Cisco AJ732A - MDS 9134 Fabric Switch Command Reference Manual Download Page 363

Page: 363 / 792

S e n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m

6-15

Cisco Nexus 5000 Series Command Reference

OL-16599-01

Chapter 6 Security Commands

deny (IPv4)

To create an IPv4 ACL rule that denies traffic matching its conditions, use the

deny

command. To

remove a rule, use the

form of this command.

General Syntax

[

sequence-number

]

deny

protocol

source

destination

{[

dscp

dscp

]

[

precedence

precedence

]}

[

fragments

]

[

log

]

[

time-range

time-range-name

]

no deny

protocol

source

destination

{[

dscp

dscp

]

[

precedence

precedence

]}

[

fragments

]

[

log

]

[

time-range

time-range-name

]

sequence-number

Internet Control Message Protocol

[

sequence-number

]

deny icmp

source

destination

[

icmp-message

]

{[

dscp

dscp

]

[

precedence

precedence

]}

[

fragments

]

[

log

]

[

time-range

time-range-name

]

Internet Group Management Protocol

[

sequence-number

]

deny igmp

source

destination

[

igmp-message

]

{[

dscp

dscp

]

[

precedence

precedence

]}

[

fragments

]

[

log

]

[

time-range

time-range-name

]

Internet Protocol v4

[

sequence-number

]

deny ip

source

destination

{[

dscp

dscp

]

[

precedence

precedence

]}

[

fragments

]

[

log

]

[

time-range

time-range-name

]

Transmission Control Protocol

[

sequence-number

]

deny tcp

source

[

operator

port

[

port

]

portgroup

portgroup

]

destination

[

operator

port

[

port

]

portgroup

portgroup

]

{[

dscp

dscp

]

[

precedence

precedence

]}

[

fragments

]

[

log

]

[

time-range

time-range-name

]

[

flags

]

[

established

]

User Datagram Protocol

[

sequence-number

]

deny udp

source

[

operator

port

[

port

]

portgroup

portgroup

]

destination

[

operator

port

[

port

]

portgroup

portgroup

]

{[

dscp

dscp

]

[

precedence

precedence

]}

[

fragments

]

[

log

]

[

time-range

time-range-name

]

Summary of Contents for AJ732A - MDS 9134 Fabric Switch

Page 1: ...o c o m Americas Headquarters Cisco Systems Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 527 0883 Cisco Nexus 5000 Series Command Reference Release 4 1 3 N1 1 August 2009 Text Part Number OL 16599 01 ...

Page 2: ...sco Eos Cisco HealthPresence Cisco IronPort the Cisco logo Cisco Lumin Cisco Nexus Cisco Nurse Connect Cisco StackPower Cisco StadiumVision Cisco TelePresence Cisco Unified Computing System Cisco WebEx DCE Flip Channels Flip for Good Flip Mino Flip Video Flip Video Design Flipshare Design Flip Ultra and Welcome to the Human Network are trademarks Changing the Way We Work Live Play and Learn Cisco ...

Page 3: ...lated Documentation xxi C H A P T E R 1 Basic System Commands 1 1 banner motd 1 2 boot 1 3 cd 1 5 clear cli history 1 6 clear cores 1 7 clear debug logfile 1 8 clear install failure reason 1 9 clear license 1 10 clear user 1 11 cli var name 1 12 clock set 1 14 clock summer time 1 15 clock timezone 1 17 configure session 1 18 configure terminal 1 19 copy 1 20 copy running config startup config 1 24...

Page 4: ...feature lacp 1 40 feature private vlan 1 41 feature tacacs 1 42 feature udld 1 43 find 1 44 format 1 45 gunzip 1 46 gzip 1 47 hostname 1 48 install all 1 49 install license 1 52 line console 1 53 line vty 1 54 modem in 1 55 modem init string 1 56 modem set string user input 1 58 move 1 59 parity 1 61 ping 1 62 ping6 1 64 reload 1 66 rmdir 1 67 run script 1 68 save 1 69 send 1 70 setup 1 71 session...

Page 5: ...how incompatibility system 1 85 show install all 1 86 show inventory 1 87 show license 1 88 show license host id 1 89 show license usage 1 90 show line 1 92 show module 1 93 show processes 1 94 show processes cpu 1 95 show processes log 1 96 show processes memory 1 97 show running config 1 98 show running config diff 1 99 show sprom 1 101 show startup config 1 103 show switchname 1 104 show system...

Page 6: ...rase 1 125 C H A P T E R 2 Ethernet Commands 2 1 bandwidth interface 2 2 cdp 2 4 cdp enable 2 6 channel group Ethernet 2 7 clear mac access list counters 2 10 clear mac dynamic 2 11 clear mac address table dynamic 2 12 clear spanning tree counters 2 14 clear spanning tree detected protocol 2 15 delay interface 2 16 description interface 2 17 instance vlan 2 18 interface ethernet 2 20 interface por...

Page 7: ...ype 2 54 spanning tree loopguard default 2 55 spanning tree mode 2 56 spanning tree mst configuration 2 57 spanning tree mst cost 2 59 spanning tree mst forward time 2 61 spanning tree mst hello time 2 62 spanning tree mst max age 2 63 spanning tree mst max hops 2 64 spanning tree mst port priority 2 65 spanning tree mst priority 2 66 spanning tree mst root 2 67 spanning tree mst simulate pvst 2 6...

Page 8: ...mode 2 100 udld Ethernet 2 102 vlan EXEC mode 2 103 vrf context 2 105 C H A P T E R 3 Ethernet Show Commands 3 1 show interface mac address 3 2 show interface private vlan mapping 3 3 show interface switchport 3 4 show interface vlan 3 5 show ip igmp snooping 3 7 show lacp 3 8 show mac address table aging time 3 9 show mac address table count 3 10 show mac address table notification 3 11 show mac ...

Page 9: ... R 4 Fabric Extender Commands 4 1 attach fex 4 2 beacon 4 3 description fex 4 4 fex 4 5 fex associate 4 6 fex pinning redistribute 4 7 logging fex 4 8 pinning max links 4 9 serial 4 11 show diagnostic result fex 4 13 show environment fex 4 14 show fex 4 15 show fex transceiver 4 16 show fex version 4 17 show interface fex fabric 4 18 show interface fex intf 4 19 show interface transceiver fex fabr...

Page 10: ...olicy map 5 22 show policy map interface 5 23 show policy map interface brief 5 24 show interface priority flow control 5 25 show policy map interface 5 26 system jumbomtu 5 27 system qos 5 28 untagged cos 5 29 C H A P T E R 6 Security Commands 6 1 aaa accounting default 6 2 aaa authentication login console 6 3 aaa authentication login default 6 5 aaa authentication login error enable 6 7 aaa auth...

Page 11: ...rmit MAC 6 72 permit interface 6 75 permit vlan 6 77 permit vrf 6 79 radius server deadtime 6 80 radius server directed request 6 81 radius server host 6 82 radius server key 6 84 radius server retransmit 6 85 radius server timeout 6 86 remark 6 87 resequence 6 89 role feature group name 6 91 role name 6 92 rule 6 93 server 6 95 show aaa accounting 6 97 show aaa authentication 6 98 show aaa groups...

Page 12: ...w startup config radius 6 117 show startup config security 6 118 show tacacs server 6 119 show telnet server 6 121 show user account 6 122 show users 6 123 show vlan access list 6 124 show vlan access map 6 125 show vlan filter 6 126 ssh 6 127 ssh6 6 128 ssh key 6 129 ssh server enable 6 131 storm control level 6 132 tacacs server deadtime 6 134 tacacs server directed request 6 135 tacacs server h...

Page 13: ...logging event 7 8 logging event port 7 9 logging level 7 10 logging logfile 7 12 logging module 7 14 logging monitor 7 15 logging server 7 16 logging timestamp 7 18 ntp 7 19 ntp abort 7 20 ntp commit 7 21 ntp distribute 7 22 ntp sync retry 7 23 show logging console 7 24 show logging info 7 25 show logging last 7 26 show logging level 7 27 show logging logfile 7 28 show logging module 7 29 show log...

Page 14: ...ibute 8 7 cfs ipv6 mcast address 8 9 cfs region 8 11 cfs staggered merge 8 12 clear device alias 8 13 clear fcdomain 8 14 clear fcflow stats 8 15 clear fcns statistics 8 16 clear fcsm log 8 17 clear fcs statistics 8 18 clear fctimer session 8 19 clear fspf counters 8 20 clear port security 8 21 clear rlir 8 22 clear rscn session 8 23 clear rscn statistics 8 24 clear zone 8 25 device alias abort 8 ...

Page 15: ...8 44 fcalias name 8 45 fcalias rename 8 46 fcdomain 8 47 fcdomain abort vsan 8 49 fcdomain commit vsan 8 50 fcdomain distribute 8 51 fcdomain rcf reject 8 52 fcdroplatency 8 53 fcflow stats 8 54 fcid allocation 8 56 fcinterop fcid allocation 8 57 fcns no auto poll 8 58 fcns proxy port 8 59 fcns reject duplicate pwwn vsan 8 60 fcping 8 61 fcroute 8 63 fcs plat check global 8 65 fcs register 8 66 fc...

Page 16: ...n port channel 8 92 interface vfc 8 94 logging abort 8 96 logging commit 8 97 logging distribute 8 98 member fcalias configuration mode 8 99 member zone configuration mode 8 101 member zoneset configuration mode 8 103 npiv enable 8 104 npv auto load balance disruptive 8 105 npv enable 8 106 npv traffic map 8 107 port security 8 108 port security abort 8 110 port security commit 8 111 port security...

Page 17: ...it 8 137 system default zone distribute full 8 138 trunk protocol enable 8 139 vsan database 8 140 wwn secondary mac 8 143 wwn vsan 8 144 zone clone 8 145 zone commit 8 146 zone compact 8 147 zone copy 8 148 zone default zone 8 149 zone merge control restrict vsan 8 150 zone mode enhanced 8 151 zone name configuration mode 8 152 zone name zone set configuration mode 8 154 zone rename 8 155 zoneset...

Page 18: ...ow fctimer 9 27 show fdmi 9 28 show flogi 9 29 show fspf 9 31 show in order guarantee 9 32 show loadbalancing 9 33 show npv flogi table 9 34 show npv status 9 35 show npv traffic map 9 36 show port index allocation 9 37 show port security 9 38 show rlir 9 40 show rscn 9 41 show san port channel 9 42 show scsi target 9 44 show topology 9 46 show trunk protocol 9 47 show vsan 9 48 show wwn 9 50 show...

Page 19: ...i Cisco Nexus 5000 Series Command Reference OL 16599 01 show startup config interface 10 4 show startup config vpc 10 5 show vpc brief 10 6 show vpc consistency parameters 10 9 show vpc orphan ports 10 12 show vpc peer keepalive 10 14 show vpc role 10 16 show vpc statistics 10 18 I N D E X ...

Page 20: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m Contents xviii Cisco Nexus 5000 Series Command Reference OL 16599 01 ...

Page 21: ...entation page xxi Audience This publication is for experienced users who configure and maintain Cisco NX OS devices Organization This reference is organized as follows Chapter Title Description Chapter 1 Basic System Commands Describes the basic Cisco NX OS system commands Chapter 2 Ethernet Commands Describes the Cisco NX OS Ethernet and Virtual Ethernet commands Chapter 3 Ethernet Show Commands ...

Page 22: ... Commands Describes the Cisco NX OS Fibre Channel show commands Chapter Title Description Convention Description boldface font Commands and keywords are in boldface italic font Arguments for which you supply values are in italics Elements in square brackets are optional x y z Optional alternative keywords are grouped in brackets and separated by vertical bars string A nonquoted set of characters D...

Page 23: ...d Cisco currently supports RSS Version 2 0 Related Documentation Documentation for Cisco Nexus 5000 Series Switches and Cisco Nexus 2000 Series Fabric Extender is available at the following URL http www cisco com en US products ps9670 tsd_products_support_series_home html The following are related Cisco Nexus 5000 Series and Cisco Nexus 2000 Series Fabric Extender documents Cisco Nexus 5000 Series...

Page 24: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m xxii Cisco Nexus 5000 Series Command Reference OL 16599 01 Preface ...

Page 25: ... a ck c i s c o c o m 1 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 1 Basic System Commands This chapter describes the basic Cisco NX OS system commands available on Cisco Nexus 5000 Series switches These commands allow you to navigate and control the switch ...

Page 26: ... Examples This example shows how to configure a single line MOTD banner switch config banner motd Unauthorized access to this device is prohibited This example shows how to configure a multiple line MOTD banner switch config banner motd Welcome Authorized Users Unauthorized access prohibited This example shows how to revert to the default MOTD banner switch config no banner motd Related Commands d...

Page 27: ...ftware uses the boot variable for loading images when booting up You must copy the correct image to the switch before you reload Examples This example shows how to configure the system boot variable switch config boot system bootflash n5000 bin This example shows how to configure the kickstart boot variable switch config boot kickstart bootflash n5000 kickstart bin This example shows how to clear ...

Page 28: ...exus 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands boot This example shows how to clear the kickstart boot variable switch config no boot kickstart Related Commands Command Description copy Copies files show boot Displays boot variable configuration information ...

Page 29: ...elines Use the pwd command to verify the current working directory Examples This example shows how to change the current working directory on the current file system switch cd my scripts This example shows how to change the current working directory to another file system switch cd volatile Related Commands filesystem Optional Name of the file system Valid values are bootflash or volatile server O...

Page 30: ...tax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines Use the show cli history command to display the history of the commands that you entered at the command line interface CLI Examples This example shows how to clear the command history switch clear cli history Related Commands Release Modification 4 0 0 N1 1a This ...

Page 31: ...cription This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines Use the show system cores command to display information about the core files Examples This example shows how to clear the core file switch clear cores Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show system cores Dis...

Page 32: ...ar debug logfile filename Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to clear the debug log file switch clear debug logfile syslogd_debugs Related Commands filename Name of the debug log file to clear Release Modification 4 0 0 N1 1a This command was introduced Command Description debug logfile Configures a debug log file debug l...

Page 33: ...he clear install failure reason command clear install failure reason Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to clear the reason for software installation failures switch clear install failure reason Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command ...

Page 34: ...nse use the clear license command clear license filename Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to clear a specific license switch clear license fm lic Related Commands filename Name of the license file to be uninstalled Release Modification 4 0 0 N1 1a This command was introduced Command Description show license Displays lic...

Page 35: ...ser use the clear user command clear user username Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to log out a specific user switch clear user admin Related Commands username Name of the user to be logged out Release Modification 4 0 0 N1 1a This command was introduced Command Description show users Displays the users currently logge...

Page 36: ...wing Command scripts Filenames You cannot reference a variable in the definition of another variable The Cisco NX OS software provides a predefined variable TIMESTAMP that you can use to insert the time of day You cannot change or remove the TIMESTAMP CLI variable You cannot change the definition of a CLI variable You must remove the variable and then create it again with the new definition Exampl...

Page 37: ...sic System Commands cli var name This example shows how to reference the TIMESTAMP variable switch copy running config bootflash run config TIMESTAMP cnfg This example shows how to remove a CLI variable switch cli no var name testvar Related Commands Command Description run script Runs command scripts show cli variables Displays the CLI variables ...

Page 38: ...s Use this command when you cannot synchronize the switch with an outside clock source such as an NTP server Examples This example shows how to manually configure the clock switch clock set 12 00 00 04 July 2008 Related Commands time Time of day The format is HH MM SS day Day of the month The range is from 1 to 31 month Month of the year The values are January February March April May June July Au...

Page 39: ...s a three character string start week Week of the month to start the summer time offset The range is from 1 to 5 start day Day of the month to start the summer time offset Valid values are Monday Tuesday Wednesday Thursday Friday Saturday or Sunday start month Month to start the summer time offset Valid values are January February March April May June July August September October November and Dec...

Page 40: ... 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands clock summer time This example shows how to revert to the default offset for summer time switch config no clock summer time Related Commands Command Description show clock Displays clock summer time offset configuration ...

Page 41: ...configuration mode Command History Usage Guidelines Use the command to offset the device clock from UTC Examples This example shows how to configure the time zone offset from UTC switch config clock timezone PST 8 0 This example shows how to revert the time zone offset to the default switch no clock timezone Related Commands zone name Zone name The name is a 3 character string for the time zone ac...

Page 42: ...gure session name Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to create a configuration session switch configure session MySession switch config s Related Commands name Name of the session The name is a case sensitive alphanumeric string up to 63 characters Release Modification 4 0 1a N1 1 This command was introduced Command Descr...

Page 43: ... configure terminal command the system prompt changes from switch to switch config indicating that the router is in configuration mode To leave configuration mode and return to EXEC mode type end or press Ctrl Z To view the changes to the configuration that you have made use the show running config command Examples This example shows how to enter configuration mode switch configure terminal switch...

Page 44: ...tory to be copied The source can be either local or remote depending upon whether the file is being downloaded or uploaded destination url Destination URL or variable of the copied file or directory The destination can be either local or remote depending upon whether the file is being downloaded or uploaded Table 1 1 URL Prefix Keywords for Local Writable Storage File Systems Keyword Source or Des...

Page 45: ...ows tftp server port path filename Table 1 3 URL Prefix Keywords for Special File Systems Keyword Source or Destination core Local memory for core files You can copy core files from the core file system debug Local memory for debug files You can copy core files from the debug file system log Local memory for log files You can copy log files from the log file system modflash External memory for mod...

Page 46: ...tion file from a network server to the running configuration of the device The configuration is added to the running configuration as if the commands were typed in the CLI The resulting configuration file is a combination of the previous running configuration and the downloaded configuration file The downloaded configuration file having precedence over the previous running configuration You can co...

Page 47: ...sh This example shows how to copy a file to another supervisor module switch copy file1 bootflash sup 1 file1 bak This example shows how to copy a file from a remote server switch copy scp 10 10 1 1 image file bin bootflash image file bin Related Commands Command Description cd Changes the current working directory delete Delete a file or directory dir Displays the directory contents move Moves a ...

Page 48: ...copies of the configuration are identical copy running config startup config Syntax Description This command has no additional arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines To view the changes to the configuration that you have made use the show startup config command Examples The following example shows saving the running configuration to the ...

Page 49: ...sage Guidelines You can configure the console port only from a session on the console port Examples This example shows how to configure the number of data bits for the console port switch configure terminal switch config line console switch config console databits 7 This example shows how to revert to the default number of data bits for the console port switch configure terminal switch config line...

Page 50: ...OS software creates the logfile in the log file system root directory Use the dir log command to display the log files Examples This example shows how to specify a debug log file switch debug logfile debug_log This example shows how to revert to the default debug log file switch no debug logfile debug_log Related Commands filename Name of the file for debug command output The filename is alphanume...

Page 51: ...ebug logging no debug logging Syntax Description This command has no arguments or keywords Command Default Disabled Command Modes EXEC mode Command History Examples This example shows how to enable the output logging for the debug command switch debug logging This example shows how to disable the output logging for the debug command switch no debug logging Related Commands Release Modification 4 0...

Page 52: ...at want to delete The delete command will delete a directory and its contents Exercise caution when using this command to delete directories Examples This example shows how to delete a file switch delete bootflash old_config cfg This example shows how to delete a directory switch delete my_dir This is a directory Do you want to continue y n y y filesystem Optional Name of the file system Valid val...

Page 53: ... e d b a ck c i s c o c o m 1 29 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands delete Related Commands Command Description dir Displays the contents of a directory save Saves the configuration session to a file ...

Page 54: ...lists the size of the file in bytes the last modified time of the file and the filename of the file This command then displays the usage statistics for the file system Use the pwd command to verify the current working directory Use the cd command to change the current working directory Examples This example shows how to display the contents of the root directory in bootflash switch dir bootflash T...

Page 55: ...Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands dir Related Commands Command Description cd Changes the current working directory delete Deletes a file or directory pwd Displays the name of the current working directory rmdir Deletes a directory ...

Page 56: ...tion or prompts while the script is running Examples This example shows how to display a blank line at the command prompt switch echo This example shows how to display a line of text at the command prompt switch echo Script run at TIMESTAMP Related Commands text Optional Text string to display The text string is alphanumeric case sensitive can contain spaces and has a maximum length of 200 charact...

Page 57: ...ration mode you are in Use this command when you are done configuring the system and you want to return to EXEC mode to perform verification steps Examples In the following example the end command is used to exit from interface configuration mode and return to EXEC mode A show command is used to verify the configuration switch configure terminal switch config interface ethernet 1 1 switch config i...

Page 58: ...igure the inactive session timeout for the console port switch configure terminal switch config line console switch config console exec timeout 30 This example shows how to revert to the default inactive session timeout for the console port switch configure terminal switch config line console switch config console no exec timeout This example shows how to configure the inactive session timeout for...

Page 59: ...5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands exec timeout Related Commands Command Description line console Enters the console terminal configuration mode line vty Enters the virtual terminal configuration mode show running config Displays the running configuration ...

Page 60: ...eywords Command Default None Command Modes EXEC mode Command History Examples In the following example the exit global command is used to move from configuration mode to EXEC mode and the exit EXEC command is used to log off exit the active session switch config exit switch exit Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description end Ends your configur...

Page 61: ...onfiguration mode to return to EXEC mode Use the exit command in interface VLAN or zone configuration mode to return to configuration mode At the highest level EXEC mode the exit command will exit the EXEC mode and disconnect from the switch see the description of the exit EXEC command for details Examples The following example shows how to exit from the interface configuration mode and to return ...

Page 62: ...S_PKG license to the license manager software use the no form of the command feature fcoe no feature fcoe Syntax Description This command has no arguments or keywords Command Default FCoE is disabled Command Modes Configuration mode Command History Usage Guidelines You must save the configuration and then reboot the switch to enable or disable the FCoE feature Examples This example shows how to en...

Page 63: ...interface vlan no feature interface vlan Syntax Description This command has no arguments or keywords Command Default VLAN interfaces are disabled Command Modes Configuration mode Command History Usage Guidelines You must use the feature interface vlan or the svi enable command before you can create VLAN interfaces Examples This example shows how to enable the interface VLAN feature on the switch ...

Page 64: ...s command has no arguments or keywords Command Default LACP is disabled Command Modes Configuration mode Command History Usage Guidelines You must remove all the LACP configuration parameters from all EtherChannels on the switch before you can disable LACP Even after you enable LACP globally you do not have to run LACP on all EtherChannels on the switch You enable LACP on each channel mode using t...

Page 65: ...until you enable the private VLAN feature You cannot disable the private VLANs if there are operational ports on the switch that are in private VLAN mode Note A PVLAN isolated port on a Cisco Nexus 5000 Series switch running the current release of Cisco NX OS does not support IEEE 802 1q encapsulation and cannot be used as a trunk port Examples This example shows how to enable private VLAN functio...

Page 66: ...as no arguments or keywords Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines You must use the feature tacacs command before you configure TACACS Note When you disable TACACS the Cisco NX OS software removes the TACACS configuration Examples This example shows how to enable TACACS switch config feature tacacs This example shows how to disable TACACS switch ...

Page 67: ...ation of the cables and detect when a unidirectional link exists use the feature udld command To disable UDLD on the switch use the no form of this command feature udld no feature udld Syntax Description This command has no arguments or keywords Command Default UDLD is disabled Command Modes Configuration mode Command History Usage Guidelines This example shows how to enable UDLD on the switch swi...

Page 68: ...tory Usage Guidelines The find command searches all subdirectories under the current working directory You can use the cd and pwd commands to navigate to the starting directory Examples This example shows how to display filenames beginning with n5000 switch find n5000 Related Commands filename prefix First part or all of a filename The filename prefix is case sensitive Release Modification 4 0 0 N...

Page 69: ...e use the format command format bootflash Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to format the bootflash device switch format bootflash Related Commands bootflash Name of the bootflash file system Release Modification 4 0 0 N1 1a This command was introduced Command Description cd Changes the current working directory dir Disp...

Page 70: ... compressed filename must have the gz extension The Cisco NX OS software uses Lempel Ziv 1977 LZ77 coding for compression Examples This example shows how to uncompress a compressed file switch gunzip run_cnfg cfg gz Related Commands filesystem Optional Name of the file system Valid values are bootflash modflash or volatile server Optional Name of the server Valid values are module 1 sup 1 sup acti...

Page 71: ...laced with a compressed file that has the gz extension added to its filename The Cisco NX OS software uses Lempel Ziv 1977 LZ77 coding for compression Examples This example shows how to compress a file switch gzip run_cnfg cfg Related Commands filesystem Optional Name of the file system Valid values are bootflash modflash or volatile server Optional Name of the server Valid values are module 1 sup...

Page 72: ...on filenames The hostname command performs the same function as the switchname command Examples This example shows how to configure the hostname for a Cisco Nexus 5000 Series switch switch configure terminal switch config hostname Engineering2 Engineering2 config This example shows how to revert to the default hostname Engineering2 configure terminal Engineering2 config no hostname switch config R...

Page 73: ...t image file kickstart url The full address of the kickstart image file The name is case sensitive system Optional Specifies the system image file system url The full address of the system image file The name is case sensitive Table 1 4 URL Prefix Keywords for Local Writable Storage File Systems Keyword Source or Destination bootflash server Source URL for boot flash memory The server argument val...

Page 74: ...tibility between parent switch and the Fabric Extender You can use install all command to downgrade the Cisco NX OS software on the switch To determine if the downgrade software is compatible with the current configuration on the switch use the show incompatibility system command and resolve any configuration incompatibilities Examples This example shows how to install the Cisco NX OS software fro...

Page 75: ... NX OS software from an SCP server switch install all kickstart scp adminuser 10 10 1 1 nx os_kick bin system bootflash scp adminuser 10 10 1 1 nx os_sys bin Related Commands Command Description reload Reloads the device with new Cisco NX OS software show incompatibility system Displays configuration incompatibilities between Cisco NX OS system software images show version Displays information abo...

Page 76: ... is installed with that name Otherwise the filename in the source URL is used This command also verifies the license file before installing it Examples This example shows how to install a file named license file that resides in the bootflash directory switch install license bootflash license file Related Commands filesystem Optional Name of the file system Valid values are bootflash or volatile se...

Page 77: ...ole line only from a console port session Examples This example shows how to enter console port configuration mode switch configure terminal switch config line console switch config console Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description databits Configures the number of data bits in a character for a port exec timeout Configures the inactive termi...

Page 78: ...rds Command Default None Command Modes Interface configuration mode Command History Examples This example shows how to enter console port configuration mode switch configure terminal switch config line vty switch config line Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description exec timeout Configures the inactive terminal timeout for a port session limi...

Page 79: ...ine configuration Command History Usage Guidelines You can configure the console port only from a session on the console port Examples This example shows how to enable a modem connection on the console port switch configure terminal switch config line console switch config console modem in This example shows how to disable a modem connection on the console port switch configure terminal switch con...

Page 80: ... the console port only from a session on the console port The default initialization string ATE0Q1 D2 C1S0 1 015 is defined as follows AT Attention E0 required No echo Q1 Result code on D2 Normal data terminal ready DTR option C1 Enable tracking the state of the data carrier S0 1 Pick up after one ring 015 required Carriage return in octal Use the modem set string command to configure the user inp...

Page 81: ...terminal switch config line console switch config console modem init string user input This example shows how to remove the initialization string to the modem connected to the console port switch configure terminal switch config line console switch config console no modem init string Related Commands Command Description line console Enters console port configuration mode modem set string Configure...

Page 82: ...xample shows how to configure the user input initialization string for the modem connected to the console port switch configure terminal switch config line console switch config console modem init string user input ATE0Q1 D2 C1S0 3 015 This example shows how to revert to the default user input initialization string for the modem connected to the console port switch configure terminal switch config...

Page 83: ...ample shows how to move a file to another directory switch move file1 my_files file2 This example shows how to move a file to another file system switch move file1 volatile This example shows how to move a file to another supervisor module switch move file1 bootflash sup 1 file1 bak filesystem Optional Name of the file system Valid values are bootflash debug modflash or volatile server Optional Na...

Page 84: ...ies Command Reference OL 16599 01 Chapter 1 Basic System Commands move Related Commands Command Description cd Changes the current working directory copy Makes a copy of a file delete Deletes a file or directory dir Displays the directory contents pwd Displays the name of the current working directory ...

Page 85: ...istory Usage Guidelines You can configure the console port only from a session on the console port Examples This example shows how to configure the parity for the console port switch configure terminal switch config line console switch config console parity even This example shows how to revert to the default parity for the console port switch configure terminal switch config line console switch c...

Page 86: ...ensitive count Optional Specifies the number of transmissions to send number Number of pings The range is from 1 to 655350 The default is 5 unlimited Allows an unlimited number of pings df bit Optional Enables the do not fragment bit in the IPv4 header The default is disabled interval seconds Optional Specifies the interval in seconds between transmissions The range is from 0 to 60 The default is ...

Page 87: ...3 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands ping Related Commands Command Description ping6 Determines connectivity to another device using IPv6 addressing traceroute Displays the routes that packets take when traveling to an IP address ...

Page 88: ... hostname is case sensitive count Optional Specifies the number of transmissions to send number Number of pings The range is from 1 to 655350 The default is 5 unlimited Allows an unlimited number of pings interface intf id Optional Specifies the interface to send the IPv6 packet The valid interface types are Ethernet loopback EtherChannel and VLAN interval seconds Optional Specifies the interval i...

Page 89: ... Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands ping6 Related Commands Command Description ping Determines connectivity to another device using IPv4 addressing traceroute6 Displays the routes that packets take when traveling to an IPv6 address ...

Page 90: ...nfiguration on the device Examples This example shows how to reload the Cisco Nexus 5000 Series switch switch copy running config startup config switch reload This command will reboot the system y n n y This example shows how to reload a Fabric Extender switch reload fex 101 WARNING This command will reboot FEX 101 Do you want to continue y n n y Related Commands all Reboot the entire Cisco Nexus ...

Page 91: ...XEC mode Command History Examples This example shows how to remove a directory switch rmdir my_files Related Commands filesystem Optional Name of the file system Valid values are bootflash modflash or volatile server Optional Name of the server Valid values are module 1 sup 1 sup active or sup local The double slash is required directory Name of a directory to delete The directory name is case sen...

Page 92: ...he Cisco Nexus 5000 Series switch using the copy command Examples This example shows how to run a command script file switch run script script file Related Commands filesystem Optional Name of a file system The name is case sensitive module Optional Identifier for a supervisor module Valid values are sup active sup local sup remote or sup standby The identifiers are case sensitive directory Option...

Page 93: ...ation mode Command History Examples This example shows how to save a configuration session to a file in bootflash switch configure session MySession switch config s save bootflash sessions MySession Related Commands location Location of the file The location can be in bootflash or volatile The file name can be any alphanumeric string up to 63 characters Release Modification 4 0 1a N1 1 This comman...

Page 94: ...play information about the active user sessions Examples This example shows how to send a message to all active user sessions on the switch switch send The system will reload in 15 minutes The system will reload in 15 minutes This example shows how to send a message to a specific user session switch send session pts 0 You must log off the switch Related Commands session line Optional Specifies a u...

Page 95: ...mmand Modes EXEC mode Command History Usage Guidelines The setup script uses the factory default values not the values that you have configured You can exit the dialog at any point by pressing Ctrl C Examples This example shows how to enter the basic device setup script switch setup Related Commands ficon Optional Runs the basic ficon setup command facility Release Modification 4 0 0 N1 1a This co...

Page 96: ...al line configuration Command History Examples This example shows how to configure the maximum number of concurrent virtual terminal sessions switch configure terminal switch config line vty switch config line session limit 48 This example shows how to revert to the default maximum number of concurrent virtual terminal sessions switch configure terminal switch config line vty switch config line no...

Page 97: ...MOTD banner use the show banner motd command show banner motd Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the MOTD banner switch show banner motd Unauthorized access is prohibited Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description b...

Page 98: ...Command Default Displays all configured boot variables Command Modes EXEC mode Command History Examples This example shows how to display all configured boot variables switch show boot This example shows how to display the list of boot variable names switch show boot variables Related Commands variables Optional Displays a list of boot variables Release Modification 4 0 0 N1 1a This command was in...

Page 99: ...nd Default Displays all configured command alias variables Command Modes EXEC mode Command History Examples This example shows how to display all configured command aliases switch show cli alias This example shows how to display a specific command alias switch show cli alias name ethint Related Commands name alias name Optional Specifies the name of a command alias The alias name is not case sensi...

Page 100: ...istory Examples This example shows how to display all of the command history switch show cli history This example shows how to display the last 10 lines of the command history switch show cli history 10 This example shows how to display unformatted command history switch show cli history unformatted Related Commands lines Optional Displays the last number of lines from the end of the command histo...

Page 101: ...uration of the CLI variables use the show cli variables command show cli variables Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the CLI variables switch show cli variables Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description cli var na...

Page 102: ...mode Command History Examples This example shows how to display the current clock setting switch show clock This example shows how to display the current clock setting and the summer time daylight saving time configuration switch show clock detail Related Commands detail Optional Displays the summer time daylight saving time offset configuration Release Modification 4 0 0 N1 1a This command was in...

Page 103: ...ight To display the Cisco NX OS software copyright information use the show copyright command show copyright Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the Cisco NX OS copyright information switch show copyright Release Modification 4 0 0 N1 1a This command was introduced ...

Page 104: ...gfile command show debug logfile filename Syntax Description Command Default None Command Modes EXEC mode Command History Usage Guidelines The log files are located in the log file system Examples This example shows how to display the contents of a debug log file switch show debug logfile dmesg Related Commands filename Name of the debug log file Release Modification 4 0 0 N1 1a This command was i...

Page 105: ...on Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information about the hardware environment switch show environment This example shows how to display information about the power environment switch show environment power fan Optional Displays information about the fan environment power Optional Displays information about the power capacity a...

Page 106: ...f a file switch show file ent mod lic If the file that you want to display is a directory the command will return an error message switch show file bootflash routing sw bin showfile bootflash routing sw Is a directory Related Commands filesystem Optional Name of the file system Valid values are bootflash modflash or volatile server Optional Name of the server Valid values are module 1 sup 1 sup ac...

Page 107: ...ware internal command show hardware internal Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information about the physical device hardware switch show hardware internal Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show inventory ...

Page 108: ... command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines The show switchname command also displays the switch hostname Examples This example shows how to display the hostname for the switch switch show hostname Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description hostname Configures the hostname...

Page 109: ...d slashes Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the configuration incompatibilities switch show incompatibility system bootflash sup local old_image bin Related Commands filesystem Name of the file system Valid values are bootflash or volatile server Name of the server Valid values are module 1 sup 1 sup active or sup local The doub...

Page 110: ...f installing new images switch show install all impact This example shows how to display the status of the software installation process switch show install all status Related Commands failure reason Displays the software installation failure reason impact Displays the impact of installing the images referred to in the boot variables kickstart Optional Displays the impact of installing the kicksta...

Page 111: ...mmand History Examples This example shows how to display the switch hardware inventory information switch show inventory This example shows how to display the hardware inventory information for an attached Fabric Extender switch show inventory fex 101 Related Commands fex chassis_ID Optional Specifies the Fabric Extender chassis ID Chassis ID is 100 to 199 Release Modification 4 0 0 N1 1a This com...

Page 112: ...nse installed on the switch switch show license file fc5020 lic This example shows how to display a list of license files installed on a device switch show license brief This example shows how to display all licenses installed on a device switch show license Related Commands brief Optional Displays a list of license files installed on a device file filename Optional Displays information for a spec...

Page 113: ...as no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines The serial number is the entire string that appears after the colon as shown in the example Examples This example shows how to display the host ID required to request node locked licenses switch show license host id License hostid VDH FLC12300568 Related Commands Release Modification 4 0 0 N1 ...

Page 114: ...ATURES_PKG Yes In use Never Table 1 6 describes the columns used in the show license usage command output PACKAGE Optional Displays a list of licensed features in use for the specified license package Release Modification 4 0 0 N1 1a This command was introduced Table 1 6 show license usage Columns Column Description Feature Name of the license package Ins License installation status No indicates t...

Page 115: ... not installed If the license is installed the field displays Never to indicate that the license has no time limit or displays the date of expiry for the license Comments Additional information Grace with a time period remaining in days D and hours H indicates that the grace license is in use and license missing indicates that an error has occurred Table 1 6 show license usage Columns continued Co...

Page 116: ... the terminal port configuration Command Modes EXEC mode Command History Examples This example shows how to display information about the terminal port configuration information switch show line This example shows how to display only the information about the console port configuration switch show line console Related Commands console Optional Displays only information about the console port confi...

Page 117: ...This example shows how to display information about an attached Fabric Extender switch show module fex 101 This example shows how to display information about all attached Fabric Extender units switch show module fex all Related Commands module number Optional Number of the module The valid range is from 1 to 3 fex Optional Displays information about the attached Fabric Extender units chassis_ID O...

Page 118: ...Command Modes EXEC mode Command History Examples This example shows how to display the process information for a device switch show processes Related Commands vdc vdc number Optional Displays process information for a specific virtual device context VDC There is only one VDC on a Cisco Nexus 5000 Series switch Release Modification 4 0 0 N1 1a This command was introduced Command Description show pr...

Page 119: ... has no arguments or keywords Command Default Displays information for all processes in the local device Command Modes EXEC mode Command History Examples This example shows how to display the CPU utilization information for the processes switch show processes cpu Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show processes Displays the process in...

Page 120: ...g This example shows how to display detailed information from the process log switch show processes log details This example shows how to display detailed information from the process log for a specific process switch show processes log pid 3632 Related Commands details Optional Displays detailed information from the process log pid process id Optional Displays detailed information from the proces...

Page 121: ...This example shows how to display information about memory allocation for processes switch show processes memory This example shows how to display information about shared memory allocation for processes switch show processes memory shared Related Commands shared Optional Displays the shared memory allocation detail Optional Displays the shared memory in bytes instead of the default kilobytes Rele...

Page 122: ...to display the changes that you have made to the running configuration switch show running config This example shows how to display the entire running configuration including the default values switch show running config all Related Commands all Optional Displays all the default and configured information Release Modification 4 0 0 N1 1a This command was introduced Command Description copy running...

Page 123: ...ples This example shows how to display the difference between the running configuration and the startup configuration switch show running config diff Release Modification 4 0 0 N1 1a This command was introduced Table 1 7 show running config diff Notations Notation Description line1 line2 line1 line2 Indicates ranges of lines where differences occur The range of lines indicated with asterisks is fo...

Page 124: ...1 Basic System Commands show running config diff Related Commands Command Description copy running config startup config Copies the running configuration to the startup configuration show running config Displays the differences between the running configuration and the startup configuration show startup config Displays the startup configuration ...

Page 125: ...PROM information for all components on the physical device switch show sprom all This example shows how to display SPROM information for the backplane switch show sprom backplane This example shows how to display SPROM information for an attached Fabric Extender switch show sprom fex 101 all Displays the SPROM contents for all components on the physical device backplane Displays the SPROM contents...

Page 126: ...c o m 1 102 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands show sprom Related Commands Command Description show hardware internal Displays information about the physical hardware show inventory Displays hardware inventory information ...

Page 127: ...arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the startup configuration switch show startup config Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description copy running config startup config Copies the running configuration to the startup configuration show running config Displa...

Page 128: ... This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines The show hostname command also displays the switch hostname Examples This example shows how to display the hostname for the switch switch show switchname Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description hostname Configures the hos...

Page 129: ...m cores Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines Use the system cores command to configure the system core filename Examples This example shows how to display destination information for the system core files switch show system cores Related Commands Release Modification 4 0 0 N1 1a This command was i...

Page 130: ...tion This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the reset reason history for the switch switch show system reset reason This example shows how to display the reset reason history for an attached Fabric Extender switch show system reset reason fex 101 fex chassis_ID Optional Specifies the Fabric E...

Page 131: ...display the amount of time since the last system restart use the show system uptime command show system uptime Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the amount of time since the last system restart switch show system uptime Release Modification 4 0 0 N1 1a This command was...

Page 132: ... example shows how to redirect the technical support information to a file switch show tech support bootflash TechSupport txt This example shows how to display the brief technical support information for the switch switch show tech support brief This example shows how to display the technical support information for a specific feature switch show tech support aaa This example shows how to display ...

Page 133: ...rds Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information about the terminal configuration for a session switch show terminal Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description terminal length Configures the terminal display length for the session terminal session timeout Configures the ter...

Page 134: ... example shows how to display the version information for the kickstart and system image running on the device switch show version This example shows how to display the version information for an image file switch show version image bootflash old_image This example shows how to display the version information for an attached Fabric Extender switch show version fex 101 fex chassis_ID Optional Speci...

Page 135: ...conds Syntax Description Command Default None Command Modes EXEC mode Command History Usage Guidelines You can use this command in command scripts to delay the execution of the script Examples This example shows how to cause the CLI to pause for 5 seconds before displaying the prompt switch sleep 5 Related Commands seconds Number of seconds The range is from 0 to 2147483647 Release Modification 4 ...

Page 136: ... You can configure the console port only from a session on the console port Examples This example shows how to configure the speed for the console port switch configure terminal switch config line console switch config console speed 57600 This example shows how to revert to the default speed for the console port switch configure terminal switch config line console switch config console no speed 57...

Page 137: ...igure the console port only from a session on the console port Examples This example shows how to configure the number of stop bits for the console port switch configure terminal switch config line console switch config console stopbits 2 This example shows how to revert to the default number of stop bits for the console port switch configure terminal switch config line console switch config conso...

Page 138: ...e configuration mode Command History Examples This example shows how to configure a core file switch configure terminal switch config system cores tftp serverA 69 core_file This example shows how to disable system core logging switch configure terminal switch config no system cores Related Commands tftp Specifies a TFTP server tftp_URL The URL for the destination file system and file Use the follo...

Page 139: ...system startup config unlock process id Syntax Description Command Default None Command Modes EXEC mode Command History Usage Guidelines Use the show system internal sysmgr startup config locks command to display the locks on the startup configuration file Examples This example shows how to unlock the startup configuration file switch system startup config unlock 10 process id Identifier of the pr...

Page 140: ...ration filenames The switchname command performs the same function as the hostname command Examples This example shows how to configure the hostname for a Cisco Nexus 5000 Series switch switch configure terminal switch config switchname Engineering2 Engineering2 config This example shows how to revert to the default hostname Engineering2 configure terminal Engineering2 config no switchname switch ...

Page 141: ...e switch tail bootflash startup cfg This example shows how to display the last 20 lines of a file switch tail bootflash startup cfg 20 Related Commands filesystem Optional Name of the file system Valid values are bootflash modflash or volatile server Optional Name of the server Valid values are module 1 sup 1 sup active or sup local The double slash is required directory Optional Name of a directo...

Page 142: ...24 lines Command Modes EXEC mode Command History Usage Guidelines The session pauses after displaying the number of lines set in the terminal length Press the space bar to display another screen of lines or press the Enter key to display another line To return to the command prompt press Ctrl C The terminal length setting applies only to the current session Examples This example shows how to set t...

Page 143: ... disabled 0 minutes Command Modes EXEC mode Command History Usage Guidelines The terminal session inactivity timeout setting applies only to the current session Examples This example shows how to set the terminal inactivity timeout for the session to 10 minutes switch terminal session timeout 10 This example shows how to revert to the default terminal inactivity timeout for the session switch term...

Page 144: ...inal type is set during negotiation with the client software Otherwise vt100 is the default Command Modes EXEC mode Command History Usage Guidelines The terminal type setting applies only to the current session Examples This example shows how to set the terminal type switch terminal type xterm This example shows how to revert to the default terminal type switch terminal no type Related Commands ty...

Page 145: ...ult For a virtual terminal the width is set during negotiation with the client software Otherwise 80 columns is the default Command Modes EXEC mode Command History Usage Guidelines The terminal width setting applies only to the current session Examples This example shows how to set the number of columns to display on the terminal switch terminal width 70 This example shows how to revert to the def...

Page 146: ...a network device switch traceroute 172 28 255 18 vrf management Related Commands dest addr IP address of the destination device The format is A B C D hostname Name of the destination device The name is case sensitive vrf vrf name default management Optional Specifies the virtual routing and forwarding VRF to use The name is case sensitive source src addr Optional Specifies a source IP address The ...

Page 147: ...a device switch traceroute6 2001 0DB8 200C 417A vrf management Related Commands dest addr IPv6 address of the destination device The format is A B C D hostname Name of the destination device The name is case sensitive vrf vrf name default management Optional Specifies the virtual routing and forwarding VRF to use The name is case sensitive source src addr Optional Specifies a source IPv6 address T...

Page 148: ...slashes Command Default None Command Modes EXEC mode Command History Examples This example shows how to update a license switch update license bootflash fm lic fm update lic Related Commands filesystem Optional Name of the file system Valid values are bootflash or volatile server Optional Name of the server Valid values are module 1 sup 1 sup active or sup local The double slash is required direct...

Page 149: ... in the persistent memory when information is corrupted or otherwise unusable Erasing the startup configuration returns the switch to its initial state Examples This example shows how to erase the startup configuration switch write erase This example shows how to erase the debug configuration in the persistent memory switch write erase debug Related Commands boot Optional Erases only the boot conf...

Page 150: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 1 126 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 1 Basic System Commands write erase ...

Page 151: ... s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 2 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 2 Ethernet Commands This chapter describes the Cisco NX OS Ethernet commands available on Cisco Nexus 5000 Series switches ...

Page 152: ...nherit the default bandwidth of the main interface regardless of the configured bandwidth If a bandwidth is not configured on a subinterface and you use the bandwidth inherit command all subinterfaces will inherit the current bandwidth of the main interface If you configure a new bandwidth on the main interface all subinterfaces will use this new value If you do not configure a bandwidth on the su...

Page 153: ... o c f e e d b a ck c i s c o c o m 2 3 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands bandwidth interface Related Commands Command Description show interface Displays the interface configuration information ...

Page 154: ...dp enable This example shows how to configure the MAC address as the CDP device ID switch configure terminal switch config cdp format device id mac address advertise v1 v2 Configures the version to use to send CDP advertisements Version 2 is the default state enable Enables CDP for all Ethernet interfaces format device id Configures the format of the CDP device ID mac address Use the MAC address a...

Page 155: ...us 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands cdp This example shows how to disable CDP on all Ethernet interfaces switch configure terminal switch config no cdp enable Related Commands Command Description show cdp Displays Cisco Discovery Protocol CDP information ...

Page 156: ...the no form of this command cdp enable no cdp enable Syntax Description This command has no arguments or keywords Command Default None Command Modes Interface configuration mode Command History Examples This example shows how to enable CDP on an Ethernet interface switch configure terminal switch config interface ethernet 1 1 switch config if cdp enable Related Commands Release Modification 4 0 0 ...

Page 157: ... specified interface Interface is in active negotiating state in which the port initiates negotiations with other ports by sending LACP packets on This is the default channel mode All EtherChannels that are not running LACP remain in this mode If you attempt to change the channel mode to active or passive before enabling LACP the switch returns an error message After you enable LACP globally by us...

Page 158: ... from the EtherChannel When you delete the last physical interface from a EtherChannel the EtherChannel remains To delete the EtherChannel completely use the no form of the interface port channel command The compatibility check includes the following operational attributes Port mode Access VLAN Trunk native VLAN Tagged or untagged Allowed VLAN list SPAN cannot be SPAN source or destination port St...

Page 159: ...rs to the EtherChannel interface are propagated to all interfaces within the same channel group as the EtherChannel for example configuration changes are also propagated to the physical interfaces that are not part of the EtherChannel but are part of the channel group Examples This example shows how to add an interface to LACP channel group 5 in active mode switch config interface ethernet 1 1 swi...

Page 160: ... mac access list counters command clear mac access list counters name Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to clear statistical information from the access list switch clear mac access list counters Related Commands name Optional Name a specific counter to clear Release Modification 4 0 0 N1 1a This command was introduced C...

Page 161: ...n 2 This example shows how to clear all dynamic entries for VLAN 2 from the MAC address table switch clear mac dynamic vlan 2 Related Commands address mac addr Optional Specifies the MAC address to remove from the table Use the format EEEE EEEE EEEE interface type slot port Optional Specifies the interface for which MAC addresses should be removed from the table The type can be either ethernet Spe...

Page 162: ...the address is deleted from all interfaces If you specify an interface but do not specify an address the switch removes all addresses on the specified interfaces Examples This example shows how to clear all the dynamic entries from the MAC address table switch clear mac address table dynamic This example shows how to clear all the dynamic entries from the MAC address table for VLAN 2 switch clear ...

Page 163: ...b a ck c i s c o c o m 2 13 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands clear mac address table dynamic Related Commands Command Description show mac address table Displays the information about the MAC address table ...

Page 164: ...ommand Default None Command Modes EXEC mode Command History Usage Guidelines You can clear all the STP counters on the entire switch per VLAN or per interface Examples This example shows how to clear the STP counters for VLAN 5 switch clear spanning tree counters vlan 5 Related Commands interface Optional Specifies the interface type ethernet interface Slot and port number port channel channel Eth...

Page 165: ... is connected to a legacy device An MST switch can detect that a port is at the boundary of a region when it receives a legacy BPDU or an MST BPDU that is associated with a different region These mechanisms are not always able to revert to the most efficient mode For example a Rapid PVST switch that is designated for a legacy 802 1D bridge stays in 802 1D mode even after the legacy bridge has been...

Page 166: ...tens of microseconds no delay Syntax Description Command Default 10 μsec Command Modes Interface configuration mode Command History Examples The following example shows how to set a delay of 30 000 microseconds on an interface switch config interface ethernet 1 1 switch config if delay 3000 Related Commands tens of microseconds Specifies the throughput delay in tens of microseconds Release Modific...

Page 167: ...on command is meant to provide a reminder in the configuration to describe what certain interfaces are used for The description appears in the output of the following commands such as show interface and show running config Examples The following example shows how to add a description for an interface switch config interface ethernet 1 1 switch config if description 10G Server Link Related Commands...

Page 168: ...ommand Modes MST configuration mode Command History Usage Guidelines The VLAN identifier is entered as a single value or a range The mapping is incremental not absolute When you enter a range of VLANs this range is added to or removed from the existing instances Any unmapped VLAN is mapped to the CIST instance Caution When you change the VLAN to MSTI mapping the system restarts MST Examples This e...

Page 169: ... 19 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands instance vlan Related Commands Command Description show spanning tree mst configuration Displays information about the MST protocol spanning tree mst configuration Enters MST configuration mode ...

Page 170: ...1 1 1 switch config if Related Commands chassis_ID Optional Specifies the Fabric Extender chassis ID Chassis ID is 100 to 199 Note This argument is not optional when addressing the host interfaces of a Cisco Nexus 2000 Series Fabric Extender slot Specifies a slot from 1 to 3 The following list defines the slots available Slot 1 includes all the fixed ports A Fabric Extender only has a Slot 1 Slot ...

Page 171: ...not on the EtherChannel interface If you do not assign a static MAC address on the EtherChannel interface a MAC address is automatically assigned If you assign a static MAC address and then later remove it the MAC address is automatically assigned The MAC address of the EtherChannel is the address of the first operational port added to the channel group If this first added port is removed from the...

Page 172: ... a ck c i s c o c o m 2 22 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands interface port channel show lacp Displays LACP information show port channel summary Displays information on the EtherChannels Command Description ...

Page 173: ... ip igmp snooping no ip igmp snooping Syntax Description This command has no other arguments or keywords Command Default IGMP snooping is enabled Note If the global setting is disabled then all VLANs are treated as disabled whether they are enabled or not Command Modes EXEC mode Command History Examples This example shows how to enable IGMP snooping switch ip igmp snooping Related Commands Release...

Page 174: ...de Command History Usage Guidelines The valid values for parameter are as follows parameter Parameter to configure See the Usage Guidelines section for additional information Release Modification 4 0 0 N1 1a This command was introduced Keyword and Argument Description explicit tracking Enables tracking IGMPv3 membership reports for each port on a per VLAN basis The default is enabled on all VLANs ...

Page 175: ...fig vlan ip igmp snooping report suppression switch config vlan ip igmp snooping mrouter interface ethernet 1 10 switch config vlan ip igmp snooping static group 230 0 0 1 interface ethernet 1 10 Related Commands report suppression Limits the membership report traffic sent to multicast capable routers When you disable report suppression all IGMP reports are sent as is to multicast capable routers ...

Page 176: ...as an LACP port priority You can configure a value between 1 and 65535 LACP uses the port priority in combination with the port number to form the port identifier The port priority is used with the port number to form the port identifier The port priority is used to decide which ports should be put into standby mode when there is a hardware limitation that prevents all compatible ports from aggreg...

Page 177: ... 32768 Command Modes Configuration mode Command History Usage Guidelines Each device that runs LACP has an LACP system priority value You can configure a value between 1 and 65535 LACP uses the system priority with the MAC address to form the system ID and also during negotiation with other systems When setting the priority note that a higher number means a lower priority Examples This example sho...

Page 178: ...s stopped Caution When you enable the debounce timer link up and link down detections are delayed resulting in a loss of traffic during the debounce period This situation might affect the convergence of some protocols Examples The following example shows how to enable the debounce timer and set the debounce time to 1000 milliseconds for an Ethernet interface switch configure terminal switch config...

Page 179: ...ation has not been specified are modified and those VLANs with specifically modified aging times are not modified When you use the no form of this command without the VLAN parameter only those VLANs that have not been specifically configured for the aging time reset to the default value Those VLANs with specifically modified aging times are not modified When you use this command and specify a VLAN...

Page 180: ...time Examples This example shows how to change the length of time an entry remains in the MAC address table to 500 seconds for the entire switch switch config mac address table aging time 500 Related Commands Command Description show mac address table Displays information about the MAC address table show mac address table aging time Displays information about the MAC address aging time ...

Page 181: ...ration mode Command History Examples This example shows how to configure log message notification when the threshold exceeds 45 percent restricting the update interval to once every 1024 seconds switch config mac address table notification threshold limit 45 interval 1024 Related Commands mac move Sends a notification message if the MAC address is moved threshold Sends a notification message if th...

Page 182: ...n you install a static MAC address it is associated with a port If the same MAC address is seen on a different port the entry is updated with the new port if you enter the auto learn keyword Examples This example shows how to add a static entry to the MAC address table switch config mac address table static 0050 3e8d 6400 vlan 3 interface ethernet 1 4 mac address Specifies the MAC address to add t...

Page 183: ...f e e d b a ck c i s c o c o m 2 33 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands mac address table static Related Commands Command Description show mac address table Displays information about MAC address table ...

Page 184: ...mmand Modes Configuration mode Command History Usage Guidelines To ensure that you are working with a completely new session you can clear the desired session number or all SPAN sessions Examples This example shows how to create a SPAN session switch configure terminal switch config monitor session 2 Related Commands number Specifies the SPAN session to create or configure Select session 1 to 18 a...

Page 185: ...LAN configuration mode Command History Usage Guidelines You cannot change the name for the default VLAN VLAN 1 or for the internally allocated VLANs Examples This example shows how to name VLAN 2 switch config vlan 2 switch config vlan name accounting Related Commands vlan name Name of the VLAN you can use up to 32 alphanumeric case sensitive characters The default name is VLANxxxx where xxxx repr...

Page 186: ... are considered to be in different MST regions if the region names are different Caution Be careful when using the name command to set the name of an MST region If you make a mistake you can put the switch in a different region The configuration name is a case sensitive parameter Examples This example shows how to name a region switch config spanning tree mst configuration switch config mst name a...

Page 187: ... destination port source destination ip Loads distribution on the source and destination IP address source destination mac Loads distribution on the source and destination MAC address source destination port Loads distribution on the source and destination port source ip Loads distribution on the source IP address source mac Loads distribution on the source MAC address source port Loads distributi...

Page 188: ...k c i s c o c o m 2 38 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands port channel load balance ethernet Related Commands Command Description show port channel load balance Displays information on EtherChannel load balancing ...

Page 189: ...iations are reinstated If you enter the no vlan command for the primary VLAN all private VLAN associations with that VLAN are lost If you enter the no vlan command for a secondary VLAN the private VLAN associations with that VLAN are suspended and are reenabled when you recreate the specified VLAN and configure it as the previous secondary VLAN You cannot configure VLAN1 or the internally allocate...

Page 190: ...rt on a Cisco Nexus 5000 Series switch running the current release of Cisco NX OS does not support IEEE 802 1q encapsulation and cannot be used as a trunk port Examples This example shows how to assign VLAN 5 to a private VLAN as the primary VLAN switch configure terminal switch config vlan 5 switch config vlan private vlan primary This example shows how to assign VLAN 100 to a private VLAN as a c...

Page 191: ...you reconvert the specified VLAN to private VLAN mode the original associations are reinstated If you enter the no vlan command for the primary VLAN all private VLAN associations with that VLAN are lost However if you enter the no vlan command for a secondary VLAN the private VLAN associations with that VLAN are suspended and return when you recreate the specified VLAN and configure it as the prev...

Page 192: ...private VLAN relationship between the primary VLAN 14 the isolated VLAN 19 and the community VLANs 20 and 21 switch config vlan 19 switch config vlan private vlan isolated switch config vlan 20 switch config vlan private vlan community switch config vlan 21 switch config vlan private vlan community switch config vlan 14 switch config vlan private vlan primary switch config vlan private vlan associ...

Page 193: ...me MST instance as the associated primary VLAN when you exit the MST configuration mode the device displays a warning message that lists the secondary VLANs that are not mapped to the same instance as the associated VLAN The private vlan synchronize command automatically maps all secondary VLANs to the same instance as the associated primary VLANs Examples This example shows how to initialize PVLA...

Page 194: ...th the same VLAN mapping and name are considered to be in different MST regions if the configuration revision numbers are different Caution Be careful when using the revision command to set the revision number of the MST region configuration because a mistake can put the switch in a different region Examples This example shows how to set the revision number of the MST region configuration switch c...

Page 195: ...ports continue to carry traffic for the other VLANs allowed on that port However the interface associations for the specified VLAN remain and when you reenable or recreate that specified VLAN the switch automatically reinstates all the original ports to that VLAN To find out if a VLAN has been shut down internally check the Status field in the show vlan command output If a VLAN is shut down intern...

Page 196: ...5 0 0 0 d o c f e e d b a ck c i s c o c o m 2 46 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands shutdown VLAN configuration Related Commands Command Description show vlan Displays VLAN information ...

Page 197: ...eturns to the normal spanning tree port type and moves through the normal spanning tree transitions Caution Be careful when you enter the spanning tree bpdufilter enable command on specified interfaces Explicitly configuring BPDU Filtering on a port this is not connected to a host can cause a bridging loop because the port will ignore any BPDU that it receives and the port moves to the STP forward...

Page 198: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 2 48 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands spanning tree bpdufilter ...

Page 199: ... topology loop could cause a data packet loop and disrupt the switch and network operation When you enable this BPDU Guard command globally the command applies only to spanning tree edge ports See spanning tree port type edge bpduguard default for more information on the global command for BPDU Guard However when you enable this feature on an interface it applies to that interface regardless of th...

Page 200: ...and Reference OL 16599 01 Chapter 2 Ethernet Commands spanning tree bpduguard Examples This example shows how to enable BPDU Guard on this interface switch config if spanning tree bpduguard enable Related Commands Command Description show spanning tree summary Displays information about the spanning tree state ...

Page 201: ...n on setting the path cost calculation method for Rapid PVST When you configure the value higher values will indicate higher costs On access ports assign the port cost by port On trunk ports assign the port cost by VLAN you can configure all the VLANs on a trunk port as the same port cost vlan vlan id Optional Lists the VLANs on this trunk interface for which you want to assign the path cost You d...

Page 202: ...ts assigned to that channel Note Use this command to set the port cost for Rapid PVST Use the spanning tree mst cost command to set the port cost for MST Examples This example shows how to access an interface and set a path cost value of 250 for the spanning tree VLAN that is associated with that interface switch config interface ethernet 1 4 switch config if spanning tree cost 250 Related Command...

Page 203: ...Command Default Disabled Command Modes Interface configuration mode Command History Usage Guidelines You cannot enable Loop Guard if Root Guard is enabled although the switch accepts the command to enable Loop Guard on spanning tree edge ports Examples This example shows how to enable Root Guard switch config if spanning tree guard root Related Commands loop Enables Loop Guard on the interface non...

Page 204: ...E 802 1w functions only on point to point links between two bridges By default the switch derives the link type of a port from the duplex mode A full duplex port is considered as a point to point link while a half duplex configuration is assumed to be on a shared link Note On a Cisco Nexus 5000 Series switch port duplex is not configurable Examples This example shows how to configure the port as a...

Page 205: ...guration mode Command History Usage Guidelines Loop Guard provides additional security in the bridge network Loop Guard prevents alternate or root ports from becoming the designated port because of a failure that could lead to a unidirectional link Loop Guard operates only on ports that are considered point to point links by the spanning tree and it does not run on spanning tree edge ports Enterin...

Page 206: ...ation mode Command History Usage Guidelines You cannot simultaneously run MST and Rapid PVST on the switch Caution Be careful when using the spanning tree mode command to switch between Rapid PVST and MST modes When you enter the command all STP instances are stopped for the previous mode and are restarted in the new mode Using this command may cause the user traffic to be disrupted Examples This ...

Page 207: ...nstance vlan command Region name See the name MST configuration command Configuration revision number See the revision command The abort and exit commands allow you to exit MST configuration mode The difference between the two commands depends on whether you want to save your changes or not The exit command commits all the changes before leaving MST configuration mode The abort command leaves MST ...

Page 208: ...cess Examples This example shows how to enter MST configuration mode switch config spanning tree mst configuration switch config mst This example shows how to reset the MST configuration name instance mapping and revision number to the default settings switch config no spanning tree mst configuration Related Commands Command Description instance vlan Maps a VLAN or a set of VLANs to an MST instanc...

Page 209: ...ernet 2 000 Command Modes Interface configuration mode Command History Usage Guidelines The port cost depends on the port speed the faster interface speeds indicate smaller costs MST always uses long path costs Higher cost values indicate higher costs When entering the cost do not include a comma in the entry for example enter 1000 not 1 000 The EtherChannel bundle is considered a single port The ...

Page 210: ... e e d b a ck c i s c o c o m 2 60 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands spanning tree mst cost Related Commands Command Description show spanning tree mst Displays the information about the MST protocol ...

Page 211: ...command spanning tree mst forward time seconds no spanning tree mst forward time Syntax Description Command Default 15 seconds Command Modes Configuration mode Command History Examples This example shows how to set the forward delay timer switch config spanning tree mst forward time 20 Related Commands seconds Number of seconds to set the forward delay timer for all the instances on the switch the...

Page 212: ...g tree mst hello time Syntax Description Command Default 2 seconds Command Modes Configuration mode Command History Usage Guidelines If you do not specify the hello time value the value is calculated from the network diameter Examples This example shows how to set the hello time delay timer switch config spanning tree mst hello time 3 Related Commands seconds Number of seconds to set the hello tim...

Page 213: ...g tree mst max age Syntax Description Command Default 20 seconds Command Modes Configuration mode Command History Usage Guidelines This parameter is used only by Instance 0 or the IST This command does not require a license Examples This example shows how to set the max age timer switch config spanning tree mst max age 40 Related Commands seconds Number of seconds to set the max age timer for all ...

Page 214: ...ngs use the no form of this command spanning tree mst max hops hop count no spanning tree mst max hops Syntax Description Command Default 20 hops Command Modes Configuration mode Command History Examples This example shows how to set the number of possible hops switch config spanning tree mst max hops 25 Related Commands hop count Number of possible hops in the region before a BPDU is discarded th...

Page 215: ...on Command Default Port priority value is 128 Command Modes Interface configuration mode Command History Usage Guidelines Higher port priority priority values indicate smaller priorities The priority values are 0 32 64 96 128 160 192 and 224 All other values are rejected Examples This example shows how to set the interface priority switch config if spanning tree mst 0 port priority 64 Related Comm...

Page 216: ...ty in increments of 4096 only When you set the priority valid values are 0 4096 8192 12288 16384 20480 24576 28672 32768 36864 40960 45056 49152 53248 57344 and 61440 You can set the priority value argument to 0 to make the switch root You can enter the instance id argument as a single instance or a range of instances for example 0 3 5 7 9 Examples This example shows how to set the bridge priority...

Page 217: ... diameter You must first specify the diameter dia keyword and argument before you can specify the hello time hello time keyword and argument Examples This example shows how to designate the primary root switch config spanning tree mst 0 root primary This example shows how to set the priority and timer values for the bridge switch config spanning tree mst 0 root primary diameter 7 hello time 2 inst...

Page 218: ... e e d b a ck c i s c o c o m 2 68 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands spanning tree mst root Related Commands Command Description show spanning tree mst Displays the information about the MST protocol ...

Page 219: ... spanning tree mst simulate pvst global to change this setting globally Command Modes Interface configuration mode Command History Usage Guidelines MST interoperates with Rapid PVST with no need for user configuration The PVST simulation feature enables this seamless interoperability However you may want to control the connection between MST and Rapid PVST to protect against accidentally connectin...

Page 220: ...panning tree mst simulate pvst Examples This example shows how to prevent specified ports from automatically interoperating with a connected device running Rapid PVST switch config if spanning tree mst simulate pvst disable Related Commands Command Description spanning tree mst simulate pvst global Enables global seamless interoperation between MST and Rapid PVST ...

Page 221: ...ation to interoperate with Rapid PVST The PVST simulation feature enables this seamless interoperability However you may want to control the connection between MST and Rapid PVST to protect against accidentally connecting an MST enabled port to a Rapid PVST enabled port When you use the no spanning tree mst simulate pvst global command the switch running in MST mode moves all interfaces that recei...

Page 222: ...tree mst simulate pvst global Examples This example shows how to prevent all ports on the switch from automatically interoperating with a connected device running Rapid PVST switch config no spanning tree mst simulate pvst global Related Commands Command Description spanning tree mst simulate pvst Enables seamless interoperation between MST and Rapid PVST by the interface ...

Page 223: ...th cost calculations and yields valued in the range of 2 through 2 00 000 000 The short path cost calculation method 16 bits yields values in the range of 1 through 65535 Note This command applies only to the Rapid PVST spanning tree mode which is the default mode When you are using MST spanning tree mode the switch uses only the long method for calculating path cost this is not user configurable ...

Page 224: ...setting the default spanning tree port type is normal Command Modes Interface configuration mode Command History Usage Guidelines You can also use this command to configure a port in trunk mode as a spanning tree edge port Caution You should use this command only with interfaces that connect to end stations otherwise an accidental topology loop could cause a data packet loop and disrupt the switch...

Page 225: ...is in a non trunking mode To configure trunk interfaces as spanning tree edge ports use the spanning tree port type trunk command To remove the spanning tree edge port type setting use the spanning tree port type normal command The default spanning tree port type is normal Examples This example shows how to configure an interface connected to a host as an edge port which automatically transitions ...

Page 226: ...PDU Filtering Use this command to enable BPDU Filtering globally on all spanning tree edge ports BPDU Filtering prevents a port from sending or receiving any BPDUs Caution Be cautious when using this command incorrect usage can cause bridging loops You can override the global effects of this spanning tree port type edge bpdufilter default command by configuring BPDU Filtering at the interface leve...

Page 227: ...shows how to enable BPDU Filtering globally on all spanning tree edge operational ports by default switch config spanning tree port type edge bpdufilter default Related Commands Command Description show spanning tree summary Displays the information about the spanning tree configuration spanning tree bpdufilter Enables BPDU Filtering on the interface spanning tree port type edge Configures an inte...

Page 228: ... Configuration mode Command History Usage Guidelines To enable BPDU Guard by default you must do the following Configure the interface as spanning tree edge ports by entering the spanning tree port type edge or the spanning tree port type edge default command Enable BPDU Guard Use this command to enable BPDU Guard globally on all spanning tree edge ports BPDU Guard disables a port if it receives a...

Page 229: ...pter 2 Ethernet Commands spanning tree port type edge bpduguard default Related Commands Command Description show spanning tree summary Displays the information about the spanning tree configuration spanning tree bpduguard Enables BPDU guard on the interface spanning tree port type edge Configures an interface as a spanning tree edge port ...

Page 230: ... this command only with interfaces that connect to end stations otherwise an accidental topology loop could cause a data packet loop and disrupt the switch and network operation When a linkup occurs an interface configured as an edge port automatically moves the interface directly to the spanning tree forwarding state without waiting for the standard forward time delay This transition was previous...

Page 231: ...ies Command Reference OL 16599 01 Chapter 2 Ethernet Commands spanning tree port type edge default Related Commands Command Description show spanning tree summary Displays information about the spanning tree configuration spanning tree port type edge Configures an interface as a spanning tree edge port ...

Page 232: ...ormal Command Modes Interface configuration mode Command History Usage Guidelines Use this command to configure an interface that connects to a switch as a spanning tree network port Bridge Assurance runs only on Spanning Tree Protocol STP network ports Note If you mistakenly configure ports connected to hosts as STP network ports and enable Bridge Assurance those ports will automatically move int...

Page 233: ...mmands spanning tree port type network Examples This example shows how to configure an interface connected to a switch or bridge as a spanning tree network port switch config if spanning tree port type network Related Commands Command Description show spanning tree interface Displays information about the spanning tree configuration per specified interface ...

Page 234: ...itches as spanning tree network ports by default You can then use the spanning tree port type edge command to configure specified ports that are connected to hosts as spanning tree edge ports Note If you mistakenly configure ports connected to hosts as Spanning Tree Protocol STP network ports and Bridge Assurance is enabled those ports will automatically move into the blocking state Configure only...

Page 235: ...i s c o c o m 2 85 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands spanning tree port type network default Related Commands Command Description show spanning tree summary Displays information about the spanning tree configuration ...

Page 236: ...iority values for trunk ports The priority values are 0 32 64 96 128 160 192 and 224 All other values are rejected Note Use this command to configure the port priority for Rapid PVST spanning tree mode which is the default STP mode To configure the port priority for MST spanning tree mode use the spacing tree mst port priority command Examples This example shows how to increase the probability tha...

Page 237: ...alid values is from 0 to 4094 forward time value Optional Specifies the STP forward delay time the range of valid values is from 4 to 30 seconds hello time value Optional Specifies the number of seconds between the generation of configuration messages by the root switch the range of valid values is from 1 to 10 seconds max age value Optional Specifies the maximum number of seconds that the informa...

Page 238: ... spanning tree topology The spanning tree root primary alters this switch s bridge priority to 24576 If you enter the spanning tree root primary command and the switch does not become the root then the bridge priority is changed to 4096 less than the bridge priority of the current bridge The command fails if the value required to be the root bridge is less than 1 If the switch does not become the ...

Page 239: ... insert a 1 Gigabit Ethernet SFP transceiver into the applicable port and then set its speed with the speed command Note If the interface and transceiver speed is mismatched the SFP validation failed message is displayed when you enter the show interface ethernet slot port command For example if you insert a 1 Gigabit SFP transceiver into a port without configuring the speed 1000 command you will ...

Page 240: ...fault The VLAN is actively passing traffic Command Modes VLAN configuration mode Command History Usage Guidelines You cannot suspend the state for VLAN 1 or VLANs 1006 to 4094 VLANs in the suspended state do not pass packets Examples This example shows how to suspend VLAN 2 switch config vlan 2 switch config vlan state suspend Related Commands active Specifies that the VLAN is actively passing tra...

Page 241: ...Default VLAN interfaces are disabled Command Modes Configuration mode Command History Usage Guidelines You must use the feature interface vlan or the svi enable command before you can create VLAN interfaces Examples This example shows how to enable the interface VLAN feature on the switch switch config svi enable Related Commands Release Modification 4 0 0 N1 1a This command was introduced 4 0 1a ...

Page 242: ...onfiguration mode Command History Usage Guidelines Use the no form of the switchport access vlan command to reset the access mode VLAN to the appropriate default VLAN for the switch This action may generate messages on the device to which the port is connected Examples This example shows how to configure an Ethernet interface to join VLAN 2 switch config interface ethernet 1 7 switch config if swi...

Page 243: ...to all ports Command Modes Interface configuration mode Command History Usage Guidelines You can block the unknown multicast or unicast traffic on the switch ports Blocking the unknown multicast or unicast traffic is not automatically enabled on the switch ports you must explicitly configure it Examples This example shows how to block the unknown multicast traffic on an interface switch configure ...

Page 244: ...e port becomes inactive The port does not have a valid private VLAN association configured The port is a Switched Port Analyzer SPAN destination The private VLAN association is suspended If you delete a private VLAN port association or if you configure a private port as a SPAN destination the deleted private VLAN port association or the private port that is configured as a SPAN destination that po...

Page 245: ...s private VLAN port and one of the following applies the port becomes inactive The port does not have a valid private VLAN mapping configured The port is a Switched Port Analyzer SPAN destination If you delete a private VLAN port mapping or if you configure a private port as a SPAN destination the deleted private VLAN port mapping or the private port that is configured as a SPAN destination become...

Page 246: ...e command is allowed but the port is made inactive The port also may be inactive when the association between the private VLANs is suspended The secondary VLAN may be an isolated or community VLAN See the private vlan command for more information on primary VLANs secondary VLANS and isolated or community ports Note A PVLAN isolated port on a Cisco Nexus 5000 Series switch running the current relea...

Page 247: ... d b a ck c i s c o c o m 2 97 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands switchport private vlan host association Related Commands Command Description show vlan private vlan Displays information on private VLANs ...

Page 248: ...is made inactive The secondary VLAN may be an isolated or community VLAN See the private vlan command for more information on primary VLANs secondary VLANS and isolated or community ports Note A PVLAN isolated port on a Cisco Nexus 5000 Series switch running the current release of Cisco NX OS does not support IEEE 802 1q encapsulation and cannot be used as a trunk port Examples This example shows ...

Page 249: ...mapping This example shows how to remove the all private VLAN association from the port switch config if no switchport private vlan mapping Related Commands Command Description show interface switchport Displays information on all interfaces configured as switch ports show interface private vlan mapping Displays the information about the private VLAN mapping for VLAN interfaces or SVIs ...

Page 250: ...al UDLD with the default interval of 15 seconds is fast enough to shut down a unidirectional link before a blocking port transitions to the forwarding state with default spanning tree parameters When you enable the UDLD aggressive mode the following occurs One side of a link has a port stuck both transmission and receive One side of a link remains up while the other side of the link is down In the...

Page 251: ...s Command Reference OL 16599 01 Chapter 2 Ethernet Commands udld configuration mode This example shows how to reset all ports that were shutdown by UDLD switch configure terminal switch config udld reset Related Commands Command Description show udld Displays the administrative and operational UDLD status ...

Page 252: ...device To use the normal UDLD mode on a link you must configure one of the ports for normal mode and configure the port on the other end for the normal or aggressive mode To use the aggressive UDLD mode you must configure both ends of the link for aggressive mode Examples The following example shows how to enable the normal UDLD mode for an Ethernet port switch configure terminal switch config int...

Page 253: ...vlan range using a comma a dash and the number VLAN 1 parameters are factory configured and cannot be changed you cannot create or delete this VLAN Additionally you cannot create or delete VLAN 4095 or any of the internally allocated VLANs When you delete a VLAN all the access ports in that VLAN are shut down and no traffic flows On trunk ports the traffic continues to flow for the other VLANs all...

Page 254: ...599 01 Chapter 2 Ethernet Commands vlan EXEC mode This example shows how to add a range of new VLANs and enter VLAN configuration mode switch config vlan 2 5 10 12 20 25 4000 switch config vlan This example shows how to delete a VLAN switch config no vlan 2 Related Commands Command Description show vlan Displays VLAN information ...

Page 255: ... are available exit Exits from the current command mode ip Enables configuration of IP features Additional commands available in IP configuration mode domain list Adds additional domain names domain lookup Enables or disables DNS lookup domain name Specifies the default domain name host Adds an entry to the IP hostname table name server Specifies the IP address of a DNS name server route Adds rout...

Page 256: ... t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 2 106 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 2 Ethernet Commands vrf context Related Commands Command Description show vrf Displays VRF information ...

Page 257: ...o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 3 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 3 Ethernet Show Commands This chapter describes the Cisco NX OS Ethernet show commands available on Cisco Nexus 5000 Series switches ...

Page 258: ...e system displays all the MAC addresses Examples This example shows how to display the information on MAC addresses for the entire switch switch show interface mac address Related Commands type slot port Optional Specifies the interface for which MAC addresses should be displayed The type can be either ethernet Specify the appropriate slot or virtual interface group number and port number Release ...

Page 259: ...by using the feature private vlan command The commands for configuring private VLANs are not visible until you enable private VLANs This command displays the mapping information between the primary and secondary VLANs that allows both VLANs to share the VLAN interface of the primary VLAN Examples This example shows how to display information about primary and secondary private VLAN mapping switch ...

Page 260: ...e the show interface switchport command show interface switchport Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information for all Ethernet interfaces switch show interface switchport Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Descriptio...

Page 261: ...ping command only when you specify a primary private VLAN If you specify a secondary private VLAN the output is blank Examples This example shows how to display information about the specified VLAN switch show interface vlan 5 This example shows how to display a brief description for the specified VLAN switch show interface vlan 5 brief This example shows how to display the description for a speci...

Page 262: ...ow interface vlan This example shows how to display the status of the VLAN switch show interface vlan 5 status Related Commands Command Description show interface switchport Displays information about the ports including those in private VLANs show vlan Displays summary information for all VLANs show vlan private vlan Displays summary information for all private VLANs ...

Page 263: ...of the switch switch show ip igmp snooping Related Commands explicit tracking Optional Displays information about the explicit host tracking status for IGMPv3 hosts If you provide this keyword you must specify a VLAN vlan vlan id Optional Specifies a VLAN Valid values are 1 to 4094 groups Optional Displays information for IGMP group address detail Optional Displays detailed information for the gro...

Page 264: ...troubleshoot problems related to LACP in a network Examples This example shows how to display the LACP system identification switch show lacp system identifier counters Displays information about the LACP traffic statistics interface ethernet slot port Displays LACP information for a specific interface neighbor interface port channel number Displays information about the LACP neighbor Optionally p...

Page 265: ...e aging time vlan vlan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display MAC address aging times switch show mac address table aging time Related Commands vlan vlan id Optional Displays information for a specific VLAN the range of valid values is from 1 to 4094 Release Modification 4 0 0 N1 1a This command was introduced C...

Page 266: ...the number of dynamic entries currently in the MAC address table switch show mac address table count dynamic Related Commands address EEEE EEEE EEEE Optional Displays a count of the MAC address table entries for a specific address dynamic Optional Displays a count of the dynamic MAC addresses static Optional Displays a count of the static MAC addresses interface type slot port port channel number ...

Page 267: ...tification mac move threshold Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display MAC address move notifications switch show mac address table notification mac move Related Commands mac move Shows notification messages about MAC addresses that were moved threshold Shows notification messages sent when the MAC address table thre...

Page 268: ...ble This example shows how to display the information about the entries for the MAC address table for a specific MAC address switch show mac address table address 0018 bad8 3fbd This example shows how to display the information about the dynamic entries for the MAC address table switch show mac address table dynamic address mac address Optional Displays information about a specific MAC address dyn...

Page 269: ...address table static This example shows how to display the entries in the MAC address table for a specific VLAN switch show mac address table vlan 5 Related Commands Command Description mac address table static Adds static entries to the MAC address table or configures a static MAC address with IGMP snooping disabled for that address show mac address table aging time Displays information about the...

Page 270: ...le shows how to display information about SPAN session 1 switch show monitor session 1 This example shows how to display a range of SPAN sessions switch show monitor session range 1 4 Related Commands session Optional Number of the session valid values are from 1 to 18 all Optional Displays all sessions brief Optional Displays a brief summary of the information range range Optional Displays a rang...

Page 271: ...ription Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information on the running configuration switch show running config This example shows how to display detailed information on the running configuration switch show running config all Related Commands all Optional Displays the full operating information including default settings Release ...

Page 272: ...t None Command Modes EXEC mode Command History Examples This example shows how to display information on the running STP configuration switch show running config spanning tree This example shows how to display detailed information on the running STP configuration switch show running config spanning tree all Note Display output differs slightly depending on whether you are running Rapid PVST or MST...

Page 273: ...EC mode Command History Usage Guidelines This command provides information on the specified VLAN including private VLANs The display varies with your configuration If you have configured the VLAN name shutdown status or suspended status these are also displayed Examples This example shows how to display the running configuration for VLAN 5 switch show running config vlan 5 Related Commands vlan id...

Page 274: ...amples This example shows how to display spanning tree information switch show spanning tree This example shows how to display the blocked ports in spanning tree switch config show spanning tree blockedports This example shows how to determine if any ports are in any STP inconsistent state switch show spanning tree inconsistentports This example shows how to display the path cost method switch con...

Page 275: ...hared interface by the spanning tree Edge The port is configured as an STP edge port either globally using the default command or directly on the interface and no BPDU has been received Network The port is configured as an STP network port either globally using the default command or directly on the interface ROOT_Inc LOOP_Inc PVID_Inc BA_Inc and TYPE_Inc The port is in a broken state BKN for an i...

Page 276: ...mands show spanning tree show spanning tree mst Displays information about MST STP show spanning tree root Displays status and configuration of the root bridge for the STP instance to which this switch belongs show spanning tree summary Displays summary information about STP show spanning tree vlan Displays STP information for specified VLANs Command Description ...

Page 277: ...il Optional Displays a detailed summary of STP interface information Release Modification 4 0 0 N1 1a This command was introduced Command Description show spanning tree Displays information STP show spanning tree bridge Displays bridge ID timers and protocol for the local bridge on the switch show spanning tree brief Displays brief summary information about STP show spanning tree detail Displays d...

Page 278: ...mmary of the status and configuration for the STP bridge detail Optional Displays a detailed summary of the status and configuration for the STP bridge forward time Optional Displays the STP forward delay interval for the bridge hello time Optional Displays the STP hello time for the bridge id Optional Displays the STP bridge identifier for the bridge max age Optional Displays the STP maximum agin...

Page 279: ... about STP show spanning tree interface Displays STP interface status and configuration of specified interfaces show spanning tree mst Displays information about MST STP show spanning tree root Displays status and configuration of the root bridge for the STP instance to which this switch belongs show spanning tree summary Displays summary information about STP show spanning tree vlan Displays STP ...

Page 280: ...out STP active interfaces only Release Modification 4 0 0 N1 1a This command was introduced Command Description show spanning tree Displays information STP show spanning tree active Displays information about STP active interfaces only show spanning tree bridge Displays bridge ID timers and protocol for the local bridge on the switch show spanning tree detail Displays detailed information about ST...

Page 281: ...mation about STP active interfaces only Release Modification 4 0 0 N1 1a This command was introduced Command Description show spanning tree Displays information STP show spanning tree active Displays information about STP active interfaces only show spanning tree bridge Displays bridge ID timers and protocol for the local bridge on the switch show spanning tree brief Displays brief summary informa...

Page 282: ...you are running MST this command displays the PVST simulation setting Note If you are running MST use the show spanning tree mst command to show more detail on the specified interfaces interface type slot port port channel number Specifies the interface Use either the type of interface and its slot and port number or the EtherChannel number active Optional Displays information about STP active int...

Page 283: ...ommand Description show spanning tree Displays information about STP show spanning tree active Displays information about STP active interfaces only show spanning tree bridge Displays bridge ID timers and protocol for the local bridge on the switch show spanning tree brief Displays brief summary information about STP show spanning tree detail Displays detailed information about STP show spanning t...

Page 284: ... not in mst mode Examples This example shows how to display STP information about MST instance information for the VLAN ports that are currently active switch show spanning tree mst This example shows how to display STP information about a specific MST instance switch show spanning tree mst 0 This example shows how to display detailed STP information about the MST protocol switch show spanning tre...

Page 285: ...the fields that are displayed in the output of show spanning tree commands Related Commands Command Description show spanning tree Displays information STP show spanning tree active Displays information about STP active interfaces only show spanning tree bridge Displays bridge ID timers and protocol for the local bridge on the switch show spanning tree brief Displays brief summary information abou...

Page 286: ... root bridge cost Optional Displays path cost from the root to this bridge detail Optional Displays detailed information on the status and configuration for the root bridge forward time Optional Displays the STP forward delay interval for the root bridge hello time Optional Displays the STP hello time for the root bridge id Optional Displays the STP bridge identifier for the root bridge max age Op...

Page 287: ...splays a brief summary of STP information show spanning tree detail Displays detailed information about STP show spanning tree interface Displays STP interface status and configuration of specified interfaces show spanning tree mst Displays information about MST STP show spanning tree summary Displays summary information about STP show spanning tree vlan Displays STP information for specified VLAN...

Page 288: ...g show spanning tree summary Related Commands totals Optional Displays totals only of STP information Release Modification 4 0 0 N1 1a This command was introduced Command Description show spanning tree Displays information STP show spanning tree active Displays information about STP active interfaces only show spanning tree bridge Displays bridge ID timers and protocol for the local bridge on the ...

Page 289: ...an id summary Syntax Description vlan id Specifies the VLAN or range of VLANs that you want to display active Optional Displays information about STP VLANs and active ports brief Optional Displays brief summary of STP information for the specified VLANs detail Optional Displays detailed STP information for the specified VLANs blockedports Optional Displays the STP alternate ports in the blocked st...

Page 290: ...for the specified VLANs inconsistency Optional Displays the STP port inconsistency state for the specified interface for the specified VLANs priority Optional Displays the STP priority for the specified VLANs rootcost Optional Displays the path cost to the root for specified interfaces for the specified VLANs state Current port STP state Valid values are blocking disabled learning and forwarding p...

Page 291: ... tree vlan show spanning tree interface Displays STP interface status and configuration of specified interfaces show spanning tree mst Displays information about MST STP show spanning tree root Displays status and configuration of the root bridge for the STP instance to which this switch belongs show spanning tree summary Displays summary information about STP Command Description ...

Page 292: ...the show startup config command show startup config Syntax Description This command has no other arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information from the startup configuration file switch show startup config Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show...

Page 293: ...ar in the Status field suspended VLAN is suspended active VLAN is active If you shut down a VLAN using the shutdown command these values appear in the Status field act lshut VLAN status is active but shut down locally sus lshut VLAN status is suspended but shut down locally If a VLAN is shut down internally these values appear in the Status field act ishut VLAN status is active but shut down inter...

Page 294: ...to display the VLAN name status and associated ports only switch show vlan brief This example shows how to display the VLAN information for a specific VLAN by name switch show vlan name test This example shows how to display information about the number of VLANs configured on the switch switch show vlan summary Related Commands Command Description show interface switchport Displays information abo...

Page 295: ...EC mode Command History Usage Guidelines Use this command to display information and statistics on an individual VLAN or a range of VLANs including private VLANs Note You can also display information about individual VLANs using the show vlan name command Examples This example shows how to display information for the individual VLAN 5 switch show vlan id 5 Related Commands vlan id Specifies the VL...

Page 296: ...ample shows how to display information on the types of all private VLANs on the switch switch config show vlan private vlan type This example shows how to display information on the type for the specified private VLAN switch config show vlan id 42 private vlan type Related Commands id vlan id Optional Displays private VLAN information for the specified VLAN type Optional Displays the private VLAN ...

Page 297: ... f e e d b a ck c i s c o c o m 4 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 4 Fabric Extender Commands This chapter describes the Cisco NX OS commands used to manage a Cisco Nexus 2000 Series Fabric Extender from a Cisco Nexus 5000 Series switch ...

Page 298: ...elines Use the attach fex command to access the CLI on a connected Fabric Extender and performing diagnostic commands We recommend that you use this command only following direction from Cisco technical support personnel Examples This example shows how to access the CLI of a connected Fabric Extender to run diagnostic commands switch attach fex 101 Related Commands chassis_ID Fabric Extender chass...

Page 299: ...and to toggle the locator beacon LED of a Fabric Extender allowing you to easily identify the machine in a busy data center Examples This example shows how to turn on the locator beacon LED for a specific Fabric Extender chassis switch configure terminal switch config fex 101 switch config fex beacon This example shows how to turn off the locator beacon LED for a specific Fabric Extender chassis s...

Page 300: ...for a Fabric Extender switch configure terminal switch config fex 101 switch config fex description Rack16_FEX101 This example shows how to revert to the default description for a Fabric Extender switch configure terminal switch config fex 101 switch config fex no description Related Commands description Description of a Fabric Extender The default is the string FEXxxxx where xxxx is the chassis I...

Page 301: ...erred over to the Fabric Extender and applied Examples This example shows how to enter Fabric Extender configuration mode switch configure terminal switch config fex 101 This example shows how to delete the Fabric Extender configuration switch configure terminal switch config no fex 101 Related Commands chassis_ID Fabric Extender chassis ID The chassis ID range is from 100 to 199 Release Modificat...

Page 302: ... interface by entering the switchport mode fex fabric command Examples This example shows how to associate the Fabric Extender to an Ethernet interface switch configure terminal switch config interface ethernet 1 40 switch config if switchport mode fex fabric switch config if fex associate 101 This example shows how to associate the Fabric Extender to an EtherChannel interface switch configure ter...

Page 303: ...re pinned to the host interfaces in an ascending order by the port number of the fabric interface Use the fex pinning redistribute command if you want to configure the same fixed distribution of host interfaces without restarting the Fabric Extender after your initial configuration Caution This command disrupts all the host interface ports of the Fabric Extender However the disruption is shorter t...

Page 304: ...ts switch config logging fex 4 This example shows how to reset the logging level switch config no logging fex Related Commands severity level Optional Number of the desired severity level at which messages should be logged Messages at or numerically lower than the specified level are logged Severity levels are as follows 0 emergency System unusable 1 alert Immediate action needed 2 critical Critic...

Page 305: ...faces The host interfaces are divided by the number of uplinks and distributed accordingly Caution Changing the value of uplinks is disruptive all the host interfaces on the Fabric Extender are brought down and back up as the parent switch reassigns its static pinning Examples This example shows how to specify the number of statically pinned uplinks for a Fabric Extender switch configure terminal ...

Page 306: ...9 01 Chapter 4 Fabric Extender Commands pinning max links Related Commands Command Description fex Creates a Fabric Extender and enters Fabric Extender configuration mode fex pinning redistribute Redistributes the host interfaces on a Fabric Extender show fex Displays all configured Fabric Extender chassis connected to the switch ...

Page 307: ...u use the fex associate command to associate the corresponding chassis ID to the switch the association will succeed only if the Fabric Extender reports a matching serial number string Caution Configuring a serial number other than that of the given Fabric Extender will force the Fabric Extender offline Examples This example shows how to specify a serial number for a Fabric Extender switch configu...

Page 308: ...16599 01 Chapter 4 Fabric Extender Commands serial Related Commands Command Description fex Creates a Fabric Extender and enters Fabric Extender configuration mode fex associate Associates a Fabric Extender to an Ethernet or EtherChannel interface show fex Displays all configured Fabric Extender chassis connected to the switch ...

Page 309: ...ult fex command show diagnostic result fex chassis_ID Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the results from the diagnostic tests for a Fabric Extender switch show diagnostic result fex 101 Related Commands chassis_ID Fabric Extender chassis ID The chassis ID range is from 100 to 199 Release Modification 4 0 1a N2...

Page 310: ...d History Examples This example shows how to display the environmental sensor status for a Fabric Extender switch show environment fex 101 Related Commands all Show information for all Fabric Extender chassis chassis_ID Fabric Extender chassis ID The chassis ID range is from 100 to 199 temperature Optional Displays temperature sensor information power Optional Displays power capacity and power dis...

Page 311: ...s_ID detail Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information about all attached Fabric Extender chassis switch show fex Related Commands chassis_ID Optional Fabric Extender chassis ID The chassis ID range is from 100 to 199 detail Optional Displays a detailed listing Release Modification 4 0 1a N2 1 This command ...

Page 312: ...Default None Command Modes EXEC mode Command History Examples This example shows how to display information about the transceiver connecting a Fabric Extender to the Cisco Nexus 5000 Series switch switch show fex transceiver Related Commands chassis_ID Fabric Extender chassis ID The chassis ID range is from 100 to 199 calibration Optional Displays detailed calibration information about the transce...

Page 313: ...ion command show fex chassis_ID version Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the version information about a Fabric Extender switch show fex version Related Commands chassis_ID Fabric Extender chassis ID The chassis ID range is from 100 to 199 Release Modification 4 0 1a N2 1 This command was introduced Command D...

Page 314: ...he show interface fex fabric command show interface fex fabric Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display all Fabric Extender fabric interfaces switch show interface fex fabric Related Commands Release Modification 4 0 1a N2 1 This command was introduced Command Description sho...

Page 315: ...Command Modes EXEC mode Command History Examples This example shows how to display the host interfaces pinned to an Ethernet fabric interface on the parent switch switch show interface ethernet 1 1 fex intf This example shows how to display the host interfaces pinned to an EtherChannel fabric interface on the parent switch switch show interface port channel 1 fex intf Related Commands interface Et...

Page 316: ...x fabric calibration detail Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information about all transceivers that connect to fabric interfaces switch show interface transceiver fex fabric Related Commands calibration Optional Displays detailed calibration information about the transceiver detail Optional Displays detailed...

Page 317: ...ation mode Command History Examples This example shows how to set an Ethernet interface to be an uplink port for a Fabric Extender switch configure terminal switch config interface ethernet 1 40 switch config if switchport mode fex fabric This example shows how to set an EtherChannel interface to be an uplink port for a Fabric Extender switch configure terminal switch config interface port channel...

Page 318: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 4 22 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 4 Fabric Extender Commands switchport mode fex fabric ...

Page 319: ... 5 0 0 0 d o c f e e d b a ck c i s c o c o m 5 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 5 Quality of Service Commands This chapter describes the Cisco NX OS quality of service commands available on Cisco Nexus 5000 Series switches ...

Page 320: ...mmand Default None Command Modes Global configuration Command History Usage Guidelines You can define a class map for each class of traffic to be used in QoS policies Examples This example shows how to create or modify a class map switch config class map my_class1 switch config cmap This example shows how to remove a class map switch config no class map my_class1 Related Commands class map name Na...

Page 321: ... Default None Command Modes Interface configuration mode Command History Examples This example shows how to enable flow control for traffic received on an interface switch configure terminal switch config interface ethernet 1 2 switch config if flowcontrol receive on Related Commands receive on off Optional Sets flow control in the receive direction transmit on off Optional Sets flow control in th...

Page 322: ...pecify a list of values use one of the following options Specify a range of values separated by a dash Specify a noncontiguous list of values separated by commas Note Only class maps of type qos support the optional not keyword form of this command Class maps of type queuing do not support the not keyword This command does not require a license Examples This example shows how to match on the CoS v...

Page 323: ...name no match access group name acl name Syntax Description Defaults None Command Modes Class map type qos configuration Command History Usage Guidelines Note The permit and deny ACL keywords do not affect the matching of packets This command does not require a license Examples This example shows how to create a qos class map that matches characteristics of the ACL my_acl switch config class map c...

Page 324: ...ss map name no match not class map class map name Syntax Description Defaults None Command Modes Class map type qos configuration Command History Usage Guidelines This command does not require a license Examples This example shows how to match on the matches specified in class map named my_test switch config class map my_test switch config cmap qos match class name my_test Related Commands not Opt...

Page 325: ...pecify a list of values use one of the following options Specify a range of values separated by a dash Specify a noncontiguous list of values separated by commas Note Only class maps of type qos support the optional not keyword form of this command Class maps of type queuing do not support the not keyword This command does not require a license Examples This example shows how to match on the CoS v...

Page 326: ...Guidelines To specify a list of values use one of the following options Specify a range of values separated by a dash Specify a noncontiguous list of values separated by commas Note Only class maps of type qos support the optional not keyword form of this command This command does not require a license Examples This example shows how to modify a type queuing class map to match on CoS switch config...

Page 327: ... values use one of the following options not Optional Negates the specified match result dscp list Matches on the specified DSCP value or list of DSCP values See Table 1 for a list of valid DSCP values Release Modification 4 1 3 N1 1 This command was introduced Table 1 Standard DSCP Values List of DSCP Values af11 AF11 dscp 001010 decimal value 10 af12 AF12 dscp 001100 decimal value 12 af13 AF13 d...

Page 328: ...af21 switch config class map my_test switch config cmap qos match dscp af21 Related Commands cs2 CS2 precedence 2 dscp 010000 decimal value 16 cs3 CS3 precedence 3 dscp 011000 decimal value 24 cs4 CS4 precedence 4 dscp 100000 decimal value 32 cs5 CS5 precedence 5 dscp 101000 decimal value 40 cs6 CS6 precedence 6 dscp 110000 decimal value 48 cs7 CS7 precedence 7 dscp 111000 decimal value 56 default...

Page 329: ... map type qos configuration Command History Usage Guidelines To specify a list of values use one of the following options Specify a range of values separated by a dash Specify a noncontiguous list of values separated by commas This command does not require a license Examples This example shows how to match on a port using RTP switch config class map my_test switch config cmap qos match ip rtp 2300...

Page 330: ...sage Guidelines See Table 2 for a list of precedence values To specify a list of values use one of the following options Specify a range of values separated by a dash Specify a noncontiguous list of values separated by commas not Optional Negates the specified match result precedence list Matches on the specified IP precedence value or list of IP precedence values specified in bytes Valid values a...

Page 331: ...ce OL 16599 01 Chapter 5 Quality of Service Commands match precedence This command does not require a license Examples This example shows how to match on an IP precedence value switch config class map my_test switch config cmap qos match precedence 7 Related Commands Command Description show class map Displays class maps ...

Page 332: ...ry Usage Guidelines The list of valid protocol names is shown in Table 3 Note A maximum of eight different of the above protocols can be matched at one time not Optional Negates the specified match result protocol name Matches on the specified protocol name Valid values are shown in Table 3 Release Modification 4 1 3 N1 1 This command was introduced Table 3 Protocol Names Argument Description arp ...

Page 333: ...match protocol To specify more than one protocol enter the command more than once with the desired protocol value each time This command does not require a license Examples This example shows how to match on a specified protocol switch config class map my_test switch config cmap qos match protocol ldp Related Commands Command Description show class map Displays class maps ...

Page 334: ...s Use the service policy command to assign policy maps to interfaces This command does not require a license Examples This example shows how to create or modify a type qos policy map switch config policy map my_policy1 switch config pmap qos This example shows how to remove a type qos policy map switch config no policy map my_policy1 Related Commands match first Optional Specifies that policies as...

Page 335: ...iority flow control mode auto on Syntax Description Command Default None Command Modes Interface configuration mode Command History Examples This example shows how to force enable PFC on an interface switch configure terminal switch config interface ethernet 1 2 switch config if priority flow control mode on Related Commands auto Negotiates PFC capability on Force enables PFC Release Modification ...

Page 336: ...mand The system defined type queuing class maps are attached to each interface unless you specifically attach a different class map You can attach one ingress and one egress type qos policy map to port port channel tunnel and VLANs You can attach one ingress and one egress type queuing policy map to an interface of type port port channel tunnel and VLAN Only one policy map can be attached to the i...

Page 337: ...icy switch config vlan service policy output my_output_policy switch config vlan This example shows how to attach a queuing policy map to the ingress packets of a port interface switch config interface ethernet 2 1 switch config if service policy type queuing input my_input_q_policy switch config if This example shows how to remove a policy map from a VLAN switch config vlan 1 switch config vlan n...

Page 338: ...tax Description Defaults Displays all type qos class maps if no class map name is specified Command Modes Any command mode Command History Usage Guidelines This command does not require a license Examples This example shows how to display all type qos class maps switch config show class map type qos Related Commands class map name Named class map The name class default is reserved color class map ...

Page 339: ...s map type queuing class map name Syntax Description Defaults Displays all type queuing class maps if no class map name is specified Command Modes Any command mode Command History Usage Guidelines This command does not require a license Examples This example shows how to display all type queuing class maps switch config show class map type queuing Related Commands class map name Named class map Re...

Page 340: ...er the command show policy map with no arguments or keywords the system also displays the Control Plane Policing CoPP information This command does not require a license Examples This example shows how to display a named policy map switch config show policy map abc switch config show policy map type queuing Related Commands type Optional Specifies the component type to display qos Displays policy ...

Page 341: ...ps assigned to a specified interface switch config show policy map interface ethernet 2 10 switch config show policy map interface ethernet 2 2 type qos Related Commands ethernet Optional Displays policy maps assigned to Ethernet interfaces slot port Displays policy maps assigned to specified interface port channel Optional Displays policy maps assigned to port channels channel number Displays pol...

Page 342: ...nes This command does not require a license Examples This example shows how to display assigned policy maps in a brief format switch config show policy map interface brief Interface VLAN Status INP QOS OUT QOS INP QUE OUT QUE port channel5 Active default in po default out p port channel20 Active default in po default out p port channel30 Active default in po default out p port channel37 Active def...

Page 343: ...on Command Default None Command Modes Global configuration Command History Examples This example shows how to display the priority flow control details for a specified interface switch config show interface ethernet 1 1 priority flow control Port Mode Oper RxPPP TxPPP Eth1 1 auto off 0 0 The interface specified is Ethernet 1 1 the PFC mode is set to negotiate PFC capability the operation is off an...

Page 344: ... show policy map interface name Syntax Description Command Default None Command Modes Global configuration Command History Usage Guidelines This command provides per class statistics Examples This example shows the per class pause statistics displayed for a default system class switch config show policy map interface ethernet 3 1 Related Commands name Optional Name of the interface Release Modific...

Page 345: ... command system jumbomtu value Syntax Description Command Default 9216 bytes Command Modes Global configuration Command History Examples This example shows how to define the upper bound of any MTU in the system switch config system jumbomtu 9216 Related Commands value The jumbomtu value The range is 2240 9216 Release Modification 4 0 0 N1 1a This command was introduced Command Description show int...

Page 346: ...the system qos command system qos Syntax Description None Command Default None Command Modes Global configuration Command History Examples This example shows how to configure a system qos switch configure terminal switch config system qos Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description service policy Associates the system class policy map to the se...

Page 347: ...n Command Default None Command Modes Interface configuration mode Command History Usage Guidelines No license required for the command Examples This example shows how to set the CoS value to 4 for untagged frames received on an interface switch configure terminal switch config interface ethernet 1 2 switch config if untagged cos 4 Related Commands cos value Specifies a Class of Service CoS value f...

Page 348: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 5 30 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 5 Quality of Service Commands untagged cos ...

Page 349: ... s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 6 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 6 Security Commands This chapter describes the Cisco NX OS security commands available on Cisco Nexus 5000 Series switches ...

Page 350: ... servers Use the radius server host command to configure the host servers Use the aaa group server command to create a named group of servers If you specify the group method of local method or both and they fail then the accounting authentication fails Examples This example shows how to configure any RADIUS server for AAA accounting switch config aaa accounting default group Related Commands group...

Page 351: ...Use the aaa group server command to create a named group of servers If you specify the group method or local method and they fail then the authentication can fail If you specify the none method alone or after the group method then the authentication always succeeds Examples This example shows how to configure AAA authentication console login method switch config aaa authentication login console gr...

Page 352: ...erence OL 16599 01 Chapter 6 Security Commands aaa authentication login console Related Commands Command Description aaa group server Configures AAA server groups radius server host Configures RADIUS servers show aaa authentication Displays AAA authentication information tacacs server host Configures TACACS servers ...

Page 353: ...aa group server command to create a named group of servers If you specify the group method or local method and they fail then the authentication fails If you specify the none method alone or after the group method then the authentication always succeeds Examples This example shows how to configure the AAA authentication console login method switch config aaa authentication login default group radi...

Page 354: ...erence OL 16599 01 Chapter 6 Security Commands aaa authentication login default Related Commands Command Description aaa group server Configures AAA server groups radius server host Configures RADIUS servers show aaa authentication Displays AAA authentication information tacacs server host Configures TACACS servers ...

Page 355: ...s When you log in the login is processed by rolling over to the local user database if the remote AAA servers do not respond In this situation the following message is displayed if you have enabled the displaying of login failure messages Remote AAA servers unreachable local authentication done Remote AAA servers unreachable local authentication failed Examples This example shows how to enable the...

Page 356: ...rm of this command aaa authentication login mschap enable no aaa authentication login mschap enable Syntax Description This command has no arguments or keywords Command Default Disabled Command Modes Configuration mode Command History Examples This example shows how to enable MSCHAP authentication switch config aaa authentication login mschap enable This example shows how to disable MSCHAP authent...

Page 357: ...r radius group name no aaa group server radius group name Syntax Description Command Default None Command Modes Configuration mode Command History Examples This example shows how to create a RADIUS server group and enter RADIUS server configuration mode switch config aaa group server radius RadServer switch config radius This example shows how to delete a RADIUS server group switch config no aaa g...

Page 358: ...s an IPv4 ACL named ip acl 01 to the map specifies that the switch forwards packets matching the ACL and enables statistics for traffic matching the map switch config vlan access map vlan map 01 switch config access map match ip address ip acl 01 switch config access map action forward switch config access map statistics Related Commands drop Specifies that the switch drops the packet forward Spec...

Page 359: ...This example shows how to clear counters for all IPv4 ACLs switch clear access list counters This example shows how to clear counters for an IPv4 ACL named acl ipv4 01 switch clear access list counters acl ipv4 01 Related Commands access list name Optional Name of the IPv4 ACL whose counters the switch clears Release Modification 4 0 0 N1 1a This command was introduced Command Description access c...

Page 360: ...g log use the clear accounting log command clear accounting log Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to clear the accounting log switch clear accounting log Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show accounting log Displays...

Page 361: ... how to set the dead time interval to 2 minutes for a RADIUS server group switch config aaa group server radius RadServer switch config radius deadtime 2 This example shows how to set the dead time interval to 5 minutes for a TACACS server group switch config aaa group server tacacs TacServer switch config tacacs deadtime 5 This example shows how to revert to the dead time interval default switch ...

Page 362: ...o Nexus 5000 Series Command Reference OL 16599 01 Chapter 6 Security Commands deadtime show radius server groups Displays RADIUS server group information show tacacs server groups Displays TACACS server group information tacacs server host Configures a TACACS server Command Description ...

Page 363: ...stination icmp message dscp dscp precedence precedence fragments log time range time range name Internet Group Management Protocol sequence number deny igmp source destination igmp message dscp dscp precedence precedence fragments log time range time range name Internet Protocol v4 sequence number deny ip source destination dscp dscp precedence precedence fragments log time range time range name T...

Page 364: ...otocol argument igmp Specifies that the rule applies to IGMP traffic only When you use this keyword the igmp type argument is available in addition to the keywords that are available for all valid values of the protocol argument ip Specifies that the rule applies to all IPv4 traffic When you use this keyword only the other keywords and arguments that apply to all IPv4 protocols are available They ...

Page 365: ...ass 1 low drop probability 001010 af12 AF class 1 medium drop probability 001100 af13 AF class 1 high drop probability 001110 af21 AF class 2 low drop probability 010010 af22 AF class 2 medium drop probability 010100 af23 AF class 2 high drop probability 010110 af31 AF class 3 low drop probability 011010 af32 AF class 3 medium drop probability 011100 af33 AF class 3 high drop probability 011110 af...

Page 366: ...ation that the switch requires to evaluate those options is contained only in initial fragments log Optional Specifies that the switch generates an informational logging message about each packet that matches the rule The message includes the following information ACL name Whether the packet was permitted or denied Whether the protocol was TCP UDP ICMP or a number Source and destination addresses ...

Page 367: ...is greater than the port argument lt Matches only if the port in the packet is less than the port argument neq Matches only if the port in the packet is not equal to the port argument range Requires two port arguments and matches only if the port in the packet is equal to or greater than the first port argument and equal to or less than the second port argument portgroup portgroup Optional TCP and...

Page 368: ...to create and change IPv4 address group objects The syntax is as follows addrgroup address group name The following example shows how to use an IPv4 address object group named lab gateway svrs to specify the destination argument switch config acl deny ip any addrgroup lab gateway svrs Address and network wildcard You can use an IPv4 address followed by a network wildcard to specify a host or a net...

Page 369: ...lternate address Alternate address conversion error Datagram conversion dod host prohibited Host prohibited dod net prohibited Net prohibited echo Echo ping echo reply Echo reply general parameter problem Parameter problem host isolated Host isolated host precedence unreachable Host unreachable for precedence host redirect Host redirect host tos redirect Host redirect for ToS host tos unreachable ...

Page 370: ...plies timestamp request Time stamp requests traceroute Traceroute ttl exceeded TTL exceeded unreachable All unreachables TCP Port Names When you specify the protocol argument as tcp the port argument can be a TCP port number which is an integer from 0 to 65535 It can also be one of the following keywords bgp Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands rcmd 514 da...

Page 371: ...mber which is an integer from 0 to 65535 It can also be one of the following keywords biff Biff mail notification comsat 512 bootpc Bootstrap Protocol BOOTP client 68 bootps Bootstrap Protocol BOOTP server 67 discard Discard 9 dnsix DNSIX security protocol auditing 195 domain Domain Name Service DNS 53 echo Echo 7 isakmp Internet Security Association and Key Management Protocol 5 mobile ip Mobile ...

Page 372: ... TCP and UDP traffic from the 10 23 0 0 and 192 168 37 0 networks to the 10 176 0 0 network and a final rule that permits all other IPv4 traffic switch config ip access list acl lab 01 switch config acl deny tcp 10 23 0 0 16 10 176 0 0 16 switch config acl deny udp 10 23 0 0 16 10 176 0 0 16 switch config acl deny tcp 192 168 37 0 16 10 176 0 0 16 switch config acl deny udp 192 168 37 0 16 10 176 ...

Page 373: ...ber no deny icmp source destination icmp message dscp dscp flow label flow label value fragments log time range time range name Internet Protocol v6 sequence number deny ipv6 source destination dscp dscp flow label flow label value fragments log time range time range name Stream Control Transmission Protocol sequence number no deny sctp source operator port port portgroup portgroup destination ope...

Page 374: ...rgument is available in addition to the keywords that are available for all valid values of the protocol argument ipv6 Specifies that the rule applies to all IPv6 traffic When you use this keyword only the other keywords and arguments that apply to all IPv6 protocols are available pcp Specifies that the rule applies to Payload Compression Protocol PCP traffic only When you use this keyword only th...

Page 375: ...AF class 3 high drop probability 011110 af41 AF class 4 low drop probability 100010 af42 AF class 4 medium drop probability 100100 af43 AF class 4 high drop probability 100110 cs1 Class selector CS 1 precedence 1 001000 cs2 CS2 precedence 2 010000 cs3 CS3 precedence 3 011000 cs4 CS4 precedence 4 100000 cs5 CS5 precedence 5 101000 cs6 CS6 precedence 6 110000 cs7 CS7 precedence 7 111000 default Defa...

Page 376: ...pecify them after the source argument or after the destination argument The port argument can be the name or the number of a TCP or UDP port Valid numbers are integers from 0 to 65535 For listings of valid port names see TCP Port Names and UDP Port Names in the Usage Guidelines section A second port argument is required only when the operator argument is a range The operator argument must be one o...

Page 377: ...stination arguments IPv6 address group object You can use an IPv6 address group object to specify a source or destination argument Use the object group ipv6 address command to create and change IPv6 address group objects The syntax is as follows addrgroup address group name The following example shows how to use an IPv6 address object group named lab svrs 1301 to specify the destination argument s...

Page 378: ... keyword see the examples in this section Each example shows how to specify a source or destination by using the any keyword ICMPv6 Message Types The icmp message argument can be the ICMPv6 message number which is an integer from 0 to 255 It can also be one of the following keywords beyond scope Destination beyond scope destination unreachable Destination address is unreachable echo reply Echo rep...

Page 379: ...ger from 0 to 65535 It can also be one of the following keywords bgp Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands rcmd 514 daytime Daytime 13 discard Discard 9 domain Domain Name Service 53 drip Dynamic Routing Information Protocol 3949 echo Echo 7 exec Exec rsh 512 finger Finger 79 ftp File Transfer Protocol 21 ftp data FTP data connections 2 gopher Gopher 7 host...

Page 380: ...DNSIX security protocol auditing 195 domain Domain Name Service DNS 53 echo Echo 7 isakmp Internet Security Association and Key Management Protocol 5 mobile ip Mobile IP registration 434 nameserver IEN116 name service obsolete 42 netbios dgm NetBIOS datagram service 138 netbios ns NetBIOS name service 137 netbios ss NetBIOS session service 139 non500 isakmp Internet Security Association and Key Ma...

Page 381: ...01 0db8 85a3 48 2001 0db8 be03 2112 64 switch config ipv6 acl deny tcp 2001 0db8 69f2 48 2001 0db8 be03 2112 64 switch config ipv6 acl deny udp 2001 0db8 69f2 48 2001 0db8 be03 2112 64 This example shows how to configure an IPv6 ACL named ipv6 eng to marketing with a rule that denies all IPv6 traffic from an IPv6 address object group named eng_ipv6 to an IPv6 address object group named marketing_g...

Page 382: ...the first rule in an ACL has a sequence number of 10 If you do not specify a sequence number the switch adds the rule to the end of the ACL and assigns to it a sequence number that is 10 greater than the sequence number of the preceding rule Use the resequence command to reassign sequence numbers to rules source Source MAC addresses that the rule matches For details about the methods that you can ...

Page 383: ...rce argument with the MAC address 00c0 4f03 0a72 switch config acl deny 00c0 4f03 0a72 0000 0000 0000 any The following example specifies the destination argument with a MAC address for all hosts with a MAC vendor code of 00603e switch config acl deny any 0060 3e00 0000 0000 0000 0000 Any address You can use the any keyword to specify that a source or destination is any MAC address For examples of...

Page 384: ...s that permit any non IPv4 traffic between two groups of MAC addresses switch config mac access list mac ip filter switch config mac acl deny 00c0 4f00 0000 0000 00ff ffff 0060 3e00 0000 0000 00ff ffff ip switch config mac acl permit any any Related Commands Command Description mac access list Configures a MAC ACL permit MAC Configures a deny rule in a MAC ACL remark Configures a remark in an ACL ...

Page 385: ...nd Default None Command Modes User role configuration Command History Usage Guidelines You can include blank spaces in the user role description text Examples This example shows how to configure the description for a user role switch config role name MyRole switch config role description User role for my user account This example shows how to remove the description from a user role switch config r...

Page 386: ... names to use in this command Examples This example shows add features to a user role feature group switch config role feature group name SecGroup switch config role featuregrp feature aaa switch config role featuregrp feature radius switch config role featuregrp feature tacacs This example shows how to remove a feature from a user role feature group switch config role feature group name MyGroup s...

Page 387: ...no arguments or keywords Command Default All interfaces Command Modes User role configuration Command History Examples This example shows how to enter interface policy configuration mode for a user role switch config role name MyRole switch config role interface policy deny switch config role interface This example shows how to revert to the default interface policy for a user role switch config r...

Page 388: ...les for the ACL If the specified ACL does not exist the switch creates it when you enter this command Use the ip access group command to apply the ACL to an interface Every IPv4 ACL has the following implicit rule as its last rule deny ip any any This implicit rule ensures that the switch denies unmatched IP traffic IPv4 ACLs do not include additional implicit rules to enable the neighbor discover...

Page 389: ...ter 6 Security Commands ip access list Related Commands Command Description access class Applies an IPv4 ACL to a VTY line deny IPv4 Configures a deny rule in an IPv4 ACL ip access group Applies an IPv4 ACL to an interface permit IPv4 Configures a permit rule in an IPv4 ACL show ip access lists Displays all IPv4 ACLs or a specific IPv4 ACL ...

Page 390: ...rChannel interfaces You can also apply an IPv4 ACL as a VLAN ACL For more information see the match command The switch applies port ACLs to inbound traffic only The switch checks inbound packets against the rules in the ACL If the first matching rule permits the packet the switch continues to process the packet If the first matching rule denies the packet the switch drops the packet and returns an...

Page 391: ...ACL named ip acl 01 from Ethernet interface 1 2 switch config interface ethernet 1 2 switch config if no ip port access group ip acl 01 in Related Commands Command Description ip access list Configures an IPv4 ACL show access lists Displays all ACLs show ip access lists Shows either a specific IPv4 ACL or all IPv4 ACLs show running config interface Shows the running configuration of all interfaces...

Page 392: ...command the switch enters IP access list configuration mode where you can use the IPv6 deny and permit commands to configure rules for the ACL If the specified ACL does not exist the switch creates it when you enter this command Every IPv6 ACL has the following implicit rule as its last rule deny ipv6 any any This implicit rule ensures that the switch denies unmatched IP traffic Examples This exam...

Page 393: ...rChannel interfaces You can also use the ipv6 port traffic filter command to apply an IPv6 ACL as a port ACL to the following interface types VLAN interfaces Note You must enable VLAN interfaces globally before you can configure a VLAN interface For more information see the feature interface vlan command The switch applies port ACLs to inbound traffic only The switch checks inbound packets against...

Page 394: ...ure terminal switch config interface ethernet 1 3 switch config if ipv6 port traffic filter ipv6 acl in This example shows how to remove an IPv6 ACL named ipv6 acl from Ethernet interface 1 3 switch configure terminal switch config interface ethernet 1 3 switch config if no ipv6 port traffic filter ipv6 acl in Related Commands Command Description ipv6 access list Configures an IPv6 ACL show access...

Page 395: ... the mac access list command the switch enters MAC access list configuration mode where you can use the MAC deny and permit commands to configure rules for the ACL If the ACL specified does not exist the switch creates it when you enter this command Use the mac access group command to apply the ACL to an interface Every MAC ACL has the following implicit rule as its last rule deny any any protocol...

Page 396: ... ck c i s c o c o m 6 48 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 6 Security Commands mac access list permit MAC Configures a permit rule in a MAC ACL show mac access lists Displays all MAC ACLs or a specific MAC ACL Command Description ...

Page 397: ... following interface types Layer 2 interfaces Layer 2 EtherChannel interfaces You can also apply a MAC ACL as a VLAN ACL For more information see the match page 51 The switch applies MAC ACLs only to inbound traffic When the switch applies a MAC ACL the switch checks packets against the rules in the ACL If the first matching rule permits the packet the switch continues to process the packet If the...

Page 398: ...ACL named mac acl 01 from Ethernet interface 1 2 switch config interface ethernet 1 2 switch config if no mac port access group mac acl 01 Related Commands Command Description mac access list Configures a MAC ACL show access lists Displays all ACLs show mac access lists Shows either a specific MAC ACL or all MAC ACLs show running config interface Shows the running configuration of all interfaces o...

Page 399: ...xample creates a VLAN access map named vlan map 01 assigns an IPv4 ACL named ip acl 01 to the map specifies that the switch forwards packets matching the ACL and enables statistics for traffic matching the map switch config vlan access map vlan map 01 switch config access map match ip address ip acl 01 switch config access map action forward switch config access map statistics Related Commands ip ...

Page 400: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 6 52 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 6 Security Commands match ...

Page 401: ...cmp source destination icmp message dscp dscp precedence precedence fragments log time range time range name Internet Group Management Protocol sequence number permit igmp source destination igmp message dscp dscp precedence precedence fragments log time range time range name Internet Protocol v4 sequence number permit ip source destination dscp dscp precedence precedence fragments log time range ...

Page 402: ...protocol argument igmp Specifies that the rule applies to IGMP traffic only When you use this keyword the igmp type argument is available in addition to the keywords that are available for all valid values of the protocol argument ip Specifies that the rule applies to all IPv4 traffic When you use this keyword only the other keywords and arguments that apply to all IPv4 protocols are available The...

Page 403: ...lass 1 low drop probability 001010 af12 AF class 1 medium drop probability 001100 af13 AF class 1 high drop probability 001110 af21 AF class 2 low drop probability 010010 af22 AF class 2 medium drop probability 010100 af23 AF class 2 high drop probability 010110 af31 AF class 3 low drop probability 011010 af32 AF class 3 medium drop probability 011100 af33 AF class 3 high drop probability 011110 a...

Page 404: ...mation that the switch requires to evaluate those options is contained only in initial fragments log Optional Specifies that the switch generates an informational logging message about each packet that matches the rule The message includes the following information ACL name Whether the packet was permitted or denied Whether the protocol was TCP UDP ICMP or a number Source and destination addresses...

Page 405: ... is greater than the port argument lt Matches only if the port in the packet is less than the port argument neq Matches only if the port in the packet is not equal to the port argument range Requires two port arguments and matches only if the port in the packet is equal to or greater than the first port argument and equal to or less than the second port argument portgroup portgroup Optional TCP an...

Page 406: ...o create and change IPv4 address group objects The syntax is as follows addrgroup address group name The following example shows how to use an IPv4 address object group named lab gateway svrs to specify the destination argument switch config acl permit ip any addrgroup lab gateway svrs Address and network wildcard You can use an IPv4 address followed by a network wildcard to specify a host or a ne...

Page 407: ... alternate address Alternate address conversion error Datagram conversion dod host prohibited Host prohibited dod net prohibited Net prohibited echo Echo ping echo reply Echo reply general parameter problem Parameter problem host isolated Host isolated host precedence unreachable Host unreachable for precedence host redirect Host redirect host tos redirect Host redirect for ToS host tos unreachabl...

Page 408: ...eplies timestamp request Time stamp requests traceroute Traceroute ttl exceeded TTL exceeded unreachable All unreachables TCP Port Names When you specify the protocol argument as tcp the port argument can be a TCP port number which is an integer from 0 to 65535 It can also be one of the following keywords bgp Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands rcmd 514 d...

Page 409: ...umber which is an integer from 0 to 65535 It can also be one of the following keywords biff Biff mail notification comsat 512 bootpc Bootstrap Protocol BOOTP client 68 bootps Bootstrap Protocol BOOTP server 67 discard Discard 9 dnsix DNSIX security protocol auditing 195 domain Domain Name Service DNS 53 echo Echo 7 isakmp Internet Security Association and Key Management Protocol 5 mobile ip Mobile...

Page 410: ...ACL named acl lab 01 with rules permitting all TCP and UDP traffic from the 10 23 0 0 and 192 168 37 0 networks to the 10 176 0 0 network switch config ip access list acl lab 01 switch config acl permit tcp 10 23 0 0 16 10 176 0 0 16 switch config acl permit udp 10 23 0 0 16 10 176 0 0 16 switch config acl permit tcp 192 168 37 0 16 10 176 0 0 16 switch config acl permit udp 192 168 37 0 16 10 176...

Page 411: ...l flow label value fragments log time range time range name Internet Protocol v6 sequence number permit ipv6 source destination dscp dscp flow label flow label value fragments log time range time range name Stream Control Transmission Protocol sequence number no permit sctp source operator port port portgroup portgroup destination operator port port portgroup portgroup dscp dscp flow label flow la...

Page 412: ... argument is available in addition to the keywords that are available for all valid values of the protocol argument ipv6 Specifies that the rule applies to all IPv6 traffic When you use this keyword only the other keywords and arguments that apply to all IPv6 protocols are available pcp Specifies that the rule applies to Payload Compression Protocol PCP traffic only When you use this keyword only ...

Page 413: ... AF class 3 high drop probability 011110 af41 AF class 4 low drop probability 100010 af42 AF class 4 medium drop probability 100100 af43 AF class 4 high drop probability 100110 cs1 Class selector CS 1 precedence 1 001000 cs2 CS2 precedence 2 010000 cs3 CS3 precedence 3 011000 cs4 CS4 precedence 4 100000 cs5 CS5 precedence 5 101000 cs6 CS6 precedence 6 110000 cs7 CS7 precedence 7 111000 default Def...

Page 414: ...specify them after the source argument or after the destination argument The port argument can be the name or the number of a TCP or UDP port Valid numbers are integers from 0 to 65535 For listings of valid port names see TCP Port Names and UDP Port Names in the Usage Guidelines section A second port argument is required only when the operator argument is a range The operator argument must be one ...

Page 415: ...stination arguments IPv6 address group object You can use an IPv6 address group object to specify a source or destination argument Use the object group ipv6 address command to create and change IPv6 address group objects The syntax is as follows addrgroup address group name The following example shows how to use an IPv6 address object group named lab svrs 1301 to specify the destination argument s...

Page 416: ...any keyword see the examples in this section Each example shows how to specify a source or destination by using the any keyword ICMPv6 Message Types The icmp message argument can be the ICMPv6 message number which is an integer from 0 to 255 It can also be one of the following keywords beyond scope Destination beyond scope destination unreachable Destination address is unreachable echo reply Echo ...

Page 417: ...eger from 0 to 65535 It can also be one of the following keywords bgp Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands rcmd 514 daytime Daytime 13 discard Discard 9 domain Domain Name Service 53 drip Dynamic Routing Information Protocol 3949 echo Echo 7 exec Exec rsh 512 finger Finger 79 ftp File Transfer Protocol 21 ftp data FTP data connections 2 gopher Gopher 7 hos...

Page 418: ... DNSIX security protocol auditing 195 domain Domain Name Service DNS 53 echo Echo 7 isakmp Internet Security Association and Key Management Protocol 5 mobile ip Mobile IP registration 434 nameserver IEN116 name service obsolete 42 netbios dgm NetBIOS datagram service 138 netbios ns NetBIOS name service 137 netbios ss NetBIOS session service 139 non500 isakmp Internet Security Association and Key M...

Page 419: ...v6 acl permit udp 2001 0db8 85a3 48 2001 0db8 be03 2112 64 switch config ipv6 acl permit tcp 2001 0db8 69f2 48 2001 0db8 be03 2112 64 switch config ipv6 acl permit udp 2001 0db8 69f2 48 2001 0db8 be03 2112 64 This example shows how to configure an IPv6 ACL named ipv6 eng to marketing with a rule that permits all IPv6 traffic from an IPv6 address object group named eng_ipv6 to an IPv6 address objec...

Page 420: ...e in an ACL has a sequence number of 10 If you do not specify a sequence number the switch adds the rule to the end of the ACL and assigns to it a sequence number that is 10 greater than the sequence number of the preceding rule Use the resequence command to reassign sequence numbers to rules source Source MAC addresses that the rule matches For details about the methods that you can use to specif...

Page 421: ...ent with the MAC address 00c0 4f03 0a72 switch config acl permit 00c0 4f03 0a72 0000 0000 0000 any The following example specifies the destination argument with a MAC address for all hosts with a MAC vendor code of 00603e switch config acl permit any 0060 3e00 0000 0000 0000 0000 Any address You can use the any keyword to specify that a source or destination is any MAC address For examples of the ...

Page 422: ...c ip filter with a rule that permits all IPv4 traffic between two groups of MAC addresses switch config mac access list mac ip filter switch config mac acl permit 00c0 4f00 0000 0000 00ff ffff 0060 3e00 0000 0000 00ff ffff ip Related Commands Command Description deny MAC Configures a deny rule in a MAC ACL mac access list Configures a MAC ACL remark Configures a remark in an ACL show mac access li...

Page 423: ...is example shows how to configure a range of interfaces for a user role interface policy switch config role name MyRole switch config role interface policy deny switch config role interface permit interface ethernet 1 2 8 This example shows how to configure a list of interfaces for a user role interface policy switch config role name MyRole switch config role interface policy deny switch config ro...

Page 424: ... i s c o c o m 6 76 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 6 Security Commands permit interface role name Creates or specifies a user role and enters user role configuration mode show role Displays user role information Command Description ...

Page 425: ...ng example switch config role rule number permit command configure terminal vlan Examples This example shows how to configure a range of VLANs for a user role VLAN policy switch config role name MyRole switch config role vlan policy deny switch config role vlan permit vlan 1 8 This example shows how to configure a list of VLANs for a user role VLAN policy switch config role name MyRole switch conf...

Page 426: ...es Command Reference OL 16599 01 Chapter 6 Security Commands permit vlan Related Commands Command Description vlan policy deny Enters VLAN policy configuration mode for a user role role name Creates or specifies a user role and enters user role configuration mode show role Displays user role information ...

Page 427: ...RFs Command Modes VRF policy configuration Command History Examples This example shows how to configure a range of VRFs for a user role VRF policy switch config role name MyRole switch config role vrf policy deny switch config role vrf permit vrf management Related Commands vrf list List of VRFs that the user role has permission to access Release Modification 4 0 0 N1 1a This command was introduce...

Page 428: ...rval is the number of minutes before the switch checks a RADIUS server that was previously unresponsive Note When the idle time interval is 0 minutes periodic RADIUS server monitoring is not performed Examples This example shows how to configure the global dead time interval for all RADIUS servers to perform periodic monitoring switch config radius server deadtime 5 This example shows how to rever...

Page 429: ...ADIUS server group Command Modes Configuration mode Command History Usage Guidelines You can specify the username vrfname hostname during login where vrfname is the VRF to use and hostname is the name of a configured RADIUS server The username is sent to the RADIUS server for authentication Examples This example shows how to allow users to send authentication requests to a specific RADIUS server w...

Page 430: ... preshared key specified in clear text to authenticate communication between the RADIUS client and server This is the default 7 Optional Configures a preshared key specified in encrypted text indicated by 7 to authenticate communication between the RADIUS client and server shared secret Configures a preshared key to authenticate communication between the RADIUS client and server The maximum length...

Page 431: ...er host 10 10 2 3 key HostKey switch config radius server host 10 10 2 3 auth port 2003 switch config radius server host 10 10 2 3 acct port 2004 switch config radius server host 10 10 2 3 accounting switch config radius server host radius2 key 0 abcd switch config radius server host radius3 key 7 1234 switch config radius server host 10 10 2 3 test idle time 10 switch config radius server host 10...

Page 432: ...ou can configure a global key to be used for all RADIUS server configurations on the switch You can override this global key assignment by using the key keyword in the radius server host command Examples This example shows how to provide various scenarios to configure RADIUS authentication switch config radius server key AnyWord switch config radius server key 0 AnyWord switch config radius server...

Page 433: ...yntax Description Command Default 1 retransmission Command Modes Configuration mode Command History Examples This example shows how to configure the number of retransmissions to RADIUS servers switch config radius server retransmit 3 This example shows how to revert to the default number of retransmissions to RADIUS servers switch config no radius server retransmit 3 Related Commands count Number ...

Page 434: ...econds no radius server timeout seconds Syntax Description Command Default 1 second Command Modes Configuration mode Command History Examples This example shows how to configure the timeout interval switch config radius server timeout 30 This example shows how to revert to the default interval switch config no radius server timeout 30 Related Commands seconds Number of seconds between retransmissi...

Page 435: ...w to create a remark in an IPv4 ACL and display the results switch config ip access list acl ipv4 01 switch config acl 100 remark this ACL denies the marketing department access to the lab switch config acl show access list acl ipv4 01 sequence number Optional Sequence number of the remark command which causes the switch to insert the command in that numbered position in the access list Sequence n...

Page 436: ... s c o c o m 6 88 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 6 Security Commands remark Related Commands Command Description ip access list Configures an IPv4 ACL mac access list Configures a MAC ACL show access list Displays all ACLs or one ACL ...

Page 437: ...ime range The new sequence number for the first rule is determined by the starting number argument Each additional rule receives a new sequence number determined by the increment argument If the highest sequence number would exceed the maximum possible sequence number then no sequencing occurs and the following message appears ERROR Exceeded maximum sequence number The maximum sequence number is 4...

Page 438: ... command switch config show ip access lists ip acl 01 IP access list ip acl 01 7 permit tcp 128 0 0 16 any eq www 10 permit udp 128 0 0 16 any 13 permit icmp 128 0 0 16 any eq echo 17 deny igmp any any switch config resequence ip access list ip acl 01 100 10 switch config show ip access lists ip acl 01 IP access list ip acl 01 100 permit tcp 128 0 0 16 any eq www 110 permit udp 128 0 0 16 any 120 ...

Page 439: ...tion mode Command History Examples This example shows how to create a user role feature group and enter user role feature group configuration mode switch config role feature group name MyGroup switch config role featuregrp This example shows how to remove a user role feature group switch config no role feature group name MyGroup Related Commands group name User role feature group name The group na...

Page 440: ... Series switch provides the following default user roles Network Administrator Complete read and write access to the entire switch Complete read access to the entire switch You cannot change or remove the default user roles Examples This example shows how to create a user role and enter user role configuration mode switch config role MyRole switch config role This example shows how to remove a use...

Page 441: ...r For example if a role has three rules rule 3 is applied before rule 2 which is applied before rule 1 Examples This example shows how to add rules to a user role switch config role MyRole switch config role rule 1 deny command clear users switch config role rule 1 permit read write feature group L3 number Sequence number for the rule The switch applies the rule with the highest value first and th...

Page 442: ...ence OL 16599 01 Chapter 6 Security Commands rule This example shows how to remove rule from a user role switch config role MyRole switch config role no rule 10 Related Commands Command Description role name Creates or specifies a user role name and enters user role configuration mode show role Displays the user roles ...

Page 443: ...enter RADIUS server group configuration mode or aaa group server tacacs command to enter TACACS server group configuration mode If the server is not found use the radius server host command or tacacs server host command to configure the server Note You must use the feature tacacs command before you configure TACACS Examples This example shows how to add a server to a RADIUS server group switch con...

Page 444: ...er 10 10 2 2 This example shows how to delete a server from a TACACS server group switch config feature tacacs switch config aaa group server tacacs TacServer switch config tacacs no server 10 10 2 2 Related Commands Command Description aaa group server Configures AAA server groups feature tacacs Enables TACACS radius server host Configures a RADIUS server show radius server groups Displays RADIUS...

Page 445: ...ounting To display AAA accounting configuration use the show aaa accounting command show aaa accounting Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the configuration of the accounting log switch show aaa accounting Release Modification 4 0 0 N1 1a This command was introduced ...

Page 446: ... Command History Examples This example shows how to display the configured authentication parameters switch show aaa authentication This example shows how to display the authentication login error enable configuration switch show aaa authentication login error enable This example shows how to display the authentication login MSCHAP configuration switch show aaa authentication login mschap error en...

Page 447: ...s show aaa groups To display AAA server group configuration use the show aaa groups command show aaa groups Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display AAA group information switch show aaa groups Release Modification 4 0 0 N1 1a This command was introduced ...

Page 448: ...he switch shows all ACLs unless you use the access list name argument to specify an ACL Command Modes EXEC mode Command History Examples This example shows how to all IPv4 and MAC ACLs on the switch switch show access lists Related Commands access list name Optional Name of an ACL to show Release Modification 4 0 0 N1 1a This command was introduced Command Description ip access list Configures an ...

Page 449: ...rt time 2008 Feb 16 16 00 00 This example shows how to display the accounting log starting at 15 59 59 on February 1 2008 and ending at 16 00 00 on February 29 2008 switch show accounting log start time 2008 Feb 1 15 59 59 end time 2008 Feb 29 16 00 00 Related Commands size Optional The amount of the log to display in bytes The range is from 0 to 250000 start time year month day HH MM SS Optional ...

Page 450: ...and Default The switch shows all IPv4 ACLs unless you use the access list name argument to specify an ACL Command Modes EXEC mode Command History Examples This example shows how to display all IPv4 ACLs on the switch switch show ip access lists Related Commands access list name Optional Name of an IPv4 ACL to show Release Modification 4 0 0 N1 1a This command was introduced Command Description ip ...

Page 451: ...evice applies it to an interface If a rule in the ACL uses an object group the number of entries in the ACL when it is applied may be much greater than the number of rules The interfaces that the ACL is applied to The interfaces that the ACL is active on The show ipv6 access lists command displays statistics for each entry in an ACL if the following conditions are both true The ACL configuration c...

Page 452: ...5 0 0 0 d o c f e e d b a ck c i s c o c o m 6 104 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 6 Security Commands show ipv6 access lists Related Commands Command Description ipv6 access list Configures an IPv6 ACL ...

Page 453: ...Syntax Description Command Default The switch shows all MAC ACLs unless you use the access list name argument to specify an ACL Command Modes EXEC mode Command History Examples This example shows how to display all MAC ACLs on the switch switch show mac access lists Related Commands access list name Optional Name of a MAC ACL to show Release Modification 4 0 0 N1 1a This command was introduced Com...

Page 454: ...s how to display information for a specified RADIUS server switch show radius server 10 10 1 1 This example shows how to display the RADIUS directed request configuration switch show radius server directed request This example shows how to display information for RADIUS server groups switch show radius server groups hostname Optional RADIUS server Domain Name Server DNS name The maximum character ...

Page 455: ... specified RADIUS server group switch show radius server groups RadServer This example shows how to display sorted information for all RADIUS servers switch show radius server sorted This example shows how to display statistics for a specified RADIUS servers switch show radius server statistics 10 10 1 1 Related Commands Command Description show running config radius Displays the RADIUS informatio...

Page 456: ...n Command Default Displays information for all user roles Command Modes EXEC mode Command History Examples This example shows how to display information for a specific user role switch show role name MyRole This example shows how to display information for all user roles switch show role Related Commands name role name Optional Displays information for a specific user role name Release Modificatio...

Page 457: ...e shows how to display the user role features switch show role feature This example shows how to display detailed information all the user role features switch show role feature detail This example shows how to display detailed information a specific user role feature switch show role feature name boot variable Related Commands detail Optional Displays detailed information for all features name fe...

Page 458: ...s how to display the user role feature groups switch show role feature group This example shows how to display detailed information about all the user role feature groups switch show role feature group detail This example shows how to display information for a specific user role feature group switch show role feature group name SecGroup Related Commands detail Optional Displays detailed informatio...

Page 459: ...ting AAA configuration information in the running configuration use the show running config aaa command show running config aaa all Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the configured AAA information in the running configuration switch show running config aaa all Optional Displays configured and default informati...

Page 460: ...e the show running config radius command show running config radius all Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display information for RADIUS in the running configuration switch show running config radius Related Commands all Optional Displays default RADIUS configuration information Release Modification 4 0 0 N1 1a This c...

Page 461: ...nning configuration use the show running config security command show running config security all Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display user account SSH server and Telnet server information in the running configuration switch show running config security all Optional Displays default user account SSH server and Te...

Page 462: ...show ssh key Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines This command is available only when SSH is enabled using the ssh server enable command Examples This example shows how to display the SSH server key switch show ssh key Related Commands Release Modification 4 0 0 N1 1a This command was introduced C...

Page 463: ...Shell SSH server status use the show ssh server command show ssh server Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the SSH server status switch show ssh server Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description ssh server enable En...

Page 464: ...tion and accounting AAA configuration information in the startup configuration use the show startup config aaa command show startup config aaa Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the AAA information in the startup configuration switch show startup config aaa Release Modi...

Page 465: ... configuration information in the startup configuration use the show startup config radius command show startup config radius Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the RADIUS information in the startup configuration switch show startup config radius Release Modification 4 ...

Page 466: ...configuration information in the startup configuration use the show startup config security command show startup config security Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the user account SSH server and Telnet server information in the startup configuration switch show startup...

Page 467: ...rmation Examples This example shows how to display information for all TACACS servers switch show tacacs server This example shows how to display information for a specified TACACS server switch show tacacs server 10 10 2 2 This example shows how to display the TACACS directed request configuration switch show tacacs server directed request hostname Optional TACACS server Domain Name Server DNS na...

Page 468: ...s This example shows how to display information for a specified TACACS server group switch show tacacs server groups TacServer This example shows how to display sorted information for all TACACS servers switch show tacacs server sorted This example shows how to display statistics for a specified TACACS server switch show tacacs server statistics 10 10 2 2 Related Commands Command Description show ...

Page 469: ...erver status use the show telnet server command show telnet server Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the Telnet server status switch show telnet server Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description telnet server enabl...

Page 470: ...ame Syntax Description Command Default Displays information about all the user accounts defined on the switch Command Modes EXEC mode Command History Examples This example shows how to display information about all the user accounts defined on the switch switch show user account This example shows how to display information about a specific user account switch show user account admin name Optional...

Page 471: ... the show users command show users Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display all the users currently logged on the switch switch show users Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description clear user Logs out a specific user use...

Page 472: ...displays the access map name and the contents of the ACL associated with the map Examples This example shows how to display the contents of the ACL associated with the specified VLAN access map switch show vlan access list vlan1map Related Commands map name VLAN access list to show Release Modification 4 0 0 N1 1a This command was introduced Command Description ip access list Create or configures ...

Page 473: ...ified by the match command and the action specified by the action command Use the show vlan filter command to see which VLANs have a VLAN access map applied to them Examples This example shows how to display a specific VLAN access map switch show vlan access map vlan1map This example shows how to display all VLAN access maps switch show vlan access map Related Commands map name Optional VLAN acces...

Page 474: ...e vlan keyword and specify a VLAN ID Command Modes EXEC mode Command History Examples This example shows how to display all VLAN access map information on the switch switch show vlan filter Related Commands access map map name Optional Limits the output to VLANs that the specified access map is applied to vlan vlan id Optional Limits the output to access maps that are applied to the specified VLAN...

Page 475: ...age Guidelines The switch supports SSH version 2 Examples This example shows how to start an SSH session using IPv4 switch ssh 10 10 1 1 vrf management Related Commands username Optional Username for the SSH session ipv4 address IPv4 address of the remote host hostname Hostname of the remote host vrf vrf name Optional Specifies the VRF name to use for the SSH session Release Modification 4 0 0 N1 ...

Page 476: ...e Guidelines The switch supports SSH version 2 Examples This example shows how to start an SSH session using IPv6 switch ssh 2001 0DB8 200C 417A vrf management Related Commands username Optional Username for the SSH session ipv6 address IPv6 address of the remote host hostname Hostname of the remote host vrf vrf name Optional Specifies the VRF name to use for the SSH session Release Modification 4...

Page 477: ...nable command Examples This example shows how to create an SSH server key using RSA with the default key length switch config ssh key rsa This example shows how to create an SSH server key using RSA with a specified key length switch config ssh key rsa 768 This example shows how to replace an SSH server key using DSA with the force option switch config no ssh server enable switch config ssh key ds...

Page 478: ...emove the DSA SSH server key switch config no ssh server enable switch config no ssh key dsa switch config ssh server enable This example shows how to remove all SSH server keys switch config no ssh server enable switch config no ssh key switch config ssh server enable Related Commands Command Description show ssh key Displays the SSH server key information ssh server enable Enables the SSH server...

Page 479: ...r enable no ssh server enable Syntax Description This command has no arguments or keywords Command Default Enabled Command Modes Configuration mode Command History Usage Guidelines The switch supports SSH version 2 Examples This example shows how to enable the SSH server switch config ssh server enable This example shows how to disable the SSH server switch config no ssh server enable Related Comm...

Page 480: ... period is required when you enter the fractional suppression level The suppression level is a percentage of the total bandwidth A threshold value of 100 percent means that no limit is placed on traffic A threshold value of 0 or 0 0 fractional percent means that all specified traffic is blocked on a port Use the show interfaces counters storm control command to display the discard count Use one of...

Page 481: ... Security Commands storm control level This example shows how to disable the suppression mode for multicast traffic switch config if no storm control multicast level Related Commands Command Description show interface Displays the storm control suppression counters for an interface show running config Displays the configuration of the interface ...

Page 482: ...that value takes precedence over the value set for the server group When the dead time interval is 0 minutes TACACS server monitoring is not performed unless the TACACS server is part of a server group and the dead time interval for the group is greater than 0 minutes You must use the feature tacacs command before you configure TACACS Examples This example shows how to configure the dead time inte...

Page 483: ...de Command History Usage Guidelines You must use the feature tacacs command before you configure TACACS During login the user can specify the username vrfname hostname where vrfname is the VRF to use and hostname is the name of a configured TACACS server The username is sent to the server name for authentication Examples This example shows how to allow users to send authentication requests to a sp...

Page 484: ...n the X X X X format key Optional Configures the TACACS server s shared secret key 0 Optional Configures a preshared key specified in clear text indicated by 0 to authenticate communication between the TACACS client and server This is the default 7 Optional Configures a preshared key specified in encrypted text indicated by 7 to authenticate communication between the TACACS client and server share...

Page 485: ...ed Examples This example shows how to configure TACACS server host parameters switch config tacacs server host 10 10 2 3 key HostKey switch config tacacs server host tacacs2 key 0 abcd switch config tacacs server host tacacs3 key 7 1234 switch config tacacs server host 10 10 2 3 test idle time 10 switch config tacacs server host 10 10 2 3 test username tester switch config tacacs server host 10 10...

Page 486: ...CS server configurations on the switch You can override this global key assignment by using the key keyword in the tacacs server host command You must use the feature tacacs command before you configure TACACS Examples The following example shows how to configure TACACS server shared keys switch config tacacs server key AnyWord switch config tacacs server key 0 AnyWord switch config tacacs server ...

Page 487: ...Default 1 second Command Modes Configuration mode Command History Usage Guidelines You must use the feature tacacs command before you configure TACACS Examples This example shows how to configure the TACACS server timeout value switch config tacacs server timeout 3 This example shows how to revert to the default TACACS server timeout value switch config no tacacs server timeout 3 Related Commands ...

Page 488: ...reate a Telnet session with IPv6 addressing use the telnet6 command Examples This example shows how to start a Telnet session using IPv4 switch telnet 10 10 1 1 vrf management Related Commands ipv4 address IPv4 address of the remote switch hostname Hostname of the remote switch port number Optional Port number for the Telnet session The range is from 1 to 65535 vrf vrf name Optional Specifies the ...

Page 489: ...s command telnet server enable no telnet server enable Syntax Description This command has no arguments or keywords Command Default Enable Command Modes Configuration mode Command History Examples This example shows how to enable the Telnet server switch config telnet server enable This example shows how to disable the Telnet server switch config no telnet server enable Related Commands Release Mo...

Page 490: ...th IPv4 addressing use the telnet command Examples This example shows how to start a Telnet session using an IPv6 address switch telnet6 2001 0DB8 0 0 E000 F vrf management Related Commands ipv6 address IPv6 address of the remote device hostname Hostname of the remote device The name is alphanumeric case sensitive and has a maximum of 64 characters port number Optional Port number for the Telnet s...

Page 491: ...uration mode or the aaa group server tacacs command to enter TACACS server group configuration mode If the server is not found use the radius server host command or tacacs server host command to configure the server You must use the feature tacacs command before you configure TACACS Examples This example shows how to specify a VRF instance for a RADIUS server group switch config aaa group server r...

Page 492: ... use vrf Related Commands Command Description aaa group server Configures AAA server groups feature tacacs Enables TACACS radius server host Configures a RADIUS server show radius server groups Displays RADIUS server information show tacacs server groups Displays TACACS server information tacacs server host Configures a TACACS server vrf Configures a VRF instance ...

Page 493: ...cd Does not contain many repeating characters such as aaabbb Does not contain dictionary words Does not contain proper names Contains both uppercase and lowercase characters Contains numbers Caution If you do not specify a password for the user account the user might not be able to log in to the account user id User identifier for the user account The user id argument is a case sensitive alphanume...

Page 494: ...ommands username Examples This example shows how to create a user account with a password switch config username user1 password Ci5co321 This example shows how to configure the SSH key for a user account switch config username user1 sshkey file bootflash key_file Related Commands Command Description show user account Displays the user account configuration ...

Page 495: ...named vlan map 01 assign an IPv4 ACL named ip acl 01 to the map specify that the switch forwards packets matching the ACL and enable statistics for traffic matching the map switch config vlan access map vlan map 01 switch config access map match ip address ip acl 01 switch config access map action forward switch config access map statistics Related Commands map name Name of the VLAN access map tha...

Page 496: ...om all VLANs where it is applied you can omit the VLAN list argument To unapply an access map from a subset of the VLANs where it is currently applied use the VLAN list argument to specify the VLANs where the access map should be removed Examples This example shows how to apply a VLAN access map named vlan map 01 to VLANs 20 through 45 switch config vlan filter vlan map 01 20 45 map name Name of t...

Page 497: ...ilter Related Commands Command Description action Specifies an action for traffic filtering in a VLAN access map match Specifies an ACL for traffic filtering in a VLAN access map show vlan access map Displays all VLAN access maps or a VLAN access map show vlan filter Displays information about how a VLAN access map is applied vlan access map Configures a VLAN access map ...

Page 498: ... keywords Command Default All VLANs Command Modes User role configuration Command History Examples This example shows how to enter VLAN policy configuration mode for a user role switch config role name MyRole switch config role vlan policy deny switch config role vlan This example shows how to revert to the default VLAN policy for a user role switch configure terminal switch config role name MyRol...

Page 499: ...n This command has no arguments or keywords Command Default None Command Modes User role configuration Command History Examples This example shows how to enter VRF policy configuration mode for a user role switch config role name MyRole switch config role vrf policy deny switch config role vrf This example shows how to revert to the default VRF policy for a user role switch config role name MyRole...

Page 500: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 6 152 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 6 Security Commands vrf policy deny ...

Page 501: ...t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 7 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 7 System Management Commands This chapter describes the system management commands available on Cisco Nexus 5000 Series switches ...

Page 502: ...e clear logging nvram command to clear the NVRAM logs clear logging nvram Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to clear the NVRAM logs switch clear logging nvram Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show logging nvram Disp...

Page 503: ...mental history The following example shows how to clear the OBFL exception log entries switch clear logging onboard exception log The following example shows how to clear the OBFL boot uptime device version obfl history entries switch clear logging onboard obfl log The following example shows how to clear the OBFL stack trace entries switch clear logging onboard stack trace Related Commands enviro...

Page 504: ...sion command to clear the current logging session clear logging session Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to clear the current logging session switch clear logging session Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show loggi...

Page 505: ...TP session use the clear ntp session command clear ntp session Syntax Description This command has no other arguments or keywords Command Default None Command Modes EXEC mode Command History Examples The following example shows how to discard the NTP CFS distribution session in progress switch clear ntp session Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command D...

Page 506: ...ear ntp statistics all peers io local memory Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example shows how to discard the NTP I O statistics switch clear ntp statistics io Related Commands all peers Clears all peer transaction statistics io Clears I O statistics local Clears local statistics memory Clears memory statistics Release Modifica...

Page 507: ... a severity level of 4 warning or higher to the console session switch configure terminal switch config logging console 4 Related Commands severity level Optional The number of the desired severity level at which messages should be logged Messages at or numerically lower than the specified level are logged Severity levels are as follows 0 emergency System unusable 1 alert Immediate action needed 2...

Page 508: ...k status default enable Syntax Description Command Default None Command Modes Configuration mode Command History Examples This example shows how to log interface events switch configure terminal switch config logging event link status default Related Commands link status Log all UP DOWN and CHANGE messages trunk status Log all TRUNK status messages default The default logging configuration is used...

Page 509: ...cription Command Default None Command Modes Interface configuration mode Command History Examples This example shows how to log interface events switch configure terminal switch config interface ethernet 1 1 switch config if logging event port link status default Related Commands link status Log all UP DOWN and CHANGE messages trunk status Log all TRUNK status messages default Optional The default...

Page 510: ...ges from the AAA facility that have a severity level of 2 or higher switch config logging level aaa 2 facility Defines the appropriate facility The facilities are listed in the System Message Logging Facilities section on page 45 To apply the same severity level to all facilities use the all facility severity level The number of the desired severity level at which messages should be logged Message...

Page 511: ...f e e d b a ck c i s c o c o m 7 11 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 7 System Management Commands logging level Related Commands Command Description show logging level Displays the facility logging level configuration ...

Page 512: ...led logfile to store system messages and set its severity level to 4 switch config logging logfile logfile 4 logfile name Configure the name of the log file to be used to store system messages severity level The number of the desired severity level at which messages should be logged Messages at or numerically lower than the specified level are logged Severity levels are as follows 0 emergency Syst...

Page 513: ...0 0 0 d o c f e e d b a ck c i s c o c o m 7 13 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 7 System Management Commands logging logfile Related Commands Command Description show logging logfile Displays the log file ...

Page 514: ...This example shows how to enable module log messages switch config logging module Related Commands severity level Optional The number of the desired severity level at which messages should be logged Messages at or numerically lower than the specified level are logged Severity levels are as follows 0 emergency System unusable 1 alert Immediate action needed 2 critical Critical condition 3 error Err...

Page 515: ...nd History Examples This example shows how to enable monitor log messages switch config logging monitor Related Commands severity level Optional The number of the desired severity level at which messages should be logged Messages at or numerically lower than the specified level are logged Severity levels are as follows 0 emergency System unusable 1 alert Immediate action needed 2 critical Critical...

Page 516: ...re a remote syslog server at a specified IPv4 address using the default outgoing facility switch config logging server 172 28 254 253 host Configure the host name or IPv4 IPv6 address of the Remote Syslog Server severity level Optional The number of the desired severity level at which messages should be logged Messages at or numerically lower than the specified level are logged Severity levels are...

Page 517: ...ence OL 16599 01 Chapter 7 System Management Commands logging server This example shows how to configure a remote syslog server at a specified host name with severity level 5 or higher switch config logging server syslogA 5 Related Commands Command Description show logging server Displays the configured syslog servers ...

Page 518: ...ging timestamp microseconds milliseconds seconds no logging timestamp microseconds milliseconds seconds Syntax Description Command Default None Command Modes Configuration mode Command History Examples This example shows how to set the logging timestamp units to microseconds switch config logging timestamp microseconds Related Commands microseconds milliseconds seconds Selects the units to use for...

Page 519: ...isco com You can specify multiple associations This example forms a peer association with a peer switch config ntp peer 10 20 10 0 This example deletes an association with a peer switch config no ntp peer 10 20 10 0 Related Commands peer hostname The hostname or IP address of an NTP peer server hostname The hostname or IP address of the NTP server prefer Optional Specifies this peer server as the ...

Page 520: ... progress use the ntp abort command ntp abort Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to discard the NTP CFS distribution session in progress switch config ntp abort Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Descriptio...

Page 521: ...tion session in progress in the fabric use the ntp commit command ntp commit Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to commit changes to the active NTP configuration switch config ntp commit Related Commands Release Modification 4 0 0 N1 1a This command was int...

Page 522: ... other arguments or keywords Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines Before distributing the Fibre Channel timer changes to the fabric the temporary changes to the configuration must be committed to the active configuration using the ntp commit command Examples The following example shows how to distribute the active NTP configuration to the fabri...

Page 523: ... the ntp sync retry command ntp sync retry Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples The following example shows how to retry synchronization with the configured NTP servers switch ntp sync retry Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description ntp distribute En...

Page 524: ...mmand to display the console logging configuration show logging console Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the console logging configuration switch show logging console Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description log...

Page 525: ...nfo show logging info Use the show logging info command to display the logging configuration show logging info Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the logging configuration switch show logging info Release Modification 4 0 0 N1 1a This command was introduced ...

Page 526: ... the show logging last command to display the last number of lines of the logfile show logging last number Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the last 42 lines of the log file switch show logging last 42 number Enters the number of lines to display from 1 to 9999 Release Modification 4 0 0 N1 1a This command wa...

Page 527: ...ng level facility Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the EtherChannel logging severity level configuration switch show logging level port channel Related Commands facility Optional Defines the appropriate logging facility The facilities are listed in the System Message Logging Facilities section Release Modific...

Page 528: ...xamples This example shows how to display the messages in the log file that were timestamped within the span shown switch show logging logfile start time 2008 mar 11 12 10 00 Related Commands start time Optional Enter a start time in the format yyyy mmm dd hh mm ss Use three characters for the month mmm field digits for the year yyyy and day dd fields and digits separated by colons for the time hh...

Page 529: ...le command to display the module logging configuration show logging module Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the module logging configuration switch show logging module Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description lo...

Page 530: ...mmand to display the monitor logging configuration show logging monitor Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the monitor logging configuration switch show logging monitor Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description log...

Page 531: ...the messages in the NVRAM log show logging nvram last number lines Syntax Description Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the last 20 messages in the NVRAM log switch show logging nvram last 20 last number lines Optional Enters the number of lines to display The specified number of lines is displayed Specify from 1 to 100 lines Re...

Page 532: ... 03 18 08 15 04 57 The valid values for file are as follows boot uptime Displays the OBFL boot and uptime information device version Displays the OBFL device version information endtime Displays the OBFL logs until the specified end time in the following format mm dd yy HH MM SS environmental history Displays the OBFL environmental history exception log Displays the OBFL exception log kernel trace...

Page 533: ...es of context before every matching line Range 1 to 999 c Prints a total count of matching lines only i Ignores the case difference when comparing the strings n Prints each match preceded by its line number v Prints only the lines that contain no matches for the word argument w Prints only lines where the match is a complete word x Prints only the lines where the match is a whole line word Specifi...

Page 534: ...is made for each area monitored and becomes a base value for subsequent records The OBFL feature provides a circular updating scheme for collecting continuous records and archiving older historical records ensuring accurate data about the system Data is recorded in one of two formats continuous information that displays a snapshot of measurements and samples in a continuous file and summary inform...

Page 535: ...08 GATOS 11 2 0 Sun Nov 3 07 07 00 2008 GATOS 12 2 0 Sun Nov 3 07 07 00 2008 GATOS 13 2 0 Mon Nov 4 00 15 08 2008 ALTOS 0 2 0 Mon Nov 4 00 15 08 2008 GATOS 0 2 0 Mon Nov 4 00 15 08 2008 GATOS 1 2 0 Mon Nov 4 00 15 08 2008 GATOS 2 2 0 Table 7 2 describes the significant fields shown in the display This example shows how to display the OBFL history information switch show logging onboard obfl histor...

Page 536: ... onboard The show logging onboard stack trace command displays the following information Time in seconds Time in microseconds Error description string Current process name and identification Kernel jiffies Stack trace Related Commands clear logging onboard Clears the OBFL entries in the persistent log hw module logging onboard Enables or disabled OBFL entries based on the error type ...

Page 537: ...command to display the syslog server configuration show logging server Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the syslog server configuration switch show logging server Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description logging...

Page 538: ... session status Use the show logging session status command to display the logging session status show logging session status Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the logging session status switch show logging session status Release Modification 4 0 0 N1 1a This command w...

Page 539: ... status show logging status Use the show logging status command to display the logging status show logging status Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the logging status switch show logging status Release Modification 4 0 0 N1 1a This command was introduced ...

Page 540: ...o display the logging timestamp configuration show logging timestamp Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example shows how to display the logging timestamp configuration switch show logging timestamp Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description lo...

Page 541: ...e show ntp peer status command show ntp peer status Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Usage Guidelines This command does not require a license Examples This example shows how to display the peer status for NTP switch config show ntp peer status Related Commands Release Modification 4 0 0 N1 1a This command was ...

Page 542: ...ime Protocol NTP peers use the show ntp peers command show ntp peers Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example displays information about NTP peers switch config show ntp peers Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show ntp peer status Di...

Page 543: ...xample displays statistics for NTP switch config show ntp statistics local Related Commands io Show the input output statistics local Show the counters maintained by the local NTP memory Show the statistics counters related to memory code peer Show the per peer statistics counter of a peer ipaddr address Displays statistics for the peer with the configured IPv4 or IPv6 address The IPv4 address for...

Page 544: ...mp status To display the Network Time Protocol timestamp information use the show ntp timestamp status command show ntp timestamp status Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples This example displays the NTP timestamp status switch config show ntp timestamp status Release Modification 4 0 0 N1 1a This command...

Page 545: ...otvar Sets level for bootvar callhome Callhome syslog level capability Sets syslog level for mig utils daemon cdp Sets logging level for CDP cert enroll Cert enroll syslog level cfs Sets logging level for CFS clis Sets syslog filter level for CLIS core core daemon syslog level cron Sets level for Cron at facility daemon Sets level for System daemons dcbx Sets level for dcx syslog messages device a...

Page 546: ...or Local use daemons local4 Sets level for Local use daemons local5 Sets level for Local use daemons local6 Sets level for Local use daemons local7 Sets level for Local use daemons lpr Sets level for Line Printer System mail Sets level for Mail system monitor Sets level for ethernet span syslog messages news Sets level for USENET news nohms Sets level for nohms syslog messages nqosm Sets level for...

Page 547: ...evel for stp syslog messages stp Sets level for stp syslog messages syslog Sets level for Internal Syslog Messages sysmgr System Manager syslog level tcpudp Sets syslog filter level for TCPUDP track Sets level for track syslog messages urib Sets syslog filter level for URIB user Sets level for User Process uucp Sets level for Unix to Unix copy system vlan_mgr Sets level for VLAN syslog messages vm...

Page 548: ... n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 7 48 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 7 System Management Commands System Message Logging Facilities ...

Page 549: ... d o c f e e d b a ck c i s c o c o m 8 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 8 Fibre Channel Commands This chapter describes the Cisco NX OS Fibre Channel and virtual Fibre Channel commands available on Cisco Nexus 5000 Series switches ...

Page 550: ...abric where the application exists This is the normal mode of operation If you disable CFS distribution by entering the no cfs distribute command the following events occur The CFS commands continue to operate However CFS and the applications using CFS on the switch are isolated from the rest of the fabric even though there is physical connectivity All CFS operations are restricted to the isolated...

Page 551: ...ve mechanism for detecting network topology changes use the IP multicast address to send and receive information Observe the following guidelines when using this command If a switch is reachable over both IP and Fibre Channel application data will be distributed over Fibre Channel You can select either an IPv4 or IPv6 distribution when CFS is enabled over IP Both IPv4 and IPv6 distribution cannot ...

Page 552: ...Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands cfs ipv4 distribute Related Commands Command Description cfs ipv4 mcast address Configures an IPv4 multicast address for Cisco Fabric Services CFS distribution over IPv4 show cfs status Displays whether CFS distribution is enabled or disabled ...

Page 553: ...e mechanism for detecting network topology changes use the IP multicast address to send and receive information CFS distributions for application data use directed unicast You can configure a value for a CFS over IP multicast address The default IPv4 multicast address is 239 255 70 83 Examples The following example shows how to configure an IP multicast address for CFS over IPv4 switch config cfs ...

Page 554: ...000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands cfs ipv4 mcast address Related Commands Command Description cfs ipv4 distribute Enables or disables Cisco Fabric Services CFS distribution over IPv4 show cfs status Displays whether CFS distribution is enabled or disabled ...

Page 555: ...echanism for detecting network topology changes use the IP multicast address to send and receive information Observe the following guidelines when using this command If a switch is reachable over both IP and Fibre Channel application data will be distributed over Fibre Channel You can select either an IPv4 or IPv6 distribution when CFS is enabled over IP Both IPv4 and IPv6 distribution cannot be e...

Page 556: ...Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands cfs ipv6 distribute Related Commands Command Description cfs ipv6 mcast address Configures an IPv6 multicast address for Cisco Fabric Services CFS distribution over IPv6 show cfs status Displays whether CFS distribution is enabled or disabled ...

Page 557: ...cting network topology changes use the IP multicast address to send and receive information CFS distributions for application data use directed unicast You can configure a CFS over IP multicast address value for IPv6 The default IPv6 multicast address is ff15 efff 4653 Examples of the IPv6 Admin scope range are ff15 0000 0000 to ff15 ffff ffff and ff18 0000 0000 to ff18 ffff ffff Examples The foll...

Page 558: ...000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands cfs ipv6 mcast address Related Commands Command Description cfs ipv6 distribute Enables or disables Cisco Fabric Services CFS distribution over IPv6 show cfs status Displays whether CFS distribution is enabled or disabled ...

Page 559: ...ilar region ID Cisco Fabric Services CFS regions provide the ability to create distribution islands within the application scope Currently the regions are supported only for physical scope applications In the absence of any region configuration the application will be a part of the default region The default region is region ID 0 Examples The following example shows how to create a region ID switc...

Page 560: ...his command cfs staggered merge enable no cfs staggered merge enable Syntax Description Command Default Staggered merge is disabled Command Modes Configuration mode Command History Examples The following example shows how to enable CFS staggered merge switch config cfs staggered merge enable Related Commands enable Enables the CFS staggered merge option Release Modification 4 0 0 N1 1a This comman...

Page 561: ... database session statistics Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example shows how to clear the device alias session switch clear device alias session Related Commands database Clears the device alias database session Clears session information statistics Clears device alias statistics Release Modification 4 0 0 N1 1a This command ...

Page 562: ...odes EXEC mode Command History Usage Guidelines This command clears only the list of configured hosts Existing connections are not terminated Examples The following example shows how to clear the entire list of configured hosts for remote capture switch clear fcdomain Related Commands session Clears session information vsan vsan id Clears Fibre Channel domains for a specified VSAN ranging from 1 t...

Page 563: ...Command Default None Command Modes EXEC mode Command History Examples The following example shows how to clear aggregated Fibre Channel flow statistics for flow index 1 switch config clear fcflow stats aggregated index 1 Related Commands aggregated Optional Clears the Fibre Channel flow aggregated statistics index Clears the Fibre Channel flow counters for a specified flow index flow index Specifi...

Page 564: ...cs command clear fcns statistics vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example shows how to clear the name server statistics switch clear fcns statistics vsan 1 Related Commands vsan vsan id Clears the FCS statistics for a specified VSAN ranging from 1 to 4093 Release Modification 4 0 0 N1 1a This command was introduced ...

Page 565: ... log use the clear fcsm log command clear fcsm log Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples The following example shows how to clear the FSCM log switch clear fcsm log Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show fcs Displays the fabric configuration s...

Page 566: ... statistics vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example shows how to clear the fabric configuration server statistics for VSAN 10 switch clear fcs statistics vsan 10 Related Commands vsan vsan id Clears the FCS statistics for a specified VSAN ranging from 1 to 4093 Release Modification 4 0 0 N1 1a This command was intr...

Page 567: ...session configuration and locks use the clear fctimer session command clear fctimer session Syntax Description This command has no other arguments or keywords Command Default None Command Modes EXEC mode Command History Examples The following example shows how to clear an fctimer session switch clear fctimer session Related Commands Release Modification 4 0 0 N1 1a This command was introduced Comm...

Page 568: ...ace is specified then the counters of the specific interface are cleared Examples The following example clears the FSPF statistics on VSAN 1 switch clear fspf counters vsan 1 The following example clears FSPF statistics in VSAN 1 for the specified Fibre Channel interface switch clear fspf counters vsan 1 interface fc 3 2 Related Commands vsan Indicates that the counters are to be cleared for a VSA...

Page 569: ...owing example clears learned entries in the active database for a specified interface within a VSAN switch clear port security database auto learn interface fc2 1 vsan 1 The following example clears learned entries in the active database up to for the entire VSAN switch clear port security database auto learn vsan 1 Related Commands database Clears the port security active configuration database s...

Page 570: ... Modes EXEC mode Command History Examples The following example shows how to clear RLIR statistics for VSAN 1 switch clear rlir statistics vsan 1 Related Commands history Clears RLIR incident link history recent Clears recent link incidents interface fc slot port Clears entries for the specified interface portnumber port Displays the port number for the link incidents statistics Clears the RLIR st...

Page 571: ...ear rscn session command clear rscn session vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example clears an RSCN session on VSAN 1 switch clear rscn session vsan 1 Related Commands vsan vsan id Specifies a VSAN where the RSCN session should be cleared The ID of the VSAN is from 1 to 4093 Release Modification 4 0 0 N1 1a This com...

Page 572: ...SAN use the clear rscn statistics command clear rscn statistics vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example shows how to clear RSCN statistics for VSAN 1 switch clear rscn statistics vsan 1 Related Commands vsan Clears the RSCN statistics for a VSAN vsan id The ID of the VSAN is from 1 to 4093 Release Modification 4 0 ...

Page 573: ...r zone lock command from a remote switch only the lock on that remote switch is cleared When you enter the clear zone lock command from the switch where the lock originated all locks in the VSAN are cleared The recommended method to clear a session lock on a switch where the lock originated is by entering the no zone commit vsan command Examples The following example shows how to clear all configu...

Page 574: ...s abort Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to discard a device alias CFS distribution session in progress switch config device alias abort Related Commands Release Modification Release 4 0 This command was introduced Command Description device alias databas...

Page 575: ...alias commit command device alias commit Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to commit pending changes to the active DPVM database switch config device alias commit Related Commands Release Modification Release 4 0 This command was introduced Command Descrip...

Page 576: ...device alias database command starts a device alias session that locks all the databases on all the switches in this fabrics When you exit device alias database configuration mode the device alias session ends and the locks are released You can only perform all modifications in the temporary device alias database To make the changes permanent use the device alias commit command Examples The follow...

Page 577: ... Description This command has no other arguments or keywords Command Default Enabled Command Modes Configuration mode Command History Usage Guidelines Use the device alias commit command to apply pending changes to the CFS distribution session Examples The following example shows how to enable distribution for device alias information switch config device alias distribute Related Commands Release ...

Page 578: ...ias has only one member The member type is supported by the device name implementation If any name conflict exists the fcaliases are not imported The device name database is completely independent from the VSAN dependent fcalias database When the import operation is complete the modified global fcalias table can distributed to all other switches in the physical fabric using the device alias distri...

Page 579: ...f the command device alias mode enhanced no device alias mode enhanced Syntax Description Command Default None Command Modes Configuration mode Command History Examples The following example shows how to device alias enhanced mode switch config device alias mode enhanced Related Commands enhanced Specifies enhanced mode Release Modification Release 4 0 This command was introduced Command Descripti...

Page 580: ...and Modes Device alias database configuration mode Command History Examples The following example shows how to configure a device name alias entry in the device name database switch config device alias database switch config device alias db device alias name Device1 pwwn 21 00 00 20 37 6f db bb Related Commands device name Specifies the device name Maximum length is 64 characters pwwn pwwn id Spec...

Page 581: ...ntax Description Command Default None Command Modes Device alias database configuration mode Command History Examples The following example shows how to configure a device name alias entry in the device name database switch config device alias database switch config device alias db device alias rename Device1 Device2 Related Commands device name1 Specifies the current device name device name2 Spec...

Page 582: ...C mode Command History Examples The following example selectively initiates discovery for the specified VSAN and domain ID switch discover custom list add vsan 1 domain 2 The following example deletes the specified VSAN and domain ID from the customized list switch discover custom list delete vsan 1 domain 2 add Adds a targets to the customized list delete Deletes a target from the customized list...

Page 583: ...mple shows how to discover remote targets assigned to the Windows OS switch discover scsi target remote os windows discovery started custom list Discovers SCSI targets from the customized list local Discovers local SCSI targets remote Discovers remote SCSI targets vsan vsan id Discovers SCSI targets for the specified VSAN ID The range is 1 to 4093 fcid fc id Discovers SCSI targets for the specifie...

Page 584: ... to discover SCSI targets for the specified VSAN 1 and FCID 0x9c03d6 switch discover scsi target vsan 1 fcid 0x9c03d6 os aix discover scsi target vsan 1 fcid 0x9c03d6 VSAN 1 FCID 0x9c03d6 PWWN 00 00 00 00 00 00 00 00 PRLI RSP 0x01 SPARM 0x0012 The following example begins discovering targets from a customized list assigned to the Linux operating system switch discover scsi target custom list os li...

Page 585: ...mmand Modes Configuration mode Command History Examples The following example sets the fabric to ensure reliable delivery of multicast traffic switch config fabric profile reliable multicast The following example sets the fabric profile to the default value switch config no fabric profile Related Commands reliable multicast Optimizes the QoS parameters in the fabric to ensure reliable delivery of ...

Page 586: ... switch config fabric binding activate vsan 1 The following example deactivates the fabric binding database for the specified VSAN switch config no fabric binding activate vsan 10 The following example forcefully activates the fabric binding database for the specified VSAN switch config fabric binding activate vsan 3 force The following example reverts to the previously configured state or to the ...

Page 587: ...lt None Command Modes EXEC mode Command History Usage Guidelines Fabric binding is configured on a per VSAN basis and can be implemented in both FICON VSANs and Fibre Channel VSANs If the configured database is empty this command is not accepted Examples The following example copies from the active database to the configuration database in VSAN 1 switch fabric binding database copy vsan 1 Related ...

Page 588: ...ples The following example displays the differences between the active database and the configuration database in VSAN 1 switch fabric binding database diff active vsan 1 The following example displays information about the differences between the configuration database and the active database switch fabric binding database diff config vsan 1 Related Commands active Provides information about the ...

Page 589: ...the fabric and that sWWN is not on the list or the sWWN is using a domain ID that differs from the one specified in the allowed list the ISL between the switch and the fabric is automatically isolated in that VSAN and the switch is denied entry into the fabric Examples The following example enters the fabric binding database mode and adds the sWWN and domain ID of a switch to the configured databa...

Page 590: ... s c o c o m 8 42 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands fabric binding database vsan Related Commands Command Description fabric binding activate Activates fabric binding fabric binding enable Enables fabric binding ...

Page 591: ...mand Default Disabled Command Modes Configuration mode Command History Usage Guidelines Fabric binding is configured on a per VSAN basis The fabric binding feature must be enabled in each switch in the fabric that participate in the fabric binding Examples The following example enables fabric binding on that switch switch config fabric binding enable The following example disables fabric binding o...

Page 592: ... Fibre Channel alias use the no form of the fcalias name command Examples The following example shows how to clone a fcalias named origAlias to cloneAlias on VSAN 45 switch config fcalias clone origAlias cloneAlias vsan 45 Related Commands origFcalias Name cloneFcalias Name Clones a Fibre Channel alias from the current name to a new name Maximum length of names is 64 characters vsan The clone Fibr...

Page 593: ...ult None Command Modes Configuration mode Command History Usage Guidelines To include multiple members in any alias use the FCID fWWN or pWWN values Examples The following example shows how to configure an fcalias called AliasSample on VSAN 3 switch config fcalias name AliasSample vsan 3 switch config fcalias Related Commands alias name The name of the fcalias Maximum length is 64 characters vsan ...

Page 594: ...tax Description Command Default None Command Modes Configuration mode Command History Examples The following example shows how to rename an fcalias switch config fcalias rename oldalias newalias vsan 10 Related Commands current name Specifies the current fcalias name The maximum length is 64 new name Specifies the new fcalias name The maximum length is 64 vsan vsan id Specifies the VSAN ID The ran...

Page 595: ...igures the allowed domain ID list ranging from 1 to 239 vsan vsan id Specifies a VSAN ID The range is 1 to 4093 auto reconfigure Configures autoreconfigure contiguous allocation Configures contiguous allocation domain id Configures the domain ID and its type The range is 0 to 239 preferred Configures the domain ID as preferred By default the local switch accepts the domain ID assigned by the princ...

Page 596: ... port in a VSAN Examples The following example shows how to configure a preferred domain ID for VSAN 87 switch config fcdomain domain 3 preferred vsan 87 The following example shows how to specify disruptive fabric reconfiguration for VSAN 1 switch config fcdomain restart disruptive vsan 1 The following example shows how to enable domain manager fast restart for VSANs 7 through 10 switch config fc...

Page 597: ...ort vsan vsan id no fcdomain abort vsan vsan id Syntax Description Command Default Enabled Command Modes Configuration mode Command History Examples The following example shows how to flush cached data switch config fcdomain abort vsan 10 Related Commands vsan id Specifies a VSAN ID The range is 1 to 4093 Release Modification 4 0 0 N1 1a This command was introduced Command Description fcdomain Con...

Page 598: ...n id no fcdomain commit vsan vsan id Syntax Description Command Default Enabled Command Modes Configuration mode Command History Examples The following example shows how to commit cached data switch config fcdomain commit vsan 10 Related Commands vsan vsan id Specifies a VSAN ID The range is 1 to 4093 Release Modification 4 0 0 N1 1a This command was introduced Command Description fcdomain Configu...

Page 599: ...e no fcdomain distribute Syntax Description This command has no arguments or keywords Command Default Disabled Command Modes Configuration mode Command History Examples The following example enables fabric distribution using CFS switch config fcdomain distribute The following example disables fabric distribution using CFS switch config no fcdomain distribute Related Commands Release Modification 4...

Page 600: ...on mode Command History Usage Guidelines Use this option to configure the RCF reject option for the selected Fibre Channel or virtual Fibre Channel interface Examples The following example shows how to configure the FCIP RCF reject fcdomain feature on a virtual Fibre Channel interface switch config interface vfc 3 switch config if fcdomain rcf reject vsan 1 Related Commands vsan vsan id Specifies ...

Page 601: ...second network latency 500 millisecond switch latency Command Modes Configuration mode Command History Examples The following example shows how to configure the network latency to 5000 milliseconds switch config fcdroplatency network 5000 The following example shows how to revert to the default switch latency switch config no fcdroplatency switch 4000 Related Commands network milliseconds Specifie...

Page 602: ...e aggregate flow statistics and the flow statistics Examples The following example enables the aggregated flow counter switch config fcflow stats aggregated index 1005 vsan 1 The following example disables the aggregated flow counter switch config no fcflow stats aggregated index 1005 The following example enables the flow counter for a specific flow switch config fcflow stats index 1 0x145601 0x5...

Page 603: ... e d b a ck c i s c o c o m 8 55 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands fcflow stats Related Commands Command Description show fcflow stats Displays the configured Fibre Channel drop latency parameters ...

Page 604: ...ets that have FC IDs with the same domain and area The switch software maintains a list of tested company IDs that do not exhibit this behavior These HBAs were allocated with single FC IDs and for others a full area was allocated To allow further scalability for switches with numerous ports the switch software maintains a list of HBAs exhibiting this behavior Each HBA is identified by its company ...

Page 605: ... no fcinterop fcid allocation auto flat none Syntax Description Command Default The default is automatic allocation of FCIDs Command Modes Configuration mode Command History Usage Guidelines This command defines how the switch assigns FCIDs Examples The following example sets the FCID allocation to flat switch config fcinterop fcid allocation flat Related Commands auto Assigns single FCID to compa...

Page 606: ... id wwn wwn id Syntax Description Command Default None Command Modes Configuration mode Command History Examples The following example shows how to disable automatic polling for VSAN 2 switch config fcns no auto poll vsan 2 Related Commands vsan vsan id Optional Specifies a VSAN ID The range is 1 to 4093 wwn wwn id Optional Specifies the port WWN with the format hh hh hh hh hh hh hh hh Release Mod...

Page 607: ...nformation can be displayed using the CLI The name server can be viewed using the CLI or the Cisco Fabric Manager All name server registration requests come from the same port whose parameter is registered or changed If it does not then the request is rejected Examples The following example shows configuring a proxy port for VSAN 2 switch config fcns proxy port 21 00 00 e0 8b 00 26 d vsan 2 Relate...

Page 608: ... reject duplicate pwwn vsan vsan id no fcns reject duplicate pwwn vsan vsan id Syntax Description Command Default Disabled Command Modes Configuration mode Command History Examples The following example rejects duplicate FCNS pWWNs for VSAN 2 switch config fcns reject duplicate pwwn vsan 2 Related Commands vsan vsan id Specifies a VSAN ID The range is 1 to 4093 Release Modification Release 4 0 Thi...

Page 609: ... the setting of the number of frames to be sent using the count option The range is from 0 through 2147483647 A value of 0 will ping forever switch fcping fcid 0xd70000 vsan 1 count 10 device alias aliasname Specifies the device alias name Maximum length is 64 characters fcid The FCID of the destination N port fc port The port FCID with the format 0xhhhhhh domain controller id Verifies connection ...

Page 610: ...bre Channel Commands fcping The following example shows the setting of the timeout value The default period to wait is 5 seconds The range is from 1 through 10 seconds switch fcping fcid 0xd500b4 vsan 1 timeout 10 The following example displays fcping operation using the device alias of the specified destination switch fcping device alias x vsan 1 ...

Page 611: ...pecifies the Fibre Channel interface and the route for the domain of the next hop switch for VSAN 2 switch config fcroute 0x111211 interface fc3 1 domain 3 vsan 2 The following example specifies the SAN port channel interface and the route for the domain of the next hop switch for VSAN 4 switch config fcroute 0x111211 interface san port channel 1 domain 3 vsan 4 fcid Specifies the FC ID The format...

Page 612: ...e following example specifies the Fibre Channel interface the route for the domain of the next hop switch the cost of the route and configures the static route for a destination switch remotely connected for VSAN 3 switch config fcroute 0x111112 interface fc3 1 domain 3 metric 3 remote vsan 3 Related Commands Command Description show fcroute Displays Fibre Channel routes fcroute map Specifies a pr...

Page 613: ...the command fcs plat check global vsan vsan id no fcs plat check global vsan vsan id Syntax Description Command Default None Command Modes Configuration mode Command History Examples The following example shows how to enable FCS platform and node name checking fabric wide switch config fcs plat check global vsan 2 Related Commands vsan vsan id Specifies the VSAN ID for platform checking which is f...

Page 614: ...ble this feature use the no form of the command fcs register no fcs register Syntax Description This command has no arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to register FCS attributes switch config fcs register Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description...

Page 615: ...odes Configuration mode Command History Usage Guidelines VSAN ranges are entered as vsan ids vsan ids When you specify more than one range separate each range with a comma If no range is specified the command applies to all VSANs Examples The following example shows how to add to one range of VSANs switch config fcs virtual device add vsan ranges 2 4 The following example shows how to add to more ...

Page 616: ...re Channel interface in port 1 of slot 2 switch config interface fc 2 1 switch config if fcsp on switch config if The following example reverts to the factory default of auto passive for the selected interface switch config if no fcsp The following example changes the selected interface to initiate FC SP authentication but does not permit reaunthentication switch config if fcsp auto active 0 auto ...

Page 617: ...a ck c i s c o c o m 8 69 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands fcsp Related Commands Command Description fcsp enable Enables FC SP show interface Displays an interface configuration for a specified interface ...

Page 618: ...and Using SHA 1 as the hash algorithm may prevent RADIUS or TACACS usage If you change the DH group configuration ensure to change it globally for all switches in the fabric Examples The following example enables FC SP switch config fcsp enable devicename Configures a password of another device in the fabric switch wwn Provides the WWN of the device being configured password Configures DHCHAP pass...

Page 619: ...efault priority list of the MD 5 hash algorithm followed by the SHA 1 hash algorithm switch config no fcsp dhchap hash sha1 The following example prioritizes the use of DH group 2 3 and 4 in the configured order switch config fcsp dhchap group 2 3 4 The following example configures a clear text password for the local switch switch config fcsp dhchap password 0 mypassword The following example conf...

Page 620: ...lable when the FC SP feature is enabled To disable FC SP use the no form of the command fcsp enable no fcsp enable Syntax Descriptionf Command Default Disabled Command Modes Configuration mode Command History Examples The following example enables FC SP switch config fcsp enable Related Commands fcsp Specifies the FC SP feature in the switch enable Enables the FC SP feature in this switch Release ...

Page 621: ... vfc id Syntax Description Command Default 30 seconds Command Modes EXEC mode Command History Examples The following example configures the FCSP reauthentication on a virtual Fibre Channel interface switch fcsp reauthenticate vfc 1 Related Commands interface Specifies the interface on which to perform the reauthentication interface fc slot port Specifies the Fibre Channel interface by slot and por...

Page 622: ...imeout period Syntax Description Command Default 30 seconds Command Modes Configuration mode Command History Usage Guidelines You can only see the fcsp timeout command if you enter the fcsp enable command Examples The following example configures the FCSP timeout value switch config fcsp enable switch config fcsp timeout 60 Related Commands timeout period Specifies the time out period The time ran...

Page 623: ...efault to the same values They can be changed if needed In accordance with the FC SW2 standard these values must be the same on each switch in the fabric Use the vsan option to configure different TOV values for specific VSANs Examples The following example shows how to change the default Fibre Channel timers switch config fctimer e_d_tov 5000 switch config fctimer r_a_tov 7000 Related Commands d_...

Page 624: ... use the fctimer abort command fctimer abort Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to discard a CFS distribution session in progress switch config fctimer abort Related Commands Release Modification Release 4 0 This command was introduced Command Description f...

Page 625: ...gress in the fabric use the fctimer commit command fctimer commit Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to commit changes to the active Fibre Channel timer configuration switch config fctimer commit Related Commands Release Modification Release 4 0 This comman...

Page 626: ...ther arguments or keywords Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines Before distributing the Fibre Channel timer changes to the fabric the temporary changes to the configuration must be committed to the active configuration using the fctimer commit command Examples The following example shows how to change the default Fibre Channel timers switch con...

Page 627: ...ry Examples The following example traces a route to the specified fcid in VSAN 1 switch fctrace fcid 0x660000 vsan 1 The following example traces a route to the specified device alias in VSAN 1 switch fctrace device alias x vsan 1 device alias aliasname Specifies the device alias name Maximum length is 64 characters fcid fcid The FCID of the destination N port with the format 0xhhhhhh pwwn pwwn id...

Page 628: ...MI updates use the fdmi suppress updates command fdmi suppress updates vsan vsan id Syntax Description Command Default By default FDMI updates are not suppressed Command Modes Configuration mode Command History Examples The following example suppresses FDMI updates in VSAN 1 switch fdmi suppress updates vsan 1 vsan vsan id Specifies a VSAN ID The range is 1 to 4093 Release Modification 4 0 0 N1 1a...

Page 629: ...is 5000 milliseconds Command Modes Configuration mode vsan vsan id Specifies a VSAN ID The range is 1 to 4093 min ls arrival ls arrival time This command specifies the minimum time before a new link state update for a domain will be accepted by switch The parameter ls arrival time is an integer specifying time in milliseconds The range is 0 to 65535 min ls interval ls interval time This command sp...

Page 630: ...switch fspf config spf static switch fspf config exit switch config no fspf config vsan 3 switch config Related Commands Release Modification 4 0 0 N1 1a This command was introduced Command Description show fspf interface Displays information for each selected interface fspf enable Enables FSPF routing protocol in the specified VSAN fspf cost Configures the cost for the selected interface in the s...

Page 631: ...irtual Fibre Channel interfaces FSPF tracks the state of links on all switches in the fabric associates a cost with each link in its database and then chooses the path with a minimal cost The cost associated with an interface can be changed using the fspf cost command to implement the FSPF route selection Examples The following example configures the FSPF link cost on an FCIP interface switch conf...

Page 632: ...licable to virtual Fibre Channel interfaces This value must be the same in the ports at both ends of the ISL Caution An error is reported at the command prompt if the configured dead time interval is less than the hello time interval Examples The following example configures the maximum interval of 400 seconds for a hello message before the neighbor is considered lost switch config interface fc 2 ...

Page 633: ...escription Command Default Enabled Command Modes Configuration mode Command History Usage Guidelines This command configures FSPF on VSANs globally Examples The following example enables FSPF in VSAN 5 and disables FSPF in VSAN 7 switch config fspf enable vsan 5 switch config no fspf enable vsan 7 Related Commands vsan vsan id Specifies a VSAN ID The range is 1 to 4093 Release Modification 4 0 0 N...

Page 634: ...de Command History Usage Guidelines This command is not applicable to virtual Fibre Channel interfaces This command configures FSPF for the specified Fibre Channel interface This value must be the same in the ports at both ends of the ISL Examples The following example configures a hello interval of 3 seconds on VSAN 1 switch config interface fc 2 1 switch config if fspf hello interval 3 vsan 1 Re...

Page 635: ...ble to virtual Fibre Channel interfaces By default FSPF is enabled on all E ports and TE ports FSPF can be disabled by setting the interface as passive using the fspf passive command FSPF must be enabled on the ports at both ends of the ISL for the protocol to operate correctly Examples The following example disables the FSPF protocol for the selected interface on VSAN 1 switch config interface fc...

Page 636: ...de Command History Usage Guidelines This command is not applicable to virtual Fibre Channel interfaces This value must be the same in the ports at both ends of the ISL Examples The following example specifies a retransmit interval of 6 seconds after which an unacknowledged link state update should be transmitted on the interface for VSAN 1 switch config interface fc 2 1 switch config if fspf retra...

Page 637: ...he originator Examples The following example shows how to enable in order delivery for the entire switch switch config in order guarantee The following example shows how to disable in order delivery for the entire switch switch config no in order guarantee The following example shows how to enable in order delivery for a specific VSAN switch config in order guarantee vsan 3452 The following exampl...

Page 638: ... no fcsp auto active auto passive on off no fspf cost link cost vsan vsan id dead interval seconds vsan vsan id hello interval seconds vsan vsan id passive vsan vsan id retransmit interval seconds vsan vsan id switchport Syntax Description Command Default Disabled Command Modes Configuration mode slot port Specifies a slot number and port number channel group Adds to or removes from a Port Channel...

Page 639: ...s autocreation of port channels If autocreation of port channels is enabled for an interface you must first disable this configuration before downgrading to earlier software versions or before configuring the interface in a manually configured channel group Examples The following example configures ports 1 to 4 in Fibre Channel interface 3 switch config interface fc 3 1 4 The following example ena...

Page 640: ... shutdown force switchport mode E auto speed 1000 2000 4000 auto trunk allowed vsan vsan id add vsan id all mode auto on off no interface san port channel port no description no shutdown no switchport no mode no speed no trunk allowed vsan vsan id add vsan id all mode Syntax Description Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines Use the no shutdown c...

Page 641: ...01 Chapter 8 Fibre Channel Commands interface san port channel Examples The following example configures SAN port channel interface 3 switch config interface san port channel 3 Related Commands Command Description show interface Displays an interface configuration for a specified interface shutdown Disables and enables an interface ...

Page 642: ...Default Disabled Command Modes Configuration mode Command History Usage Guidelines You can specify a range of interfaces by entering a command with the following example format interface vfc 1 3 vfc 5 7 Use the no shutdown command to enable the interface Examples The following example enters interface configuration mode for virtual Fibre Channel interface 3 switch config interface vfc 3 vfc id Spe...

Page 643: ...o c o m 8 95 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands interface vfc Related Commands Command Description show interface Displays an interface configuration for a specified interface shutdown Disables and enables an interface ...

Page 644: ...sion in progress use the logging abort command logging abort Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to discard logging CFS distribution session in progress switch config logging abort Related Commands Release Modification 4 0 0 N1 1a This command was introduced...

Page 645: ...tribution session in progress in the fabric use the logging commit command logging commit Syntax Description This command has no other arguments or keywords Command Default None Command Modes Configuration mode Command History Examples The following example shows how to commit changes to the active logging configuration switch config logging commit Related Commands Release Modification 4 0 0 N1 1a...

Page 646: ...ents or keywords Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines Before distributing the Fibre Channel timer changes to the fabric the temporary changes to the configuration must be committed to the active configuration using the logging commit command Examples The following example shows how to change the distribute logging configuration changes switch c...

Page 647: ...ple shows how to add a member to an alias called samplealias switch config fcalias name samplealias The following example defines a Fibre Channel interface for the member switch switch config fcalias member interface fc3 1 device alias aliasname Specifies the member device alias Maximum length is 64 characters domain id domain id Specifies the member domain ID The range is 1 to 239 fcid fc id Spec...

Page 648: ...e OL 16599 01 Chapter 8 Fibre Channel Commands member fcalias configuration mode The following example shows how to delete the specified member switch config fcalias no member interface fc3 1 Related Commands Command Description fcalias name Configures an alias show fcalias Displays the member name information in an alias ...

Page 649: ...te a zone set zone member only if you need to add member to a zone from the zone set prompt device alias aliasname Specifies the member device alias Maximum length is 64 characters lun lun id Specifies the member LUN ID The format is 0xhhhh hhhh hhhh hhhh where h is a hexadecimal digit domain id domain id Specifies the member domain ID The range is 1 to 239 alias name The name of the fcalias Maxim...

Page 650: ...oneset1 on VSAN 1 switch config zoneset name ZoneSet1 vsan 1 switch config zoneset zone member fcid 0x111112 The following example shows how to assign a Fibre Channel interface member into a zone switch config zoneset name ZoneSet1 vsan 1 switch config zoneset zone member interface fc 3 1 The following example shows how to delete the specified device from a zone switch config zoneset zone no membe...

Page 651: ...he no form of the command member member name no member member name Syntax Description Command Default None Command Modes Zone set configuration mode Command History Examples The following example shows how to add a member zone to a zone set switch config zoneset name Zoneset1 vsan 10 switch config zoneset member ZoneA Related Commands member name Specifies the member name Maximum length is 64 char...

Page 652: ...es NPIV provides a means to assign multiple port IDs to a single N port This feature allows multiple applications on the N port to use different identifiers and allows access control zoning and port security to be implemented at the application level You must globally enable NPIV for all VSANs on the switch to allow the NPIV enabled applications to use multiple N port identifiers Examples The foll...

Page 653: ... NPV mode When disruptive load balancing is enabled NPV redistributes the server interfaces across all available NP uplinks when a new NP uplink becomes operational To move a server interface from one NP uplink to another NP uplink NPV forces reinitialization of the server interface so that the server performs a new login to the core switch This action causes traffic disruption on the attached end...

Page 654: ...nd Modes Configuration mode Command History Usage Guidelines When NPV mode is enabled switch configuration related to interfaces is erased and the switch is rebooted The switch restarts in NPV mode Configuration and verification commands for NPV are available only when NPV is enabled on the switch When you disable NPV mode all related configurations are automatically erased and the switch is reboo...

Page 655: ...tion to select an NP uplink for the server interface Command Modes Configuration mode Command History Usage Guidelines NPV traffic maps can be configured only in NPV mode Examples The following example creates a mapping between server interface vfc1 and NP uplink fc 3 1 switch config npv traffic map server interface vfc 1 external interface fc 3 1 Related Commands server interface Specifies the se...

Page 656: ...the port security feature and disable auto learning using the port security activate vsan number no auto learn command In this case you need to manually populate the port security database by individually securing each port If the auto learn option is enabled on a VSAN you cannot activate the database for that VSAN without the force option Examples The following example activates the port security...

Page 657: ... switch can learn about any device that is allowed to access VSAN 1 These devices are logged in the port security active database switch config port security auto learn vsan 1 The following example disables auto learning and stops the switch from learning about new devices accessing the switch switch config no port security auto learn vsan 1 The following example enters the port security database ...

Page 658: ...ecurity abort vsan vsan id Syntax Description Command Default None Command Modes Configuration mode Command History Examples The following example shows how to discard a port security CFS distribution session in progress switch config port security abort vsan 33 Related Commands vsan vsan id Specifies the VSAN ID The range is 1 to 4093 Release Modification 4 0 0 N1 1a This command was introduced C...

Page 659: ...ecurity commit command port security commit vsan vsan id Syntax Description Command Default None Command Modes Configuration mode Command History Examples The following example shows how to commit changes to the active port security configuration switch config port security commit vsan 13 Related Commands vsan vsan id Specifies the VSAN ID The range is 1 to 4093 Release Modification 4 0 0 N1 1a Th...

Page 660: ...ts Examples The following example copies the active to the configured database switch port security database copy vsan 1 The following example provides the differences between the active database and the configuration database switch port security database diff active vsan 1 The following example provides information on the differences between the configuration database and the active database swi...

Page 661: ...s Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands port security database Related Commands Command Description port security database Copies and provides information on the differences within the port security database show port security database Displays configured port security information ...

Page 662: ...ts or keywords Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines Before distributing the Fibre Channel timer changes to the fabric the temporary changes to the configuration must be committed to the active configuration using the port security commit command Examples The following example shows how to distribute the port security configuration to the fabric...

Page 663: ...his command has no other arguments or keywords Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines Entering the port security enable command enables the other commands that are used to configure port security Examples The following example shows how to enable port security switch config port security enable The following example shows how to disable port secu...

Page 664: ... The software brings the linked port down when the tracked port goes down When the tracked port recovers from the failure and comes back up again the tracked port is also brought up automatically unless otherwise configured Examples The following example shows how to enable port tracking switch config port track enable The following example shows how to disable port tracking switch config no port ...

Page 665: ...s Use the port track force shut command to keep the linked port down even though the tracked port comes back up You must explicitly bring the port up when required using the no port track force shut command Examples The following example shows how to force the shutdown of an interface and the interfaces that it is tracking switch config interface fc 2 2 switch config if no port track force shut Re...

Page 666: ...k up the linked interface also comes back up Use the port track force shut command to keep the linked interface down Examples The following example shows how to enable port tracking for specific interfaces switch config interface fc 2 3 switch config if port track interface san port channel 2 Related Commands fc slot port Specifies a Fibre Channel interface san port channel port Specifies a SAN po...

Page 667: ... fcid vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example shows how to purge all dynamic unused FCIDs in VSAN 4 switch purge fcdomain fcid vsan 4 The following example shows how to purge all dynamic unused FCIDs in VSANs 4 5 and 6 switch purge fcdomain fcid vsan 4 6 vsan vsan id Indicates that FCIDs are to be purged for a VSAN...

Page 668: ...d host only if it meets the following conditions No host in the VSAN is registered for RLIR with the registration function set to always receive If one or more hosts in the VSAN are registered as always receive then RLIR sends only to these hosts and not to the configured preferred host The preferred host is registered with the registration function set to conditionally receive If all registered h...

Page 669: ...ference OL 16599 01 Chapter 8 Fibre Channel Commands rlir preferred cond fcid Related Commands Command Description show rlir Displays information about RLIR Link Incident Record Registration LIRR and Distribute Registered Link Incident Record DRLIR frames clear rlir Clears the RLIRs debug rlir Enables RLIR debugging ...

Page 670: ...ion Command Default None Command Modes Configuration mode Command History Examples The following example configures RSCNs in multi PID format switch config rscn multi pid vsan 1 Related Commands multi pid Sends RSCNs in multiple port ID multi PID format suppress domain swrscn Suppresses transmission of domain format SW RCSNs vsan vsan id Configures VSAN information or membership The ID of the VSAN...

Page 671: ...des Configuration mode Command History Examples The following example cancels an RSCN configuration on VSAN 1 switch config rscn abort vsan 1 Related Commands vsan vsan id Specifies a VSAN where the RSCN configuration should be cancelled The ID of the VSAN is from 1 to 4093 Release Modification 4 0 0 N1 1a This command was introduced Command Description rscn commit Commits a pending RSCN configura...

Page 672: ...he configuration is committed to all the switches in the fabric On a successful commit the configuration change is applied throughout the fabric and the lock is released Examples The following example commits an RSCN configuration on VSAN 1 switch config rscn commit vsan 1 Related Commands vsan vsan id Specifies a VSAN where the RSCN configuration should be committed The ID of the VSAN is from 1 t...

Page 673: ...ode Command History Usage Guidelines The RSCN timer configuration must be the same on all switches in the VSAN Cisco Fabric Service CFS automatically distributes the RSCN timer configuration to all switches in a fabric Only the RSCN timer configuration is distributed Examples The following example enables the distribution of an RSCN configuration switch config rscn distribute Related Commands Rele...

Page 674: ...the timeout value you must enable RSCN configuration distribution using the rscn distribute command The RSCN timer is registered with Cisco Fabric Services CFS during initialization and switchover Examples The following example configures an RSCN event timeout value on VSAN 1 switch config rscn event tov 20 vsan 1 Related Commands timeout Specifies an event timeout value in milliseconds The range ...

Page 675: ...ersistent command is applied to an autocreated channel group the channel group number does not change and the member ports properties change to those of a user created channel group The channel mode remains active Examples The following example shows how to change the properties of an autocreated channel group to a persistent channel group switch san port channel 10 persistent Related Commands por...

Page 676: ...tions All options are on by default Use the no scsi target discovery command to turn off all discovery options You can also turn off specific options by using the no form of the command Examples The following example configures SCSI target auto polling discovery for VSAN 1 switch config scsi target auto poll vsan 1 The following example removes SCSI target auto polling discovery for VSAN 1 switch ...

Page 677: ...et ns poll vsan 1 The following example configures SCSI target on demand discovery for VSAN 1 switch config scsi target on demand vsan 1 The following example removes SCSI target on demand discovery for VSAN 1 switch config no scsi target on demand vsan 1 Related Commands Command Description discover scsi target Discovers SCSI targets on local storage to the switch or remote storage across the fab...

Page 678: ...t for the port credit Specifies receive BB_credit The range is 1 to 255 mode Configures receive BB_credit for the specific port mode E Configures receive BB_credit for E or TE port mode F Configures receive BB_credit for F port mode default Configures default receive BB_credits depending on the port mode and capabilities mode Configures the port mode auto Configures autosense mode E Configures E p...

Page 679: ...ce if autosensing with a maximum speed of 2 Gbps auto max 2000 is configured then only 2 Gbps of bandwidth is reserved and the unused 2 Gbps is shared with the other interface in the port group When configuring port modes observe the following guidelines Auto port mode and E port mode cannot be configured in shared rate mode Shared to dedicated ports should be configured in this order speed port m...

Page 680: ...witchport trunk allowed vsan 3 switch config if switchport trunk allowed vsan add 2 switch config if switchport encap eisl switch config if switchport fcrxbbcredit 20 The following example configures the mode of a virtual Fibre Channel interface switch config interface vfc 2 switch config if switchport mode F Related Commands Command Description fcrxbbcredit extended enable Enables extended BB_cre...

Page 681: ...d by the switch to detect an increased error rate before performance degradation seriously affects traffic Bit errors can occur for the following reasons Faulty or bad cable Faulty or bad SFP SFP is specified to operate at 1 Gbps but is used at 2 Gbps Short haul cable is used for long haul or long haul cable is used for short haul Momentary sync loss Loose cable connection at one or both ends Impr...

Page 682: ...le shows how to prevent the detection of bit error events from disabling the interface switch config interface fc2 1 switch config if switchport ignore bit errors The following example shows how to allow the detection of bit error events from disabling the interface switch config interface fc2 1 switch config if no switchport ignore bit errors Related Commands Command Description show interface Di...

Page 683: ...even if you do not individually specify them at that time This command changes the configuration of the following ports to administrative mode F All ports that are down All F ports that are up whose operational mode is F and whose administrative mode is not F This command does not affect non F ports that are up however if non F ports are down this command changes the administrative mode of those p...

Page 684: ...isco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands system default switchport Related Commands Command Description show system default switchport Displays default values for switch port attributes show interface brief Displays Fibre Channel port modes ...

Page 685: ... a VSAN and it becomes active If you do not want to use the default values use the zone default zone permit vsan command to define the operational values for the default zone The system default zone default zone permit command should only be used in conjunction with VSANs that have not yet been created it has no effect on existing VSANs Because VSAN 1 is the default VSAN and is always present this...

Page 686: ... you initially create a VSAN and it becomes active If you do not want to use the default values use the zoneset distribute full vsan command to distribute the operational values for the default zone The system default zone distribute full command should only be used in conjunction with VSANs that have not yet been created it has no effect on existing VSANs Because VSAN 1 is the default VSAN and is...

Page 687: ...nfigurations Existing trunk configurations are not affected and the TE port continues to function in trunking mode but only supports traffic in VSANs that it negotiated previously when the trunking protocol was enabled Also other switches that are directly connected to this switch are similarly affected on the connected interfaces In some cases you may need to merge traffic from different port VSA...

Page 688: ... port san port channel port vfc vfc id interop mode loadbalancing src dst id src dst ox id loadbalancing src dst id src dst ox id name name interop mode loadbalancing src dst id src dst ox id loadbalancing src dst id src dst ox id suspend interop mode loadbalancing src dst id src dst ox id loadbalancing src dst id src dst ox id suspend interop mode loadbalancing src dst id src dst ox id loadbalanc...

Page 689: ...p mode Interop mode 2 Brocade native mode Core PID 0 Interop mode 3 Brocade native mode Core PID 1 Interop mode 4 McData native mode Before you configure Interop mode 4 or remove the configuration you must suspend the VSAN You should unsuspend the VSAN only after you configure a VSAN dependent switch WWN with the McData OUI 08 00 88 Examples The following example shows how to create multiple fabri...

Page 690: ... e d b a ck c i s c o c o m 8 142 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands vsan database Related Commands Command Description wwn vsan Configures a WWN for a suspended VSAN that has Interop mode 4 enabled ...

Page 691: ...one Changes to the worldwide names are only performed as required They should not be changed on a daily basis These changes should be made by an administrator or individual who is completely familiar with switch operations For more information refer to the Cisco Nexus 5000 Series CLI Configuration Guide Examples The following example allocates a secondary range of MAC addresses switch config wwn s...

Page 692: ...an specify the switch WWN for it The switch WWN must be unique throughout the entire fabric The configured switch WWN must have McData OUI 08 00 88 Examples The following example shows how to assign a WWN to a VSAN switch config wwn vsan 100 vsan wwn 20 64 08 00 88 0d 5f 81 switch config vsan database switch config vsan db vsan 100 suspend switch config vsan db exit switch config wwn vsan 100 vsan...

Page 693: ...Use the no form of the zone name configuration mode command to delete the zone name Examples The following example creates a clone of the original zone group named origZone into the clone zone group cloneZone on VSAN 45 switch config zone clone origZone cloneZone vsan 45 Related Commands current zone name new zone name Clones a zone attribute group from the current name to a new name Maximum lengt...

Page 694: ... vsan vsan id force Syntax Description Command Default None Command Modes Configuration mode Command History Usage Guidelines Use the no form of the zone commit command to clear a session lock on a switch where the lock originated Examples The following example commits zoning changes to VSAN 200 switch config zone commit vsan 200 Related Commands vsan vsan id Specifies the VSAN ID The range is 1 t...

Page 695: ...VSANs the merge will fail if more than 2000 zones are present in a VSAN and the neighboring VSAN cannot support more than 2000 zones Activation will fail if more than 2000 zones are present in the VSAN and one or more switches in the fabric cannot support more than 2000 zones Examples The following example shows how to compact a zone database in VSAN 1 switch oongif zone compact vsan 1 Related Com...

Page 696: ...to a remote location using SCP switch zone copy vsan 3 active zoneset scp guest myserver tmp active_zoneset txt Related Commands active zoneset Copies from the active zone set full zoneset Copies the active zone set to the full zone set vsan vsan id Configures to copy active zone set on a VSAN to full zone set The ID of the VSAN is from 1 to 4093 bootflash Copies the active zone set to a location ...

Page 697: ...e the zone default zone permit vsan command to define the operational values for the default zone in a VSAN This command applies to existing VSANs it has no effect on VSANs that have not yet been created Use the system default zone default zone permit command to use the default values defined for the default zone for all VSANs The default values are used when you initially create a VSAN and it bec...

Page 698: ...e merge control restrict vsan vsan id Syntax Description Command Default Disabled Command Modes Configuration mode Command History Usage Guidelines If merge control is set to restricted and the two databases are not identical the merge fails and ISLs between the switches become isolated Examples The following example shows how to set zone merge control for VSAN 10 to restricted switch config zone ...

Page 699: ...king in enhanced zoning mode If one or more switches are not capable of working in enhanced zoning mode the request to enable enhanced zoning mode is rejected When the zone mode enhanced vsan command completes successfully the software automatically starts a session distributes the zoning database using the enhanced zoning data structures applies the configuration changes and sends a release chang...

Page 700: ...ame commands are entered from the configuration mode Configure a zone for a VSAN from the config zone mode Use the show wwn switch command to retrieve the switch world wide name sWWN If you do not provide an sWWN the software automatically uses the local sWWN Examples The following example configures attributes for the specified zone Zone1 based on the member type pWWN fabric pWWN FCID or Fibre Ch...

Page 701: ... 153 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands zone name configuration mode Related Commands Command Description show zone Displays zone information zone rename Renames zones zone attribute group name Configures zone attribute groups ...

Page 702: ...one name Syntax Description Command Default None Command Modes Zone set configuration mode Command History Examples The following example configure a zone in a zone set switch config zoneset name Sample vsan 1 switch config zoneset zone name MyZone The following example deletes a zone from a zone set switch config zoneset no zone name Zone2 Related Commands zone name Specifies the name of the zone...

Page 703: ...ommand Modes Configuration mode Command History Examples The following example shows how to rename a zone switch zone rename ZoneA ZoneB vsan 10 Related Commands current name Specifies the current fcalias name Maximum length is 64 characters new name Specifies the new fcalias name Maximum length is 64 characters vsan vsan id Specifies the VSAN ID The range is 1 to 4093 Release Modification 4 0 0 N...

Page 704: ...ines Zones are activated by activating the parent zone set The zoneset distribute full vsan command distributes the operational values for the default zone to all zone sets in a VSAN If you do not want to distribute the operation values use the system default zone distribute full command to distribute the default values The default values are used when you initially create a VSAN and it becomes ac...

Page 705: ... name zSet1 vsan 333 The following example clones a zone set named zSet1 into a new zoneset named zSetClone in VSAN 45 switch config zoneset clone existing zSet1 zSetClone vsan 45 The following example distributes the operational values for the default zone to all zone sets in VSAN 22 switch config zoneset distribute full vsan 22 Related Commands Command Description system default zone distribute ...

Page 706: ...e VSAN 2 interface switch zoneset import interface fc2 3 vsan 2 The following example exports the zone set database to the adjacent switch connected through VSAN 5 switch zoneset export vsan 5 distribute Distributes the full zone set in the fabric export Exports the zone set database to the adjacent switch on the specified VSAN The active zone set in this switch becomes the activated zone set of t...

Page 707: ...rence OL 16599 01 Chapter 8 Fibre Channel Commands zoneset EXEC mode The following example distributes the zone set in VSAN 333 switch zoneset distribute vsan 333 Related Commands Command Description show zone status vsan Displays the distribution status for the specified VSAN show zoneset Displays zone set information ...

Page 708: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 8 160 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 8 Fibre Channel Commands zoneset EXEC mode ...

Page 709: ... 5 0 0 0 d o c f e e d b a ck c i s c o c o m 9 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 9 Fibre Channel Show Commands This chapter describes the Cisco NX OS Fibre Channel show commands available on Cisco Nexus 5000 Series switches ...

Page 710: ...h show cfs application Note The show cfs application command displays only those applications that are registered with CFS Conditional services that use CFS do not appear in the output unless those services are running The following example shows how to display CFS information for the device alias application switch show cfs application name device alias application Displays locally registered app...

Page 711: ... Reference OL 16599 01 Chapter 9 Fibre Channel Show Commands show cfs The following example shows how to display CFS merge operation information for the device alias application switch show cfs merge status device alias The following example shows whether or not CFS distribution is enabled switch show cfs status ...

Page 712: ... npv command show debug npv Syntax Description This command has no other keywords or arguments Command Default None Command Modes EXEC mode Command History Usage Guidelines The show debug npv command is available only when the switch is in NPV mode Examples The following example shows all the NPV debug commands available on the switch switch show debug npv Related Commands Release Modification 4 0...

Page 713: ...abase The following example shows how to display all global fcaliases and all VSAN dependent fcaliases switch show device alias name efg The following example shows how to display all global fcaliases and all VSAN dependent fcaliases switch show device alias statistics database Displays the entire device name database merge status Displays the device merge status name device name Displays device n...

Page 714: ... Series Command Reference OL 16599 01 Chapter 9 Fibre Channel Show Commands show device alias Related Commands Command Description device alias name Configures device alias names device alias database Configures device alias information device alias distribute Enables device alias CFS distribution ...

Page 715: ...ays active VSAN specific fabric binding information switch show fabric binding database active vsan 61 The following example displays configured VSAN specific fabric binding information switch show fabric binding database vsan 4 The following example displays fabric binding statistics switch show fabric binding statistics The following example displays fabric binding status for each VSAN switch sh...

Page 716: ...bre Channel Show Commands show fabric binding The following example displays EFMD statistics switch show fabric binding efmd statistics The following example displays EFMD statistics for a specified VSAN switch show fabric binding efmd statistics vsan 4 The following example displays fabric binding violations switch show fabric binding violations ...

Page 717: ...itch show fc2 bind The following example displays FC2 local N port information switch show fc2 nport bind Displays FC2 socket bindings classf Displays FC2 classf sessions exchange Displays FC2 active exchanges exchresp Displays FC2 active responder exchanges flogi Displays FC2 FLOGI table nport Displays FC2 local N ports plogi Displays FC2 PLOGI sessions plogi_pwwn Displays FC2 PLOGI pWWN entries ...

Page 718: ...plays FC2 PLOGI session information switch show fc2 plogi The following example displays FC2 physical port information switch show fc2 port The following example displays FC2 local N port PLOGI notifications for each socket switch show fc2 socknotify The following example displays FC2 local N ports for each socket switch show fc2 socknport The following example displays FC2 VSAN table switch show ...

Page 719: ...liases Command Modes EXEC mode Command History Usage Guidelines To make use of fcaliases as device names instead of using the cryptic device name add only one member per fcalias Examples The following example displays fcalias configuration information switch show fcalias vsan 1 Related Commands name fcalias name Optional Displays fcalias information for a specific name The maximum length is 64 pen...

Page 720: ... exited and reentered the fabric for the principal switch In the cache content VSAN refers to the VSAN that contains the device WWN refers to the device that owned the FC IDs and mask refers to a single or entire area of FC IDs allowed Optional Displays a list of allowed domain IDs domain list Optional Displays a list of domain IDs provided by the principal switch fcid persistent Optional Displays...

Page 721: ...e following example displays pending configuration changes switch show fcdomain pending vsan 10 The following example displays the differences between the pending configuration and the current configuration switch show fcdomain pending diff vsan 10 The following example displays the status of the distribution session switch show fcdomain session status vsan 1 Related Commands Table 9 1 show fcdoma...

Page 722: ...hannel latency parameters use the show fcdroplatency command show fcdroplatency network switch Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example displays the configured Fibre Channel latency parameters switch show fcdroplatency network Optional Network latency in milliseconds switch Optional Switch latency in milliseconds Release Modific...

Page 723: ...w index Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example displays aggregated fcflow details switch show fcflow stats aggregated The following example displays fcflow details switch show fcflow stats The following example displays fcflow index usage switch show fcflow stats usage aggregated Optional Displays aggregated fcflow statistics ...

Page 724: ...area Fcid area allocation company id info 00 50 2E 00 50 8B 00 60 B0 00 A0 B8 00 E0 69 00 E0 8B 00 32 23 Total company ids 7 Additional user configured company ids Explicitly deleted company ids from default list Table 9 2 describes the significant fields shown in the display area Selects the auto area list of company IDs company id from wwn wwn Selects company ID from the specified world wide nam...

Page 725: ...ric is large or if several devices are slow to respond Virtual enclosure ports can be viewed using the show fcns database command Examples The following example displays the contents of the FCNS database switch show fcns database The following example displays the detailed contents of the FCNS database switch show fcns database detail The following example displays the management VSAN VSAN 2 switc...

Page 726: ... f e e d b a ck c i s c o c o m 9 18 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 9 Fibre Channel Show Commands show fcns database Related Commands Command Description fcns Configuration mode command for name server configuration ...

Page 727: ...or all VSANs use the show fcns statistics command show fcns statistics detail vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example displays statistical information for a specified VSAN switch show fcns statistics detail Optional Displays detailed statistics vsan vsan id Optional Displays statistics for the specified VSAN ID The...

Page 728: ...oe show fcoe To display the status of Fibre Channel over Ethernet FCoE on the switch use the show fcoe command show fcoe Syntax Description This command has no other keywords or arguments Command Default None Command Modes EXEC mode Command History Examples The following example displays the FCoE status switch show fcoe Release Modification 4 0 0 N1 1a This command was introduced ...

Page 729: ...e total number of routes Examples The following example displays administrative distance switch show fcroute distance The following example displays multicast routing information switch show fcroute multicast The following example displays FCID information for a specified VSAN switch show fcroute multicast vsan 3 distance Displays FC route preference label Displays label routes label Optional Disp...

Page 730: ...wing example displays unicast routing information switch show fcroute unicast The following example displays unicast routing information for a specified VSAN switch show fcroute unicast vsan 4 The following example displays unicast routing information for a specified FCID switch show fcroute unicast 0x040101 0xffffff vsan 4 The following example displays route database information switch show fcro...

Page 731: ...ch show fcs ie vsan 1 This command displays interconnect element object information for a specific WWN switch show fcs ie nwwn 20 01 00 05 30 00 16 df vsan 1 This command displays platform information switch show fcs platform name SamplePlatform vsan 1 database Displays local database of FCS vsan vsan id Optional Specifies a VSAN ID The range is 1 to 4093 ie Displays interconnect element objects i...

Page 732: ...how fcs This command displays platform information within a specified VSAN switch show fcs platform vsan 1 This command displays FCS port information within a specified VSAN switch show fcs port vsan 24 This command displays ports within a specified WWN switch show fcs port pwwn 20 51 00 05 30 00 16 de vsan 24 This command displays FCS statistics switch show fcs statistics ...

Page 733: ...SP WWN of the device connected through a specified interface switch show fcsp interface fc 2 1 wwn The following example displays hash algorithm and DHCHAP groups configured for the local switch switch show fcsp dhchap The following example displays the DHCHAP local password database switch show fcsp dhchap database asciiwwn ascii wwn Optional Displays the ASCII representation of the WWN used with...

Page 734: ... Series Command Reference OL 16599 01 Chapter 9 Fibre Channel Show Commands show fcsp The following example displays he ASCII representation of the device WWN switch show fcsp asciiwwn 30 11 bb cc dd 33 11 22 Related Commands Command Description fcsp enable Enables the FC SP feature for this switch ...

Page 735: ...s vsan vsan id Optional Displays information for a VSAN The range is 1 to 4093 d_s_tov Optional Displays the distributed services time out value D_S_TOV in milliseconds e_d_tov Optional Displays the error detection time out value E_D_TOV in milliseconds f_s_tov Optional Displays the fabric stability time out value F_S_TOV in milliseconds r_a_tov Optional Displays the resource allocation time out v...

Page 736: ...lays all HBA management servers switch show fdmi database The following example displays VSAN1 specific FDMI information switch show fdmi database detail vsan 1 The following example displays details for the specified HBA entry switch show fdmi database detail Hba id 21 01 00 e0 8b 2a f6 54 vsan 1 database Displays the FDMI database contents detail Optional Specifies detailed FDMI information hba ...

Page 737: ...d device is displayed in the FLOGI table the fabric login is successful Examine the FLOGI database on a switch that is directly connected to the host HBA and connected ports Examples The following example displays details on the FLOGI database switch show flogi database The following example displays the FLOGI interface switch show flogi database interface fc 2 3 auto area list Displays the list o...

Page 738: ...apter 9 Fibre Channel Show Commands show flogi The following example displays the FLOGI VSAN switch show flogi database vsan 1 The following example displays the FLOGI for a specific FCID switch show flogi database fcid 0xef02e2 Related Commands Command Description show fcns database Displays all the local and remote name server entries ...

Page 739: ...played Examples The following example displays FSPF interface information switch show fspf interface vsan 1 fc2 1 The following example displays FSPF database information switch show fspf database vsan 1 This command displays FSPF information for a specified VSAN switch show fspf vsan 1 database Optional Displays the FSPF link state database vsan vsan id Optional Specifies the VSAN ID The range is...

Page 740: ...esent configured state of the in order delivery feature use the show in order guarantee command show in order guarantee Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples The following example displays the present configuration status of the in order delivery feature switch show in order guarantee Release Modification ...

Page 741: ... Command History Examples The following example displays the load balancing information for the specified source and destination in VSAN 3 switch show loadbalancing vsan 3 0x3345 0x2546 vsan vsan id Displays FLOGI database entries based on the FCID allocated The format is 0xhhhhhh source fcid Displays loadbalancing status for the specified source FCID The format is 0xhhhhhh dest fcid Displays load...

Page 742: ...table command show npv flogi table Syntax Description This command has no other keywords or arguments Command Default None Command Modes EXEC mode Command History Usage Guidelines The show npv flogi table command is available only when the switch is in NPV mode Examples The following example displays the information on NPV FLOGI session switch show npv flogi table Related Commands Release Modifica...

Page 743: ...show npv status Syntax Description This command has no other keywords or arguments Command Default None Command Modes EXEC mode Command History Usage Guidelines The show npv status command is available only when the switch is in NPV mode Examples The following example displays the current status of NPV switch show npv status Related Commands Release Modification 4 0 0 N1 1a This command was introd...

Page 744: ...w npv traffic map Syntax Description This command has no other keywords or arguments Command Default None Command Modes EXEC mode Command History Usage Guidelines The show npv traffic map command is available only when the switch is in NPV mode Examples The following example displays the current status of NPV switch show npv traffic map Related Commands Release Modification 4 0 0 N1 1a This comman...

Page 745: ...cation startup Syntax Description Command Default None Command Modes EXEC mode Command History Note On a switch where the maximum number of port indexes is 256 any module that exceeds that limit does not power up There is no startup module index distribution for the Cisco Nexus 5000 Series switch Examples The following example displays port index allocation information switch show port index alloc...

Page 746: ...how port security command with the last number option only the specified number of entries that appear first are displayed database Displays database related port security information active Optional Displays the activated database information vsan vsan id Optional Displays information for the specified database fwwn fwwn id Displays information for the specified fabric WWN interface Displays info...

Page 747: ...N port security in VSAN 1 switch show port security database fwwn 20 85 00 44 22 00 4a 9e vsan 1 The following example displays the configured fWWN port security in VSAN 1 switch show port security database fwwn 20 01 00 05 30 00 95 de vsan 1 The following example displays the interface port information in VSAN 2 switch show port security database interface fc 2 1 vsan 2 The following example disp...

Page 748: ...Command History Examples The following example displays RLIR information for VSAN 1 switch show rlir erl vsan 1 The following example displays RLIR statistics switch show rlir statistics vsan 1 erl Displays the Established Registration List vsan vsan id Optional Specifies a VSAN ID The range is 1 to 4093 history Displays the link incident history recent Displays recent link incidents interface fc ...

Page 749: ...no N port is interested in receiving RSCN information Examples The following example displays RSCN information switch show rscn scr table vsan 1 The following example displays RSCN statistics switch show rscn statistics vsan 1 The following example shows the RSCN event timeout value configured on VSAN 1 switch show rscn event tov vsan 1 The following example shows the difference between the active...

Page 750: ...t channel compatibility parameters The following example displays the SAN port channel database switch show san port channel database The following example displays the consistency status of the SAN port channel database switch show san port channel consistency The following example displays detailed information about the consistency status of the SAN port channel database switch show san port cha...

Page 751: ...c o c o m 9 43 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 9 Fibre Channel Show Commands show san port channel The show san port channel usage command displays details of the used and unused SAN port channel numbers switch show san port channel usage ...

Page 752: ...scsi target status auto poll Displays SCSI target auto polling information custom list Displays customized discovered targets devices Displays discovered SCSI target devices information vsan vsan range Optional Specifies the VSAN ID or VSAN range The range is 1 to 4093 fcid fcid id Optional Specifies the FCID of the SCSI target to display disk Displays discovered disk information lun Displays disc...

Page 753: ...overed disk information switch show scsi target disk The following example displays the discovered LUNs for all operating systems switch show scsi target lun os all The following example displays the discovered LUNs for the Solaris operating system switch show scsi target lun os solaris The following example displays auto polling information switch show scsi target auto poll The following example ...

Page 754: ...play topology information for connected SAN switches use the show topology command show topology vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example displays topology information switch show topology vsan vsan id Optional Displays information for a VSAN The range is 1 to 4093 Release Modification 4 0 0 N1 1a This command was i...

Page 755: ...otocol show trunk protocol To display trunk protocol status use the show trunk protocol command show trunk protocol Syntax Description This command has no arguments or keywords Command Default None Command Modes EXEC mode Command History Examples The following example displays trunk protocol status switch show trunk protocol Release Modification 4 0 0 N1 1a This command was introduced ...

Page 756: ... a hyphen and several interfaces using commas The interface range format for a Fibre Channel interface range is fcslot port port fcslot port fcslot port For example show int fc2 1 3 fc2 4 fc3 2 Examples The following example displays configured VSAN information switch show vsan 1 The following example displays membership information for all VSANs switch show vsan membership vsan id Optional Displa...

Page 757: ... b a ck c i s c o c o m 9 49 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 9 Fibre Channel Show Commands show vsan The following example displays membership information for a specified interface switch show vsan membership interface fc1 1 ...

Page 758: ...ption Command Default None Command Modes EXEC mode Command History Examples The following example displays the WWN of the switch switch show wwn switch The following example displays a user configured VSAN WWN switch show wwn vsan wwn status Displays a summary of WWN usage and alarm status block id number Optional Displays WWN usage and alarm status for a block ID The range is 34 to 1793 switch Di...

Page 759: ...an id Optional Displays zones belonging to the specified VSAN ID The range is 1 to 4093 analysis Optional Displays analysis of the zone database active Displays analysis of the active zone database vsan Displays analysis of the zone database for the specified VSAN zoneset zoneset name Displays analysis of the specified zoneset ess Optional Displays ESS information member Optional Displays all zone...

Page 760: ...asic merge control allow session none hard zoning enabled Default zone qos low broadcast disabled ronly disabled Full Zoning Database Zonesets 0 Zones 0 Aliases 0 Active Zoning Database Database Not Available Status Table 9 3 describes the significant fields shown in the show zone status vsan display Table 9 3 show zone status Field Descriptions Field Description VSAN VSAN number displayed default...

Page 761: ...h show zone analysis active vsan 1 The following example displays detailed statistics and analysis of the full zoning database switch sh zone analysis vsan 1 Zoning database analysis vsan 1 Full zoning database Last updated at 14 36 56 UTC Oct 04 2005 Last updated by Local CLI SNMP GS CIM INTERNAL or Merge interface or Remote Domain IP Address Switch name Num zonesets 1 Num zones 1 Num aliases 0 N...

Page 762: ...client CIM The full zoning database was modified by the applications using the Common Information Model CIM INTERNAL The full zoning database was modified as a result of an internal activation either from Inter VSAN Routing IVR or from the IP storage services manager Merge Indicates that the full database was last modified by the Merge protocol In this case the interface on which the merge occurre...

Page 763: ...r the wire The formatted database size is displayed in kilobytes in this format X KB Y KB as in the following example Formatted database size 1 KB 2000 KB In this example the formatted database size is less than 1 KB out of the maximum size of 2000 KB Unassigned zones Displays all the unassigned zones in the VSAN Only the names of the zones are displayed The details about the members of the zone a...

Page 764: ... vsan id vsan vsan id vsan vsan id Syntax Description Command Default None Command Modes EXEC mode Command History Examples The following example displays configured zone set information switch show zoneset vsan 1 The following example displays configured zone set information for a specific VSAN switch show zoneset vsan 2 3 active Optional Displays only active zone sets vsan vsan id Optional Displ...

Page 765: ... n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 10 1 Cisco Nexus 5000 Series Command Reference OL 16599 01 10 Vpc Commands This chapter describes the Cisco NX OS Vpc commands available on Cisco Nexus 5000 Series switches ...

Page 766: ...ws how to display the running configuration for port channel 10 switch config show running config interface port channel 10 version 4 0 1 interface port channel10 switchport switchport mode trunk Related Commands all Shows configuration with defaults ethernet slot port Number of the module and port number expand port profile Shows port profiles loopback number Number of the loopback interface The ...

Page 767: ...s example shows how to display the running configuration for a vPC switch config show running config vpc version 4 1 2 feature vpc vpc domain 2 role priority 1 system priority 32667 peer keepalive destination 10 10 76 52 source 10 10 76 51 udp port 3200 vrf ma engagement interval 1000 timeout 5 interface port channel10 vpc 20 interface port channel101 vpc 101 interface port channel200 vpc peer lin...

Page 768: ...shows how to display the information in the startup configuration for the interface Ethernet 7 1 switch config show startup config interface ethernet 7 1 version 4 1 2 interface Ethernet7 1 ip pim sparse mode Related Commands ethernet slot port Number of the module and port number expand port profile Shows port profiles loopback number Number of the loopback interface The range of values is from 1...

Page 769: ...and mode Command History Usage Guidelines This command does not require a license Examples This example shows how to display the vPC information in the startup configuration switch config show startup config vpc version 4 1 2 feature vpc vpc domain 1 interface port channel10 vpc peer link interface port channel20 vpc 100 Related Commands all Optional Displays startup configuration information for ...

Page 770: ...if you have not enabled the vPC feature See feature vpc for information on enabling vPCs You can display the track object if you have configured a tracked object for running vPCs on a single module under the vpc domain configuration mode This command does not require a license Examples This example shows how to display brief information about the vPCs switch config show vpc brief Legend local vpc ...

Page 771: ...n consistency status failed Configuration consistency reason vPC type 1 configuration incompatible STP interface port type inconsistent vPC role secondary Number of vPC configured 1 vPC Peer link status id Port Status Active vlans 1 Po10 up 1 100 vPC status id Port Status Consistency Reason Active vlans 20 Po20 up failed vPC type 1 configuration incompatible STP interface port type inconsistent Th...

Page 772: ...ck c i s c o c o m 10 8 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 10 Vpc Commands show vpc brief Related Commands Command Description feature vpc Enables vPCs on the device show port channel summary Displays information about port channels ...

Page 773: ... vPC peer link Note All the Type 1 configurations must be identical on both sides of the vPC peer link or the link will not come up The vPC Type 1 configuration parameters are as follows Port channel mode on off or active Link speed per channel Duplex mode per channel Trunk mode per channel Native VLAN VLANs allowed on trunk Tagging of native VLAN traffic Spanning Tree Protocol STP mode STP region...

Page 774: ...icense Examples This example shows how to display the vPC consistency parameters for the specified port channel switch config show vpc consistency parameters global Legend Type 1 vPC will be suspended in case of mismatch Name Type Local Value Peer Value STP Mode 1 Rapid PVST Rapid PVST STP Disabled 1 None None STP MST 1 Region Name STP MST 1 0 0 Region Revision STP MST 1 Region Instance to VLAN Ma...

Page 775: ... 1 None None Guard mode 1 on on Speed 1 10 Gb s 10 Gb s Duplex 1 full full Port Mode 1 trunk trunk Native Vlan 1 1 1 MTU 1 1500 1500 Allowed VLAN 1 100 1 100 bitset Related Commands Command Description show vpc brief Displays information about vPCs If the feature is not enabled the system displays an error when you enter this command show port channel summary Displays information about port channe...

Page 776: ... Usage Guidelines The show vpc orphan ports command displays those ports that are not part of the vPC but that share common VLANs with ports that are part of the vPC This command is not available if you have not enabled the vPC feature See feature vpc for information on enabling vPCs This command does not require a license Examples This example shows how to display vPC orphan ports switch config s...

Page 777: ... a ck c i s c o c o m 10 13 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 10 Vpc Commands show vpc orphan ports Related Commands Command Description feature vpc Enables vPCs on the device show vpc brief Displays brief information about vPCs ...

Page 778: ...onds Note We recommend that you create a separate VRF on the peer devices to send and receive the vPC peer keepalive messages Do not use the peer link itself to send the vPC peer keepalive messages This command is not available if you have not enabled the vPC feature See feature vpc for information on enabling vPCs This command does not require a license Examples This example shows how to display ...

Page 779: ...ommand Reference OL 16599 01 Chapter 10 Vpc Commands show vpc peer keepalive Keepalive vrf pkal Keepalive udp port 3200 Keepalive tos 192 Related Commands Command Description show vpc brief Displays information about vPCs If the feature is not enabled the system displays an error when you enter this command ...

Page 780: ...r adjacency vPC role of the VDC that you are working on vPC MAC address vPC system priority MAC address of the device that you are working on System priority for the device that you are working on This command is not available if you have not enabled the vPC feature See feature vpc for information on enabling vPCs This command does not require a license Examples This example shows how to display t...

Page 781: ... secondary vPC peer device assumes the role of primary device The following example shows how the vPC role displays then on the new primary device switch config show vpc role vPC Role status vPC role secondary operational primary Dual Active Detection Status 0 vPC system mac 00 23 04 ee be 64 vPC system priority 32667 vPC local system mac 00 22 55 79 de 41 vPC local role priority 32667 Related Com...

Page 782: ...rmation as the show interface port channel channel number command for the specified vPC port channel This command is not available if you have not enabled the vPC feature See feature vpc for information on enabling vPCs This command does not require a license Examples This example shows how to display statistics about the peer keepalive message switch show vpc statistics peer keepalive vPC keep al...

Page 783: ...mmand Reference OL 16599 01 Chapter 10 Vpc Commands show vpc statistics Related Commands Command Description show vpc brief Displays information about vPCs If the feature is not enabled the system displays an error when you enter this command show port channel summary Displays information about port channels ...

Page 784: ...Se n d c o m m e n t s t o n x 5 0 0 0 d o c f e e d b a ck c i s c o c o m 10 20 Cisco Nexus 5000 Series Command Reference OL 16599 01 Chapter 10 Vpc Commands show vpc statistics ...

Page 785: ...ccounting log command 6 12 clear cli history command 1 6 clear cores command 1 7 clear debug logfile command 1 8 clear device alias command 8 13 clear fcdomain command 8 14 clear fcflow stats command 8 15 clear fcns statistics command 8 16 clear fcsm log command 8 17 clear fcs statistics command 8 18 clear fctimer session command 8 19 clear fspf counters command 8 20 clear install failure reason c...

Page 786: ...mmand 1 33 exec timeout command 1 34 exit EXEC command 1 36 exit global command 1 37 F fabric binding activate command 8 38 fabric binding database command 8 39 fabric binding database diff command 8 40 fabric binding database vsan command 8 41 fabric binding enable command 8 43 fabric profile command 8 37 fcalias clone command 8 44 fcalias name command 8 45 fcalias rename command 8 46 fcdomain ab...

Page 787: ...tall license command 1 52 instance vlan command 2 18 interface ethernet command 2 20 interface fc command 8 90 interface policy deny command 6 39 interface port channel command 2 21 interface san port channel command 8 92 interface vfc command 8 94 ip access list command 6 40 ip igmp snooping EXEC command 2 23 ip igmp snooping VLAN command 2 24 ip port access group command 6 42 ipv6 access list co...

Page 788: ...it command 7 21 ntp distribute command 7 22 ntp sync retry command 7 23 P parity command 1 61 permit IPv4 command 6 53 permit IPv6 6 63 permit MAC command 6 72 permit interface command 6 75 permit vlan command 6 77 permit vrf command 6 79 ping6 command 1 64 ping command 1 62 pinning max links command 4 9 policy map type qos command 5 16 port channel load balance ethernet command 2 37 port security...

Page 789: ...debug npv command 9 4 show device alias command 9 5 show diagnostic result fex command 4 13 show environment command 1 81 show environment fex command 4 14 show fabric binding command 9 7 show fc2 command 9 9 show fcalias command 9 11 show fcdomain command 9 12 show fcdroplatency command 9 14 show fcflow stats command 9 15 show fcid allocation command 9 16 show fcns database command 9 17 show fcns...

Page 790: ...4 show policy map command 5 22 show policy map interface brief command 5 24 show policy map interface command 5 23 5 26 show port index allocation command 9 37 show port security command 9 38 show processes command 1 94 show processes cpu command 1 95 show processes log command 1 96 show processes memory command 1 97 show radius server command 6 106 show rlir command 9 40 show role command 6 108 s...

Page 791: ... bpduguard command 2 49 spanning tree cost command 2 51 spanning tree guard command 2 53 spanning tree link type command 2 54 spanning tree loopguard default command 2 55 spanning tree mode command 2 56 spanning tree mst configuration command 2 57 spanning tree mst cost command 2 59 spanning tree mst forward time command 2 61 spanning tree mst hello time command 2 62 spanning tree mst max age comm...

Page 792: ...able command 6 141 terminal length command 1 118 terminal session timeout command 1 119 terminal terminal type command 1 120 terminal width command 1 121 traceroute6 command 1 123 traceroute command 1 122 trunk protocol enable command 8 139 U udld configuration mode command 2 100 udld Ethernet command 2 102 untagged cos command 5 29 update license command 1 124 username command 6 145 use vrf comma...

Search results

Summary of Contents for AJ732A - MDS 9134 Fabric Switch

Reviews:

Related manuals for AJ732A - MDS 9134 Fabric Switch

Brands by name

Popular brands

Cisco AJ732A - MDS 9134 Fabric Switch, Command Reference Manual

Search results

Summary of Contents for AJ732A - MDS 9134 Fabric Switch

Reviews:

Related manuals for AJ732A - MDS 9134 Fabric Switch

Brands by name

Popular brands