Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide A Guide for System Administrators of Intel® Server Products Intel Order Number D67145-002
Disclaimer Information in this document is provided in connection with Intel® products. No license, express or implied, by estoppel or otherwise, to any intellectual property rights is granted by this document.
Safety Information Important Safety Instructions Read all caution and safety statements in this document before performing any of the instructions. Wichtige Sicherheitshinweise Lesen Sie zunächst sämtliche Warnund Sicherheitshinweise in diesem Dokument, bevor Sie eine der Anweisungen ausführen. Consignes de sécurité Lisez attention toutes les consignes de sécurité et les mises en garde indiquées dans ce document avant de suivre toute instruction.
Warnings Heed safety instructions: Before working with your server product, whether you are using this guide or any other resource as a reference, pay close attention to the safety instructions. You must adhere to the assembly instructions in this guide to ensure and maintain compliance with existing product certifications and approvals. Use only the described, regulated components specified in this guide.
Preface About this Manual Thank you for purchasing and using an Intel® Blade Server Ethernet Switch Module SBCEGBESW1 or SBCEGBESW10. This manual is written for System Administrators who have knowledge of device management through Command Line Interface (CLI) commands.This document provides the basic rules for understanding how the commands are presented in this guide.
Chapter 15 Port Channel Commands Chapter 16 Port Monitor Commands Chapter 17 QoS Commands Chapter 18 RMON Commands Chapter 19 RADIUS Commands Chapter 20 Web Server Commands Chapter 21 SNMP Commands Chapter 22 Spanning-Tree Commands Chapter 23 SSH Commands Chapter 24 Syslog Commands Chapter 25 System Management Commands Chapter 26 TACACS+ Commands Chapter 27 User Interface Commands Chapter 28 VLAN Commands Chapter 29 802.
Contents Important Safety Instructions ................................................................................................ iii Wichtige Sicherheitshinweise ............................................................................................... iii Consignes de sécurité .......................................................................................................... iii Instrucciones de seguridad importantes .......................................................................
show ports security .............................................................................................................. 37 show ports security addresses ............................................................................................ 38 Chapter 4: ACL Commands .....................................................................................41 ip access-list ........................................................................................................................
shutdown .............................................................................................................................80 description ...........................................................................................................................81 speed ...................................................................................................................................82 duplex ..........................................................................................
Chapter 10: IP Address Commands ......................................................................121 ip address .......................................................................................................................... 121 ip address dhcp ................................................................................................................. 122 ip default-gateway .............................................................................................................
show ports monitor ............................................................................................................163 Chapter 17: QoS Commands ................................................................................. 165 qos ....................................................................................................................................165 show qos ........................................................................................................................
show rmon log ................................................................................................................... 212 rmon table-size .................................................................................................................. 214 Chapter 19: RADIUS Commands ...........................................................................215 radius-server host ..............................................................................................................
show snmp filters ...............................................................................................................256 show snmp users ...............................................................................................................257 Chapter 22: Spanning-Tree Commands ............................................................... 259 spanning-tree .....................................................................................................................
logging on .......................................................................................................................... 307 logging ............................................................................................................................... 308 logging buffered ................................................................................................................. 309 logging buffered size .............................................................................
end ....................................................................................................................................349 help ....................................................................................................................................350 terminal datadump .............................................................................................................350 show history .......................................................................................
dot1x timeout tx-period ...................................................................................................... 389 dot1x max-req ................................................................................................................... 390 dot1x timeout supp-timeout ............................................................................................... 391 dot1x timeout server-timeout ...........................................................................................
1 Using CLI Overview This document describes the Command Line Interface (CLI) used to manage the Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10. The switches can operate as standalone systems, or can be stacked together in the same system. Most of the CLI commands are applicable to both switch modules. This chapter describes how to start using the CLI and the CLI command editing features.
Using CLI The default host name is Console unless it has been changed using the hostname Console> command in the Global Configuration mode. Privileged EXEC Mode Privileged access is password protected to prevent unauthorized use because many of the Privileged commands set operating system parameters. The password is not displayed on the screen and is case sensitive. Privileged users enter directly into the Privileged EXEC mode.
Using CLI Configuration mode prompt consists of the device host name followed by (config) and #. 2.
Using CLI • MAC Access-List — Configures conditions required to allow traffic based on MAC addresses. The mac access-list Global Configuration mode command is used to enter the MAC access-list configuration mode. Starting the CLI The device can be managed over a direct connection via a Telnet connection. The device is managed by entering command keywords and parameters at the prompt. Using the device command-line interface (CLI) is very similar to entering commands on a UNIX system.
Using CLI There are two instances where help information can be displayed: • Keyword lookup — The character ? is entered in place of a command. A list of all valid commands and corresponding help messages are is displayed. • Partial keyword lookup — If a command is incomplete and or the character ? is entered in place of a parameter. The matched keyword or parameters for this command are displayed. To assist in using the CLI, there is an assortment of editing features.
Using CLI Nomenclature When referring to an Ethernet port in a CLI command, the following format is used: For an Ethernet port on a standalone device: Ethernet_type port_number For an Ethernet port on a stacked device: unit_number/Ethernet_type port number The Ethernet type may be Gigabit Ethernet (indicated by “g”). For example, g3 stands for Gigabit Ethernet port 3 on a stand-alone device, whereas 1/3 stands for Gigabit Ethernet port 3 on stacking unit.
Using CLI CLI Command Conventions When entering commands there are certain command entry standards that apply to all commands. The following table describes the command conventions. ConventionDescription [ ]In a command line, square brackets indicates an optional entry. { }In a command line, curly brackets indicate a selection of compulsory parameters separated by the | character. One option must be selected.
Using CLI 8 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
2 AAA Commands aaa authentication login The aaa authentication login Global Configuration mode command defines login authentication. To restore defaults, use the no form of this command. Syntax aaa authentication login {default | list-name} method1 [method2...] no aaa authentication login {default | list-name} Parameters • default — Uses the listed authentication methods that follow this argument as the default list of methods when a user logs in.
AAA Commands User Guidelines The default and optional list names created with the aaa authentication login command are used with the login authentication command. Create a list by entering the aaa authentication login list-name method command for a particular protocol, where list-name is any character string used to name this list. The method argument identifies the list of methods that the authentication algorithm tries, in the given sequence.
AAA Commands Keyword Description line Uses the line password for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. Uses username $enabx$., where x is the privilege level. tacacs Uses the list of all TACACS+ servers for authentication. Uses username "$enabx$." where x is the privilege level. Default Configuration If the default list is not set, only the enable password is checked.
AAA Commands Syntax login authentication {default | list-name} no login authentication Parameters • default — Uses the default list created with the aaa authentication login command. • list-name — Uses the indicated list created with the aaa authentication login command. Default Configuration Uses the default set with the command aaa authentication login.
AAA Commands Parameters • default — Uses the default list created with the aaa authentication enable command. • list-name — Uses the indicated list created with the aaa authentication enable command. Default Configuration Uses the default set with the aaa authentication enable command. Command Mode Line Configuration mode User Guidelines There are no user guidelines for this command.
AAA Commands Parameters • method1 [method2...] — Specify at least one method from the following list: Keyword Description local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked. This has the same effect as the command ip http authentication local.
AAA Commands Parameters • method1 [method2...] — Specify at least one method from the following list: Keyword Description local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication. Default Configuration The local user database is checked. This has the same effect as the command ip https authentication local.
AAA Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the authentication configuration.
AAA Commands Parameters • password — Password for this level. (Range: 1-159 characters) • encrypted — Encrypted password to be entered, copied from another device configuration. Default Configuration No password is defined. Command Mode Line Configuration mode User Guidelines If a password is defined as encrypted, the required password length is 32 characters. Example The following example specifies the password called `secret' on a Telnet.
AAA Commands Default Configuration No enable password is defined. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets a local level 15 password called `secret' to control access to user and privilege levels. Console(config)# enable password secret level 15 username The username Global Configuration mode command creates a user account in the local database. To remove a user name, use the no form of this command.
AAA Commands Command Mode Global Configuration mode User Guidelines User account can be created without a password. Example The following example configures user called bob with password `lee' and user level 15 to the system.
AAA Commands 20 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
3 Address Table Commands bridge address The bridge address Interface Configuration (VLAN) mode command adds a MAC-layer station source address to the bridge table. To delete the MAC address, use the no form of this command. Syntax bridge address mac-address {ethernet interface | port-channel port-channel-number} [permanent | delete-on-reset | delete-on-timeout | secure] no bridge address [mac-address] Parameters • • • • • • • mac-address — A valid MAC address. interface — A valid Ethernet port.
Address Table Commands Example The following example adds a permanent static MAC-layer station source address 3aa2.64b3.a245 on port 1 to the bridge table. Console(config)# interface vlan 2 Console(config-if)# bridge address 3aa2.64b3.a245 ethernet ext.1 permanent bridge multicast filtering The bridge multicast filtering Global Configuration mode command enables filtering multicast addresses. To disable filtering multicast addresses, use the no form of this command.
Address Table Commands bridge multicast address The bridge multicast address Interface Configuration (VLAN) mode command registers a MAC-layer multicast address in the bridge table and statically adds ports to the group. To unregister the MAC address, use the no form of this command.
Address Table Commands Example The following example registers the MAC address: Console(config)# interface vlan 8 Console(config-if)# bridge multicast address 01:00:5e:02:02:03 The following example registers the MAC address and adds ports statically. Console(config)# interface vlan 8 Console(config-if)# bridge multicast address 01:00:5e:02:02:03 add ethernet ext.1, ext.
Address Table Commands Command Modes Interface Configuration (VLAN) mode User Guidelines Before defining forbidden ports, the multicast group should be registered. Example In this example, MAC address 0100.5e02.0203 is forbidden on port 2 within VLAN 8. Console(config)# interface vlan 8 Console(config-if)# bridge multicast address 0100.5e.02.0203 Console(config-if)# bridge multicast forbidden address 0100.5e02.0203 add ethernet ext.
Address Table Commands Interface Configuration (VLAN) mode User Guidelines There are no user guidelines for this command. Example In this example, all multicast packets on port 1 are forwarded. Console(config)# interface vlan 2 Console(config-if)# bridge multicast forward-all add ethernet ext.1 bridge multicast forbidden forward-all The bridge multicast forbidden forward-all Interface Configuration (VLAN) mode command forbids a port to be a forward-all-multicast port.
Address Table Commands User Guidelines IGMP snooping dynamically discovers multicast device ports. When a multicast device port is discovered, all the multicast packets are forwarded to it unconditionally. This command prevents a port from becoming a multicast device port. Example In this example, forwarding all multicast packets to 1 with VLAN 2 is forbidden. Console(config)# interface vlan 2 Console(config-if)# bridge multicast forbidden forward-all add ethernet ext.
Address Table Commands Example In the following example, the bridge aging time is set to 250 seconds. Console(config)# bridge aging-time 250 clear bridge The clear bridge Privileged EXEC mode command removes any learned entries from the forwarding database. Syntax clear bridge Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example In the following example, the bridge tables are cleared.
Address Table Commands no port security Parameters • forward — Forwards packets with unlearned source addresses, but does not learn the address. • discard — Discards packets with unlearned source addresses. This is the default if no option is indicated. • discard-shutdown — Discards packets with unlearned source addresses. The port is also shut down. • seconds — Sends SNMP traps and defines the minimum amount of time in seconds between consecutive traps.
Address Table Commands Parameters • lock — Saves the current dynamic MAC addresses associated with the port and disables learning, relearning and aging. • mac-addresses — Deletes the current dynamic MAC addresses associated with the port and learns up to the maximum number addresses allowed on the port. Relearning and aging are enabled. Default Configuration This setting is disabled.
Address Table Commands Default Configuration No addresses are defined. Command Mode Interface Configuration (Ethernet, port-channel) mode. Cannot be configured for a range of interfaces (range context). User Guidelines The command enables adding secure MAC addresses to a routed port in port security mode. The command is available when the port is a routed port and in port security mode. The address is deleted if the port exits the security mode or is not a routed port.
Address Table Commands Command Mode Privileged EXEC mode User Guidelines Internal usage VLANs (VLANs that are automatically allocated on ports with a defined Layer 3 interface) are presented in the VLAN column by a port number and not by a VLAN ID. "Special" MAC addresses that were not statically defined or dynamically learned are displayed in the MAC address table. This includes, for example, MAC addresses defined in ACLS.
Address Table Commands • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example In this example, all static entries in the bridge-forwarding database are displayed.
Address Table Commands • interface — A valid Ethernet port. • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example In this example, the number of addresses present in all VLANs are displayed.
Address Table Commands Parameters • • • • vlan-id — Indicates the VLAN ID. This has to be a valid VLAN ID value. mac-multicast-address — A valid MAC multicast address. ip-multicast-address — A valid IP multicast address. format ip / mac — Multicast address format. Can be ip or mac. If the format is unspecified, the default is mac. Default Configuration This command has no default configuration.
Address Table Commands Console# show bridge multicast address-table format ip Vlan IP/MAC Address Type Ports ---- ----------------- ------ --------- 1 224-239.130|2.2.3 static 1, 2 19 224-239.130|2.2.8 static 1-8 19 224-239.130|2.2.8 dynamic 9-11 Forbidden ports for multicast addresses: Vlan IP/MAC Address Ports ---- ----------------- ------ 1 224-239.130|2.2.3 8 19 224-239.130|2.2.8 8 A multicast MAC address maps to multiple IP addresses as shown above.
Address Table Commands Example In this example, the multicast configuration for VLAN 1 is displayed. Console# show bridge multicast filtering 1 Filtering: Enabled VLAN: 1 Port Static Status ---- --------- --------- 1 Filter 2 Filter 3 - Filter show ports security The show ports security Privileged EXEC mode command displays the port-lock status. Syntax show ports security [ethernet interface | port-channel port-channel-number] Parameters • interface — A valid Ethernet port.
Address Table Commands Example In this example, all classes of entries in the port-lock status are displayed: Console# show ports security Port Status Learning Action Maximum Trap Frequency ---- ------- -------- ------- ------- ------- --------- 1 Locked Dynamic Discard 3 Enable 100 2 Unlocked Dynamic - 28 - - 3 Locked Disabled Discard, Shutdown 8 Disable - The following table describes the fields shown above. Field Description Port The port number.
Address Table Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example This example displays dynamic addresses in all currently locked ports.
Address Table Commands 40 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
4 ACL Commands ip access-list The ip access-list Global Configuration mode command enables the IP-Access Configuration mode and creates Layer 3 ACLs. To delete an ACL, use the no form of this command. Syntax ip access-list name no ip access-list name Parameters • name — Specifies the name of the ACL. (Range: 0-32 characters) Default Configuration The default for all ACLs is deny-all. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
ACL Commands permit (ip) The permit IP-Access List Configuration mode command permits traffic if the conditions defined in the permit statement match.
ACL Commands IP Protocol Abbreviated Name Protocol Number Interior Gateway Protocol igp 9 User Datagram Protocol udp 17 Host Monitoring Protocol hmp 20 Reliable Data Protocol rdp 27 Inter-Domain Policy Routing Protocol idpr 35 Ipv6 protocol ipv6 41 Routing Header for IPv6 ipv6-route 43 Fragment Header for IPv6 ipv6-frag 44 Inter-Domain Routing Protocol idrp 45 Reservation Protocol rsvp 46 General Routing Encapsulation gre 47 Encapsulating Security Payload (50) esp 50
ACL Commands • list-of-flags — Specifies a list of TCP flags that can be triggered. If a flag is set, it is prefixed by “+”. If a flag is not set, it is prefixed by “-”. The possible values are: +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack, -psh, -rst, -syn and -fin. The flags are concatenated into one string. For example: +fin-ack. Default Configuration No IPv4 ACL is defined.
ACL Commands deny-tcp deny-udp Parameters • disable-port — Specifies that the port is disabled. • source — Specifies the IP address or host name from which the packet was sent. Specify any to indicate IP address 0.0.0.0 and mask 255.255.255.255. • source-wildcard — (Optional for the first type) Specifies wildcard bits by placing 1s in bit positions to be ignored. Specify any to indicate IP address 0.0.0.0 and mask 255.255.255.255.
ACL Commands IP Protocol Abbreviated Name Protocol Number IP-within-IP Encapsulation Protocol ipip 94 Protocol Independent Multicast pim 103 Layer Two Tunneling Protocol l2tp 115 ISIS over IPv4 isis 124 (any IP protocol) any (25504) • in-port port-num — (Optional) Specifies the input port of the devise. In case of egress classification this port will be devise input port. • out-port port-num — (Optional) Specifies the output port of the devise.
ACL Commands Syntax mac access-list name no mac access-list name Parameters • name — Specifies the name of the ACL. (Range: 0-32 characters) Default Configuration The default for all ACLs is deny all. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example shows how to create a MAC ACL.
ACL Commands • destination — Specifies the MAC address of the host to which the packet is being sent. • destination-wildcard — Specifies wildcard bits to be applied to the destination MAC address. Use 1s in bit positions to be ignored. • • • • vlan-id — Specifies the ID of the packet vlan. (Range: 0-4095) cos — Specifies the Class of Service (CoS) for the packet. (Range: 0-7) cos-wildcard — Specifies wildcard bits to be applied to the CoS. eth-type — Specifies the Ethernet type of the packet .
ACL Commands Parameters • disable-port — Indicates that the port is disabled if the statement is deny. • source — Specifies the MAC address of the host from which the packet was sent. • source-wildcard — (Optional for the first type) Specifies wildcard bits by placing 1s in bit positions to be ignored. • destination — Specifies the MAC address of the host to which the packet is being sent.
ACL Commands service-acl The service-acl Interface Configuration mode command applies an ACL to the input interface. To detach an ACL from an input interface, use the no form of this command. Syntax service-acl {input acl-name} no service-acl {input} Parameters • acl-name—Specifies the ACL to be applied to the input interface. Default Configuration This command has no default configuration. Command Mode Interface (Ethernet, port-channel) Configuration mode.
ACL Commands Parameters • name — The name of the ACL. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays access lists defined on a device. Console# show access-lists IP access list ACL1 permit ip host 172.30.40.1 any permit rsvp host 172.30.8.
ACL Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
5 Clock Commands clock set The clock set Privileged EXEC mode command manually sets the system clock. Syntax clock set hh:mm:ss day month year or clock set hh:mm:ss month day year Parameters • hh:mm:ss — Current time in hours (military format), minutes, and seconds. (hh: 0-23, mm: 0-59, ss: 0-59) • day — Current day (by date) in the month. (Range: 1-31) • month — Current month using the first three letters by name. (Range: Jan, …, Dec) • year — Current year.
Clock Commands clock source The clock source Global Configuration mode command configures an external time source for the system clock. Use no form of this command to disable external time source. Syntax clock source {sntp} no clock source Parameters • sntp — SNTP servers Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Clock Commands no clock timezone Parameters • hours-offset — Hours difference from UTC. (Range: –12 hours to +13 hours) • minutes-offset — Minutes difference from UTC. (Range: 0-59) • acronym — The acronym of the time zone. (Range: Up to 4 characters) Default Configuration Clock set to UTC. Command Mode Global Configuration mode User Guidelines The system internally keeps time in UTC, so this command is used only for display purposes and when the time is manually set.
Clock Commands no clock summer-time recurring Parameters • recurring — Indicates that summer time should start and end on the corresponding specified days every year. • date — Indicates that summer time should start on the first specific date listed in the command and end on the second specific date in the command. • • • • usa — The summer time rules are the United States rules. • • • • • • date — Date of the month. (Range:1-31) eu — The summer time rules are the European Union rules.
Clock Commands Start: First Sunday in April End: Last Sunday in October Time: 2 am local time EU rule for daylight savings time: Start: Last Sunday in March End: Last Sunday in October Time: 1.00 am (01:00) Example The following example sets summer time starting on the first Sunday in April at 2 am and finishing on the last Sunday in October at 2 am.
Clock Commands User Guidelines Multiple keys can be generated. Example The following example defines the authentication key for SNTP. Console(config)# sntp authentication-key 8 md5 ClkKey sntp authenticate The sntp authenticate Global Configuration mode command grants authentication for received Simple Network Time Protocol (SNTP) traffic from servers. To disable the feature, use the no form of this command.
Clock Commands sntp trusted-key The sntp trusted-key Global Configuration mode command authenticates the identity of a system to which Simple Network Time Protocol (SNTP) will synchronize. To disable authentication of the identity of the system, use the no form of this command. Syntax sntp trusted-key key-number no sntp trusted-key key-number Parameters • key-number — Key number of authentication key to be trusted. (Range: 14294967295) Default Configuration No keys are trusted.
Clock Commands Syntax sntp client poll timer seconds no sntp client poll timer Paramethers • seconds — Polling interval in seconds. (Range: 60-86400) Default Configuration Polling interval is 1024 seconds. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the polling time for the SNTP client to 120 seconds.
Clock Commands Command Mode Global Configuration mode User Guidelines Use the sntp client enable (Interface) Interface Configuration mode command to enable the SNTP client on a specific interface. Example The following example enables the SNTP broadcast clients. Console(config)# sntp broadcast client enable sntp anycast client enable The sntp anycast client enable Global Configuration mode command enables SNTP anycast client. To disable the SNTP anycast client, use the no form of this command.
Clock Commands Example The following example enables SNTP anycast clients. console(config)# sntp anycast client enable sntp client enable (Interface) The sntp client enable Interface Configuration (Ethernet, port-channel, VLAN) mode command enables the Simple Network Time Protocol (SNTP) client on an interface. This applies to both receive broadcast and anycast updates. To disable the SNTP client, use the no form of this command.
Clock Commands sntp unicast client enable The sntp unicast client enable Global Configuration mode command enables the device to use the Simple Network Time Protocol (SNTP) to request and accept SNTP traffic from servers. To disable requesting and accepting SNTP traffic from servers, use the no form of this command. Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP unicast client is disabled.
Clock Commands Default Configuration Polling is disabled. Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command. Example The following example enables polling for SNTP predefined unicast clients.
Clock Commands Command Mode Global Configuration mode User Guidelines Up to 8 SNTP servers can be defined. Use the sntp unicast client enable Global Configuration mode command to enable predefined unicast clients globally. To enable polling you should also use the sntp unicast client poll Global Configuration mode command for global enabling. Polling time is determined by the sntp client poll timer Global Configuration mode command.
Clock Commands User Guidelines The symbol that precedes the show clock display indicates the following: Symbol Description * Time is not authoritative. (blank) Time is authoritative. . Time is authoritative, but SNTP is not synchronized. Example The following example displays the time and date from the system clock.
Clock Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the current SNTP configuration of the device. Console# show sntp configuration Polling interval: 1024 seconds MD5 Authentication keys: 8, 9 Authentication is required for synchronization. Trusted Keys: 8, 9 Unicast Clients Polling: Enabled Server Polling Encryption Key ----------- ------- -------------- 176.1.1.8 Enabled 9 176.1.8.
Clock Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows the status of the SNTP. Console# show sntp status Clock is synchronized, stratum 4, reference is 176.1.1.8, unicast Reference time is AFE2525E.70597B34 (00:10:22.
6 Configuration and Image File Commands copy The copy Privileged EXEC mode command copies files from a source to a destination. Syntax copy source-url destination-url Parameters • source-url — The source file location URL or reserved keyword of the source file to be copied. (Range: 1-160 characters) • destination-url — The destination file URL or reserved keyword of the destination file. (Range: 1-160 characters) The following table displays keywords and URL prefixes.
Configuration and Image File Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines The location of a file system dictates the format of the source or destination URL. The entire copying process may take several minutes and differs from protocol to protocol and from network to network. *.prv and *.sys files cannot be copied.
Configuration and Image File Commands To load a configuration file from a network server to the running configuration file of the device, enter the copy source-url running-config command. The commands in the loaded configuration file are added to those in the running configuration file as if the commands were typed in the command-line interface (CLI).
Configuration and Image File Commands Parameters • url — The location URL or reserved keyword of the file to be deleted. (Range: 1-160 characters) The following table displays keywords and URL prefixes: Keyword Source or Destination flash: Source or destination URL for flash memory. It’s the default in case a URL is specified without a prefix. startup-config Represents the startup configuration file. Default Configuration This command has no default configuration.
Configuration and Image File Commands Default Configuration If the unit number is unspecified, the default setting is the master unit number. Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image. Example The following example loads the system image 1 at device startup.
Configuration and Image File Commands Example The following example displays the contents of the running configuration file. Console# show running-config hostname device interface ethernet ext.1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet ext.2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 show startup-config The show startup-config Privileged EXEC mode command displays the contents of the startup configuration file.
Configuration and Image File Commands Example The following example displays the contents of the running configuration file. Console# show startup-config hostname device interface ethernet ext.1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet ext.2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 show backup-config The show backup-config Privileged EXEC mode command displays the contents of the backup configuration file.
Configuration and Image File Commands Example The following example displays the contents of the backup configuration file. Console# show backup-config software version 1.1 hostname device interface ethernet ext.1 ip address 176.242.100.100 255.255.255.0 duplex full speed 1000 interface ethernet ext.2 ip address 176.243.100.100 255.255.255.0 duplex full speed 1000 show bootvar The show bootvar Privileged EXEC mode command displays the active system image file that is loaded by the device at startup.
Configuration and Image File Commands Example The following example displays the active system image file that is loaded by the device at startup.
Configuration and Image File Commands 78 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
7 Ethernet Configuration Commands interface ethernet The interface ethernet Global Configuration mode command enters the interface configuration mode to configure an Ethernet type interface. Syntax interface ethernet interface Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Ethernet Configuration Commands Syntax interface range ethernet {port-list | all} Parameters • port-list — List of valid ports. Where more than one port is listed, separate the nonconsecutive ports with a comma and no spaces, use a hyphen to designate a range of ports and group a list separated by commas in brackets. • all — All Ethernet ports. Default Configuration This command has no default configuration.
Ethernet Configuration Commands Default Configuration The interface is enabled. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example disables Ethernet port 5 operations. Console(config)# interface ethernet ext.5 Console(config-if)# shutdown The following example restarts the disabled Ethernet port. Console(config)# interface ethernet ext.
Ethernet Configuration Commands Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example adds a description to Ethernet port 5. Console(config)# interface ethernet ext.5 Console(config-if)# description "RD SW#3" speed The speed Interface Configuration (Ethernet, port-channel) mode command configures the speed of a given Ethernet interface when not using auto-negotiation.
Ethernet Configuration Commands User Guidelines The no speed command in a port-channel context returns each port in the port-channel to its maximum capability. Example The following example configures the speed operation of Ethernet port 5 to 100 Mbps operation. Console(config)# interface ethernet ext.5 Console(config-if)# speed 100 duplex The duplex Interface Configuration (Ethernet) mode command configures the full/half duplex operation of a given Ethernet interface when not using auto-negotiation.
Ethernet Configuration Commands Example The following example configures the duplex operation of Ethernet port 1 to full duplex operation. Console(config)# interface ethernet ext.1 Console(config-if)# duplex full negotiation The negotiation Interface Configuration (Ethernet, port-channel) mode command enables auto-negotiation operation for the speed and duplex parameters of a given interface. To disable auto-negotiation, use the no form of this command.
Ethernet Configuration Commands Example The following example enables auto-negotiation on Ethernet port 1. Console(config)# interface ethernet ext.1 Console(config-if)# negotiation flowcontrol The flowcontrol Interface Configuration (Ethernet, port-channel) mode command configures flow control on a given interface. To disable flow control, use the no form of this command. Syntax flowcontrol {auto | on | off} no flowcontrol Parameters • auto — Indicates auto-negotiation • on — Enables flow control.
Ethernet Configuration Commands mdix The mdix Interface Configuration (Ethernet) mode command enables cable crossover on a given interface. To disable cable crossover, use the no form of this command. Syntax mdix {on | auto} no mdix Parameters • on — Manual mdix is enabled. • auto — Automatic mdi/mdix is enabled. Default Configuration The default setting is on.
Ethernet Configuration Commands back-pressure The back-pressure Interface Configuration (Ethernet, port-channel) mode command enables back pressure on a given interface. To disable back pressure, use the no form of this command. Syntax back-pressure no back-pressure Default Configuration Back pressure is enabled. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command.
Ethernet Configuration Commands Default Configuration Jumbo frames are disabled on the device. Command Mode Global Configuration User Guidelines This command is relevant to Giga devices only. This command takes effect only after resetting the device. Example In the following example, jumbo frames are enabled on the device. Console(config)# port jumbo-frame clear counters The clear counters Privileged EXEC mode command clears statistics on an interface.
Ethernet Configuration Commands User Guidelines There are no user guidelines for this command. Example In the following example, the counters for interface 1 are cleared. Console# clear counters ethernet ext.2 set interface active The set interface active Privileged EXEC mode command reactivates an interface that was shutdown. Syntax set interface active {ethernet interface | port-channel port-channel-number} Parameters • interface — Valid Ethernet port.
Ethernet Configuration Commands show interfaces advertise The show interfaces advertise Privileged EXEC mode command displays autonegotiation data. Syntax show interfaces advertise [ethernet interface | port-channel port-channel-number] Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration.
Ethernet Configuration Commands 8 100M-Copper Enabled -- 9 100M-Copper Enabled -- 10 100M-Copper Enabled -- 11 100M-Copper Enabled -- 12 100M-Copper Enabled -- show interfaces configuration The show interfaces configuration Privileged EXEC mode command displays the configuration for all configured interfaces. Syntax show interfaces configuration [ethernet interface | port-channel port-channel-number] Parameters • interface — Valid Ethernet port.
Ethernet Configuration Commands 1 100M-Copper Full 100 Enabled Off Up Disabled Auto 2 100M-Copper Full 100 Enabled Off Up Disabled Auto 3 100M-Copper Full 100 Enabled Off Up Disabled Auto 4 100M-Copper Full 100 Enabled Off Up Disabled Auto 5 100M-Copper Full 100 Enabled Off Up Disabled Auto 6 100M-Copper Full 100 Enabled Off Up Disabled Auto 7 100M-Copper Full 100 Enabled Off Up Disabled Auto 8 100M-Copper Full 100 Enabled Off Up Disable
Ethernet Configuration Commands User Guidelines There are no user guidelines for this command. Example The following example displays the status of all configured interfaces.
Ethernet Configuration Commands Default Configuration This command has no default configuration. Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays descriptions of configured interfaces. Console# show interfaces description Port Description ---- ----------- 1 lab 2 3 4 5 6 ch1 ch2 show interfaces counters The show interfaces counters Privileged EXEC mode command displays traffic seen by the physical interface.
Ethernet Configuration Commands • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays traffic seen by the physical interface.
Ethernet Configuration Commands The following example displays counters for Ethernet port 1. Console# show interfaces counters ethernet ext.
Ethernet Configuration Commands Field Description Internal MAC Rx Errors Counted frames for which reception fails due to an internal MAC sublayer received error. Received Pause Frames Counted MAC Control frames received with an opcode indicating the PAUSE operation. Transmitted Pause Frames Counted MAC Control frames transmitted on this interface with an opcode indicating the PAUSE operation.
Ethernet Configuration Commands port storm-control include-multicast (GC) The port storm-control include-multicast Interface Configuration mode command enables counting multicast packets in the port storm-control broadcast rate command. To disable counting multicast packets, use the no form of this command. Syntax port storm-control include-multicast no port storm-control include-multicast Default Configuration Multicast packets are not counted.
Ethernet Configuration Commands Parameters • unknown-unicast — Specifies also counting unknown unicast packets. Default Configuration Multicast packets are not counted. Command Modes Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example enables counting broadcast and multicast packets on Ethernet port 2. Console(config)# interface ethernet ext.
Ethernet Configuration Commands User Guidelines Use the port storm-control broadcast rate Interface Configuration (Ethernet) mode command, to set the maximum allowable broadcast rate. Use the port storm-control include-multicast Global Configuration mode command to enable counting multicast packets in the storm control calculation. Example The following example enables broadcast storm control on port 1 of a device. Console(config)# interface ethernet ext.
Ethernet Configuration Commands Example The following example configures a port storm-control broadcast rate 4000 on port 2. (config)# interface ethernet ext.2 Console(config-if)# port storm-control broadcast rate 4000 show ports storm-control The show ports storm-control Privileged EXEC mode command displays the storm control configuration. Syntax show ports storm-control [interface] Parameters • interface — A valid Ethernet port.
Ethernet Configuration Commands 3 Disabled 3500 Broadcast 4 Disabled 3500 Broadcast 5 Disabled 3500 Broadcast 6 Disabled 3500 Broadcast 102 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
8 GVRP Commands gvrp enable (Global) GARP VLAN Registration Protocol (GVRP) is an industry-standard protocol designed to propagate VLAN information from device to device. With GVRP, a single device is manually configured with all desired VLANs for the network, and all other devices on the network learn these VLANs dynamically. The gvrp enable Global Configuration mode command enables GVRP globally. To disable GVRP on the device, use the no form of this command.
GVRP Commands Syntax gvrp enable no gvrp enable Default Configuration GVRP is disabled on all interfaces. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines An access port does not dynamically join a VLAN because it is always a member in only one VLAN. Membership in an untagged VLAN is propagated in the same way as in a tagged VLAN. That is, the PVID is manually defined as the untagged VLAN VID. Example The following example enables GVRP on Ethernet port 6.
GVRP Commands • timer_value — Timer values in milliseconds in multiples of 10. (Range: 102147483640) Default Configuration Following are the default timer values: • Join timer — 200 milliseconds • Leave timer — 600 milliseconds • Leavall timer — 10000 milliseconds Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The following relationship must be maintained between the timers: Leave time must be greater than or equal to three times the join time.
GVRP Commands Default Configuration Dynamic VLAN creation or modification is enabled. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command forbids dynamic VLAN creation from the interface. The creation or modification of dynamic VLAN registration entries as a result of the GVRP exchanges on an interface are restricted only to those VLANs for which static VLAN registration exists. Example The following example disables dynamic VLAN creation on Ethernet port 1.
GVRP Commands User Guidelines There are no user guidelines for this command. Example The following example forbids dynamic registration of VLANs on Ethernet port 1. Console(config)# interface ethernet ext.1 Console(config-if)# gvrp registration-forbid clear gvrp statistics The clear gvrp statistics Privileged EXEC mode command clears all GVRP statistical information. Syntax clear gvrp statistics [ethernet interface | port-channel port-channel-number] Parameters • interface — A valid Ethernet port.
GVRP Commands show gvrp configuration The show gvrp configuration Privieged EXEC mode command displays GVRP configuration information, including timer values, whether GVRP and dynamic VLAN creation is enabled, and which ports are running GVRP. Syntax show gvrp configuration [ethernet interface | port-channel port-channel-number] Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) • port-channel-number — A valid port-channel number.
GVRP Commands show gvrp statistics The show gvrp statistics Privieged EXEC mode command displays GVRP statistics. Syntax show gvrp statistics [ethernet interface | port-channel port-channel-number] Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privieged EXEC mode User Guidelines There are no user guidelines for this command.
GVRP Commands show gvrp error-statistics The show gvrp error-statistics Privieged EXEC mode command displays GVRP error statistics. Syntax show gvrp error-statistics [ethernet interface | port-channel port-channel-number] Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.
9 IGMP Snooping Commands ip igmp snooping (Global) The ip igmp snooping Global Configuration mode command enables Internet Group Management Protocol (IGMP) snooping. To disable IGMP snooping, use the no form of this command. Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled. Command Mode Global Configuration mode User Guidelines IGMP snooping can only be enabled on static VLANs. It must not be enabled on Private VLANs or their community VLANs.
IGMP Snooping Commands Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled . Command Mode Interface Configuration (VLAN) mode User Guidelines IGMP snooping can only be enabled on static VLANs. It must not be enabled on Private VLANs or their community VLANs. Example The following example enables IGMP snooping on VLAN 2.
IGMP Snooping Commands Command Mode Interface Configuration (VLAN) mode User Guidelines Multicast device ports can be configured statically using the bridge multicast forwardall Interface Configuration (VLAN) mode command. Example The following example enables automatic learning of multicast device ports on VLAN 2.
IGMP Snooping Commands User Guidelines The timeout should be at least greater than 2*query_interval+max_response_time of the IGMP router. Example The following example configures the host timeout to 300 seconds. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping host-time-out 300 ip igmp snooping mrouter-time-out The ip igmp snooping mrouter-time-out Interface Configuration (VLAN) mode command configures the mrouter-time-out.
IGMP Snooping Commands Example The following example configures the multicast device timeout to 200 seconds. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping mrouter-time-out 200 ip igmp snooping leave-time-out The ip igmp snooping leave-time-out Interface Configuration (VLAN) mode command configures the leave-time-out.
IGMP Snooping Commands Example The following example configures the host leave timeout to 60 seconds. Console(config)# interface vlan 2 Console(config-if)# ip igmp snooping leave-time-out 60 show ip igmp snooping mrouter The show ip igmp snooping mrouter Privileged EXEC mode command displays information on dynamically learned multicast device interfaces. Syntax show ip igmp snooping mrouter [interface vlan-id] Parameters • vlan-id — Specifies the VLAN number.
IGMP Snooping Commands Detected multicast devices that are forbidden statically: VLAN Ports ---- ----- 1000 19 show ip igmp snooping interface The show ip igmp snooping interface Privileged EXEC mode command displays IGMP snooping configuration. Syntax show ip igmp snooping interface vlan-id Parameters • vlan-id — Specifies the VLAN number. Default Configuration This command has no default configuration.
IGMP Snooping Commands Example The following example displays IGMP snooping information on VLAN 1000. Console# show ip igmp snooping interface 4 IGMP Snooping is globaly disabled IGMP Snooping is enabled on VLAN 4 IGMP host timeout is 260 sec IGMP Immediate leave is disabled.
IGMP Snooping Commands Example The following example shows IGMP snooping information on multicast groups. Console# show ip igmp snooping groups Vlan IP Address Querier Ports ---- ----------------- ------- ---------- 1 224-239.130|2.2.3 Yes 1, 2 19 224-239.130|2.2.8 Yes 9-11 IGMP Reporters that are forbidden statically: --------------------------------------------Vlan IP Address Ports ---- ----------------- ----- 1 224-239.130|2.2.
IGMP Snooping Commands 120 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
10 IP Address Commands ip address ip address ip-address {mask | prefix-length} The ip address Interface Configuration (Ethernet, VLAN, port-channel) mode command sets an IP address. To remove an IP address, use the no form of this command. Syntax ip address ip-address {mask | prefix-length} no ip address [ip-address] Parameters • ip-address — Specifies the valid IP address • mask — Specifies the valid network mask of the IP address.
IP Address Commands Example The following example configures VLAN 1 with IP address 131.108.1.27 and subnet mask 255.255.255.0 Console(config)# interface vlan 1 Console(config-if)# ip address 131.108.1.27 255.255.255.0 ip address dhcp The ip address dhcp Interface Configuration (Ethernet, VLAN, port-channel) mode command acquires an IP address for an Ethernet interface from the Dynamic Host Configuration Protocol (DHCP) server. To deconfigure an acquired IP address, use the no form of this command.
IP Address Commands If the device is configured to obtain its IP address from a DHCP server, it sends a DHCPDISCOVER message to provide information about itself to the DHCP server on the network. If the ip address dhcp command is used with or without the optional keyword, the DHCP option 12 field (host name option) is included in the DISCOVER message. By default, the specified DHCP host name is the globally configured host name of the device.
IP Address Commands User Guidelines This command is only operational in Switch mode. Example The following example defines default gateway 192.168.1. . Console(config)# ip default-gateway 192.168.1.1 show ip interface The show ip interface Privileged EXEC mode command displays the usability status of configured IP interfaces Syntax show ip interface [ethernet interface-number | vlan vlan-id | port-channel port-channel number |] Parameters • interface-number — Specifies the valid Ethernet port.
IP Address Commands Example The following example the displays the configured IP interfaces and their types Console# show ip interface Proxy ARP is disabled IP address I/F ------------- Type Direct Broadca st --------- -------------- 10.7.1.192/24 1 Static disable 10.7.2.192/24 2 Static disable arp The arp Global Configuration mode command adds a permanent entry in the Address Resolution Protocol (ARP) cache. To remove an entry from the ARP cache, use the no form of this command.
IP Address Commands Command Mode Global Configuration mode User Guidelines The software uses ARP cache entries to translate 32-bit IP addresses into 48-bit hardware addresses. Because most hosts support dynamic resolution, static ARP cache entries do not generally have to be specified. Example The following example adds IP address 198.133.219.232 and MAC address 00:00:0c:40:0f:bc to the ARP table. Console(config)# arp 198.133.219.232 00:00:0c:40:0f:bc ethernet ext.
IP Address Commands User Guidelines It is recommended not to set the timeout value to less than 3600. Example The following example configures the ARP timeout to 12000 seconds. Console(config)# arp timeout 12000 clear arp-cache The clear arp-cache Privileged EXEC mode command deletes all dynamic entries from the ARP cache. Syntax clear arp-cache Default Configuration This command has no default configuration.
IP Address Commands Syntax show arp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays entries in the ARP table. Console# show arp ARP timeout: 80000 Seconds Interface IP address HW address Status --------- ---------- ----------------- ------- 1 10.7.1.102 00:10:B5:04:DB:4B Dynamic 2 10.7.1.
IP Address Commands Default Configuration IP Domain Naming System (DNS)-based host name-to-address translation is enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables IP Domain Naming System (DNS)-based host name-toaddress translation.
IP Address Commands User Guidelines There are no user guidelines for this command. Example The following example defines default domain name www.intel.com. Console(config)# ip domain-name www.intel.com ip name-server The ip name-server Global Configuration mode command defines the available name servers. To remove a name server, use the no form of this command.
IP Address Commands ip host The ip host Global Configuration mode command defines static host name-to-address mapping in the host cache. To remove the name-to-address mapping, use the no form of this command. Syntax ip host name address no ip host name Parameters • name — Specifies the name of the host. (Range: 1-158 characters) • address — Specifies the associated IP address. Default Configuration No host is defined.
IP Address Commands Parameters • name — Specifies the host entry to be removed. (Range: 1-158 characters) • * — Removes all entries. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example deletes all entries from the host name-to-address cache.
IP Address Commands Command Mode Privileged EXEC mode User Guidelines This command is only operational in Switch mode. This command deletes the host name-to-address mapping temporarily until the next renewal of the IP address. Example The following example deletes all entries from the host name-to-address mappingg.
IP Address Commands Example The following example displays host information.. Console# show hosts System name: Device Default domain is gm.com, sales.gm.com, usa.sales.gm.com(DHCP) Name/address lookup is enabled Name servers (Preference order): 176.16.1.18 176.16.1.19 Configured host name-to-address mapping: 134 Host Addresses ---- --------- accounting.gm.com 176.16.8.8 176.16.8.9 (DHCP) Cache: TTL(Hours) Host Total Elapsed Type Addresses ---- ----- ------- ------ --------- www.
LACP Commands 11 LACP Commands lacp system-priority The lacp system-priority Global Configuration mode command configures the system priority. To return to the default configuration, use the no form of this command. Syntax lacp system-priority value no lacp system-priority Parameters • value — Specifies system priority value. (Range: 1-65535) Default Configuration The default system priority is 1. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
LACP Commands Syntax lacp port-priority value no lacp port-priority Parameters • value — Specifies port priority. (Range: 1-65535) Default Configuration The default port priority is 1. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example defines the priority of Ethernet port 6 as 247. Console(config)# interface ethernet ext.
LACP Commands • short — Specifies the short timeout value. Default Configuration The default port timeout value is long. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example assigns a long administrative LACP timeout to Ethernet port 6 . Console(config)# interface ethernet ext.
LACP Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example display LACP information for Ethernet port 1. Console# show lacp ethernet ext.
LACP Commands port Oper timeout: LONG LACP Activity: PASSIVE Aggregation: AGGREGATABLE synchronization: FALSE collecting: FALSE distributing: FALSE expired: FALSE Port 1 LACP Statistics: LACP PDUs sent: 2 LACP PDUs received: 2 Port 1 LACP Protocol State: LACP State Machines: Receive FSM: Port Disabled State Mux FSM: Detached State Periodic Tx FSM: No Periodic State Control Variables: BEGIN: FALSE LACP_Enabled: TRUE Ready_N: FALSE Selected: UNSELECTED Port_moved: FALSE NNT:
LACP Commands Syntax show lacp port-channel [port_channel_number] Parameters • port_channel_number — Valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays LACP information about port-channel 1.
12 Line Commands Line The Line Global Configuration mode command identiofies a specific line for configuration, and begins the process. Syntax Line {telnet | ssh} Parameters • telnet — Virtual terminal for remote console access. • ssh — Virtual terminal for secured remote console access. Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines This command has no user guidelines. Example .
Line Commands Syntax show line {telnet | ssh} Parameters • telnet — Virtual terminal for remote console access. • ssh — Virtual terminal for secured remote console access. Default Configuration This command has no default configuration. Command Mode Exec mode User Guidelines This command has no user guidelines. Example The following example configures communication to a device with the IP address 192.168.1.4, in the WLAN domain as a passive.
Line Commands Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 143
Line Commands 144 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Management ACL Commands 13 Management ACL Commands management access-list The management access-list Global Configuration mode command configures a management access list and enters the Management Access-list Configuration command mode. To delete an access list, use the no form of this command. Syntax management access-list name no management access-list name Parameters • name — Access list name. (Range: 1-32 characters) Default Configuration This command has no default configuration.
Management ACL Commands Example The following example creates a management access list called mlist, configures management Ethernet interfaces 1 and 9 and makes the new access list the active list. Console(config)# management access-list mlist Console(config-macl)# permit ethernet ext.1 Console(config-macl)# permit ethernet ext.
Management ACL Commands permit (Management) The permit Management Access-List Configuration mode command defines a permit rule. Syntax permit [ethernet interface-number | vlan vlan-id | port-channel port-channel-number |] [service service] permit ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id | port-channel port-channel-number |] [service service] Parameters • • • • • • • interface-number — A valid Ethernet port number. vlan-id — A valid VLAN number.
Management ACL Commands deny (Management) The deny Management Access-List Configuration mode command defines a deny rule. Syntax deny [ethernet interface-number | vlan vlan-id | port-channel port-channel-number |] [service service] deny ip-source ip-address [mask mask | prefix-length] [ethernet interface-number | vlan vlan-id | port-channel port-channel-number |] [service service] Parameters • • • • • • • interface-number — A valid Ethernet port number. vlan-id — A valid VLAN number.
Management ACL Commands management access-class The management access-class Global Configuration mode command restricts management connections by defining the active management access list. To disable this restriction, use the no form of this command. Syntax management access-class {name} no management access-class Parameters • name — Specifies the name of the access list to be used. (Range: 1-32 characters) Default Configuration If no access list is specified, an empty access list is used.
Management ACL Commands show management access-list The show management access-list Privileged EXEC mode command displays management access-lists. Syntax show management access-list [name] Parameters • name — Specifies the name of a management access list. (Range: 1-32 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Management ACL Commands show management access-class The show management access-class Privileged EXEC mode command displays the active management access list. Syntax show management access-class Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information about the active management access list.
Management ACL Commands 152 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
PHY Diagnostics Commands 14 PHY Diagnostics Commands test copper-port tdr The test copper-port tdr Privileged EXEC mode command uses Time Domain Reflectometry (TDR) technology to diagnose the quality and characteristics of a copper cable attached to a port. Syntax test copper-port tdr interface Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration.
PHY Diagnostics Commands show copper-ports tdr The show copper-ports tdr User EXEC mode command displays information on the last Time Domain Reflectometry (TDR) test performed on copper ports. Syntax show copper-ports tdr [interface] Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines The maximum length of the cable for the TDR test is 120 meters.
PHY Diagnostics Commands show copper-ports cable-length The show copper-ports cable-length User EXEC mode command displays the estimated copper cable length attached to a port. Syntax show copper-ports cable-length [interface] Parameters • interface — A valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines The port must be active and working in 100M or 1000M mode.
PHY Diagnostics Commands 156 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Port Channel Commands 15 Port Channel Commands interface port-channel The interface port-channel Global Configuration mode command enters the interface configuration mode to configure a specific port-channel. Syntax interface port-channel port-channel-number Parameters • port-channel-number — A valid port-channel number. Default Configuration This command has no default configuration.
Port Channel Commands interface range port-channel The interface range port-channel Global Configuration mode command enters the interface configuration mode to configure multiple port-channels. Syntax interface range port-channel {port-channel-range | all} Parameters • port-channel-range — List of valid port-channels to add. Separate nonconsecutive port-channels with a comma and no spaces. A hyphen designates a range of portchannels. • all — All valid port-channels.
Port Channel Commands Syntax channel-group port-channel-number mode {on | auto} no channel-group Parameters • port-channel_number — Specifies the number of the valid port-channel for the current port to join. • on — Forces the port to join a channel without an LACP operation. • auto — Allows the port to join a channel as a result of an LACP operation. Default Configuration The port is not assigned to a port-channel.
Port Channel Commands Parameters • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays information on all port-channels.
Port Monitor Commands 16 Port Monitor Commands port monitor The port monitor Interface Configuration mode command starts a port monitoring session. To stop a port monitoring session, use the no form of this command. Syntax port monitor src-interface [rx | tx] no port monitor src-interface Parameters • src-interface—Valid Ethernet port. (Full syntax: unit/port) • rx—Monitors received packets only. • tx—Monitors transmitted packets only.
Port Monitor Commands The following restrictions apply to ports configured to be source ports: The port cannot be already configured as a destination port. Example The following example copies traffic on port 8 (source port) to port 1 (destination port). Console(config)# interface ethernet ext.11 Console(config-if)# port monitor ext.8 port monitor vlan-tagging The port monitor Interface Configuration (Ethernet) mode command transmits tagged ingress mirrored packets.
Port Monitor Commands show ports monitor The show ports monitor User EXEC mode command displays the port monitoring status. Syntax show ports monitor Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows how the port monitoring status is displayed.
Port Monitor Commands 164 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
QoS Commands 17 QoS Commands qos The qos Global Configuration mode command enables quality of service (QoS) on the device. To disable QoS on the device, use the no form of this command. Syntax qos [basic | advanced | service] no qos Parameters • basic — QoS basic mode. • advanced — QoS advanced mode, which enables the full range of QoS configuration. • service — QoS service mode, which enables the user to define QOS in a simpler manner. Default Configuration The QoS basic mode is enabled.
QoS Commands show qos The show qos User EXEC mode command displays the quality of service (QoS) mode for the device. Syntax show qos Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines Trust mode is displayed if QoS is enabled in basic mode. Example The following example displays QoS attributes when QoS is enabled in basic mode on the device.
QoS Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines. Example The following example displays the parameters of the aggregate policer called ‘policer1’.
QoS Commands Default Configuration There is no default configuration for this command. Command Mode Privileged EXEC mode User Guidelines If no keyword is specified, port QoS mode (for example., DSCP trusted, CoS trusted, untrusted), default CoS value, DSCP-to-DSCP-mutation map attached to the port, and policy map attached to the interface are displayed. If no interface is specified, QoS information about all interfaces is displayed.
QoS Commands 7 N/A 8 N/A qid Min DP0 Max DP0 Prob DP0 Min DP1 Max DP1 Prob DP1 Min DP2 Max DP2 Prob DP2 Weight 1 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 2 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 3 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 4 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 5 50 60 13 65 80 6 85 95 4 2 6 50 60 13 65 80 6 85 95 4 2 7 50 60 13 65 80 6 85 95 4 2 8 50 60 13 65 80 6 85 95 4 2 show qos map
QoS Commands Example The following example displays the DSCP port-queue map.
QoS Commands • match-any — Checks that the packet matches one or more classification criteria in the class map match statement. Default Configuration By default, the match-all parameter is selected. Command Mode Global Configuration mode User Guidelines The class-map Global Configuration mode command is used to define packet classification, marking and aggregate policing as part of a globally named service policy applied on a per-interface basis.
QoS Commands Parameters • class-map-name — Specifies the name of the class map to be displayed. Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example shows the class map for class1. Console> show class-map class1 Class Map match-any class1 (id4) Match Ip dscp 11 21 match The match Class-map Configuration mode command defines the match criteria for classifying traffic.
QoS Commands Command Mode Class-map Configuration mode. User Guidelines There are no user guidelines for this command. Example The following example defines the match criterion for classifying traffic as an access group called enterprise in a class map called class1.. Console (config)# class-map class1 Console (config-cmap)# match access-group enterprise policy-map The policy-map Global Configuration mode command creates a policy map and enters the Policy-map Configuration mode.
QoS Commands User Guidelines Before configuring policies for classes whose match criteria are defined in a class map, use the policy-map Global Configuration mode command to specify the name of the policy map to be created or modified. Class policies in a policy map can only be defined if match criteria has already been defined for the classes. Use the class-map Global Configuration and match Class-map Configuration commands to define the match criteria of a class.
QoS Commands Command Mode Policy-map Configuration mode User Guidelines Before modifying a policy for an existing class or creating a policy for a new class, use the policy-map Global Configuration mode command to specify the name of the policy map to which the policy belongs and to enter the Policy-map Configuration mode. Use the service-policy (Ethernet, Port-channel) Interface Configuration mode command to attach a policy map to an interface.
QoS Commands Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays all policy maps. Console> show policy-map Policy Map policy1 class class1 set Ip dscp 7 Policy Map policy2 class class 2 police 96000 4800 exceed-action drop class class3 police 124000 96000 exceed-action policed-dscp-transmit trust cos-dscp The trust cos-dscp Policy-map Class Configuration mode command configures the trust state.
QoS Commands User Guidelines Action serviced to a class, so that if an IP packet arrives, the queue is assigned per DSCP. If a non-IP packet arrives, the queue is assigned per CoS (VPT). Example The following example configures the trust state for a class called class1 in a policy map called policy1. Console (config)# policy-map policy1 Console (config-pmap)# class class1 Console (config-pmap-c)# trust cos-dscp set The set Policy-map Class Configuration mode command sets new values in the IP packet.
QoS Commands Policy maps that contain set or trust Policy-map Class Configuration commands or that have ACL classifications cannot be attached to an egress interface by using the servicepolicy (Ethernet, Port-channel) Interface Configuration mode command. To return to the Policy-map Configuration mode, use the exit command. To return to privileged EXEC mode, use the end command. Example The following example sets the dscp value in the packet to 56 for classes in in policy map called policy1.
QoS Commands Command Mode Policy-map Class Configuration mode User Guidelines Policing uses a token bucket algorithm. CIR represents the speed with which the token is removed from the bucket. CBS represents the depth of the bucket. Example The following example defines a policer for classified traffic. When the traffic rate exceeds 124,000 bps or the normal burst size exceeds 96000 bps, the packet is dropped. The class is called class1 and is in a policy map called policy1..
QoS Commands User Guidelines Only one policy map per interface per direction is supported. Example The following example attaches a policy map called policy1 to the input interface. Console(config-if)# service-policy input policy1 qos aggregate-policer The qos aggregate-policer Global Configuration mode command defines the policer parameters that can be applied to multiple traffic classes within the same policy map. To remove an existing aggregate policer, use the no form of this command.
QoS Commands User Guidelines Policers that contain set or trust Policy-map Class Configuration commands or that have ACL classifications cannot be attached to an output interface. Define an aggregate policer if the policer is shared with multiple classes. Policers in one port cannot be shared with other policers in another device; traffic from two different ports can be aggregated for policing purposes.
QoS Commands Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines. Example The following example displays the parameters of the aggregate policer called policer1.
QoS Commands User Guidelines An aggregate policer can be applied to multiple classes in the same policy map; An aggregate policer cannot be applied across multiple policy maps or interfaces. To return to the Policy-map Configuration mode, use the exit command. To return to the Privileged EXEC mode, use the end command. Example The following example applies the aggregate policer called policer1 to a calass called class1 in policy map called policy1.
QoS Commands Cos4 is mapped to queue 5. Cos5 is mapped to queue 6. Cos6 is mapped to queue 7. Cos7 is mapped to queue 8. Command Mode Global Configuration mode User Guidelines This command can be used to distribute traffic into different queues, where each queue is configured with different Weighted Round Robin (WRR) and Weighted Random Early Detection (WRED) parameters. It is recommended to specifically map a single VPT to a queue, rather than mapping multiple VPTs to a single queue.
QoS Commands Default Configuration The default WRR weight ratio is one-eighth of the sum of all queue weights (each weight is set to 6). Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines Use the priority-queue out num-of-queues Global Configuration mode command to configure a queue as WRR or Strict Priority. Use this command to define a WRR weight per interface. The weight ratio for each queue is defined by the queue weight divided by the sum of all queue weights (i.e.
QoS Commands no priority-queue out num-of-queues Parameters • number-of-queues — Specifies the number of expedite queues. Expedite queues have higher indexes. (Range: 0-8) Default Configuration All queues are expedite queues. Command Mode Global Configuration mode User Guidelines Configuring the number of expedite queues affects the Weighted Round Robin (WRR) weight ratio because fewer queues participate in the WRR. Example The following example configures the number of expedite queues as 0.
QoS Commands • excess-burst — Specifies the excess burst size (CBS) in bytes.(Range: 409616769020) • queue-id — Specifies the queue number to which the shaper is assigned. (Range: 0-8) Default Configuration No shape is defined. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command activates the shaper on a specified egress port or egress queue. To activate the shaper on an egress port, enter the Interface Configuration mode and specify the port number.
QoS Commands • buffers – Displays the buffer setting for the interface’s queues. Displays the queue depth for each queue and the thresholds for the WRED. • queuing — Displays the queue strategy (WRR or EF), the weight for WRR queues, the CoS to queue map and the EF priority. • policers — Displays the shaper of the specified interface and the shaper for the queue on the specified interface.
QoS Commands qid Threshold 1 100 2 100 3 100 4 100 5 N/A 6 N/A 7 N/A 8 N/A qid Min DP0 Max DP0 Prob DP0 Min DP1 Max DP1 Prob DP1 Min DP2 Max DP2 Prob DP2 Weight 1 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 2 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 3 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 4 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A 5 50 60 13 65 80 6 85 95 4 2 6 50 60 13 65 80 6 85 95 4 2 7 50 60 13 65 80 6 85
QoS Commands qos wrr-queue threshold tengigabitethernet queue-id threshold-percentage0 thresholdpercentage1, threshold-percentage2 no qos wrr-queue threshold tengigabitethernet queue-id Parameters • gigabitethernet — Indicates that the thresholds are to be applied to Gigabit Ethernet ports. • tengigabitethernet — Indicates that the thresholds are to be applied to 10 Gigabit Ethernet ports. • queue-id — Specifies the queue number to which the threshold is assigned.
QoS Commands Syntax qos map policed-dscp dscp-list to dscp-mark-down no qos map policed-dscp Parameters • dscp- list — Specifies up to 8 DSCP values separated by a space. (Range: 0-63) • dscp-mark-down — Specifies the DSCP value to mark down. (Range: 0-63) Default Configuration The default map is the Null map, which means that each incoming DSCP value is mapped to the same DSCP value. Command Mode Global Configuration mode. User Guidelines DSCP values 3,11,19… cannot be remapped to other values.
QoS Commands Parameters • • dscp-list — Specifies up to 8 DSCP values separated by a space. (Range: 0 - 63) queue-id — Specifies the queue number to which the DSCP values are mapped. Default Configuration The following table describes the default map. DSCP value 0-7 8-15 16-23 24-31 32-39 40-47 48-56 57-63 Queue-ID 1 2 3 4 5 6 7 8 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
QoS Commands Default Configuration CoS is the default trust mode. Command Mode Global Configuration mode User Guidelines Packets entering a quality of service (QoS) domain are classified at the edge of the QoS domain. When packets are classified at the edge, the switch port within the QoS domain can be configured to one of the trusted states because there is no need to classify the packets at every device in the domain.
QoS Commands Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures Ethernet port 15 to the default trust state. Console(config)# interface ethernet Ext.15 Console(config-if) qos trust qos cos The qos cos Interface Configuration (Ethernet, port-channel) mode command defines the default CoS value of a port. To return to the default configuration, use the no form of this command.
QoS Commands Example The following example configures port 15 default CoS value to 3. Console(config)# interface ethernet ext. 15 Console(config-if) qos cos 3 qos dscp-mutation The qos dscp-mutation Global Configuration mode command applies the DSCP Mutation map to a system DSCP trusted port. To return to the trust state with no DSCP mutation, use the no form of this command. Syntax qos dscp-mutation no qos dscp-mutation Default Configuration This command has no default configuration.
QoS Commands Example The following example applies the DSCP Mutation map to system DSCP trusted ports. Console(config)# qos dscp-mutation qos map dscp-mutation The qos map dscp-mutation Global Configuration mode command modifies the DSCP to DSCP mutation map. To return to the default DSCP to DSCP mutation map, use the no form of this command. Syntax qos map dscp-mutation in-dscp to out-dscp no qos map dscp-mutation Parameters • in-dscp — Specifies up to 8 DSCP values separated by spaces.
QoS Commands Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 197
QoS Commands 198 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
18 RMON Commands show rmon statistics The show rmon statistics Privileged EXEC mode command displays RMON Ethernet statistics. Syntax show rmon statistics {ethernet interface number | port-channel port-channel-number} Parameters • interface number — Valid Ethernet port. • port-channel-number — Valid port-channel number. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
RMON Commands Fragments: 0 Jabbers: 0 64 Octets: 98 65 to 127 Octets: 0 128 to 255 Octets: 0 256 to 511 Octets: 0 512 to 1023 Octets: 491 1024 to 1518 Octets: 389 The following table describes the significant fields shown in the display. Field Description Octets The total number of octets of data (including those in bad packets) received on the network (excluding framing bits but including FCS octets).
RMON Commands Field Description 512 to 1023 Octets The total number of packets (including bad packets) received that are between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets). 1024 to 1518 Octets The total number of packets (including bad packets) received that are between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets).
RMON Commands User Guidelines Cannot be configured for a range of interfaces (Range context). Example The following example enables a Remote Monitoring (RMON) MIB history statistics group on Ethernet port 1 with index number 1 and a polling interval period of 2400 seconds. Console(config)# interface ethernet ext.
RMON Commands The following example displays all RMON history group statistics. Console# show rmon collection history Index Interface Interval Requested Samples Granted Samples Owner ----- --------- -------- --------- ------- ------- 1 1 30 50 50 CLI 2 1 1800 50 50 Manager The following table describes the significant fields shown in the display. Field Description Index An index that uniquely identifies the entry.
RMON Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays RMON Ethernet history statistics for index 1.
RMON Commands Console# show rmon history 1 other Sample Set: 1 Owner: Me Interface:1 Interval: 1800 Requested samples: 50 Granted samples: 50 Maximum table size: 500 Time Dropped Collisions -------------------- -------- ---------- Jan 18 2005 21:57:00 3 0 Jan 18 2005 21:57:30 3 0 The following table describes significant fields shown in the example: Field Description Time Date and Time the entry is recorded.
RMON Commands Field Description Fragments The total number of packets received during this sampling interval that were less than 64 octets in length (excluding framing bits but including FCS octets) had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error), or a bad FCS with a non-integral number of octets (AlignmentError). It is normal for etherHistoryFragments to increment because it counts both runts (which are normal occurrences due to collisions) and noise hits.
RMON Commands • type — Specifies the method used for sampling the selected variable and calculating the value to be compared against the thresholds. Possible values are absolute and delta. • If the method is absolute, the value of the selected variable is compared directly with the thresholds at the end of the sampling interval. If the method is delta, the selected variable value of the last sample is subtracted from the current value, and the difference is compared with the thresholds.
RMON Commands show rmon alarm-table The show rmon alarm-table Privileged EXEC mode command displays the alarms table. Syntax show rmon alarm-table Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the alarms table. Console# show rmon alarm-table Index OID Owner ----- ---------------------- ------- 1 1.3.6.1.2.1.2.2.1.10.1 CLI 2 1.3.6.1.2.1.2.
RMON Commands show rmon alarm The show rmon alarm Privileged EXEC mode command displays alarm configuration. Syntax show rmon alarm number Parameters • number — Specifies the alarm index. (Range: 1-65535) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays RMON 1 alarms. Console# show rmon alarm 1 Alarm 1 ------OID: 1.3.6.1.2.1.2.2.1.10.
RMON Commands The following table describes the significant fields shown in the display: Field Description Alarm Alarm index. OID Monitored variable OID. Last Sample Value The statistic value during the last sampling period. For example, if the sample type is delta, this value is the difference between the samples at the beginning and end of the period. If the sample type is absolute, this value is the sampled value at the end of the period.
RMON Commands • community text — If the specified notification type is trap, an SNMP trap is sent to the SNMP community specified by this octet string. (Range: 0-127 characters) • description text — Specifies a comment describing this event. (Range: 0-127 characters) • name — Specifies the name of the person who configured this event. If unspecified, the name is an empty string. Default Configuration This command has no default configuration.
RMON Commands User Guidelines There are no user guidelines for this command. Example The following example displays the RMON event table.
RMON Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the RMON log table.
RMON Commands rmon table-size The rmon table-size Global Configuration mode command configures the maximum size of RMON tables. To return to the default configuration, use the no form of this command. Syntax rmon table-size {history entries | log entries} no rmon table-size {history | log} Parameters • history entries — Maximum number of history table entries. (Range: 20 -32767) • log entries — Maximum number of log table entries. (Range: 20-32767) Default Configuration History table size is 270.
19 RADIUS Commands radius-server host The radius-server host Global Configuration mode command specifies a RADIUS server host. To delete the specified RADIUS host, use the no form of this command.
RADIUS Commands The port number for authentication requests is 1812. The usage type is all. Command Mode Global Configuration mode User Guidelines To specify multiple hosts, multiple radius-server host commands can be used. If no host-specific timeout, retries, deadtime or key-string values are specified, global values apply to each RADIUS server host. The address type of the source parameter must be the same as the ip-address parameter.
RADIUS Commands Default Configuration The key-string is an empty string. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example defines the authentication and encryption key for all RADIUS communications between the device and the RADIUS daemon.
RADIUS Commands User Guidelines There are no user guidelines for this command. Example The following example configures the number of times the software searches all RADIUS server hosts to 5 times. console(config)# radius-server retransmit 5 radius-server source-ip The radius-server source-ip Global Configuration mode command specifies the source IP address used for communication with RADIUS servers. To restore the default configuration, use the no form of this command.
RADIUS Commands Example The following example configures the source IP address used for communication with all RADIUS servers to 10.1.1.1. console(config)# radius-server source-ip 10.1.1.1 radius-server timeout The radius-server timeout Global Configuration mode command sets the interval during which the device waits for a server host to reply. To restore the default configuration, use the no form of this command.
RADIUS Commands radius-server deadtime The radius-server deadtime Global Configuration mode command improves RADIUS response time when servers are unavailable. The command is used to cause the unavailable servers to be skipped. To restore the default configuration, use the no form of this command. Syntax radius-server deadtime deadtime no rhadius-server deadtime Parameters • deadtime — Length of time in minutes during which a RADIUS server is skipped over by transaction requests.
RADIUS Commands Syntax show radius-servers Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays RADIUS server settings. Console# show radius-servers IP address Port Auth TimeOut Retransmit DeadTime Source IP Priority Usage --------- ---- ------- ---------- ------ -------- -------- ----- 172.16.1.
RADIUS Commands 222 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Web Server Commands 20 Web Server Commands ip http server The ip http server Global Configuration mode command enables configuring the device from a browser. To disable this function, use the no form of this command. Syntax ip http server no ip http server Default Configuration HTTP server is enabled. Command Mode Global Configuration mode User Guidelines Only a user with access level 15 can use the Web server. Example The following example enables configuring the device from a browser.
Web Server Commands no ip http port Parameters • port-number — Port number for use by the HTTP server. (Range: 0-65535) Default Configuration The default port number is 80. Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate. Specifying 0 as the port number effectively disables HTTP access to the device. Example The following example configures the http port number to 100.
Web Server Commands Default Configuration The default timout is 10 minutes. Command Mode Global Configuration mode User Guidelines This command also configures the exec-timeout for HTTPS in case the the HTTPS timeout was not set. To specify no timeout, enter the ip https exec-timeout 0 0 command. ip https server The ip https server Global Configuration mode command enables configuring the device from a secured browser. To return to the default configuration, use the no form of this command.
Web Server Commands ip https port The ip https port Global Configuration mode command specifies the TCP port used by the server to configure the device through the Web browser. To return to the default configuration, use the no form of this command. Syntax ip https port port-number no ip https port Parameters • port-number — Port number to be used by the HTTP server. (Range: 0-65535) Default Configuration The default port number is 443.
Web Server Commands no ip https exec-timout Parameters • minutes — Specifies the number of minutes to wait. • seconds — Specifies the number of seconds to wait. Default Configuration The default timout is 10 minutes. Command Mode Global Configuration mode User Guidelines To specify no timeout, enter the ip https exec-timeout 0 0 command. crypto certificate generate The crypto certificate generate Global Configuration mode command generates a selfsigned HTTPS certificate.
Web Server Commands • country — Specifies the country name. (Range: 2-2) • days — Specifies number of days certification is valid. (Range: 30-3650) Default Configuration The Certificate and SSL’s RSA key pairs do not exist. If no certificate number is specified, the default certificate number is 1. If no RSA key length is specified, the default length is 1024. If no URL or IP address is specified, the default common name is the lowest IP address of the device at the time that the certificate is generated.
Web Server Commands Parameters • number — Specifies the certificate number. (Range: 1-2) • common- name — Specifies the fully qualified URL or IP address of the device. (Range: 1- 64) • organization-unit — Specifies the organization-unit or department name. (Range: 164) • • • • organization — Specifies the organization name. (Range: 1-64) location — Specifies the location or city name. (Range: 1-64) state — Specifies the state or province name. (Range: 1-64) country — Specifies the country name.
Web Server Commands Example The following example generates and displays a certificate request for HTTPS.
Web Server Commands The imported certificate must be based on a certificate request created by the crypto certificate request Privileged EXEC mode command. If the public key found in the certificate does not match the device's SSL RSA key, the command fails. This command is not saved in the device configuration; however, the certificate imported by this command is saved in the private configuration (which is never displayed to the user or backed up to another device).
Web Server Commands Default Configuration Certificate number 1. Command Mode Global Configuration mode User Guidelines The crypto certificate generate command should be used to generate HTTPS certificates. Example The following example configures the active certificate for HTTPS. Console(config)# ip https certificate 1 show crypto certificate mycertificate The show crypto certificate mycertificate Privileged EXEC mode command displays the SSH certificates of the device.
Web Server Commands Example The following example displays the certificate.
Web Server Commands Example The following example displays the HTTP server configuration. Console# show ip http HTTP server enabled. Port: 80 show ip https The show ip https Privileged EXEC mode command displays the HTTPS server configuration. Syntax show ip https Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the HTTP server configuration.
Web Server Commands Certificate 2 is inactive Issued by: self-signed Valid from: 8/9/2004 to 8/9/2005 Subject: CN= router.gm.
Web Server Commands 236 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
21 SNMP Commands snmp-server community The snmp-server community Global Configuration mode command configures the community access string to permit access to the SNMP protocol. To remove the specified community string, use the no form of this command.
SNMP Commands User Guidelines The view-name parameter cannot be specified for su, which has access to the whole MIB. The view-name parameter can be used to restrict the access rights of a community string. When it is specified: An internal security name is generated. The internal security name for SNMPv1 and SNMPv2 security models is mapped to an internal group name.
SNMP Commands • oid-tree — Specifies the object identifier of the ASN.1 subtree to be included or excluded from the view. To identify the subtree, specify a text string consisting of numbers, such as 1.3.6.2.4, or a word, such as system. Replace a single subidentifier with the asterisk (*) wildcard to specify a subtree family; for example 1.3.*.4. • included — Indicates that the view type is included. • excluded — Indicates that the view type is excluded. Default Configuration No view entry exists.
SNMP Commands no snmp-server group groupname {v1 | v2 | v3 [noauth | auth | priv]} Parameters • • • • • groupname—Specifies the name of the group (Range: 1-30 characters). v1 — Indicates the SNMP Version 1 security model. v2 — Indicates the SNMP Version 2 security model. v3 — Indicates the SNMP Version 3 security model. noauth — Indicates no authentication of a packet. Applicable only to the SNMP Version 3 security model. • auth — Indicates authentication of a packet without encrypting it.
SNMP Commands Example The following example attaches a group called user-group to SNMPv3 and assigns to the group the privacy security level and read access rights to a view called user-view. Console(config)# snmp-server group user-group v3 priv read user-view snmp-server user The snmp-server user Global Configuration mode command configures a new SNMP Version 3 user. To remove a user, use the no form of this command.
SNMP Commands if authentication and privacy are required, 36 bytes should be entered. Each byte in the hexadecimal character string is two hexadecimal digits. Each byte can be separated by a period or colon. (20 or 36 bytes) Default Configuration No group entry exists. Command Mode Global Configuration mode User Guidelines If auth-md5 or auth-sha is specified, both authentication and privacy are enabled for the user.
SNMP Commands Parameters • engineid-string—Specifies a character string that identifies the engine ID. (Range: 532 characters) • default—The engine ID is created automatically based on the device MAC address. Default Configuration The engine ID is not configured. If SNMPv3 is enabled using this command, and the default is specified, the default engine ID is defined per standard as: First 4 octets — first bit = 1, the rest is IANA Enterprise number = 674.
SNMP Commands The show running-config Privileged EXEC mode command does not display the SNMP engine ID configuration. To see the SNMP engine ID configuration, enter the snmpserver engineID local Global Configuration mode command. Example The following example enables SNMPv3 on the device and sets the local engine ID of the device to the default value.
SNMP Commands snmp-server filter The snmp-server filter Global Configuration mode command creates or updates a Simple Network Management Protocol (SNMP) server filter entry. To remove the specified SNMP server filter entry, use the no form of this command. Syntax snmp-server filter filter-name oid-tree {included | excluded} no snmp-server filter filter-name [oid-tree] Parameters • filter-name — Specifies the label for the filter record that is being updated or created.
SNMP Commands snmp-server host The snmp-server host Global Configuration mode command specifies the recipient of Simple Network Management Protocol Version 1 or Version 2 notifications. To remove the specified host, use the no form of this command.
SNMP Commands Command Mode Global Configuration mode User Guidelines When configuring an SNMPv1 or SNMPv2 notification recipient, a notification view for that recipient is automatically generated for all the MIB. When configuring an SNMPv1 notification recipient, the Inform option cannot be selected. If a trap and inform are defined on the same target, and an inform was sent, the trap is not sent. Example The following example enables SNMP traps for host 10.1.1.
SNMP Commands • auth — Indicates authentication of a packet without encrypting it. • priv — Indicates authentication of a packet with encryption. • port — Specifies the UDP port of the host to use. If unspecified, the default UDP port number is 162. (Range: 1-65535) • filtername—Specifies a string that defines the filter for this host. If unspecified, nothing is filtered. (Range: 1-30 characters) • seconds — Specifies the number of seconds to wait for an acknowledgment before resending informs.
SNMP Commands no snmp-server trap authentication Default Configuration SNMP failed authentication traps are enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables SNMP failed authentication traps. Console(config)# snmp-server trap authentication snmp-server contact The snmp-server contact Global Configuration mode command configures the system contact (sysContact) string.
SNMP Commands User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks. Example The following example configures the system contact point called Intel_Technical_Support. console(config)# snmp-server contact Intel_Technical_Support snmp-server location The snmp-server location Global Configuration mode command configures the system location string. To remove the location string, use the no form of this command.
SNMP Commands Example The following example defines the device location as New_York. Console(config)# snmp-server location New_York snmp-server set The snmp-server set Global Configuration mode command defines the SNMP MIB value. Syntax snmp-server set variable-name name1 value1 [ name2 value2 …] Parameters • variable-name — MIB variable name (Range 1-160 characters). • name value — List of name and value pairs. In the case of scalar MIBs, only a single pair of name values.
SNMP Commands show snmp The show snmp Privileged EXEC mode command displays the SNMP status. Syntax show snmp Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SNMP communications status.
SNMP Commands Version 1,2 notifications Target Address Type Community Version UDP Port Filter Name TO Sec Retries -------------- ----- --------- ------- ---- ------ --- ------- 192.122.173.42 Trap public 2 162 15 3 192.122.173.42 Inform public 2 162 15 3 Version 3 notifications Target Address Type Username Security Level UDP Port Filter Name TO Sec Retries -------------- ----- --------- ------- ---- ------ --- ------- 192.122.173.
SNMP Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SNMP engine ID. Console# show snmp engineID Local SNMP engineID: 08009009020C0B099C075878 show snmp views The show snmp views Privileged EXEC mode command displays the configuration of views. Syntax show snmp views [viewname] Parameters • viewname — Specifies the name of the view.
SNMP Commands Example The following example displays the configuration of views. Console# show snmp views Name OID Tree Type ----------- ----------------------- --------- user-view 1.3.6.1.2.1.1 Included user-view 1.3.6.1.2.1.1.7 Excluded user-view 1.3.6.1.2.1.2.2.1.*.1 Included show snmp groups The show snmp groups Privileged EXEC mode command displays the configuration of groups. Syntax show snmp groups [groupname] Parameters • groupname—Specifies the name of the group.
SNMP Commands Example The following example displays the configuration of views. Console# show snmp groups Name Security Views Model Level Read Write Notify -------------- ----- ----- ------- ------- ------- user-group V3 priv Default "" "" managers-group V3 priv Default Default "" managers-group V3 priv Default "" "" The following table describes significant fields shown above. Field Description Name Name of the group. Security Model SNMP model in use (v1, v2 or v3).
SNMP Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the configuration of filters. Console# show snmp filters Name OID Tree Type ----------- ----------------------- --------- user-filter 1.3.6.1.2.1.1 Included user-filter 1.3.6.1.2.1.1.7 Excluded user-filter 1.3.6.1.2.1.2.2.1.*.1 Included show snmp users The show snmp users Privileged EXEC mode command displays the configuration of users.
SNMP Commands User Guidelines There are no user guidelines for this command.Example The following example displays the configuration of users.
22 Spanning-Tree Commands spanning-tree The spanning-tree Global Configuration mode command enables spanning-tree functionality. To disable the spanning-tree functionality, use the no form of this command. Syntax spanning-tree no spanning-tree Default Configuration Spanning-tree is enabled. Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enables spanning-tree functionality.
Spanning-Tree Commands no spanning-tree mode Parameters • stp — Indicates that the Spanning Tree Protocol (STP) is enabled. • rstp — Indicates that the Rapid Spanning Tree Protocol (RSTP) is enabled. • mstp — Indicates that the Multiple Spanning Tree Protocol (RSTP) is enabled. Default Configuration STP is enabled. Command Modes Global Configuration mode User Guidelines In RSTP mode, the device uses STP when the neighbor device uses STP.
Spanning-Tree Commands Parameters seconds — Time in seconds. (Range: 4-30) Default Configuration The default forwarding time for the IEEE Spanning Tree Protocol (STP) is 15 seconds. Command Modes Global Configuration mode User Guidelines When configuring the forwarding time, the following relationship should be kept: 2*(Forward-Time - 1) >= Max-Age Example The following example configures the spanning tree bridge forwarding time to 25 seconds.
Spanning-Tree Commands Command Modes Global Configuration mode User Guidelines When configuring the hello time, the following relationship should be kept: Max-Age >= 2*(Hello-Time + 1) Example The following example configures spanning tree bridge hello time to 5 seconds. Console(config)# spanning-tree hello-time 5 spanning-tree max-age The spanning-tree max-age Global Configuration mode command configures the spanning tree bridge maximum age.
Spanning-Tree Commands 2*(Forward-Time - 1) >= Max-Age Max-Age >= 2*(Hello-Time + 1) Example The following example configures the spanning tree bridge maximum-age to 10 seconds. Console(config)# spanning-tree max-age 10 spanning-tree priority The spanning-tree priority Global Configuration mode command configures the spanning tree priority of the device. The priority value is used to determine which bridge is elected as the root bridge.
Spanning-Tree Commands spanning-tree disable The spanning-tree disable Interface Configuration mode command disables spanning tree on a specific port. To enable spanning tree on a port, use the no form of this command. Syntax spanning-tree disable no spanning-tree disable Default Configuration Spanning tree is enabled on all ports. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command.
Spanning-Tree Commands Parameters • cost — Path cost of the port (Range: 1-200,000,000) Default Configuration Default path cost is determined by port speed and path cost method (long or short) as shown below: Interface Long Short Port-channel 20,000 4 Gigabit Ethernet (1000 Mbps) 20,000 4 Fast Ethernet (100 Mbps) 200,000 19 Ethernet (10 Mbps) 2,000,000 100 Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines The path cost method is configured using the spanni
Spanning-Tree Commands Parameters • priority — The priority of the port. (Range: 0-240 in multiples of 16) Default Configuration The default port priority for IEEE Spanning TreeProtocol (STP) is 128. Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines There are no user guidelines for this command. Example The following example configures the spanning priority on Ethernet port 15 to 96. Console(config)# interface ethernet ext.
Spanning-Tree Commands Command Modes Interface Configuration (Ethernet, port-channel) mode User Guidelines This feature should be used only with interfaces connected to end stations. Otherwise, an accidental topology loop could cause a data packet loop and disrupt device and network operations. Example The following example enables PortFast on Ethernet port 15. Console(config)# interface ethernet ext.
Spanning-Tree Commands User Guidelines There are no user guidelines for this command. Example The following example enables shared spanning-tree on Ethernet port 15. Console(config)# interface ethernet ext.15 Console(config-if)# spanning-tree link-type shared spanning-tree pathcost method The spanning-tree pathcost method Global Configuration mode command sets the default path cost method. To return to the default configuration, use the no form of this command.
Spanning-Tree Commands Example The following example sets the default path cost method to long. Console(config)# spanning-tree pathcost method long spanning-tree bpdu The spanning-tree bpdu Global Configuration mode command defines BPDU handling when the spanning tree is disabled globally or on a single interface. To restore the default configuration, use the no form of this command.
Spanning-Tree Commands clear spanning-tree detected-protocols The clear spanning-tree detected-protocols Privileged EXEC mode command restarts the protocol migration process (forces renegotiation with neighboring devices) on all interfaces or on a specified interface. Syntax clear spanning-tree detected-protocols [ethernet interface | port-channel portchannel-number] Parameters • interface — A valid Ethernet port. • port-channel-number — A valid port-channel number.
Spanning-Tree Commands no spanning-tree mst instance-id priority Parameters • instance -id—ID of the spanning -tree instance (Range: 1-15). • priority—Device priority for the specified spanning-tree instance (Range: 0-61440 in multiples of 4096). Default Configuration The default bridge priority for IEEE Spanning Tree Protocol (STP) is 32768. Command Mode Global Configuration mode User Guidelines The device with the lowest priority is selected as the root of the spanning tree.
Spanning-Tree Commands Default Configuration The default number of hops is 20. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example configures the maximum number of hops that a packet travels in an MST region before it is discarded to 10.
Spanning-Tree Commands User Guidelines There are no user guidelines for this command. Example The following example configures the port priority of port g1 to 144. Console(config)# interface ethernet ext.1 Console(config-if)# spanning-tree mst 1 port-priority 144 spanning-tree mst cost The spanning-tree mst cost Interface Configuration mode command configures the path cost for multiple spanning tree (MST) calculations.
Spanning-Tree Commands User Guidelines There are no user guidelines for this command. Example The following example configures the MSTP instance 1 path cost for Ethernet port 9 to 4. Console(config) # interface ethernet ext.9 Console(config-if) # spanning-tree mst 1 cost 4 spanning-tree mst configuration The spanning-tree mst configuration Global Configuration mode command enables configuring an MST region by entering the Multiple Spanning Tree (MST) mode.
Spanning-Tree Commands instance (mst) The instance MST Configuration mode command maps VLANS to an MST instance. Syntax instance instance-id {add | remove} vlan vlan-range Parameters • instance-ID—ID of the MST instance (Range: 1-15). • vlan-range—VLANs to be added to or removed from the specified MST instance. To specify a range of VLANs, use a hyphen. To specify a series of VLANs, use a comma. (Range: 1-4094).
Spanning-Tree Commands name (mst) The name MST Configuration mode command defines the configuration name. To restore the default setting, use the no form of this command. Syntax name string Parameters • string — MST configuration name. The name is case-sensitive. (Range: 1-32 characters) Default Configuration The default name is a radlan_guest. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command.
Spanning-Tree Commands Parameters • value — Configuration revision number (Range: 0-65535). Default Configuration The default configuration revision number is 0. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command. Example The following example sets the configuration revision to 1.
Spanning-Tree Commands Command Mode MST Configuration mode User Guidelines The pending MST region configuration takes effect only after exiting the MST Configuration mode. Example The following example displays a pending MST region configuration.
Spanning-Tree Commands Example The following example exits the MST Configuration mode and saves changes. Console(config) # spanning-tree mst configuration Console(config-mst) # exit Console(config) # abort (mst) The abort MST Configuration mode command exits the MST Configuration mode without applying the configuration changes. Syntax abort Default Configuration This command has no default configuration. Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command.
Spanning-Tree Commands Syntax spanning-tree guard root no spanning-tree guard root Default Configuration Root guard is disabled. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines Root guard can be enabled when the device operates in STP, RSTP and MSTP. When root guard is enabled, the port changes to the alternate state if spanning-tree calculations selects the port as the root port.
Spanning-Tree Commands • port-channel-number — A valid port channel number. • detail — Indicates detailed information. • active — Indicates active ports only. • blockedports — Indicates blocked ports only. • mst-configuration— Indicates the MST configuration identifier. • instance-id—Specifies ID of the spanning tree instance. Default Configuration This command has no default configuration. Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command.
Spanning-Tree Commands Interfaces Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1 Enabled 128.1 20000 FWD Root No P2p bound(RSTP) 2 Enabled 128.2 20000 FWD Desg No Shared (STP) 3 Disabled 128.3 20000 - - - - 4 Enabled 128.4 20000 BLK ALTN No Shared (STP) 5 Enabled 128.
Spanning-Tree Commands Console# show spanning-tree Spanning tree disabled (BPDU filtering) mode RSTP Default port cost method: long Root ID Priority N/A Address N/A Path Cost N/A Root Port N/A Hello Time N/A Max Age N/A Priority 36864 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---- 1 Enabled 128.1 20000 - - - - 2 Enabled 128.
Spanning-Tree Commands Address 00:02:4b:29:7a:00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1 Enabled 128.1 20000 FWD Root No P2p (RSTP) 2 Enabled 128.2 20000 FWD Desg No Shared (STP) 4 Enabled 128.
Spanning-Tree Commands Console# show spanning-tree detail Spanning tree enabled mode RSTP Default port cost method: long Root ID Bridge ID Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1/1) Hello Time 2 sec Max Age 20 sec Priority Forward Delay 15 sec 36864 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 2 last change occurred 2d18h ago Times: hold 1, topology change 35, notification 2 hello 2, max age
Spanning-Tree Commands Port 3 disabled State: N/A Role: N/A Port id: 128.3 Port cost: 20000 Type: N/A (configured: auto) Port Fast: N/A (configured:no) Designated bridge Priority: N/A Address: N/A Designated port id: N/A Designated path cost: N/A Number of transitions to forwarding state: N/A BPDU: sent N/A, received N/A Port 4 enabled State: Blocking Role: Alternate Port id: 128.
Spanning-Tree Commands Console# show spanning-tree ethernet ext.1 Port 1 (1/1) enabled State: Forwarding Role: Root Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto) RSTP Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:01:42:97:e0:00 Designated port id: 128.
Spanning-Tree Commands Max hops 20 Interfaces Name State Prio.Nbr Cost Sts Role PortFast Type ---- ------- -------- ----- --- ---- -------- ---------- 1 Enabled 128.1 20000 FWD Root No P2p Bound (RSTP) 2 Enabled 128.2 20000 FWD Desg No Shared Bound (STP) 3 Enabled 128.3 20000 FWD Desg No P2p 4 Enabled 128.
Spanning-Tree Commands Console# show spanning-tree detail Spanning tree enabled mode MSTP Default port cost method: long ###### MST 0 Vlans Mapped: 1-9, 21-4094 CST Root ID Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1/1) Hello Time 2 sec IST Master ID Max Age 20 sec Priority 32768 Address 00:02:4b:29:7a:00 Forward Delay 15 sec This switch is the IST master.
Spanning-Tree Commands Designated port id: 128.2 Designated path cost: 20000 Number of transitions to forwarding state: 1 BPDU: sent 2, received 170638 Port 3 enabled State: Forwarding Role: Designated Port id: 128.3 Port cost: 20000 Type: Shared (configured: auto) Internal Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.
Spanning-Tree Commands Port 1 (1/1) enabled State: Forwarding Role: Boundary Port id: 128.1 Port cost: 20000 Type: P2p (configured: auto) Boundary RSTP Port Fast: No (configured:no) Designated bridge Priority: 32768 Address: 00:02:4b:29:7a:00 Designated port id: 128.1 Designated path cost: 20000 Number of transitions to forwarding state: 1 BPDU: sent 2, received 120638 Port 2 (1/2) enabled State: Forwarding Role: Designated Port id: 128.
Spanning-Tree Commands Console# show spanning-tree Spanning tree enabled mode MSTP Default port cost method: long ###### MST 0 Vlans Mapped: 1-9, 21-4094 CST Root ID Priority 32768 Address 00:01:42:97:e0:00 Path Cost 20000 Root Port 1 (1/1) Hello Time 2 sec IST Master ID Bridge ID Max Age 20 sec Priority 32768 Address 00:02:4b:19:7a:00 Path Cost 10000 Rem hops 19 Priority 32768 Address 00:02:4b:29:7a:00 Hello Time 2 sec Max hops Max Age 20 sec Forward Delay 15 sec Forward Dela
Spanning-Tree Commands Hello Time 2 sec Max hops Max Age 20 sec Forward Delay 15 sec 20 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 293
Spanning-Tree Commands 294 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
23 SSH Commands ip ssh port The ip ssh port Global Configuration mode command specifies the port to be used by the SSH server. To restore the default configuration, use the no form of this command. Syntax ip ssh port port-number no ip ssh port Parameters • port-number — Port number for use by the SSH server (Range: 1-65535). Default Configuration The default port number is 22. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
SSH Commands Syntax ip ssh server no ip ssh server Default Configuration Device configuration from a SSH server is disabled. Command Mode Global Configuration mode User Guidelines If encryption keys are not generated, the SSH server is in standby until the keys are generated. To generate SSH server keys, use the crypto key generate dsa, and crypto key generate rsa Global Configuration mode commands. Example The following example enables configuring the device from a SSH server.
SSH Commands User Guidelines DSA keys are generated in pairs: one public DSA key and one private DSA key. If the device already has DSA keys, a warning and prompt to replace the existing keys with new keys are displayed. This command is not saved in the device configuration; however, the keys generated by this command are saved in the private configuration, which is never displayed to the user or backed up on another device. DSA keys are saved to the backup master.
SSH Commands RSA keys are saved to the backup master. This command may take a considerable period of time to execute. Example The following example generates RSA key pairs. Console(config)# crypto key generate rsa ip ssh pubkey-auth The ip ssh pubkey-auth Global Configuration mode command enables public key authentication for incoming SSH sessions. To disable this function, use the no form of this command.
SSH Commands crypto key pubkey-chain ssh The crypto key pubkey-chain ssh Global Configuration mode command enters the SSH Public Key-chain Configuration mode. The mode is used to manually specify other device public keys such as SSH client public keys. Syntax crypto key pubkey-chain ssh Default Configuration No keys are specified. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
SSH Commands user-key The user-key SSH Public Key-string Configuration mode command specifies which SSH public key is manually configured. To remove an SSH public key, use the no form of this command. Syntax user-key username {rsa | dsa} no user-key username Parameters • username — Specifies the username of the remote SSH client. (Range: 1-48 characters) • rsa — Indicates the RSA key pair. • dsa — Indicates the DSA key pair. Default Configuration No SSH public keys exist.
SSH Commands key-string The key-string SSH Public Key-string Configuration mode command manually specifies an SSH public key. Syntax key-string key-string row key-string Parameters • row — Indicates the SSH public key row by row. • key-string — Specifies the key in UU-encoded DER format; UU-encoded DER format is the same format in the authorized_keys file used by OpenSSH. (Range:0160) Default Configuration No keys exist.
SSH Commands Example The following example enters public key strings for SSH public key client bob.
SSH Commands User Guidelines There are no user guidelines for this command. Example The following example displays the SSH server configuration. Console# show ip ssh SSH server enabled. Port: 22 RSA key was generated. DSA (DSS) key was generated. SSH Public Key Authentication is enabled. Active incoming sessions: IP address SSH username Version Cipher Auth Code ---------- ------------ --------- ------- ---------- 172.16.0.1 John Brown 2.
SSH Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the SSH public RSA keys on the device.
SSH Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays SSH public keys stored on the device.
SSH Commands 306 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
24 Syslog Commands logging on The logging on Global Configuration mode command controls error message logging. This command sends debug or error messages to a logging process, which logs messages to designated locations asynchronously to the process that generated the messages. To disable the logging process, use the no form of this command. Syntax logging on no logging on Default Configuration Logging is enabled.
Syslog Commands logging The logging Global Configuration mode command logs messages to a syslog server. To delete the syslog server with the specified address from the list of syslogs, use the no form of this command. Syntax logging {ip-address | hostname} [port port] [severity level] [facility facility] [description text] no logging {ip-address | hostname} Parameters • ip-address — IP address of the host to be used as a syslog server. • hostname — Specifies the host name of the syslog server.
Syslog Commands Example The following example limits logged messages sent to the syslog server with IP address 10.1.1.1 to severity level critical. Console(config)# logging 10.1.1.1 severity critical logging buffered The logging buffered Global Configuration mode command limits syslog messages displayed from an internal buffer based on severity. To cancel using the buffer, use the no form of this command.
Syslog Commands logging buffered size The logging buffered size Global Configuration mode command changes the number of syslog messages stored in the internal buffer. To restore the default configuration, use the no form of this command. Syntax logging buffered size number no logging buffered size Parameters • number — Specifies the maximum number of messages stored in the history table. (Range: 20-400) Default Configuration The default number of messages is 200.
Syslog Commands Syntax clear logging Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example clears messages from the internal logging buffer. Console# clear logging Clear Logging File [y/n] logging file The logging file Global Configuration mode command limits syslog messages sent to the logging file based on severity.
Syslog Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example limits syslog messages sent to the logging file based on severity level alerts. Console(config)# logging file alerts clear logging file The clear logging file Privileged EXEC mode command clears messages from the logging file. Syntax clear logging file Default Configuration This command has no default configuration.
Syslog Commands aaa logging The aaa logging Global Configuration mode command enables logging AAA login events. To disable logging AAA login events, use the no form of this command. Syntax aaa logging login no aaa logging login Parameters • login — Indicates logging messages related to successful login events, unsuccessful login events and other login-related events. Default Configuration Logging AAA login events is enabled.
Syslog Commands no file-system logging copy file-system logging delete-rename no file-system logging delete-rename Parameters • copy — Indicates logging messages related to file copy operations. • delete-rename — Indicates logging messages related to file deletion and renaming operations. Default Configuration Logging file system events is enabled. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command.
Syslog Commands Parameters • deny — Indicates logging messages related to deny actions of management ACLs. Default Configuration Logging management ACL events is enabled. Command Mode Global Configuration mode User Guidelines Other types of management ACL events are not subject to this command. Example The following example enables logging messages related to deny actions of management ACLs.
Syslog Commands Example The following example displays the state of logging and the syslog messages stored in the internal buffer. Console# show logging Logging is enabled. Console logging: level debugging. Console Messages: 0 Dropped (severity). Buffer logging: level debugging. Buffer Messages: 11 Logged, 200 Max. File logging: level notifications. File Messages: 0 Dropped (severity). Syslog server 192.180.2.27 logging: errors. Messages: 6 Dropped (severity). Syslog server 192.180.2.28 logging: errors.
Syslog Commands show logging file The show logging file Privileged EXEC mode command displays the state of logging and the syslog messages stored in the logging file. Syntax show logging file Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the logging state and the syslog messages stored in the logging file.
Syslog Commands Buffer log: 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface FastEthernet ext.0, changed state to up 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet ext.0, changed state to up 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet ext.1, changed state to up 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet ext.2, changed state to up 11-Aug-2004 15:41:43: %LINK-3-UPDOWN: Interface Ethernet ext.
Syslog Commands Example The following example displays the settings of the syslog servers. Console# show syslog-servers Device Configuration IP address Port Severity Facility Description ------------ ---- ------------- -------- ----------- 192.180.2.27 514 Informational local7 192.180.2.
Syslog Commands 320 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
System Management Commands 25 System Management Commands ping The ping User EXEC mode command sends ICMP echo request packets to another node on the network. Syntax ping {ip-address | hostname}[size packet_size] [count packet_count] [timeout time_out] Parameters • ip-address — IP address to ping. • hostname — Host name to ping. (Range: 1-158 characters) • packet_size — Number of bytes in a packet.
System Management Commands Destination does not respond. If the host does not respond, a “no answer from host” appears in ten seconds. Destination unreachable. The gateway for this destination indicates that the destination is unreachable. Network or host unreachable. The device found no corresponding entry in the route table. Example The following example displays pinging results: Console> ping 10.1.1.1 Pinging 10.1.1.
System Management Commands Syntax traceroute {ip-address |hostname}[size packet_size] [ttl max-ttl] [count packet_count] [timeout time_out] [source ip-address] [tos tos] Parameters • • • • ip-address — IP address of the destination host. hostname — Host name of the destination host. (Range: 1-158 characters) packet_size — Number of bytes in a packet. (Range: 40-1500) max-ttl — The largest TTL value that can be used.
System Management Commands The traceroute command sends out one probe at a time. Each outgoing packet may result in one or two error messages. A "time exceeded" error message indicates that an intermediate device has seen and discarded the probe. A "destination unreachable" error message indicates that the destination node has received the probe and discarded it because it could not deliver the packet. If the timer goes off before a response comes in, the traceroute command prints an asterisk (*).
System Management Commands H Host unreachable. N Network unreachable. P Protocol unreachable. Q Source quench. R Fragment reassembly time exceeded. S Source route failed. U Port unreachable. telnet The telnet User EXEC mode command enables logging on to a host that supports Telnet. Syntax telnet {ip-address | hostname} [port] [keyword1......] Parameters • ip-address — IP address of the destination host. • hostname — Host name of the destination host.
System Management Commands Special Telnet Sequences Telnet Sequence Purpose Ctrl-shift-6-b Break Ctrl-shift-6-c Interrupt Process (IP) Ctrl-shift-6-h Erase Character (EC) Ctrl-shift-6-o Abort Output (AO) Ctrl-shift-6-t Are You There? (AYT) Ctrl-shift-6-u Erase Line (EL) At any time during an active Telnet session, Telnet commands can be listed by pressing the Ctrl-shift-6-? keys at the system prompt. A sample of this list follows.
System Management Commands Ports Table Keyword Description Port Number BGP Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands 514 daytime Daytime 13 discard Discard 9 domain Domain Name Service 53 echo Echo 7 exec Exec 512 finger Finger 79 ftp File Transfer Protocol 21 ftp-data FTP data connections 20 gopher Gopher 70 hostname NIC hostname server 101 ident Ident Protocol 113 irc Internet Relay Chat 194 klogin Kerberos login 543
System Management Commands Example The following example displays connecting to 176.213.10.50 via Telnet. Console> telnet 176.213.10.50 Esc U sends telnet EL resume The resume User EXEC mode command enables switching to another open Telnet session. Syntax resume [connection] Parameters • connection — The connection number. (Range: 1-4 connections) Default Configuration The default connection number is that of the most recent connection.
System Management Commands Syntax reload Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines Caution should be exercised when resetting the device, to ensure that no other activity is being performed. In particular, the user should verify that no configuration files are being downloaded at the time of reset. Example The following example reloads the operating system.
System Management Commands Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example specifies the device host name. Console(config)# hostname enterprise enterprise(config)# show users The show users User EXEC mode command displays information about the active users. Syntax show users Default Configuration This command has no default configuration.
System Management Commands Bob Serial John SSH 172.16.0.1 Robert HTTP 172.16.0.8 Betty Telnet 172.16.1.7 show sessions The show sessions User EXEC mode command lists open Telnet sessions. Syntax show sessions Default Configuration There is no default configuration for this command. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example lists open Telnet sessions.
System Management Commands Field Description Address IP address of the remote host. Port Telnet TCP port number Byte Number of unread bytes for the user to see on the connection. show system The show system User EXEC mode command displays system information. Syntax show system Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the system information.
System Management Commands ---- ---- ---- ---- ---- ---- 1 OK OK OK OK OK show system id The show system id Privilaged EXEC mode command displays the system identity information. Syntax show system id [unit unit] Parameters • unit unit — Unit number. Default Configuration This command has no default configuration. Command Modes Privilaged EXEC mode User Guidelines There are no user guidelines for this command.
System Management Commands Example Console> show system id Service Tag: 89788978 Serial number: 8936589782 Asset tag: 7843678957 The following is relevant for stackable systems only Unit Service tag Serial number Asset tag -------------------- -------------------- -------------------- -------------------1 89788978 8936589782 7843678957 2 34254675 3216523877 5621987728 show system flowcontrol The show system flowcontrol Interface Configuration mode command displays the flow control state on casc
System Management Commands Example Flow control for internal cascade ports: Enabled Flow control for Stack ports: Enabled Flow control rx-only: Enabled. show system mode The show system mode Priviledged EXEC mode command displays information on features control. Syntax show system mode Default Configuration This command has no default configuration. Command Mode Priviledged EXEC mode User Guidelines There are no user guidelines for this command.
System Management Commands Syntax show version Default Configuration This command has no default configuration. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays system version information (only for demonstration purposes). Console> show version SW version 1.0.0.0 (date 23-Jul-2004 time 17:34:19) Boot version 1.0.0.0 (date 11-Jan-2004 time 11:48:21) HW version 1.0.
System Management Commands Default Configuration Disabled. Command Mode Global Configuration mode User Guidelines Use the show cpu utilization Privileged EXEC command to view information on CPU utilization. Example This example enables measuring CPU utilization. Console(config)# service cpu-utilization show cpu utilization The show cpu utilization Privileged EXEC mode command displays information about CPU utilization.
System Management Commands Example The following example configures the CPU utilization information display. Console# show cpu utilization CPU utilization service is on.
TACACS+ Commands 26 TACACS+ Commands tacacs-server host The tacacs-server host Global Configuration mode command specifies a TACACS+ host. To delete the specified name or address, use the no form of this command. Syntax tacacs-server host {ip-address | hostname} [single-connection] [port port-number] [timeout timeout] [key key-string] [source source] [priority priority] no tacacs-server host {ip-address | hostname} Parameters • ip-address — IP address of the TACACS+ server.
TACACS+ Commands If no TACACS+ server priority is specified, default priority 0 is used. Command Mode Global Configuration mode User Guidelines Multiple tacacs-server host commands can be used to specify multiple hosts. Example The following example specifies a TACACS+ host. Console(config)# tacacs-server host 172.16.1.
TACACS+ Commands User Guidelines There are no user guidelines for this command. Example The following example sets the authentication encryption key. Console(config)# tacacs-server key enterprise tacacs-server timeout The tacacs-server timeout Global Configuration mode command sets the interval during which the device waits for a TACACS+ server to reply. To return to the default configuration, use the no form of this command.
TACACS+ Commands tacacs-server source-ip The tacacs-server source-ip Global Configuration mode command configures the source IP address to be used for communication with TACACS+ servers. To return to the default configuration, use the no form of this command. Syntax tacacs-server source-ip source no tacacs-server source-ip source Parameters • source — Specifies the source IP address. Default Configuration The source IP address is the address of the outgoing IP interface.
TACACS+ Commands Parameters • ip-address — Name or IP address of the TACACS+ server. Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays configuration and statistical information about a TACACS+ server.
TACACS+ Commands 344 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
User Interface Commands 27 User Interface Commands enable The enable User EXEC mode command enters the Privileged EXEC mode. Syntax enable [privilege-level] Parameters • privilege-level — Privilege level to enter the system. (Range: 1-15) Default Configuration The default privilege level is 15. Command Mode User EXEC mode User Guidelines There are no user guidelines for this command.
User Interface Commands Syntax disable [privilege-level] Parameters • privilege-level — Privilege level to enter the system. (Range: 1-15) Default Configuration The default privilege level is 1. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example return to Users EXEC mode. Console# disable Console> login The login User EXEC mode command changes a login username.
User Interface Commands User Guidelines There are no user guidelines for this command. Example The following example enters Privileged EXEC mode and logs in with username admin. Console> login User Name:admin Password:***** Console# configure The configure Privileged EXEC mode command enters the Global Configuration mode. Syntax configure Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command.
User Interface Commands exit (Configuration) The exit command exits any configuration mode to the next highest mode in the CLI mode hierarchy. Syntax exit Default Configuration This command has no default configuration. Command Mode All configuration modes User Guidelines There are no user guidelines for this command. Example The following example changes the configuration mode from Interface Configuration mode to Privileged EXEC mode.
User Interface Commands Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command. Example The following example closes an active terminal session. Console> exit end The end command ends the current configuration session and returns to the Privileged EXEC mode. Syntax end Default Configuration This command has no default configuration. Command Mode All configuration modes. User Guidelines There are no user guidelines for this command.
User Interface Commands help The help command displays a brief description of the help system. Syntax help Default Configuration This command has no default configuration. Command Mode All command modes User Guidelines There are no user guidelines for this command. Example The following example describes the help system. Console# help Help may be requested at any point in a command by entering a question mark '?'. If nothing matches the currently entered incomplete command, the help list is empty.
User Interface Commands Syntax terminal datadump no terminal datadump Default Configuration Dumping is disabled. Command Mode User EXEC mode User Guidelines By default, a More prompt is displayed when the output contains more lines than can be displayed on the screen. Pressing the Enter key displays the next line; pressing the Spacebar displays the next screen of output. The data-dump command enables dumping all output immediately after entering the show command.
User Interface Commands Command Mode User EXEC mode User Guidelines The buffer includes executed and unexecuted commands. Commands are listed from the first to the most recent command. The buffer remains unchanged when entering into and returning from configuration modes. Example The following example displays all the commands entered while in the current Privileged EXEC mode. Console# show version SW version 3.131 (date 23-Jul-2005 time 17:34:19) HW version 1.0.
User Interface Commands Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command. Example The following example displays the current privilege level for the Privileged EXEC mode. Console# show privilege Current privilege level is 15 do The do command executes an EXEC-level command from global configuration mode or any configuration submode..
User Interface Commands Example The following example displays the current privilege level for the Privileged EXEC mode.
VLAN Commands 28 VLAN Commands vlan database The vlan database Global Configuration mode command enters the VLAN Configuration mode. Syntax vlan database Default Configuration This command has no default configuration. Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command. Example The following example enters the VLAN database mode. Console(config)# vlan database Console(config-vlan)# vlan Use the vlan VLAN Configuration mode command to create a VLAN.
VLAN Commands Parameters • vlan-range — Specifies a list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces; a hyphen designates a range of IDs. Default Configuration This command has no default configuration. Command Mode VLAN Configuration mode User Guidelines There are no user guidelines for this command. Example The following example VLAN number 1972 is created.
VLAN Commands User Guidelines There are no user guidelines for this command. Example The following example configures VLAN 1 with IP address 131.108.1.27 and subnet mask 255.255.255.0. Console(config)# interface vlan 1 Console(config-if)# ip address 131.108.1.27 255.255.255.0 interface range vlan The interface range vlan Global Configuration mode command enables simultaneously configuring multiple VLANs.
VLAN Commands Example The following example groups VLANs 221, 228 and 889 to receive the same command. Console(config)# interface range vlan 221-228,889 Console(config-if)# name The name Interface Configuration mode command adds a name to a VLAN. To remove the VLAN name, use the no form of this command. Syntax name string no name Parameters • string — Unique name to be associated with this VLAN. (Range: 1-32 characters) Default Configuration No name is defined.
VLAN Commands switchport protected The switchport protected Interface Configuration mode command overrides the FDB decision, and sends all Unicast, Multicast and Broadcast traffic to an uplink port. To disable overriding the FDB decision, use the no form of this command.. Syntax switchport protected {ethernet port | port-channel port-channel-number} no switchport protected Parameters • port— Specifies the uplink Ethernet port. • port-channel-number — Specifies the uplink port-channel.
VLAN Commands switchport mode The switchport mode Interface Configuration mode command configures the VLAN membership mode of a port. To return to the default configuration, use the no form of this command. Syntax switchport mode {access | trunk | general} no switchport mode Parameters • access — Indicates an untagged layer 2 VLAN port. • trunk — Indicates a trunking layer 2 VLAN port. • general — Indicates a full 802-1q supported VLAN port.
VLAN Commands Syntax switchport access vlan {vlan-id | dynamic} no switchport access vlan Parameters • vlan-id — Specifies the ID of the VLAN to which the port is configured. • dynamic—Indicates that the port is assigned to a VLAN based on the source MAC address of the host connected to the port. Default Configuration All ports belong to VLAN 1.
VLAN Commands Parameters • add vlan-list — List of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs. • remove vlan-list — List of VLAN IDs to be removed. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs. Default Configuration This command has no default configuration.
VLAN Commands Default Configuration VID=1. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines The command adds the port as a member in the VLAN. If the port is already a member in the VLAN (not as a native), it should be first removed from the VLAN. Example The following example configures VLAN number 123 as the native VLAN when Ethernet port 1 is in trunk mode. Console(config)# interface ethernet ext.
VLAN Commands Default Configuration If the port is added to a VLAN without specifying tagged or untagged, the default setting is tagged. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines This command enables changing the egress rule (for example from tagged to untagged) without first removing the VLAN from the list. Example The following example adds VLANs 2, 5, and 6 to the allowed list of Ethernet port 1. Console(config)# interface ethernet ext.
VLAN Commands User Guidelines There are no user guidelines for this command. Example The following example configures the PVID for Ethernet port 1, when the interface is in general mode. Console(config)# interface ethernet ext.1 Console(config-if)# switchport general pvid 234 switchport general ingress-filtering disable The switchport general ingress-filtering disable Interface Configuration mode command disables port ingress filtering.
VLAN Commands switchport general acceptable-frame-type tagged-only The switchport general acceptable-frame-type tagged-only Interface Configuration mode command discards untagged frames at ingress. To return to the default configuration, use the no form of this command. Syntax switchport general acceptable-frame-type tagged-only no switchport general acceptable-frame-type tagged-only Default Configuration All frame types are accepted at ingress.
VLAN Commands Parameters • add vlan-list — Specifies the list of VLAN IDs to be added. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs. • remove vlan-list — Specifies the list of VLAN IDs to be removed. Separate nonconsecutive VLAN IDs with a comma and no spaces. A hyphen designates a range of IDs. Default Configuration All VLANs are allowed.
VLAN Commands Default Configuration The software reserves a VLAN as the internal usage VLAN of an interface. Command Mode Interface Configuration (Ethernet, port-channel) mode User Guidelines An internal usage VLAN is required when an IP interface is configured on an Ethernet port or port-channel. This command enables the user to configure the internal usage VLAN of a port.
VLAN Commands • vlan-name — Specifies a VLAN name string. (Range: 1-32 characters) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays all VLAN information.
VLAN Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays VLANs used internally by the device.
VLAN Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the switchport configuration for Ethernet port 1.map Console# show interface switchport ethernet ext.1 Port 1: VLAN Membership mode: General Operating parameters: PVID: 1 (default) Ingress Filtering: Enabled Acceptable Frame Type: All GVRP status: Enabled Protected: Enabled, Uplink is 1.
VLAN Commands ---- ------- ----------- 1 default untagged 11 VLAN011 tagged 19 IPv6 VLAN untagged 72 VLAN0072 untagged Forbidden VLANS: VLAN Name ---- ---- 73 out Console# show interface switchport ethernet ext.
VLAN Commands Forbidden VLANS: VLAN Name ---- ---- 73 out Port 29 Static configuration: PVID: 2922 Ingress Filtering: Enabled Acceptable Frame Type: Untagged GVRP status: Disabled map protocol protocols-group The map protocol protocols-group VLAN database command adds a special protocol to a named group of protocols, which may be used for protocol-based VLAN assignment. To delete a protocol from a group, use the no form of this command.
VLAN Commands Command Mode VLAN Database mode User Guidelines The following protocol names are reserved: • • ip-arp ipx Example The following example maps protocol ip-arp to the group named "213". Console (config)# vlan database Console (config-vlan)# map protocol ip-arp protocols-group 213 switchport general map protocols-group vlan The switchport general map protocols-group vlan interface configuration command sets a protocol-based classification rule.
VLAN Commands User Guidelines There are no user guidelines for this command. Example The following example sets a protocol-based classification rule of protocol group 1 to VLAN 8. Console (config)# interface ethernet ext.8 Console (config-if)# switchport general map protocols-group 1 vlan 8 map mac macs-group Use the map mac macs-group VLAN configuration command to map a MAC address or range of MAC addresses to a group of MAC addresses. Use the no form of this command to delete the map.
VLAN Commands Example The following example maps the MAC address 00:13:20:95:21:AA to macs group 4. Console(config-vlan)# map mac 00:13:20:95:21:AA host macs-group 4 switchport general map macs-group vlan Use the switchport general map macs-group vlan interface configuration command to set a macbased classification rule. Use the no form of this command to delete a classification.
VLAN Commands map subnet subnets-group Use the map subnet subnets-group VLAN configuration command to map IP subnet to a group of IP subnets. Use the no form of this command to delete the map. Syntax map subnet ip-address prefix-mask subnets-group group no map subnet ip-address prefix-mask Parameters • • • ip-addressSpecify the IP address prefix of the subnet to be entered to the group. prefix-maskMask bits. The format is IP address format.
VLAN Commands no switchport general map subnets-group group Parameters • • group - Group number. Range: 1 - 2147483647 vlan-id - Define the VLAN ID that is associated with the rule. Default Configuration This command has no default configuration. Command Mode Interface configuration (Ethernet, port-channel) User Guidelines The priority between VLAN classification rules is: 1. 2. 3. 4.
VLAN Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays protocols-groups information.
VLAN Commands Example The following example displays protocols-groups information. Console> show vlan protocols-groups Protocol EncapsulationGroup ------------------------------------0x800 (IP)Ethernet 1 0x806 (ARP)Ethernet 1 0x86dd (IPv6)Ethernet 2 0x8898 Ethernet 3# show vlan subnets-groups Use the show vlan subnets-groups EXEC command to show subnets-groups information. Syntax show vlan subnets-groups Parameters • • • console — Console terminal line.
VLAN Commands Example The following example shows subnets-groups information. onsole> show vlan subnets-groups MAC Prefix Group ------------------------------------172.16.1.0 255.255.255.01 172.16.2.0 255.255.255.
VLAN Commands 382 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
802.1x Commands 29 802.1x Commands aaa authentication dot1x The aaa authentication dot1x Global Configuration mode command specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 802.1x. To return to the default configuration, use the no form of this command. Syntax aaa authentication dot1x default method1 [method2...] no aaa authentication dot1x default Parameters • method1 [method2...
802.1x Commands Example The following example uses the aaa authentication dot1x default command with no authentication. Console# configure Console(config)# aaa authentication dot1x default none dot1x system-auth-control The dot1x system-auth-control Global Configuration mode command enables 802.1x globally. To return to the default configuration, use the no form of this command. Syntax dot1x system-auth-control no dot1x system-auth-control Default Configuration 802.1x is disabled globally.
802.1x Commands Syntax dot1x port-control {auto | force-authorized | force-unauthorized} no dot1x port-control Parameters • auto — Enables 802.1x authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.1x authentication exchange between the port and the client. • force-authorized — Disables 802.1x authentication on the interface and causes the port to transition to the authorized state without any authentication exchange required.
802.1x Commands dot1x re-authentication The dot1x re-authentication Interface Configuration mode command enables periodic re-authentication of the client. To return to the default configuration, use the no form of this command. Syntax dot1x re-authentication no dot1x re-authentication Default Configuration Periodic re-authentication is disabled. Command Mode Interface Configuration (Ethernet) User Guidelines There are no user guidelines for this command.
802.1x Commands Parameters • seconds — Number of seconds between re-authentication attempts. (Range: 300-4294967295) Default Configuration Re-authentication period is 3600 seconds. Command Mode Interface Configuration (Ethernet) mode User Guidelines There are no user guidelines for this command. Example The following example sets the number of seconds between re-authentication attempts, to 300. Console(config)# interface ethernet ext.
802.1x Commands Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following command manually initiates a re-authentication of 802.1x-enabled Ethernet port 16. Console# dot1x re-authenticate ethernet ext.
802.1x Commands The default value of this command should only be changed to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients and authentication servers. To provide a faster response time to the user, a smaller number than the default value should be entered. Example The following example sets the number of seconds that the device remains in the quiet state following a failed authentication exchange to 3600.
802.1x Commands User Guidelines The default value of this command should be changed only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients. and authentication servers Example The following command sets the number of seconds that the device waits for a response to an EAP-request/identity frame, to 3600 seconds. Console(config)# interface ethernet ext.
802.1x Commands User Guidelines The default value of this command should be changed only to adjust for unusual circumstances, such as unreliable links or specific behavioral problems with certain clients. and authentication servers Example The following example sets the number of times that the device sends an EAP-request/ identity frame to 6 . Console(config)# interface ethernet ext.
802.1x Commands Example The following example sets the timeout period before retransmitting an EAP-request frame to the client to 3600 seconds. Console(config-if)# dot1x timeout supp-timeout 3600 dot1x timeout server-timeout The dot1x timeout server-timeout Interface Configuration mode command sets the time that the device waits for a response from the authentication server. To return to the default configuration, use the no form of this command.
802.1x Commands show dot1x The show dot1x Privileged EXEC mode command displays the 802.1x status of the device or specified interface. Syntax show dot1x [ethernet interface] Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays the status of 802.1x-enabled Ethernet ports.
802.1x Commands * Port is down or not present. Console# show dot1x ethernet ext.3 802.1x is enabled.
802.1x Commands Field Description Username The username representing the identity of the Supplicant. This field shows the username in case the port control is auto. If the port is Authorized, it shows the username of the current user. If the port is unauthorized it shows the last user that was authenticated successfully. Quiet period The number of seconds that the device remains in the quiet state following a failed authentication exchange (for example, the client provided an invalid password).
802.1x Commands Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays 802.1x users. Console# show dot1x users Port Username Session Time Auth Method MAC Address ----- -------- ------------ ----------- -------------- 1 Bob 1d:03:08.
802.1x Commands show dot1x statistics The show dot1x statistics Privileged EXEC mode command displays 802.1x statistics for the specified interface. Syntax show dot1x statistics ethernet interface Parameters • interface — Valid Ethernet port. (Full syntax: unit/port) Default Configuration This command has no default configuration. Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command. Example The following example displays 802.
802.1x Commands LastEapolFrameVersion: 1 LastEapolFrameSource: 00:08:78:32:98:78 The following table describes the significant fields shown in the display: Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator. EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator. EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator.
802.1x Commands Default Configuration Access is enabled. Command Mode Interface Configuration (VLAN) mode User Guidelines An access port cannot be a member in an unauthenticated VLAN. The native VLAN of a trunk port cannot be an unauthenticated VLAN. For a general port, the PVID can be an unauthenticated VLAN (although only tagged packets would be accepted in the unauthorized state.) Example The following example enables access to the VLAN to unauthorized devices.
802.1x Commands User Guidelines This command enables the attachment of multiple clients to a single 802.1x-enabled port. In this mode, only one of the attached hosts must be successfully authorized for all hosts to be granted network access. If the port becomes unauthorized, all attached clients are denied access to the network. For unauthenticated VLANs, multiple hosts are always enabled. Multiple-hosts must be enabled to enable port security on the port.
802.1x Commands No traps are sent. Command Mode Interface Configuration (Ethernet) mode User Guidelines The command is relevant when multiple hosts is disabled and the user has been successfully authenticated. Example The following example forwards frames with source addresses that are not the supplicant address and sends consecutive traps at intervals of 100 seconds.
802.1x Commands If the guest VLAN is defined and enabled, the port automatically joins the guest VLAN when the port is unauthorized and leaves it when the port becomes authorized. To be able to join or leave the guest VLAN, the port should not be a static member of the guest VLAN. Example The following example defines VLAN 2 as a guest VLAN.
802.1x Commands Example The following example enables unauthorized users on Ethernet port 1 to access the guest VLAN. Console# configure Console(config)# interface ethernet ext.1 Console(config-if)# dot1x guest-vlan enable show dot1x advanced The show dot1x advanced Privileged EXEC mode command displays 802.1x advanced features for the device or specified interface. Syntax show dot1x advanced [ethernet interface] Parameters • interface — Valid Ethernet port.
802.1x Commands Interface Multiple Hosts Guest VLAN --------- -------------- ---------- 1 Disabled Enabled 2 Enabled Disabled Console# show dot1x advanced ethernet ext.
Appendix A: Getting Help World Wide Web http://support.intel.com/support/motherboards/server/blade.htm. Telephone All calls are billed US $25.00 per incident, levied in local currency at the applicable credit card exchange rate plus applicable taxes. (Intel reserves the right to change the pricing for telephone support at any time without notice). Before calling, fill out an Intel Server Issue Report Form available from http:// support.intel.com/support.
In Asia-Pacific Region Australia.... 1800 649931 Cambodia .. 63 2 636 9797 (via Philippines) China ......... 800 820 1100 (toll-free) .................... 8 621 33104691 (not toll-free) Hong Kong 852 2 844 4456 India........... 0006517 2 68303634 (manual toll-free. You need an IDD-equipped telephone) Indonesia ... 803 65 7249 Korea ......... 822 767 2595 Malaysia .... 1 800 80 1390 Myanmar... 63 2 636 9796 (via Philippines) New Zealand 0800 444 365 Pakistan .....
Colombia ... Contact AT&T USA at 01 800 911 0010. Once connected, dial 800 843 4481 Costa Rica . Contact AT&T USA at 0 800 0 114 114. Once connected, dial 800 843 4481 Ecuador (Andimate) .... Contact AT&T USA at 1 999 119. Once connected, dial 800 843 4481 (Pacifictel) ..... Contact AT&T USA at 1 800 225 528. Once connected, dial 800 843 4481 Guatemala . Contact AT&T USA at 99 99 190. Once connected, dial 800 843 4481 Mexico ....... Contact AT&T USA at 001 800 462 628 4240.
408 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
