displayed by this command: Field Description Interface The interface number of the MLD-Proxy. Group Address The IP address of the multicast group. Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface (upstream interface).
2CSPC4.XModular-SWUM201.book Page 1102 Monday, October 3, 2011 2:21 PM Group Source List Expiry Time ------------------ --------------- 2001::1 00:02:40 2001::2 -------- FF1E::2 FE80::100:2.3 Group Source List 243 DELAY_MEMBER Include 1 Expiry Time ------------------ --------------- 3001::1 00:03:32 3002::2 00:03:32 FF1E::3 FE80::100:2.3 328 DELAY_MEMBER Exclude 0 FF1E::4 FE80::100:2.
2CSPC4.XModular-SWUM201.book Page 1103 Monday, October 3, 2011 2:21 PM Parameter Description Interface The MLD Proxy interface. The column headings of the table associated with the interface are as follows: Parameter Description Ver The MLD version. Query Rcvd Number of MLD queries received. Report Rcvd Number of MLD reports received. Report Sent Number of MLD reports sent. Leaves Rcvd Number of MLD leaves received. Valid for version 2 only.
2CSPC4.XModular-SWUM201.book Page 1104 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines The following fields are displayed: Field Description Valid MLD Packets Received The number of valid MLD packets received by the router. Valid MLD Packets Sent The number of valid MLD packets sent by the router. Queries Received The number of valid MLD queries received by the router. Queries Sent The number of valid MLD queries sent by the router.
2CSPC4.XModular-SWUM201.book Page 1105 Monday, October 3, 2011 2:21 PM Reports Sent................................... 0 Leaves Received................................ 0 Leaves Sent.................................... 0 show ipv6 neighbors Use the show ipv6 neighbors command in Privileged EXEC mode to display information about the IPv6 neighbors. Syntax show ipv6 neighbors Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1106 Monday, October 3, 2011 2:21 PM show ipv6 route Use the show ipv6 route command in User EXEC or Privileged EXEC mode to display the IPv6 routing table. The output of the command also displays the IPv6 address of the default gateway and the default route associated with the gateway.
2CSPC4.XModular-SWUM201.book Page 1107 Monday, October 3, 2011 2:21 PM Example The following example displays the IPv6 address of the default gateway and the default route associated with the gateway. console(config)#show ipv6 route IPv6 Routing Table - 0 entries Route Codes: C - connected, S - static O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF Ext 1, OE2 - OSPF Ext 2 ON1 - OSPF NSSA Ext Type 1, ON2 - OSPF NSSA Ext Type 2 Default gateway is 10.1.20.1 S 0.0.0.0/0 [254/0] via 10.1.20.1 C 10.1.20.
2CSPC4.XModular-SWUM201.book Page 1108 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example shows the preference value associated with the type of route. console#show ipv6 route preferences Local.......................................... 0 Static......................................... 1 OSPF Intra-area routes......................... 110 OSPF Inter-area routes......................... 110 OSPF External routes...........................
2CSPC4.XModular-SWUM201.book Page 1109 Monday, October 3, 2011 2:21 PM Example The following example displays a summary of the routing table. console#show ipv6 route summary IPv6 Routing Table Summary - 0 entries Connected Routes............................. 0 Static Routes................................ 0 OSPF Routes.................................. 0 Intra Area Routes............................ 0 Inter Area Routes............................ 0 External Type-1 Routes.......................
2CSPC4.XModular-SWUM201.book Page 1110 Monday, October 3, 2011 2:21 PM Command Mode User EXEC mode User Guidelines This command has no user guidelines. Examples The following examples show traffic and statistics for IPv6 and ICMPv6, first for all interfaces and an individual VLAN. console> show ipv6 traffic IPv6 STATISTICS Total Datagrams Received........................................... 0 Received Datagrams Locally Delivered..........................................
2CSPC4.XModular-SWUM201.book Page 1111 Monday, October 3, 2011 2:21 PM Datagrams Failed To Fragment....................... 0 Fragments Created.................................. 0 Multicast Datagrams Received....................... 0 Multicast Datagrams Transmitted.................... 0 console> show ipv6 traffic vlan 11 Interface ........................................ 11 IPv6 STATISTICS Total Datagrams Received........................... 0 Received Datagrams Locally Delivered...............
2CSPC4.XModular-SWUM201.book Page 1112 Monday, October 3, 2011 2:21 PM Multicast Datagrams Received....................... 0 Multicast Datagrams Transmitted.................... 0 show ipv6 vlan Use the show ipv6 vlan command in Privileged EXEC mode to display IPv6 VLAN routing interface addresses. Syntax show ipv6 vlan Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1113 Monday, October 3, 2011 2:21 PM Syntax traceroute ipv6 {ip-address | hostname} [port] • ipv6-address — Destination IPv6 address. • hostname — Hostname to ping (contact). (Range: 1–158 characters). The command allows spaces in the host name when specified in double quotes. For example, console(config)#traceroute "host name" • port — UDP port used as the destination of packets sent as part of the traceroute.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1115 Monday, October 3, 2011 2:21 PM 51 Loopback Interface Commands PowerConnect provides for the creation, deletion, and management of loopback interfaces. They are dynamic interfaces that are created and deleted by user configuration. A loopback interface is always expected to be up. As such, it provides a means to configure a stable IP address on the device which may be referred to by other switches in the network.
2CSPC4.XModular-SWUM201.book Page 1116 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example enters the Interface Loopback 1 configuration mode. console(config)#interface loopback 1 console(config-if-loopback0)#ip address 192.168.22.1 255.255.255.255 console(config-if-loopback0)#exit console(config)#ex console#ping 192.168.22.1 Pinging 192.168.22.1 with 0 bytes of data: Reply From 192.168.22.1: icmp_seq = 0. time <10 msec. Reply From 192.168.
2CSPC4.XModular-SWUM201.book Page 1117 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples display information about configured loopback interfaces. console# show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets ----------- --------- ---------- ---------------- ------------ 1 loopback 1 0.0.0.0 0 0 console# show interfaces loopback 1 Interface Link Status...
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1119 Monday, October 3, 2011 2:21 PM Multicast Commands 52 The PowerConnect Multicast component is best suited for video and audio traffic requiring multicast packet control for optimal operation. The Multicast component includes support for IGMPv2, IGMPv3, PIM-DM, PIM-SM, and DVMRP. Communication from point to multipoint is called Multicasting.
2CSPC4.XModular-SWUM201.book Page 1120 Monday, October 3, 2011 2:21 PM • Applications used for datacasting: Since multimedia transmission has become increasingly popular, multicast transmission use has increased. Multicast transmission may be used to efficiently accommodate this type of communication. For instance, the audio and video signals are captured, compressed and transmitted to a group of receiving stations.
2CSPC4.XModular-SWUM201.book Page 1121 Monday, October 3, 2011 2:21 PM ip mcast boundary Use the ip mcast boundary command in Interface Configuration mode to add an administrative scope multicast boundary specified by groupipaddr and mask for which this multicast administrative boundary is applicable. groupipaddr is a group IP address and mask is a group IP mask. Syntax ip mcast boundary groupipaddr mask no ip mcast boundary groupipaddr mask • groupipaddr — IP address of multicast group.
2CSPC4.XModular-SWUM201.book Page 1122 Monday, October 3, 2011 2:21 PM Syntax ip mroute source-address mask rpf-address preference no ip mroute source-address mask • source-address — The IP address of the multicast data source. • mask — The IP subnet mask of the multicast data source. • rpf-address — The IP address of the next hop towards the source. • preference — The cost of the route (Range: 1 - 255). Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 1123 Monday, October 3, 2011 2:21 PM no ip multicast Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example enables IP multicast on the router.
2CSPC4.XModular-SWUM201.book Page 1124 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example applies a ttlvalue of 5 to the VLAN 15 routing interface. console(config)#interface vlan 15 console(config-if-vlan15)#ip multicast ttl-threshold 5 ip pim Use the ip pimdm command in Interface (VLAN) Configuration mode to administratively configure PIM mode for IP multicast routing on a VLAN interface.
2CSPC4.XModular-SWUM201.book Page 1125 Monday, October 3, 2011 2:21 PM console(config)#interface vlan 10 console(if-vlan-10)#ip pim ip pim bsr-border The ip pim bsr-border command is used in Interface (VLAN) Configuration mode to administratively disable bootstrap router (BSR) messages on the interface. Use the no form of this command to return the configuration to the default. Syntax ip pim bsr-border no ip pim bsr-border Default Configuration BSR messages are enabled on the interface by default.
2CSPC4.XModular-SWUM201.book Page 1126 Monday, October 3, 2011 2:21 PM Syntax ip pim bsr-candidate vlan {vlan-id hash-mask-length bsr-priority [interval interval]} no ip pim bsr-candidate vlan {vlan-id} Parameter Description Parameter Description vlan-id A valid VLAN identifier with multicast routing enabled. hash-mask-length Length of the BSR hash to be ANDed with the multicast bsr-priority The advertised priority of the BSR candidate. Range 0-255. Default 0.
2CSPC4.XModular-SWUM201.book Page 1127 Monday, October 3, 2011 2:21 PM ip pim dense Use the ip pim dense command in Global Configuration mode to administratively configure PIM dense mode for IP multicast routing. Use the no form of this command to disable PIM dense mode. This command replaces the ip pimsm command. Syntax ip pim dense no ip pim dense Default Configuration PIM is not enabled by default.
2CSPC4.XModular-SWUM201.book Page 1128 Monday, October 3, 2011 2:21 PM Default Configuration The default election priority is 1. Command Mode Interface (VLAN) Configuration mode User Guidelines This command only has an effect if sparse mode is enabled. Lower values are preferred.
2CSPC4.XModular-SWUM201.book Page 1129 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-if-vlan10)#ip pim hello-interval 20 ip pim join-prune-interval The ip pim join-prune-interval command in Interface (VLAN) Configuration mode to administratively configure the frequency of join/prune messages on the specified interface. Use the no form of this command to return the configuration to the default.
2CSPC4.XModular-SWUM201.book Page 1130 Monday, October 3, 2011 2:21 PM ip pim register-rate-limit Use the ip pim register-rate-limit command in Global Configuration mode to set a limit on the maximum number of PIM register messages sent per second for each (S,G) entry. Use the no form of this command to return the limit to its default value (0). This command replaces the ip pimsm sptthreshold command.
2CSPC4.XModular-SWUM201.book Page 1131 Monday, October 3, 2011 2:21 PM Syntax ip pim rp-address {rp-address group-address group-mask [ override ]} no ip pim rp-address {rp-address group-address group-mask} Parameter Description Parameter Description rp-address The valid IPv4 address for the rendezvous point. group-address A valid multicast group address to be sourced from the rendezvous point.
2CSPC4.XModular-SWUM201.book Page 1132 Monday, October 3, 2011 2:21 PM Syntax ip pim rp-candidate vlan {vlanid group-address group-mask [interval interval]} no ip pim rp-candidate vlan vlanid group-address group-mask} Parameter Description Parameter Description vlan-id A valid VLAN identifier with multicast routing enabled. group-address A valid multicast group address. group-mask A mask indicating the range of multicast groups for which the router should advertise itself as an RP-candidate.
2CSPC4.XModular-SWUM201.book Page 1133 Monday, October 3, 2011 2:21 PM Syntax ip pim sparse no ip pim sparse Default Configuration PIM not enabled by default. Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router. Example console(config)#ip pim sparse ip pim ssm Use the ip pim ssm command in Global Configuration mode to administratively configure PIM source specific multicast range of addresses for IP multicast routing.
2CSPC4.XModular-SWUM201.book Page 1134 Monday, October 3, 2011 2:21 PM Default Configuration There are no group addresses configured by default. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#ip pim ssm 239.0.10.0 255.255.255.0 ip pim spt-threshold Use the ip pim spt-threshold command in Global Configuration mode to set the multicast traffic threshold rate for the last-hop router to switch to the shortest path on the router.
2CSPC4.XModular-SWUM201.book Page 1135 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ip pim spt-threshold 100 show bridge multicast address-table count Use the show bridge multicast address-table count command to view statistical information about the entries in the multicast address table. Syntax show bridge multicast address-table count Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1136 Monday, October 3, 2011 2:21 PM Forbidden addresses: 1 The following table shows the information the command displays: Field Description Capacity The maximum number of addresses that can be stored in the multicast address table. Used The total number of addresses in the multicast address table. Static addresses The number of addresses in the multicast address table that are static IP addresses.
2CSPC4.XModular-SWUM201.book Page 1137 Monday, October 3, 2011 2:21 PM Example The following example displays system-wide multicast information. console#show ip multicast Admin Mode........................... Enabled Protocol State....................... Non-Operational Table Max Size .......................... 256 Protocol................................. PIMDM Multicast Forwarding Cache Entry Count ..
2CSPC4.XModular-SWUM201.book Page 1138 Monday, October 3, 2011 2:21 PM Interface -------- Group ------ Ip Mask --------------- show ip multicast interface Use the show ip multicast interface command in Privileged EXEC mode to display the multicast information for the specified interface. Syntax show ip multicast interface [type number] Syntax Description Parameter Description type number Interface type and number for which to display IP multicast information.
2CSPC4.XModular-SWUM201.book Page 1139 Monday, October 3, 2011 2:21 PM show ip mcast mroute Use the show ip mcast mroute command in Privileged EXEC mode to display a summary or all the details of the multicast table. Syntax show ip mcast mroute {detail | summary} Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1140 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the multicast configuration settings such as flags, timer settings, incoming and outgoing interfaces. console#show ip mcast mroute group 224.5.5.5 summary console#show ip mcast mroute group 224.5.5.
2CSPC4.XModular-SWUM201.book Page 1141 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays multicast configuration settings. console#show ip mcast mroute source 10.1.1.1 summary console#show ip mcast mroute source 10.1.1.1 224.5.5.
2CSPC4.XModular-SWUM201.book Page 1142 Monday, October 3, 2011 2:21 PM MULTICAST STATIC ROUTES Source IP Source Mask RPF Address Preference --------------- --------------- --------------- ---------1.1.1.1 255.255.255.0 2.2.2.2 23 show ip pim bsr-router The show ip pim bsr-router command displays information about a bootstrap router (BSR). This command deprecates the show ip pimsm componenttable and show ip pimsm bsr commands.
2CSPC4.XModular-SWUM201.book Page 1143 Monday, October 3, 2011 2:21 PM Example console#show ip pim bsr-router candidate BSR Address............................. 192.168.10.1 BSR Priority............................ 0 BSR Hash Mask Length.................... 30 C-BSR Advertisement Interval (secs)........60 Next Bootstrap message(hh:mm:ss).......... NA If no configured/elected BSRs exist on the router, the following message is displayed. No BSR’s exist/learned on this router.
2CSPC4.XModular-SWUM201.book Page 1144 Monday, October 3, 2011 2:21 PM Field Description BSR Border Whether or not this interface is configured as a BSR Border Neighbor Count Number of PIM Neighbors learnt on this interface Designated-Router IP address of the elected DR on the interface Default Configuration There is no default configuration for this command. Command Mode User EXEC and Privileged EXEC modes User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1145 Monday, October 3, 2011 2:21 PM Join Prune Interval (secs) 60 DR Priority 1 BSR Border Disabled Neighbor Count 1 Designated Router 192.168.10.1 If none of the interfaces are enabled for PIM, the following message is displayed: None of the routing interfaces are enabled for PIM show ip pim neighbor Use the show ip pim neighbor command in User EXEC or Privileged EXEC modes to display PIM neighbors discovered by PIMv2 Hello messages.
2CSPC4.XModular-SWUM201.book Page 1146 Monday, October 3, 2011 2:21 PM Field Description Interface Interface number Uptime Time since the neighbor is learned Expiry Time Time remaining for the neighbor to expire Example (console)#show ip pim neighbor vlan 10 Neighbor Addr Interface Up Time Expiry Time hh:mm:ss hh:mm:ss --------------- ---------- --------- ----------192.168.10.
2CSPC4.XModular-SWUM201.book Page 1147 Monday, October 3, 2011 2:21 PM • group-address — A valid multicast address supported by RP. Default Configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC mode User Guidelines The following fields are displayed: Field Description RP Address Address of the RP Type Origin from where this group mapping was learned. Example console#show ip pimsm rp hash 224.1.2.0 RP Address 192.168.10.
2CSPC4.XModular-SWUM201.book Page 1148 Monday, October 3, 2011 2:21 PM rp-address — An RP address. Default configuration There is no default configuration for this command. Command Mode User EXEC, Privileged EXEC modes User Guidelines There are no user guidelines for this command. Field Descriptions Field Description RP Address Address of the RP Group Address Address of the multicast group. Group Mask Mask for the group address. Origin Origin from where this group mapping is learned.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1150 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm ipv6 pimsm (VLAN Interface config) Use the ipv6 pimsm command in VLAN Interface configuration mode to administratively enable PIM-SM multicast routing mode on a particular IPv6 router interface. Use the "no" form of this command to disable PIM SM on an interface.
2CSPC4.XModular-SWUM201.book Page 1151 Monday, October 3, 2011 2:21 PM Syntax ipv6 pimsm bsr-border no ipv6 pimsm bsr-border Default Configuration BSR-border is disabled by default. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm bsr-border ipv6 pimsm bsr-candidate Use the ipv6 pimsm bsr-candidate command to configure the router to announce its candidacy as a bootstrap router (BSR).
2CSPC4.XModular-SWUM201.book Page 1152 Monday, October 3, 2011 2:21 PM • priority —The priority of the candidate BSR. The BSR with the higher priority is preferred. If the priority values are the same, the router with the higher IP address is the BSR. (Range: 0–255). Default Configuration The router will not announce its candidacy by default. The default hash mask length is 126 bits. The default priority is 0.
2CSPC4.XModular-SWUM201.book Page 1153 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-if-vlan3)#ipv6 pimsm dr-priority 10 ipv6 pimsm hello-interval Use the ipv6 pimsm hello-interval command to configure the PIM-SM Hello Interval for the specified interface. Use the "no" form of this command to set the hello interval to the default.
2CSPC4.XModular-SWUM201.book Page 1154 Monday, October 3, 2011 2:21 PM Syntax ipv6 pimsm join-prune-interval interval no ipv6 pimsm join-prune-interval • interval— The join/prune interval (Range: 0–18000 seconds). Default Configuration The default join/prune interval is 60 seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1155 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm register-threshold 250 ipv6 pimsm rp-address Use the ipv6 pimsm rp-address command to statically configure the RP address for one or more multicast groups. The optional keyword override indicates that if there is a conflict, the RP configured with this command prevails over the RP learned by BSR.
2CSPC4.XModular-SWUM201.book Page 1156 Monday, October 3, 2011 2:21 PM ipv6 pimsm rp-candidate Use the ipv6 pimsm rp-candidate command to configure the router to advertise itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR). Use the "no" form of this command to disable the router from advertising itself as a PIM candidate rendezvous point (RP) to the bootstrap router (BSR).
2CSPC4.XModular-SWUM201.book Page 1157 Monday, October 3, 2011 2:21 PM Syntax ipv6 pimsm spt-threshold threshold no ipv6 pimsm spt-threshold • threshold —The threshold rate (Range: 0–2000 Kbps). Default Configuration The default threshold rate is 0. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1158 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 pimsm ssm ff1e::/64 show ipv6 pimsm Use the show ipv6 pimsm command to display global status of IPv6 PIMSM and its IPv6 routing interfaces. Syntax show ipv6 pimsm Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1159 Monday, October 3, 2011 2:21 PM Group Address/Prefix Length --------------------------------------- FF1E::/64 PIM-SM INTERFACE STATUS Interface Interface-Mode Operational-Status --------- -------------- ---------------- vlan 3 Enabled Operational vlan 6 Enabled Operational vlan 9 Enabled Operational show ipv6 pimsm bsr Use the show ipv6 pimsm bsr command to display the bootstrap router (BSR) information.
2CSPC4.XModular-SWUM201.book Page 1160 Monday, October 3, 2011 2:21 PM BSR Address.................................... 3001::1 BSR Priority................................... 23 BSR Hash Mask Length........................... 10 Next bootstrap message(hh:mm:ss)............... 00:00:11 Next Candidate RP advertisement(hh:mm:ss)...... 00:00:12 show ipv6 pimsm interface Use the show ipv6 pimsm interface command to display interface config parameters.
2CSPC4.XModular-SWUM201.book Page 1161 Monday, October 3, 2011 2:21 PM IP Address..................................... FE80::2FF:EDFF:FED0:2/128 Hello Interval (secs).......................... 30 Join Prune Interval (secs)..................... 60 Neighbor Count ................................ 0 Designated Router.............................. FE80::2FF:EDFF:FED0:2 DR Priority.................................... 1 BSR Border.....................................
2CSPC4.XModular-SWUM201.book Page 1162 Monday, October 3, 2011 2:21 PM Neighbor Address............................... FE80::200:FF:FE00:33 Up Time (hh:mm:ss)............................. 00:00:12 Expiry Time (hh:mm:ss)......................... 00:01:34 DR Priority.................................... 0 show ipv6 pimsm rphash Use the show ipv6 pimsm rphash command to display which rendezvous point (RP) is being selected for a specified group.
2CSPC4.XModular-SWUM201.book Page 1163 Monday, October 3, 2011 2:21 PM 3001::1 BSR show ipv6 pimsm rp mapping Use the show ipv6 pimsm rp mapping command to display all group-to-RP mappings of which the router is aware (either configured or learned from the bootstrap router (BSR). If no RP is specified, all active RPs are displayed Syntax show ipv6 pimsm rp mapping [ rp-address ] • rp-address — IP address of RP. Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 1164 Monday, October 3, 2011 2:21 PM RP Address..................................... 3001::1 origin.........................................
2CSPC4.XModular-SWUM201.book Page 1165 Monday, October 3, 2011 2:21 PM OSPF Commands 54 OSPF is a link-state protocol. PowerConnect OSPF supports variable-length subnet masks. PowerConnect OSPF only operates over VLAN interfaces. OSPF operates within a hierarchy. The largest entity within the hierarchy is the autonomous system (AS), a collection of networks under a common administration sharing a common routing strategy. This is sometimes called a routing domain.
2CSPC4.XModular-SWUM201.book Page 1166 Monday, October 3, 2011 2:21 PM Route Preferences Normally, OSPF select routes in the following order: • Local • Static • Intra-area • Inter-area • External • RIP PowerConnect OSPF allows the administrator to change the preference for selecting intra, inter, and external routes according to the following rules: a External route preferences apply to all ospf external routes like type1, type2, nssa-type1, nssa-type2 equally.
2CSPC4.XModular-SWUM201.book Page 1167 Monday, October 3, 2011 2:21 PM • Learned Dynamically: Routing protocols can learn ECMP routes. For example, if OSPF is configured on both links connecting Router A to Router B with interface addresses 10.1.1.2 and 10.1.2.2 respectively, and Router B advertises its connection to 20.0.0.0/ 8, then Router A computes an OSPF route to 20.0.0.0/8 with next hops of 10.1.1.2 and 10.1.2.2.
2CSPC4.XModular-SWUM201.book Page 1168 Monday, October 3, 2011 2:21 PM Graceful Restart The PowerConnect implementation of OSPFv2 supports graceful restart as specified in RFC 3623. Graceful restart works in concert with PowerConnect nonstop forwarding to enable the hardware to continue forwarding IPv4 packets using OSPFv2 routes while a backup unit takes over management unit responsibility.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1170 Monday, October 3, 2011 2:21 PM Default Configuration 10 is the default configuration for integer. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example identifies a stub area of 10 and default cost of 100.
2CSPC4.XModular-SWUM201.book Page 1171 Monday, October 3, 2011 2:21 PM Parameter Description metric-value Specifies the metric of the default route advertised to the NSSA. (Range: 1–16777214) metric-type-value The metric type can be one of the following : 1 A metric type of nssa-external 1 2 A metric type of nssa-external 2 (default) role The translator role where role is one of the following : • always - The router assumes the role of the translator when it becomes a border router.
2CSPC4.XModular-SWUM201.book Page 1172 Monday, October 3, 2011 2:21 PM console(config-router)#area 20 nssa default-infooriginate metric 250 metric-type 2 no-summary area nssa default-info-originate Use the area nssa default-info-originate command in Router OSPF Configuration mode to configure the metric value and type for the default route advertised into the NSSA. The metric type can be comparable (nssaexternal 1) or non-comparable (nssa-external 2).
2CSPC4.XModular-SWUM201.book Page 1173 Monday, October 3, 2011 2:21 PM console(config-router)#area 20 nssa default-infooriginate 250 non-comparable area nssa no-redistribute Use the area nssa no-redistribute command in Router OSPF Configuration mode to configure the NSSA Area Border router (ABR) so that learned external routes are not redistributed to the NSSA. Syntax area area-id nssa no-redistribute no area area-id nssa no-redistribute • area-id — Identifies the OSPF NSSA to configure.
2CSPC4.XModular-SWUM201.book Page 1174 Monday, October 3, 2011 2:21 PM Syntax area area-id nssa no-summary no area area-id nssa no-summary • area-id — Identifies the OSPF NSSA to configure. (Range: 0–4294967295) Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the NSSA so that summary LSAs are not advertised into the NSSA.
2CSPC4.XModular-SWUM201.book Page 1175 Monday, October 3, 2011 2:21 PM Default Configuration The default role is candidate. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the translator role of the NSSA.
2CSPC4.XModular-SWUM201.book Page 1176 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example configures the translator stability interval of the area 20 NSSA. console(config-router)#area 20 nssa translator-stabintv 2000 area range (Router OSPF) Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area. There are two types of area ranges.
2CSPC4.XModular-SWUM201.book Page 1177 Monday, October 3, 2011 2:21 PM Parameter Description not-advertise Suppresses advertisement of the area range. Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines Use this command with Area Border Routers (ABRs). Example The following example defines an area range for the area 20. console(config-router)#area 20 range 192.168.6.0 255.255.255.
2CSPC4.XModular-SWUM201.book Page 1178 Monday, October 3, 2011 2:21 PM Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Examples The following examples define area 3 for the stub and then removes the stub area. console(config-router)#area 3 stub console(config-router)#no area 3 stub area stub no-summary Use the area stub no-summary command in Router OSPF Configuration mode to prevent Summary LSAs from being advertised into the NSSA.
2CSPC4.XModular-SWUM201.book Page 1179 Monday, October 3, 2011 2:21 PM Example The following example prevents the Summary LSA from being advertised into the area 3 NSSA. console(config-router)#area 3 stub no-summary area virtual-link Use the area virtual-link command in Router OSPF Configuration mode to create the OSPF virtual interface for the specified area-id and neighbor router. To remove the link, use the no form of the command.
2CSPC4.XModular-SWUM201.book Page 1180 Monday, October 3, 2011 2:21 PM Parameter Description hello-interval seconds Number of seconds to wait before sending hello packets to the OSPF virtual interface. (Range: 1–65535) dead-interval seconds Number of seconds to wait before the OSPF virtual interface on the virtual interface is assumed to be dead. (Range: 1–65535) retransmit-interval seconds The number of seconds to wait between retransmitting LSAs if no acknowledgement is received.
2CSPC4.XModular-SWUM201.book Page 1181 Monday, October 3, 2011 2:21 PM Command Mode Router OSPF Configuration mode. User Guidelines Unauthenticated interfaces cannot be configured with an authentication key. Use the area virtual-link authentication command on page 1181 to enable configuration of an authentication key. Example The following example establishes a virtual link with a 40-second transmitdelay interval and default values for all other optional parameters: router ospf network 10.50.50.0 0.0.0.
2CSPC4.XModular-SWUM201.book Page 1182 Monday, October 3, 2011 2:21 PM • neighbor-id — Identifies the Router identifier of the neighbor. • encrypt — Use MD5 Encryption for an OSPF Virtual Link. • key — Authentication key for the specified interface. (Range: 8 bytes or less if the authentication type is simple and 16 bytes or less if the type is encrypt.) • key-id — Authentication key identifier for the authentication type encrypt.
2CSPC4.XModular-SWUM201.book Page 1183 Monday, October 3, 2011 2:21 PM Syntax area area-id virtual-link neighbor-id dead-interval seconds no area area-id virtual-link neighbor-id dead-interval • area-id — Identifies the OSPF area to configure. (Range: IP address or decimal from 0–4294967295) • neighbor-id — Identifies the Router ID of the neighbor. • seconds — Number of seconds to wait before the OSPF virtual interface on the virtual interface is assumed to be dead.
2CSPC4.XModular-SWUM201.book Page 1184 Monday, October 3, 2011 2:21 PM no area area-id virtual-link neighbor-id hello-interval • area-id — Identifies the OSPF area to configure. (Range: IP address or decimal from 0–4294967295) • neighbor-id — Identifies the Router ID of the neighbor. • seconds — Number of seconds to wait before sending hello packets to the OSPF virtual interface. (Range: 1–65535) Default Configuration 10 seconds is the default configuration.
2CSPC4.XModular-SWUM201.book Page 1185 Monday, October 3, 2011 2:21 PM • neighbor-id — Identifies the Router ID of the neighbor. • seconds — The number of seconds to wait between retransmitting LSAs if no acknowledgement is received. (Range: 0–3600) Default Configuration The default configuration is 5 seconds. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 500-second retransmit wait interval.
2CSPC4.XModular-SWUM201.book Page 1186 Monday, October 3, 2011 2:21 PM Default Configuration 1 second is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 40-second transmit-delay interval. console(config-router)#area 10 virtual-link 192.168.2.2 transmit-delay 40 auto-cost By default, OSPF computes the link cost of each interface from the interface bandwidth.
2CSPC4.XModular-SWUM201.book Page 1187 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example The following example configures a reference bandwidth of 500 Mbps. console(config-router)#auto-cost reference-bandwidth 500 bandwidth By default, OSPF computes the link cost of an interface as the ratio of the reference bandwidth to the interface bandwidth. Reference bandwidth is specified with the auto-cost command.
2CSPC4.XModular-SWUM201.book Page 1188 Monday, October 3, 2011 2:21 PM capability opaque Use the capability opaque command to enable Opaque Capability on the router. Use the “no” form of this command to disable Opaque Capability. Syntax capability opaque no capability opaque Default Configuration Opaque Capability is enabled by default. Command Mode Router Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1189 Monday, October 3, 2011 2:21 PM • neighbor — Drop the adjacency with all OSPF neighbors. On each neighbor's interface, send a one-way hello. Adjacencies may then be reestablished. • interface vlan vlan-id — Drop adjacency with all neighbors on a specific interface. • neighbor-id — Drop adjacency with a specific router ID on a specific interface. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 1190 Monday, October 3, 2011 2:21 PM Syntax compatible rfc1583 no compatible rfc1583 Syntax Description This command has no arguments or keywords. Default Configuration Compatible with RFC 1583. Command Mode Router OSPF Configuration mode. User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328, OSPF 1583 compatibility mode should be disabled. Example The following example enables 1583 compatibility.
2CSPC4.XModular-SWUM201.book Page 1191 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description always Always advertise default routes. metric-value The metric (or preference) value of the default route. (Range: 1–16777214) type-value 1 External type-1 route. 2 External type-2 route. Default Configuration The default metric is none and the default type is 2. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1192 Monday, October 3, 2011 2:21 PM • metric-value — The metric (or preference) value of the default route. (Range: 1–16777214) Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a value of 50 for the default metric.
2CSPC4.XModular-SWUM201.book Page 1193 Monday, October 3, 2011 2:21 PM Parameter Description inter-area dist2 Used to select the best path from one area to another area when there are two or more routes to the same destination from two different routing protocols (Range: 1–255). external dist3 Used to select the best path for routes from other routing domains, learned by redistribution when there are two or more routes to the same destination from two different routing protocols (Range: 1–255).
2CSPC4.XModular-SWUM201.book Page 1194 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description name The name used to identify an existing ACL. The range is 1–31 characters. rip Apply the specified access list when RIP is the source protocol. static Apply the specified access list when packets come through the static route. connected Apply the specified access list when packets come from a directly connected route. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1195 Monday, October 3, 2011 2:21 PM no enable Default Configuration Enabled is the default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example enables OSPF router mode. console(config-router)#enable exit-overflow-interval Use the exit-overflow-interval command in Router OSPF Configuration mode to configure the exit overflow interval for OSPF.
2CSPC4.XModular-SWUM201.book Page 1196 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example sets the exit overflow interval for OSPF at 10 seconds. console(config-router)#exit-overflow-interval 10 external-lsdb-limit Use the external-lsdb-limit command in Router OSPF Configuration mode to configure the external LSDB limit for OSPF. If the value is -1, then there is no limit.
2CSPC4.XModular-SWUM201.book Page 1197 Monday, October 3, 2011 2:21 PM Example The following example configures the external LSDB limit for OSPF with the number of non-default AS-external-LSAs set at 20. console(config-router)#external-lsdb-limit 20 ip ospf area The ip ospf area command enables OSPFv2 and sets the area ID of an interface. This command supersedes the effects of network area command. It can also configure the advertisability of the secondary addresses on this interface into OSPFv2 domain.
2CSPC4.XModular-SWUM201.book Page 1198 Monday, October 3, 2011 2:21 PM ip ospf authentication Use the ip ospf authentication command in the Interface Configuration mode to set the OSPF Authentication Type and Key for the specified interface. Use the no form of the command to return the authentication type to the default value. Syntax ip ospf authentication {none | {simple key} | {encrypt key key-id}} no ip ospf authentication • encrypt — MD5 encrypted authentication key.
2CSPC4.XModular-SWUM201.book Page 1199 Monday, October 3, 2011 2:21 PM ip ospf cost Use the ip ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface. Use the no form of the command to return the cost to the default value. Syntax ip ospf cost interface-cost no ip ospf cost • interface-cost — Specifies the cost (link-state metric) of the OSPF interface. (Range: 1–65535) Default Configuration 10 is the default link-state metric configuration.
2CSPC4.XModular-SWUM201.book Page 1200 Monday, October 3, 2011 2:21 PM • seconds — Number of seconds that a router's Hello packets have not been seen before its neighbor routers declare that the router is down. (Range: 1–65535) Default Configuration 40 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode User Guidelines The value for the length of time must be the same for all routers attached to a common network.
2CSPC4.XModular-SWUM201.book Page 1201 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines The value for the length of time must be the same for all routers attached to a network. Example The following example sets the OSPF hello interval at 30 seconds. console(config-if-vlan15)#ip ospf hello-interval 30 ip ospf mtu-ignore Use the ip ospf mtu-ignore command in Interface Configuration mode to disable OSPF maximum transmission unit (MTU) mismatch detection.
2CSPC4.XModular-SWUM201.book Page 1202 Monday, October 3, 2011 2:21 PM Example The following example disables OSPF MTU mismatch detection on VLAN interface 15. console(config-if-vlan15)#ip ospf mtu-ignore ip ospf network Use the ip ospf network command to configure OSPF to treat an interface as a point-to-point rather than broadcast interface. To return to the default value, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1203 Monday, October 3, 2011 2:21 PM broadcast Set the OSPF network type to Broadcast point-to-point Set the OSPF network type to Point-to-Point ip ospf priority Use the ip ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface. Use the no form of the command to return the priority to the default value.
2CSPC4.XModular-SWUM201.book Page 1204 Monday, October 3, 2011 2:21 PM Syntax ip ospf retransmit-interval seconds no ip ospf retransmit-interval • seconds — Number of seconds between link-state advertisement retransmissions for adjacencies belonging to this router interface. This value is also used when retransmitting database description and link-state request packets. (Range: 0–3600 seconds) Default Configuration 5 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode.
2CSPC4.XModular-SWUM201.book Page 1205 Monday, October 3, 2011 2:21 PM • seconds — Sets the estimated number of seconds it takes to transmit a link state update packet over this interface. (Range: 1–3600 seconds) Default Configuration 1 is the default number of seconds. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the OSPF Transit Delay for VLAN 15 at 20 seconds.
2CSPC4.XModular-SWUM201.book Page 1206 Monday, October 3, 2011 2:21 PM User Guidelines OSPF is only enabled on an interface if the primary IPv4 address on the interface matches a network area range. Any individual interface can only be attached to a single area. If an interface address matches multiple network area ranges, the interface is assigned to the area for the first matching range. If the ip ospf area command is given for an interface, it overrides any matching network area command.
2CSPC4.XModular-SWUM201.book Page 1207 Monday, October 3, 2011 2:21 PM Command Mode Router OSPF Configuration mode. User Guidelines OSPF is only enabled on an interface if the primary IPv4 address on the interface matches a network area range. Any individual interface can only be attached to a single area. If an interface address matches multiple network area ranges, the interface is assigned to the area for the first matching range.
2CSPC4.XModular-SWUM201.book Page 1208 Monday, October 3, 2011 2:21 PM Default Configuration Graceful restart is disabled by default Command Mode Router OSPF Configuration mode User Guidelines Graceful restart works in concert with nonstop forwarding to enable the hardware to continue forwarding IPv4 packets using OSPFv2 routes while a backup unit takes over management unit responsibility.
2CSPC4.XModular-SWUM201.book Page 1209 Monday, October 3, 2011 2:21 PM Command Mode Router OSPF Configuration mode User Guidelines The grace LSA announcing the graceful restart includes a restart reason. Reasons 1 (software restart) and 2 (software reload/upgrade) are considered planned restarts. Reasons 0 (unknown) and 3 (switch to redundant control processor) are considered unplanned restarts.
2CSPC4.XModular-SWUM201.book Page 1210 Monday, October 3, 2011 2:21 PM until the graceful restart completes. By exiting the graceful restart on a topology change, a router tries to eliminate the loops or black holes as quickly as possible by routing around the restarting router. A helpful neighbor considers a link down with the restarting router to be a topology change, regardless of the strict LSA checking configuration.
2CSPC4.XModular-SWUM201.book Page 1211 Monday, October 3, 2011 2:21 PM passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode. Use the “no” form of this command to disable the global passive mode by default for all interfaces. Any interface previously configured to be passive reverts to nonpassive mode.
2CSPC4.XModular-SWUM201.book Page 1212 Monday, October 3, 2011 2:21 PM Default Configuration Passive interface mode is disabled by default. Command Mode Router OSPF Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface vlan 1 redistribute Use the redistribute command in Router OSPF Configuration mode to configure OSPF protocol to allow redistribution of routes from the specified source protocol/routers.
2CSPC4.XModular-SWUM201.book Page 1213 Monday, October 3, 2011 2:21 PM Parameter Description metric-value Specifies the metric to use when redistributing the route. (Range: 0–16777214) type-value Type 1 external route. Type 2 external route. tag-value Value attached to each external route, which might be used to communicate information between ASBRs. (Range: 0–4294967295) subnets Specifies whether to redistribute the routes to subnets.
2CSPC4.XModular-SWUM201.book Page 1214 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example defines the router OSPF ID as 5.5.5.5. console(config)#router ospf console(config-router)#router-id 5.5.5.5 router ospf Use the router ospf command in Global Configuration mode to enter Router OSPF mode.
2CSPC4.XModular-SWUM201.book Page 1215 Monday, October 3, 2011 2:21 PM Example The following example enters into router OSPF mode. console(config)#router ospf console(config-router)# show ip ospf Use the show ip ospf command to display information relevant to the OSPF router. This command has been modified to show additional fields. Syntax show ip ospf Syntax Description This command has no arguments or keywords. Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 1216 Monday, October 3, 2011 2:21 PM RFC 1583 Compatibility This configuration option controls the preference rules used when choosing among multiple external LSAs advertising the same destination. When enabled, the preference rules remain those specified by RFC 1583. When disabled, the preference rules are those stated in Section 16.4.1 of RFC 2328. These rules prevent routing loops when external LSAs for the same destination have been originated from different areas.
2CSPC4.XModular-SWUM201.book Page 1217 Monday, October 3, 2011 2:21 PM Number of Active Areas The number of OSPF areas to which the router is attached on interfaces that are up. ABR Status Shows whether the router is an OSPF Area Border Router. ASBR Status Indicates whether the router is an autonomous system border router. Router automatically becomes an ASBR when it is configured to redistribute routes learned from another protocol.
2CSPC4.XModular-SWUM201.book Page 1218 Monday, October 3, 2011 2:21 PM LSA High Water Mark The maximum number of LSAs that have been in the link state database since OSPF began operation. Retransmit List Entries The current number of entries on all neighbors’ retransmit lists. Maximum Number The maximum number of entries that can be on neighbors’ of Retransmit retransmit lists at any given time. This is the sum for all Entries neighbors.
2CSPC4.XModular-SWUM201.book Page 1219 Monday, October 3, 2011 2:21 PM Distribute-List Shows the access list used to filter redistributed routes. Example The following example displays OSPF router information. console#show ip ospf Router ID................................ 1.1.1.1 OSPF Admin Mode.......................... Enable RFC 1583 Compatibility................... Enable External LSDB Limit...................... No Limit Exit Overflow Interval................... 0 Spf Delay Time....................
2CSPC4.XModular-SWUM201.book Page 1220 Monday, October 3, 2011 2:21 PM ASBR Status.......................... Disable Stub Router.......................... FALSE External LSDB Overflow............... FALSE External LSA Count................... 0 External LSA Checksum................ 0 AS_OPAQUE LSA Count.................. 0 AS_OPAQUE LSA Checksum............... 0 New LSAs Originated.................. 25 LSAs Received........................ 7 LSA Count............................ 4 Maximum Number of LSAs...
2CSPC4.XModular-SWUM201.book Page 1221 Monday, October 3, 2011 2:21 PM Syntax show ip ospf abr Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command. Example console#show ip ospf abr Type Router Id Cost Area ID Next Hop Next Hop Intf ----- --------- ----- --------------- --------- -------- INTRA 3.3.3.3 1 0.0.0.1 10.1.23.3 vlan11 INTRA 4.4.4.4 10 0.0.0.1 10.1.24.
2CSPC4.XModular-SWUM201.book Page 1222 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays OSPF router information. console#show ip ospf area 10 AreaID......................................... 0.0.0.10 External Routing............................... Import External LSAs Spf Runs....................................... 0 Area Border Router Count....................... 0 Area LSA Count.................
2CSPC4.XModular-SWUM201.book Page 1223 Monday, October 3, 2011 2:21 PM Default Metric Type............................ NonComparable Translator Role................................ Candidate Translator Stability Interval.................. 2000 Translator State............................... Disabled show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes (ASBR). This command takes no options.
2CSPC4.XModular-SWUM201.book Page 1224 Monday, October 3, 2011 2:21 PM show ip ospf database Use the show ip ospf database command in Privileged EXEC mode to display information about the link state database when OSPF is enabled. If parameters are entered, the command displays the LSA headers. Use the optional parameters to specify the type of link state advertisements to display.
2CSPC4.XModular-SWUM201.book Page 1225 Monday, October 3, 2011 2:21 PM Example The following example displays information about the link state database when OSPF is enabled. console#show ip ospf database Router Link States (Area 0.0.0.0) Link Id Adv Router Age Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ----5.2.0.0 0.0.0.0 1360 80000006 3a1f ------ ----- 5.2.0.0 5.2.0.0 1360 80000009 a47e ------ ---E- 20.20.20.20 20.20.20.
2CSPC4.XModular-SWUM201.book Page 1226 Monday, October 3, 2011 2:21 PM 5.2.0.0 0.0.0.0 1361 80000006 183a ------ Link Opaque States (Area 0.0.0.0) Link Id Adv Router Age Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ----5.2.0.0 0.0.0.0 1361 80000005 ef59 ------ Area Opaque States (Area 0.0.0.0) Link Id Adv Router Age Sequence Chksm Options Rtr Opt --------------- --------------- ----- -------- ------ ------- ----5.2.0.0 0.0.0.
2CSPC4.XModular-SWUM201.book Page 1227 Monday, October 3, 2011 2:21 PM show ip ospf database database-summary Use the show ip ospf database database-summary command to display the number of each type of LSA in the database for each area and for the router. The command also displays the total number of LSAs in the database. This command has been modified. Syntax show ip ospf database database-summary Default Configuration There is no default configuration for this command.
2CSPC4.XModular-SWUM201.book Page 1228 Monday, October 3, 2011 2:21 PM Total Shows Number of entries for all areas. Example The following example displays the number of each type of LSA in the database for each area and for the router. console#show ip ospf database database-summary OSPF Router with ID (5.5.5.5) Area 0.0.0.0 database summary Router......................................... 0 Network........................................ 0 Summary Net.................................... 0 Summary ASBR....
2CSPC4.XModular-SWUM201.book Page 1229 Monday, October 3, 2011 2:21 PM Router database summary Router......................................... 0 Network........................................ 0 Summary Net.................................... 0 Summary ASBR................................... 0 Type-7 Ext..................................... 0 Opaque Link.................................... 0 Opaque Area.................................... 0 Type-5 Ext.....................................
2CSPC4.XModular-SWUM201.book Page 1230 Monday, October 3, 2011 2:21 PM Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines. Example The following example displays the information for the IFO object or virtual interface tables associated with VLAN 3. console#show ip ospf interface vlan 10 IP Address..................................... 1.1.1.1 Subnet Mask................................. 255.255.255.0 Secondary IP Address(es).......................
2CSPC4.XModular-SWUM201.book Page 1231 Monday, October 3, 2011 2:21 PM show ip ospf interface brief Use the show ip ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables. Syntax show ip ospf interface brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1232 Monday, October 3, 2011 2:21 PM • vlan-id — Valid VLAN ID. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the ospf statistics for VLAN 15. console>show ip ospf interface stats vlan15 OSPF Area ID....................................... 0.0.0.0 Area Border Router Count.................................
2CSPC4.XModular-SWUM201.book Page 1233 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description interface-type Interface type – only supported type is vlan. interface-number A valid interface number. neighbor-id Valid IP address of the neighbor. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1234 Monday, October 3, 2011 2:21 PM Restart Helper Status........................ Not helping Restart Helper Exit Reason................... Not attempted Field Description Field Description Interface The name of the interface on which the adjacency is formed. Neighbor IP Address The IPv4 address on the neighbor's interface used to form the adjacency. Interface Index The SNMP interface index. Area Id The OSPF area in which the adjacency is formed.
2CSPC4.XModular-SWUM201.book Page 1235 Monday, October 3, 2011 2:21 PM Field Description Restart Helper Exit Reason One of the following values: • Restart Reason — When the router is in helpful neighbor mode, the output includes the restart reason the restarting router sent in its grace LSA. The Restart Reason is the value in the Graceful Restart Reason TLV in the grace LSA sent by the restarting router.
2CSPC4.XModular-SWUM201.book Page 1236 Monday, October 3, 2011 2:21 PM Syntax show ip ospf range area-id • area-id — Identifies the OSPF area whose ranges are being displayed. (Range: IP address or decimal from 0–4294967295) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information about the area ranges for the specified area-id.
2CSPC4.XModular-SWUM201.book Page 1237 Monday, October 3, 2011 2:21 PM Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines. Example console>show ip ospf statistics Area 0.0.0.
2CSPC4.XModular-SWUM201.book Page 1238 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the OSPF stub table. console(config)#show ip ospf stub table AreaId TypeofService Metric Val Import SummaryLSA ------------- ------------- ---------- ----------------- 0.0.0.
2CSPC4.XModular-SWUM201.book Page 1239 Monday, October 3, 2011 2:21 PM Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines. Example The following example displays the OSPF Virtual Interface information for area 10 and its neighbor. console#show ip ospf virtual-link 10 192.168.2.2 Area ID........................................ 10 Neighbor Router ID............................. 192.168.2.2 Hello Interval................................. 10 Dead Interval.......
2CSPC4.XModular-SWUM201.book Page 1240 Monday, October 3, 2011 2:21 PM Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes. User Guidelines This command has no user guidelines. Example The following example displays the OSPF Virtual Interface information in the system.
2CSPC4.XModular-SWUM201.book Page 1241 Monday, October 3, 2011 2:21 PM Default Configuration The default value for delay-time is 5. The default value for hold-time is 10. Command Mode Router OSPF Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the SPF delay and hold time.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1244 Monday, October 3, 2011 2:21 PM area virtual-link ipv6 ospf network retransmit-interval show ipv6 ospf show ipv6 ospf virtuallink brief area default-cost (Router OSPFv3) Use the area default-cost command in Router OSPFv3 Configuration mode to configure the monetary default cost for the stub area. The operator must specify the area id and an integer value between 1-16777215. Use the no form of the command to return the cost to the default value.
2CSPC4.XModular-SWUM201.book Page 1245 Monday, October 3, 2011 2:21 PM area nssa (Router OSPFv3) Use the area nssa command in Router OSPF Configuration mode to configure the specified area ID to function as an NSSA. If the area has not been previously created, this command creates the area and then applies the NSSA distinction. If the area already exists, the NSSA distinction is added or modified. Use the no form of the command to remove the NSSA distinction from the area.
2CSPC4.XModular-SWUM201.book Page 1246 Monday, October 3, 2011 2:21 PM Default Configuration If no metric is defined, 10 is the default configuration. The default role is candidate. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures not-so-stubby-area 10 as an NSSA.
2CSPC4.XModular-SWUM201.book Page 1247 Monday, October 3, 2011 2:21 PM • metric — Metric value for default route. (Range: 1-16777214) • comparable — Metric Type (nssa-external 1). • non-comparable — Metric Type (nssa-external 2). Default Configuration If no metric is defined, 10 is the default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1248 Monday, October 3, 2011 2:21 PM Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the area 1 NSSA ABR so that learned external routes will not be redistributed to the NSSA.
2CSPC4.XModular-SWUM201.book Page 1249 Monday, October 3, 2011 2:21 PM Example The following example configures the area 1 NSSA so that summary LSAs are not advertised into the NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 nssa no-summary area nssa translator-role Use the area nssa translator-role command in Router OSPFv3 Configuration mode to configure the translator role of the NSSA. Use the no form of the command to remove the configuration.
2CSPC4.XModular-SWUM201.book Page 1250 Monday, October 3, 2011 2:21 PM console(config-rtr)#area 1 nssa translator-role always area nssa translator-stab-intv Use the area nssa translator-stab-intv command in Router OSPFv3 Configuration mode to configure the translator stability interval of the NSSA. The stability interval is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router.
2CSPC4.XModular-SWUM201.book Page 1251 Monday, October 3, 2011 2:21 PM area range (Router OSPFv3) Use the area range command in Router OSPF Configuration mode to configure a summary prefix for routes learned in a given area. If the area has not been previously created, this command creates the area and then applies the range parameters. There are two types of area ranges. An area range can be configured to summarize intra-area routes.
2CSPC4.XModular-SWUM201.book Page 1252 Monday, October 3, 2011 2:21 PM User Guidelines The LSDB type must be specified by either summarylink or nssaexternallink, and the advertising of the area range can be allowed or suppressed. Example The following example creates an area range for the area 1 NSSA.
2CSPC4.XModular-SWUM201.book Page 1253 Monday, October 3, 2011 2:21 PM Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example creates a stub area for area 1. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub area stub no-summary Use the area stub no-summary command in Router OSPFv3 Configuration mode disable the import of Summary LSAs for the stub area identified by area-id .
2CSPC4.XModular-SWUM201.book Page 1254 Monday, October 3, 2011 2:21 PM Example The following example prevents Summary LSAs from being advertised into the area 1 NSSA. console(config)#ipv6 router ospf console(config-rtr)#area 1 stub no-summary area virtual-link Use the area virtual-link command in Router OSPFv3 Configuration mode to create the OSPF virtual interface for the specified area-id and neighbor router.
2CSPC4.XModular-SWUM201.book Page 1255 Monday, October 3, 2011 2:21 PM Default Configuration Parameter Default area-id No area ID is predefined. router-id No router ID is predefined. hello-interval seconds 10 seconds retransmit-interval seconds 5 seconds transmit-delay seconds 1 second dead-interval seconds 40 seconds Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1256 Monday, October 3, 2011 2:21 PM area virtual-link dead-interval Use the area virtual-link dead-interval command in Router OSPFv3 Configuration mode to configure the dead interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor. Syntax area areaid virtual-link neighbor dead-interval seconds no area areaid virtual-link neighbor dead-interval • areaid — Valid OSPFv3 area identifier. • neighbor — Router ID of neighbor.
2CSPC4.XModular-SWUM201.book Page 1257 Monday, October 3, 2011 2:21 PM Syntax area areaid virtual-link neighbor hello-interval seconds no area areaid virtual-link neighbor hello-interval • areaid — Valid OSPFv3 area identifier. • neighbor — Router ID of neighbor. • seconds — Hello interval. (Range: 1-65535) Default Configuration 10 is the default value for seconds. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1258 Monday, October 3, 2011 2:21 PM • neighbor — Router ID of neighbor. • seconds — Retransmit interval. (Range: 0-3600) Default Configuration 5 is the default value for seconds. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures the retransmit interval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor.
2CSPC4.XModular-SWUM201.book Page 1259 Monday, October 3, 2011 2:21 PM Default Configuration 1 is the default value for seconds. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example configures a 20-second transmit delay for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor.
2CSPC4.XModular-SWUM201.book Page 1260 Monday, October 3, 2011 2:21 PM Parameter type-value Description 1 External type-1 route. 2 External type-2 route. Default Configuration The default metric is none and the default type is 2. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example controls the advertisement of default routes by defining a metric value of 100 and metric type 2.
2CSPC4.XModular-SWUM201.book Page 1261 Monday, October 3, 2011 2:21 PM Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a default of 100 for the metric of distributed routes. console(config)#ipv6 router ospf console(config-rtr)#default-metric 100 distance ospf The distance ospf command sets the preference values of OSPF route types in the router.
2CSPC4.XModular-SWUM201.book Page 1262 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example The following example sets a route preference value of 100 for intra OSPF in the router. console(config)#ipv6 router ospf console(config-rtr)#distance ospf intra 100 enable Use the enable command in Router OSPFv3 Configuration mode to enable administrative mode of OSPF in the router (active).
2CSPC4.XModular-SWUM201.book Page 1263 Monday, October 3, 2011 2:21 PM exit-overflow-interval Use the exit-overflow-interval command in Router OSPFv3 Configuration mode to configure the exit overflow interval for OSPF. It describes the number of seconds after entering Overflow state that a router will wait before attempting to leave the Overflow State. This allows the router to originate non-default AS-external-LSAs again. When set to 0, the router will not leave Overflow State until restarted.
2CSPC4.XModular-SWUM201.book Page 1264 Monday, October 3, 2011 2:21 PM overflow state. The router never holds more than the external LSDB limit non-default AS-external- LSAs in it database. The external LSDB limit MUST be set identically in all routers attached to the OSPF backbone and/or any regular OSPF area. Syntax external-lsdb-limit limit no external-lsdb-limit • limit — External LSDB limit for OSPF (Range: -1-2147483647) Default Configuration -1 is the default value for limit.
2CSPC4.XModular-SWUM201.book Page 1265 Monday, October 3, 2011 2:21 PM Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode User Guidelines This command has no user guidelines. Example The following example enables OSPF on VLAN 15.
2CSPC4.XModular-SWUM201.book Page 1266 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example defines the OSPF area to which VLAN 15 belongs. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf area 100 ipv6 ospf cost Use the ipv6 ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface. Use the no form of the command to return the cost to the default value.
2CSPC4.XModular-SWUM201.book Page 1267 Monday, October 3, 2011 2:21 PM ipv6 ospf dead-interval Use the ipv6 ospf dead-interval command in Interface Configuration mode to set the OSPF dead interval for the specified interface. Syntax ipv6 ospf dead-interval seconds no ipv6 ospf dead-interval • seconds — A valid positive integer, which represents the length of time in seconds that a router's Hello packets have not been seen before its neighbor routers declare that the router is down.
2CSPC4.XModular-SWUM201.book Page 1268 Monday, October 3, 2011 2:21 PM Syntax ipv6 ospf hello-interval seconds no ipv6 ospf hello-interval • seconds — A valid positive integer which represents the length of time of the OSPF hello interval. The value must be the same for all routers attached to a network. (Range: 1-65535 seconds) Default Configuration 10 seconds is the default value of seconds. Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode.
2CSPC4.XModular-SWUM201.book Page 1269 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN, Tunnel, Loopback) mode. User Guidelines OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface. When a router receives a Database Description packet, it examines the MTU advertised by the neighbor.
2CSPC4.XModular-SWUM201.book Page 1270 Monday, October 3, 2011 2:21 PM User Guidelines Normally, the network type is determined from the physical IP network type. By default all Ethernet networks are OSPF-type broadcast. Similarly, tunnel interfaces default to point-to-point. When an Ethernet port is used as a single large bandwidth IP network between two routers, the network type can be point-to-point since there are only two routers.
2CSPC4.XModular-SWUM201.book Page 1271 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example sets the OSPF priority at 50 for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ipv6 ospf priority 50 ipv6 ospf retransmit-interval Use the ipv6 ospf retransmit-interval command in Interface Configuration mode to set the OSPF retransmit interval for the specified interface.
2CSPC4.XModular-SWUM201.book Page 1272 Monday, October 3, 2011 2:21 PM console(config-if-vlan15)#ipv6 ospf retransmitinterval 100 ipv6 ospf transmit-delay Use the ipv6 ospf transmit-delay command in Interface Configuration mode to set the OSPF Transmit Delay for the specified interface. Syntax ipv6 ospf transmit-delay seconds no ipv6 ospf transmit-delay • seconds — OSPF transmit delay for the specified interface.
2CSPC4.XModular-SWUM201.book Page 1273 Monday, October 3, 2011 2:21 PM Syntax ipv6 router ospf Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example Use the following command to enable OSPFv3. console(config)#ipv6 router ospf maximum-paths Use the maximum-paths command in Router OSPFv3 Configuration mode to set the number of paths that OSPF can report for a given destination.
2CSPC4.XModular-SWUM201.book Page 1274 Monday, October 3, 2011 2:21 PM Example The following example sets the number of paths that OSPF can report for a destination to 1. console(config)#ipv6 router ospf console(config-rtr)#maximum-paths 1 nsf Use this command to enable OSPF graceful restart. Use the “no” form of this command to disable graceful restart.
2CSPC4.XModular-SWUM201.book Page 1275 Monday, October 3, 2011 2:21 PM everything that goes with that (i.e., flooding of LSAs, SPF runs). Helpful neighbors continue to forward packets through the restarting router. The restarting router relearns the network topology from its helpful neighbors. This implementation of graceful restart restarting router behavior is only useful with a router stack. Graceful restart does not work on a standalone, single-unit router.
2CSPC4.XModular-SWUM201.book Page 1276 Monday, October 3, 2011 2:21 PM nsf helper strict-lsa-checking Use the nsf-helper strict-lsa-checking command to require that an OSPF helpful neighbor exit helper mode whenever a topology change occurs. Use the “no” form of this command to allow OSPF to continue as a helpful neighbor in spite of topology changes.
2CSPC4.XModular-SWUM201.book Page 1277 Monday, October 3, 2011 2:21 PM Syntax nsf [ietf ] restart-interval seconds no nsf [ietf] restart-interval • ietf — This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations. Since the IETF implementation is the only one supported, this keyword is optional. • seconds — The number of seconds that the restarting router asks its neighbors to wait before exiting helper mode.
2CSPC4.XModular-SWUM201.book Page 1278 Monday, October 3, 2011 2:21 PM Default Configuration Passive interface mode is disabled by default. Command Mode Router OSPFv3 Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-router)#passive-interface vlan 1 passive-interface default The passive-interface default command enables the global passive mode by default for all interfaces. It overrides any interface level passive mode.
2CSPC4.XModular-SWUM201.book Page 1279 Monday, October 3, 2011 2:21 PM redistribute Use the redistribute command in Router OSPFv3 Configuration mode to configure the OSPFv3 protocol to allow redistribution of routes from the specified source protocol/routers. Syntax redistribute {static | connected} [metric metric] [metric-type {1 | 2}] [tag tag ] no redistribute {static | connected} [metric] [metric-type] [tag] • metric — Metric value used for default routes. (Range: 0-16777214) • tag — Tag.
2CSPC4.XModular-SWUM201.book Page 1280 Monday, October 3, 2011 2:21 PM Syntax router-id router-id • router-id — Router OSPF identifier. (Range: 0-4294967295) Default Configuration This command has no default configuration. Command Mode Router OSPFv3 Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets a 4-digit dotted-decimal number identifying the Router OSPF ID as 2.3.4.5. console(config)#ipv6 router ospf console(config-rtr)#router-id 2.3.4.
2CSPC4.XModular-SWUM201.book Page 1281 Monday, October 3, 2011 2:21 PM User Guidelines Some of the information below displays only if you enable OSPF and configure certain features. The following fields may be displayed: Field Description Router ID A 32-bit integer in dotted decimal format identifying the router about which information is displayed. This is a configured value. OSPF Admin Mode Shows whether OSPF is administratively enabled or disabled.
2CSPC4.XModular-SWUM201.book Page 1282 Monday, October 3, 2011 2:21 PM ABR Status Shows whether the router is an OSPF Area Border Router. ASBR Status Indicates whether the router is an autonomous system border router. Router automatically becomes an ASBR when it is configured to redistribute routes learned from another protocol.
2CSPC4.XModular-SWUM201.book Page 1283 Monday, October 3, 2011 2:21 PM Maximum Number The maximum number of entries that can be on neighbors’ of Retransmit retransmit lists at any given time. This is the sum for all Entries neighbors. When OSPF receives an LSA and cannot allocate a new retransmit list entry, the router does not acknowledge the LSA, expecting the sender to retransmit.
2CSPC4.XModular-SWUM201.book Page 1284 Monday, October 3, 2011 2:21 PM console#show ipv6 ospf Router ID...................................... 0.0.0.2 OSPF Admin Mode................................ Enable ASBR Mode...................................... Disable ABR Status..................................... Disable Exit Overflow Interval......................... 0 External LSA Count............................. 0 External LSA Checksum.......................... 0 New LSAs Originated.........................
2CSPC4.XModular-SWUM201.book Page 1285 Monday, October 3, 2011 2:21 PM Command Mode User EXEC mode. User Guidelines This command has no user guidelines. Example console#show ipv6 ospf abr Type Router Id ---- -------- Cost ---- Area ID Next Hop -------- Next Hop Intf ----------------------- ----- INTRA 3.3.3.3 10 0.0.0.1 FE80::211:88FF:FE2A:3CB3 vlan11 INTRA 4.4.4.4 10 0.0.0.
2CSPC4.XModular-SWUM201.book Page 1286 Monday, October 3, 2011 2:21 PM Example The following example displays information about area 1. console#show ipv6 ospf area 1 AreaID........................................ 0.0.0.1 External Routing.............................. Import External LSAs Spf Runs...................................... 0 Area Border Router Count...................... 0 Area LSA Count................................ 0 Area LSA Checksum............................. 0 Stub Mode.................
2CSPC4.XModular-SWUM201.book Page 1287 Monday, October 3, 2011 2:21 PM INTRA 4.4.4.4 10 0.0.0.1 FE80::210:18FF:FE82:8E1 vlan12 show ipv6 ospf border-routers Use the show ipv6 ospf command to display internal OSPFv3 routes to reach Area Border Routers (ABR) and Autonomous System Boundary Routers (ASBR). This command takes no options. Syntax show ipv6 ospf border-routers Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 1288 Monday, October 3, 2011 2:21 PM • nssa-external — Displays NSSA external LSAs. • prefix — Displays intra-area Prefix LSA. • router — Displays router LSAs. • unknown — Displays unknown area, AS or link-scope LSAs. • link-state-id — Specifies a valid link state identifier (LSID). • adv-router — Shows the LSAs that are restricted by the advertising router. • router-id — Specifies a valid router identifier.
2CSPC4.XModular-SWUM201.book Page 1289 Monday, October 3, 2011 2:21 PM Inter Network States (Area 0.0.0.0) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------1.1.1.1 1 323 80000001 3970 2.2.2.2 1 322 80000001 1B8A 1.1.1.1 2 293 80000001 3529 2.2.2.2 2 375 80000001 FC5E Link States (Area 0.0.0.0) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------1.1.
2CSPC4.XModular-SWUM201.book Page 1290 Monday, October 3, 2011 2:21 PM Inter Network States (Area 0.0.0.1) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------1.1.1.1 16 4 80000001 CA7C 2.2.2.2 18 3 80000001 B28D Link States (Area 0.0.0.1) Adv Router Link Id Age Sequence Csum Options Rtr Opt -------------- --------------- ----- -------- ---- ------- ------1.1.1.1 634 441 80000003 B877 V6E--R- 2.2.2.
2CSPC4.XModular-SWUM201.book Page 1291 Monday, October 3, 2011 2:21 PM Command Mode User EXEC, Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays the number of each type of LSA in the database and the total number of LSAs in the database. console#show ipv6 ospf database database-summary OSPF Router with ID (0.0.0.2) Router database summary Router......................................... 0 Network........................................
2CSPC4.XModular-SWUM201.book Page 1292 Monday, October 3, 2011 2:21 PM Syntax show ipv6 ospf interface [interface-type interface-number] Syntax Description Parameter Description interface-type The interface type, VLAN, tunnel or loopback interface-number The valid interface number, a valid VLAN ID, tunnel identifier (Range: 0–7) or loopback identifier (Range: 0–7). Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1293 Monday, October 3, 2011 2:21 PM Iftransit Delay Interval....................... 1 Authentication Type............................ None Metric Cost.................................... 10 (computed) OSPF Mtu-ignore................................ Disable OSPF cannot be initialized on this interface.
2CSPC4.XModular-SWUM201.book Page 1294 Monday, October 3, 2011 2:21 PM show ipv6 ospf interface stats Use the show ipv6 ospf interface stats command in User EXEC mode to display the statistics for a specific interface. The command only displays information if OSPF is enabled. Syntax show ipv6 ospf interface stats vlan vlan-id • vlan-id — Valid VLAN ID. Default Configuration This command has no default configuration. Command Mode User EXEC mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1295 Monday, October 3, 2011 2:21 PM LSAs Received.................................. 660 Originate New LSAs............................. 853 Sent Packets................................... 1013 Received Packets............................... 893 Discards....................................... 48 Bad Version.................................... 0 Virtual Link Not Found......................... 9 Area Mismatch.................................. 39 Invalid Destination Address..
2CSPC4.XModular-SWUM201.book Page 1296 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays ospf interface vlan information. console#show ipv6 ospf interface vlan 10 IPv6 Address............................. FE80::2FC:E3FF:FE90:44 ifIndex.................................. 634 OSPF Admin Mode.......................... Enable OSPF Area ID............................. 0.0.0.1 Router Priority............
2CSPC4.XModular-SWUM201.book Page 1297 Monday, October 3, 2011 2:21 PM show ipv6 ospf neighbor Use the show ipv6 ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors. If a neighbor IP address is not specified, the output displays summary information in a table. If an interface or tunnel is specified, only the information for that interface or tunnel displays. The information below only displays if OSPF is enabled and the interface has a neighbor.
2CSPC4.XModular-SWUM201.book Page 1298 Monday, October 3, 2011 2:21 PM ID --------- -------- ---- ----------- Time ------------- ---- console#show ipv6 ospf neighbor interface tunnel 1 IP Address..................................... Err ifIndex........................................ 619 OSPF Admin Mode................................ Enable OSPF Area ID................................... 0.0.0.0 Router Priority................................ 1 Retransmit Interval............................
2CSPC4.XModular-SWUM201.book Page 1299 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information about the area ranges for area 1.
2CSPC4.XModular-SWUM201.book Page 1300 Monday, October 3, 2011 2:21 PM ------------ ------------0.0.0.10 ---------- Normal ----------------- 1 Enable show ipv6 ospf virtual-links Use the show ipv6 ospf virtual-links command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor or for all areas in the system.
2CSPC4.XModular-SWUM201.book Page 1301 Monday, October 3, 2011 2:21 PM Metric......................................... 10 Neighbor State................................. Full show ipv6 ospf virtual-link brief Use the show ipv6 ospf virtual-link brief command in Privileged EXEC mode to display the OSPFV3 Virtual Interface information for all areas in the system. Syntax show ipv6 ospf virtual-link brief Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1303 Monday, October 3, 2011 2:21 PM Router Discovery Protocol Commands 56 Routers can be configured to periodically send router discovery messages to announce their presence to locally attached hosts. The router discovery message advertises one or more IP addresses on the router that hosts can use as their default gateway.
2CSPC4.XModular-SWUM201.book Page 1304 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description multicast Configure the address that the interface uses to send the router discovery advertisements to be 224.0.0.1, the all-hosts IP multicast address. Use the no form of the command to use 255.255.255.255, the limited broadcast address. holdtime seconds Integer value in seconds of the the holdtime field of the router advertisement sent from this interface.
2CSPC4.XModular-SWUM201.book Page 1305 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example enables router discovery on the selected interface. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp ip irdp address Use the ip irdp address command in Interface Configuration mode to configure the address that the interface uses to send the router discovery advertisements.
2CSPC4.XModular-SWUM201.book Page 1306 Monday, October 3, 2011 2:21 PM Example The following example sets the limited broadcast address as the IP address for router discovery advertisements. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp address 255.255.255.255 ip irdp holdtime Use the ip irdp holdtime command in Interface Configuration mode to configure the value, in seconds, of the holdtime field of the router advertisement sent from this interface.
2CSPC4.XModular-SWUM201.book Page 1307 Monday, October 3, 2011 2:21 PM console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp holdtime 2000 ip irdp maxadvertinterval Use the ip irdp maxadvertinterval command in Interface Configuration mode to configure the maximum time, in seconds, allowed between sending router advertisements from the interface. Use the no form of the command to set the time to the default value.
2CSPC4.XModular-SWUM201.book Page 1308 Monday, October 3, 2011 2:21 PM Example The following example sets maximum advertisement interval at 600 seconds for VLAN 15. console(config)#interface vlan 15 console(config-if-vlan15)#ip irdp maxadvertinterval 600 ip irdp minadvertinterval Use the ip irdp minadvertinterval command in Interface Configuration mode to configure the minimum time, in seconds, allowed between sending router advertisements from the interface.
2CSPC4.XModular-SWUM201.book Page 1309 Monday, October 3, 2011 2:21 PM console(config-if-vlan15)#ip irdp minadvertinterval 100 ip irdp multicast To send router advertisements as IP multicast packets, use the ip irdp multicast command in Interface Configuration mode. To send router advertisements to the limited broadcast address (255.255.255.255), use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1310 Monday, October 3, 2011 2:21 PM ip irdp preference Use the ip irdp preference command in Interface Configuration mode to configure the preference of the address as a default router address relative to other router addresses on the same subnet. Use the no form of the command to set the preference to the default value.
2CSPC4.XModular-SWUM201.book Page 1311 Monday, October 3, 2011 2:21 PM • vlan-id — Valid VLAN ID Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example shows router discovery information for VLAN 15.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1313 Monday, October 3, 2011 2:21 PM Routing Information Protocol Commands 57 The Routing Information Protocol (RIP) has been a long-standing protocol used by routers for exchanging route information. RIP is a distance vector protocol whereby each route is characterized by the number of gateways, or hops, a packet must traverse to reach its intended destination. Categorized as an interior gateway protocol, RIP operates within the scope of an autonomous system.
2CSPC4.XModular-SWUM201.book Page 1314 Monday, October 3, 2011 2:21 PM no auto-summary Default Configuration Disabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#auto-summary default-information originate Use the default-information originate command in Router RIP Configuration mode to control the advertisement of default routes.
2CSPC4.XModular-SWUM201.book Page 1315 Monday, October 3, 2011 2:21 PM default-metric Use the default-metric command in Router RIP Configuration mode to set a default for the metric of distributed routes. Use the no form of the command to return the metric to the default value. Syntax default-metric number-value no default-metric • number-value — Metric for the distributed routes. (Range: 1-15) Default Configuration Default metric is not configured by default.
2CSPC4.XModular-SWUM201.book Page 1316 Monday, October 3, 2011 2:21 PM • integer — RIP route preference. (Range: 1-255) Default Configuration 15 is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example The following example sets the route preference value of RIP in the router at 100.
2CSPC4.XModular-SWUM201.book Page 1317 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example The following example elects access list ACL40 to filter routes received from the source protocol.
2CSPC4.XModular-SWUM201.book Page 1318 Monday, October 3, 2011 2:21 PM Example console(config-router)#enable hostroutesaccept Use the hostroutesaccept command in Router RIP Configuration mode to enable the RIP hostroutesaccept mode. Use the no form of the command to disable the RIP hostroutesaccept mode. Syntax hostroutesaccept no hostroutesaccept Default Configuration Enabled is the default configuration. Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1319 Monday, October 3, 2011 2:21 PM Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example console(config-if-vlan2)#ip rip console(config-if-vlan2)#no ip rip ip rip authentication Use the ip rip authentication command in Interface Configuration Mode to set the RIP Version 2 Authentication Type and Key for the specified VLAN.
2CSPC4.XModular-SWUM201.book Page 1320 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the RIP Version 2 Authentication Type and Key for VLAN 11.
2CSPC4.XModular-SWUM201.book Page 1321 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example allows no RIP control packets to be received by VLAN 11. console(config-if-vlan11)#ip rip receive version none ip rip send version Use the ip rip sent version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version to be sent.
2CSPC4.XModular-SWUM201.book Page 1322 Monday, October 3, 2011 2:21 PM Example The following example allows no RIP control packets to be sent by VLAN 11. console(config-if-vlan11)#ip rip send version none redistribute The redistribute command configures RIP protocol to redistribute routes from the specified source protocol/routers. If the source protocol is OSPF, there are five possible match options.
2CSPC4.XModular-SWUM201.book Page 1323 Monday, October 3, 2011 2:21 PM Command Mode Router RIP Configuration mode. User Guidelines This command has no user guidelines. Example console(config-router)#redistribute ospf metric 10 match nssa-external 1 console(config-router)#redistribute connected metric 1 router rip Use the router rip command in Global Configuration mode to enter Router RIP mode. Syntax router rip Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1324 Monday, October 3, 2011 2:21 PM show ip rip Use the show ip rip command in Privileged EXEC mode to display information relevant to the RIP router. Syntax show ip rip Default Configuration The command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays information relevant to the RIP router. console#show ip rip RIP Admin Mode.................................
2CSPC4.XModular-SWUM201.book Page 1325 Monday, October 3, 2011 2:21 PM Metric......................................... 10 Match Value.................................... 'nssa-external 1' Distribute List................................ Not configured show ip rip interface Use the show ip rip interface command in Privileged EXEC mode to display information related to a particular RIP interface. Syntax show ip rip interface vlan vlan-id • vlan-id — Valid VLAN ID.
2CSPC4.XModular-SWUM201.book Page 1326 Monday, October 3, 2011 2:21 PM Authentication Key............................. "pass123" Authentication Key ID.......................... 35 Bad Packets Received........................... ----Bad Routes Received............................ ----Updates Sent................................... ----- show ip rip interface brief Use the show ip rip interface brief command in Privileged EXEC mode to display general information for each RIP interface.
2CSPC4.XModular-SWUM201.book Page 1327 Monday, October 3, 2011 2:21 PM split-horizon Use the split-horizon command in Router RIP Configuration mode to set the RIP split horizon mode. Use the no form of the command to return the mode to the default value. Syntax split-horizon {none | simple | poison} no split-horizon • none — RIP does not use split horizon to avoid routing loops. • simple — RIP uses split horizon to avoid routing loops.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1329 Monday, October 3, 2011 2:21 PM Tunnel Interface Commands 58 PowerConnect provides for the creation, deletion, and management of tunnel interfaces. They are dynamic interfaces that are created and deleted by user configuration. Tunnel interfaces are used for the following purposes. • IPv4 tunnels • IPv6 tunnels Each router interface (port or VLAN interface) may have associated tunnel interfaces. Each interface can have multiple tunnel interfaces.
2CSPC4.XModular-SWUM201.book Page 1330 Monday, October 3, 2011 2:21 PM interface tunnel Use the interface tunnel command in Global Configuration mode to enter the interface configuration mode for a tunnel. Syntax interface tunnel tunnel-id no interface tunnel tunnel-id • tunnel-id — Tunnel identifier. (Range: 0–7) Default Configuration This command has no default configuration. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1331 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Examples The following examples show the parameters related to an individual tunnel and to all tunnel interfaces. console#show interfaces tunnel 1 Interface Link Status.......................... down MTU size.......................................
2CSPC4.XModular-SWUM201.book Page 1332 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (Tunnel) mode. User Guidelines This command has no user guidelines. Example The following example specifies the destination transport address of tunnel 1. console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel destination 10.1.1.1 tunnel mode ipv6ip Use the tunnel mode ipv6ip command in Interface Configuration mode to specify the mode of the tunnel.
2CSPC4.XModular-SWUM201.book Page 1333 Monday, October 3, 2011 2:21 PM console(config)#interface tunnel 1 console(config-if-tunnel1)#tunnel mode ipv6ip console(config-if-tunnel1)#tunnel mode ipv6ip 6to4 tunnel source Use the tunnel source command in Interface Configuration mode to specify the source transport address of the tunnel, either explicitly or by reference to an interface.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1335 Monday, October 3, 2011 2:21 PM 59 Virtual Router Redundancy Protocol Commands An end station running IP needs to know the address of its first hop router. While some network administrators choose to install dynamic router discovery protocols such as DHCP, others prefer to statically allocate router addresses. If the router identified by such a statically allocated address goes down, the end station loses connectivity.
2CSPC4.XModular-SWUM201.book Page 1336 Monday, October 3, 2011 2:21 PM RFC defines a new configuration option that allows the router to accept any packet sent to a VRRP address, regardless of whether the VRRP Master is the address owner. The Pingable VRRP Interface feature, when enabled, allows the VRRP master to respond to both fragmented and unfragmented ICMP echo requests packets destined to a VRRP address (or addresses). A virtual router in backup state discards these.
2CSPC4.XModular-SWUM201.book Page 1337 Monday, October 3, 2011 2:21 PM Interface Tracking For interface tracking, VRRP is a routing event client. When a routing interface goes up or down (or routing is disabled globally, implying all routing interfaces are down), VRRP checks if the interface is tracked. If so, it adjusts the priority. Interface tracking is useful for tracking interfaces that are not configured for VRRP. Only IP interfaces are tracked.
2CSPC4.XModular-SWUM201.book Page 1338 Monday, October 3, 2011 2:21 PM Virtual Router Redundancy Protocol Commands ip vrrp Use the ip vrrp command in Global Configuration mode to enable the administrative mode of VRRP for the router. Use the no form of the command to disable the administrative mode of VRRP for the router. Syntax ip vrrp no ip vrrp Default Configuration VRRP is disabled by default. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1339 Monday, October 3, 2011 2:21 PM • vrid — Virtual router identification. (Range: 1-255) Default Configuration The default configuration is disabled. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. vrrp authentication Use the vrrp authentication command in Interface Configuration mode to set the authentication details value for the virtual router configured on a specified interface.
2CSPC4.XModular-SWUM201.book Page 1340 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the authorization details value for VRRP router group 5 on VLAN 15.
2CSPC4.XModular-SWUM201.book Page 1341 Monday, October 3, 2011 2:21 PM User Guidelines Descriptions containing spaces must be wrapped with quotes. Example The following example creates virtual router group 5 on VLAN 15 and configures its description.
2CSPC4.XModular-SWUM201.book Page 1342 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines The virtual router IP addresses must be on the local subnet configured on the VLAN. To configure vrrp, perform the following steps: 1 Enable ip routing in global configuration mode. 2 Enable ip vrrp globally. 3 Set an IP address on the desired interface where VRRP is to be configured. 4 Configure the VRRP group ID on the selected interface.
2CSPC4.XModular-SWUM201.book Page 1343 Monday, October 3, 2011 2:21 PM Syntax vrrp vr-id mode no vrrp vr-id mode • vr-id — The virtual router identifier. (Range: 1-255) Default Configuration Disabled is the default configuration. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example enables the virtual router for VLAN 15.
2CSPC4.XModular-SWUM201.book Page 1344 Monday, October 3, 2011 2:21 PM Parameter Description seconds The number of seconds the VRRP router will wait before issuing an advertisement claiming master ownership. Default Configuration Enabled is the default configuration. Delay defaults to 0 seconds. Command Mode Interface Configuration (VLAN) mode. User Guidelines As per the VRRP RFC, when preemption is enabled, the backup router discards the advertisements until the masterdowntimer starts.
2CSPC4.XModular-SWUM201.book Page 1345 Monday, October 3, 2011 2:21 PM • level — Priority value for the interface. (Range: 1-254) Default Configuration Priority has a default value of 100. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the priority value for the virtual router 5 on VLAN 15.
2CSPC4.XModular-SWUM201.book Page 1346 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. Example The following example sets the frequency at which the VLAN 15 virtual router 5 sends a virtual router advertisement.
2CSPC4.XModular-SWUM201.book Page 1347 Monday, October 3, 2011 2:21 PM Example The following configures VLAN 15 virtual router to learn the advertisement interval used by the master virtual router. console(config-if-vlan15)#vrrp 5 timers learn vrrp track interface Use the vrrp track interface command in Interface Configuration mode to alter the priority of the VRRP router based on the availability of its interfaces. It is useful for tracking interfaces that are not configured for VRRP.
2CSPC4.XModular-SWUM201.book Page 1348 Monday, October 3, 2011 2:21 PM Syntax Description Parameter Description group The virtual router identifier. (Range: 1-255) vlan vlan-id Valid VLAN ID. Priority decrement value for the tracked interface. (Range: 1- priority 254) Default Configuration No interfaces are tracked. The default decrement priority is 10. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1349 Monday, October 3, 2011 2:21 PM Use the no form of this command to remove the route from the tracked list or to restore the priority decrement to its default. When removing a tracked IP route from the tracked list, priority should be incremented by the decrement value if the route is not reachable.
2CSPC4.XModular-SWUM201.book Page 1350 Monday, October 3, 2011 2:21 PM show vrrp Use the show vrrp command in User EXEC or Privileged EXEC mode to display the global VRRP configuration and status as well as the brief or detailed status of one or all VRRP groups. Syntax show vrrp [brief | group] Syntax Description Parameter Description group The virtual router group identifier. Range 1-255. brief Provide a summary view of the VRRP group information.
2CSPC4.XModular-SWUM201.book Page 1351 Monday, October 3, 2011 2:21 PM Vlan 7 – Group 1 Primary IP Address............................. 192.168.5.55 VMAC Address................................... 0000.5E00.0101 Authentication Type............................ None Priority....................................... 60 Configured Priority............................ 100 Advertisement Interval (secs).................. 10 Accept Mode.................................... Enable Pre-empt Mode........................
2CSPC4.XModular-SWUM201.book Page 1352 Monday, October 3, 2011 2:21 PM Track Route Reachable ......................... False Track Route DecrementPriority ................. 20 Vlan 7 – Group 2 Primary IP Address............................. 192.168.5.65 VMAC Address................................... 0000.5E00.0202 Authentication Type............................ None Priority....................................... 60 Configured Priority............................ 100 Advertisement Interval (secs).......
2CSPC4.XModular-SWUM201.book Page 1353 Monday, October 3, 2011 2:21 PM Track Route (pfx/len) ......................... 10.10.10.0/24 Track Route Reachable ......................... False Track Route DecrementPriority ................. 20 console#show vrrp brief Interface Grp Prio IP Address Mode State --------- --- ---- -------------- ------ ------------ V1 1 2 60 0.0.0.0 Disable Initialize V1 2 5 70 192.168.5.
2CSPC4.XModular-SWUM201.book Page 1354 Monday, October 3, 2011 2:21 PM Command Mode User EXEC, Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the VLAN 15 virtual router. console#show vrrp interface vlan 7 Vlan 7 – Group 1 Primary IP Address........................... 192.168.5.55 VMAC Address................................ 0000.5E00.0101 Authentication Type............................ None Priority....
2CSPC4.XModular-SWUM201.book Page 1355 Monday, October 3, 2011 2:21 PM vlan2 5 192.168.5.55 Enable Initialize The following example displays all statistical information about the VLAN 15 virtual router. console#show vrrp interface vlan 15 stats Vlan 15 – Group 5 UpTime........................... 0 days 0 hrs 0 mins 0 secs Protocol....................................... IP State Transitioned to Master................... 0 Advertisement Received......................... 0 Advertisement Interval Errors..
2CSPC4.XModular-SWUM201.book Page 1356 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the virtual router on the selected interface. console#show vrrp interface brief Interface VRID IP Address Mode --------- ---- -------------- ------ State ------------ vlan1 2 0.0.0.0 Disable Initialize vlan2 5 192.168.5.
2CSPC4.XModular-SWUM201.book Page 1357 Monday, October 3, 2011 2:21 PM Example The following example displays all statistical information about the VLAN 15 virtual router. console#show vrrp interface stats vlan 15 5 UpTime..................... 0 days 0 hrs 0 mins 0 secs Protocol....................................... IP State Transitioned to Master................... 0 Advertisement Received......................... 0 Advertisement Interval Errors.................. 0 Authentication Failure.................
2CSPC4.XModular-SWUM201.book Page 1358 Monday, October 3, 2011 2:21 PM no vrrp vrid accept-mode • vrid — Virtual router identification. (Range: 1-255) Default Configuration The default configuration is disabled. Command Mode Interface Configuration (VLAN) mode. User Guidelines This command has no user guidelines. show ip vrrp interface Use the show ip vrrp interface command in User EXEC or Privileged EXEC mode to display the configured value for Accept Mode.
2CSPC4.XModular-SWUM201.book Page 1359 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays all configuration information about the VLAN 15 virtual router. console#show ip vrrp interface vlan2 1 Primary IP Address........................... 10.10.10.1 VMAC Address............................. 00:00:5E:00:01:01 Authentication Type............................ None Priority....................................... 100 Configured Priority...
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1363 Monday, October 3, 2011 2:21 PM Auto-Install Commands 61 Auto-Install provides automatic update of the image and configuration of PowerConnect devices on boot up from a TFTP server as controlled by received DHCP options. It plays a critical role in the PowerConnect offering of touchless or low-touch provisioning, in which configuration and imaging of a device is greatly simplified.
2CSPC4.XModular-SWUM201.book Page 1364 Monday, October 3, 2011 2:21 PM 4 Support for the Auto-Install process from a TFTP server operationally enabling the DHCP client on designated management interfaces during the Auto-Install process. The end user configuration remains unchanged. Management interfaces include the service port or routing interfaces in a saved config.
2CSPC4.XModular-SWUM201.book Page 1365 Monday, October 3, 2011 2:21 PM Command Mode Global Config User Guidelines This command has no user guidelines. boot auto-copy-sw allow-downgrade Use the boot auto-copy-sw allow-downgrade command in Privileged EXEC mode to enable downgrading the firmware version on the stack member if the firmware version on the manager is older than the firmware version on the member. Use the no form of the command to disable downgrading the image.
2CSPC4.XModular-SWUM201.book Page 1366 Monday, October 3, 2011 2:21 PM boot host autoreboot Use the boot host autoreboot command in Global Configuration mode to enable rebooting the device (no administrative intervention) when the autoimage is successfully downloaded. Use the no form of this command to disable rebooting the device (no administrative intervention) when the autoimage is successfully downloaded.
2CSPC4.XModular-SWUM201.book Page 1367 Monday, October 3, 2011 2:21 PM boot host autosave Use the boot host autosave command in Global Configuration mode to enable automatically saving the downloaded configuration on the switch. Use the no form of this command to disable automatically saving the downloaded configuration on the switch. Syntax boot host autosave no boot host autosave Parameter Description This command does not require a parameter description.
2CSPC4.XModular-SWUM201.book Page 1368 Monday, October 3, 2011 2:21 PM Install process is triggered. Use the no form of this command to disable AutoInstall on the next reboot if the reboot occurs with a saved startup configuration. If you give this command while the Auto-Install process is running, the Auto-Install process terminates. The Auto-Install process has an internal timer that retries failed installations for ten minutes.
2CSPC4.XModular-SWUM201.book Page 1369 Monday, October 3, 2011 2:21 PM Syntax boot host retrycount count no boot host retrycount • count —The number of attempts to download a configuration (Range: 1–6). Default Configuration The default number of configuration download attempts is three.
2CSPC4.XModular-SWUM201.book Page 1370 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines The show switch command also displays the switch firmware synchronization status.
2CSPC4.XModular-SWUM201.book Page 1371 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1373 Monday, October 3, 2011 2:21 PM Captive Portal Commands 62 The Captive Portal feature is a software implementation that blocks both wired and wireless clients from accessing the network until user verification has been established. Verification can be configured to allow access for both guest and authenticated users. Authenticated users must be validated against a database of authorized Captive Portal users before access is granted.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1375 Monday, October 3, 2011 2:21 PM Captive Portal Global Commands authentication timeout Use the authentication timeout command to configure the authentication timeout. If the user does not enter valid credentials within this time limit, the authentication page needs to be served again in order for the client to gain access to the network. Use the “no” form of this command to reset the authentication timeout to the default.
2CSPC4.XModular-SWUM201.book Page 1376 Monday, October 3, 2011 2:21 PM Syntax captive-portal Default Configuration There is no default configuration for this command. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example console(config)#captive-portal console(config-CP)# enable Use the enable command to globally enable captive portal. Use the “no” form of this command to globally disable captive portal.
2CSPC4.XModular-SWUM201.book Page 1377 Monday, October 3, 2011 2:21 PM Example console(config-CP)#enable http port Use the http port command to configure an additional HTTP port for captive portal to monitor. Use the “no” form of this command to remove the additional HTTP port from monitoring. Syntax http port port-num no http port • port-num —The port number to monitor (Range: 1–65535). Default Configuration Captive portal only monitors port 80 by default.
2CSPC4.XModular-SWUM201.book Page 1378 Monday, October 3, 2011 2:21 PM no https port • port-num —The port number to monitor (Range: 1–65535). Default Configuration Captive portal only monitors port 443 by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1379 Monday, October 3, 2011 2:21 PM Example console#show captive-portal Administrative Mode....................... Disabled Operational Status........................ Disabled Disable Reason................ Administrator Disabled Captive Portal IP Address................. 1.2.3.4 show captive-portal status Use the show captive-portal status command to report the status of all captive portal instances in the system.
2CSPC4.XModular-SWUM201.book Page 1380 Monday, October 3, 2011 2:21 PM Configured Captive Portals..................... 1 Active Captive Portals......................... 0 Local Supported Users.......................... 128 Configured Local Users......................... 3 System Supported Users......................... 1024 Authenticated Users............................ 0 Captive Portal Configuration Commands The commands in this section are related to captive portal configurations.
2CSPC4.XModular-SWUM201.book Page 1381 Monday, October 3, 2011 2:21 PM configuration Use the configuration command to enter the captive portal instance mode. The captive portal configuration identified by CP ID 1 is the default CP configuration. The system supports a total of ten CP configurations. Use the “no” form of this command to delete a configuration. The default configuration (1) cannot be deleted. Syntax configuration cp-id no configuration cp-id • cp-id —Captive Portal ID (Range: 1–10).
2CSPC4.XModular-SWUM201.book Page 1382 Monday, October 3, 2011 2:21 PM Default Configuration Configurations are enabled by default Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#no enable group Use the group command to configure the group number for a captive portal configuration.
2CSPC4.XModular-SWUM201.book Page 1383 Monday, October 3, 2011 2:21 PM Example console(config-CP 2)#group 2 interface Use the interface command to associate an interface with a captive portal configuration. Use the “no” form of this command to remove an association. Syntax interface interface no interface interface interface —An interface or range of interfaces. Default Configuration No interfaces are associated with a configuration by default. Command Mode Captive Portal Instance Config mode.
2CSPC4.XModular-SWUM201.book Page 1384 Monday, October 3, 2011 2:21 PM • web-id — The locale number (Range: Only locale 1 is supported) Default Configuration Locale 1 is configured by default. Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command. name (Captive Portal) Use the name command to configure the name for a captive portal configuration. Use the “no” form of this command to remove a configuration name.
2CSPC4.XModular-SWUM201.book Page 1385 Monday, October 3, 2011 2:21 PM protocol Use the protocol command to configure the protocol mode for a captive portal configuration. Syntax protocol { http | https } Default Configuration The default protocols mode is https. Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1386 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#redirect redirect-url Use the redirect-url command to configure the redirect URL for a captive portal configuration. Syntax redirect-url url • url —The URL for redirection (Range: 1–512 characters). Default Configuration There is no redirect URL configured by default. Command Mode Captive Portal Instance mode.
2CSPC4.XModular-SWUM201.book Page 1387 Monday, October 3, 2011 2:21 PM no session-timeout • timeout —Session timeout. 0 indicates timeout not enforced (Range: 0–86400 seconds). Default Configuration There is no session timeout by default. Command Mode Captive Portal Instance mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1388 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-CP 2)#verification local Captive Portal Client Connection Commands captive-portal client deauthenticate Use the captive-portal client deauthenticate command to deauthenticate a specific captive portal client. Syntax captive-portal client deauthenticate macaddr • macaddr — Client MAC address.
2CSPC4.XModular-SWUM201.book Page 1389 Monday, October 3, 2011 2:21 PM Syntax show captive-portal client [ macaddr ] status • macaddr — Client MAC address. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1390 Monday, October 3, 2011 2:21 PM Syntax show captive-portal configuration [ cp-id ] client status cp-id —Captive Portal ID. • Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1391 Monday, October 3, 2011 2:21 PM Syntax show captive-portal interface {gigabitethernet unit/slot/port | tengigabitethernet unit/slot/port} client status Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1392 Monday, October 3, 2011 2:21 PM Captive Portal Interface Commands show captive-portal interface configuration status Use the show captive-portal interface configuration status command to display the interface to configuration assignments for all captive portal configurations or for a specific configuration. Syntax show captive-portal interface configuration [ cp-id ] status • cp-id —Captive Portal ID.
2CSPC4.XModular-SWUM201.book Page 1393 Monday, October 3, 2011 2:21 PM Captive Portal Local User Commands clear captive-portal users Use the clear captive-portal users command to delete all captive portal user entries. Syntax clear captive-portal users Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1394 Monday, October 3, 2011 2:21 PM Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command. Example console(config-CP)#no user 1 show captive-portal user Use the show captive-portal user command to display all configured users or a specific user in the captive portal local user database. Syntax show captive-portal user [ user-id ] • user-id — User ID (Range: 1–128).
2CSPC4.XModular-SWUM201.book Page 1395 Monday, October 3, 2011 2:21 PM 1 user123 14400 1 Default 2 user234 0 1 Default 2 group2 console#show captive-portal user 1 User ID........................................ 1 User Name...................................... user123 Password Configured............................ Yes Session Timeout................................
2CSPC4.XModular-SWUM201.book Page 1396 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-CP)#user 1 group 3 user-logout Use the user-logout command in Captive Portal Instance mode to enable captive portal users to log out of the portal (versus having the session time out). Use the no form of the command to return the user logout configuration to the default.
2CSPC4.XModular-SWUM201.book Page 1397 Monday, October 3, 2011 2:21 PM console(config-CP 1)#user-logout console(config-CP 1)#no user-logout user name Use the user name command to modify the user name for a local captive portal user. Syntax user user-id name name • user-id — User ID (Range: 1–128). • name — user name (Range: 1–32 characters). Default Configuration There is no name for a user by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1398 Monday, October 3, 2011 2:21 PM • enc-password —User password in encrypted form. Default Configuration There are no users configured by default. Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1399 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config-CP)#user 1 session-timeout 86400 console(config-CP)#no user 1 session-timeout Captive Portal Status Commands show captive-portal configuration Use the show captive-portal configuration command to display the operational status of each captive portal configuration. Syntax show captive-portal configuration cp-id cp-id —Captive Portal ID.
2CSPC4.XModular-SWUM201.book Page 1400 Monday, October 3, 2011 2:21 PM Configured Locales........................ 1 Authenticated Users....................... 0 show captive-portal configuration interface Use the show captive-portal configuration interface command to display information about all interfaces assigned to a captive portal configuration or about a specific interface assigned to a captive portal configuration.
2CSPC4.XModular-SWUM201.book Page 1401 Monday, October 3, 2011 2:21 PM console#show captive-portal configuration 1 interface 1/0/1 CP ID..................................... 1 CP Name................................... cp1 Interface................................. 1/0/1 Interface Description..................... Unit: 1 Slot: 0 Port: 1 Gigab... Operational Status........................ Disabled Disable Reason............................ Interface Not Attached Block Status..............................
2CSPC4.XModular-SWUM201.book Page 1402 Monday, October 3, 2011 2:21 PM show captive-portal configuration status Use the show captive-portal configuration status command to display information about all configured captive portal configurations or about a specific captive portal configuration. Syntax show captive-portal configuration [ cp-id ] status • cp-id —Captive Portal ID. Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 1403 Monday, October 3, 2011 2:21 PM Group Name..................................... group123 Redirect URL Mode.............................. Enabled Redirect URL................................... www.cnn.com Session Timeout (seconds)...................... 86400 Captive Portal User Group Commands user group Use the user group command to create a user group. Use the “no” form of this command to delete a user group. The default user group (1) cannot be deleted.
2CSPC4.XModular-SWUM201.book Page 1404 Monday, October 3, 2011 2:21 PM user group moveusers Use the user group moveusers command to move a group's users to a different group. Syntax user group group-id moveusers new-group-id • group-id — Group ID (Range: 1–10). • new-group-id —Group ID (Range: 1–10). Default Configuration There is no default configuration for this command. Command Mode Captive Portal Configuration mode User Guidelines The new group-id must already exist.
2CSPC4.XModular-SWUM201.book Page 1405 Monday, October 3, 2011 2:21 PM Command Mode Captive Portal Configuration mode. User Guidelines There are no user guidelines for this command.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1407 Monday, October 3, 2011 2:21 PM CLI Macro Commands 63 CLI Macros provides a convenient way to save and distribute common configurations. A CLI macro is a set of the CLI commands having a unique name. When a CLI macro is applied, the CLI commands contained within the macro are executed and added to the Running Configuration File. When the macro is applied to an interface, the existing configuration is not lost; the new commands are added configuration.
2CSPC4.XModular-SWUM201.book Page 1408 Monday, October 3, 2011 2:21 PM • profile-wireless, the interface configuration, used when connecting the switch and a wireless access point. • profile-compellent-nas, the interface configuration, used when connecting the switch to a Dell Compellent NAS.
2CSPC4.XModular-SWUM201.book Page 1409 Monday, October 3, 2011 2:21 PM Macro Default Definition default global :profile-global default interface :profile-desktop default interface :profile-phone default interface :profile-switch default interface :profile-router default interface :profile-wireless default global :profile-compellent-nas Command Mode Global Configuration mode User Guidelines Macros consist of text commands with one command per line.
2CSPC4.XModular-SWUM201.book Page 1410 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description macro-name The name of the macro. parameter The name of the parameter recognized by the macro. The parameter must begin with a dollar sign ($). value The string to be substituted within the macro for the specified parameter name. Default Configuration No parameters are substituted unless supplied on the command line.
2CSPC4.XModular-SWUM201.book Page 1411 Monday, October 3, 2011 2:21 PM Parameter Description value The string to be substituted within the macro for the specified parameter name. Default Configuration No parameters are substituted unless supplied on the command line. Command Mode Global Configuration mode User Guidelines The line number of the first error encountered is printed. The script is aborted after the first error. Commands applied are additive in nature.
2CSPC4.XModular-SWUM201.book Page 1412 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command is intended to give the administrator an easy way to remember which macros have been applied globally. All text up to the new line is included in the description. The line is appended to the global description. macro apply Use the macro apply command in Interface Configuration mode to apply a macro.
2CSPC4.XModular-SWUM201.book Page 1413 Monday, October 3, 2011 2:21 PM macro trace Use the macro trace command in Interface Configuration mode to apply and trace a macro. The command will display each line of the macro as it is executed and list any errors encountered. Syntax macro trace macro-name [parameter value] [parameter value][parameter value] no macro name name Parameter Description Parameter Description macro-name The name of the macro.
2CSPC4.XModular-SWUM201.book Page 1414 Monday, October 3, 2011 2:21 PM macro description Use the macro description command in Interface Configuration mode to append a line to the macro description. Use the no form of the command to clear the description. Syntax macro description line Parameter Description Parameter Description line The macro description. All text up to the new line is included in the description. Default Configuration There is no description by default.
2CSPC4.XModular-SWUM201.book Page 1415 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description brief Shows the list of defined macros and their type. description Shows the macro descriptions. name Shows an individual macro, including its contents. macro The name of the macro to display. interface-id The interface for which to show the macro description. Default Configuration No parameters are substituted unless supplied on the command line.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1417 Monday, October 3, 2011 2:21 PM 64 Clock Commands Real-time Clock The PowerConnect supports a real-time clock that maintains the system time across reboots. The system time is used to timestamp messages in the logging subsystem as well as for the application of time based ACLs. The administrator has the ability to configure and view the current time, time zone, and summer time settings. The earliest date that can be configured is Jan 1, 2010.
2CSPC4.XModular-SWUM201.book Page 1418 Monday, October 3, 2011 2:21 PM the link-local scoped IANA multicast address ff02::101 (reserved for SNTP) for server packets.The client logic to handle packet contents doesn’t change with support for IPv6 networks.
2CSPC4.XModular-SWUM201.book Page 1419 Monday, October 3, 2011 2:21 PM Example The following example displays the current SNTP configuration of the device. console#show sntp configuration Polling interval: 64 seconds MD5 Authentication keys: Authentication is not required for synchronization. Trusted keys: No trusted keys. Unicast clients: Disable Unicast servers: Server Key Polling Priority --------- ----------- ----------- ---------- 10.27.128.
2CSPC4.XModular-SWUM201.book Page 1420 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC User Guidelines This command has no user guidelines. Examples console#show sntp server Server Host Address: 2001::01 Server Type: IPv6 Server Stratum: 2 Server Reference Id: 158.108.96.
2CSPC4.XModular-SWUM201.book Page 1421 Monday, October 3, 2011 2:21 PM Last Update Status: Success Total Unicast Requests: 955 Failed Unicast Requests: 1 --More-- or (q)uit Host Address: 3.north-america.pool.ntp.
2CSPC4.XModular-SWUM201.book Page 1422 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Examples The following example shows the status of the SNTP. console#show sntp status Client Mode: Unicast Last Update Time: MAR 30 21:21:20 2009 Unicast servers: Server Status Last response --------- ----------- -------------------------- 192.168.0.
2CSPC4.XModular-SWUM201.book Page 1423 Monday, October 3, 2011 2:21 PM Example The following example, after defining the authentication key for SNTP, grants authentication. console(config)# sntp authentication-key 8 md5 ClkKey console(config)# sntp trusted-key 8 console(config)# sntp authenticate sntp authentication-key Use the sntp authentication-key command in Global Configuration mode to define an authentication key for Simple Network Time Protocol (SNTP).
2CSPC4.XModular-SWUM201.book Page 1424 Monday, October 3, 2011 2:21 PM console(config)# sntp authenticate sntp broadcast client enable Use the sntp broadcast client enable command in Global Configuration mode to enable a Simple Network Time Protocol (SNTP) Broadcast client. To disable an SNTP Broadcast client, use the no form of this command. Syntax sntp broadcast client enable no sntp broadcast client enable Default Configuration The SNTP Broadcast client is disabled.
2CSPC4.XModular-SWUM201.book Page 1425 Monday, October 3, 2011 2:21 PM • seconds — Polling interval. (Range: 64-1024 seconds, in powers of 2) Default Configuration The polling interval is 64 seconds. Command Mode Global Configuration mode User Guidelines If a user enters a value which is not an exact power of two, the nearest powerof-two value is applied. Example The following example sets the polling time for the Simple Network Time Protocol (SNTP) client to 1024 seconds.
2CSPC4.XModular-SWUM201.book Page 1426 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures the device to accept Simple Network Time Protocol (SNTP) traffic from the server at IP address 192.1.1.1. console(config)# sntp server 192.1.1.
2CSPC4.XModular-SWUM201.book Page 1427 Monday, October 3, 2011 2:21 PM User Guidelines This command is relevant for both received Unicast and Broadcast. Example The following defines SNTP trusted-key.
2CSPC4.XModular-SWUM201.book Page 1428 Monday, October 3, 2011 2:21 PM clock timezone hours-offset Use the clock timezone [ hours-offset ] [minutes minutes-offset] [zone acronym] command to set the offset to Coordinated Universal Time (UTC). If the optional parameters are not specified, they will be read as either '0' or '\0, as appropriate. Syntax clock timezone hours-offset [minutes minutes-offset] [zone acronym] • hours-offset — Hours difference from UTC.
2CSPC4.XModular-SWUM201.book Page 1429 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration User Guidelines This command has no specific user guidelines. Example console(config)#no clock timezone clock summer-time recurring Use the clock summer-time recurring {usa | eu | {week day month hh:mm week day month hh:mm}} [offset offset] [zone acronym] command to set the summertime offset to UTC recursively every year.
2CSPC4.XModular-SWUM201.book Page 1430 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration User Guidelines No specific guidelines Examples console(config)# clock summer-time recurring 1 sun jan 00:10 2 mon mar 10:00 offset 1 zone ABC clock summer-time date Use the clock summer-time date {date | month} {month | date} year hh:mm {date | month} {month | date} year hh:mm [offset offset] [zone acronym] command to set the summertime offset to UTC.
2CSPC4.XModular-SWUM201.book Page 1431 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration User Guidelines No specific guidelines Examples console(config)# clock summer-time date 1 Apr 2007 02:00 28 Oct 2007 offset 90 zone EST or console(config)# clock summer-time date Apr 1 2007 02:00 Oct 28 2007 offset 90 zone EST no clock summer-time Use the no clock summer-time command to reset the summertime configuration.
2CSPC4.XModular-SWUM201.book Page 1432 Monday, October 3, 2011 2:21 PM show clock Use the show clock command in Privileged EXEC or User EXEC mode to display the time and date from the system clock. Use the show clock detail command to show the time zone and summertime configuration. Syntax Description show clock [detail] Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1433 Monday, October 3, 2011 2:21 PM Acronym is PDT Recurring every year. Begins at first Sunday of April at 2:00. Ends at last Sunday of October at 2:00. Offset is 60 minutes.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1435 Monday, October 3, 2011 2:21 PM Command Line Configuration Scripting Commands 65 The Configuration Scripting feature allows the user to generate textformatted files representing the current system configuration. These configuration script files can be uploaded to a computer and edited, then downloaded to the system and applied to the system.
2CSPC4.XModular-SWUM201.book Page 1436 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example applies the config.scr script to the switch. console#script apply config.scr script delete Use the script delete command in Privileged EXEC mode to delete a specified script.
2CSPC4.XModular-SWUM201.book Page 1437 Monday, October 3, 2011 2:21 PM console#script delete all script list Use the script list command in Privileged EXEC mode to list all scripts present on the switch as well as the remaining available space. Syntax script list Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays all scripts present on the switch.
2CSPC4.XModular-SWUM201.book Page 1438 Monday, October 3, 2011 2:21 PM • scriptname — Name of the script file to be displayed. (Range: 1-31 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the contents of the script file config.scr. console#script show config.scr interface gigabitethernet 1/0/1 ip address 176.242.100.100 255.255.255.
2CSPC4.XModular-SWUM201.book Page 1439 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example validates the contents of the script file config.scr. console#script validate config.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1441 Monday, October 3, 2011 2:21 PM Configuration and Image File Commands 66 File System Commands CLI commands allow the user to show the contents of the current directory in the flash file system (dir command). These files may also be deleted from the flash using the delete command or renamed with the rename command. Also, the syntax of the copy command has been changed slightly to add additional flash targets and sources for the above commands.
2CSPC4.XModular-SWUM201.book Page 1442 Monday, October 3, 2011 2:21 PM delete backup-config show running-config delete backup-image show startup-config delete startup-config dir write erase boot system Use the boot system command in Privileged EXEC mode to specify the system image that the device loads at startup. Syntax boot system [unit-id][image1 | image2] • image1 | image2 — Image file.
2CSPC4.XModular-SWUM201.book Page 1443 Monday, October 3, 2011 2:21 PM Example The following example loads system image image1 for the next device startup. console# boot system image1 clear config Use the clear config command in Privileged EXEC mode to restore the switch to the default configuration. Syntax clear config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1444 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description source-url The location URL or or reserved keyword of the source file being copied. (Range: 1-160 characters.) List of valid source parameters for uploading from the switch: backup-config Uploads Backup Config file. image Uploads code file by xmodem or tftp. operational-log Uploads Operational Log file. running-config Copies system config file.
2CSPC4.XModular-SWUM201.book Page 1445 Monday, October 3, 2011 2:21 PM Parameter Description destinationurl The URL or reserved keyword of the destination file. (Range: 1-160 characters. List of valid destination parameters for downloading to the switch: backup-config Downloads config file using xmodem, sftp, or tftp. image Downloads code file by xmodem, ftp, sftp, or tftp. script Downloads configuration script by xmodem, sftp, or tftp. startup-config Downloads config file using xmodem or tftp.
2CSPC4.XModular-SWUM201.book Page 1446 Monday, October 3, 2011 2:21 PM The following table lists and describes reserved keywords. Reserved Keyword Description running-config Represents the current running configuration file. startup-config Represents the startup configuration file. startup-log Represents the startup syslog file. This can only be the source of a copy operation. operational-log Represents the operational syslog file. This can only be the source of a copy operation.
2CSPC4.XModular-SWUM201.book Page 1447 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines When copying files from the switch, match a source parameter with a destination URL. When copying to the switch, match a source URL to a destination parameter. FTP is only supported for image download to the switch. URLs may not exceed 160 characters in length, including filename, file path, hostname, ip address, user, and reserved keywords.
2CSPC4.XModular-SWUM201.book Page 1448 Monday, October 3, 2011 2:21 PM TFTP code transfer starting 9392640 bytes transferred... File contents are valid. File transfer operation completed successfully. console#show bootvar Image Descriptions image1 : default image image2 : Images currently available on Flash -----------------------------------------------------------------unit image1 image2 current-active next-active ------------------------------------------------------------------ 1 M.9.11.
2CSPC4.XModular-SWUM201.book Page 1449 Monday, October 3, 2011 2:21 PM Management access will be blocked for the duration of the transfer Are you sure you want to start? (y/n) y File transfer operation completed successfully. Validating and updating the users to the IAS users database. Updated IAS users database successfully. Example – USB copy operations console#copy usb://start-config startup-config console#copy operational-log usb://olog.txt console#copy usb://backup-config.
2CSPC4.XModular-SWUM201.book Page 1450 Monday, October 3, 2011 2:21 PM Example console#delete file1.scr Delete file1.scr (Y/N)?y delete backup-config Use the delete backup-config command in Privileged EXEC mode to delete the backup-config file. Syntax delete backup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example deletes the backup-config file.
2CSPC4.XModular-SWUM201.book Page 1451 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines NOTE: The active image cannote be deleted. Example The following example deletes test file in Flash memory. console#delete backup-image Delete: image2 (y/n)? delete startup-config Use the delete startup-config command in Privileged EXEC mode to delete the startup-config file.
2CSPC4.XModular-SWUM201.book Page 1452 Monday, October 3, 2011 2:21 PM console# delete startup-config Delete startup-config (y/n)? dir Use the dir command to print the contents of the flash file system. Syntax dir Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example console#dir 0 drwx 2048 Jan 13 2031 17:19:54 . 0 drwx 2048 Jan 10 2031 15:58:10 ..
2CSPC4.XModular-SWUM201.book Page 1453 Monday, October 3, 2011 2:21 PM erase Use the erase command to erase the startup configuration, the backup configuration, or the backup image. Syntax erase {startup-config | backup-image | backup-config} Syntax Description Parameter Description startup-config Erases the contents of the startup configuration file. backup-image Erase the backup image. backup-config Erases the backup configuration.
2CSPC4.XModular-SWUM201.book Page 1454 Monday, October 3, 2011 2:21 PM Default Configuration No description is attached to the file. Command Mode Privileged EXEC mode User Guidelines The description accepts any printable characters except a double quote or question mark. Enclose the string in double quotes to include spaces within the name. The surrounding quotes are not used as part of the description.
2CSPC4.XModular-SWUM201.book Page 1455 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console#rename file1.scr file2.scr show backup-config Use the show backup-config command in Privileged EXEC mode to display the contents of the backup configuration file. Syntax show backup-config Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1456 Monday, October 3, 2011 2:21 PM exit interface gigabitethernet 1/0/2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 exit show bootvar Use the show bootvar command in User EXEC mode to display the active system image file that the device loads at startup. Syntax show bootvar [unit ] • unit —Unit number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1457 Monday, October 3, 2011 2:21 PM Images currently available on Flash -----------------------------------------------------------------unit image1 image2 current-active next-active -----------------------------------------------------------------1 0.31.0.0 0.31.0.0 image2 image2 show running-config Use the show running-config command in Privileged EXEC mode to display the contents of the currently running configuration file, including banner configuration.
2CSPC4.XModular-SWUM201.book Page 1458 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console# show running-config ... line ssh no exec-banner exit line telnet no login-banner exit banner exec "===exec=====" banner login "===login=====" banner motd "===motd=====" exit show startup-config Use the show startup-config command in Privileged EXEC mode to display the startup configuration file contents.
2CSPC4.XModular-SWUM201.book Page 1459 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays the contents of the startup-config file. console#show startup-config 1 : !Current Configuration: 2 : !System Description "PowerConnect M8024, 1.0.0.0, VxWorks6.5" 3 : !System Software Version 1.0.0.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1461 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines If unit is not specified, all units are updated. Example The following example updates the bootcode on unit 2. console#update bootcode 2 write Use the write command to copy the running configuration image to the startup configuration. Syntax write Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1463 Monday, October 3, 2011 2:21 PM Denial of Service Commands 67 The following list shows the DoS attack detection PowerConnect supports. Some platforms do not support detection for all of the DoS attack types in the list. • SIP=DIP: – • First Fragment: – • • – TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and – TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and – TCP Sequence Number = 0 or TCP Flags SYN and FIN set.
2CSPC4.XModular-SWUM201.book Page 1464 Monday, October 3, 2011 2:21 PM • – TCP Flag SYN set and Source Port < 1024 or TCP Control Flags = 0 and – TCP Sequence Number = 0 or TCP Flags FIN, URG, and PSH set and – TCP Sequence Number = 0 or TCP Flags SYN and FIN set. TCP Offset: – • TCP SYN: – • TCP Flags FIN and URG and PSH set and TCP Sequence Number = 0. ICMP V6: – • TCP Flags SYN and FIN set. TCP FIN & URG & PSH: – • TCP Flag SYN set. TCP SYN & FIN: – • Checks for TCP header offset =1.
2CSPC4.XModular-SWUM201.book Page 1465 Monday, October 3, 2011 2:21 PM dos-control firstfrag Use the dos-control firstfrag command in Global Configuration mode to enable Minimum TCP Header Size Denial of Service protection. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having a TCP Header Size smaller than the configured value, the packets are dropped. Syntax dos-control firstfrag [size] no dos-control firstfrag • size —TCP header size.
2CSPC4.XModular-SWUM201.book Page 1466 Monday, October 3, 2011 2:21 PM Syntax dos-control icmp [size ] no dos-control icmp • size — Maximum ICMP packet size. (Range: 0-16376). If size is unspecified, the value is 512. Default Configuration Denial of Service is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates the Maximum ICMP Packet Denial of Service protection with a maximum packet size of 1023.
2CSPC4.XModular-SWUM201.book Page 1467 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates L4 Port Denial of Service protection. console(config)#dos-control l4port dos-control sipdip Use the dos-control sipdip command in Global Configuration mode to enable Source IP Address = Destination IP Address (SIP=DIP) Denial of Service protection.
2CSPC4.XModular-SWUM201.book Page 1468 Monday, October 3, 2011 2:21 PM dos-control tcpflag Use the dos-control tcpflag command in Global Configuration mode to enable TCP Flag Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack.
2CSPC4.XModular-SWUM201.book Page 1469 Monday, October 3, 2011 2:21 PM no dos-control tcpfrag Default Configuration Denial of Service is disabled. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example activates TCP Fragment Denial of Service protection. console(config)#dos-control tcpfrag ip icmp echo-reply Use the ip icmp echo-reply command to enable or disable the generation of ICMP Echo Reply messages.
2CSPC4.XModular-SWUM201.book Page 1470 Monday, October 3, 2011 2:21 PM Example console(config)#ip icmp echo-reply ip icmp error-interval Use the ip icmp error-interval command to limit the rate at which IPv4 ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst-size and burst-interval. To disable ICMP rate limiting, set burst-interval to zero. Use the no form of this command to return burst-interval and burst-size to their default values.
2CSPC4.XModular-SWUM201.book Page 1471 Monday, October 3, 2011 2:21 PM ip unreachables Use the ip unreachables command to enable the generation of ICMP Destination Unreachable messages. Use the no form of this command to prevent the generation of ICMP Destination Unreachable messages. Syntax ip unreachables no ip unreachables Default Configuration ICMP Destination Unreachable messages are enabled.
2CSPC4.XModular-SWUM201.book Page 1472 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example console(config-if-vlan10)#ip redirects ipv6 icmp error-interval Use the icmp error-interval command to limit the rate at which ICMP error messages are sent. The rate limit is configured as a token bucket with two configurable parameters: Burst-size and burst interval.
2CSPC4.XModular-SWUM201.book Page 1473 Monday, October 3, 2011 2:21 PM User Guidelines There are no user guidelines for this command. Example console(config)#ipv6 icmp error-interval 2000 20 ipv6 unreachables Use the ipv6 unreachables command to enable the generation of ICMPv6 Destination Unreachable messages. Use the no form of this command to prevent the generation of ICMPv6 Destination Unreachable messages.
2CSPC4.XModular-SWUM201.book Page 1474 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example The following example displays Denial of Service configuration information. console#show dos-control SIPDIP Mode...............................Disable First Fragment Mode.......................Disable Min TCP Hdr Size..........................20 TCP Fragment Mode.............
2CSPC4.XModular-SWUM201.book Page 1475 Monday, October 3, 2011 2:21 PM 68 Line Commands This chapter explains the following commands: exec-timeout line history show line history size speed Authentication commands related to line configuration mode are in AAA Commands. exec-timeout Use the exec-timeout command in Line Configuration mode to set the interval that the system waits for user input before timeout. The exectimeout command is also used by the web for timing out web sessions.
2CSPC4.XModular-SWUM201.book Page 1476 Monday, October 3, 2011 2:21 PM User Guidelines To specify no timeout, enter the exec-timeout 0 command. Example The following example configures the interval that the system waits until user input is detected to 20 minutes. console(config)#line console console(config-line)#exec-timeout 20 history Use the history command in Line Configuration mode to enable the command history function. To disable the command history function, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1477 Monday, October 3, 2011 2:21 PM history size Use the history size command in Line Configuration mode to change the command history buffer size for a particular line. To reset the command history buffer size to the default setting, use the no form of this command. Syntax history size number-of-commands no history size Parameter Description Parameter Description number-ofcommands Specifies the number of commands the system may record in its command history buffer.
2CSPC4.XModular-SWUM201.book Page 1478 Monday, October 3, 2011 2:21 PM Syntax line {console | telnet | ssh} • console — Console terminal line. • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH). Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines The default authentication list for telnet and SSH is enableNetList.
2CSPC4.XModular-SWUM201.book Page 1479 Monday, October 3, 2011 2:21 PM Syntax show line [console | telnet | ssh] • console — Console terminal line. • telnet — Virtual terminal for remote console access (Telnet). • ssh — Virtual terminal for secured remote console access (SSH). Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the line configuration.
2CSPC4.XModular-SWUM201.book Page 1480 Monday, October 3, 2011 2:21 PM Interactive timeout: 10 minutes 10 seconds History: 10 speed Use the speed command in Line Configuration mode to set the line baud rate. Use the no form of the command to restore the default settings. Syntax speed {bps} no speed • bps — Baud rate in bits per second (bps). The options are 2400, 9600, 19200, 38400, 57600, and 115200. Default Configuration This default speed is 9600.
2CSPC4.XModular-SWUM201.book Page 1481 Monday, October 3, 2011 2:21 PM Management ACL Commands 69 In order to ensure the security of the switch management features, the administrator may elect to configure a management access control list. The Management Access Control and Administration List (ACAL) component is used to ensure that only known and trusted devices are allowed to remotely manage the switch via TCP/IP. Management ACLs are only configurable on IP (in-band) interfaces, not on the service port.
2CSPC4.XModular-SWUM201.book Page 1482 Monday, October 3, 2011 2:21 PM deny (management) Use the deny command in Management Access-List Configuration mode to set conditions for the management access list.
2CSPC4.XModular-SWUM201.book Page 1483 Monday, October 3, 2011 2:21 PM User Guidelines Rules with gigabitethernet, tengigabitethernet, vlan, and port-channel parameters are valid only if an IP address is defined on the appropriate interface. Ensure that each rule has a unique priority. Example The following example shows how all ports are denied in the access-list called mlist.
2CSPC4.XModular-SWUM201.book Page 1484 Monday, October 3, 2011 2:21 PM Example The following example configures an access-list called mlist as the management access-list. console(config)# management access-class mlist management access-list Use the management access-list command in Global Configuration mode to define an access list for management, and enter the access-list for configuration.
2CSPC4.XModular-SWUM201.book Page 1485 Monday, October 3, 2011 2:21 PM Management access list names can consist of any printable character, including blanks. Enclose the name in quotes to embed blanks in the name. Examples The following example shows how to configure two management interfaces, gigabit Ethernet 1/0/1 and gigabit Ethernet 2/0/9.
2CSPC4.XModular-SWUM201.book Page 1486 Monday, October 3, 2011 2:21 PM • gigabitethernet unit/slot/port — A valid 1-gigabit Ethernet-routed port number. • vlan vlan-id — A valid VLAN number. • port-channel port-channel-number — A valid port channel number. • tengigabitethernet unit/slot/port — A valid 10-gigabit Ethernet-routed port number. • ip-address — Source IP address. • mask mask — Specifies the network mask of the source IP address.
2CSPC4.XModular-SWUM201.book Page 1487 Monday, October 3, 2011 2:21 PM console(config)# management access-class mlist The following example shows how to configure all the interfaces to be management interfaces except for two interfaces, gigabit Ethernet 1/0/1 and 2/0/9.
2CSPC4.XModular-SWUM201.book Page 1488 Monday, October 3, 2011 2:21 PM show management access-list Use the show management access-list command in Privileged EXEC mode to display management access-lists. Syntax show management access-list [name] • name — A valid access list name. (Range: 1–32 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1489 Monday, October 3, 2011 2:21 PM 70 Mode Commands This chapter explains the following commands: configure terminal do configure terminal Use the configure terminal command to get to the configure line. This command is equivalent to the configure command. Syntax configure terminal Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1490 Monday, October 3, 2011 2:21 PM modes other than Global Configuration mode, the do command will not appear in the list of commands shown in the help, nor will prompting be available. Syntax do line • line — Command to be executed. It should be an unambiguous command from the Privileged EXEC mode. Commands such as configure, devshell, and hidden commands are forbidden. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1491 Monday, October 3, 2011 2:21 PM 71 Password Management Commands The Password Management component supports the features below. Passwords are masked when entered by the user and in the running config. Configurable Minimum Password Length The administrator has the option of requiring user passwords to be a minimum length. The administrator can choose to have the switch enforce a minimum length between 8 and 64 characters.
2CSPC4.XModular-SWUM201.book Page 1492 Monday, October 3, 2011 2:21 PM The administrator can access the serial port even if he/she is locked out and reset the password or clear the config to regain control of the switch. This ensures that if a hacker tries to log in as admin and causes the account to be locked out, then the administrator with physical access to the switch can still log in and reactivate the admin account.
2CSPC4.XModular-SWUM201.book Page 1493 Monday, October 3, 2011 2:21 PM Configuring minimum value of 0 for the above parameters means no restriction on that set of characters and configuring maximum of 0 means disabling the restriction (or no limit on the maximum number of course limited by minimum password length). The Password strength feature applies to all login passwords (user, line and enable).
2CSPC4.XModular-SWUM201.book Page 1494 Monday, October 3, 2011 2:21 PM passwords aging Use the passwords aging command in Global Configuration mode to implement aging on passwords for local users. When a user’s password expires, the user is prompted to change it before logging in again. Use the no form of this command to set the password aging to the default value. Syntax passwords aging 1-365 no passwords aging Parameter Description This command does not require a parameter description.
2CSPC4.XModular-SWUM201.book Page 1495 Monday, October 3, 2011 2:21 PM Syntax passwords history 0-10 no passwords history Parameter Description This command does not require a parameter description. Default Configuration The default value is 0. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the number of previous passwords remembered by the system at 10.
2CSPC4.XModular-SWUM201.book Page 1496 Monday, October 3, 2011 2:21 PM Parameter Description This command does not require a parameter description. Default Behavior The default value is 0 or no lockout count is enforced. Command Mode Global Configuration mode. User Guidelines Password lockout only applies to users with authentication configured to local. RADIUS or TACACS authenticated users will use policies configured on the respective RADIUS/TACACS servers.
2CSPC4.XModular-SWUM201.book Page 1497 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example configures user bob with password xxxyymmmm and user level 15. (config)# username bob password xxxyyymmm level 15 passwords strength-check Use the passwords strength-check command in Global Configuration mode to enable the Password Strength feature.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1499 Monday, October 3, 2011 2:21 PM Example console(config)#passwords strength minimum uppercaseletters 6 passwords strength minimum lowercase-letters Use this command to enforce a minimum number of lowercase letters that a password must contain. The valid range is 0–16. The default is 1. A setting of 0 means no restriction. Use the no form of this command to reset the minimum lowercase letters to the default value.
2CSPC4.XModular-SWUM201.book Page 1500 Monday, October 3, 2011 2:21 PM passwords strength minimum numericcharacters Use this command to enforce a minimum number of numeric numbers that a password should contain. The valid range is 0–16. The default is 1. A minimum of 0 means no restriction on that set of characters. Use the no form of this command to reset the minimum numeric characters to the default value.
2CSPC4.XModular-SWUM201.book Page 1501 Monday, October 3, 2011 2:21 PM passwords strength minimum special-characters Use this command to enforce a minimum number of special characters that a password may contain. The valid range is 0–16. The default is 1. A setting of 0 means no restriction. Special characters are one of the following characters (`! $ % ^ & * ( ) _ - + = { [ } ] : ; @ ' ~ # | \ < , > . / ) Use the no form of this command to reset the minimum special characters to the default value.
2CSPC4.XModular-SWUM201.book Page 1502 Monday, October 3, 2011 2:21 PM A maximum of 0 means there is no restriction on consecutive characters. Examples of consecutive characters are ABCDEF or 123456 or !”#$%&’(). Use the no form of this command to reset the maximum consecutive characters accepted to the default value.
2CSPC4.XModular-SWUM201.book Page 1503 Monday, October 3, 2011 2:21 PM Syntax passwords strength max-limit repeated-characters 0-15 no passwords strength max-limit repeated-characters Parameter Description This command does not require parameter descriptions. Default Behavior The default value is 0. Command Mode Global Configuration User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1504 Monday, October 3, 2011 2:21 PM Default Behavior The default value is 1. Command Mode Global Configuration User Guidelines This command has no user guidelines. Example console(config)#passwords strength minimum characterclasses 4 passwords strength exclude-keyword Use this command to exclude the keyword while configuring the password. The password does not accept the keyword in any form (inbetween the string, case insensitive and reverse) as a substring.
2CSPC4.XModular-SWUM201.book Page 1505 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console(config)#passwords strength exclude-keyword brcm enable password encrypted This command is used by an Administrator to transfer the enable password between devices without having to know the password. The password parameter must be exactly 128 hexadecimal characters.
2CSPC4.XModular-SWUM201.book Page 1506 Monday, October 3, 2011 2:21 PM Parameter Description The following fields are displayed by this command. Parameter Description Minimum Password Length Minimum number of characters required when changing passwords. Password History Number of passwords to store for reuse prevention. Password Aging Length in days that a password is valid. Lockout Attempts Number of failed password login attempts before lockout.
2CSPC4.XModular-SWUM201.book Page 1507 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the command output. console#show passwords configuration Passwords Configuration ----------------------Minimum Password Length........................ 8 Password History............................... 0 Password Aging (days)......................
2CSPC4.XModular-SWUM201.book Page 1508 Monday, October 3, 2011 2:21 PM Syntax show passwords result Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the command output. console#show passwords result Last User whose password is set ...................... brcm Password strength check ..
2CSPC4.XModular-SWUM201.book Page 1509 Monday, October 3, 2011 2:21 PM PHY Diagnostics Commands 72 This chapter explains the following commands: show copper-ports tdr test copper-port tdr show fiber-ports optical-transceiver show copper-ports tdr Use the show copper-ports tdr command in Privileged EXEC mode to display the stored information regarding cable lengths. Syntax show copper-ports tdr [interface] • interface — A valid Ethernet port. The full syntax is unit / port.
2CSPC4.XModular-SWUM201.book Page 1510 Monday, October 3, 2011 2:21 PM Example The following example displays the last TDR tests on all ports.
2CSPC4.XModular-SWUM201.book Page 1511 Monday, October 3, 2011 2:21 PM Examples The following examples display the optical transceiver diagnostics.
2CSPC4.XModular-SWUM201.book Page 1512 Monday, October 3, 2011 2:21 PM NOTE: The maximum distance VCT can function is 120 meters. Examples The following example results in a report on the cable attached to port 1/0/3. console#test copper-port tdr 1/0/3 Cable is open at 64 meters The following example results in a failure to report on the cable attached to port 2/0/3.
2CSPC4.XModular-SWUM201.book Page 1513 Monday, October 3, 2011 2:21 PM 73 RMON Commands The PowerConnect SNMP component includes an RMON (remote monitoring) agent. RMON is a base technology used by network management applications to manage a network. Troubleshooting and network planning can be accomplished through the network management applications. The network monitor monitors traffic on a network and records selected portions of the network traffic and statistics.
2CSPC4.XModular-SWUM201.book Page 1514 Monday, October 3, 2011 2:21 PM Syntax rmon alarm number variable interval {delta | absolute} rising-threshold value [event-number] falling-threshold value [event-number] [owner string] [startup direction] no rmon alarm number Syntax Description Parameter Description number The alarm index. (Range: 1–65535) variable A fully qualified SNMP object identifier that resolves to a particular instance of a MIB object.
2CSPC4.XModular-SWUM201.book Page 1515 Monday, October 3, 2011 2:21 PM Parameter Description startup direction The alarm that may be sent when this entry is first set to valid. If the first sample (after this entry becomes valid) is greater than or equal to the rising-threshold, and direction is equal to rising or rising-falling, then a single rising alarm is generated.
2CSPC4.XModular-SWUM201.book Page 1516 Monday, October 3, 2011 2:21 PM rmon collection history Use the rmon collection history command in Interface Configuration mode to enable a Remote Monitoring (RMON) MIB history statistics group on an interface. To remove a specified RMON history statistics group, use the no form of this command. Also see the show rmon collection history command.
2CSPC4.XModular-SWUM201.book Page 1517 Monday, October 3, 2011 2:21 PM console(config)#interface gigabitethernet 1/0/8 console(config-if-1/0/8)#rmon collection history 1 interval 2400 rmon event Use the rmon event command in Global Configuration mode to configure an event. To remove an event, use the no form of this command. See also the show rmon events command.
2CSPC4.XModular-SWUM201.book Page 1518 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example configures an event with the trap index of 10. console(config)#rmon event 10 log show rmon alarm Use the show rmon alarm command in User EXEC mode to display alarm configuration. Also see the rmon alarm command. Syntax show rmon alarm number • number — Alarm index. (Range: 1–65535) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1519 Monday, October 3, 2011 2:21 PM Interval: 30 Sample Type: delta Startup Alarm: rising Rising Threshold: 8700000 Falling Threshold: 78 Rising Event: 1 Falling Event: 1 Owner: CLI The following table describes the significant fields shown in the display: Field Description Alarm Alarm index. OID Monitored variable OID. Last Sample Value The statistic value during the last sampling period.
2CSPC4.XModular-SWUM201.book Page 1520 Monday, October 3, 2011 2:21 PM Field Description Rising Threshold A sampled statistic threshold. When the current sampled value is greater than or equal to this threshold, and the value at the last sampling interval is less than this threshold, a single event is generated. Falling Threshold A sampled statistic threshold.
2CSPC4.XModular-SWUM201.book Page 1521 Monday, October 3, 2011 2:21 PM ----- ---------------------- ------- 1 1.3.6.1.2.1.2.2.1.10.1 CLI 2 1.3.6.1.2.1.2.2.1.10.1 Manager 3 1.3.6.1.2.1.2.2.1.10.9 CLI The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the entry. OID Monitored variable OID. Owner The entity that configured this entry.
2CSPC4.XModular-SWUM201.book Page 1522 Monday, October 3, 2011 2:21 PM console> show rmon collection history Index ner Interface Interval Requested Granted Samples Samples Ow --------------------------------------------------------1 LI 1/0/1 30 50 50 C 2 anager 1/0/1 1800 50 50 M The following table describes the significant fields shown in the display: Field Description Index An index that uniquely identifies the entry. Interface The sampled Ethernet interface.
2CSPC4.XModular-SWUM201.book Page 1523 Monday, October 3, 2011 2:21 PM Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the RMON event table.
2CSPC4.XModular-SWUM201.book Page 1524 Monday, October 3, 2011 2:21 PM Syntax show rmon history index [throughput | errors | other] [period seconds] • index — The requested set of samples. (Range: 1–65535) • throughput — Displays throughput counters. • errors — Displays error counters. • other — Displays drop and collision counters. • period seconds — Specifies the requested period time to display. (Range: 0–2147483647) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1526 Monday, October 3, 2011 2:21 PM Field Description Time Date and Time the entry is recorded. Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). Packets The number of packets (including bad packets) received during this sampling interval. Broadcast The number of good packets received during this sampling interval that were directed to the Broadcast address.
2CSPC4.XModular-SWUM201.book Page 1527 Monday, October 3, 2011 2:21 PM Field Description Jabbers The number of packets received during this sampling interval that were longer than 1518 octets (excluding framing bits but including FCS octets), and had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1529 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays RMON Ethernet Statistics for port 1/0/1.
2CSPC4.XModular-SWUM201.book Page 1530 Monday, October 3, 2011 2:21 PM Field Description Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets). Packets The total number of packets (including bad packets, Broadcast packets, and Multicast packets) received. Broadcast The total number of good packets received and directed to the Broadcast address. This does not include Multicast packets.
2CSPC4.XModular-SWUM201.book Page 1531 Monday, October 3, 2011 2:21 PM Field Description 65 to 127 Octets The total number of packets (including bad packets) received that are between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). 128 to 255 Octets The total number of packets (including bad packets) received that are between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1533 Monday, October 3, 2011 2:21 PM SDM Templates Commands 74 On PowerConnect devices, the total available H/W route entries are divided statically (at compile-time) among IPV4 and IPv6 routes. If a switch is deployed in network environments where no IPv6 routes are needed, then H/W resources allocated for IPv6 routes are unused.
2CSPC4.XModular-SWUM201.book Page 1534 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description dual-ipv4-and-ipv6 This keyword filters subsequent template choices to those that support both IPv4 and IPv6. There is only one such template. It is selected using the keyword default. ipv4-routing This keyword filters subsequent template choices to those that support IPv4 and not IPv6.
2CSPC4.XModular-SWUM201.book Page 1535 Monday, October 3, 2011 2:21 PM Message Type Message Description Error Completion Message None show sdm prefer Use the show sdm prefer command in Privileged EXEC mode to view the currently active SDM template and its scaling parameters, or to view the scaling parameters for an inactive template.
2CSPC4.XModular-SWUM201.book Page 1536 Monday, October 3, 2011 2:21 PM Parameter Description IPv4 Multicast Routes The maximum number of IPv4 multicast forwarding table entries. IPv6 Multicast Routes The maximum number of IPv6 multicast forwarding table entries. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1537 Monday, October 3, 2011 2:21 PM console# show sdm prefer The current template is the Dual IPv4 and IPv6 template. ARP Entries..................................6144 IPv4 Unicast Routes..........................8160 IPv6 NDP Entries.............................2560 IPv6 Unicast Routes..........................4096 ECMP Next Hops...............................4 IPv4 Multicast Routes........................1536 IPv6 Multicast Routes........................
2CSPC4.XModular-SWUM201.book Page 1538 Monday, October 3, 2011 2:21 PM ARP Entries..................................6144 IPv4 Unicast Routes..........................8160 IPv6 NDP Entries.............................2560 IPv6 Unicast Routes..........................4096 ECMP Next Hops...............................4 IPv4 Multicast Routes........................1536 IPv6 Multicast Routes........................512 On the next reload, the template will be the IPv4routing Default template.
2CSPC4.XModular-SWUM201.book Page 1539 Monday, October 3, 2011 2:21 PM 75 Serviceability Tracing Packet Commands Debug commands cause the output of the enabled trace to display on a serial port or telnet console. Note that the output resulting from enabling a debug trace always displays on the serial port. The output resulting from enabling a debug trace displays on all login sessions for which any debug trace has been enabled.
2CSPC4.XModular-SWUM201.book Page 1540 Monday, October 3, 2011 2:21 PM debug console debug ip pimsm packet debug lacp debug vrrp debug dot1x debug ip vrrp debug mldsnooping show debugging debug igmpsnooping debug ipv6 dhcp debug ospf debug ip acl debug ipv6 mcache debug ospfv3 debug ip dvmrp debug ipv6 mld debug ping NOTE: Debug commands are not persistent across resets. debug arp Use the debug arp command to enable tracing of ARP packets.
2CSPC4.XModular-SWUM201.book Page 1541 Monday, October 3, 2011 2:21 PM debug auto-voip Use the debug auto-voip command to enable Auto VOIP debug messages. Use the optional parameters to trace H323, SCCP, or SIP packets respectively. Use the “no” form of this command to disable Auto VOIP debug messages. Syntax debug auto-voip [ H323 | SCCP | SIP ] no debug auto-voip [ H323 | SCCP | SIP ] Default Configuration Auto VOIP tracing is disabled by default. Command Mode Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 1542 Monday, October 3, 2011 2:21 PM User Guidelines There are no usage guidelines for this command. Example console#debug clear debug console Use the debug console to enable the display of “debug” trace output on the login session in which it is executed. Debug console display must be enabled in order to view any trace output. The output of debug trace commands appears on all login sessions for which debug console has been enabled.
2CSPC4.XModular-SWUM201.book Page 1543 Monday, October 3, 2011 2:21 PM Syntax debug dot1x packet [ receive | transmit ] no debug dot1x packet [ receive | transmit ] Default Configuration Display of dot1x traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug dot1x packet debug igmpsnooping Use the debug igmpsnooping to enable tracing of IGMP Snooping packets transmitted and/or received by the switch.
2CSPC4.XModular-SWUM201.book Page 1544 Monday, October 3, 2011 2:21 PM User Guidelines There are no usage guidelines for this command. Example console#debug igmpsnooping packet debug ip acl Use the debug ip acl command to enable debug of IP Protocol packets matching the ACL criteria. Use the “no” form of this command to disable IP ACL debugging. Syntax debug ip acl acl no debug ip acl acl • acl — The number of the IP ACL to debug. Default Configuration Display of IP ACL traces is disabled by default.
2CSPC4.XModular-SWUM201.book Page 1545 Monday, October 3, 2011 2:21 PM information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Syntax debug ip dvmrp packet [ receive | transmit ] no debug ip dvmrp packet [ receive | transmit ] Default Configuration Display of DVMRP traces is disabled by default. Command Mode Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 1546 Monday, October 3, 2011 2:21 PM Default Configuration Display of IGMP traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines There are no usage guidelines for this command. Example console#debug ip igmp packet debug ip mcache Use the debug ip mcache command for tracing MDATA packet reception and transmission. The receive option traces only received data packets and the transmit option traces only transmitted data packets.
2CSPC4.XModular-SWUM201.book Page 1547 Monday, October 3, 2011 2:21 PM Example console#debug ip mcache packet debug ip pimdm packet Use the debug ip pimdm packet command to trace PIMDM packet reception and transmission. The receive option traces only received PIMDM packets and the transmit option traces only transmitted PIMDM packets. When neither keyword is used in the command, then all PIMDM packet traces are dumped.
2CSPC4.XModular-SWUM201.book Page 1548 Monday, October 3, 2011 2:21 PM debug ip pimsm packet Use the debug ip pimsm command to trace PIMSM packet reception and transmission. The receive option traces only received PIMSM packets and the transmit option traces only transmitted PIMSM packets. When neither keyword is used in the command, then all PIMSM packet traces are dumped.
2CSPC4.XModular-SWUM201.book Page 1549 Monday, October 3, 2011 2:21 PM Default Configuration Display of VRRP traces is disabled by default. Command Mode Privileged EXEC mode. User Guidelines This command has no user guidelines. Example console#debug ip vrrp debug ipv6 dhcp Use the debug ipv6 dhcp command in Privileged EXEC mode to display debug information about DHCPv6 client activities and to trace DHCPv6 packets to and from the local DHCPv6 client.
2CSPC4.XModular-SWUM201.book Page 1550 Monday, October 3, 2011 2:21 PM Examples console#debug ipv6 dhcp debug ipv6 mcache Use the debug ipv6 mcache command to trace MDATAv6 packet reception and transmission. The receive option traces only received data packets and the transmit option traces only transmitted data packets. When neither keyword is used in the command, then all data packet traces are dumped.
2CSPC4.XModular-SWUM201.book Page 1551 Monday, October 3, 2011 2:21 PM is used in the command, then all MLD packet traces are dumped. Vital information such as source address, destination address, control packet type, packet length, and the interface on which the packet is received or transmitted is displayed on the console. Use the “no” form of this command to disable MLD tracing.
2CSPC4.XModular-SWUM201.book Page 1552 Monday, October 3, 2011 2:21 PM no debug ipv6 pimdm packet [ receive | transmit ] Default Configuration Display of PIMDMv6 traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug ipv6 pimdm packet debug ipv6 pimsm Use the debug ipv6 pimsm command to trace PIMSMv6 packet reception and transmission.
2CSPC4.XModular-SWUM201.book Page 1553 Monday, October 3, 2011 2:21 PM Usage Guidelines There are no usage guidelines for this command. Example console#debug ipv6 pimsm packet debug isdp Use the debug isdp command to trace ISDP packet reception and transmission. The receive option traces only received ISDP packets and the transmit option traces only transmitted ISDP packets. When neither keyword is used in the command, then all ISDP packet traces are dumped.
2CSPC4.XModular-SWUM201.book Page 1554 Monday, October 3, 2011 2:21 PM debug lacp Use the debug lacp command to enable tracing of LACP packets received and transmitted by the switch. Use the “no” form of this command to disable tracing of LACP packets. Syntax debug lacp packet no debug lacp packet Default Configuration Display of LACP traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1555 Monday, October 3, 2011 2:21 PM no debug mldsnooping packet [ receive | transmit ] Default Configuration Display of MLD Snooping traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug mldsnooping debug ospf Use the debug ospf command to enable tracing of OSPF packets received and transmitted by the switch.
2CSPC4.XModular-SWUM201.book Page 1556 Monday, October 3, 2011 2:21 PM debug ospfv3 Use the debug ospfv3 command to enable tracing of OSPFv3 packets received and transmitted by the switch. Use the “no” form of this command to disable tracing of OSPFv3 packets. Syntax debug ospfv3 packet no debug ospfv3 packet Default Configuration Display of OSPFv3 traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1557 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example The following example displays. console#debug ping packet debug rip Use the debug rip command to enable tracing of RIP requests and responses. Use the “no” form of this command to disable tracing of RIP requests and responses.
2CSPC4.XModular-SWUM201.book Page 1558 Monday, October 3, 2011 2:21 PM debug sflow Use the debug sflow command to enable sFlow debug packet trace. Use the “no” form of this command to disable sFlow packet tracing. Syntax debug sflow packet no debug sflow packet Default Configuration Display of sFlow traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command.
2CSPC4.XModular-SWUM201.book Page 1559 Monday, October 3, 2011 2:21 PM Default Configuration Display of spanning tree BPDU traces is disabled by default. Command Mode Privileged EXEC mode. Usage Guidelines There are no usage guidelines for this command. Example console#debug spanning-tree bpdu debug vrrp Use the debug vrrp command in Privileged EXEC mode to enable VRRP debug protocol messages. Use the no form of this command to disable VRRP debug protocol messages.
2CSPC4.XModular-SWUM201.book Page 1560 Monday, October 3, 2011 2:21 PM Syntax show debugging no show debugging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode. Usage Guidelines Enabled packet tracing configurations are displayed. Example console #debug arp Arp packet tracing enabled. console #show debugging Arp packet tracing enabled.
2CSPC4.XModular-SWUM201.book Page 1561 Monday, October 3, 2011 2:21 PM 76 Sflow Commands sFlow® is the standard for monitoring high-speed switched and routed networks. sFlow technology is built into network equipment and gives complete visibility into network activity, enabling effective management and control of network resources. The sFlow monitoring system consists of an sFlow Agent (embedded in a switch or router or in a stand-alone probe) and a central sFlow Collector.
2CSPC4.XModular-SWUM201.book Page 1562 Monday, October 3, 2011 2:21 PM Syntax sflow rcvr_index destination { ip-address [ port ] | maxdatagram size | owner "owner_string" timeout rcvr_timeout} no sflow rcvr_index destination [ip-address | maxdatagram | owner ] • rcvr_index — The index of this sFlow Receiver (Range: 1–8). • ip-address — The sFlow receiver IP address. If set to 0.0.0.0, no sFlow datagrams will be sent. • size —The maximum number of data bytes that can be sent in a single sample datagram.
2CSPC4.XModular-SWUM201.book Page 1563 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode. User Guidelines An sflow destination entry must have an owner name defined in order for polling or sampling to be configured. The last set of command parameters are optional in the no form of the command. Example console(config)#sflow 1 destination owner 1 timeout 2000 console(config)#sflow 1 destination maxdatagram 500 console(config)#sflow 1 destination 30.30.30.
2CSPC4.XModular-SWUM201.book Page 1564 Monday, October 3, 2011 2:21 PM Default Configuration There are no pollers configured by default. The default poll interval is 0. Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example console(config)#sflow 1 polling gigabitethernet 1/0/1-10 200 sflow polling (Interface Mode) Use the sflow polling command in Interface Mode to enable a new sflow poller instance for this data source if rcvr_idx is valid.
2CSPC4.XModular-SWUM201.book Page 1565 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example console(config-if-1/0/2)#sflow 1 polling 6055 sflow sampling Use the sflow sampling command to enable a new sflow sampler instance for this data source if rcvr_idx is valid. Use the “no” form of this command to reset sampler parameters to the default.
2CSPC4.XModular-SWUM201.book Page 1566 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode. User Guidelines This command has no user guidelines. Example console(config)#sflow 1 sampling gigabitethernet 1/0/2 1500 50 sflow sampling (Interface Mode) Use the sflow sampling command in Interface Mode to enable a new sflow sampler instance for this data source if rcvr_idx is valid. Use the "no" form of this command to reset sampler parameters to the default.
2CSPC4.XModular-SWUM201.book Page 1567 Monday, October 3, 2011 2:21 PM Command Mode Interface Configuration (Ethernet) mode User Guidelines This command has no user guidelines. Example console(config-if-1/0/15)#sflow 1 sampler 1500 50 show sflow agent Use the show sflow agent command to display the sflow agent information. Syntax show sflow agent Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode.
2CSPC4.XModular-SWUM201.book Page 1568 Monday, October 3, 2011 2:21 PM Example console#show sflow agent sFlow Version.......................... 1.3;Dell Corp.;10.23.18.28 IP Address............................. 0.0.0.0 show sflow destination Use the show sflow destination command to display all the configuration information related to the sFlow receivers. Syntax show sflow rcvr-index destination • rcvr index — The index of the sFlow Receiver to display (Range: 1–8).
2CSPC4.XModular-SWUM201.book Page 1569 Monday, October 3, 2011 2:21 PM Receiver Owner Index Time out Max Datagram Port String IP Address Size -------- -------- ---------- ------------ ----- -------------------------2 0 1400 6343 0.0.0.0 show sflow polling Use the show sflow polling command to display the sFlow polling instances created on the switch.
2CSPC4.XModular-SWUM201.book Page 1570 Monday, October 3, 2011 2:21 PM Poller Receiver Poller Data Source Index Interval ----------- ------- ------- 1/0/1 1 0 show sflow sampling Use the show sflow sampling command to display the sFlow sampling instances created on the switch. Syntax show sflow rcvr-index sampling [{gigabitethernet | tengigabitethernet} interface-list] • rcvr-index — The sFlow Receiver associated with the poller (Range: 1–8).
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1573 Monday, October 3, 2011 2:21 PM 77 SNMP Commands The SNMP component provides a machine-to-machine interface for the PowerConnect product family. This includes the ability to configure the network device, view settings and statistics, and upload or download code or configuration images.
2CSPC4.XModular-SWUM201.book Page 1574 Monday, October 3, 2011 2:21 PM Syntax show snmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the SNMP communications status. Console # show snmp Community-String Community-Access View name IP address ---------------- ---------------- ---------- ---------- public private private All 172.16.1.1 172.17.1.
2CSPC4.XModular-SWUM201.book Page 1575 Monday, October 3, 2011 2:21 PM 192.122.173.42 192.122.173.42 Trap Inform public public 2 2 162 filt1 15 3 162 filt2 15 3 Version 3 notifications Target Address Type Username -------------- ----- -------192.122.173.
2CSPC4.XModular-SWUM201.book Page 1576 Monday, October 3, 2011 2:21 PM show snmp filters Use the show snmp filters command in Privileged EXEC mode to display the configuration of filters. Syntax show snmp filters filtername • filtername — Specifies the name of the filter. (Range: 1-30) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1577 Monday, October 3, 2011 2:21 PM user-filter1 1.3.6.1.2.1.1 Included user-filter1 1.3.6.1.2.1.1.7 Excluded show snmp group Use the show snmp group command in Privileged EXEC mode to display the configuration of groups. Syntax show snmp group [groupname] • groupname — Specifies the name of the group. (Range: 1-30) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1578 Monday, October 3, 2011 2:21 PM managers-group V3 NoAuth-priv Default managers-group V3 NoAuth-priv Default Default "" "" "" console# show snmp groups user-group Name Security Model Level Views Read Write Notify ----------------- ---------user-group V3 -----Auth-Priv -------- -------- -Default "" "" The following table contains field descriptions.
2CSPC4.XModular-SWUM201.book Page 1579 Monday, October 3, 2011 2:21 PM Syntax show snmp user [username] • username — Specifies the name of the user. (Range: 1-30) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines The user name accepts any printable characters except a double quote or question mark. Enclose the string in double quotes to include spaces within the name. The surrounding quotes are not used as part of the name.
2CSPC4.XModular-SWUM201.book Page 1580 Monday, October 3, 2011 2:21 PM show snmp views Use the show snmp views command in Privileged EXEC mode to display the configuration of views. Syntax show snmp views [viewname] • viewname — Specifies the name of the view. (Range: 1-30) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1581 Monday, October 3, 2011 2:21 PM show trapflags Use the show trapflags command in Privileged EXEC mode to display SNMP traps globally or to display specific SNMP traps.
2CSPC4.XModular-SWUM201.book Page 1582 Monday, October 3, 2011 2:21 PM Power Over Ethernet ............... Enable MAC Locking ....................... Enable DVMRP Traps........................ Disable OSPFv2 Traps....................... Disable PIM Traps.......................... Disable OSPFv3 Traps....................... Disable CP Traps........................... Disable console#show trapflags ospf OSPF Traps: errors: all..............................Disabled authentication failure...........
2CSPC4.XModular-SWUM201.book Page 1583 Monday, October 3, 2011 2:21 PM rtb: rtb-entryinfo...............Disabled state-change: all..............................Disabled if state change..................Enabled neighbor state change............Enabled virtif state change..............Disabled virtneighbor state change........Disabled snmp-server community Use the snmp-server community command in Global Configuration mode to set up the community access string to permit access to the SNMP protocol.
2CSPC4.XModular-SWUM201.book Page 1584 Monday, October 3, 2011 2:21 PM Default Configuration No community is defined. Default to read–only access if not specified. Command Mode Global Configuration mode User Guidelines You can not specify viewname for su, which has an access to the whole MIB. You can use the view name to restrict the access rights of a community string. When it is specified: • An internal security name is generated.
2CSPC4.XModular-SWUM201.book Page 1585 Monday, October 3, 2011 2:21 PM snmp-server community-group Use the snmp-server community-group command in Global Configuration mode to map the internal security name for SNMP v1 and SNMP v2 security models to the group name. To remove the specified community string, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1586 Monday, October 3, 2011 2:21 PM snmp-server contact Use the snmp-server contact command in Global Configuration mode to set up a system contact (sysContact) string. To remove the system contact information, use the no form of the command. Syntax snmp-server contact text no snmp-server contact • text — Character string, 0 to 160 characters, describing the system contact information. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1588 Monday, October 3, 2011 2:21 PM Parameter Description ospf Enable OSPF event traps. ospfv3 Enable OSPFv3 event traps. pim Enable pim traps (pim-sm and pim-dm). poe Enable poe traps. port-aggregator lagfailover Enable traps for LAG failover on port-aggregator links. snmp authentication Enable snmp authentication traps. spanning-tree Enable traps on topology changes. stack Enable stack firmware synchronization traps. vrrp Enable vrrp traps.
2CSPC4.XModular-SWUM201.book Page 1589 Monday, October 3, 2011 2:21 PM authentication fails. dvmrp dvmrp link Up/Down trap flag. Enable/Disable switch level Link multiple-users multiple logins Enable/Disable sending traps when active. ospf Enable/Disable OSPF Traps. ospfv3 Enable/Disable OSPF Traps. pim pim spanning-tree Tree traps.
2CSPC4.XModular-SWUM201.book Page 1590 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines If you want to use SNMPv3, you need to specify an engine ID for the device. You can specify your own ID or use a default string that is generated using the MAC address of the device. If the SNMPv3 engine ID is deleted, or the configuration file is erased, then SNMPv3 cannot be used.
2CSPC4.XModular-SWUM201.book Page 1591 Monday, October 3, 2011 2:21 PM no snmp-server filter filter-name [oid-tree] • filter-name — Specifies the label for the filter record that is being updated or created. The name is used to reference the record. (Range: 1-30 characters.) • oid-tree — Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system.
2CSPC4.XModular-SWUM201.book Page 1592 Monday, October 3, 2011 2:21 PM console(config)# snmp-server filter user-filter system.7 excluded console(config)# snmp-server filter user-filter ifEntry.*.1 included snmp-server group Use the snmp-server group command in Global Configuration mode to configure a new Simple Management Protocol (SNMP) group or a table that maps SNMP users to SNMP views. To remove a specified SNMP group, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1593 Monday, October 3, 2011 2:21 PM • readview — A string that is the name of the view that enables the you to view only the contents of the agent. If unspecified, all the objects except for the community-table and SNMPv3 user and access tables are available. (Range: 1-30 characters.) • writeview — A string that is the name of the view that enables the user to enter data and configure the contents of the agent. If unspecified, nothing is defined for the write view.
2CSPC4.XModular-SWUM201.book Page 1594 Monday, October 3, 2011 2:21 PM Syntax snmp-server host host-addr [informs [timeout seconds] [retries retries] | traps version {1 | 2 }]] community-string [udp-port port] [filter filtername] no snmp-server host host-addr { traps | informs } Parameter Description Parameter Description host-addr Specifies the IP address of the host (targeted recipient) or the name of the host.
2CSPC4.XModular-SWUM201.book Page 1595 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines If a DNS host name is entered instead of an IP address, the switch attempts to resolve the host name immediately using DNS. Use the ip domain-lookup command on page 496 and the ip name-server command on page 499 to enable resolution of DNS host names. Example The following example enables SNMP traps for host 192.16.12.143. console(config)# snmp-server host 192.16.12.
2CSPC4.XModular-SWUM201.book Page 1596 Monday, October 3, 2011 2:21 PM Example The following example sets the device location as "New_York". console(config)# snmp-server location New_York snmp-server user Use the snmp-server user command in Global Configuration mode to configure a new SNMP Version 3 user. To delete a user, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1597 Monday, October 3, 2011 2:21 PM • priv-des — The CBC-DES Symmetric Encryption privacy level. Enter a password. • priv-des-key — The CBC-DES Symmetric Encryption privacy level. The user should enter a pregenerated MD5 or SHA key depending on the authentication level selected. • des-key — The pregenerated DES encryption key.
2CSPC4.XModular-SWUM201.book Page 1598 Monday, October 3, 2011 2:21 PM • view-name — Specifies the label for the view record that is being created or updated. The name is used to reference the record. (Range: 1-30 characters.) • oid-tree — Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system.
2CSPC4.XModular-SWUM201.book Page 1599 Monday, October 3, 2011 2:21 PM console(config)# snmp-server view user-view ifEntry.*.1 included console(config)#snmp-server view "A beautiful view!" 1.1.2.1 included snmp-server v3-host Use the snmp-server v3-host command in Global Configuration mode to specify the recipient of Simple Network Management Protocol Version 3 (SNMPv3) notifications. To remove the specified host, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1600 Monday, October 3, 2011 2:21 PM • port — UDP port of the host to use. The default is 162. (Range: 1-65535.) • filtername — A string that is the name of the filter that define the filter for this host. If unspecified, does not filter anything. (Range: 1-30 characters.) Default Configuration Default configuration is 3 retries and 15 seconds timeout.
2CSPC4.XModular-SWUM201.book Page 1601 Monday, October 3, 2011 2:21 PM 78 SSH Commands Management access to the switch is supported via telnet, SSH, or the serial console. The PowerConnect supports secure shell (SSH) and secure sockets layer (SSL) to help ensure the security of network transactions. Keys and certificates can be generated externally (that is, offline) and downloaded to the target or generated directly by the PowerConnect.
2CSPC4.XModular-SWUM201.book Page 1602 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines DSA keys are generated in pairs: one public DSA key and one private DSA key. If your switch already has DSA keys when you issue this command, you are warned and prompted to replace the existing keys. The keys are not saved in the switch configuration; they are saved in the file system and the private key is never displayed to the user.
2CSPC4.XModular-SWUM201.book Page 1603 Monday, October 3, 2011 2:21 PM the switch configuration; they are saved in the file system and the private key is never displayed to the user. RSA keys, along with other switch credentials, are distributed to all units in a stack on a configuration save. Example The following example generates RSA key pairs.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1605 Monday, October 3, 2011 2:21 PM ip ssh pubkey-auth Use the ip ssh pubkey-auth command in Global Configuration mode to enable public key authentication for incoming SSH sessions. To disable this function, use the no form of this command. Syntax ip ssh pubkey-auth no ip ssh pubkey-auth Default Configuration The function is disabled. Command Mode Global Configuration mode User Guidelines AAA authentication is independent from this configuration.
2CSPC4.XModular-SWUM201.book Page 1606 Monday, October 3, 2011 2:21 PM Default Configuration This command is enabled by default. Command Mode Global Configuration mode User Guidelines To generate SSH server keys, use the commands crypto key generate rsa, and crypto key generate dsa. Example The following example enables the switch to be configured using SSH. console(config)#ip ssh server key-string Use the key-string SSH Public Key Configuration mode to specify an SSH public key manually.
2CSPC4.XModular-SWUM201.book Page 1607 Monday, October 3, 2011 2:21 PM User Guidelines Use the key-string row command to specify which SSH public key you will configure interactively next. To complete the interactive command, you must enter key-string row with no characters. Examples The following example shows how to enter a public key string for a user called "bob.
2CSPC4.XModular-SWUM201.book Page 1608 Monday, October 3, 2011 2:21 PM console(config-pubkey-key)#key-string row C1yc2 show crypto key mypubkey Use the show crypto key mypubkey command in Privileged EXEC mode to display the SSH public keys of the switch. Syntax show crypto key mypubkey [rsa | dsa] • rsa — RSA key. • dsa — DSA key. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1610 Monday, October 3, 2011 2:21 PM Example The following example displays all SSH public keys stored on the switch. console#show crypto key pubkey-chain ssh Username Fingerprint ---------- ------------------------------------------------- bob 9A:CC:01:C5:78:39:27:86:79:CC:23:C5:98:59:F1:86 john 98:F7:6E:28:F2:79:87:C8:18:F8:88:CC:F8:89:87:C8 The following example displays the SSH public called "dana.
2CSPC4.XModular-SWUM201.book Page 1611 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays the SSH server configuration. console#show ip ssh SSH server enabled. Port: 22 RSA key was generated. DSA key was generated. SSH Public Key Authentication is enabled. Active incoming sessions: IP Address Idle Time SessionTime ------------- -------------------- User Name -------------- -------------- 10.240.1.
2CSPC4.XModular-SWUM201.book Page 1612 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example enables a SSH public key to be manually configured for the SSH public key chain called "bob.
2CSPC4.XModular-SWUM201.book Page 1613 Monday, October 3, 2011 2:21 PM 79 Syslog Commands The PowerConnect supports a centralized logging subsystem with support for local in memory logs, crash dump logs, and forwarding messages to syslog servers. All switch components use the logging subsystem.
2CSPC4.XModular-SWUM201.book Page 1614 Monday, October 3, 2011 2:21 PM <190> JAN 10 18:59:17 10.27.21.22-2 CLI_WEB[209809328]: cmd_logger_api.c(260) 369 %% [CLI:----:EIA-232] Access level of user admin has been set to 15 If enabled, the CLI command logger subsystem begins to log commands immediately after the user is authenticated. After authentication, the CLI generates an explicit message and invokes the command logger. The format of the message at login is: <189> JAN 10 18:58:56 10.27.21.
2CSPC4.XModular-SWUM201.book Page 1615 Monday, October 3, 2011 2:21 PM logging console clear logging Use the clear logging command in Privileged EXEC mode to clear messages from the internal logging buffer. Syntax clear logging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example clears messages from the internal syslog message logging buffer.
2CSPC4.XModular-SWUM201.book Page 1616 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC User Guidelines This command has no user guidelines. Example The following example shows the clear logging file command and confirmation response. console#clear logging file Clear logging file [y/n] description Use the description command in Logging mode to describe the syslog server. Syntax description description • description — Sets the description of the syslog server. (Range: 1-64 characters.
2CSPC4.XModular-SWUM201.book Page 1617 Monday, October 3, 2011 2:21 PM level Use the level command in Logging mode to specify the severity level of syslog messages. To reset to the default value, use the no form of the command. Syntax level level no level Parameter Description Parameter Description level The severity level for syslog messages. (Range: emergency, alert, critical, error, warning, notice, info, debug) Default Configuration The default value for level is info.
2CSPC4.XModular-SWUM201.book Page 1618 Monday, October 3, 2011 2:21 PM Syntax logging cli-command no logging cli-command Default Configuration Disabled Command Mode Global Configuration User Guidelines See the CLI commands by using the show logging command. Example console(config)#logging cli-command console(config)#do show logging Logging is enabled Console Logging: level warnings. Console Messages: 384 Dropped. Buffer Logging: level informational.
2CSPC4.XModular-SWUM201.book Page 1619 Monday, October 3, 2011 2:21 PM <190> JAN 10 18:59:17 10.27.21.22-2 CLI_WEB[209809328]: cmd_logger_api.c(260) 369 %% [CLI:----:EIA-232] Access level of user admin has been set to 15 <189> JAN 10 18:59:19 10.27.21.22-2 CMDLOGGER[209809328]: cmd_logger_api.c(83) 370 %% CLI:EIA-232:----:exit <189> JAN 10 18:59:22 10.27.21.22-2 CMDLOGGER[209809328]: cmd_logger_api.c(83) 371 %% CLI:EIA-232:----:telnet 10.27.21.22 <189> JAN 10 18:59:27 10.27.21.
2CSPC4.XModular-SWUM201.book Page 1620 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines Up to eight syslog servers can be used. The Dell PowerConnect always uses the local7(23) facility in the syslog message. Syslog messages will not exceed 96 bytes in length. Syslog messages use the following format: <130> JAN 01 00:00:06 0.0.0.0-1 UNKN[0x800023]: bootos.
2CSPC4.XModular-SWUM201.book Page 1621 Monday, October 3, 2011 2:21 PM Component Name Component name for the logging component. Components must use the new APIs in order to enable identification of the logging component. Component UNKN is substituted for components that do not use the new logging APIs. Thread ID The thread ID of the logging component. File Name The name of the file containing the invoking macro. Line Number The line number which contains the invoking macro.
2CSPC4.XModular-SWUM201.book Page 1622 Monday, October 3, 2011 2:21 PM logging buffered Use the logging buffered command in Global Configuration mode to limit syslog messages displayed from an internal buffer based on severity. To cancel the buffer use, use the no form of this command. Syntax logging buffered [severity–level] no logging buffered Parameter Description Parameter Description severity–level (Optional) The number or name of the desired severity level.
2CSPC4.XModular-SWUM201.book Page 1623 Monday, October 3, 2011 2:21 PM Example The following example limits syslog messages displayed from an internal buffer based on the severity level "error." console(config)#logging buffered error logging console Use the logging console command in Global Configuration mode to limit messages logged to the console based on severity. To disable logging to the console terminal, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1624 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example limits messages logged to the console based on severity level "alert". console(config)#logging console alert logging file Use the logging file command in Global Configuration mode to limit syslog messages sent to the logging file based on severity. To cancel the buffer, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1625 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example limits syslog messages sent to the logging file based on the severity level "warning." console(config)#logging file warning logging on Use the logging on command in Global Configuration mode to control error messages logging.
2CSPC4.XModular-SWUM201.book Page 1626 Monday, October 3, 2011 2:21 PM commands. However, if the logging on command is disabled, no messages are sent to these destinations. In this case, only the console will continue to receive logging messages. Example The following example shows how logging is enabled. console(config)#logging on logging snmp Use the logging snmp command in Global Configuration mode to enable SNMP Set command logging. To disable, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1627 Monday, October 3, 2011 2:21 PM Syntax logging web-session no logging web-session Default Configuration Disabled. Command Mode Global Configuration mode User Guidelines To see web session logs use the show logging command. Example console(config)#logging web-session <133> MAR 24 07:46:07 10.131.7.165-2 UNKN[83102768]: cmd_logger_api.c(140) 764 %% WEB:10.131.7.67:<>:EwaSessionLookup : session[0] created <133> MAR 24 07:46:07 10.131.7.
2CSPC4.XModular-SWUM201.book Page 1628 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description port The port number for syslog messages. (Range: 1-65535) Default Configuration The default port number is 514. Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server, the command can be executed to set the port number for the server. Example The following example sets the syslog message port to 300.
2CSPC4.XModular-SWUM201.book Page 1629 Monday, October 3, 2011 2:21 PM Example The following example displays the state of logging and the syslog messages stored in the internal buffer. console#show logging Logging is enabled. Console Logging: level warnings. Console Messages: 1778 Dropped. Buffer Logging: level informational. Buffer Messages: 983 Logged, File Logging: level notActive. File Messages: 1783 Dropped.
2CSPC4.XModular-SWUM201.book Page 1630 Monday, October 3, 2011 2:21 PM Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays the state of logging and syslog messages sorted in the logging file. console#show logging file Persistent Logging : enabled Persistent Log Count : 1 <186> JAN 01 00:00:05 0.0.0.0-1 UNKN[268434928]: bootos.
2CSPC4.XModular-SWUM201.book Page 1631 Monday, October 3, 2011 2:21 PM Example The following example displays the syslog server settings. console#show syslog-servers IP address Port Severity Facility Description --------------------------------------------------------192.180.2.275 14 Info local7 7 192.180.2.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1634 Monday, October 3, 2011 2:21 PM Syntax asset-tag [unit] tag no asset-tag [unit] • unit — Switch number. (Range: 1–12) • tag — The switch asset tag. Default Configuration No asset tag is defined by default. Command Mode Global Configuration mode User Guidelines The asset-tag command accepts any printable characters for a tag name except a double quote or question mark. Enclose the string in double quotes to include spaces within the name.
2CSPC4.XModular-SWUM201.book Page 1635 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines The exec message may consist of multiple lines. Enter a quote to complete the message and return to configuration mode. Up to 2000 characters may be entered into a banner. Each line entered will consume an extra two characters to account for the carriage return and line feed.
2CSPC4.XModular-SWUM201.book Page 1636 Monday, October 3, 2011 2:21 PM User Guidelines The login banner can consist of multiple lines. Enter a quote to end the banner text and return to the configuration prompt. Up to 2000 characters may be entered into a banner. Each line entered will consume an extra two characters to account for the carriage return and line feed.
2CSPC4.XModular-SWUM201.book Page 1637 Monday, October 3, 2011 2:21 PM Example console(config)# banner motd “IMPORTANT: There is a power shutdown at 23:00hrs today, duration 1 hr 30 minutes.” When the MOTD banner is executed, the following displays: IMPORTANT: There is a power shutdown at 23:00hrs today, duration 1 hr 30 minutes. banner motd acknowledge The banner displayed on the console must be acknowledged if banner motd acknowledge is executed. Enter "y" or "n" to continue to the login prompt.
2CSPC4.XModular-SWUM201.book Page 1638 Monday, October 3, 2011 2:21 PM When the MOTD banner is executed, the following displays: IMPORTANT: There is a power shutdown at 23:00hrs today, duration 1 hr 30 minutes. Press ‘y’ to continue If ‘y’ is entered, the following displays: console > If ‘n’ is entered, the session will get disconnected, unless it is a serial connection. clear checkpoint statistics Use the clear checkpoint statistics command to clear the statistics for the checkpointing process.
2CSPC4.XModular-SWUM201.book Page 1639 Monday, October 3, 2011 2:21 PM cut-through mode Use the cut-through mode command to enable the cut-through mode on the switch. The mode takes effect on all ports on next reload of the switch. To disable the cut-through mode on the switch, use the no form of this command. Syntax cut-through mode no cut-through mode Default Configuration This command has no default configuration. Command Mode Global Configuration User Guidelines No specific guidelines.
2CSPC4.XModular-SWUM201.book Page 1640 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Line Configuration User Guidelines The exec banner can consist of multiple lines. Enter a quote to complete the message and return to configuration mode. Example console(config-telnet)# no exec-banner hostname Use the hostname command in Global Configuration mode to specify or modify the switch host name.
2CSPC4.XModular-SWUM201.book Page 1641 Monday, October 3, 2011 2:21 PM User Guidelines The hostname may include any printable characters except a double quote or question mark. Enclose the string in double quotes to include spaces within the name. The surrounding quotes are not used as part of the name. The CLI does not filter illegal characters and may truncate entries at the first illegal character or reject the entry entirely. Example The following example specifies the switch host name.
2CSPC4.XModular-SWUM201.book Page 1642 Monday, October 3, 2011 2:21 PM Press enter to execute the command. console(config-stack)#initiate failover Management unit will be reloaded. Are you sure you want to failover to the backup unit? (y/n) y ip address Use the ip address command to set a static OOB port IP address. Syntax ip address addr mask gw • addr — IP address to be set for the OOB port. (Range: Valid IP address) • mask — Subnet mask. (Range: Valid mask) • gw — Gateway IP address.
2CSPC4.XModular-SWUM201.book Page 1643 Monday, October 3, 2011 2:21 PM Syntax ip address none Default Configuration This command has no default configuration. Command Mode Interface Configuration (out-of-band) User Guidelines No specific guidelines. Example console(config)#interface out-of-band console(config-if)#ip address none ip address {dhcp/bootp} Use the ip address command to enable DHCP/BOOTP on the OOB port.
2CSPC4.XModular-SWUM201.book Page 1644 Monday, October 3, 2011 2:21 PM console(config-if)#ip address dhcp login-banner Use the login-banner command to enable login banner on the console, telnet or SSH connection. To disable, use the no form of the command. Syntax login-banner no login-banner • MESSAGE — Quoted text Default Configuration This command has no default configuration. Command Mode Line Configuration User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1645 Monday, October 3, 2011 2:21 PM no member unit • unit — The switch identifier of the switch to be added or removed from the stack. (Range: 1–12) • switchindex — The index into the database of the supported switch types, indicating the type of the switch being preconfigured. The switch index is a 32-bit integer obtained from the show supported switchtype command. Default configuration This command has no defaults.
2CSPC4.XModular-SWUM201.book Page 1646 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Line Configuration User Guidelines This command has no user guidelines. Example console(config-telnet)# motd-banner nsf Use this command to enable non-stop forwarding. The “no” form of the command will disable NSF. Syntax nsf no nsf Default Configuration Non-stop forwarding is enabled by default.
2CSPC4.XModular-SWUM201.book Page 1647 Monday, October 3, 2011 2:21 PM ping Use the ping command in User EXEC mode to check the accessibility of the desired node on the network. Syntax ping [ ip | ipv6 ] ipaddress | hostname [ repeat count ] [ timeout interval ] [ size size ] • ipaddress — IP address to ping (contact). • hostname — Hostname to ping (contact). (Range: 1–158 characters).
2CSPC4.XModular-SWUM201.book Page 1648 Monday, October 3, 2011 2:21 PM Pinging 10.27.65.60 with 0 bytes of data: Reply From 10.27.65.60: icmp_seq = 0. time <10 msec. Reply From 10.27.65.60: icmp_seq = 1. time <10 msec. Reply From 10.27.65.60: icmp_seq = 2. time <10 msec. Reply From 10.27.65.60: icmp_seq = 3. time <10 msec. ----10.27.65.
2CSPC4.XModular-SWUM201.book Page 1649 Monday, October 3, 2011 2:21 PM Syntax reload [stack–member–number] Parameter Description Parameter Description stack–member–number The stack member to be reloaded. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines If no unit is specified, all units are reloaded. Example The following example displays how to reload the stack. console#reload 1 Management switch has unsaved changes.
2CSPC4.XModular-SWUM201.book Page 1650 Monday, October 3, 2011 2:21 PM • unit — The switch identifier. (Range: 1–12) • description — The text description. (Range: 1–80 alphanumeric characters) Default Configuration This command has no default configuration. Command Mode Stack Global Configuration mode User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1651 Monday, October 3, 2011 2:21 PM • PowerConnect 7048 • PowerConnect 7048P • PowerConnect 7048R • PowerConnect 7048R-RA • CX4 Expansion Card • 10GBaseT Expansion Card • SFP+ Expansion Card Use the no form of the command to return the unit/slot configuration to the default value. Syntax slot unit/slot cardindex no slot unit/slot • unit/slot — The slot identifier of the slot.
2CSPC4.XModular-SWUM201.book Page 1652 Monday, October 3, 2011 2:21 PM Syntax show banner Default Configuration This command has no default configuration. Command Mode Privileged EXEC User Guidelines This command has no user guidelines. Example console#show banner Banner:Exec Line Console...................... Enable Line SSH.......................... Disable Line Telnet....................... Enable ===exec===== Banner:Login Line Console...................... Enable Line SSH.........................
2CSPC4.XModular-SWUM201.book Page 1653 Monday, October 3, 2011 2:21 PM Line SSH.......................... Enable Line Telnet....................... Enable ===motd===== show boot-version Use the show boot-version command to display the boot image version details. The details available to the user include the build date and time. Syntax show boot-version [ unit ] • unit — The switch identifier. (Range: 1–12) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1654 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines When nonstop forwarding is enabled on a stack, the stack's management unit checkpoints operational data to the backup unit. If the backup unit takes over as the management unit, the control plane on the new management unit uses the checkpointed data when initializing its state.
2CSPC4.XModular-SWUM201.book Page 1655 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. User Guidelines No specific guidelines. Example Console#show cut-through mode Current mode : Enable Configured mode : Disable (This mode is effective on next reload) show interfaces advanced firmware Use the show interfaces advanced firmware command to display the firmware revision of the PHY for a port.
2CSPC4.XModular-SWUM201.book Page 1656 Monday, October 3, 2011 2:21 PM Example console#show interfaces advanced firmware Port Revision Part number -------- ----------- ----------Te1/0/1 0x411 BCM8727 Te1/0/2 0x411 BCM8727 Te1/0/3 0x411 BCM8727 Te1/0/4 0x411 BCM8727 Te1/0/5 0x411 BCM8727 show ip interface out-of-band Use the show ip interface out-of-band command to disable DHCP/BOOTP on the OOB port. Syntax show ip interface out-of-band Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1657 Monday, October 3, 2011 2:21 PM Subnet Mask........................... 255.255.255.0 Default Gateway....................... 10.240.4.1 IPv6 Prefix is ....................... FE80::20A:1EFF:FE11:1100/64 ServPort Configured Protocol Current...None Burned In MAC Address..................0006.2932.814C show memory cpu Use the show memory cpu command to check the total and available RAM space on the switch.
2CSPC4.XModular-SWUM201.book Page 1658 Monday, October 3, 2011 2:21 PM Syntax show nsf Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example console#show nsf Administrative Status.......................... Enable Operational Status............................. Enable Last Startup Reason............................ Warm Auto-Restart Time Since Last Restart........................
2CSPC4.XModular-SWUM201.book Page 1659 Monday, October 3, 2011 2:21 PM show power-usage-history Use the show power-usage-history command in Privileged EXEC mode to display the history of unit power consumption for the unit specified in the command and total stack power consumption. Historical samples are not saved across switch reboots/reloads. Syntax show power-usage-history unit-id Parameter Description Parameter Description unit-id Stack unit for which to display the power history. Range 1-12.
2CSPC4.XModular-SWUM201.book Page 1660 Monday, October 3, 2011 2:21 PM Was Recorded ------ -------------------- On This Unit Per Stack (mWatts) (mWatts) ----------- ----------- 3 0d:00:00:13 56172 56172 2 0d:00:00:43 56172 56172 1 0d:00:01:12 54360 54360 show process cpu Use the show process cpu command to check the CPU utilization for each process currently running on the switch.
2CSPC4.XModular-SWUM201.book Page 1661 Monday, October 3, 2011 2:21 PM alloc 151568112 CPU Utilization: PID Name 5 Sec 1 Min 5 Min --------------------------------------------------------328bb20 tTffsPTask 0.00% 0.00% 0.02% 3291820 tNetTask 0.00% 0.00% 0.01% 3295410 tXbdService 0.00% 0.00% 0.03% 347dcd0 ipnetd 0.00% 0.00% 0.01% 348a440 osapiTimer 1.20% 1.43% 1.21% 358ee70 bcmL2X.0 0.40% 0.30% 0.12% 359d2e0 bcmCNTR.0 0.80% 0.42% 0.50% 3b5b750 bcmRX 0.00% 0.13% 0.
2CSPC4.XModular-SWUM201.book Page 1662 Monday, October 3, 2011 2:21 PM 7bc9030 spmTask 0.00% 0.09% 0.01% 7c58730 ipMapForwardingTask 0.00% 0.06% 0.03% 7f6eee0 tRtrDiscProcessingTask 0.00% 0.00% 0.01% b1516d0 dnsRxTask 0.00% 0.00% 0.01% b194d60 tCptvPrtl 0.00% 0.06% 0.03% b585770 isdpTask 0.00% 0.00% 0.02% bda6210 RMONTask 0.00% 0.11% 0.11% bdb24b0 boxs Req 0.00% 0.13% 0.10% c2d6db0 sshd 0.00% 0.00% 0.
2CSPC4.XModular-SWUM201.book Page 1663 Monday, October 3, 2011 2:21 PM User Name Connection from Idle Session Session Time Time Type --------- --------------- -------- --------- -------------- EIA-232 00:00:00 00:07:37 Serial admin 192.168.1.248 00:00:17 00:00:26 Telnet admin 192.168.1.248 00:00:16 00:00:32 HTTP console# The following table describes the significant fields shown in the display.
2CSPC4.XModular-SWUM201.book Page 1664 Monday, October 3, 2011 2:21 PM Parameter Description Power State The slot power mode is enabled or disabled. Configured Card Model Identifier The model identifier of the card preconfigured in the slot. Model identifier is a 32-character field used to identify a card. Pluggable Cards are pluggable or non-pluggable in the slot. If you supply a value for slot/port, the following additional information appears as shown in the table below.
2CSPC4.XModular-SWUM201.book Page 1665 Monday, October 3, 2011 2:21 PM console#show slot Slot Status Admin Power State State Configured Card Model ID Pluggable ----- ------ ------- ------- ------------------------- -----------1/0 Full Enable Enable PCM8024-k No 1/1 Full Enable Enable DELL Ten-Gig SFP+ Card Yes show supported cardtype Use the show supported cardtype command in User EXEC mode to display information about all card types supported in the system.
2CSPC4.XModular-SWUM201.book Page 1666 Monday, October 3, 2011 2:21 PM Parameter Description Card Type The 32-bit numeric card type for the supported card. Model Identifier The model identifier for the supported card type. Card Description The description for the supported card type. Default Configuration This command has no default configuration. Command Mode User EXEC User Guidelines The CID information is used when pre-configuring cards using the slot command.
2CSPC4.XModular-SWUM201.book Page 1667 Monday, October 3, 2011 2:21 PM User Guidelines The switch SID is used when pre-configuring switches in a stack using the member command in config-stack mode. Example The following example displays the information for supported switch types. console>show supported switchtype SID Switch Model ID Mgmt Code Pref Type ---------------------------------------------------------1 PCM8024 0x100b000 The following table describes the fields in the example.
2CSPC4.XModular-SWUM201.book Page 1668 Monday, October 3, 2011 2:21 PM Expected Code Type................ 0x100b000 Supported Cards: Slot....................... 0 Card Index (CID)........... 3 Model Identifier............ PCM8024 console# The following table describes the fields in the example. Field Description Switch Type This field displays the 32-bit numeric switch type for the supported switch. Model Identifier This field displays the model identifier for the supported switch type.
2CSPC4.XModular-SWUM201.book Page 1669 Monday, October 3, 2011 2:21 PM The show switch command may show an SDM Mismatch value in the Switch Status field. This value indicates that the unit joined the stack, but is running a different SDM template than the management unit. This status should be temporary; the stack unit should automatically reload using the template running on the stack manager. Use the show supported switchtype command to display switch SIDs.
2CSPC4.XModular-SWUM201.book Page 1670 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Examples Example – Stack Status for the Switch The following example displays stack status information for the switch. console>show switch 1 Switch............................ 1 Management Status................. Management Switch Admin Management Preference....... 4 Switch Type....................... 0x73950001 Preconfigured Model Identifier.... PCM8024 Plugged-in Model Identifier.
2CSPC4.XModular-SWUM201.book Page 1671 Monday, October 3, 2011 2:21 PM Unit Description Management Status This field indicates whether the switch is the Management Switch, a stack member, or the status is unassigned. Admin Management Preference This field indicates the administrative management preference value assigned to the switch. This preference value indicates how likely the switch is to be chosen as the Management Switch. Switch Type This field displays the 32-bit numeric switch type.
2CSPC4.XModular-SWUM201.book Page 1672 Monday, October 3, 2011 2:21 PM console>show switch Switch Management Status Preconfig Model ID Plugged-in Switch Code Model ID Status Version ------------------------------------------------------------1 Mgmt Switch PCM8024 PCM8024 1.0.0.0 Different fields in the display are explained as follows: Unit Description Switch This field displays the unit identifier assigned to the switch.
2CSPC4.XModular-SWUM201.book Page 1673 Monday, October 3, 2011 2:21 PM Parameter Description NSF Administrative Status Whether nonstop forwarding is Enabled administratively enabled or disabled Disabled Enabled NSF Operational Status Indicates whether NSF is enabled on the stack. Enabled Disabled None Last Startup Reason The type of activation that caused the software to start the last time. There are four options. “Power-On” means that the switch rebooted.
2CSPC4.XModular-SWUM201.book Page 1674 Monday, October 3, 2011 2:21 PM Parameter Description Range Status Whether the running configuration Current or Stale on the backup unit includes all changes made on the management unit. Time Since Last Copy When the running configuration was last copied from the management unit to the backup unit. Time Stamp Time Until Next Copy The number of seconds until the running configuration will be copied to the backup unit.
2CSPC4.XModular-SWUM201.book Page 1675 Monday, October 3, 2011 2:21 PM Time Until Next Copy........................ 28 seconds Unit NSF Support ---- ----------- 1 Yes 2 Yes 3 Yes Per Unit Status Parameters are explained as follows: Parameter Description Range Default NSF Support Whether a unit supports NSF Yes or No — Example – Switch Firmware Stack Status The following example displays the Switch Firmware stack status information for the switch.
2CSPC4.XModular-SWUM201.book Page 1676 Monday, October 3, 2011 2:21 PM Switch Status..................... OK Switch Description................ PowerConnect 7048 Expected Code Type................ 0x100b000 Detected Code Version............. 5.31.1.46 Detected Code in Flash............ 5.31.1.46 CPLD Version...................... 5 SFS Last Attempt Status........... None Serial Number..................... none Up Time...........................
2CSPC4.XModular-SWUM201.book Page 1677 Monday, October 3, 2011 2:21 PM User Guidelines This command has no user guidelines. Example The following example displays system information. console#show system System Description: Dell Ethernet Switch System Up Time: 0 days, 22h:27m:32s System Contact: System Name: System Location: Burned In MAC Address: 0006.2932.8120 System Object ID: 1.3.6.1.4.1.674.10895.
2CSPC4.XModular-SWUM201.book Page 1678 Monday, October 3, 2011 2:21 PM console# show system id Use the show system id command in User EXEC mode to display the system identity information. Syntax show system id [unit] • unit — The unit number. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines The tag information is on a switch by switch basis. Example The following example displays the system service tag information.
2CSPC4.XModular-SWUM201.book Page 1679 Monday, October 3, 2011 2:21 PM show system power Use the show system power command in User EXEC or Privileged EXEC mode to display information about the system level power consumption. Syntax show system power Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1680 Monday, October 3, 2011 2:21 PM show system temperature Use the show system temperature command in User EXEC or Privileged EXEC mode to display information about the system temperature and fan status. Syntax show system temperature Parameter Description This command does not require a parameter description. Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1681 Monday, October 3, 2011 2:21 PM (Celsius) ---- ----------- ----------- ------ 1 MAC 33 Good 1 PHY 24 Good Fans: Unit Description Status ---- ----------- ------ 1 Fan 1 OK 1 Fan 2 OK 1 Fan 3 OK show tech-support Use the show tech-support command to display system and configuration information for use in debugging or contacting technical support.
2CSPC4.XModular-SWUM201.book Page 1682 Monday, October 3, 2011 2:21 PM Syntax show tech-support Parameter Ranges Not applicable Command Mode Privileged EXEC mode. Usage Guidelines Not applicable Default Value Not applicable Example console#show tech-support ***************** Show Version ****************** Switch: 2 System Description............................. PowerConnect 6248P, 1.23.0.33 VxWorks 6.5 Machine Type................................... PowerConnect 6248P Machine Model...............
2CSPC4.XModular-SWUM201.book Page 1683 Monday, October 3, 2011 2:21 PM Software Version............................... 1.23.0.33 Operating System............................... VxWorks 6.5 Network Processing Device...................... BCM56314_A0 Additional Packages............................ QOS Multicast Stacking Routing ***************** Show SysInfo ****************** System Location................................ System Contact................................. System Object ID...................
2CSPC4.XModular-SWUM201.book Page 1684 Monday, October 3, 2011 2:21 PM Syntax show users [ long ] Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines. Example The following example displays a list of active users and the information about them. console#show users Username Protocol Location -------- -------- ------------ Bob Serial John SSH 172.16.0.1 Robert HTTP 172.16.0.
2CSPC4.XModular-SWUM201.book Page 1685 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines This command has no user guidelines. Example The following example displays a system version (this version number is only for demonstration purposes).
2CSPC4.XModular-SWUM201.book Page 1686 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example The following example sets the mode to Stack Global Config. console(config)#stack console(config-stack)# stack-port NOTE: All of the stack-port commands in Stack Configuration mode are not supported by the PCM8024 and PCM8024-k switches.
2CSPC4.XModular-SWUM201.book Page 1687 Monday, October 3, 2011 2:21 PM Use the show switch stack-port command to display configuration and status of stacking ports. NOTE: The show switch stack-port command in Stack Configuration mode is not supported by the PCM8024 and PCM8024-k switches.Use the show switch command to display information regarding the switches in a stack.
2CSPC4.XModular-SWUM201.book Page 1688 Monday, October 3, 2011 2:21 PM Examples console(config)#stack console(config-stack)#standby 2 switch renumber Use the switch renumber command in Global Configuration mode to change the identifier for a switch in the stack. Upon execution, the switch is configured with the configuration information for the new switch, if any is available. The old switch configuration information is retained; however, the old switch will be operationally unplugged.
2CSPC4.XModular-SWUM201.book Page 1689 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description ip-address Valid IP address of the destination host. hostname Hostname of the destination host. (Range: 1–158 characters). The command allows spaces in the host name when specified in double quotes. For example, console(config)#snmp-server host "host name" port A decimal TCP port number, or one of the keywords from the port table in the usage guidelines (see Port Table below).
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1691 Monday, October 3, 2011 2:21 PM Command Mode User EXEC, Privileged EXEC mode User Guidelines This command has no user guidelines. Example Following is an example of using the telnet command to connect to 176.213.10.50. console#telnet 176.213.10.50 Esc U sends telnet EL traceroute Use the traceroute command in Privileged EXEC mode to discover the IP routes that packets actually take when traveling to their destinations.
2CSPC4.XModular-SWUM201.book Page 1692 Monday, October 3, 2011 2:21 PM • maxTtl — The largest TTL value that can be used (Range:1–255). • maxFail — Terminate the traceroute after failing to receive a response for this number of consecutive probes (Range: 0–255). • interval — The timeout period. If a response is not received within this period of time, then traceroute considers that probe a failure (printing *) and sends the next probe.
2CSPC4.XModular-SWUM201.book Page 1693 Monday, October 3, 2011 2:21 PM Tracing route over a maximum of 20 hops 1 192.168.21.1 30 ms 10 ms 10 ms 2 * * * 3 * * * 4 * * * 5 * * * The following example uses the iterative process to obtain command parameters, and displays the routes that packets actually take when traveling to their destination. console#traceroute traceroute# Enter the ip-address | hostname : 192.168.77.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1695 Monday, October 3, 2011 2:21 PM Telnet Server Commands 81 The Telnet protocol (outlined in RFC 854) allows users (clients) to connect to multiuser computers (servers) on the network. Telnet is often employed when a user communicates with a remote login service. Telnet is the terminal emulation protocol in the TCP/IP suite. Telnet uses TCP as the transport protocol to initiate a connection between server and client.
2CSPC4.XModular-SWUM201.book Page 1696 Monday, October 3, 2011 2:21 PM Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines No specific guidelines. Default Value This feature is enabled by default. Example console#configure console(config)#ip telnet server disable console(config)# no ip telnet server disable ip telnet port The ip telnet port command is used to configure the Telnet service port number on the switch.
2CSPC4.XModular-SWUM201.book Page 1697 Monday, October 3, 2011 2:21 PM Example console(config)#ip telnet port 45 console(config)#no ip telnet port show ip telnet The show ip telnet command displays the status of the Telnet server and the Telnet service port number. Syntax show ip telnet Default Configuration This command has no default configuration. Command Mode Privileged EXEC Example (console)#show ip telnet Telnet Server is Enabled.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1699 Monday, October 3, 2011 2:21 PM Terminal Length Commands 82 This chapter provides information about terminal length commands. terminal length Use the terminal length command to set the terminal length. Use the no form of the command to reset the terminal length to the default. Syntax terminal length value no terminal length • value — The length in number of lines. Range: 0–512 Default Configuration This default value is 24.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1701 Monday, October 3, 2011 2:21 PM Time Ranges Commands 83 Time ranges are used with time-based ACLs to restrict their application due to specific time slots. This chapter explains the following commands: time-range periodic absolute show time-range time-range Use the time-range command in Global Configuration mode to create a time range identified by name, consisting of one absolute time entry and/or one or more periodic time entries.
2CSPC4.XModular-SWUM201.book Page 1702 Monday, October 3, 2011 2:21 PM Command Mode Global Configuration User Guidelines The CLI mode changes to Time-Range Configuration mode when you successfully execute this command. Example console(config)#time-range timeRange_1 absolute Use the absolute command in Time Range Configuration mode to add an absolute time entry to a time range. Use the no form of this command to delete the absolute time entry in the time range.
2CSPC4.XModular-SWUM201.book Page 1703 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Time Range Configuration User Guidelines Only one absolute time entry is allowed per time-range. The time parameter is referenced to the currently configured time zone. Example console#time-range timeRange_1 console(Config-time-range)#absolute end 12:00 16 Dec 2010 periodic Use the periodic command to add a periodic time entry to a time range.
2CSPC4.XModular-SWUM201.book Page 1704 Monday, October 3, 2011 2:21 PM Parameter Description Parameter Description days-of-the-week The first occurrence of this argument is the starting day or days from which the configuration that referenced the time range starts going into effect. The second occurrence is the ending day or days from which the configuration that referenced the time range is no longer in effect. If the end days-of-the-week are the same as the start, they can be omitted.
2CSPC4.XModular-SWUM201.book Page 1705 Monday, October 3, 2011 2:21 PM When both periodic and absolute time entries are specified within a time range, the periodic time entries limit the time range to only those times specified within the periodic time range and bounded by the absolute time range. In this case, the absolute time entry specifies the absolute start and end dates/times and the periodic entries specify the start/stop times within the limits of the absolute time entry dates and times.
2CSPC4.XModular-SWUM201.book Page 1706 Monday, October 3, 2011 2:21 PM Syntax show time-range [name] Parameter Description Parameter Description Number of Time Ranges Number of time ranges configured in the system. Time Range Name Name of the time range. Time Range Status Status of the time range(active/inactive). Absolute start Start time and day for absolute time entry. Absolute end End time and day for absolute time entry. Periodic Entries Number of periodic entries in a time-range.
2CSPC4.XModular-SWUM201.book Page 1707 Monday, October 3, 2011 2:21 PM Absolute End Time.............................. 12:00 16 Dec 2010 Periodic Entries: 4 Entry Number: 2 Periodic Start Time............................ MON 00:00 Periodic End Time.............................. TUE 12:30 Entry Number: 3 Periodic Start Time............................ TUE 13:00 Periodic End Time.............................. WED 12:00 Entry Number: 4 Periodic Start Time............................
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1709 Monday, October 3, 2011 2:21 PM User Interface Commands 84 This chapter explains the following commands: enable mode simple end mode-change confirm exit quit enable Use the enable command in User EXEC mode to enter the Privileged EXEC mode. Syntax enable Default Configuration The default privilege level is 15.
2CSPC4.XModular-SWUM201.book Page 1710 Monday, October 3, 2011 2:21 PM end Use the end command to get the CLI user control back to the privileged execution mode or user execution mode. Syntax end Default Configuration This command has no default configuration. Command Mode All command modes User Guidelines No specific guidelines.
2CSPC4.XModular-SWUM201.book Page 1711 Monday, October 3, 2011 2:21 PM Command Mode All command modes. In User EXEC mode, this command behaves identically with the quit command. User Guidelines There are no user guidelines for this command. Example The following example changes the configuration mode from Interface Configuration mode to User EXEC mode to the login prompt.
2CSPC4.XModular-SWUM201.book Page 1712 Monday, October 3, 2011 2:21 PM User Guidelines The selected mode is valid if mode-change confirm is executed within 60 seconds. The selected mode is applied as operational mode on resetting the configuration to factory defaults. Example console(config)#mode simple Warning: Confirm mode selection within 60 seconds using “mode-change confirm” command. mode-change confirm Use the mode-change confirm command to confirm the mode selection.
2CSPC4.XModular-SWUM201.book Page 1713 Monday, October 3, 2011 2:21 PM Syntax quit Default Configuration This command has no default configuration. Command Mode User EXEC command mode User Guidelines There are no user guidelines for this command. Example The following example closes an active terminal session.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1715 Monday, October 3, 2011 2:21 PM Web Server Commands 85 If enabled, the PowerConnect is manageable via industry standard web browsers. User privilege levels are the same as for the CLI. Over 95% of the management functions are available via the web interface, including configuration and firmware upgrades. Web Sessions The HTTP protocol does not provide support for persistent connections.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1717 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode Crypto Certification mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command. Example The following example displays how to specify the name of "router.gm.com." console(config-crypto-cert)#common-name router.gm.
2CSPC4.XModular-SWUM201.book Page 1718 Monday, October 3, 2011 2:21 PM Example The following example displays how to specify the country as "us." console(config-crypto-cert)#country us crypto certificate generate Use the crypto certificate generate command in Global Configuration mode to generate a self-signed HTTPS certificate. Syntax crypto certificate number generate • number — Specifies the certificate number. (Range: 1–2) • generate — Regenerates the SSL RSA key.
2CSPC4.XModular-SWUM201.book Page 1719 Monday, October 3, 2011 2:21 PM console(config-crypto-cert)#email no-reply@dell.com console(config-crypto-cert)#location Round Rock console(config)#crypto certificate 1 generate console(config-crypto-cert)#organization-unit "PowerConnect Networking" console(config-crypto-cert)#organization-name "Dell, Inc.
2CSPC4.XModular-SWUM201.book Page 1720 Monday, October 3, 2011 2:21 PM The imported certificate must be based on a certificate request created by the crypto certificate request Privileged EXEC command. If the public key found in the certificate does not match the switch's SSL RSA key, the command fails.
2CSPC4.XModular-SWUM201.book Page 1721 Monday, October 3, 2011 2:21 PM Finger print: DC789788 DC88A988 127897BC BB789788 crypto certificate request Use the crypto certificate request command in Privileged EXEC mode to generate and display a certificate request for HTTPS. This command takes you to Crypto Certificate Request mode. Syntax crypto certificate number request • number — Specifies the certificate number. (Range: 1–2) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1722 Monday, October 3, 2011 2:21 PM duration Use the duration command in Crypto Certificate Generation mode to specify the duration. Syntax duration days • days — Specifies the number of days a certification would be valid. If left unspecified, the parameter defaults to 365 days. (Range: 30–3650 days) Default Configuration This command defaults to 365 days.
2CSPC4.XModular-SWUM201.book Page 1723 Monday, October 3, 2011 2:21 PM • port-number — Port number for use by the HTTP server. (Range: 1–65535) Default Configuration This default port number is 80. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. However, specifying 0 as the port number effectively disables HTTP access to the switch. Example The following example shows how the http port number is configured to 100.
2CSPC4.XModular-SWUM201.book Page 1724 Monday, October 3, 2011 2:21 PM Example The following example enables the switch to be configured from a browser. console(config)#ip http server ip http secure-certificate Use the ip http secure-certificate command in Global Configuration mode to configure the active certificate for HTTPS. To return to the default setting, use the no form of this command.
2CSPC4.XModular-SWUM201.book Page 1725 Monday, October 3, 2011 2:21 PM ip http secure-port Use the ip http secure-port command in Global Configuration mode to configure a TCP port for use by a secure web browser to configure the switch. To use the default port, use the no form of this command. Syntax ip http secure-port port-number no ip http secure-port Parameter Description Parameter Description port-number Port number for use by the secure HTTP server.
2CSPC4.XModular-SWUM201.book Page 1726 Monday, October 3, 2011 2:21 PM Syntax ip http secure-server no ip http secure-server Default Configuration The default for the switch is disabled. Command Mode Global Configuration mode User Guidelines You must import a certificate using the crypto certificate import command, followed by the crypto certificate generate command. Example The following example enables the switch to be configured from a browser.
2CSPC4.XModular-SWUM201.book Page 1727 Monday, October 3, 2011 2:21 PM User Guidelines This command mode is entered using the crypto certificate request command. Example The following example displays how to specify that you want to regenerate the SSL RSA key 1024 byes in length. console(config-crypto-cert)#key-generate 1024 location Use the location command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the location or city name.
2CSPC4.XModular-SWUM201.book Page 1728 Monday, October 3, 2011 2:21 PM organization-unit Use the organization-unit command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the organization unit. Syntax organization-unit organization-unit • organization-unit — Specifies the organization-unit or department name. (Range: 1–64 characters) Default Configuration This command has no default configuration.
2CSPC4.XModular-SWUM201.book Page 1729 Monday, October 3, 2011 2:21 PM Default configuration This command has no default configuration. Command Mode Privileged EXEC mode Example The following example displays the SSL certificate of a sample switch.
2CSPC4.XModular-SWUM201.book Page 1730 Monday, October 3, 2011 2:21 PM show ip http server status Use the show ip http server command in User EXEC or Privileged EXEC mode to display the HTTP server status information. Syntax show ip http server status Syntax Description This command has no arguments or keywords. Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC User Guidelines This command has no user guidelines.
2CSPC4.XModular-SWUM201.book Page 1731 Monday, October 3, 2011 2:21 PM Default Configuration This command has no default configuration. Command Mode User EXEC, Privileged EXEC modes User Guidelines This command has no user guidelines. Example The following example displays an HTTPS server configuration with DH Key exchange enabled. console#show ip https HTTPS server enabled. Port: 443 DH Key exchange enabled. Certificate 1 is active Issued by: www.verisign.
2CSPC4.XModular-SWUM201.book Page 1732 Monday, October 3, 2011 2:21 PM DH Key exchange disabled, parameters are being generated. Certificate 1 is active Issued by: www.verisign.com Valid from: 8/9/2003 to 8/9/2004 Subject: CN= router.gm.com, 0= General Motors, C= US Finger print: DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by: self-signed Valid from: 8/9/2003 to 8/9/2004 Subject: CN= router.gm.
2CSPC4.XModular-SWUM201.book Page 1733 Monday, October 3, 2011 2:21 PM Example The following example shows how to specify the state of "texas.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1735 Monday, October 3, 2011 2:21 PM Appendix A: List of Commands {deny | permit} (IPv6 ACL). . . . . . . . . . . . . . . . . . . . . . . . . . 514 802.1x Advanced Features. . . . . . . . . . . . . . . . . . . . . . . . . . . 809 802.1x Advanced Features. . . . . . . . . . . . . . . . . . . . . . . . . . . 833 802.1x Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 805 802.1x Monitor Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1736 Monday, October 3, 2011 2:21 PM area nssa default-info-originate . . . . . . . . . . . . . . . . . . . . . . 1172 area nssa default-info-originate . . . . . . . . . . . . . . . . . . . . . . 1246 area nssa no-redistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1173 area nssa no-redistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1247 area nssa no-summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1737 Monday, October 3, 2011 2:21 PM arp resptime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 906 arp retries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 907 arp timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 907 arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 902 asset-tag . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1738 Monday, October 3, 2011 2:21 PM Captive Portal Local User Commands . . . . . . . . . . . . . . . . . 1393 Captive Portal Status Commands . . . . . . . . . . . . . . . . . . . . . 1399 Captive Portal User Group Commands . . . . . . . . . . . . . . . . 1403 captive-portal client deauthenticate . . . . . . . . . . . . . . . . . . . 1388 captive-portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1375 CDP Interoperability Commands . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1739 Monday, October 3, 2011 2:21 PM clear ip ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1188 clear ipv6 dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 945 clear ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1063 clear ipv6 statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1063 clear isdp counters . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1740 Monday, October 3, 2011 2:21 PM conform-color . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645 copy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1443 cos-queue min-bandwidth. . . . . . . . . . . . . . . . . . . . . . . . . . . . 646 cos-queue random-detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . 646 cos-queue strict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1741 Monday, October 3, 2011 2:21 PM debug ip vrrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1548 debug ipv6 dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1549 debug ipv6 mcache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1550 debug ipv6 mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1550 debug ipv6 pimdm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1742 Monday, October 3, 2011 2:21 PM description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1616 description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403 dhcp l2relay (Global Configuration) . . . . . . . . . . . . . . . . . . . 331 dhcp l2relay (Interface Configuration) . . . . . . . . . . . . . . . . . . 332 dhcp l2relay circuit-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1743 Monday, October 3, 2011 2:21 PM dot1x initialize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 810 dot1x mac-auth-bypass . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 810 dot1x max-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 811 dot1x max-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 812 dot1x port-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1744 Monday, October 3, 2011 2:21 PM encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1019 end. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1710 Enhanced LAG Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 612 Entering and Editing CLI Commands . . . . . . . . . . . . . . . . . . 167 erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1745 Monday, October 3, 2011 2:21 PM GMRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971 gmrp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 972 Graceful Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1168 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1382 Guest VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1746 Monday, October 3, 2011 2:21 PM interface tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1330 interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 763 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1383 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 Interoperability with IEEE DCBX . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1747 Monday, October 3, 2011 2:21 PM ip dhcp snooping database . . . . . . . . . . . . . . . . . . . . . . . . . . . 359 ip dhcp snooping limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361 ip dhcp snooping log-invalid . . . . . . . . . . . . . . . . . . . . . . . . . 362 ip dhcp snooping trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 ip dhcp snooping verify mac-address . . . . . . . . . . . . . . . . . . 363 ip dhcp snooping . . .
2CSPC4.XModular-SWUM201.book Page 1748 Monday, October 3, 2011 2:21 PM ip igmp snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . 476 ip igmp snooping groupmembership-interval. . . . . . . . . . . . . 477 ip igmp snooping host-time-out . . . . . . . . . . . . . . . . . . . . . . . 470 ip igmp snooping leave-time-out . . . . . . . . . . . . . . . . . . . . . . 470 ip igmp snooping maxresponse . . . . . . . . . . . . . . . . . . . . . . . 478 ip igmp snooping mcrtrexpiretime . . . . . .
2CSPC4.XModular-SWUM201.book Page 1749 Monday, October 3, 2011 2:21 PM ip netdirbcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1022 ip ospf area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1197 ip ospf authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1198 ip ospf cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1199 ip ospf dead-interval . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1750 Monday, October 3, 2011 2:21 PM IP Routing Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1017 ip routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1026 IP Source Guard Commands . . . . . . . . . . . . . . . . . . . . . . . . . 543 ip ssh port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1604 ip ssh pubkey-auth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1751 Monday, October 3, 2011 2:21 PM ipv6 mld last-member-query-count . . . . . . . . . . . . . . . . . . . 1067 ipv6 mld last-member-query-interval . . . . . . . . . . . . . . . . . 1068 ipv6 mld query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1071 ipv6 mld query-max-response-time . . . . . . . . . . . . . . . . . . . 1072 ipv6 mld router. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1072 ipv6 mld snooping (Global) . . . . . .
2CSPC4.XModular-SWUM201.book Page 1752 Monday, October 3, 2011 2:21 PM ipv6 nd suppress-ra . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 ospf area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 ospf cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 ospf dead-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 ospf hello-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1753 Monday, October 3, 2011 2:21 PM ipv6 pimsm rp-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1155 ipv6 pimsm rp-candidate . . . . . . . . . . . . . . . . . . . . . . . . . . . 1156 ipv6 pimsm spt-threshold. . . . . . . . . . . . . . . . . . . . . . . . . . . 1156 ipv6 pimsm ssm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1157 ipv6 route distance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1083 ipv6 route .
2CSPC4.XModular-SWUM201.book Page 1754 Monday, October 3, 2011 2:21 PM Layer 2 Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 Layer 2 Switching Commands . . . . . . . . . . . . . . . . . . . . . . . . 239 Layer 3 Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 Layer 3 Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 899 Layer 3/4 IPv4 ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636 lease . . . . .
2CSPC4.XModular-SWUM201.book Page 1755 Monday, October 3, 2011 2:21 PM logging email test message-type . . . . . . . . . . . . . . . . . . . . . . 393 logging email urgent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388 logging email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386 logging file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1624 logging on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1756 Monday, October 3, 2011 2:21 PM management access-class . . . . . . . . . . . . . . . . . . . . . . . . . . . 1483 management access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1484 Management ACL Commands . . . . . . . . . . . . . . . . . . . . . . . 1481 Manual Aggregation of LAGs . . . . . . . . . . . . . . . . . . . . . . . . 613 Manual Aggregation of LAGs . . . . . . . . . . . . . . . . . . . . . . . . 613 mark cos . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1757 Monday, October 3, 2011 2:21 PM Mode Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 mode-change confirm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1712 monitor session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632 motd-banner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1645 msgauth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1758 Monday, October 3, 2011 2:21 PM nsf helper strict-lsa-checking . . . . . . . . . . . . . . . . . . . . . . . . 1276 nsf helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1208 nsf helper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1275 nsf restart-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1210 nsf restart-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1759 Monday, October 3, 2011 2:21 PM passwords strength minimum character-classes . . . . . . . . . 1503 passwords strength minimum lowercase-letters . . . . . . . . . 1499 passwords strength minimum numeric-characters. . . . . . . . 1500 passwords strength minimum special-characters. . . . . . . . . 1501 passwords strength minimum uppercase-letters . . . . . . . . . 1498 passwords strength-check . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1760 Monday, October 3, 2011 2:21 PM Priority Flow Control Commands . . . . . . . . . . . . . . . . . . . . . 891 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 701 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 753 priority-flow-control mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 892 priority-flow-control priority . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1761 Monday, October 3, 2011 2:21 PM retransmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 707 revision (mst) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 725 rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1513 rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1516 RMON Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1762 Monday, October 3, 2011 2:21 PM sflow destination. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1561 sflow polling (Interface Mode). . . . . . . . . . . . . . . . . . . . . . . 1564 sflow polling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1563 sflow sampling (Interface Mode) . . . . . . . . . . . . . . . . . . . . . 1566 sflow sampling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1763 Monday, October 3, 2011 2:21 PM show classofservice trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678 show clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1432 show copper-ports tdr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1509 show crypto certificate mycertificate. . . . . . . . . . . . . . . . . . 1728 show crypto key mypubkey . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1764 Monday, October 3, 2011 2:21 PM show ethernet cfm maintenance-points local . . . . . . . . . . . . . 449 show ethernet cfm maintenance-points remote . . . . . . . . . . . 450 show ethernet cfm statistics . . . . . . . . . . . . . . . . . . . . . . . . . . 452 show fiber-ports optical-transceiver . . . . . . . . . . . . . . . . . . . 1510 show fip-snooping enode . . . . . . . . . . . . . . . . . . . . . . . . . . . . 867 show fip-snooping fcf . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1765 Monday, October 3, 2011 2:21 PM show ip brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1027 show ip dhcp binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 939 show ip dhcp conflict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 940 show ip dhcp global configuration. . . . . . . . . . . . . . . . . . . . . 941 show ip dhcp pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1766 Monday, October 3, 2011 2:21 PM show ip igmp-proxy groups detail . . . . . . . . . . . . . . . . . . . . . 996 show ip igmp-proxy groups . . . . . . . . . . . . . . . . . . . . . . . . . . 996 show ip igmp-proxy interface. . . . . . . . . . . . . . . . . . . . . . . . . 995 show ip igmp-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 994 show ip interface out-of-band. . . . . . . . . . . . . . . . . . . . . . . . 1656 show ip interface. . . . . .
2CSPC4.XModular-SWUM201.book Page 1767 Monday, October 3, 2011 2:21 PM show ip pim rp mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . 1147 show ip protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1031 show ip rip interface brief . . . . . . . . . . . . . . . . . . . . . . . . . . 1326 show ip rip interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1325 show ip rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1768 Monday, October 3, 2011 2:21 PM show ipv6 mld snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530 show ipv6 mld traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1103 show ipv6 mld-proxy groups detail . . . . . . . . . . . . . . . . . . . 1100 show ipv6 mld-proxy groups . . . . . . . . . . . . . . . . . . . . . . . . 1099 show ipv6 mld-proxy interface. . . . . . . . . . . . . . . . . . . . . . . 1102 show ipv6 mld-proxy . . . . . .
2CSPC4.XModular-SWUM201.book Page 1769 Monday, October 3, 2011 2:21 PM show ipv6 pimsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1052 show ipv6 pimsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1158 show ipv6 route preferences . . . . . . . . . . . . . . . . . . . . . . . . 1107 show ipv6 route summary . . . . . . . . . . . . . . . . . . . . . . . . . . 1108 show ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1770 Monday, October 3, 2011 2:21 PM show mac address-table multicast . . . . . . . . . . . . . . . . . . . . . 299 show mac address-table static. . . . . . . . . . . . . . . . . . . . . . . . . 308 show mac address-table vlan . . . . . . . . . . . . . . . . . . . . . . . . . 309 show mac address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302 show mail-server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1771 Monday, October 3, 2011 2:21 PM show service-acl interface . . . . . . . . . . . . . . . . . . . . . . . . . . . 283 show service-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 688 show sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1662 show sflow agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1567 show sflow destination. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1772 Monday, October 3, 2011 2:21 PM show system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1676 show tacacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 754 show tech-support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1681 show time-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1705 show trapflags. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1773 Monday, October 3, 2011 2:21 PM sntp authenticate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1422 sntp authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1423 sntp broadcast client enable . . . . . . . . . . . . . . . . . . . . . . . . . 1424 sntp client poll timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1424 sntp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1774 Monday, October 3, 2011 2:21 PM speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1480 speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429 speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607 split-horizon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1327 SSH Commands . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1775 Monday, October 3, 2011 2:21 PM Telnet Server Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . 1695 telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1688 Terminal Length Commands . . . . . . . . . . . . . . . . . . . . . . . . 1699 terminal length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1699 test copper-port tdr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1776 Monday, October 3, 2011 2:21 PM username unlock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263 Using CLI Functions and Tools . . . . . . . . . . . . . . . . . . . . . . . 197 Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 Utility Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2CSPC4.XModular-SWUM201.book Page 1777 Monday, October 3, 2011 2:21 PM VRRP Route/Interface Tracking . . . . . . . . . . . . . . . . . . . . . vrrp timers advertise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vrrp timers learn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vrrp track interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vrrp track ip route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Web Server Commands . . . . .
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.
2CSPC4.XModular-SWUM201.book Page 1784 Monday, October 3, 2011 2:21 PM Printed in the U.S.A. w w w. del l . co m | s upp ort . del l .
