manualshive.com logo in svg

D-Link 5000 Series, Cli Reference Manual

The Bosch 5000 Series is a high-performance appliance designed to elevate your cooking experience. With our user-friendly manual packed with Quick Tips, you'll master its advanced features effortlessly. Download the free manual from our website manualshive.com, and unlock the full potential of your Bosch 5000 Series appliance.

Share
Download
background image

5000 Series Layer 2/3 Managed Data Center Switch CLI Reference Guide 

1198 

 

 

 

For UDP: domain, echo, ntp, rip, snmp, tftp, time, and who. 

For both TCP and UDP, each of these keywords translates into its 
equivalent port number, which is used as both the start and end of a port 
range. 

If 

range

 is specified, the IP ACL rule matches only if the layer 4 port 

number falls within the specified portrange. The 

startport

 and 

endport

 

parameters identify the first and last ports that are part of the port range. 
They have values from 0 to 65535. The ending port must have a value 
equal or greater than the starting port. The starting port, ending port, 
and all ports in between will be part of the layer 4 port range. 

When 

eq

 is specified, the IP ACL rule matches only if the layer 4 port 

number is equal to the specified port number or portkey. 

When 

neq

 is specified, IP ACL rule matches only if the layer 4 port 

number is not equal to the specified port number or portkey. 

When 

lt

 is s specified, IP ACL rule matches if the layer 4 port number is 

less than the specified port number or portkey. It is equivalent to 
specifying the range as 0 to <specified port number — 1>. 

When 

gt

 specified, the IP ACL rule matches if the layer 4 port number is 

greater than the specified port number or portkey. It is equivalent to 
specifying the range as <specified port  1> to 65535. 

Two rules are added in the hardware one with range equal to 0 to 
<specified port number _- 1> and one with range equal to <<specified 
port  1 to 65535>> 

Note:

 Port number matches only apply to unfragmented or first 

fragments. 

dstip dstmask | any | host 
dstip 

Specifies a destination IP address and netmask for match condition of 
the IP ACL rule. 

Specifying any implies specifying dstip as 0.0.0.0 and dstmask as 
255.255.255.255. 

Specifying host A.B.C.D implies dstip as A.B.C.D and dstmask as 
0.0.0.0. 

precedence precedence | 
tos tos [tosmask] | dscp 
dscp 

Specifies the TOS for an IP ACL rule depending on a match of 
precedence or DSCP values using the parameters dscp, precedence, 
tas/tasmask. 

Note:

 

tosmask

 is an optional parameter. 

flag [+fin | -fin] [+syn | -syn] 
[+rst | -rst] [+psh | -psh] 
[+ack | -ack] [+urg | -urg] 
[established]   

Note:

 This option is available only if the protocol is tcp. Specifies that 

the IP ACL rule matches on the TCP flags. 

When +<tcpflagname> is specified, a match occurs if the specified 
<tcpflagname> flag is set in the TCP header. 

When -<tcpflagname> is specified, a match occurs if the specified 
<tcpflagname> flag is *NOT* set in the TCP header. 

When 

established

 is specified, a match occurs if the specified RST or 

ACK bits are set in the TCP header. Two rules are installed in the 
hardware when the established option is specified. 

icmp-type icmp-type [icmp-
code icmp-code] | icmp-
message icmp-message 

Note:

 This option is available only if the protocol is icmp. Specifies a 

match condition for ICMP packets. 

When 

icmp-type

 is specified, the IP ACL rule matches on the specified 

ICMP message type, a number from 0 to 255. 

When 

icmp-code

 is specified,the IP ACL rule matches on the specified 

ICMP message code, a number from 0 to 255. 

Summary of Contents for 5000 Series

Page 1: ...Draft 1 2 1 ...

Page 2: ... Naming Convention 9 Using the No Form of a Command 10 Executing Show Commands 11 CLI Output Filtering 11 3 D LINK OS Modules 12 Command Modes 12 Command Completion and Abbreviation 15 CLI Error Messages 16 CLI Line Editing Conventions 16 Using CLI Help 17 Accessing the CLI 18 4 Management Commands 19 Network Interface Commands 19 IPv6 Management Commands 26 Console Port Access Commands 41 Telnet ...

Page 3: ...dress Conflict Commands 216 Serviceability Packet Tracing Commands 218 sFlow Commands 272 Switch Database Management Template Commands 282 SFP Transceiver Commands 284 Remote Monitoring Commands 287 Spanning Tree Protocol Commands 309 VLAN Commands 340 Switch Ports 352 Double VLAN Commands 357 Provisioning IEEE 802 1p Commands 360 Protected Ports Commands 361 Port Based Network Access Control Comm...

Page 4: ... Link Detection Commands 568 Interface Error Disable and Auto Recovery 573 6 Data Center Commands 576 Data Center Bridging Exchange Protocol Commands 576 Quantized Congestion Notification Commands 581 FIP Snooping Commands 591 Priority Based Flow Control Commands 596 OpenFlow Commands 600 NVGRE VXLAN Commands 612 7 IPv4 Routing Commands 630 Address Resolution Protocol Commands 630 IP Routing Comma...

Page 5: ...Commands 851 OSPFv3 Interface Commands 872 OSPFV3 Graceful Restart Commands 878 OSPFv3 Stub Router Commands 880 OSPFv3 Show Commands 882 DHCPv6 Commands 901 DHCPv6 Snooping Configuration Commands 916 9 IP Multicast Commands 931 Multicast Commands 931 DVMRP Commands 944 PIM Commands 951 Internet Group Message Protocol Commands 970 IGMP Proxy Commands 980 10 IPv6 Multicast Commands 987 IPv6 Multicas...

Page 6: ...v6 Access Control List Commands 1209 Management Access Control and Administration List 1217 Time Range Commands for Time Based ACLs 1221 13 D LINK OS Log Messages 1226 Core 1226 Utilities 1227 Management 1231 Switching 1233 QoS 1239 Routing IPv6 Routing 1240 Multicast 1243 Technologies 1248 O S Support 1250 14 Switch Management 1252 D Link OS First Instance 1252 Upgrade D Link OS 1253 Install Othe...

Page 7: ...tions for the relevant networking device platform It is further assumed that readers will have basic knowledge of Ethernet and networking concepts Acronyms and Abbreviations The acronyms and abbreviations used in this guide are in most cases defined at their first use Acronym Expansion ACE access control entry ACL access control list AP access point API application programming interface APPL appli...

Page 8: ...Protocol EARL Enhanced Address Recognition Logic ECC error checking and correction EFC Extended Flow Control EM Event Manager EMD Error Message Decoder ENVM environmental monitoring EOBC Ethernet out of band channel EoMPLS Ethernet over Multiprotocol Label Switching EOU Extensible Authentication Protocol over UDP EPLD Erasable Programmable Logic Device ESF Express Services Forwarding FIB Forwardin...

Page 9: ...ocal Target Logic MAC Media Access Control MCAST Multicast MD5 message digest 5 MET Multicast Expansion Table MFIB Multicast Forwarding Information Base MIB Management Information Base MII media independent interface MLD message loading device MLS Multilayer Switching MLSM multi layer switching for multicast MMI Modem Management Interface MMLS Multicast Multilayer Switching MN mobile node MPPE Mic...

Page 10: ...acket over SONET POSLC Packet over SONET Line Card1 PVLAN private VLAN PXF Parallel Express Forwarding QDR Quad Data Rate QinQ IEEE 802 1Q in 802 1Q QM quality of service management QoS quality of service RACL router access control list RADIUS Remote Authentication Dial In User Service RF redundancy feature ROM read only memory ROMMON read only memory monitor RP route processor RPC Remote Procedur...

Page 11: ...ol Protocol TFIB Tag Forwarding Information Base ToS type of service UDP User Datagram Protocol URLF URL Filtering VACL VLAN access control list VC virtual circuit VCD virtual circuit descriptor VLAN Virtual LAN VLOU Virtual Logic Operation Unit VPLS Virtual Private LAN Service VPN Virtual Private Network VPNSM Virtual Private Network Services Module VRF VPN routing and forwarding VSA vendor speci...

Page 12: ... Indicates code for example include iostream Indicates command line commands and command outputs for example Routing show sysinfo Monospace italic Indicates command variables for example interface vlan vLan id Indicates mutually exclusive command line parameters for example network protocol none I bootp I dhcp Indicates optional command line parameters for example write memory confirm ...

Page 13: ... and D LINK OS software offers a highly adaptable solution for these constantly increasing demands For each networking device on which the D LINK OS software base runs the exact functionality provided by the device will vary according to the platform used and the requirements of the D LINK OS software The D LINK OS software comes equipped with a comprehensive set of management functions that can b...

Page 14: ...red The term gateway is an optional parameter meaning that it is not required that a value be entered in place of the parameter Each command is listed by the command name in the CLI Command Reference which also provides a brief description of each command The command keywords and the associated required and optional parameters are shown under Format The command mode used must be in to access the c...

Page 15: ...al format with leading zeros n CLI assumes decimal format Interface or slot port Used to indicate a valid slot and port number separated by a forward slash For example 0 1 denotes slot number 0 and port number 1 Logical Interface Indicates a logical slot and port number This applies in the case of a port channel LAG The logical slot port can be used to configure the port channel Character strings ...

Page 16: ... for routing functions only Loopback interfaces consist of logical interfaces that are constantly up Tunnel interfaces consist of logical point to point links in which encapsulated packets are carried CPU ports CPU ports consist of ports that are handled by the driver and are physical entities that are located in physical slots Note In the CLI itself the slot port format is not used for loopback i...

Page 17: ...e The options More or q uit are displayed at the end of each page o If pagination is enabled pressing the return key will advance the display by a single line pressing q or Q will cause the pagination to stop and pressing any other key will advance the display by a whole page No other configuring of these keys is possible Note Although pagination is already supported by some D LINK OS show command...

Page 18: ...he User EXEC mode commands can also be executed in the Privileged EXEC mode To help the user identify the current mode the command prompt changes for each different command mode The command modes and the prompts for each mode are shown in Table 5 Note The installed sotware modules determine which command modes are available on your switch For example if a switch does not support the BGPV4 module t...

Page 19: ... Server Switch Mail Server Includes commands that can be used to configure the e mail server Class Map Config Switch config class map Includes the commands for QoS class map configuration for IPv4 Router OSPF Config Switch config router Includes the commands for OSPF configuration BGP Router Config Switch config router Includes the commands for BGP4 configuration IPv6 Address Family Switch config ro...

Page 20: ... User EXEC mode Enter Logout if you wish to exit the User EXEC mode Table 6 CLI Mode Access and Exit Command Mode Access Method User EXEC The first level of access Privileged EXEC Enter enable while in the User EXEC mode Global Config Enter configure while in the Privileged EXEC mode VLAN Config Enter vlan database while in the Privileged EXEC mode Interface Config Enter one of the following terms...

Page 21: ...fig Enter mac access list extended name while in the Global Config mode IPv6 Access list Config Enter ipv6 access list name while in the Global Config mode Management Access list Config Enter management access list name while in the Global Config mode TACACS Config Enter tacacs server host ip addr where ip addr is the IP address of the TACACS server on your network while in the Global Config mode ...

Page 22: ...fy the command CLI Line Editing Conventions Table 8 provides a list of the key combinations that can be used to edit commands or raise the speed of command entry This list can be accessed from the CLI by entering help while in the User or Privileged EXEC modes Table 8 CLI Editing Conventions Key Sequence Description DEL or Backspace Deletes previous character Ctrl A Moves cursor to beginning of li...

Page 23: ...ommand keywords or parameters enter a question mark after each word you enter Routing network mgmt_vlan Configure the Management VLAN ID of the switch parms Configure Network Parameters of the router protocol Select DHCP BootP or None as the network config protocol In the event that the help output displays a parameter in angled brackets you must replace the parameter with an appropriate value Rou...

Page 24: ...r the initial connection a direct connection to the console port must be used The system cannot be accessed remotely until it has been assigned an IP address subnet mask and default gateway The network configuration information can be set manually or the user can configure the system to allow these settings to be made from a BOOTP or DHCP server on the network Please see Network Interface Commands...

Page 25: ... that display switch settings statistics and other information Configuration commands which are commands that can be used to configure the features and options of the switch Please note that for every configuration command there is a corresponding show command that shows the configuration setting Clear commands which are commands clear some or all of the user applied settings returning the configura...

Page 26: ... command that is used to execute the Privileged EXEC command script list while in the Global Config Mode Routing configure Routing config do script list Configuration Script Name Size Bytes backup config 2105 running config 4483 startup config 445 3 configuration script s found 2041 Kbytes free Routing config 4 3 serviceport ip This command sets the IP address the netmask and the gateway of the ne...

Page 27: ...til a response is received If you use the DHCP parameter the switch periodically sends requests to a DHCP server until a response is received If you use the none parameter you must configure the network information for the switch manually serviceport protocol none bootp dhcp Parameters None Default The default is DHCP Command Mode Privileged EXEC 4 5 serviceport protocol dhcp This command enables ...

Page 28: ...s and mask as well as the default gateway i e each of the values will be reset to the default value on the switch network parms ipaddr netmask gateway I none Parameters ipaddr Enter the summary address designated for a range of addresses here netmask Enter the IP subnet mask used for the summary route here gateway Optional Enter the gateway address used for the summary route here Default The defau...

Page 29: ... messages network protocol dhcp client id Parameters client id Optional Specifies a DHCP client identifier in hexadecimal notation Default The default is None Command Mode Global Config Usage Guideline The no form of the command network protocol dhcp client id is not supported Therefore issue the command network protocol dhcp without the client id option in order to remove the client id option fro...

Page 30: ...ing provides an example of a CLI display output for the network port Switching show network Interface Status Up IP Address 10 250 3 1 Subnet Mask 255 255 255 0 Default Gateway 10 259 3 3 IPv6 Administrative Mode Enabled Burned In MAC Address 00 05 64 2F 0D E5 MAC Address Type Burned In Configured IPv4 Protocol None Configured IPv6 Protocol None IPv6 AutoConfig Mode Disabled Management VLAN ID 1 Di...

Page 31: ...VLAN 4 10 show serviceport This command is used to display the service port configuration information show serviceport Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following provides an example of the CLI display output for the service port Switching show serviceport Interface Status Up IP Address 10 230 3 51 Subnet Mask 255 255 255 0 Default Gatew...

Page 32: ...entifier will be displayed in the output of the command For more information please see network protocol dhcp IPv6 Management Commands IPv6 management commands are used to manage a device via an IPv6 address in a switch or via IPv4 routing i e independent from the IPv6 Routing package For Routing IPv6 builds of D LINK OS dual IPv4 IPv6 operation over the service port is enabled D LINK OS has the f...

Page 33: ...tocol information on the port The no command can be used to remove any configured IPv6 prefixes on the service port interface When used with the address option the command removes the manually configured IPv6 global address on the network port interface The command can also be used with the autoconfig option in order to disable the stateless global address autoconfiguration on the service port Fina...

Page 34: ...meters gateway address Indicates the gateway address in the IPv6 global or link local address format Default The default is None Command Mode Privileged EXEC 4 15 serviceport ipv6 neighbor This command is used for the manual addition of IPv6 neighbors to the IPv6 neighbor table for the service port The entry is automatically converted to a static entry if an IPv6 neighbor already exists in the nei...

Page 35: ...or table network ipv6 neighbor ipv6 address macaddr no network ipv6 neighbor ipv6 address macaddr Parameters ipv6 address Indicates the IPv6 address of the neighbor or interface Default The default is None Command Mode Privileged EXEC 4 17 network ipv6 address When working with the network port the options of this command can be used to configure the IPv6 global address manually to enable disable ...

Page 36: ...toconfiguration capability dhcp Used to configure the DHCPv6 client protocol Default The default is None Command Mode Privileged EXEC 4 18 network ipv6 gateway This command is used to configure the IPv6 gateway i e default routers information for the network port The no command is used to remove IPv6 gateways on the network port interface network ipv6 gateway gateway address no network ipv6 gatewa...

Page 37: ...icates the IPv6 address of the neighbor Type Indicates the type of neighbor entry If the entry is manually configured the type is Static if the entry is dynamically resolved the type is Dynamic MAC Address Indicates MAC Address of the neighbor isRtr Indicates whether or not the neighbor is a router If TRUE the neighbor is a router if FALSE the neighbor is not a router Neighbor State Indicates the ...

Page 38: ...entry is manually configured the type is Static if the entry is dynamically resolved the type is Dynamic MAC Address Indicates the MAC Address of the neighbor isRtr Indicates whether or not the neighbor is a router If TRUE the neighbor is a router if FALSE the neighbor it is not a router Neighbor State Indicates the state of the neighbor cache entry The possible values are as follows Incomplete Re...

Page 39: ...isplay Parameters DHCPv6 Advertisement Packets Received Indicates the number of DHCPv6 Advertisement packets that have been received on the network interface DHCPv6 Reply Packets Received Indicates the number of DHCPv6 Reply packets that have been received on the network interface Received DHCPv6 Advertisement Packets Discarded Indicates the number of DHCPv6 Advertisement packets that have been di...

Page 40: ...tal number of DHCPv6 packets that have been transmitted on the network interface 4 22 show serviceport ipv6 dhcp statistics This command is used to show the statistics for the DHCPv6 client running on the network management interface show serviceport ipv6 dhcp statistics Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following provides an example of ...

Page 41: ...ved Indicates the total number of DHCPv6 packets that have been received on the service port interface DHCPv6 Solicit Packets Transmitted Indicates the number of DHCPv6 Solicit packets that have been transmitted on the service port interface DHCPv6 Request Packets Transmitted Indicates the number of DHCPv6 Request packets that have been transmitted on the service port interface DHCPv6 Renew Packet...

Page 42: ...ransmits a total of three pings to the target station By using the global IPv6 address of an interface the ipv6 address hostname parameter can be utilized to ping that interface while the optional size keyword can be used to specify the size of the ping packet Furthermore the outgoing interface option can be used to specify the outgoing interface for a multicast IPv4 IPv6 ping When using an IPv6 g...

Page 43: ... interface the interface keyword can be used to ping that interface while a loopback network port serviceport tunnel or physical interface can be used as the source In addition the optional size keyword can be used to specify the size of the ping packet The ipv6 address is used to indicate the link local IPv6 address of the device that the user wants to query and the outgoing interface option can ...

Page 44: ...ted by D LINK OS if the packet s destination address is located on one of the out of band management interfaces that is the service port or network port Similarly a packet that arrives on a management interface will not be accepted by D LINK OS if that packet s destination is an address located on a routing interface As such it would be pointless to send a traceroute on a management interface whil...

Page 45: ... traceroute will consider that probe a failure printing and send the next probe If the traceroute does receive a response to a probe within the indicated interval then it will immediately send the next probe The allowable values range from 1 to 60 seconds count count The optional count parameter can be used to specify the number of probes to be sent for each TTL value The allowable values range fr...

Page 46: ...e 43 traceroute Failure Routing traceroute 10 40 1 1 initTtl 1 maxFail 0 interval 1 count 3 port 33434 size 43 Traceroute to 10 40 1 1 30 hops max 43 byte packets 1 10 240 4 1 19 msec 18 msec 9 msec 2 10 240 1 252 0 msec 0 msec 1 msec 3 172 31 0 9 277 msec 276 msec 277 msec 4 10 254 1 1 289 msec 327 msec 282 msec 5 10 254 21 2 287 msec 293 msec 296 msec 6 192 168 76 2 290 msec 291 msec 289 msec 7 ...

Page 47: ...eroute ipv6 ipv6 address hostname port Parameters ipv6 address Select the IPv6 address to trace hostname Select the hostname to trace port Optional Select the UDP destination port in probe packets Default The default is None Command Mode Privileged EXEC Console Port Access Commands In this section the commands used to configure the console port are described The user can use a serial cable in orde...

Page 48: ...nal used for secure remote console access SSH Default The default is None Command Mode Global Config Example The following provides an example of the CLI command Routing config line telnet Routing config telnet 4 31 session timeout This command is used to specify the maximum connect time in minutes allowed without console activity If a value of 0 is entered that indicates that a console is allowed...

Page 49: ...meters Serial Port Login Timeout minutes Indicates the amount of time in minutes for which a serial port connection may remain inactive before the switch will close the connection Entering a value of 0 caused the timeout to be disabled Baud Rate bps Indicates the default baud rate at which a serial port will attempt to make a connection Character Size bits Indicates the number of bits in a charact...

Page 50: ...pen the Telnet listening port The no command is used to disable Telnet access to the system and in order to disable the Telnet Server Admin Mode This command is also used to close the Telnet listening port and to disconnect all open Telnet sessions ip telnet server enable no ip telnet server enable Parameters None Default The default is Disabled Command Mode Privileged EXEC 4 34 ip telnet port The...

Page 51: ... Select the IPv4 IPv6 address of the remote host hostname Select the hostname of the remote host port Select the port parameter default 23 Default The default is None Command Mode Privileged EXEC 4 36 telnetcon maxsessions This command is used to specify the maximum number of simultaneous outbound Telnet sessions No outbound Telnet session can be established if the value is set to 0 This command i...

Page 52: ...the timeout value is minutes telnetcon timeout 1 160 no telnetcon timeout Parameters None Default The default is 5 Command Mode Privileged EXEC 4 38 show telnet This command is used to display the current outbound Telnet settings These settings apply in other words to Telnet connections that are initiated from the switch to a remote system show telnet Parameters None Default The default is None Co...

Page 53: ...play Parameters Remote Connection Login Timeout minutes Indicates the amount of time in minutes for which a remote connection session may remain inactive before being logged off The value may be specified as any number from 1 to160 The factory default value is 5 Maximum Number of Remote Connection Sessions Indicates the allowed number of simultaneous remote connection sessions allowed The factory ...

Page 54: ...d is used to enable SSH access to the system The command is the shortened form of the ip ssh server enable command ip ssh server enable or ip ssh no ip ssh server enable Parameters None Default The default is Enabled Command Mode Privileged EXEC 4 41 ip ssh port This command is used to configure the TCP port number upon which requests are listened for by the SSH server Port numbers from 1 65535 ar...

Page 55: ...tions will be allowed but the existing SSH connections will continue to work until timed out or logged out The no command is used to disable the IP secure shell server ip ssh server enable no ip ssh server enable Parameters None Default The default is Disabled Command Mode Privileged EXEC 4 44 sshcon maxsessions This command is used to specify the maximum number of SSH connection sessions that are...

Page 56: ...set must consist of a decimal value from 1 to 160 The no command is used to set the default value as the value in minutes for the the SSH connection session timeout value A change of the timeout value for any active sessions does not go into effect until the session is re accessed Also the new timeout duration will be activated by any keystroke sshcon timeout 1 160 no sshcon timeout Parameters Non...

Page 57: ... Indicates in minutes the SSH timeout value Keys Present Indicates the presence or absence of the SSH RSA and DSA key files on the device Key Generation in Progress Indicates whether the generation of RSA or DSA key files is currently in progress Management Security Commands The commands used to generate keys and certificates are described in this section Such generation can be performed in additio...

Page 58: ...The default is None Command Mode Global Config Access Commands The commands in this section are used to close remote connections or in order to view information about connections to the system 4 49 disconnect The disconnect command is used to close Telnet or SSH sessions The all term is used to close all active sessions or the session id term is used to specify the session ID to close Use the show...

Page 59: ...using the command telnetcon timeout in the Line Console mode linuxsh ip port Parameters ip port Optional Indicates the number of the IP port upon which the telnet daemon listens for connections This ip port number must be an integer from 1 to 65535 default 2324 Default 2324 Command Mode Privileged EXEC 4 51 show loginsession This command is used to display the current Telnet SSH and serial port co...

Page 60: ...e telnet serial or SSH session 4 52 show loginsession long This command is used to display the full user names of those users currently logged in to the switch show loginsession long Parameters None Default The default is None Command Mode Privileged EXEC Example The following provides an example of the command Routing show login session long User Name Admin test1111test1111test1111test1111test111...

Page 61: ...d It is possible to use the same list name for both the exec and commands accounting types The use of AAA Accounting for commands with RADIUS as the accounting method is not possible For DOT1X accounting the only supported record type is either Start stop or None where the use of Start stop enables accounting and the use of None disables accounting The only accounting method type supported for DOT...

Page 62: ...thods list to be changed to tacacs radius from tacacs The following is another example of the command Routing Routing configure Routing config aaa accounting commands userCmdAudit stop only tacacs radius Routing config no aaa accounting commands userCmdAudit Routing config exit 4 54 aaa authentication commands aaa authentication enable This command is used to set authentication to allow the access...

Page 63: ... cases D LINK OS only produces a prompt for a password D LINK OS supports the configuring of methods after the local method is tried in the authentication and authorization lists The next configured method is tried only if the user is not present in the local database Only if the previous method returns an error are the additional methods of authentication used that is they are not used it if simp...

Page 64: ...hm tries is tried in the sequence in which they are identified in the method argument Each successive method of authentication in the list is only used if the previous method returns an error not in the event that there is an authentication failure If the user wishes to ensure that the authentication succeeds even if an error is returned by all the methods the user should specify none as the final...

Page 65: ... command switch config aaa authentication login default radius local enable none 4 55 authorization commands This command is used to apply a command authorization method list to an access method such as console telnet or ssh The no command is used to remove command authorization from a line config mode authorization commands listname default no authorization commands listname default Parameters li...

Page 66: ... database aaa ias user username user no aaa ias user username user Parameters user Select an existing Internal Authentication Server user name Default The default is None Command Mode Global Config Example The following is an example of the command Routing Routing configure Routing config aaa ias user username client 1 Routing config aaa ias user exit Routing config no aaa ias user username client...

Page 67: ...d in order to indicate that the password assigned to the command is already pre encrypted The no command is used to clear the password for a given user password encrypted no password Parameters password Indicates the password for this level 8 64 characters in length encrypted Optional Indicates that the encrypted password is to be entered with that password being copied from another switch configu...

Page 68: ...Routing config aaa ias User exit Routing config 4 59 clear aaa ias users This command is used to remove all users from the IAS database clear aaa ias users Parameters None Default The default is None Command Mode Privileged Config Example The following is an example of the command Routing Routing clear aaa ias users Routing 4 60 show aaa ias users This command is used to display the configured IAS u...

Page 69: ...is command is used in a Line Configuration mode in order to apply the accounting method list to a line config console telnet ssh The no command is used to remove accounting from a Line Configuration mode accounting exec commands default listname no accounting exec commands default listname Parameters exec Indicates that accounting will be applied for an EXEC session commands Indicates that account...

Page 70: ...ting show accounting Number of Accounting Notifications sent at beginning of an EXEC session 0 Errors when sending Accounting Notifications beginning of an EXEC session 0 Number of Accounting Notifications at end of an EXEC session 0 Errors when sending Accounting Notifications at end of an EXEC session 0 Number of Accounting Notifications sent at beginning of a command execution 0 Errors when sen...

Page 71: ...Commands dfltCmdsList stop only TACACS Commands UserCmdAudit start stop TACACS DOT1X dfltDot1xList start stop radius Line EXEC Method List Command Method List Console dfltExecList dfltCmdsList Telnet dfltExecList dfltCmdsList SSH dfltExecList UserCmdAudit 4 64 show authorization methods This command is used to display the configured authorization method lists show authorization methods Parameters N...

Page 72: ...ion This command is used to specify the login authentication method list for a line that is console telnet or SSH Use of the default configuration means that the default set with the aaa authentication login command is used The no command is used to return to the default specified by the authentication login command login authentication default list name no login authentication default list name P...

Page 73: ... default specified by authentication login command username name password password encrypted override complexity check level level encrypted override complexity check override complexity check level level override complexity check password no username name Parameters name Indicates the name of the user which must be 1 64 characters in length password password Indicates the authentication password ...

Page 74: ...t The following is a fourth example Routing config username test password e8d63677741431114f9e39a853al5e8fd35ad059e2elb49816c243d7e08152b052eafbf23b528d348cdbal b1b7ab91be842278e5e970dbfc62d16dcd13c0b864 level 1 encrypted override complexity check Routing config username test level 15 password Enter new password Confirm new password The following is a fifth example Routing config username test lev...

Page 75: ...Level 15 user can reactivate a locked user account username name unlock Parameters None Default The default is None Command Mode Global Config 4 69 show users This command is used to display the names and setting of the configured users Truncated user names will be displayed by the show users command while the show users long command can be used to display the complete user names Only users with Le...

Page 76: ...l 15 access 4 70 show users long This command is used to display the complete list of usernames configured on the switch show users long Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the command Routing show users long User Name admin guest test1111test1111test1111test1111 4 71 show users accounts This command is used to display the...

Page 77: ...cal user account s user name Access Level Indicates the user s access level with 1 indicating a non privileged user switch prompt and 15 indicating the highest level of privilege switch prompt Password Aging Indicates the time in days until the password configured for the user expires Password Expiry Date Indicates the current password s expiration date in date format Lockout Indicates whether or ...

Page 78: ...XEC Example The following is an example of user login history outputs Routing show users login history Login Time Username Protocol Location Jan 19 2005 08 23 48 Bob Serial Jan 19 2005 08 42 31 John SSH 172 16 0 1 Jan 19 2005 08 49 52 Betty Telnet 172 16 1 7 4 73 password Line Configuration The password command is used in the Line Configuration mode to specify a password on a line By default no pas...

Page 79: ...c0b864 encrypted Routing config line password Enter new password Confirm new password 4 74 password User EXEC This command is used to enable a user to change the password for himself or herself only The command should be utilized once the existing password has grown too old After using the command the user receives a prompt to enter the old password and the new password intended to replace it pass...

Page 80: ... EXEC Example The following is an example of the command Routing enable password testtest Routing enable password e8d63677741431114f9e39a853a15e8fd35ad059e2e1b49816c243d7e08152b052eafbf23b528d348cdba1 b1b7ab91be842278e5e970dbfc62d16dcd13c0b864 encrypted Routing enable password Enter old password Enter new password Confirm new password 4 76 passwords min length This command is used to enforce a min...

Page 81: ... users The range of valid values is 0 10 The no command is used to reset the password history to the default value passwords history 0 10 no passwords history Parameters None Default The default is 0 Command Mode Global Config 4 78 passwords aging This command is used to track the aging in days of local users passwords When the password of user expires the user will then be given a prompt to chang...

Page 82: ...y a user with Level 15 access Password lockouts do not apply to logins attempts made from the serial console The valid range of values for attempts is 1 5 The default value is 0 which means that no lockout count is enforced The no command is used to reset the password lockout count to the default value passwords lock out 1 5 no passwords lock out Parameters None Default The default is 0 Command Mo...

Page 83: ...no restriction placed on that set of characters passwords strength maximum consecutive characters 0 15 Parameters None Default The default is 0 Command Mode Global Config 4 82 passwords strength maximum repeated characters This command is used to specify the maximum number of repeated characters to be used to ensure password strength The valid range of values is 0 15 with the default value being 0...

Page 84: ...ase letters 0 16 no passwords strength minimum uppercase letters Parameters None Default The default is 2 Command Mode Global Config 4 84 passwords strength minimum lowercase letters This command is used to specify the minimum number of lowercase letters that a password must contain The valid range of values is 0 16 with the default value being 2 Using the minimum value of 0 means that there is no...

Page 85: ...ric characters 0 16 no passwords strength minimum numeric characters Parameters None Default The default is 2 Command Mode Global Config 4 86 passwords strength minimum special characters This command is used to specify the minimum number of special characters that a password must contain The valid range of values is 0 16 with the default value being 2 Using the minimum value of 0 means that there...

Page 86: ...s strength minimum character classes Parameters None Default The default is 4 Command Mode Global Config 4 88 passwords strength exclude keyword This command is used when configuring the password to exclude the specified keyword It will ensure that the keyword is not accepted as a substring by the password in any form for example in between the string case in sensitive or in reverse A maximum of u...

Page 87: ...isable Minimum Password Uppercase Letters 5 Minimum Password Lowercase Letters 5 Minimum Password Numeric Characters 2 Minimum Password Special Characters 2 Maximum Password Repeated Characters 1 Maximum Password Consecutive Characters 0 Minimum Password Character Classes 4 Password Exclude Keywords none Display Parameters Minimum Password Length Indicates the minimum number of characters that are...

Page 88: ...epeated characters that a password can contain when configuring passwords Maximum Password Consecutive Characters Indicates the maximum number of allowed consecutive characters when changing passwords Minimum Password Character Classes Indicates the minimum number of character classes lowercase uppercase numeric and special that are required when configuring passwords Password Exclude Keywords Ind...

Page 89: ...d con may be a maximum of 255 characters in length Note If you wish to clear the snmp server then simply enter an empty string in quotes For example entering snmp server sysname will clear the system name snmp server community community community group community group contact con enable traps bgp linkmode multiusers stpmode violation engineID engine id default filter filter name group group name h...

Page 90: ... multiple entries are made using the same community name the first of those entries is kept and processed while all the duplicate entries are ignored snmp server community community name ro rw su ipaddress ip address view view name no snmp server community community name Parameters community name Indicates a community name associated with the switch as well as with the set of SNMP managers that ma...

Page 91: ...allowed range of characters is 1 to 20 group name Indicates the name of the group with which the community is associated The allowed range of characters is 1 to 30 characters ipaddress ipaddress Optional Indicates the lPv4 address from which the community may be accessed Default The default is None Command Mode Global Config 4 94 snmp server enable traps violation This command is interpreted by th...

Page 92: ...sed to disable the traps snmp server enable traps no snmp server enable traps Parameters None Default The default is Enabled Command Mode Global Config Example The following is an example of the command Routing Config snmp server enable traps cr Press enter to execute the command bgp Press enter to execute the command linkmode Press enter to execute the command multiusers Press enter to execute th...

Page 93: ...t is DHCP Command Mode Global Config 4 97 snmp server enable traps linkmode This command is used to enable Link Up Down traps for the entire switch In the event that they are enabled link traps are only sent in the event that the Link Trap flag setting for the port is also enabled The no command is used to disable Link Up Down traps for the entire switch snmp server enable traps linkmode no snmp se...

Page 94: ...gy change notification traps The no command is used to disable the sending of both new root traps and topology change notification traps snmp server enable traps stpmode no snmp server enable traps stpmode Parameters None Default The default is Enabled Command Mode Global Config 4 100 snmp server enginelD local This command is used to configure the SNMP engine ID on a local device The no command i...

Page 95: ...it which traps will be sent to a host The no command is used to remove the specified filter snmp server filter filtername oid tree included excluded no snmp server filter Parameters filtername Indicates the label for the filter that is being created The allowed range of characters is 1 to 30 characters oid tree Indicates the OID subtree that is to be included or excluded from the filter Subtrees m...

Page 96: ...hat the group in question can gain access only when using Authentication but not Encryption Applicable only if SNMPv3 is selected priv Indicates that the group in question can gain access only when using both Authentication and Encryption This is only applicable if SNMPv3 is selected context context name Optional Indicates the SNMPv3 context used during access This is only applicable if SNMPv3 is ...

Page 97: ...notifications will be sent to the host timeout seconds Optional Indicates the number of seconds that the system will wait for an acknowledgment before the inform notification is resent The default value for this option is 15 seconds The allowable range of time is 1 to 300 seconds retries retries Optional Indicates the number of times that an inform notification will be resent The default value for...

Page 98: ...aps to the default UDP port snmp server trapsend portid no snmp server trapsend portid Parameters None Default The default is 50505 Command Mode Global Config 4 106 snmp server user This command is used to create an SNMPv3 user to whom access to the system is granted The no command is used to remove the specified SNMPv3 user snmp server user username groupname remote engineid string auth md5 passw...

Page 99: ...Optional Indicates a pregenerated SHA authentication key The length of this key will be 48 characters priv des password Optional Indicates the user password for authentication or encryption The range is 1 to 32 characters priv des key des key Optional Indicates a pregenerated DES encryption key The length of this key will be 32 characters if MD5 is selected whereas it will be 48 characters if SHA ...

Page 100: ...SNMP traps will be sent to the host This option constitutes the default option informs Indicates that SNMP inform notifications to be sent to hosts timeout seconds Indicates the number of seconds default 15 sec range 1 to 300 sec that the system will wait for an acknowledgment before the inform notification is resent retries retries Indicates the number of times default 3 attempts range 0 to 255 t...

Page 101: ... source interface Parameters slot port Indicates the port that will be used as the source interface loopback loopback id Indicates the loopback interface that will be used as the source interface range 0 to 7 tunnel tunnel id Indicates the tunnel interface that will be used as the source interface range 0 to 7 vlan vlan id Indicates the VLAN that will be used as the source interface Default The de...

Page 102: ...NK Read Only Default All Community String Group Name IP Address D LINK DefaultRead All Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Community Version UDP Filter TO Retries Port name Sec 192 168 1 10 Trap D Link 2 162 Version 3 notifications Target Address Type Username Security UDP Filter TO Retries Level Port name Sec 192 168 1 20 Inform D Link Au...

Page 103: ...hich the trap or inform notification will be sent Filter name Indicates the filter by which the traps will be limited for this host TO Sec Indicates the number of seconds before the inform notifications will time out when sent to this host Retries Indicates the number of times that inform notifications will be sent after timing out Target Address Indicates the address of the host to which traps wi...

Page 104: ... Display Parameters Local SNMP EngineID Indicates the current configuration for the displayed SNMP enginelD 4 112 show snmp filters This command is used to show the configured filters that are used when sending traps show snmp filters filtername Parameters filtername Optional Select the SNMP filter name to display its configuration Default The default is None Command Mode Privileged EXEC Example T...

Page 105: ...mmand Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show snmp group Name Context Security Security Read Write Notify Prefix Model Level View View View D LINK V2 NoAuth NoPriv Default DefaultRead V1 NoAuth NoPriv Default Default DefaultRead V2 NoAuth NoPriv Default Default DefaultRead V3 NoAuth NoPriv Default Default DefaultRead V3 Auth N...

Page 106: ...security level assigned to this group Read View Indicates the view to which this group provides read access Write View Indicates the view to which this group provides write access Notify View Indicates the view to which this group provides trap access 4 114 show snmp server This command is used to show the current SNMP server user configuration show snmp server Parameters None Default The default ...

Page 107: ...utput for the command Routing Routing Config show snmp user Name Group Name Auth Meth Priv Meth Remote Engine ID Test D Link 800000ab0300a0c9000001 Test1 D Link SHA DES 800000ab0300a0c9000001 Display Parameters Name Indicates the name of the user Group Name Indicates the group that defines the SNMPv3 access parameters Auth Method Indicates the authentication algorithm configured for the given user...

Page 108: ...r the given entry OID Tree Indicates the OID tree that the given entry will include or exclude Type Indicates whether or not the given entry includes or excludes the OID tree 4 117 show trapflags This command is used to show the trap conditions The display for the command shows all of the enabled trapflags By enabling or disabling the trap condition the user can configure which traps the switch sho...

Page 109: ...eter indicates whether or not link status traps will be sent It can be either enabled or disabled factory default enabled Multiple Users Flag This parameter indicates whether or not a trap will be sent when the same user ID is logged into the switch more than once at the same time either through Telnet or the serial port It can be either enabled or disabled factory default enabled Spanning Tree Fl...

Page 110: ... traps are sent It can be either enabled or disabled factory default disabled In the event that any of the trap flags are not enabled the command display will show disabled Otherwise the command shows the information for all the enabled traps Temperature trap This parameter indicates whether or not Temperature traps are sent It can be either enabled or disabled factory default disabled In the even...

Page 111: ... commands used to configure the switch so that it can use a Remote Authentication Dial In User Service RADIUS server on your network for the purposes of authentication and accounting are described 4 119 aaa server radius dynamic author This command is used to enable Change of Authorization CoA functionality and in order to enter the dynamic authorization local server configuration mode The no comm...

Page 112: ...y no auth type Parameters any Select any CoA client authentication types Authentication attributes must match to allow authentication all Select all CoA client authentication types Authentication attributes must match to allow authentication Session key Select the session key to match to authorize authentication Default The default is All Command Mode Dynamic Authorization Example Routing Config r...

Page 113: ... default is None Command Mode Privileged EXEC Example The following provides an example of the command Routing clear radius dynamic author statistics Are you sure you want to clear statistics y n y Statistics cleared 4 123 client This command is used to specify the IP address or hostname of the AAA server client To configure the server key at the client level the optional server key keyword and st...

Page 114: ...e Command Mode Dynamic Authorization Example Routing Config radius da client 10 0 0 1 server key 7 device1 Routing Config radius da no client 10 0 0 1 4 124 debug aaa coa This command is used to show Dynamic Authorization Server processing debug information debug aaa coa Parameters None Default The default is None Command Mode Priviledged EXEC 4 125 debug aaa pod This command is used to show messa...

Page 115: ...uests ipaddr Optional The IP address of the server Default The default is None Command Mode Global Config Example The following provides an example of the command Routing Config radius server attribute 4 192 168 37 60 Routing Config 4 127 radius server host This command is used to configure the IP address or DNS name that is to be used when communicating with the RADIUS server for the selected ser...

Page 116: ...ecified port will replace the currently configured port allowed port number range 0 65535 default value 1813 Note Set the port parameter to 1813 in order to reconfigure a RADIUS accounting server so that the default UDP port will be used To delete a configured server entry from the list of configured RADIUS servers use the no version of this command In the event that the RADIUS authenticating serv...

Page 117: ...ed configuration allows the RADIUS server s secrets to be supported in both encrypted and non encrypted formats When the configuration is saved these secret keys are stored solely in the encrypted format If the user wishes to enter the key in the encrypted format the key must be entered along with the encrypted keyword Furthermore these secret keys are displayed in the encrypted format in the show...

Page 118: ...rver primary This command is used to specify the configured server that will serve as the primary server among a group of servers that share the same server name It should be noted however that multiple such primary servers can be configured for any group of servers that share the same name The RADIUS client will by default use the primary server that has the specified server name in the event tha...

Page 119: ...ical or logical interface that will be used as the RADIUS client source interface i e the source IP address The address configured as the source interface will be used for all RADIUS communications between the RADIUS client and the RADIUS server More specifically the source interface IP address selected will be used to fill the IP header of RADIUS management protocol packets This in turn allows se...

Page 120: ...ed to configure the global parameter for the RADIUS client that defines the timeout value in seconds after which retransmission of a request to the RADIUS server must occur if no response has been received The timeout value must consist of an integer within the range of 1 to 30 The no command is used to reset the timeout global parameter back to the default value radius server timeout seconds no r...

Page 121: ...r the given client only The string should be enclosed in quotes in order to use special characters or embedded blanks Default The default is None Command Mode Dynamic Authorization Example Routing Config radius da server key encrypted mydevice Routing Config radius da no server key 4 135 show radius servers This command is used to display the authentication parameters show radius servers ipaddr na...

Page 122: ...Ignored 55 Number of CoA Missing Unsupported Attribute Requests 18 Number of CoA Session Context Not Found Requests 5 Number of CoA Invalid Attribute Value Requests 11 Number of Administratively Prohibited Requests 3 4 136 show radius This command is used to show the values that have been configured for the global parameters of the RADIUS client show radius Parameters None Default The default is N...

Page 123: ...henticating server servername Optional Indicates the alias name used to identify the server Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show radius servers Current Host Address Server Name Port Type 192 168 37 200 Network1_RADIUS_Server 1813 Primary 192 168 37 201 Network2_RADIUS_Server 1813 Secondar...

Page 124: ...ecret Configured No Message Authenticator Enable Number of Retransmits 4 Time duration 10 RADIUS Accounting Mode Disable RADIUS Attribute 4 Mode Enable RAIDUS Attribute 4 Value 192 168 37 60 4 138 show radius accounting This command is used to show a summary of the configured RADlUS accounting servers lf no parameters are specified then only the details of the accounting mode and the RADIUS accoun...

Page 125: ...ed Yes 4 139 show radius statistics This command is used to show the summary statistics for the configured RADIUS Authenticating servers show radius statistics ipaddr dnsname name servername Parameters ipaddr Indicates the IP address of the server dnsname Indicates the DNS name of the server servername Optional Indicates the alias name used to identify the server Default The default is None Command...

Page 126: ... Packets Dropped 0 4 140 show radius source interface The show radius source interface command is used in the Privileged EXEC mode to show the details of the configured global source interface used for a RADIUS client The IP address for the interface that has been selected is used as the source IP address for all communications with the server show radius source interface Parameters None Default T...

Page 127: ...Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show radius statistics 192 168 37 200 RADIUS Server Name Default_RADIUS_Server Server Host Address 192 168 37 200 Access Requests 0 00 Access Retransmissions 0 Access Accepts 0 Access Rejects 0 Access Challenges 0 Malformed Access Responses 0 Bad Authenticators 0 Pending Requests 0 Timeouts 0...

Page 128: ... delivery in addition to using a shared key that is configured on both the client and the daemon server to encrypt all messages 4 142 tacacs server host The tacacs server host command is used in the Global Configuration mode to configure a TACACS server This command is used to enter into the TACACS configuration mode The ip address hostname parameter consists of the IP address or the hostname of t...

Page 129: ...fault is 0 Command Mode TACACS Config 4 144 keystring The keystring command is used to re confirm the authentication and encryption key function key key string encrypted Parameters key string Indicates a string value length 0 128 characters Encrypted Indicates a pre encrypted key Default The default is 0 Command Mode TACACS Config 4 145 port The port command is used to select the TACACS server por...

Page 130: ...ty command is used in the TACACS Configuration mode to define the order that servers are used in where 0 zero indicates the highest priority server range 0 65535 priority priority Parameters None Default The default is 0 Command Mode TACACS Config 4 147 timeout The key command is used to define the timeout value timeout timeout Parameters timeout Indicates a string value range 1 30 seconds Default...

Page 131: ...tered along with the encrypted keyword Furthermore these secret keys are displayed in the encrypted format in the show running config command s display while these keys cannot be shown in plain text format The no command is used to disable the encryption key and authentication for all TACACS communications between the TACACS daemon and the switch The allowed range for the key string parameter is 0...

Page 132: ...ific switch If no source interface is specified the primary IP address for the outbound originating interface will be used as the source address The no command is used to remove the global source interface that is the selected source IP for all TACACS communications between the server and the TACACS client tacacs server source interface slot port loopback loopback id vlan vlan id network servicepo...

Page 133: ...ers back to the default value tacacs server timeout timeout no tacacs server timeout Parameters timeout Select the timeout value 1 30 seconds for the TACACS server Default 5 seconds Default The default is 5 Command Mode Global Config Configuration Scripting Commands The use of Configuration Scripting allows the user to generate text formatted script files that represent a system s current configur...

Page 134: ...nt is flaged by the exclamation point character More specifically the comment flag character can be used to begin a word at any point on the command line with all input following this character being ignored In other words any command line beginning with the character is recognized by the parser as a comment line and thus ignored The following lines provide an example of a script Script file for d...

Page 135: ...ile name of the configuration script all Select to delete all the configuration script files from the switch Default The default is None Command Mode Privileged EXEC 4 154 script list This command is used to list all of the scripts currently present on the switch Use of the command will also cause the remaining available places to be shown script list Parameters None Default The default is None Co...

Page 136: ...t may not be successful in identifying all problems for a given script on every device script validate scriptname Parameters scriptname Indicates the file name of the configuration script Default The default is None Command Mode Privileged EXEC Pre login Banner System Prompt and Host Name Commands In this section the commands used to configure the system prompt and the pre login banner are describ...

Page 137: ...t_string Parameters prompt_string Indicates the system prompt up to 64 case sensitive characters Default The default is None Command Mode Privileged EXEC 4 159 set clibanner This command to is used to configure the pre login CLI banner prior to displaying the login prompt The no command is used to remove any configuration of the pre login CLI banner set clibanner line no set clibanner Parameters l...

Page 138: ...splayed before the CLI prompt is displayed show clibanner Parameters None Default No content is displayed before login prompt Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show clibanner Banner Message configured TEST 4 161 hostname This command is used to set the system hostname Using it also causes the prompt to be changed The ...

Page 139: ...ti This command is used to enable the FPTI mode either globally Global Config mode or for a specific interface Interface Config mode The no command is used to disable the FPTI mode fpti no fpti Parameters None Default The default is Enabled Command Mode Global Config Interface Config 4 163 show port fpti This command is used to display the global FPTI mode as well as the FPTI mode on all the inter...

Page 140: ...Panel Tap Interface Mode Enabled Intf Mode 0 1 Enabled 0 2 Enabled 0 3 Enabled 0 4 Enabled 0 5 Enabled 0 6 Enabled 0 7 Enabled 0 8 Enabled 0 9 Enabled 0 10 Enabled 0 11 Enabled 0 12 Enabled 0 13 Enabled 0 14 Enabled 0 15 Enabled 0 16 Enabled 0 17 Enabled 0 18 Enabled 0 19 Enabled 0 20 Enabled 0 21 Enabled 0 22 Enabled 0 23 Enabled 0 24 Enabled Switching show port fpti 0 1 Port 0 1 Front Panel Tap ...

Page 141: ...5000 Series Layer 2 3 Managed Data Center Switch CLI Reference Guide 135 ...

Page 142: ...Ports Double VLAN Commands Provisioning IEEE 802 1p Commands Protected Ports Commands Port Based Network Access Control Commands 802 1X Supplicant Commands Task based Authorization Asymmetric Flow Control Commands Storm Control Commands Link Dependency Commands MVR Commands Port Channel LAG 802 3ad Commands VPC Commands Port Mirroring Static MAC Filtering DHCP L2 Relay Agent Commands DHCP Client C...

Page 143: ...ommands This command is used to make the application began by the designed executable file ready and available to be configured and executed The way in which the application is run on the switch is determined by the parameters of this command An already installed application file name can be used to update the parameters when issuing this command Doing so will update the configuration for when the...

Page 144: ...stop This command is used to stop the execution of the specified application application stop filename Parameters filename Indicates the name of application to stop Default The default is None Command Mode Privileged EXEC 5 4 show application This command is used to show the installed applications and their parameters show applications Parameters None Default The default is None Command Mode Privi...

Page 145: ... restart after it ends No indicates that the application process will not restart automatically after it ends Max CPU Util Indicates as a percentange the configured application CPU utilization limit None is shown if unlimited Max memory Indicates in megabytes the configured application memory limit None is shown if unlimited 5 5 show application files This command is used to show the files in the sw...

Page 146: ...tion directory CLI Output Filtering Commands 5 6 show xxx include string With this filtering command the command xxx is executed but the output is filtered so that only the lines containing a match for the string are shown while all the non matching lines in the output are not displayed Example The following provides an example of the CLI command Routing show running config include spanning tree s...

Page 147: ...ines not containing a match for the string are shown Example The following provides an example of the CLI command Routing show interface 0 1 Packets Received Without Error 0 Packets Received With Error 0 Broadcast Packets Received 0 Packets Transmitted Without Errors 0 Transmit Packet Errors 0 Collision Frames 0 Time Since Counters Last Cleared 20 day 21 hr 30 min 9 sec Routing show interface 0 1 ...

Page 148: ...nd xxx is executed but the output is filtered so that only lines included within the section s identified by lines containing a match for the string and ending with the first line containing a match for the string2 are shown If multiple sections that match the specified string criteria are included in the base output then all such sections are displayed 5 12 show xxx section string include string2...

Page 149: ...lt The default is None Command Mode Privileged EXEC 5 14 dir This command is used to list the files included in the directory mnt fastpath in flash from the CLI dir Parameters None Default The default is None Command Mode Privileged EXEC Example Routing dir 0 drwx 2048 May 09 2002 16 47 30 0 drwx 2048 May 09 2002 16 45 28 0 rwx 592 May 09 2002 14 50 24 slog2 txt 0 rwx 72 May 09 2002 16 45 28 boot d...

Page 150: ... eventlog Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show eventlog Time File Line TaskID Code yyyy mm dd hh mm ss EVENT bootos c 192 0E634DDC AAAAAAAA 2018 04 23 05 34 17 EVENT bootos c 192 0F6A0DDC AAAAAAAA 2018 04 20 07 23 52 EVENT bootos c 192 0F332DDC AAAAAAAA 2018 03 24 07 25 27...

Page 151: ...um temperature allowed for normal operation range 100 C to 100 C default 0 C max 100 100 Indicates the maximum temperature allowed for normal operation range 100 C to 100 C default 0 C Default The default is None Command Mode Global Config 5 17 environment trap This command is used to configure environment status traps environment trap fan I powersupply temperature Parameters fan This parameter is...

Page 152: ... 0 to 97 degrees Celsius Temperature Sensors Unit Sensor Description Temp C State Max_Temp C 1 1 Core 0 35 Normal 38 1 2 Core 1 35 Normal 38 1 3 Core 2 35 Normal 39 1 4 Core 3 35 Normal 39 1 5 Switch Temp 53 Normal 54 1 6 Temp_1 38 Normal 39 1 7 Temp_2 40 Normal 41 Fans Unit Fan Description Type Speed Duty level State 1 1 Fan1_rotor1 Removable 5844 45 Operational 1 2 Fan1_rotor2 Removable 4804 45 ...

Page 153: ...tional Displays information relating to the fan environment Type Optional Indicates the hardware type Speed Optional Indicates the fan speed Duty Level Optional Indicates the current operational value of the component State Optional Indicates the current state of the component Power Supply Optional Displays power supply voltage and current information If applicable displays the status of the redun...

Page 154: ...er BXS500054SAF A1 Maintenance Level A1 Manufacturer D LINK Burned In MAC Address 00 05 64 2F 0D E5 Software Version 1 00 005 Operating System Linux 3 16 0 29 generic Network Processing Device 6592_B1 Additional Packages BGP 4 QOS Multicast IPv6 Routing Data Center Open API Prototype Open API Display Parameters System Description This parameter consists of text that isused to identify the product ...

Page 155: ...ace This command is used to display a summary of the statistics for a given specified interface or to display a count of all the CPU traffic based upon the argument show interface slot port counters dampening debounce ethernet lag lag id loopback priority flow control switchport tunnel Parameters slot port Select a slot port interface counters Indicates the summary statistics for all ports on the ...

Page 156: ...broadcast address Receive Packets Discarded Indicates the number of inbound packets that were selected for discard even though no errors preventing their delivery to a higher layer protocol had been detected One potential reason for discarding such packets would be to free up buffer space Packets Transmitted Without Error Indicates the total number of packets transmitted from the interface Transmi...

Page 157: ...ers slot port Optional Select a slot port to display its status vlan id Optional Select a VLAN interface all Optional Select to display all interfaces lag Optional Select a lag interface Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show interfaces status 0 1 Port Name Link Physical Physical Media Flow...

Page 158: ...for all the ports physical CPU port channel show interface counters Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show interface counters Port InOctets InUcastPkts InMcastPkts InBcastPkts 0 1 0 0 0 0 0 2 0 0 0 0 0 3 15098 0 31 39 0 4 0 0 0 0 0 5 0 0 0 0 ch1 0 0 0 0 ch2 0 0 0 0 ch64 0 0 ...

Page 159: ...terface OutOctets Indicates the number of outbound octets that have been transmitted by the interface OutUcastPkts Indicates the number of outbound unicast packets that have been transmitted by the interface OutMcastPkts Indicates the number of outbound multicast packets that have been transmitted by the interface OutBcastPkts Indicates the number of outbound broadcast packets that have been trans...

Page 160: ... percent utilization on a scale of 0 to 100 percent of the Ethernet segment Packets Received 64 Octets Indicates the total number of received packets including bad packets that were 64 octets in length excluding framing bits but including FCS octets Packets Received 65 127 Octets Indicates the total number of received packets including bad packets that were between 65 and 127 octets in length incl...

Page 161: ... excluding framing bits but including FCS octets Packets RX and TX 1024 1518 Octets Indicates the total number of received and transmitted packets including bad packets that were between 1024 and 1518 octets in length inclusive excluding framing bits but including FCS octets Packets RX and TX 1519 2047 Octets Indicates the total number of received and transmitted packets that were between 1519 and...

Page 162: ...cluding FCS octets Alignment Errors Indicates the total number of received packets that had a length excluding framing bits but including FCS octets of between 64 and 1518 octets inclusive but that also had a bad Frame Check Sequence FCS with a non integral number of octets FCS Errors Indicates the total number of received packets that had a length excluding framing bits but including FCS octets o...

Page 163: ...uding framing bits but including FCS octets Packets Transmitted 1518 Octets Indicates thehe total number of transmitted packets that were longer than 1518 octets excluding framing bits but including FCS octets and were otherwise well formed Max Frame Size Indicates the maximum size of the Info non MAC field that the port in question will receive or transmit Maximum Transmit Unit Indicates the maxi...

Page 164: ...ol frames with an opcode indicating the PAUSE operation transmitted on this interface This count does not change when the interface is operating in half duplex mode Protocol Statistics STP BPDUs Transmitted Indicates the number of Spanning Tree Protocol Bridge Protocol Data Units sent STP BPDUs Received Indicates the number of Spanning Tree Protocol Bridge Protocol Data Units received PVST BPDUs T...

Page 165: ...mmon interval Total Octets Received Indicates the total number of octets of data received on the network excluding framing bits but including Frame Check Sequence FCS octets and those in bad packets This parameter provides a reasonable estimate of Ethernet utilization If the user requires greater precision the etherStatsOctets and etherStatsPkts objects should be sampled before and after a common ...

Page 166: ... forwarding database entries which are utilized by the transparent bridging function to decide how to forward a received frame Enter either the all parameter or the no parameter to show the entire table To display the table entry for a specific MAC address on the specified VLAN enter that MAC Address and the VLAN ID To view summary information about the forwarding database table enter the count pa...

Page 167: ...cates the port through which the address in question was learned Interface Index Indicates the iflndex of the interface table entry that is associated with the port in quesiton Status Indicates the status of this entry The meanings for the values are as follows Static Indicates that the value of the corresponding instance was added by a user or the system when a static MAC filter was defined This v...

Page 168: ... the forwarding database can handle 5 26 process cpu threshold This command is used to configure the CPU utilization thresholds with the Rising and Falling thresholds being specified as a percentage of the CPU resources The utilization monitoring time period must be in multiples of 5 seconds and can be configured to be any value from 5 seconds to 86400 seconds The configuration of the CPU utilizat...

Page 169: ...lization threshold value must always be set at equal to or less than the rising threshold value falling interval Indicates the duration in seconds for the CPU falling threshold violation that must be met to trigger a notification range 5 to 86400 default 0 disabled 5 27 show process app list This command is used to show the user and system applications show process app list Parameters None Default ...

Page 170: ... is used to show the configured and in use processes show process proc list Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show process proc list PID Process Name Application ID Name Chld VM Size KB VM Peak KB FD Count 15260 procmgr 0 procmgr No 1984 1984 8 15309 dataplane 1 dataplane No ...

Page 171: ...ow the configured and in use resources of each application show process app resource list Parameters None Default The default is None Command Mode Privileged EXEC Example Routing show process app resource list ID Name PID Memory Limit CPU Share Memory Usage Max Mem Usage 1 switchdrvr 251 Unlimited Unlimited 380 MB 381 MB 2 syncdb 252 Unlimited Unlimited 0 MB 0 MB 3 syncdb test 0 Unlimited Unlimited...

Page 172: ...o show the percentages of CPU utilization by different tasks It should be noted that it is not only the traffic to the CPU that could keep it busy but the different tasks as well show process cpu threshold Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command using Linux Switching show process cpu Memo...

Page 173: ...shown Note If a text based configuration file is used then the show running config command will only show the configured physical interfaces That is if any interface contains only the default configuration then that interface will be skipped when generating the show running config command output This is true in fact for any configuration mode for which nothing but the default configuration is used I...

Page 174: ...nnel loopback and VLAN interfaces show running config interface interface lag lag intf num loopback loopback id tunnel tunnel id vlan vlan id Parameters interface Indicates the running configuration for the specified interface lag lag intf num Indicates the running configuration for the LAG interface loopback loopback id Indicates the running configuration for the loopback interface tunnel tunnel i...

Page 175: ...ults files that are saved in a compressed form in flash When this command is used the files are decompressed when their content is shown show startup config backup config factory defaults Parameters startup config Indicates the content of the startup config file backup config Indicates the content of the backup config file factory defaults Indicates the content of the factory defaults file Default...

Page 176: ...exit interface 0 50 speed 40G full duplex routing ip address 1 1 1 2 255 255 255 252 ip ospf area 1 exit router ospf router id 192 168 1 30 exit ipv6 router ospf exit exit The following is an example of the CLI display output for the command when using the backup config parameter Routing show backup config Current Configuration System Description DQS 5000 54SQ28 48 25GE 6 100GE 1 0 4 Linux 3 16 0 ...

Page 177: ...1 spanning tree mst priority 1 20480 spanning tree mst vlan 1 10 spanning tree mst instance 2 spanning tree mst vlan 2 20 spanning tree mst instance 3 spanning tree mst vlan 3 30 interface 0 5 speed 10G full duplex addport 3 1 exit interface 0 6 speed 10G full duplex addport 3 1 exit interface 0 9 speed 10G full duplex addport 3 3 exit interface 0 10 speed 10G full duplex addport 3 3 exit snmp ser...

Page 178: ...the factory defaults parameter Routing show factory config Current Configuration System Description DQS 5000 54SQ28 48 25GE 6 100GE 1 00 005 Linux 3 16 0 29 generic System Software Version 1 00 005 System Up Time 0 days 0 hrs 0 mins 29 secs Additional Packages BGP 4 QOS Multicast IPv6 Routing Data Center Current System Time Apr 26 13 50 51 2018 vlan database exit configure ip routing vxlan enable ...

Page 179: ...hrs 3 mins 44 secs Apr 25 01 38 00 2018 UTC MIBs Supported RFC 1907 SNMPv2 MIB The MIB module for SNMPv2 entities HC RMON MIB The original version of this MIB published as RFC3273 HCNUM TC A MIB module containing textual conventions for high capacity data types SNMP COMMUNITY MIB This MIB module defines objects to help support coexistence between SNMPv1 SNMPv2 and SNMPv3 SNMP MPD MIB The MIB for M...

Page 180: ...ion module for managing Priority and Multicast Filtering defined by IEEE 802 1D 1998 RFC 2737 ENTITY MIB Entity MIB Version 2 RFC 3635 Etherlike MIB Definitions of Managed Objects for the Ethernet like Interface Types NAX INVENTORY MIB Unit and Slot configuration INET ADDRESS MIB This MIB module defines textual conventions for representing Internet addresses NAX LOGGING MIB This MIB provides objec...

Page 181: ...MIB Congestion notification module for managing IEEE 802 1Qau LLDP V2 TC MIB Textual conventions used throughout the IEEE Std 802 1AB version 2 and later MIB modules Display Parameters System Description Indicates text used to identify the switch System Name Indicates the name used to identify the switch For this parameter the factory default is blank For instructions on how to configure the syste...

Page 182: ... order show tech support bgp datacenter dcvpn dot1q dot1s ipv6 layer3 link_dependency lldp log routing sim switching system file file Parameters bgp Indicates bgp related information datacenter Indicates datacenter related information dcvpn Indicates dcvpn related information dot1q Indicates dot1q related information dot1s Indicates dot1s related information dot3ad Indicates dot3ad related informa...

Page 183: ...4 2F 0D E5 Software Version 1 00 005 Operating System Linux 3 16 0 29 generic Network Processing Device 9324_B1 Additional Packages BGP 4 QOS Multicast IPv6 Routing Data Center OpEN API Prototype Open API show sysinfo System Description DQS 5000 54SQ28 48 25GE 6 100GE 2 1 5 Linux 3 16 0 29 generic System Name Switch System Location System Contact System Object ID 1 3 6 1 4 1 171 10 162 3 1 System ...

Page 184: ...NG MIB The Ping MIB DISMAN PING MIB provides the capability of controlling the use of the ping function at a remote host NAX OUTBOUNDTELNET PRIVATE MIB The Private MIB for NAX Outbound Telnet NAX TIMEZONE PRIVATE MIB The Private MIB for NAX for system time timezone and summer time settings LAG MIB The Link Aggregation module for managing IEEE 802 3ad RFC 1493 BRIDGE MIB Definitions of Managed Obje...

Page 185: ...otstrap Router mechanism for PIM routers IANA RTPROTO MIB IANA IP Route Protocol and IP MRoute Protocol Textual Conventions IPMROUTE STD MIB The MIB module for management of IP Multicast routing but independent of the specific multicast routing protocol in use RFC 2465 IPV6 MIB Management Information Base for IP Version 6 Textual Conventions and General Group RFC 3419 TRANSPORT ADDRESS MIB Textual...

Page 186: ...90 ip igmp ip pim join prune interval 90 exit router ospf exit ipv6 router ospf exit process cpu threshold type total rising 100 interval 5 falling 100 interval 5 exit debug crash kernel logs Debug crashlog 0 unit 1 Displaying FASTPATH Crash Dump 0 For kernel Crash Dump osapiDebugCrashDumpDisplay x 1 Crash Dump 0 is not found Output truncated 5 36 length value This command is persistent and is use...

Page 187: ...ed EXEC Example The following is an example of the CLI display output for the command Routing show terminal length Terminal Length For Current Session 24 For Serial Console 24 For Telnet Sessions 24 For SSH Sessions 24 5 38 memory free low watermark processor This command is used to ensure that a notification is sent when the CPU free memory falls below a configured threshold Subsequenlty another ...

Page 188: ...rned entries from the forwarding database Using the options discussed below the user can specify the particular set of dynamically learned forwarding database entries to be cleared clear mac addr table all vlan vlanId interface slot port macAddr macMask Parameters all This parameter causes all the dynamically learned forwarding database entries in the forwarding database table to be cleared vlan v...

Page 189: ...an in memory log logging buffered no logging buffered Parameters None Default The default is Enable Command Mode Global Config 5 41 logging buffered wrap This command is used to enable the wrapping of in memory logging when the log file achieves full capacity Otherwise the logging will stop when the log file reaches full capacity The no command is used to disable the wrapping of in memory logging ...

Page 190: ...le the CLI command logging feature logging cli command no logging cli command Parameters None Default The default is Disable Command Mode Global Config 5 43 logging console This command is used to enable logging on to the console The user can specify the severitylevel value as either an integer from 0 to 7 or in a symbolic fashion through the use of one of the following keywords emergency 0 alert ...

Page 191: ...tificate number that will be used for authentication range 0 8 with index 0 being used for the default file port Optional Indicates a port number from 1 to 65535 severitylevel Optional The value for this parameter can be specified as either an integer from 0 to 7 or in a symbolic fashion through the use of one of the following keywords emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info...

Page 192: ...ble logging to host Please see show logging hosts for a list of the host indexes logging host remove hostindex Parameters hostindex Indicates the Logging Host index to be removed Default The default is None Command Mode Global Config 5 47 logging persistent This command is used to configure the persistent logging for the switch with the severity level parameter use to specify the logging messages ...

Page 193: ...ters None Default The default is 0 RFC 3164 Command Mode Global Config 5 49 logging syslog This command is used to enable syslog logging The optional facility parameter can be used to set the default facility used in syslog messages for those components without an internally assigned facility The facility value can consist of one of the following keywords kernel user mail system security syslog lp...

Page 194: ... interface This command is used to specify the logical or physica interface used as the Syslog client source interface If configured the source interface address is used for all Syslog communications between the Syslog client and the Syslog server Otherwise there will be no change in behavior Also the Syslog client will revert to normal behavior if the configured interface is down The no command i...

Page 195: ... is used to display the logging configuration information show logging Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show logging Logging C1ient Local Port 514 Logging Client USB File Name Logging Client Source Interface not configured CLI Command Logging disabled Console Logging enabled...

Page 196: ...r than the minimum severity are logged Buffered Logging Indicates whether buffered logging is enabled Persistent Logging Indicates whether persistent logging is enabled Persistent Logging Severity Filter Indicates minimum severity at which the log entries are retained after a system reboot Syslog Logging Indicates whether syslog logging is enabled Syslog Logging Facility Indicates the value set fo...

Page 197: ...54SQ28 2011 PROCMGR emWeb proc_cnfgr c 521 1008 No more data in file tmp procmgr proc list txt 190 Apr 27 08 16 43 DQS 5000 54SQ28 2011 PROCMGR emWeb proc_cnfgr c 319 1007 No more data in file tmp procmgr app list txt Display Parameters Buffered In Memory Logging Indicates whether the In Memory log id is enabled or disabled Buffered Logging Wrapping Behavior Indicates the behavior of the In Memory...

Page 198: ...error 3 warning 4 notice 5 info 6 and debug 7 Port Indicates the server port number which is the port from which syslog messages are sent on the local host Status Indicates the current snmp row status that is Active Not in Service or Not Ready Mode Indicates the type of security UDP or TLS Auth Indicates the type of authentication mode anonymous or x509name Cert Indicates the certificate number us...

Page 199: ...play Parameters Persistent Logging Indicates whether persistent logging is enabled or disabled Persistent Log Count Indicates the number of persistent log entries Persistent Log Files Indicates the list of persistent log files in the system This list will only be displayed if log files is specified 5 56 show logging traplogs This command is used to show SNMP trap events and statistics show logging...

Page 200: ...min connected from EIA 232 Display Parameters Number of Traps Since Last Reset Indicates the number of traps since the previous boot Trap Log Capacity Indicates the number of traps that the system can retain Number of Traps Since Log Last Viewed Indicates the number of new traps since the command was last executed Log Indicates the log number System Time Up Indicates the length of time that the sy...

Page 201: ...e serverity level of the email alert from addr Indicates the sender address configuration for the email alert logtime Indicates the log duration configuration in minutes range 30 1440 minues message type Indicates the message configuration type urgent non urgent both test Indicates the test configuration for the email alert configuration urgent Indicates the urgent log message Default The default ...

Page 202: ...tiple email addresses can be configured for each supported severity level The to email addr variable will consist of a standard email address such as for example admin yourcompany com The no command is used to remove the configured to addr field logging email message type urgent non urgent both to addr to email addr no logging email message type urgent non urgent both to addr to email addr Paramet...

Page 203: ...ject line for emails of the specified message type and thus restores the subject line to the default email subject logging email message type urgent non urgent both subject subject no logging email message type urgent non urgent both subject subject Parameters both Indicates both urgent and non urgent message types non urgent Indicates non urgent message types urgent Indicates urgent message types...

Page 204: ...The default is 30 Command Mode Global Config 5 64 logging traps This command is used to set the severity level at which SNMP traps are to be logged and sent in an email The severitylevel value can be specified as either an integer from 0 to 7 or in a symbolic manner with one of the keywords that follows emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 and debug 7 The no command is ...

Page 205: ...n urgent Indicates non urgent message types urgent Indicates urgent message types message body msg body Indicates the message string for the email body of the alert message None Default The default is No default value Command Mode Global Config 5 66 show logging email config This command is used to show information about the configuration show logging email config Parameters None Default The defau...

Page 206: ...ndicates the lowest severity level that is considered to be non urgent Messages with this level of severity and above up to the designated urgent level are collected and sent together in a batch email Any log messages with a lower level of severity are not sent via email message at all Email Alert Trap Severity Level Indicates the lowest severity level at which traps are logged Email Alert Notific...

Page 207: ... Display Parameters Email Alert Operation Status Indicates the operational status of the email alert feature No of Email Failures Indicates the number of email messages for which unsuccessful send attempts have been made No of Email Sent Indicates the number of email messages that have been sent from the switch since the counter was last cleared Time Since Last Email Sent Indicates the amount of t...

Page 208: ...server ip address ipv6address hostname Parameters ipaddress Indicates the IP address of the mail server Ipv6address Indicates the IPv6 address of the mail server Host name Indicates the hostname of the mail server Default The default is None Command Mode Global Config 5 70 security This command is used to set the email alerting security protocol by enabling the use of TLS authentication by the swi...

Page 209: ...he allowed range of ports is any nonstandard port in the range from 1 to 65535 port 465 25 1 65535 Parameters None Default The default is 25 Command Mode Mail Server Config 5 72 username Mail Server Config This command is used to configure the login ID used by the switch to perform authentication with the SMTP server username name Parameters username Indicates the mail server username configuratio...

Page 210: ...he email alert configuration show mail server ip address hostname all config Parameters ip address Indicates the IP address for the mail server configuration hostname Indicates the hostname for the mail server configuration all Indicates all the configuration settings for the mail server Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command R...

Page 211: ...m authentication with the SMTP server System Utility and Clear Commands In this section the commands used to help troubleshoot issues with connectivity and to restore the factory defaults of various configurations are described 5 75 clear config This command is used to reset the configuration of the switch back to that included in the factory defaults configuration file if that file is present wit...

Page 212: ... Parameters slot port Indicates a slot port interface all Select to clear all L1 L2 counters on all interfaces including IP counters lag Select to clear LAG interface statistics nvgre Select to clear the NVGRE tunnel counters vlan id Indicates a VLAN interface vxlan Select to clear all VXLAN tunnel counters Default The default is None Command Mode Privileged EXEC 5 77 clear ip access list counters...

Page 213: ...ivileged EXEC 5 79 clear mac access list counters This command is used to clear the counters of the specified MAC ACL and MAC ACL rule clear mac access list counters acl name Parameters acl name Indicates the ACL name to clear counters up to 31 characters Default The default is None Command Mode Privileged EXEC 5 80 clear pass This command is used to reset all the user passwords back to the factory...

Page 214: ...EC 5 81 clear traplog This command is used to clear the trap log clear traplog Parameters None Default The default is None Command Mode Privileged EXEC 5 82 clear vlan This command is used to reset the VLAN configuration parameters back to the factory defaults clear vlan Parameters None Default The default is None Command Mode Privileged EXEC ...

Page 215: ...erval 1 60 size size source ip address ip6addr slot port vlan 1 4093 serviceport network outgoing interface slot port vlan 1 4093 serviceport network Parameters Through use of the options described below the user can specify both the number and size of Echo Requests as well as the interval to wait between Echo Requests vrf vrf name Optional Indicates the name of the virtual router within which to ...

Page 216: ...terface The interface keyword can be used to ping a link local IPv6 address over an interface link local address Indicates the link local IPv6 address that is to be pinged over an interface outgoing interface Optional The outgoing interface parameter can be used to specify the outgoing interface for a multicast lP lPv6 ping Defaulta The default is as follows Count 1 Interval 3 seconds Size 0 bytes...

Page 217: ...ackets received 100 packet loss round trip msec min avg max 0 0 0 5 85 quit This command is used to close the current telnet connection or to reset the current serial connection The system will ask the user whether or not to save any configuration changes before quitting quit Parameters None Default The default is None Command Mode Privileged EXEC User EXEC 5 86 reload This command is used to rese...

Page 218: ... from the switch Files can be uploaded and downloaded from a server using FTP TFTP Xmodem Ymodem or Zmodem Also it should be noted that a password is required if FTP is used copy source destination Replace the destination and source parameters with the options indicated in Copy Parameters Meanwhile use one of the following values for the url source or destination xmodem tftp ipaddr hostname ip6add...

Page 219: ... certificates to the switch using TFTP or XMODEM then only the following options relevant to the OpenFlow SSL certificates should be used copy mode file nvram openflow ss1 ca cert openflow ssl cert openflow ssl priv key Parameters source Indicates the originating location of the source destination Indicates the intended location to store Default The default is None Command Mode Privileged EXEC Exam...

Page 220: ...ads the binary config file to a server nvram log url Copies the log file to a server nvram operational log url Copies the operational log file to a server nvram script scriptname url Copies the specified configuration script file to a server nvram startup config nvram backup config Copies the startup configuration to the backup configuration nvram startup config url Copies the startup configuratio...

Page 221: ...e Downloads a configuration script file to the system During the downloading of the configuration script the copy command validates the script In the event of an error the command lists all the lines at the end of the validation process and prompts the user to confirm before copying the script file url nvram script destfflename noval When this option is used the copy command will not validate the d...

Page 222: ...ning configuration changes to NVRAM to ensure that the changes will persist across a reboot The command is effectively the same as the copy system running config nvram startup conflg command The confirm keyword can be used to directly save the configuration to NVRAM without a prompt for a confirmation being presented write memory confirm Parameters confirm Optional Select to directly save the conf...

Page 223: ...ict information for a Virtual Router instance vrf name Displays the VPN routing forwarding instance name Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show ip address conflict Address Conflict Detection Status Conflict Detected Last Conflicting IP Address 192 168 0 1 Last Conflicting MAC Address 6C EC 5A 07 E1 06 Time Since C...

Page 224: ...outer if no specified router is given clear ip address conflict detect vrf vrf name Parameters vrf vrf name Optional Enter to clear the detected conflict event for the specified virtual router instance Default The default is None Command Mode Privileged EXEC Serviceability Packet Tracing Commands These commands allow network engineers to diagnose D LINK OS products CAUTION Debug output can be long...

Page 225: ...et trace capture stop Parameters None Default The default is None Command Mode Privileged EXEC 5 94 capture This command allows for configuration of file capture options persistent across a reboot cycle capture file remote line USB Parameters file ln capture file mode packets are saved to a file on NVRAM maximum file size default 524288 bytes File can be transferred to TFTP server via TFTP SFTP SCP...

Page 226: ...ns to the switch A successful client connection to the switch allows CPU packets to be sent to the client PC Wireshark then receives the packets and displays them The session continues until terminated by either end Starting a remote capture session automatically terminates the file capture and line capturing line In capture line mode captured packets are saved in RAM and can be displayed on the C...

Page 227: ...ze max file size Parameters max file size Indicates the file size in KB range 2 512 kilobytes Default The default is None Command Mode Global Config 5 97 capture line wrap Line wrap enables wrapping of captured packets in line mode when packet size reaches full capacity No command disables wrapping of captured packets stops function when the captured packet capacity is full capture line wrap no ca...

Page 228: ...None Default The default is None Command Mode Privileged EXEC 5 99 cpu traffic direction CPU traffic direction interface associates CPU filters to an interface or list of interfaces physical or logical LAG The statistics counters are updated only for the configured interfaces Traces are available for the configured interfaces Note VLAN tag headers as the packet to the CPU should be considered as a ...

Page 229: ...on tx rx both match cust filter offset1 data1 mask1 mask1 offset2 data2 mask2 mask2 offset3 data3 mask3 mask3 Parameters both Select to match both ingress and egress packets rx Indicates the egress packet tx Indicates the ingress packet offset1 Select to configure the offset for custom filter A hex value strings is required data1 Select to configure the matching custom filter A hex value strings i...

Page 230: ...pecific filter The statistics and or the traces of the configured filters are used for the matching IP Mask packet No command disables the configured destination IP address filter cpu traffic direction tx rx both match dstip ipaddress mask mask no cpu traffic direction tx rx both match dstip ipaddress mask mask Parameters both Select to match both ingress and egress packets rx Indicates the egress...

Page 231: ... IP address for the subnet mask Default 255 255 255 255 Default The default is None Command Mode Global Config 5 104 cpu traffic direction match dsttcp Cnfigure the source or destination TCP port specific filter The statistics and or the traces of the configured filters are used for the matching TCP port packet No command removes the configured source destination TCP port filter cpu traffic direct...

Page 232: ... ipaddress mask mask no cpu traffic direction tx rx both match dstudp ipaddress mask mask Parameters both Select to match both ingress and egress packets rx Indicates the egress packet tx Indicates the ingress packet port Indicates the port value value 0 65535 mask mask Optional Indicates the IP address for the subnet mask Default 255 255 255 255 Default The default is None Command Mode Global Con...

Page 233: ...option to match all packets with specified TCP destination port dstudp Select DSTUDP option to match all packets with specified UDP destination port ip Select IP protocol as matching condition lacpdu Select LACP protocol as matching condition lldp Select LLDP protocol as matching condition mcast Select MCAST option to match multicast packets ospf Select OSPF protocol as matching condition srcip Se...

Page 234: ...ct to configure SRCTCP filter options dsttcp Select to configure DSTTCP filter options port Indicates the port value 0 65535 mask mask Optional Indicates the designated subnet mask address Default 255 255 255 255 Default The default is None Command Mode Global Config 5 108 cpu traffic mode Configure CPU traffic mode RX TX direction packets are matched when the mode is enabled No command disables C...

Page 235: ...CPU packet tracing and dump pkt if configured cpu traffic trace dump pkt no cpu traffic trace dump pkt Parameters dump pkt Select to enable packet dump option Default The default is Disabled Command Mode Global Config 5 110 show cpu traffic Use this command to display the current configuration parameters show cpu traffic Parameters None Default The default is None Command Mode Privileged EXEC Examp...

Page 236: ...ameters 0 0 0 0 0 0 0 0 Src MAC parameters 00 00 00 00 00 00 00 00 00 00 00 00 Dst MAC parameters 00 00 00 00 00 00 00 00 00 00 00 00 Custom filter parameters1 Offset 0x0 Value 0x0 Mask 0x0 Custom filter parameters2 Offset 0x0 Value 0x0 Mask 0x0 Custom filter parameters3 Offset 0x0 Value 0x0 Mask 0x0 5 111 show cpu traffic interface Displays interface statistics for configured filters Filter speci...

Page 237: ...meters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the command Routing show cpu traffic summary Filter Received Transmitted STP 0 0 LACPDU 0 0 ARP 0 0 UDLD 0 0 LLDP 0 0 IP 0 0 OSPF 0 0 BGP 0 0 DHCP 0 0 BCAST 0 0 MCAST 0 0 UCAST 0 0 SRCIP 0 0 DSTIP 0 0 SRCMAC 0 0 DSTMAC 0 0 CUSTOM 0 0 SRCTCP 0 0 DSTTCP 0 0 SRCUDP 0 0 5 113 show cpu traffic tr...

Page 238: ...DP Default The default is None Command Mode Privileged EXEC Example The following is an example of the command Routing show cpu traffic trace Packet 1 IP DHCP UCAST SRCMAC 00 10 10 10 10 10 08 06 10 Sysnet received in sysNetNotifyPduReceive 08 06 10 Packet delivered to IP via ipMapRecvIP 00 06 10 Freed 0000 00 10 18 82 18 b3 00 10 10 10 10 10 81 00 00 01 0010 00 00 45 10 01 21 00 00 00 00 40 11 79...

Page 239: ...ctionality debug aaa accounting no debug aaa accounting Parameters None Default The default is None Command Mode Privileged EXEC 5 116 debug aaa authorization commands In User Manager enable tracing for AAA The command is used to debug authorization configuration and functionality No command turns off debugging of User Manager authorization debug aaa authorization commands no debug aaa authorizati...

Page 240: ...ly command execution can be performed through a specified virtual router No command disables ARP debug protocol messaging debug arp vrf vrf name no debug arp Parameters vrf vrf name Optional Select to configure ARP Debug flag of a virtual router Default The default is Disabled Command Mode Privileged EXEC 5 118 debug auto voip Enables Auto VOIP debug messaging Optional parameters trace H323 SCCP o...

Page 241: ...ug trace output on the respective login session To view trace output the debug console display must be enabled Once enabled the debug trace output is available for display on the respective debug console the function remains in effect for the life of the login session This command is not persistent across resets Note The debug console command directs debug data to a login session The filter specif...

Page 242: ...teall data crashdump number Parameters kernel View the crash log file for the kernel crashlog number Specifies the file number to view The system maintains up to four copies and the valid range is 1 4 upload url To upload the crash log or crash dump to a TFTP server use the upload keyword and specify the required TFTP server information proc View the application process crashlog verbose Enable the...

Page 243: ...r Indicates the crashlog number Default The default is Disabled Command Mode Privileged EXEC 5 123 debug crashlog kernel upload Upload the specified kernel dump to a designated TFTP server debug crashlog kernel crashlog number upload tftpaddress Parameters crashlog number Indicates the crashlog number tftpaddress Indicates the TFTP URL to upload the crashlog in the following format tftp ipaddress ...

Page 244: ...ile executes CLI commands including devshell and drivshell commands for specific predefined events Manually create a debug config file to download to the switch debug debug config download url upload url Parameters download url Select to enter the URL to download the debug config file Format tftp ipaddress filepath filename upload url Select to enter the URL to upload the debug config file Format ...

Page 245: ...lt The default is Disabled Command Mode Privileged EXEC 5 127 debug dot1x packet Enable dot1x packet debug tracing No command disables dot1x packet debug tracing debug dot1x packet transmit receive no debug dot1x packet transmit receive Parameters transmit Optional Select to turn on dot1x client transmit packet debug trace receive Optional Select to turn on dot1x client receive packet debug trace ...

Page 246: ...ebug exception no debug exception Parameters None Default The default is None Command Mode Privileged EXEC 5 130 debug fip snooping Use the command to debug the Fibre Channel over Ethernet Initialization Protocol FIP snooping on the device No command disables the fip snooping debug fip snooping packet filter dst mac fip proto code src intf src mac vlan receive transmit no debug fip snooping packet...

Page 247: ...fault is Disabled Command Mode Privileged EXEC 5 131 debug igmpsnooping packet Enable tracing of switch Tx Rx IGMP Snooping packets No command disables tracing of IGMP Snooping packets debug igmpsnooping packet transmit receive no debug igmpsnooping packet transmit receive Parameters transmit Optional Select to turn on IGMP snooping transmit packet debug trace receive Optional Select to turn on IG...

Page 248: ...Membership_Report IGMP Version 2 Membership Report V3_Membership_Report lGMP Version 3 Membership Report V2_Leave_Group IGMP Version 2 Leave Group Group Multicast group address in the IGMP header Example The following is an example of the command Routing debug igmpsnooping packet receive 15 JAN 01 02 45 06 192 168 17 29 1 IGMPSNOOP 185429992 igmp_snooping_debug c 116 908 Pkt RX Intf 0 20 20 Vlan_I...

Page 249: ...acl Number Parameters acl Number Indicates a valid ACL Number Default The default is Disabled Command Mode Privileged EXEC 5 133 debug ip bgp The debug ip bgp command privileged EXEC mode enables BGP event debug tracing The system logs Debug messages according to severity level To print logs on the console enable console logging at the DEBUG level logging console debug command See logging console ...

Page 250: ...kets notification Optional Trace transmit and receive of NOTIFICATION packets open Optional Trace transmit and receive of OPEN packets out Indicates the Debug BGP sent packets refresh Optional Traces transmit and receive of ROUTE REFRESH packets updates Optional Traces transmit and receive of UPDATE packets Default The default is Default Command Mode Privileged EXEC 5 134 debug ip vrrp Enable VRRP...

Page 251: ... ipv6 dhcp Parameters None Default The default is Disabled Command Mode Privileged EXEC 5 136 debug ipv6 ospfv3 packet Enable IPv6 OSPFv3 packet debug tracing No command disables IPv6 OSPFv3 packet tracing debug ipv6 ospfv3 packet no debug ipv6 ospfv3 packet Parameters None Default The default is Disabled Command Mode Privileged EXEC 5 137 debug isdp packet Enable tracing of transmitted and receiv...

Page 252: ...ug lacp packet Enable tracing of received and transmitted LACP packets from the switch No command disables received transmitted LACP packet tracing debug lacp packet no debug lacp packet Parameters None Default The default is Disabled Command Mode Privileged EXEC Example A sample output of the trace message is shown below Routing debug lacp packet 15 JAN 01 14 04 51 10 254 24 31 1 DOT3AD 183697744...

Page 253: ...s transmit Optional Select to turn on MLD snooping transmit packet debug trace receive Optional Select to turn on MLD snooping receive packet debug trace Default The default is Disabled Command Mode Privileged EXEC 5 140 debug ospf packet Enable tracing of received and transmitted OSPF packets from the switch or a specified virtual router No command disables OSPF packet tracing debug ospf packet v...

Page 254: ...eaId 0 0 0 0 Type LS_UPD Length 1500 15 JAN 02 11 03 37 10 50 50 1 2 OSPF 46300472 ospf_debug c 293 25441 Pkt TX Intf 2 0 48 Src Ip 10 50 50 1 DetIp 224 0 0 6 AreaId 0 0 0 0 Type LS_ACK Length 1500 Display Parameters TX RX TX refers to a packet transmitted by the device RX refers to packets received by the device lntf The interface that the packet came in or went out on Format used is slot port in...

Page 255: ...acket LS_ACK packet field definitions Length Length of packet 5 141 debug ping packet Enable ICMP echo request and response tracing Ping tracing of network service port for switching packages can be traced with this command Pings can also be traced on specified virtual router No command disables ICMP echo request and response tracing debug ping packet vrf vrf name no debug ping packet Parameters vr...

Page 256: ...packets received by the device lntf The interface that the packet came in or went out on Format used is slot port internal interface number Unit is always shown as 1 for interfaces on a non stacking device SRC_IP The source IP address in the IP header in the packet DEST_IP The destination IP address in the IP header in the packet Type Type determines whether or not the lCMP message is a REQUEST or...

Page 257: ...d interface to allow for monitoring of packets for a specified interface No command disables tracing of received spanning tree BPDUs debug spanning tree bpdu receive no debug spanning tree bpdu receive Parameters None Default The default is Disabled Command Mode Privileged EXEC Example A sample output of the trace message is shown below Routing debug spanning tree bpdu receive 15 JAN 01 01 02 04 1...

Page 258: ... in multiples of 4096 Path_Cost External root path cost component of the BPDU 5 145 debug spanning tree bpdu transmit Enable transmitted spanning tree BPDU tracing Enable spanning tree on the device and interface to allow for monitoring of packets for a specified interface No command disables tracing of transmitted spanning tree BPDUs debug spanning tree bpdu transmit no debug spanning tree bpdu t...

Page 259: ... CIST root bridge The value is from 0 to 61440 It is displayed in hex in multiples of 4096 Path_Cost External root path cost component of the BPDU 5 146 debug tacacs Enable TACACS debugging debug tacacs packet accounting authentication authoriation Parameters accounting Displays information about accountable events as they occur authentication Displays information about AAA TACACS authentication a...

Page 260: ...ables the debugging of UDLD process events or packet events debug udld events no debug udld events packets Parameters None Default The default is Disabled Command Mode Privileged EXEC 5 149 debug udld packet receive Enable received UDLD packet debugging No command disables the debugging of UDLD packet receipts debug udld packet receive no debug udld packet receive Parameters None Default The defau...

Page 261: ... transmit No debug udld packet Parameters events Turn on UDLD events debug trace packet Turn on UDLD packet debug trace Default The default is Disabled Command Mode Privileged EXEC 5 151 show debugging Display the packet tracing configuration show debugging Parameters None Default The default is None Command Mode Privileged EXEC Example The following is a CLI display output example Routing show de...

Page 262: ...eption core file prefix configuration The hostname and time stamp are disabled exception core file file name prefix hostname time stamp no exception core file Parameters file name prefix Enter the coredump file name up to 15 characters File name can consist of _ alphanumerics hostname Optional Select to append hostname to coredump file name time stamp Optional Select to append time stamp to coredu...

Page 263: ...ception dump ftp server ip address username user name password password no exception dump ftp server Parameters ip address Enter the IP address of the FTP server username user name Optional Enter FTP user name password password Optional Enter FTP password associated with the listed user name Default The default is None Command Mode Global Config 5 155 exception dump nfs Configure NFS mount point t...

Page 264: ...ameters ip address Enter the IP address of the server add Enter the IP address for the alternative IP pool to be assigned to the device s service port in the stack protocol Enter the type of protocol definition for the service port for a crash event remove Enter the IP address to remove from the alternative IP pool Default The default is None Command Mode Global Config 5 157 exception dump tftp se...

Page 265: ...ernel crash core dumping kdump The specified crash log number is deleted exception kernel dump no exception kernel dump crashlog number Parameters crashlog number Indicates the number identifying the crashlog Default The default is None Command Mode Global Config 5 159 exception kernel dump path Set the kernel crash core dump kdump entry path No command sets to default the kernel crash core dump k...

Page 266: ...load coredump to the TFTP server ftp Configure protocol to upload coredump to the FTP server local Configure protocol to generate coredump on Switch local file system none Disable coredump Default The default is None Command Mode Global Config 5 161 exception switch chip register This command enables or disables the switch chip register dump in case of an exception The switch chip register dump is...

Page 267: ...nel dump Parameters None Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show exception kernel dump Admin Mode False Maximum Records 3 Available Records 0 Kernel Dump Storage Path mnt fastpath crashlogs kdump 5 163 show exception kernel dump list Display captured dumps show exception kernel dump list Parameters None Default The...

Page 268: ...shold limits and generate MBUF limit alerts mbuf falling threshold rising threshold severity Parameters falling threshold Set memory buffer minimum usage below minimum triggers an alert range 1 to 100 default 0 disabled rising threshold Set memory buffer maximum 5 exceeding usage triggers an alert range 1 to 100 default 0 disabled severity Defines severity level of Mbuf logs range 1 to 7 default 5...

Page 269: ... set when the protocol is configured as TFTP write core test dest_file_name Parameters test Optional Select to tests the core dump setup dest_file_name Optional Indicates the test file name to be uploaded Default The default is None Command Mode Privileged EXEC 5 167 show exception Display the configuration parameters to generate a core dump file show exception Parameters None Default The default ...

Page 270: ... Protocol dhcp Stack IP Address 5 168 show exception core dump file Display current local file system core dump files show exception core dump file Parameters None Default The default is None Command Mode Config Mode Privileged EXEC 5 169 show exception log Display current local file system core dump traces show exception log previous Parameters previous Optional Display coredump log file from the...

Page 271: ... Rx Used 0 Mbufs Rx Norm Used 0 Mbufs Rx Mid2 Used 0 Mbufs Rx Mid1 Used 0 Mbufs Rx Mid0 Used 0 Mbufs Rx High Used 0 Mbufs Tx Used 0 Total Rx Norm Alloc Attempts 0 Total Rx Mid2 Alloc Attempts 37989 Total Rx Mid1 Alloc Attempts 13044 Total Rx Mid0 Alloc Attempts 0 Total Rx High Alloc Attempts 0 Total Tx Alloc Attempts 16480 Total Rx Norm Alloc Failures 0 Total Rx Mid2 Alloc Failures 0 Total Rx Mid1...

Page 272: ... 00000000 e6f9e174 bfdEventMsgQ 0 0 1 0 00000000 00000000 f3457f14 mlag_bulk_ctrl_ 0 0 1 1 00000000 00000000 f533cd64 mlag_ckpt_queue 0 0 1 0 00000000 00000000 dbd63634 mlag_ctrl_msg_q 0 0 1 1 00000000 00000000 dc9f6fc4 dcpdp_queue 0 0 1 0 00000000 00000000 0ee2defc mlag_queue 0 0 1 1 00000000 00000000 e6f9a3f4 VPC Consistency 0 0 1 0 00000000 00000000 e6f97944 stats_app_queue 0 0 1 1 00000000 000...

Page 273: ...Task 0xef e6f89d84 lldp_Queue 0 0 1 2 00000000 00000000 e6f89814 dcvpnRIOTMlagQu 0 0 1 0 00000000 00000000 e6f87b04 dcVpnRIOTSockMs 0 0 1 0 00000000 00000000 e6f86dfc dcVpnRIOTCnfgrQ 0 0 1 0 00000000 00000000 e6f86444 dcvpn_mlag_queu 0 0 1 0 00000000 00000000 e6f84f6c dcVpnAgeEventQu 0 0 1 1 00000000 00000000 e6f82f84 OSPFv3 Proto_q3 0 0 0 0 00000000 08f02283 DebugQueues 0xa3 e6f82d84 dcVpnL2addrQ...

Page 274: ...000 00000000 e6f741a4 mgmdMapAppTimer 0 0 0 1 00000000 08a395c8 mgmdMapTask 0x184 e6f727f4 bgpMapNbrAutode 0 0 1 1 00000000 00000000 e6f7251c BGP Protocol_q5 0 0 0 0 00000000 08f02283 DebugQueues 0xa3 e6f7231c BGP Protocol_q4 0 0 0 1 00000000 08f02283 DebugQueues 0xa3 e6f72044 BGP Protocol_q3 0 0 0 1 00000000 08f02283 DebugQueues 0xa3 e6f71e44 BGP Protocol_q2 0 0 0 1 00000000 08f02283 DebugQueues ...

Page 275: ...ipMap_Fwd_Prior 0 0 0 2 00000000 00000000 e6f3dd24 ipMap_Fwd_Queue 0 0 0 0 00000000 08e687df ipMapForwardingTask 0x9f e6f3ce9c sshdQueue 0 0 1 1 00000000 00000000 e6f3c1e4 ssltQueue 0 0 1 1 00000000 00000000 e6f3bcb4 RAGUARD Evnt Q 0 0 0 1 00000000 00000000 f7193874 sflowPacketQueu 0 0 0 0 00000000 00000000 e6f37e44 sflowPacketQueu 0 0 0 0 00000000 00000000 e6f37c44 sflowEventQueue 0 0 0 1 0000000...

Page 276: ...e6f2874c snmp trap queue 0 0 1 1 00000000 00000000 e6f2825c DAI Pkt Q 0 0 0 0 00000000 00000000 e6f28064 DAI Evnt Q 0 0 0 1 00000000 00000000 e6f276b4 DHCPV6 snp pkt 0 0 0 0 00000000 00000000 e6f2734c DHCPV6 snp evnt 0 0 0 1 00000000 00000000 e6f26a2c DHCP snp pkt q 0 0 0 0 00000000 00000000 e6f2682c DHCP snp evnt q 0 0 0 1 00000000 00000000 e6f25f14 pml_Queue 0 0 1 1 00000000 00000000 e6f256cc fd...

Page 277: ...rFlush 0 0 1 1 00000000 00000000 f53008c4 dtlAddrQueue 0 0 1 1 00000000 00000000 f10bdc1c hapiLinkStatusQ 0 0 1 1 00000000 00000000 f10bd8bc hapiDebounceTim 0 0 1 0 00000000 00000000 f10bd26c hapiRxTxCapture 0 0 1 0 00000000 00000000 f10bcd94 hapiRxQueue 0 0 1 3 00000000 00000000 f10bc8bc hapiTxBpduQ 0 0 1 0 00000000 00000000 f3105ccc dtlqueue 0 0 1 3 00000000 00000000 f10b8b3c dapiDebugQueue 0 0 ...

Page 278: ...h a specific timeout value this command is persistent and available in show running config As a nontimeout entry the related sampler and pollers information is persistent and available in the running config sflow receiver rcvr_idx owner owner string timeout rcvr_timeout notimeout max datagram size ip ip port port no sflow receiver indx ip ip address maxdatagram size owner string timeout interval p...

Page 279: ...ge is 1 65535 The default is 6343 Default The default is None Command Mode Global Config 5 174 sflow receiver owner timeout Configure receiver as a timeout entry Indicated information related to sampler and pollers are also displayed in the running config persistent Receiver configures set to a specific value are not displayed in running config Sampler and poller information related to this receive...

Page 280: ...er configuration is reset to the default values Before an entity can claimed to assign a receiver to a sampler or poller an sFlowRcvrTable entry it must first be unclaimed owner string to be set to a non null value Default The default is None Command Mode Global Config 5 176 sflow sampler Configure new sFlow sampler instance on an interface or range of interfaces for data source rcvr_idx must be val...

Page 281: ...busy collecting the counters on all the configured interfaces This can cause the device to hang for some time when the user tries to configure or issue show sFlow commands To overcome this situation sFlow polling interval configuration on an interface or range of interfaces is controlled as mentioned below 1 The maximum number of allowed interfaces for the polling intervals max 1 interval 10 to min...

Page 282: ...face for use with the sFIow client source interface Once configured source Interface address is used for all sFlow communications between the sFlow receiver and the sFlow client When configured interface is down sFlow client returns to normal operation No command resets the sFlow source interface to default sflow source interface slot port loopback loopback id network serviceport tunnel tunnel id ...

Page 283: ... information The sampling is sent to the configured sFlow receivers The command displays sFlow agent information show sflow agent Parameters None Default The default is None Command Mode Privileged EXEC Example The following is a CLI output example Routing show sflow agent sFlow Version 1 3 IP Address 10 131 12 66 Display Parameters sFlow Version Uniquely identifies the version and implementation ...

Page 284: ...mmand Switch show sflow pollers Poller Data Source Receiver Index Poller Interval 0 1 1 10 Display Parameters Poller Data Source sFlowDataSource slot port for this sFlow sampler The agent only supports Physical ports Receiver Index sFlowReceiver associated with the identified sFlow counter poller Poller Interval Interval period between called counter samplings associated with the data source 5 182...

Page 285: ...ersion 5 Maximum Datagram Size 1400 The following is an example of a show CLI display output receiver configured as a non timeout entry Routing show sflow receivers Rcvr Index Owner String Timeout Max Dgram Size Port IP Address 1 minorblues No Timeout 1400 6343 0 0 0 0 2 0 1400 6343 0 0 0 0 3 0 1400 6343 0 0 0 0 4 0 1400 6343 0 0 0 0 5 0 1400 6343 0 0 0 0 6 0 1400 6343 0 0 0 0 7 0 1400 6343 0 0 0 ...

Page 286: ...m Port The destination Layer4 UDP port for sFlow datagrams IP Address The sFlow receiver IP address Address Type The sFlow receiver IP address type IPv4 address value is 1 Datagram Version sFlow protocol version to be used when sending samples to sFlow receiver 5 183 show sflow samplers Display the sFlow sampling instances available on the switch show sflow samplers Parameters None Default The def...

Page 287: ...Header Size Maximum number of bytes from a packet required to form a flow sample IP ACL Associated IP ACL MAC ACL Associated MAC ACL 5 184 show sflow source interface Display the sFlow source interface available on the switch show sflow source interface Parameters None Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Switch show sflow s...

Page 288: ...and ipv6 alpm ARP Entries 2560 IPv4 Unicast Routes 32768 IPv6 NDP Entries 2560 IPv6 Unicast Routes 24576 ECMP Next Hops 48 IPv4 Multicast Routes 0 IPv6 Multicast Routes 0 dual ipv4 and ipv6 alpm ARP Entries 2560 IPv4 Unicast Routes 32768 IPv6 NDP Entries 2560 IPv6 Unicast Routes 24576 ECMP Next Hops 16 IPv4 Multicast Routes 0 IPv6 Multicast Routes 0 ipv4 routing Filters subsequent template choices...

Page 289: ...f ARP entries and IPv4 routes ipv4 routing dcvpn data center List the scaling parameters for the IPv4 only template maximizing the number of MAC address entries ipv4 routing default List the scaling parameters for the IPv4 only template supporting the default setting Default The default is ipv4 routing data center plus Command Mode Global Config 5 186 show sdm prefer Use this command to view the c...

Page 290: ...8 ECMP Next Hops 48 IPv4 Multicast Routes 1536 IPv6 Multicast Routes 512 Display Parameters ARP Entries The maximum number of entries in the IPv4 Address Resolution Protocol ARP cache for routing interfaces IPv4 Unicast Routes The maximum number of IPv4 unicast forwarding table entries IPv6 NDP Entries The maximum number of IPv6 Neighbor Discovery Protocol NDP cache entries IPv6 Unicast Routes The...

Page 291: ...all Link Link Nominal Length Length Bit 50um 62 5um Rate Port Vendor Name m m Serial Number Part Number Mbps Rev Compliance 0 1 D LINK 8 3 SA011G4000005 DEM 431XT 10300 10GBase SR 0 2 D LINK 8 3 SA011G4000005 DEM 431XT 10300 A 10GBase SR 0 3 D LINK 8 3 SA011G4000005 DEM 431XT 10300 C1 10GBase SR 0 49 Volex Inc 0 0 26201134400002 VAHS 26 0256 10300 x1 40GBase CR4 Routing show fiber ports optical tr...

Page 292: ...ports optical transceiver info all slot port Parameters All Enter all for all interfaces slot port Enter an interface in slot port format Default The default is None Command Mode Privileged EXEC Example The following is a CLI display output example Switching show fiber ports optical transceiver info all Port Vendor Name Link Length 50um m Link Length 62 5 um m 0 49 DQS 5000 54SQ28 8 3 0 51 DQS 500...

Page 293: ...logy Serial Number The serial number for the transceiver The serial number is 1 to 16 ASCII characters in length A zero value in the field indicates an unspecified vendor serial number Part Number The vendor part number or product name A zero value in the field indicates an unspecified vendor serial number Nominal Bit Rate The nominal bit signaling rate in 100 MBd rounded off to the nearest 100 MB...

Page 294: ...ampling period This object is a read only 32 bit signed value Alarm Rising Threshold Rising threshold for the statistical sample The range is 2147483648 to 2147483647 The default is 1 Alarm Rising Event Index Rising event index once threshold is crossed The range is 1 to 65535 The default is 1 Alarm Falling Threshold Falling threshold for the statistical sample The range is 2147483648 to 214748364...

Page 295: ... for the hcAlarmVariable statistic during last completed sampling period This object is a 64 bit read only unsigned value High Capacity Alarm Absolute Alarm Status Indicates the validity and sign of the data for the high capacity alarm object high value hcAlarmAbsValueobject Possible status types are valueNotAvailable default valuePositive or valueNegative High Capacity Alarm Startup Alarm High ca...

Page 296: ... hcAlarmVariable was polled by hcAlarmEntry This object is a 32 bit counter value that is read only High Capacity Alarm Owner Alarm entry owner string The default is monitorHCAlarm High Capacity Alarm Storage Type The configured type of non volatile storage This object is read only The default is volatile Default The default is None Command Mode Global Config Example The following is an output exa...

Page 297: ...obal Config Example The following is an output example Routing Config rmon event 1 log description test The following is an example of the output Routing Config no rmon event 1 5 192 show rmon This command displays the entries in the RMON alarm table show rmon alarms alarm alarm index collection events hcalarm hcalarms history log statistics Parameters alarms Show RMON alarm entries alarm alarm in...

Page 298: ...index identifying an entry in the alarm table Each entry defines a diagnostic sample at a particular interval for an object on the device The range is 1 to 65535 OID Object ID to which the variable name is resolved The format is x x x x Last Sample Value Object ID of the last event Interval Interval seconds defining rising and falling thresholds sampling and comparison period The range is 1 to 214...

Page 299: ...able show rmon collection history interfaces slot port Parameters interfaces slot port Optional Display RMON interface information Default The default is None Command Mode Privileged EXEC Example The following is a CLI display output example Routing show rmon collection history Index Interface Interval Requested Granted Owner Samples Samples 1 0 1 30 10 10 myowner 2 0 1 1800 50 10 monitorHistoryCo...

Page 300: ...t is 1800 Requested Variable defining number of discrete time intervals for the saving of data The range is 1 to 65535 The default is 50 Granted Samples Designated discrete sampling intervals for the saving of data This object is read only The default is 10 Owner Owner string associated with the history control entry The default is monitorHistoryControl 5 194 show rmon events Display entries liste...

Page 301: ...ublic Owner Defined event owner for entry Last time sent Defined period of last transmission of log or a SNMP trap message 5 195 show rmon history Display specified entry in the RMON history table show rmon history index errors period seconds other period seconds throughput period seconds Parameters Index Index of the entry errors period seconds Optional Display the error counter period in seconds...

Page 302: ...r Interface 0 1 Interval 30 Requested Samples 10 Granted Samples 10 Maximum table size 1758 Time Octets Packets Broadcast Multicast Util Jan 01 1970 21 41 43 0 0 0 0 1 Jan 01 1970 21 42 14 0 0 0 0 1 Jan 01 1970 21 42 44 0 0 0 0 1 Jan 01 1970 21 43 14 0 0 0 0 1 Jan 01 1970 21 43 44 0 0 0 0 1 Jan 01 1970 21 44 14 0 0 0 0 1 Jan 01 1970 21 44 45 0 0 0 0 1 Jan 01 1970 21 45 15 0 0 0 0 1 Jan 01 1970 21 ...

Page 303: ...l entry The default is monitorHistoryControl Maximum Table Size Maximum number of entries that the history table can hold Time Period stamp in seconds for collected sample CRC Align Number of CRC align errors Undersize Packets Number of undersized packets less than 64 octets long excluding framing bits including FCS octets Oversize Packets Total number of oversized packets longer than 1518 octets ...

Page 304: ...eters Maximum table size Maximum allowed of log entries Event Defined event index Description Event entry comment Time Event entry time stamp 5 197 show rmon statistics interfaces Displays the RMON statistics for the specified interfaces show rmon statistics interfaces slot port Parameters slot port Enter an interface in slot port format Default The default is None Command Mode Privileged EXEC Exa...

Page 305: ...kets Broadcast Total number of good broadcast packets received Multicast Total number of good multicast packets received CRC Align Errors Total number of packets received from 64 to 1518 octets excluding framing bits including FCS octets inclusive Collisions Total number of collisions Undersize Pkts Total number of undersize packets less than 64 octets long excluding framing bits including FCS oct...

Page 306: ...ow packets 64 octets in length HC Overflow Pkts 65 127 Octets Total number of HC overflow packets from 65 to 127 octets in length HC Overflow Pkts 128 255 Octets Total number of HC overflow packets from 128 to 255 octets in length HC Overflow Pkts 256 511 Octets Total number of HC overflow packets from 256 to 511 octets in length HC Overflow Pkts 512 1023 Octets Total number of HC overflow packets...

Page 307: ...rising and falling thresholds The range is 1 to 2147483647 The default is 1 Last Sample Value Displays the value of the statistic during the last sampling period Interval Displays the interval in seconds over which the data is sampled and compared with the rising and falling thresholds Sample Type Sampling method of selected variable and calculating the value to be compared against the thresholds ...

Page 308: ...ive Rising Event Entry index used when a rising threshold is crossed The range is 1 to 65535 The default is 1 Falling Event Entry index used when a falling threshold is crossed The range is 1 to 65535 The default is 2 Startup Alarm The designated startup alarm to be sent Possible values are rising falling or rising falling The default is rising falling Owner String defining the associated owner fo...

Page 309: ...he duplex parameter allows for both half and full duplex speed configuration Use the auto keyword to enable auto negotiation on the port Use the command without the auto keyword to ensure auto negotiation is disabled and to set the port speed and mode according to the command values If auto negotiation is disabled set the speed and duplex mode Note The support speed depends on the model speed auto...

Page 310: ... output example of all port entries Routing show port all Admin Physical Physical Link Link LACP Actor Intf Type Mode Mode Status Status Trap Mode Timeout 0 1 Enable Auto 100 Full Up Enable Enable long 0 2 Enable Auto 100 Full Up Enable Enable long 0 3 Enable Auto Down Enable Enable long 0 4 Enable Auto 100 Full Up Enable Enable long 0 5 Enable Auto 100 Full Up Enable Enable long 0 6 Enable Auto 1...

Page 311: ...splay Parameters Interface Slot port Type Define port type values are as follows Mirror this port is a monitoring port PC Mbr this port is a member of a port channel LAG Probe this port is a probe port Admin Mode The Port control administration state The port must be enabled default in order for it to be allowed into the network Physical Mode The desired port speed and duplex mode If auto negotiat...

Page 312: ...Privileged EXEC Example The following is a CLI display output example Switching show port description 0 1 Interface 0 1 ifIndex 1 Description MAC address 00 10 18 82 0C 10 Bit offset 1 Display Parameters Interface Slot port or LAG with the information iflndex Interface index number associated with the port Description The alpha numeric description of the interface created by the command MAC addres...

Page 313: ...speed command 2x50G Configure the port as two 50G ports each using two lanes This mode requires the use of a suitable 1x100G to 2x50G pigtail cable 4x25g Configure the port as a four 25G ports each on a separate lane This mode requires a 4x25G to 1x100G breakout cable can be reconfigured as 4x10G ports Default The default is Platform specific Command Mode Interface Config 5 205 show interfaces hard...

Page 314: ...y ports that can be split into multiple lane modes Routing show interfaces hardware profile 100G 40G Configured Operating Expandable Expanded Interface Mode Mode Option s Interfaces 0 81 1x40G 1x40G 4x10G 0 93 96 0 82 1x40G 1x40G 4x10G 0 97 100 0 83 1x40G 1x40G 4x10G 0 101 104 0 84 1x40G 1x40G 4x10G 0 105 108 0 85 1x100G 1x100G 4x25G 0 109 112 2x50G 0 125 126 0 86 1x100G 1x100G 4x25G 0 113 116 2x5...

Page 315: ... operational mode to disabled While disabled the spanning tree configuration is retained and can be changed but is not activated spanning tree no spanning tree Parameters None Default The default is Enabled Command Mode Global Config 5 207 spanning tree auto edge Use this command to allow the interface to become an edge port if it does not receive any BPDUs within a given amount of time Use the no...

Page 316: ...t from which the original inferior BPDU was received is excluded because it has already encountered a failure Designated ports are excluded as they do not lead to the root On receipt of an RLQ response if the answer is negative the receiving port has lost connection to the root and its BPDU is immediately aged out If all nondesignated ports have already received a negative answer the whole bridge ...

Page 317: ...d to reset the auto edge status of the port to the default value spanning tree cost cost auto no spanning tree cost Parameters cost Enter an integer in the range of 1 20000000 auto Set the external pathcost value automatically on the basis of Link Speed Default The default is Auto Command Mode Interface Config 5 210 spanning tree bpdufilter Use this command to enable BPDU Filter on an interface or ...

Page 318: ...ters None Default The default is Disabled Command Mode Global Config 5 212 spanning tree bpduguard Enable BPDU Guard on the switch No command disables BPDU Guard on the switch spanning tree bpduguard no spanning tree bpduguard Parameters None Default The default is Disabled Command Mode Global Config 5 213 spanning tree bpdumigrationcheck Force a rapid spanning tree RSTP and multiple spanning tree...

Page 319: ...et the Configuration Identifier Name to identify the current configuration The string uses up to 32 characters No command resets the Configuration ldentifier Name to default spanning tree configuration name name no spanning tree configuration name Parameters name Enter a string of at most 32 characters Default The default is MAC address in hexadecimal notation Command Mode Global Config 5 215 span...

Page 320: ...nds range 4 to 30 No command sets the Bridge Forward Delay parameter for the common and internal spanning tree to the default spanning tree forward time 4 30 no spanning tree forward time Parameters None Default The default is 15 Command Mode Global Config 5 217 spanning tree max age Set the Bridge Max Age parameter to a defined value for common and internal spanning tree The max age value range i...

Page 321: ...e to the default value spanning tree max hops 1 127 no spanning tree max hops Parameters None Default The default is 20 Command Mode Global Config 5 219 spanning tree mode Configure global spanning tree mode per VLAN spanning tree Rapid PVST MST RSTP or STP Only a single setting MSTP RSTP PVST or RPVST can be enabled on a switch Enabling PVSTP or rapid PVSTP PVRSTP disables MSTP RSTP STP By defaul...

Page 322: ...defined as the default as the mstid the configurations are done for the common and internal spanning tree instance By specifying a cost for the path cost for the port is set within a multiple spanning tree instance or the common and internal spanning tree instance dependent on the mstid parameter The path cost range 1 to 200000000 or auto The auto option defines the path cost value based on Link S...

Page 323: ...c multiple spanning tree instances The mstid parameter corresponds to the desired existing multiple spanning tree instances The priority value range 0 to 61440 in increments of 4096 Specify 0 default CIST ID as the mstid to set the Bridge Priority parameter to a value for the common and internal spanning tree The bridge priority range 0 to 61440 Note The twelve least significant bits are masked sp...

Page 324: ... so doing the VLAN s revert to the common and internal spanning tree association spanning tree mst vlan mstid vlanid no spanning tree mst vlan mstid vlanid Parameters mstid Enter a multiple spanning tree instance identifier vlanid Enter VLAN IDs in range 1 4093 Use to specify a range or to separate VLAN IDs in a list Spaces and zeros are not permitted Default The default is None Command Mode Globa...

Page 325: ...rative Switch Port State for all ports to disabled spanning tree port mode all no spanning tree port mode all Parameters None Default The default is Enabled Command Mode Global Config 5 226 spanning tree transmit Sets the Bridge Transmit Hold Count parameter range 1 10 spanning tree transmit hold count Parameters hold count The Bridge Tx hold count parameter value 1 to 10 Default The default is 6 ...

Page 326: ...PVRSTP embeds support for backbonefast and uplinkfast provisioning to enable or disable these features is not available No command disables uplinkfast on PVSTP configured switches All switch priorities and path costs not modified from default values are set to default spanning tree uplinkfast max update rate packets no spanning tree uplinkfast max update rate Parameters max update rate Optional Co...

Page 327: ...Interface Config 5 230 spanning tree vlan forward time Configures the spanning tree forwarding delay time for a VLAN or a set of VLANs default is 15 seconds Set value to a lower number to accelerate transition to forwarding Note Consider the end to end BPDU propagation delay the maximum frame lifetime the maximum transmission halt delay and the message age overestimate values specific to their net...

Page 328: ...ng tree maximum age time The default is 20 seconds To accelerate the discovery of topology changes lower the value Note Consider the end to end BPDU propagation delay and message age overestimate for the specific topology when configuring this value Default settings 20 for a network of diameter 7 lost message value 3 transit delay 1 hello interval 2 seconds overestimate per bridge 1 second and BPD...

Page 329: ... Parameters vlan id The VLANs to which to apply this command priority The VLAN port priority range 0 240 Default The default is None Command Mode Interface Config 5 234 spanning tree vlan priority Configure the bridge priority of a VLAN The default value is 32768 Configured values not among specified values are rounded off to the nearest valid value spanning tree vlan vlan list priority priority P...

Page 330: ... which to apply this command primary Configure VLAN as primary secondary Configure VLAN as secondary Default The default is 32768 Command Mode Global Config 5 236 show spanning tree Displays spanning tree settings for the common and internal spanning tree The following details are displayed show spanning tree Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Exampl...

Page 331: ...r for the CST based on bridge priority and the base MAC address Time Since Topology Change Time in seconds Topology Change Count Number of times changed Topology Change Boolean value of the Topology Change parameter indicative of a topology change in progress on any port assigned to the common and internal spanning tree Designated Root Root bridge bridge identifier comprised of bridge s priority a...

Page 332: ...the spanning tree values on active ports for the modes xSTP and PV R STP show spanning tree active Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example Example 1 Routing show spanning tree active Spanning Tree Enabled BPDU Flooding Disabled Portfast BPDU Filtering Disabled Mode rstp CST Regional Root 80 00 00 01 85 48 F0 0F Regional Root Path Cost 0 MST 0 Vlan...

Page 333: ...ost Status Role 0 49 Enabled 128 49 2000 Forwarding Designated 3 1 Enabled 128 66 5000 Forwarding Designated 3 2 Enabled 128 67 5000 Forwarding Designated 3 10 Enabled 128 75 0 Forwarding Designated VLAN 3 RootID Priority 32771 Address 00 00 EE EE EE EE Cost 0 Port This switch is the root Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec BridgeID Priority 32771 priority 32768 sys id ext 3 Addre...

Page 334: ...bled 128 67 5000 Forwarding Disabled 3 10 Enabled 128 75 0 Forwarding Root VLAN 3 RootID Priority 32771 Address 00 00 EE EE EE EE Cost 0 Port 10 3 10 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec BridgeID Priority 32771 priority 32768 sys id ext 3 Address 00 00 EE EE EE EE Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Name State Prio Nbr Cost Status Role 3 1 Enable...

Page 335: ...ANs 0 Display Parameters Transitions via Backbonefast Backbonefast transition value Inferior BPDUs received all VLANs Inferior BPDUs value received on all VLANs RLQ request PDUs received all VLANs Root link query RLQ request value PDUs received on all VLANs RLQ response PDUs received all VLANs RLQ response PDUs received values on all VLANs RLQ request PDUs sent all VLANs RLQ request PDUs sent valu...

Page 336: ...splays the specified bridge max age for CST The value is defined in seconds ranging from 6 to 40 less than or equal to 2 x Bridge Forward Delay 1 Bridge Max Hops Bridge max hops count for the device Bridge Hello Time Displays the bridge hello timer value between each bridge protocol data unit through a port The value is defined as 2 seconds by default with a range between 1 and 10 seconds forward ...

Page 337: ...edge feature ports without an edge delay time BPDU transforming to a forwarding faster Port Up Time Since Counters Last Cleared Time since port was reset displayed in days hours minutes and seconds STP BPDUs Transmitted Spanning Tree Protocol Bridge Protocol Data Units sent STP BPDUs Received Spanning Tree Protocol Bridge Protocol Data Units received RSTP BPDUs Transmitted Rapid Spanning Tree Prot...

Page 338: ...s False Designated Root 80 01 00 05 64 2F 0F 81 Root Path Cost 0 Root Port Identifier 00 00 Associated FIDs Associated VLANs 10 10 5 242 show spanning tree mst port detailed Displays the detailed settings and parameters for a specific switch port within a particular multiple spanning tree instance The parameter mstid is a number that corresponds to the desired existing multiple spanning tree insta...

Page 339: ...ge Designated Port bridge identifier Designated Port Identifier Port on the Designated Bridge offering lowest LAN cost Loop Inconsistent State If loop is in inconsistent state the port has failed to receive BPDUs while configured with loop guard enabled Loop inconsistent state places the port in a blocking state until subsequent BPDU is received Transitions Into Loop Inconsistent State The number ...

Page 340: ...the LAN by the designated external port Loop Inconsistent State The current loop state While loop guard is enabled the port fails to receive BPDUs Loop inconsistent state maintains the port in a blocking state until a subsequent BPDU is received Transitions Into Loop Inconsistent State The number of times transitioned into a loop inconsistent state Transitions Out of Loop Inconsistent State The nu...

Page 341: ...her the port is in loop inconsistent state or not This field is blank if the loop guard feature is not available 5 244 show spanning tree mst port summary active Display active link settings for the ports within the specified multiple spanning tree instance show spanning tree mst port summary mstid active Parameters mstid Enter a multiple spanning tree instance identifier Default The default is No...

Page 342: ...e status of the specified port within the spanning tree Desc Indicates the port status loop inconsistent state or not This field is blank if the loop guard feature is not available 5 245 show spanning tree mst summary Displays summary information regarding all multiple spanning tree instances show spanning tree mst summary Parameters None Default The default is None Command Mode Privileged EXEC Use...

Page 343: ... VLANs VLAN IDs associated with this instance 5 246 show spanning tree summary Display spanning tree settings and parameters show spanning tree summary Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows an example of the command Routing show spanning tree summary Spanning Tree Admin Mode Disabled Spanning Tree Version IEEE 802 1w BPDU Gua...

Page 344: ... Identifier used to identify the configuration currently being used Configuration Digest Key A generated Key used in the exchange of the BPDUs Configuration Format Selector Specifies the version of the configuration format being used in the exchange of BPDUs The default value is zero MST Instances List of all multiple spanning tree instances configured on the switch 5 247 show spanning tree uplink...

Page 345: ...d with no embedded blank spaces ranging form X Y where X and Y are valid VLAN identifiers and X Y The vlanid corresponds to an existing VLAN ID show spanning tree vlan vlanid vlan list Parameters vlanid Enter a VLAN identifier vlan list Enter VLAN IDs in range 1 4093 Use to specify a range or to separate VLAN IDs in a list Spaces and zeros are not permitted Default The default is None Command Mode...

Page 346: ...rding 3000 128 7 1 0 8 Designated Forwarding 3000 128 8 0 1 1 Disabled Disabled 3000 128 1026 0 1 2 Disabled Disabled 3000 128 1027 0 1 3 Disabled Disabled 3000 128 1028 0 1 4 Disabled Disabled 3000 128 1029 0 1 5 Disabled Disabled 3000 128 1030 0 1 6 Disabled Disabled 3000 128 1031 VLAN Commands This section includes VLAN configuration settings information 5 249 vlan database Configure VLAN setti...

Page 347: ...mmand Mode VLAN Config 5 252 vlan acceptframe Sets the frame acceptance mode on a single or range of interfaces For VLAN Only mode all received untagged frames or priority frames are discarded For Admit All mode all received untagged frames or priority frames the interface are accepted and assigned the value of the interface VLAN ID for the port For admituntaggedonly mode only untagged frames are ...

Page 348: ... matching VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN No command disables ingress filtering When ingress filtering is disabled any frames received with VLAN IDs not matching VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN vlan ingressfilter no vlan ingressfilter Parameters ...

Page 349: ...ult is None Command Mode Global Config 5 255 vlan makestatic Change dynamically created VLANs to a static VLAN The ID is a valid VLAN identification number range 1 4093 vlan makestatic 1 4093 Parameters None Default The default is None Command Mode VLAN Config 5 256 vlan name Change VLAN name variable alphanumeric string of up to 32 characters range 1 4093 No command sets VLAN value to a blank str...

Page 350: ... member of this VLAN include Include the interface as a member of this VLAN auto Dynamic registration of entry in VLAN participation is available upon a join request Default The default is None Command Mode Interface Config 5 258 vlan participation all Configures the participation status for all interfaces in a VLAN vlan participation all exclude include auto 1 4093 Parameters exclude Does not inc...

Page 351: ...ort acceptframe all Parameters admituntaggedonly Select to admit only untagged frames all Select to admit all frame types vlanonly Select to admit only tagged frames Default The default is All Command Mode Global Config 5 260 vlan port ingressfilter all Enable ingress filtering for all ports Disable ingress filtering to admit and forward frames not matching the VLAN membership of the received inte...

Page 352: ...n port pvid all 1 4093 no vlan port pvid all Parameters None Default The default is 1 Command Mode Global Config 5 262 vlan port tagging all Enablee tagging behavior for all interfaces in a VLAN allowing the transmission of traffic as tagged frames Disable tagging to transmit as untagged frames No command disables the tagging behavior for all interfaces in a VLAN vlan port tagging all 1 4093 no vl...

Page 353: ...rs None Default The default is 1 Command Mode Interface Config Interface Range Config 5 264 vlan tagging Enable the tagging behavior for a specific interface or range of interfaces in a VLAN allowing the transmission of traffic as tagged frames Disable tagging to transmit as untagged frames No command disables the tagging behavior for all interfaces in a VLAN vlan tagging 1 4093 no vlan tagging 1 4...

Page 354: ...93 Secondary Secondary VLAN identifier Type Secondary VLAN type community isolated or primary Ports Ports which are associated with a private VLAN VLAN ID VLAN identifier VID associated with each VLAN range 1 to 4093 VLAN Name String value given to identify VLAN supports 32 alphanumeric characters long including blanks default is blank VLAN ID 1 is named as the Default This field is optional VLAN ...

Page 355: ...to registration forbidden in the IEEE 802 1Q standard Autodetect To allow the port to be dynamically registered in this VLAN via GVRP The port will not participate in this VLAN unless a join request is received on this port This is equivalent to registration normal in the IEEE 802 1Q standard Tagging The defined tagging behavior Tagged Transmit traffic for this VLAN as tagged frames Untagged Trans...

Page 356: ... Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows an example of the command Routing show vlan brief VLAN ID VLAN Name VLAN Type 1 default Default 2 VLAN0002 Static 3 VLAN0003 Static 4 VLAN0004 Static 5 VLAN0005 Static 6 VLAN0006 Static 7 VLAN0007 Static 8 VLAN0008 Static Display Parameters VLAN ID VLAN Identifier vlanid associated for each VLAN range S...

Page 357: ... Ingress Ingress VLAN ID VLAN ID Frame Types Filtering Filtering Default Configured Current Configured Current Priority 0 1 1 1 Admit All Enable Enable 0 0 2 5 5 Admit All Enable Enable 0 0 3 1 1 Admit All Disable Disable 0 0 4 1 1 Admit All Disable Disable 0 0 5 1 0 Admit All Enable Disable 0 0 6 1 0 Admit All Enable Disable 0 Display Parameters Interface Set the parameters for all slot port Port...

Page 358: ...n The static configuration VLAN name and egress rule Forbidden VLANs The forbidden VLAN configuration VLAN and name Switch Ports This section describes switch port mode settings 5 269 switchport mode Configure the switch port mode access trunk or general In Trunk mode the port is configured as a member of all VLANs on switch unless specified in the allowed list in the switchport trunk allowed vlan...

Page 359: ... the list of allowed VLAN The except option provides an exclusion list Use the no command to reset the list of allowed VLANs on the trunk port to its default value switchport trunk allowed vlan vlan list all add vlan list remove vlan list except vlan list no switchport trunk allowed vlan Parameters vlan list Values 1 to 4093 range is entered using two values separated by a hyphen The lower value i...

Page 360: ... switchport trunk native vlan Parameters vlan id Enter VLAN ID Default The default is VLAN Command Mode Interface Config 5 272 switchport access vlan Configure Access port VLAN only a single can be assigned to the Access port By default access ports are members of VLAN 1 Access ports may be assigned to a VLAN other than VLAN 1 No command resets the switch port access mode VLAN to default switchpor...

Page 361: ...ntagged VLANs 1 General Mode Tagged VLANs General Mode Forbidden VLANs Trunking Mode Native VLAN 1 default Trunking Mode Native VLAN tagging Disable Trunking Mode VLANs Enabled All Protected Port False Routing show interfaces switchport Port 0 1 VLAN Membership Mode General Access Mode VLAN 1 default General Mode PVID 1 default General Mode Ingress Filtering Disabled General Mode Acceptable Frame ...

Page 362: ...ay the switchport information for interfaces configured in general mode Trunk Display the switchport information for interfaces configured in trunk mode slot port Optional Enter an interface in slot port format Default The default is None Command Mode Privileged EXEC Example Switching show interfaces switchport access 0 1 Intf PVID 0 1 1 Switching show interfaces switchport trunk 0 6 Intf PVID All...

Page 363: ...stom value must be set to a value range of 1 to 65535 No command disassociates globally defined TPID s to its relevant interface dvlan tunnel ethertype 802 1Q vman custom 1 65535 no dvlan tunnel ethertype 802 1Q vman custom 1 65535 Parameters 802 1Q Configure the Ethertype as 0x8100 vman Commonly used value 0x88A8 custom 1 65535 Custom value range 1 to 65535 Default The default is VMAN Command Mod...

Page 364: ... Any indicated optional parameters allow for the display of detailed information about Double VLAN Tunneling for the specified interface or all interfaces show dot1q tunnel interface slot port all Parameters interface Optional Indicates the interface slot port Optional Indicates an interface in slot port format all Optional Enter all for all interfaces Default The default is None Command Mode Priv...

Page 365: ...eling for the specified interface or all interfaces show dvlan tunnel interface slot port all lag Parameters interface Optional Indicates an interface slot port Optional Indicates an interface in slot port format all Optional Enter all for all interfaces lag Enter into interface lag mode Default The default is None Command Mode Privileged EXEC User EXEC Example The following is a CLI display outpu...

Page 366: ...2 1p Commands This section describes provisioning IEEE 802 1p configuration for port prioritization 5 279 vlan port priority all Configure the port priority for untagged packets for all available ports The priority range is 0 7 vlan port priority all priority Parameters priority Enter a priority value 0 7 for untagged frames received Default The default is 0 Command Mode Global Config 5 280 vlan p...

Page 367: ...to 32 alphanumeric characters including blanks The default is undefined Note Port protection occurs within a devicve Protected port configuration does not affect traffic between ports on two different switches Traffic forwarding is not possible between two protected ports No command removes a protected port group switchport protected groupid name name no switchport protected groupid name name Para...

Page 368: ...status of all interfaces both protected and unprotected show switchport protected groupid Parameters groupid Enter Group ID Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows an example of the command Routing show switchport protected 0 Name Member Ports Display Parameters Group ID Protected port group identifier Name Given text string of group can be up...

Page 369: ...is None Command Mode Privileged EXEC User EXEC Example The following shows an example of the command Routing show interfaces switchport 0 1 0 Protected Port False Display Parameters Name Text string identifying group value can be up to 32 alphanumeric characters long including blanks The default is blank This field is optional Protected Indicates protected status TRUE or FALSE lf a group is define...

Page 370: ...tication aaa authentication dot1x default ias method1 method2 method3 Parameters ias Select internal as the authentication method method Optional Indicates an alternative identification method local none or radius Default The default is None Command Mode Global Config Example The following is an example of the command Routing Routing configure Routing Config aaa authentication dot1x default ias no...

Page 371: ...ied interface clear dot1x authentication history slot port Parameters slot port Optional Enter an interface in slot port format Default The default is None Command Mode Privileged EXEC 5 288 clear radius statistics Clear all RADIUS statistics clear radius statistics Parameters None Default The default is None Command Mode Privileged EXEC 5 289 dot1x eapolflood Enable EAPOL flood support on the swi...

Page 372: ...fig 5 291 dot1x port control Set the authentication mode for the specified interface or range of interfaces TheForce unauthorized configures the authenticator PAE sets the controlled port to unauthorized The force authorized configures the authenticator PAE unconditionally sets the controlled port to authorized While the auto parameter specify the authenticator PAE sets the controlled port mode to...

Page 373: ...E unconditionally sets the controlled port to authorized While the auto parameter specify the authenticator PAE sets the controlled port mode to reflect the outcome of the authentication exchanges between the supplicant authenticator and the authentication server lf mac based option is specified then MAC based dot1x authentication is enabled on the port No command sets the authentication mode on al...

Page 374: ...ult The default is Disabled Command Mode Global Config 5 294 dot1x system auth control monitor Enable the 802 1X monitor mode to help troubleshoot port based authentication configuration issues network access to connected hosts is not disrupted While in Monitor mode a host is granted network access to an 802 1X enabled port even if authentication has failed No command disables 802 1X Monitor mode ...

Page 375: ...ters slot port Enter an interface in slot port format all Enter all for access to all ports Default The default is None Command Mode Global Config 5 296 show authentication methods Display the ordered authentication methods for all authentication login lists show authentication methods Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an authenticati...

Page 376: ... any 5 297 show dot1x Display a summary of the following global dot1x configuration the dot1x configuration for a single specified or all ports the detailed dot1x configuration for a specified port and the dot1x statistics for a specified port show dot1x summary slot port all detail slot port statistics slot port Parameters summary slot port Optional Display the configuration summary for the specif...

Page 377: ...P Method MD5 Challenge Display Parameters Global dot1x VLAN Assignment and Dynamic VLAN Creation mode are displayed if optional slot port or vlanid parameters are defined Administrative Mode Display enabled or disabled status VLAN Assignment Mode Display enabled or disabled status for an authorized port to a RADIUS assigned VLAN Dynamic VLAN Creation Mode Indicates support for dynamic creation of ...

Page 378: ...ssed in seconds and will be in the range 0 and 65535 Transmit Period The defined period of time to determine when to send an EAPOL EAP Request Identity frame to the supplicant The value is expressed in seconds and will be in the range of 1 and 65535 Guest VLAN ID The guest VLAN identifier Guest VLAN Peflod The defined period of time in seconds to authorize and place the port in the Guest VLAN if EA...

Page 379: ...est This value is valid only when the port control mode is not MAC based For each client authenticated on the port the show dot1x detail slot port command displays the following MAC based dot1x parameters port control mode must be MAC based Supplicant MAC Address MAC address of the supplicant Authenticator PAE State Current state Possible values Initialize Disconnected Connecting Authenticating Au...

Page 380: ... 298 show dot1x authentication history Displays 802 1X authentication events and information during successful and unsuccessful Dot1x authentication attempts for specific or all interfaces show dot1x authentication history stot port all failed auth only detail Parameters stot port Enter an interface in slot port format all Enter all to specify all ports detail Optional Display the details of the D...

Page 381: ... is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show dot1x clients all Clients Authenticated using Monitor Mode 0 Clients Authenticated using Dot1x 0 Display Parameters CIients Authenticated using Monitor Mode The number of the Dot1x authenticated clients using Monitor mode Clients Authenticated using Dot1x The number of authenticated Dot1x clien...

Page 382: ...iod in seconds is returned by the RADIUS server on authentication of the port Session Termination Action Defined action following the timeout period Possible values are Default and RADIUS Request 5 300 show dot1x users Display 802 1X port security user information for locally configured users show dot1x users slot port Parameters slot port Enter an interface in slot port format Default The default ...

Page 383: ...enable the switch to create VLANs dynamically when a RADIUS assigned VLAN does not exist in the switch No command sets the dot1x dynamic vlan to default dot1x dynamic vlan enable no dot1x dynamic vlan Parameters enable Enable dot1x dynamic vlan creation configuration Default The default is None Command Mode Global Config 5 302 dot1x eapolflood Use this command to enable EAPOL flood support on the ...

Page 384: ...e Default The default is 3 Command Mode Interface Config 5 304 show dot1x statistics Displays the dot1x port statistics in detail show dot1x statistics slot port Parameters slot port Enter an interface in slot port format Default The default is None Command Mode Privileged EXEC User EXEC Example The following is a CLI display output example Routing show dot1x statistics 0 1 Port 0 1 EAPOL Frames R...

Page 385: ...rames received on the port EAP Req ID Frames Transmitted Displays the number of EAP Requested ID frames transmitted via the port EAP Req Frames Transmitted Displays the number of EAP Request frames transmitted via the port Invalid EAPOL Frames Received Displays the number of unrecognized EAPOL frames received on this port EAP Length Error Frames Received Displays the number of EAPOL frames with an...

Page 386: ...group name Default The default is None Command Mode Global Config 5 306 taskgroup Create a task group and enter task group configuration mode No command removes the task group taskgroup taskgroup name no taskgroup taskgroup name Parameters taskgroup name Enter taskgroup name Default The default is None Command Mode Global Config 5 307 username usergroup Assign the specified user to a user group No ...

Page 387: ...description for the user group No command removes the description from the user group description description no description Parameters description Enter description for this usergroup Default The default is None Command Mode User Group 5 309 inherit usergroup User Group Mode Set the parent group for the current user group The user group acquires the permissions of the parent group No command remo...

Page 388: ...p No command removes the user group s relationship with the associated task group taskgroup taskgroup name no taskgroup taskgroup name Parameters taskgroup name Enter taskgroup name Default The default is None Command Mode User Group 5 311 description Task Group Mode Sets a description for the task group No command removes the description from the task group description description no description ...

Page 389: ...lationship inherit taskgroup taskgroup name no inherit taskgroup taskgroup name Parameters taskgroup name Enter taskgroup name Default The default is None Command Mode Task Group 5 313 task read write debug execute Associate the task group with specified set of task permissions No command removes all associated relationships task read write debug execute aaa ospf bgp no task aaa ospf bgp Parameter...

Page 390: ...AAA and read write execute and debug permissions for OSPF Routing configure Routing ConFig taskgroup tg1 Routing ConFig taskgroup task read aaa Routing ConFig taskgroup task read write execute debug ospf 5 314 show aaa usergroup Displays a list of user groups and their configuration show aaa usergroup usergroup name Parameters usergroup name Optional Enter usergroup name Default The default is Non...

Page 391: ...show aaa taskgroup taskgroup name Parameters taskgroup name Optional Enter taskgroup name Default The default is None Command Mode Privileged EXEC Example The following is a CLI display output example Routing show aaa taskgroup Task group default taskgroup name Description Parent taskgroups Configured permissions Task aa READ WRITE EXECUTE DEBUG Task ospf READ WRITE EXECUTE DEBUG Task bgp READ WRI...

Page 392: ... READ 5 316 show aaa userdb Display user and group lists a user is participating show aaa userdb username Parameters username Enter user name Default The default is None Command Mode Privileged EXEC Example The following is a CLI display output example Routing show aaa userdb admin User admin Contained user groups user group l D LINK OS Root Operational permissions Task aa READ WRITE EXECUTE DEBUG...

Page 393: ...w control Asymmetric disables Tx Pause enabling only Rx Pause No command disables the symmetric and asymmetric flow control flowcontrol symmetric asymmetric no flowcontrol Parameters symmetric Enable Symmetric flow control asymmetric Enable Asymmetric flow control Default The default is Disabled Command Mode Global Config 5 318 show flowcontrol Display the IEEE 802 3 Annex 31B flow control setting...

Page 394: ...ommands This section provides storm control configuration information When incoming packets flood the LAN it is defined as a traffic storm condition leading to network performance degradation Storm Control features prevents the occurance of such events To configure storm control enable the feature for all or specific interfaces Once enabled the threshold storm control level can be set this is the l...

Page 395: ...he default is Disabled Command Mode Global Config Interface Config 5 320 storm control broadcast action This command configures the broadcast storm recovery action to either shutdown or trap for all interfaces Global Config mode or one or more interfaces Interface Config mode If configured to shutdown the interface that receives the broadcast packets at a rate above the threshold is diagnostically...

Page 396: ...efault value for all interfaces Global Config mode or one or more interfaces Interface Config mode and disables broadcast storm recovery storm control broadcast level 0 100 no storm control broadcast level Parameters None Default The default is 5 Command Mode Global Config Interface Config 5 322 storm control broadcast rate Configure the broadcast storm recovery threshold for all or specific inter...

Page 397: ...cast no storm control multicast Parameters None Default The default is Disabled Command Mode Global Config Interface Config 5 324 storm control multicast action Configure the multicast storm recovery action to shutdown or trap for all or specific interfaces Global Config mode Interface Contig mode The shutdown configuration allows interface that receive multicast packets at a rate above the thresho...

Page 398: ...ulticast storm recovery threshold to default for all or specific interfaces Global Config mode Interface Config mode and disables multicast storm recovery storm control multicast level 0 100 no storm control multicast level 0 100 Parameters None Default The default is 5 Command Mode Global Config Interface Config 5 326 storm control multicast rate Configure the multicast storm recovery threshold f...

Page 399: ...passes the configured threshold the traffic is dropped No command disables unicast storm recovery mode for all or specified interfaces Global Config mode Interface Config mode storm control unicast no storm control unicast Parameters None Default The default is Disabled Command Mode Global Config Interface Config 5 328 storm control unicast action Configure the unicast storm recovery action to shu...

Page 400: ...all or specific interfaces Global Config mode Interface Config mode as a percentage of link speed and enables unicast storm recovery If the mode is enabled unicast storm recovery is active If the rate of unknown L2 unicast destination Iookup failure traffic ingressing on an interface surpasses the configured threshold the traffic will be dropped In which case the rate of unknown unicast traffic is ...

Page 401: ...nd disables unicast storm recovery storm control unicast rate 0 14880000 no storm control unicast rate Parameters None Default The default is None Command Mode Global Config Interface Config 5 331 show storm control This command displays switch configuration information If you do not use any of the optional parameters this command displays global storm control configuration parameters Broadcast St...

Page 402: ... show storm control all Intf Bcast Bcast Bcast Mcast Mcast Mcast Ucast Ucast Ucast Mode Level Action Mode Level Action Mode Level Action 0 1 Enable 50 Trap Disable 5 None Disable 5 None 0 2 Enable 50 Trap Disable 5 None Disable 5 None 0 3 Enable 50 Trap Disable 5 None Disable 5 None 0 4 Enable 50 Trap Disable 5 None Disable 5 None 0 5 Enable 50 Trap Disable 5 None Disable 5 None 0 6 Enable 50 Trap...

Page 403: ...m control action setting for unicast traffic Link Dependency Commands The following commands configure link dependency Link dependency allows specified ports to be link status dependent of selected ports Consequently if a port link dependency is lost the port is equally affected 5 332 link state group Indicate whether the downstream interfaces of the group should mirror or invert the status of the...

Page 404: ...lected interface from the downstream list link state group group id downstream no link state group group id downstream Parameters group id Enter the link dependency group number 1 48 Default The default is None Command Mode Interface Config 5 334 link state group upstream Add interfaces to the upstream interface list interfaces defined as upstream interfaces cannot be defined downstream interfaces...

Page 405: ...stream Interfaces Upstream Interfaces Link Action Group State 1 0 3 0 7 0 12 0 17 0 12 0 32 3 5 Link Up Up 4 0 18 0 27 0 22 0 33 3 1 Link Up Down Thefollowing is a specified link dependency groups Switching show link state group 1 GroupId Downstream Interfaces Upstream Interfaces Link Action Group State 1 0 3 0 7 0 12 0 17 0 12 0 32 3 5 Link Up Up Display Parameters GroupID Indicates the group ID ...

Page 406: ...up number 1 48 Default The default is None Command Mode Privileged EXEC Example The following is a configured link dependency groups example Switching configure Switching Config no link state track 1 5 337 show link state group detail Display detailed information regarding upstream and downstream interface states for selected link dependency group show link state group group id detail Parameters g...

Page 407: ...ow llpf interface all Display Link Layer Packet Filtering LLPF rule status show llpf interface all slot port Parameters all Optional Display link level protocol filtering complete configuration slot port Optional Enter an interface in slot port format Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show llpf interface all Intf ...

Page 408: ...ed Enabled Disabled Disabled Disabled 0 23 Enabled Disabled Disabled Enabled Disabled Disabled Disabled 0 24 Enabled Disabled Disabled Enabled Disabled Disabled Disabled 0 25 Enabled Disabled Disabled Enabled Disabled Disabled Disabled 0 26 Enabled Disabled Disabled Enabled Disabled Disabled Disabled 0 27 Enabled Disabled Disabled Enabled Disabled Disabled Disabled 0 28 Enabled Disabled Disabled E...

Page 409: ...ether the port blocks all proprietary PDUs available for the LLDP feature MVR Commands Lists the Multicast VLAN Registration MVR commands 5 339 mvr Enable MVR default disabled No command disables MVR mvr no mvr Parameters None Default The default is Disable Command Mode Global Config Interface Config 5 340 mvr group Use this command to add an MVR membership group Use the no command to disable an M...

Page 410: ...e Config 5 342 mvr mode Change the Multicast VLAN Registration MVR mode type default compatible No command sets the MVR mode type to compatible default mvr mode compatible dynamic no mvr mode Parameters compatible Optional Enable MVR compatible mode While in compatible mode multicast data received by MVR hosts is forwarded to all data ports MVR regardless of MVR host membership on those ports The ...

Page 411: ...10 sec The query time is the maximum waiting time for an IGMP membership report on a receiver port before removing it from the multicast group No command sets the MVR query response time to the default mvr querytime 1 100 no mvr querytime Parameters None Default The default is 5 Command Mode Global Config 5 344 mvr type Set the MVR port type default is none No command resets the MVR port type to N...

Page 412: ...an 1 4093 no mvr vlan Parameters None Default The default is 1 Command Mode Global Config 5 346 mvr vlan group Configure a port to participate in a specific MVR group The default value is None No command removes port participation in the specific MVR group mvr vlan mvlan group A B C D no mvr vlan mvlan group A B C D Parameters mvlan Indicates the multicast VLAN ID 1 4093 A B C D IP multicast addre...

Page 413: ...t is None Command Mode Privileged EXEC Example The following is a command example Switching show mvr MVR Disabled Switching show mvr MVR Running TRUE MVR multicast VLAN 1 MVR Max Multicast Groups 256 MVR Current multicast groups 0 MVR Global query response time 5 tenths of sec MVR Mode compatible 5 348 show mvr members Display the allocated MVR membership groups show mvr members A B C D ...

Page 414: ...0 1 0 2 0 3 Switching show mvr members 224 1 1 1 MVR Group IP Status Members 224 1 1 1 INACTIVE 0 1 0 2 0 3 5 349 show mvr interface Display the cgnfiguration of MVR enabled interfaces show mvr interface interface id members vlan vlan id Parameters interface id Optional Enter an interface in slot port format members Optional Multicast group members on this port vlan vlan id Optional MVR multicast ...

Page 415: ...23 members 235 0 0 1 STATIC ACTIVE Switching show mvr interface 0 23 members vlan 12 235 0 0 1 STATIC ACTIVE 235 1 1 1 STATIC ACTIVE 5 350 show mvr traffic Display global MVR statistics show mvr traffic Parameters None Default The default is None Command Mode Privileged EXEC Example The following is a command example Switching show mvr traffic IGMP Query Received 0 IGMP Report V1 Received 0 IGMP R...

Page 416: ... Default The default is Disabled Command Mode Privileged EXEC 5 352 debug mvr packet Enable MVR receive transmit packets debug tracing Without argument specification both receive and transmit packets debugging is enabled default No command disables MVR receive transmit packet debug tracing debug mvr packet receive transmit no debug mvr packet receive transmit Parameters receive Optional Turn on MV...

Page 417: ...isplay the slot port number for the logical interface Note Set port physical mode before including a port in a port channel Note Name fields support alphanumberic and characters string such as dashes port channel adminmode all linktrap slot port all lag lag group id load balance 1 2 3 4 5 6 7 slot port all name slot port lag lag group id name resilient hashing system priority 0 65535 Parameters ad...

Page 418: ...ications for the port channel LAG The interface is a logical slot port for a configured port channel The option all sets every configured port channel with the same administrative mode setting port channel linktrap logical slot port all lag lag group id no port channel linktrap logical slot port all lag lag group id Parameters slot port Enter permissible interface all Enables Disables link traps f...

Page 419: ...MAC VLAN EtherType and incoming port associated with the packet 4 Source IP and Source TCP UDP fields of the packet 5 Destination IP and Destination TCP UDP Port fields of the packet 6 Source Destination IP and source destination TCP UDP Port fields of the packet 7 Enhanced hashing mode slot port all For Global Config Mode only The interface is defined as a logical slot port number of a configured...

Page 420: ...ic string of up to 15 characters port channel name logical slot port name Parameters slot port Enter permissible interface lag Configure a name for the interface port channel Default The default is None Command Mode Global Config 5 359 port channel system priority Configure port channel system prioritis No command configures the port channel system priority to default port channel system priority ...

Page 421: ...a port channel addport slot port lag lag group id Parameters slot port Enter permissible interface lag Add this port to a port channel lag group id Enter a valid LAG group ID Default The default is None Command Mode Interface Config 5 361 deleteport Interface Config Deletes a port or a range of ports from the port channel LAG The interface is the logical slot port number of the configured port or r...

Page 422: ...red port channel with the same administrative mode setting Default The default is None Command Mode Global Config 5 363 interface lag Enter Interface configuration mode for a specified LAG interface lag lag interface number Parameters lag interface number Enter LAG interface number Default The default is None Command Mode Global Config 5 364 ip resilient hashing Enable resilient hashing on all ECM...

Page 423: ...l LACP on a port or range of ports No command disables Link Aggregation Control Protocol LACP on selected port port lacpmode no port lacpmode Parameters None Default The default is Enabled Command Mode Interface Config 5 366 port lacpmode enable all Enable Link Aggregation Control Protocol LACP on all ports No command disables Link Aggregation Control Protocol LACP on all ports port lacpmode enabl...

Page 424: ...isplay in show running config port lacptimeout actor long short no port lacptimeout actor Parameters actor Enter actor LACP device type long Enter long timeout setting 90 seconds short Enter short timeout setting 3 seconds Default The default is Long Command Mode Interface Config 5 368 port lacptimeout Global Config This command sets the timeout for all interfaces of a particular device type actor...

Page 425: ...Long Command Mode 5 369 Global Configshow ip resilient hashing Displays the resilient hashing property for the ECMP show ip resilient hashing Parameters None Default The default is None Command Mode Privileged EXEC Example The following is a command example Routing show ip resilient hashing Resilient Hashing Enabled Routing Display Parameters Resilient Hashing Resilient hashing mode for the system...

Page 426: ...8 0 128 ACT AGG LTO 0 5 32768 0 128 ACT AGG LTO 0 6 32768 0 128 ACT AGG LTO 0 7 32768 0 128 ACT AGG LTO 0 8 32768 0 128 ACT AGG LTO 0 9 32768 0 128 ACT AGG LTO 0 10 32768 0 128 ACT AGG LTO 0 11 32768 0 128 ACT AGG LTO 0 12 32768 0 128 ACT AGG LTO 0 13 32768 0 128 ACT AGG LTO 0 14 32768 0 128 ACT AGG LTO 0 15 32768 0 128 ACT AGG LTO 0 16 32768 0 128 ACT AGG LTO 0 17 32768 0 128 ACT AGG LTO 0 18 327...

Page 427: ...768 0 128 ACT AGG LTO 0 49 32768 0 128 ACT AGG LTO 0 50 32768 0 128 ACT AGG LTO 0 51 32768 0 128 ACT AGG LTO 0 52 32768 0 128 ACT AGG LTO 0 53 32768 0 128 ACT AGG LTO 0 54 32768 0 128 ACT AGG LTO 0 55 32768 0 128 ACT AGG LTO 0 56 32768 0 128 ACT AGG LTO 0 57 32768 0 128 ACT AGG LTO 0 58 32768 0 128 ACT AGG LTO 0 59 32768 0 128 ACT AGG LTO 0 60 32768 0 128 ACT AGG LTO 0 61 32768 0 128 ACT AGG LTO 0...

Page 428: ...ll Parameters slot port Enter an interface in slot port format all Enter all for all interfaces Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Switch show lacp partner all Sys System Admin Prt Prt Admin Intf Pri ID Key Pri Id State 0 1 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 2 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 3 0 00 00 00 00 00...

Page 429: ... IND LTO 0 32 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 33 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 34 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 35 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 36 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 37 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 38 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 39 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 40 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 41...

Page 430: ...0 00 00 00 0 0 0 PSV IND LTO 0 76 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 77 0 00 00 00 00 00 00 0 0 0 PSV IND LTO 0 78 0 00 00 00 00 00 00 0 0 0 PSV IND LTO Display Parameters System Priority The administrative value of priority associated with the Partner System ID System ID Represents the administrative value of the Aggregation Port s protocol Partner s System ID Admin Key The parameter assigne...

Page 431: ...Down Enabled Static 3 13 ch4 1 Down Enabled Static 3 14 ch4 1 Down Enabled Static 3 15 ch4 1 Down Enabled Static 3 16 ch4 1 Down Enabled Static 3 17 ch4 1 Down Enabled Static 3 18 ch4 1 Down Enabled Static 3 19 ch4 1 Down Enabled Static 3 20 ch4 1 Down Enabled Static 3 21 ch4 1 Down Enabled Static 3 22 ch4 1 Down Enabled Static 3 23 ch4 1 Down Enabled Static 3 24 ch4 1 Down Enabled Static 3 25 ch4...

Page 432: ...1 Down Enabled Static 3 61 ch4 1 Down Enabled Static 3 62 ch4 1 Down Enabled Static 3 63 ch4 1 Down Enabled Static 3 64 ch4 1 Down Enabled Static Display Parameters Logical Interface The slot port of the logical interface Port channel Name The name of port channel LAG interface Link State Shows whether the link is up or down Trap Flag Shows whether trap flags are enabled or disabled Type Shows whe...

Page 433: ...long partner long Auto False Display Parameters Logical Interface The valid slot port number Port Channel Name The name of this port channel LAG supports up to 15 alphanumeric characters Link State lndicates the Link status up or down Admin Mode Enabled default or disabled Type Designates a port channel LAG status static or dynamic Load Balance Option The load balance option associated with this L...

Page 434: ... channel slot port counters Parameters slot port Enter permissible interface Default The default is None Command Mode Privileged EXEC Example The following is a CLI display output example Switch show port channel 3 1 counters Local Interface 3 1 Channel Name ch1 Link State Down Admin Mode Enabled Port Channel Flap Count 0 Mbr Ports Mbr Flap Counters 0 1 0 0 2 0 0 3 1 0 4 0 0 5 0 0 6 0 0 7 0 0 8 0 ...

Page 435: ...times a port member is inactive either because the link is down or the admin state is disabled 5 375 show port channel resilient hashing Display the resilient hashing property for the port channel interface show port channel resilient hashing Parameters None Default The default is None Command Mode Privileged EXEC Example The following is a command example Routing show port channel resilient hashi...

Page 436: ...em Priority 32768 Display Parameters System Priority The administrative value of priority associated with the Partner System ID 5 377 clear port channel counters Clear and reset counters for port channels and member flaps for the specified interface clear port channel lag intf num slot port all counters Parameters lag intf num Enter LAG interface number slot port Enter permissible interface all Ent...

Page 437: ...wing member ports of a VPC to reside on one switch while others can reside on a different switch 5 379 vpc domain Enter into VPC configuration mode and create a VPC domain with the specified domain id Only a single VPC domain can be created on a given device The domain id of the VPC domain must be equal to the one configured on the related VPC peer attempting the VPC pairing The configured VPC dom...

Page 438: ...vpc Parameters None Default The default is None Command Mode Global Config 5 381 peer detection enable VPC Config Start the Dual Control Plane Detection Protocol DCPDP The peer VPC switch s IP address must be configured for the DCPDP to start No command disables the dual control plane DCPDP detection protocol on the VPC switch peer detection enable no peer detection enable Parameters None Default ...

Page 439: ...nsmission interval 1000 ms Reception timeout 3500 ms Command Mode VPC Config 5 383 peer keepalive destination VPC Config Configures the IP address of the peer VPC switch which is the destination IP address of the DCPDP on the peer VPC switch This configuration is used by the DCPDP on the VPC switches The source IP address of the DCPDP message is also configured with the function which is the self IP...

Page 440: ...lt The default is Disabled Command Mode VPC Config 5 385 peer keepalive timeout Configure the peer keepalive timeout value in seconds If a VPC switch does not receive a keepalive message from the peer for the duration of the timeout value it transitions its role No command resets the keepalive timeout to default 5 seconds Note Keepalive state machine is not restarted if the priority is modified pos...

Page 441: ...efault is 100 Command Mode VPC Config 5 387 system mac Manually configure the MAC address for the VPC domain The VPC MAC address should carry the same configuration both peer devices The specified MAC address must be a unicast MAC address aa bb cc dd ee ff format The address assigned must not use the primary VPC nor the secondary VPC device The configured VPC MAC address is exchanged during role ele...

Page 442: ...iorities must be configured to allow for primary device election The configurable range is 1 to 65535 default 32767 No command restores the VPC system priority to default system priority 1 65535 no system priority Parameters None Default The default is 32767 Command Mode VPC Domain 5 389 vpc Configure a port channel LAG as part of an VPC Upon issuing this command the port channel is down pending p...

Page 443: ...ple The following is a command example Switching show running config vpc feature vpc vpc domain 1 role priority 120 system mac 00 10 18 82 1A A0 system priority 32767 peer keepalive destination 1 1 1 1 source 1 1 1 2 peer detection interval 2000 timeout 6000 5 391 show vpc Display information about a VPC The configuration and operational modes of the VPC are displayed Once all preconditions are me...

Page 444: ...nnel 3 1 Local Members Status 0 2 UP 0 6 DOWN Peer members Status 0 8 UP 5 392 show vpc brief Display the VPC global status and current VPC operational mode In addition peerlink and keepalive status including the number of configured and operational VPCs and system MAC and roles are also displayed show vpc brief Parameters None Default The default is None Command Mode Privileged EXEC Example The f...

Page 445: ...TP Mode Disabled Configured Vlans 1 Egress tagging none VPC Details Number of VPCs configured 1 Number of VPCs operational 1 VPC id 1 Interface 3 1 Configured Vlans 1 VPC Interface State Active Local MemberPorts Status 0 19 UP 0 20 UP 0 21 UP 0 22 UP Peer MemberPorts Status 0 27 UP 0 28 UP 0 29 UP 0 30 UP 5 393 show vpc consistency parameters Display global and LAG interface consistency parameters...

Page 446: ... 1s BPDU Filter Mode Enabled BPDU Guard Mode Enabled MST Instances 1 2 4 FDB Aging Time 300 seconds VPC system MAC address AA BB CC DD EE FF VPC system priority 32767 VPC Domian ID 1 MST VLAN Configuration Instance Associated VLANS 7 8 10 20 2 4 5 40 50 4 30 32 34 38 PV R STP Configuration PV R STP Mode Enabled Disabled PV R STP Version PVST Rapid PVST FastUplinkfast Enabled Disabled FastUpLinkfas...

Page 447: ...5 7 8 MTU 1518 Active Port Speed Duplex 0 1 100 Full 0 2 100 Full MST VLAN Configuration Instance Associated VLANS 1 7 8 2 4 5 PV R STP Configuration STP port priority 0 240 VLAN port priority cost ID 0 240 auto 1 200000000 5 394 show vpc peer keepalive Display the peer VPC switch IP address used by the dual control plane detection protocol In addition the command displays enabled peer detection I...

Page 448: ...r detection operational status Down Peer is detected True Configured Tx interval 1000 milliseconds Configured Rx timeout 3500 milliseconds Operational Tx interval 500 milliseconds Operational Rx timeout 2000 milliseconds 5 395 show vpc role Displays keepalive status and parameter information The role of the VPC switch as well as the system MAC address and priority are displayed show vpc role Param...

Page 449: ... ID 1 Role Priority 100 Configured VPC MAC AA BB CC DD EE FF Operational VPC MAC AA BB CC DD EE FF Configured VPC system priority 32767 Operational VPC system priority 32767 Role Secondary Local System MAC 00 10 18 82 1b ab 5 396 show vpc statistics Display keepalive message counters transmitted and received by the VPC switch show vpc statistics peer keepalive peer link Parameters peer keepalive D...

Page 450: ...ssages transmitted 123 Peer link data messages Tx errors 5 Peer link data messages Tx imeout 4 Peer link data messages ACK transmitted 34 Peer link data messages ACK Tx erorrs 5 Peer link data messages received 115 Peer link BPDU s tranmsitted to peer 123 Peer link BPDU s Tx error 9 Peer link BPDU s received from peer 143 Peer link BPDU s Rx error 1 Peer link LACPDU s tranmsitted to peer 123 Peer ...

Page 451: ...ink 5 398 debug vpc peer keepalive Enable debug traces of the keepalive state machine transitions debug vpc peer keepalive Parameters None Default The default is None Command Mode User EXEC 5 399 debug vpc peer link data message Enable debug traces for the control messages exchanged between the VPC devices on the peer link debug vpc peer link data message Parameters None Default The default is Non...

Page 452: ... Optional Normal Tracing Level verbose Verbose Tracing Level Default The default is None Command Mode User EXEC 5 401 debug vpc peer link control message bulk Enable debug traces for the periodic control messages exchanged between the MLAG devices on the peer link For error only the communication errors are traced Exchanged control messages can be traced through msg debug vpc peer link control mes...

Page 453: ... ckpt error msg receive transmit normal verbose Parameters error Error Tracing Level msg Optional Trace Messages exchanged receive Enter trace Received Messages transmist Enter trace Transmitted Messages normal Optional Normal Tracing Level verbose Verbose Tracing Level Default The default is None Command Mode User EXEC 5 403 debug vpc peer detection Enable debug traces for the dual control plane ...

Page 454: ...ed as a VLAN and is a LAG member the VLAN cannot be designated as a source VLAN for a Monitor session In the same manner if an interface is configured in a VLAN and assigned as a source VLAN for a monitor session the interface can be designated as a LAG member No command removes the specified mirrored port from the selected port mirroring session monitor session session id source interface slot po...

Page 455: ...s of that VLAN are monitored Note If an interface is configured as a VLAN and is a LAG member the VLAN cannot be designated as a source VLAN for a Monitor session In the same manner if an interface is configured in a VLAN and assigned as a source VLAN for a monitor session the interface can designated as a LAG member No command removes the specified probe port from the selected port mirroring sess...

Page 456: ...acl name acl name Enter access list name up to 31 characters in length Default The default is None Command Mode Global Config 5 407 monitor session mode Enable the selected port mirroring session to configure a probe and monitored port for monitor session port monitoring A VLAN can be configured as the source to a session all member ports of that VLAN are monitored Remote port mirroring is configu...

Page 457: ...ession port monitoring designation from the source probe port the destination monitored port and all VLANs Once removed from the VLAN a port must be added manually to the desired VLAN Use the source interface slot port parameter or destination interface to remove the specified interface from the port monitoring session Use the mode parameter to disable the administrative mode of the session no mon...

Page 458: ...on ports and restores the default for mirroring session mode for all the configured sessions no monitor Parameters None Default The default is Enabled Command Mode Global Config 5 410 remote span Identified the VLAN as the RSPAN VLAN No command clears the RSPAN information for the VLAN remote span no remote span Parameters None Default The default is None Command Mode VLAN Config ...

Page 459: ...and Mode Privileged EXEC Example Switch show monitor session 1 Session Admin Probe Src Mirrored Ref Src Dst Type IP MAC ID Mode Port VLAN Port Port RVLAN RVLAN ACL ACL 1 Enable 0 8 0 10 Rx Tx Switch show monitor session all Session Admin Probe Src Mirrored Ref Src Dst Type IP MAC ID Mode Port VLAN Port Port RVLAN RVLAN ACL ACL 1 Enable 0 8 0 10 Rx Tx 2 Disable 6 0 4 10 4 3 Disable 0 11 10 101 4 En...

Page 460: ...1 Enable 1 0 4 15 4 2 Enable 0 15 2 3 Enable 3 0 20 10 4 Enable 0 11 0 16 Rx Tx 10 Display Parameters Session ID Integer identifying the session Admin Mode Indicates Port Mirroring status enabled or disabled for the session identified with session id Probe Port Identified probe port destination port for the session id Src VLAN Indicates mirrored status of all member ports Mirrored Port Identifies ...

Page 461: ...iltering allows you to configure destination ports for a static multicast MAC filter irrespective of the platform 5 413 macfilter Add a static MAC filter entry for the macaddr MAC address on the VLAN vlanid The value of the macaddr parameter is defined as a 6 byte hexadecimal number with the following format b1 b2 b3 b4 b5 b6 The following are restricted MAC Addresses 00 00 00 00 00 00 01 80 C2 00...

Page 462: ...4 macfilter adddest Add a single or range of interfaces to the destination filter with macaddr MAC filter and vlanid VLAN The macaddr parameter must be specified as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN Note Configuring a destination port list is only valid for multicast MAC addresses No command removes a port from the destina...

Page 463: ... adddest all macaddr vlanid no macfilter adddest all macaddr vlanid Parameters macaddr Enter MAC address vlanid Enter a VLAN ID 1 4093 Default The default is None Command Mode Global Config 5 416 macfilter addsrc Add a single or range of interfaces to the source destination filter with macaddr MAC filter and vlanid VLAN The macaddr parameter is defined by a 6 byte hexadecimal number in the format o...

Page 464: ...e macaddr parameter as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN macfilter addsrc all macaddr vlanid no macfilter addsrc all macaddr vlanid Parameters macaddr Enter MAC address vlanid Enter a VLAN ID 1 4093 Default The default is None Command Mode Global Config 5 418 show mac address table static Display the Static MAC Filtering ...

Page 465: ... Destination Port s 01 00 5E 00 00 01 1 0 1 01 00 5E 00 00 02 1 0 2 AA BB CC DD EE FF 1 Display Parameters MAC Address The static MAC filter entry address VLAN ID The static MAC filter entry VLAN ID Source Port s Displays the defined slot and port s for the source port filter sets Destination Port s Displays the defined slot and port s for the destination port for this rule 5 419 show mac address ...

Page 466: ...ns Type Describes the type of entry Static or Dynamic Static entries are configured by the end user while dynamic entries are added to the table as a result of a learned process or protocol Description The text description of this multicast table entry Interfaces The list of interfaces designated for forwarding Fwd and filtering Flt DHCP L2 Relay Agent Commands Enable operation as a DHCP Layer 2 r...

Page 467: ...2 reception No command configures an interface to default untrusted for Option 82 reception dhcp l2relay trust no dhcp l2relay trust Parameters None Default The default is Untrusted Command Mode Interface Config 5 422 show dhcp l2relay all Display the DHCP L2 Relay configuration summary show dhcp l2relay all Parameters None Default The default is None Command Mode Privileged EXEC Example The follo...

Page 468: ...y circuit id vlan Display DHCP circuit id vlan configuration show dhcp l2relay circuit id vlan vlan list Parameters vlan list Enter a VLAN ID identifier range 1 4093 A dash specifies a range while a comma separates VLAN IDs within a list Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Switch show dhcp l2relay circuit id vlan 1 DHCP L2 ...

Page 469: ...ode Privileged EXEC Example The following is a CLI display output example Switching show dhcp l2relay interface all DHCP L2 Relay is Enabled Interface L2RelayMode TrustMode 0 2 Enabled untrusted 0 4 Disabled trusted 5 425 show dhcp l2relay remote id vlan Displays DHCP Remote id vlan configuration show dhcp l2relay remote id vlan vlan list Parameters vlan list Enter VLAN ID identifiers range 1 to 4...

Page 470: ...None Command Mode Privileged EXEC Example The following is a CLI display output example Switching show dhcp l2relay stats interface all DHCP L2 Relay is Enabled Interface UntrustedServer UntrustedClient TrustedServer TrustedClient MsgsWithOpt82 MsgsWithOpt82 MsgsWithOpt82 MsgsWithOpt82 0 1 0 0 0 0 0 2 0 0 3 7 0 3 0 0 0 0 0 4 0 12 0 0 0 5 0 0 0 0 0 6 3 0 0 0 0 7 0 0 0 0 0 8 0 0 0 0 0 9 0 0 0 0 0 10...

Page 471: ...d L2 Relay Circuitld RemoteID 5 Enabled Enabled NULL 6 Enabled Enabled NULL 7 Enabled Disabled NULL 8 Enabled Disabled NULL 9 Enabled Disabled NULL 10 Enabled Disabled NULL 5 428 show dhcp l2relay vlan Displays DHCP vlan configuration show dhcp l2relay vlan vlan list Parameters vlan list Enter VLAN ID identifier range 1 to 4093 A dash specifies a range while a comma separates VLAN IDs within a list...

Page 472: ...rface in slot port format all Clears DHCP L2 Relay statistics for all enabled interfaces Default The default is None Command Mode Privileged EXEC DHCP Client Commands 5 430 dhcp client vendor id option Enable the inclusion of DHCP Option 60 and Vendor Class Identifier in the DHCP server transmitted requests No command disables the inclusion of DHCP Option 60 and Vendor Class Identifier in DHCP ser...

Page 473: ...dhcp client vendor id option string Parameters string Vendor id suboption string of length 0 128 characters Default The default is None Command Mode Global Config 5 432 show dhcp client vendor id option Display the configured administration mode of the vendor id option and the vendor id string to be included in Option 43 in DHCP requests show dhcp client vendor id option Parameters None Default Th...

Page 474: ...ooping Enable DHCP Snooping globally No command to disable DHCP Snooping globally ip dhcp snooping no ip dhcp snooping Parameters None Default The default is Disabled Command Mode Global Config 5 434 ip dhcp snooping vlan Enable DHCP Snooping on a list of comma separated VLAN ranges No command disables DHCP Snooping on VLANs ip dhcp snooping vlan vlan list no ip dhcp snooping vlan vlan list Parame...

Page 475: ...s Parameters None Default The default is Enabled Command Mode Global Config 5 436 ip dhcp snooping database Use this command to configure the persistent location of the DHCP Snooping database This can be local or a remote file on a given IP machine ip dhcp snooping database local tftp hostIP filename write delay Parameters local Configure DHCP snooping binding URL in the form local tftp hostIP fil...

Page 476: ...e Default The default is 300 seconds Command Mode Global Config 5 438 ip dhcp snooping binding Use this command to configure static DHCP Snooping binding Use the no command to remove the DHCP static entry from the DHCP Snooping database ip dhcp snooping binding mac address vlan vlan id ip address interface interface id no ip dhcp snooping binding mac address vlan vlan id ip address interface inter...

Page 477: ...terface id Indicates the interface to specify Default The default is None Command Mode Global Config 5 440 ip dhcp snooping limit Use this command to control the rate at which the DHCP Snooping messages come on an interface or range of interfaces By default rate limiting is disabled When enabled the rate can range from 0 to 300 packets per second The burst level range is 1 to 15 seconds Use the no...

Page 478: ...e the no command to disable the logging DHCP messages filtration by the DHCP Snooping application ip dhcp snooping log invalid no ip dhcp snooping log invalid Parameters None Default The default is Disabled Command Mode Interface Config 5 442 ip dhcp snooping trust Use this command to configure an interface or range of interfaces as trusted Use the no command to configure the port as untrusted ip d...

Page 479: ...interface or a range of interfaces Use the no command to disable the IPSG configuration in the hardware You cannot disable port security alone if it is configured ip verify source port security no ip verify source Parameters port security Filter incoming packets by source MAC address Default The default is None Command Mode Interface Config 5 444 show ip dhcp snooping Use this command to display t...

Page 480: ...ed interface 5 445 show ip dhcp snooping binding Use this command to display the DHCP Snooping binding entries To restrict the output use the following options Dynamic Restrict the output based on DCHP snooping Interface Restrict the output based on a specific interface Static Restrict the output based on static entries VLAN Restrict the output based on VLAN show ip dhcp snooping binding static dy...

Page 481: ...the binding database IP Address Displays the valid IP address for the binding rule VLAN The VLAN for the binding rule Interface The interface to add a binding into the DHCP snooping interface Type Binding type statically configured from the CLI or dynamically learned Lease time sec The remaining lease time for the entry 5 446 show ip dhcp snooping database Use this command to display the DHCP Snoo...

Page 482: ...dhcp snooping interfaces Use this command to show the DHCP Snooping status of the interfaces show ip dhcp snooping interfaces Parameters None Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show ip dhcp snooping interfaces Interface Trust State Rate Limit pps Burst Interval seconds 0 1 No 15 1 0 2 No 15 1 0 3 N...

Page 483: ...following shows example CLI display output for the command Routing show ip dhcp snooping statistics Interface MAC Verify Failures Client Ifc Mismatch DHCP Server Msgs Rec d 0 2 0 0 0 0 3 0 0 0 0 4 0 0 0 0 5 0 0 0 0 6 0 0 0 0 7 0 0 0 0 8 0 0 0 0 9 0 0 0 0 10 0 0 0 0 11 0 0 0 0 12 0 0 0 0 13 0 0 0 0 14 0 0 0 0 15 0 0 0 0 16 0 0 0 0 17 0 0 0 0 18 0 0 0 0 19 0 0 0 0 20 0 0 0 Display Parameters Interfa...

Page 484: ...dings on a single or all interfaces clear ip dhcp snooping binding interface slot port Parameters interface slot port Optional Restrict clear to a specific interface Default The default is None Command Mode Privileged EXEC User EXEC 5 450 clear ip dhcp snooping statistics Clear all DHCP Snooping statistics clear ip dhcp snooping statistics Parameters None Default The default is None Command Mode P...

Page 485: ...1 1 4 00 0F FE 00 13 04 10 Display Parameters Interface Interface address in slot port format Filter Type List one of two value types ip mac User has configured MAC address filtering on this interface ip Only IP address filtering on this interface IP Address lP address of the interface MAC Address Configure MAC address filtering to display the parameter Disabling port security sets MAC Address to per...

Page 486: ...dress identifier slot port format Filter Type Two values are available ip mac User has configured MAC address filtering on this interface ip Only IP address filtering on this interface 5 453 show ip source binding Display the IPSG bindings show ip source binding static dynamic interface slot port vlan id Parameters static Restrict the output based on static entries dhcp snooping Restrict the output...

Page 487: ...nterface IP address identifier slot port format Dynamic ARP Inspection Commands The Dynamic ARP Inspection DAI feature is designed to reject invalid and malicious ARP packets The DAI function prevents class of man in the middle attacks DAI relies on DHCP snooping which relies on DHCP message exchanges and builds a binding database of settings MAC address IP address VLAN and interface When enabled ...

Page 488: ...t logging no ip arp inspection vlan vlan list logging Parameters vlan list Enter VLAN IDs in range 1 4093 Use to specify a range or to separate VLAN IDs in a list Spaces and zeros are not permitted logging Enable Logging of invalid ARP packets Default The default is Disabled Command Mode Global Config 5 456 ip arp inspection validate Enable additional validation checks such as source mac validatio...

Page 489: ...inspection trust no ip arp inspection trust Parameters None Default The default is Disabled Command Mode Interface Config 5 458 ip arp inspection filter Configure the ARP ACL used to filter invalid ARP packets on a list of comma separated VLAN ranges If the static setting is identified no matching packets a permit statement are dropped without consulting the DHCP snooping bindings No command uncon...

Page 490: ...rp access list name Parameters name Enter arp access list name 1 31 alphanumeric characters in length Default The default is None Command Mode Global Config 5 460 permit ip host mac host ARP Access list Config Configure valid IP and MAC address combination rules used in ARP packet validation No command deletes a rule for a valid IP and MAC combination permit ip host sender ip mac host sender mac n...

Page 491: ...n show ip arp inspection interfaces slot port statistics vlan vlan list Parameters interfaces slot port Display Dynamic ARP Inspection Interface configuration statistics Display Dynamic ARP Inspection Statistics vlan vlan list Display Dynamic ARP Inspection VLAN configuration Default The default is None Command Mode Privileged EXEC User EXEC Example The following is a CLI display output example Ro...

Page 492: ...tic Flag If the ARP ACL is configured static on the VLAN 5 462 show ip arp inspection statistics Display the statistics of the ARP packets processed by Dynamic ARP Inspection show ip arp inspection statistics vlan vlan list Parameters vlan vlan list Optional Display Dynamic ARP Inspection Statistics on a VLAN List Default The default is None Command Mode Privileged EXEC User EXEC Example The follo...

Page 493: ...e number of packets dropped resulting from ARP ACL rule match failure DHCP Permits The number of packets permitted resulting from DHCP snooping binding database match ACL Permits The number of packets permitted resulting from ARP ACL rule match Bad Src MAC The number of packets dropped resulting from Source MAC validation failure Bad Dest MAC The number of packets dropped resulting from Destinatio...

Page 494: ...ter an interface in slot port format Default The default is None Command Mode Privileged EXEC User EXEC Example The following is a CLI display output example Routing show ip arp inspection interfaces Interface Trust State Rate Limit Burst Interval 0 1 Untrusted 15 1 0 2 Untrusted 10 10 Display Parameters Interface The interface identifier Trust State Displays state trusted or untrusted for DAI Rat...

Page 495: ...The supported IGMP Versions are 1 2 and 3 The feature conserves bandwidth allowing IP multicast traffic forwarding to connected hosts that request multicast traffic 5 466 set igmp Enable IGMP Snooping on the system Global Config Mode a single or a range of interfaces Configuration is also available to enable IGMP snooping on a single or all part participating VLANs The IGMP application supports th...

Page 496: ...er of the lGMPv2 message and drops packets that do not include this option Router alert option 9404 and ToS Byte 0xC0 Internet Control in the IP packet header of IGMPv3 message and drops packets that do not include these options No command disables header validation for IGMP messages set igmp header validation no set igmp header validation Parameters None Default The default is Disabled Command Mo...

Page 497: ...in mode on selected interfaces set igmp fast leave vlan_id no set igmp fast leave vlan_id Parameters vlan_id Optional Indicates the VLAN identifiations Default The default is Disabled Command Mode Interface Config VLAN Config 5 470 set igmp groupmembership interval Set the IGMP Group Membership Interval time on a VLAN one interface a range of interfaces or all interfaces The Group Membership Inter...

Page 498: ...it did not receive a report for a particular group in that interface This value must be less than the IGMP Query Interval time value The range is 1 to 25 seconds No command sets the max response time on the interface or VLAN to the default value set igmp maxresponse vlan_id 1 25 no set igmp maxresponse vlan_id Parameters vlan_id Optional Indicates the VLAN identification Default The default is 10 ...

Page 499: ... Optional Indicates the VLAN identification Default The default is 0 Command Mode Interface Config Global Config VLAN Config 5 473 set igmp mrouter Configures the VLAN ID vlan_id that has the multicast router mode enabled No command disables multicast router mode for a particular VLAN ID vlan_id set igmp mrouter vlan_id no set igmp mrouter vlan_id Parameters vlan_id Optional Indicates the VLAN ide...

Page 500: ... Suppress the IGMP reports on a given VLAN ID In order to optimize the number of reports traversing the network with no added benefits a Report Suppression mechanism is implemented When more than one client responds to an MGMD query for the same Multicast Group address within the max response time only the first response is forwarded to the query and others are suppressed at the switch No command ...

Page 501: ...a CLI display output example Routing show igmpsnooping 1 VLAN ID 1 IGMP Snooping Admin Mode Enabled Fast Leave Mode Disabled Group Membership Interval secs 260 Maximum Response Time secs 10 Multicast Router Expiry Time secs 0 Report Suppression Mode Enabled Display Parameters When the optional argument slot port or vlan_id are not used the command displays the following information Admin Mode Indi...

Page 502: ...ooping Admin Mode Indicates whether IGMP Snooping is active on the VLAN Fast Leave Mode Indicates whether IGMP Snooping Fast leave is active on the VLAN Group Membership Interval secs The waiting period for a report from a particular group on a particular interface which is participating in the VLAN before deleting the interface from the entry This value may be configured Maximum Response Time sec...

Page 503: ...rmation is being displayed Multicast Router Attached Indicates whether multicast router is statically enabled on the interface VLAN ID The list of VLANs of which the interface is a member 5 478 show igmpsnooping mrouter vlan Display statically configured port information show igmpsnooping mrouter vlan slot port Parameters slot port Enter an interface in slot port format Default The default is None...

Page 504: ... that originated from a source address specified by the receiver SSM is only available with IGMPv3 and MLDv2 show igmpsnooping ssm entries groups I stats Parameters entries Display source specific multicast forwarding database groups Display IGMP SSM group membership information stats Display statistics of IGMP snooping SSMFDB Default The default is None Command Mode Privileged EXEC 5 480 show mac...

Page 505: ...ps Essentially the responses known as IGMP reports maintains updates with the current multicast group membership on a port by port basis 5 481 set igmp querier Enable IGMP Snooping Querier on the system using Global Config mode or on a VLAN The function allows you to specify the lP Address that the Snooping Querier switch should use as a source address while generating periodic queries Note Querie...

Page 506: ...and Mode Global Config 5 483 set igmp querier timer expiry Set the IGMP Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Querier in the network No command sets the IGMP Querier timer expiration period to default set igmp querier timer expiry 60 300 no set igmp querier timer expiry Parameters None Defa...

Page 507: ...less than the Snooping Querier s address it stops sending periodic queries If the Snooping Querier wins the election then it will continue sending periodic queries Use the no command to set the Snooping Querier not to participate in querier election but go into non querier mode as soon as it discovers the presence of another querier in the same VLAN set igmp querier election participate no set igm...

Page 508: ...which will be used in the IPv4 header while sending out IGMP queries It can be configured using the appropriate command Query Interval The amount of time in seconds that a Snooping Querier waits before sending out the periodic general query Querier Timeout The amount of time to wait in the Non Querier operational state before moving to a Querier state When you specify a value for vlanid the follow...

Page 509: ... can use IGMP Snooping to limit the flooding of multicast traffic by dynamically configuring Layer 2 interfaces so that multicast traffic is forwarded only to those interfaces associated with IP multicast addresses In IPv6 MLD Snooping performs a similar function With MLD Snooping IPv6 multicast data is selectively forwarded to a list of ports that want to receive the data instead of being flooded ...

Page 510: ...st leave admin mode on a selected interface or VLAN Enabling fast leave allows the switch to immediately remove the Layer 2 LAN interface from its forwarding table entry upon receiving and MLD done message for that multicast group without first sending out MAC based general queries to the interface Note You should enable fast leave admin mode only on VLANs where only one host is connected to each ...

Page 511: ... command to set the MLDv2 Group Membership Interval time to the default value set mld groupmembership interval vlanid 2 3600 no set mld groupmembership interval Parameters vlanid Display MLD group membership VLAN information Default The default is 260 Command Mode Global Config Interface Config VLAN Mode 5 491 set mld maxresponse Use this command to set the MLD Maximum Response time for the system...

Page 512: ... the list of interfaces with multicast routers attached The range is 0 to 3600 seconds A value of 0 indicates an infinite timeout i e no expiration Use the no command to set the Multicast Router Present Expiration time to 0 The time is set for the system on a particular interface or a VLAN set mld mcrtexpiretime 0 3600 no set mld mcrtexpiretime Parameters expiration time Enter 0 to 3600 seconds De...

Page 513: ...interface When configured as a multicast router interface the interface is treated as a multicast router attached interface in all VLANs Use the no command to disable the status of the interface as a statically configured multicast router attached interface set mld mrouter interface no set mld mrouter interface Parameters None Default The default is Disabled Command Mode Interface Config 5 495 sho...

Page 514: ... Snooping is active on the interface Fast Leave Mode lndicates whether MLD Snooping Fast Leave is active on the VLAN Group Membership Interval Shows the amount of time in seconds that a switch will wait for a report from a particular group on a particular interface which is participating in the VLAN before deleting the interface from the entry This value may be configured Max Response Time Display...

Page 515: ... on which multicast router information is being displayed Multicast Router Attached Indicates whether multicast router is statically enabled on the interface VLAN ID Displays the list of VLANs of which the interface is a member 5 497 show mldsnooping mrouter vlan Use this command to display information about statically configured multicast router attached interfaces show mldsnooping mrouter vlan s...

Page 516: ...specified group Interfaces 1 lf Source Filter Mode is include specifies the list of interfaces on which an incoming packet is forwarded If it s source IP address is equal to the current entry s Source the destination IP address is equal to the current entry s Group and the VLAN ID on which it arrived is current entry s VLAN 2 If Source Filter Mode is Exclude specifies the list of interfaces on whi...

Page 517: ... The total number of entries that can possibly be in the MLD snooping s SSMFDB Most SSMFDB Entries Ever Used The largest number of entries that have been present in the MLD snooping s SSMFDB Current Entries The current number of entries in the MLD snooping s SSMFDB 5 500 show mldsnooping ssm groups Use this command to display the MLD SSM group membership information show mldsnooping ssm groups Par...

Page 518: ...ble mldsnooping Parameters None Default The default is None Command Mode Privileged EXEC Display Parameters VLAN ID The VLAN in which the MAC address is learned MAC Address A multicast MAC address for which the switch has forwarding or filtering information The format is 6 two digit hexadecimal numbers that are separated by colons for example 01 23 45 67 89 AB Type The type of entry which is eithe...

Page 519: ...odes Operationally the system chooses or prefers the VLAN configured values over the Interface configured values for most configurations when the interface participates in the VLAN 5 503 set mld querier Use this command to enable MLD Snooping Querier on the system Global Config Mode or on a VLAN Using this command you can specify the IP address that the snooping querier switch should use as a sour...

Page 520: ... command to set the MLD Querier Query lnterval time to its default value set mld querier query_interval 1 1800 no set mld querier query_interval Parameters None Default The default is 60 seconds Command Mode Global Config 5 505 set mld querier timer expiry Use this command to set the MLD Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has d...

Page 521: ...on then it will continue sending periodic queries Use the no command to set the snooping querier not to participate in querier election but go into a non querier mode as soon as it discovers the presence of another querier in the same VLAN set mld querier election participate no set mld querier election participate Parameters None Default The default is Disabled Command Mode VLAN Config 5 507 show...

Page 522: ... is in Querier or Non Querier state When the switch is in Querier state it will send out periodic general queries When in Non Querier state it will wait for moving to Querier state and does not send out any queries VLAN Operational Max Response Time Indicates the time to wait before removing a Leave from a host upon receiving a Leave request This value is calculated dynamically from the Queries re...

Page 523: ...ing on an interface a range of interfaces or at the system level Use the no command to disable port locking for one Interface Config or all Global Config ports port security no port security Parameters None Default The default is Disabled Command Mode Global Config to enable port locking globally Interface Config to enable port locking on an interface or range of interfaces 5 509 port security max...

Page 524: ...y max static Parameters maxvalue Set Dynamic Limit for the interface 0 20 Default The default is 1 Command Mode Interface Config 5 511 port security mac address This command adds a MAC address to the list of statically locked MAC addresses for an interface or range of interfaces The vid is the VLAN ID Use the no command to remove a MAC address from the list of statically locked MAC addresses port s...

Page 525: ...addresses These sticky addresses are converted back to dynamically locked addresses if sticky mode is disabled on the port The vid is the VLAN ID The Global command applies the sticky mode to all valid interfaces physical and LAG There is no global sticky mode as such Sticky addresses that are dynamically learned will appear in show running config as port security mac address sticky mac vid entrie...

Page 526: ...precedence over port MAC locking Use the no command to disable VLAN port security on the specified VLAN mac address table limit action shutdown notification trap maximum num vlan vlan id no mac address table limit action shutdown notification trap maximum num vlan vlan id Parameters action shutdown Optional After the MAC limit has been reached the action will shut down the ports participating in t...

Page 527: ...w port security slot port lag lag id all Parameters slot port Optional Display port security information for a specific interface lag lag id Optional Enter into interface lag mode all Optional Display port security information for all interfaces Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show port security...

Page 528: ...security information for a specific interface lag lag id Optional Enter into interface lag mode Default The default is None Command Mode Privileged EXEC Display Parameters MAC Address MAC Address of dynamically locked MAC 5 517 show port security static This command displays the statically locked MAC addresses for port Instead of slot port lag lag id can be used as an alternate way to specify the ...

Page 529: ...N ID The ID of the VLAN that includes the host with the specified MAC address Sticky Indicates whether the static MAC address entry is added in sticky mode 5 518 show port security violation This command displays the source MAC address of the last packet discarded on a locked port Instead of slot port lag lag id can be used as an alternate way to specify the LAG interface lag lag id can also be use...

Page 530: ...show mac address table limit vlan id Parameters vlan id The VLAN ID on which MAC locking has been configured Default The default is None Command Mode Privileged EXEC Example Routing show mac address table limit Vlan MAC Locking Administration Mode Enabled For Vlan 10 Configured mac limit 3 Operational mac limit 3 Violation trap mode Enabled Violation shutdown mode Disabled vlan Interface Mac Addres...

Page 531: ...nds This section describes the command you use to configure Link Layer Discovery Protocol LLDP Which is defined in the IEEE 802 1AB specification LLDP allows stations on an 802 LAN to advertise major capabilities and physical descriptions The advertisements allow a network management system NMS to access and display this information 5 520 lldp transmit Use this command to enable the LLDP advertise...

Page 532: ...nge is 1 32768 seconds The hold value is the multiplier on the transmit interval that sets the TTL in local data LLDPDUs The multiplier range is 2 10 The reinit seconds is the delay before reinitialization and the range is 1 0 seconds Use the no command to return any or all timing parameters for local data transmission on ports enabled for LLDP to the default values lldp timers interval interval s...

Page 533: ...lv sys desc sys name sys cap port desc no lldp transmit tlv sys desc sys name sys cap port desc Parameters sys desc Optional Include Exclude LLDP system description TLV sys name Optional Include Exclude LLDP system name TLV sys cap Optional Include Exclude LLDP system capabilities TLV port desc Optional Include Exclude LLDP port description TLV Default The default is is as follows No optional TLVs...

Page 534: ...ldp notification Parameters None Default The default is Disabled Command Mode Interface Config 5 526 lldp notification interval Use this command to configure how frequently the system sends remote data change notifications The interval parameter is the number of seconds to wait between sending notifications Use the no command to return the notification interval to the default value lldp notificatio...

Page 535: ... Parameters None Default The default is None Command Mode Privileged EXEC 5 528 clear lldp remote data Use this command to delete all information from the LLDP remote data table including MED related information clear lldp remote data Parameters None Default The default is None Command Mode Global Config 5 529 show lldp Use this command to display a summary of the current LLDP configuration show l...

Page 536: ...tem transmits local data LLDPDUs in seconds Transmit Hold Multiplier The multiplier on the transmit interval that sets the TTL in local data LLDPDUs Re initialization Delay The delay before reinitialization in seconds Notification Interval How frequently the system sends remote data change notifications in seconds 5 530 show lldp interface Use this command to display a summary of the current LLDP ...

Page 537: ...own Disabled Disabled Disabled N 0 15 Down Disabled Disabled Disabled N 0 16 Down Disabled Disabled Disabled N 0 17 Down Disabled Disabled Disabled N 0 18 Down Disabled Disabled Disabled N 0 19 Down Disabled Disabled Disabled N 0 20 Down Disabled Disabled Disabled N 0 21 Down Disabled Disabled Disabled N 0 22 Down Disabled Disabled Disabled N 0 23 Down Disabled Disabled Disabled N 0 24 Down Disabl...

Page 538: ...led Disabled Disabled N 0 59 Detach Disabled Disabled Disabled N 0 60 Detach Disabled Disabled Disabled N 0 61 Detach Disabled Disabled Disabled N 0 62 Detach Disabled Disabled Disabled N 0 63 Detach Disabled Disabled Disabled N 0 64 Detach Disabled Disabled Disabled N 0 65 Detach Disabled Disabled Disabled N 0 66 Detach Disabled Disabled Disabled N 0 67 Detach Disabled Disabled Disabled N 0 68 De...

Page 539: ...formation in the LLDPDUs 5 531 show lldp statistics Use this command to display the current LLDP traffic and remote table statistics for a specific interface or for all interfaces show lldp statistics slot port all Parameters slot port Enter an interface in slot port format all Enter all for all interfaces Default The default is None Command Mode Privileged EXEC Example The following shows an exam...

Page 540: ...mber of LLDP frames discarded on the port for any reason Errors The number of invalid LLDP frames received on the port Ageouts Total number of times a complete remote data entry was deleted for the port because the Time to Live interval expired TVL Discards The number of TLVs discarded TVL Unknowns Total number of LLDP TLVs received on the port where the type value is in the reserved range and not...

Page 541: ...90 01 0F 00 FC E3 90 01 12 0 7 4 00 FC E3 90 01 0F 00 FC E3 90 01 13 0 7 5 00 FC E3 90 01 0F 00 FC E3 90 01 14 0 7 1 00 FC E3 90 01 0F 00 FC E3 90 03 11 0 7 6 00 FC E3 90 01 0F 00 FC E3 90 04 11 0 8 0 9 0 10 0 11 0 12 More or q uit Display Parameters Local Interface The interface that received the LIRDPDU from the remote device RemID An internal identifier to the switch to mark each remote device ...

Page 542: ... Remo Device Detail Local Interface 0 7 Remote Identifier 2 Chassis ID Subtype MAC Address Chassis ID 00 FC E3 90 01 0F Port ID Subtype MAC Address Port ID 00 FC E3 90 01 11 System Name System Description Port Description System Capabilities Supported System Capabilities Enabled Time to Live 24 seconds Display Parameters Local Interface The interface that received the LLDPDU from the remote device...

Page 543: ... LLDP agent lists the type of address the remote LLDP agent uses and specifies the address used to obtain information related to the device Time To Live The amount of time in seconds the remote device s information received in the LLDPDU should be treated as valid information 5 534 show lldp local device Use this command to display summary information about the advertised LLDP local data This comm...

Page 544: ...ds the LLDPDU Chassis ID Subtype The type of identification used in the Chassis ID field Chassis ID The chassis of the local device Port ID Subtype The type of port on the local device Port ID The port number that transmitted the LLDPDU System Name The system name of the local device System Description Describes the local system by identifying the system name and versions of hardware operating sys...

Page 545: ...o enable MED on an interface or a range of interfaces By enabling MED you will be effectively enabling the transmit and receive function of LLDP Use the no command to disable MED lldp med no lldp med Parameters None Default The default is Disabled Command Mode Interface Config 5 537 lldp med confignotification Use this command to configure an interface or a range of interfaces to send the topology...

Page 546: ...pabilities ex pd ex pse inventory location network policy Parameters capabilities Optional Transmit the LLDP capabilities TLV ex pd Optional Transmit the LLDP extended PD TLV ex pse Optional Transmit the LLDP extended PSE TLV inventory Optional Transmit the LLDP inventory TLV location Optional Transmit the LLDP location TLV network policy Optional Transmit the LLDP network policy TLV Default The d...

Page 547: ...t count is the number of LLDP PDUs that will be transmitted when the product is enabled The range is 1 to 10 Use the no command to return to the factory default value lldp med faststartrepeatcount count no lldp med faststartrepeatcount Parameters count Optional The number of LLDP PDUs that will be sent when enabled Default The default is 3 Command Mode Global Config 5 542 lldp med transmit tlv all...

Page 548: ...y Transmit the LLDP inventory TLV location Transmit the LLDP location TLV network policy Transmit the LLDP network policy TLV Default The default is as follows Capabilities and network policy TLVs included Command Mode Global Config 5 543 show lldp med Use this command to display a summary of the current LLDP MED configuration show lldp med Parameters None Default The default is None Command Mode ...

Page 549: ...e command Routing show lldp med interface all Interface Link configMED operMED ConfigNotify TLVsTx 0 1 Down Disabled Disabled Disabled 0 1 0 2 up Disabled Disabled Disabled 0 1 0 3 Down Disabled Disabled Disabled 0 1 0 4 Down Disabled Disabled Disabled 0 1 0 5 Down Disabled Disabled Disabled 0 1 0 6 Down Disabled Disabled Disabled 0 1 0 7 Down Disabled Disabled Disabled 0 1 0 8 Down Disabled Disab...

Page 550: ...d to display detailed information about the LLDP MED data that a specific interface transmits slot port indicates a specific physical interface show lldp med local device detail slot port Parameters slot port Enter an interface in slot port format Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show lldp med lo...

Page 551: ...E Device Type pseDevice Extended POE PSE Available 0 3 watts Source primary Priority critical Extended POE PD Required 0 2 watts Source local Priority low 5 546 show lldp med remote device Use this command to display the summary information about remote devices that transmit current LLDP MED data to the system You can show information about LLDP MED remote data received on all valid LLDP interface...

Page 552: ...work Con Display Parameters Local Interface The interface that received the LLDPDU from the remote device Remote ID An internal identifier to the switch to mark each remote device to the system Device Class Device classification of the remote device 5 547 show lldp med remote device detail Use this command to display detailed information about remote devices that transmit current LLDP MED data to ...

Page 553: ...header size TCP Flag TCP Flag SYN set and Source Port 1024 or TCP Control Flags 0 and TCP Sequence Number 0 or TCP Flags FIN URG and PSH set and TCP Sequence Number 0 or TCP Flags SYN and FIN set L4 Port Source TCP UDP Port Destination TCP UDP Port ICMP Limiting the size of ICMP Ping packets SMAC DMAC Source MAC address Destination MAC address TCP Port Source TCP Port Destination TCP Port UDP Port...

Page 554: ...ion IP address SIP DIP Denial of Service prevention dos control sipdip no dos control sipdip Parameters None Default The default is Disabled Command Mode Global Config 5 550 dos control firstfrag This command enables Minimum TCP Header Size Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress having a TCP Header Size ...

Page 555: ...the no command to disable TCP Fragment Denial of Service protection dos control tcpfrag no dos control tcpfrag Parameters None Default The default is Disabled Command Mode Global Config 5 552 dos control tcpflag This command enables TCP Flag Denial of Service protections If the mode is enabled Denial of Service prevention is active for this type of attacks and packets will be dropped as follows Pa...

Page 556: ...de is enabled Use the no command to disable L4 Port Denial of Service protections Note Some applications mirror source and destination L4 ports dos control l4port no dos control l4port Parameters None Default The default is Disabled Command Mode Global Config 5 554 dos control icmp This command enables Maximum ICMP Packet Size Denial of Service protections If the mode is enabled Denial of Service ...

Page 557: ...nation MAC address SMAC DMAC Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SMAC DMAC the packets will be dropped if the mode is enabled Use the no command to disable Source MAC address Destination MAC address SMAC DMAC DoS protection dos control smacdmac no dos control smacdmac Parameters None Default The ...

Page 558: ...nial of Service protection dos control tcpport no dos control tcpport Parameters None Default The default is Disabled Command Mode Global Config 5 557 dos control udpport This command enables UDP L4 source destination port number Source UDP Port Destination UDP Port DoS protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with Source U...

Page 559: ...nial of Service protection dos control tcpflagseq no dos control tcpflagseq Parameters None Default The default is Disabled Command Mode Global Config 5 559 dos control tcpoffset This command enables TCP Offset Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack lf packets ingress having TCP Header Offset equal to one 1 the packets wil...

Page 560: ... default is Disabled Command Mode Global Config 5 561 dos control tcpsynfin This command enables TCP SYN and FIN Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress having TCP flags SYN and FIN set the packets will be dropped if the mode is enabled Use the no command to set disables TCP SYN FIN Denial of Sen ice prote...

Page 561: ...ctions If the mode is enabled Denial of Service prevention is active for this type of attack If ICMPv6 Echo Request PING packets ingress having a size greater than the configured value the packets will be dropped if the mode is enabled Use the no command to disable Maximum ICMP Packet Size Denial of Service protections dos control icmpv6 0 16376 no dos control icmpv6 Parameters None Default The de...

Page 562: ...ntrol This command displays Denial of Service configuration information show dos control Parameters None Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show dos control Port D disable mode Disable First Fragment Mode Disable Min TCP Hdr Size 20 ICMPv4 Mode Disable Max ICMPv4 Payload Size 512 ICMPv6 Mode Disable Max ICMPv6 Payl...

Page 563: ...ory default is disabled UDP Port Mode May be enabled or disabled The factory default is disabled SIPDIP Mode May be enabled or disabled The factory default is disabled SMACDMAC Mode May be enabled or disabled The factory default is disabled TCP Flag Mode May be enabled or disabled The factory default is disabled TCP FIN URG PSH Mode May be enabled or disabled The factory default is disabled TCP Fl...

Page 564: ...he default is 300 Command Mode Global Config 5 567 show forwardingdb agetime This command displays the timeout for address aging show forwardingdb agetime Parameters None Default The default is All Command Mode Privileged EXEC Example The following shows an example of the command Routing show forwardingdb agetime Address Aging Timeout 300 Display Parameters Address Aging Timeout Displays the syste...

Page 565: ...ticast forwarding table the command output looks similar to the following Routing show mac address table multicast VLAN ID MAC Address Source Type Description Interface Fwd Interface 1 01 00 5E 01 02 03 Filter Static Mgmt Config Fwd Fwd 0 1 0 1 0 2 0 2 0 3 0 3 0 4 0 4 0 5 0 5 0 6 0 6 0 7 0 7 0 8 0 8 0 9 0 9 0 10 0 10 More or q uit Display Parameters VLAN ID The VLAN in which the MAC address is lea...

Page 566: ...tic filtering interfaces 5 569 show mac address table stats This command displays the Multicast Forwarding Database MFDB statistics show mac address table stats Parameters None Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show mac address table stats Max MFDB Table Entries 2048 Most MFDB Entries Since Last Reset 0 Current En...

Page 567: ...o disable ISDP on the switch isdp run no isdp run Parameters None Default The default is Enabled Command Mode Global Config 5 571 isdp holdtime This command configures the hold time for ISDP packets that the switch transmits The hold time specifies how long a receiving device should store information sent in the ISDP packet before discarding it The range is given in seconds isdp holdtime 10 255 Pa...

Page 568: ...ble the sending of ISDP version 2 packets from the device isdp advertise v2 no isdp advertise v2 Parameters None Default The default is Enabled Command Mode Global Config 5 574 isdp enable This command enables ISDP on an interface or range of interfaces Use the no command to disable ISDP on the interface Note ISDP must be enabled both globally and on the interface in order for the interface to tra...

Page 569: ...default is Enabled Command Mode Interface Config 5 575 clear isdp counters This command clears ISDP counters clear isdp counters Parameters None Default The default is None Command Mode Privileged EXEC 5 576 clear isdp table This command clears entries in the ISDP table clear isdp table Parameters None Default The default is None ...

Page 570: ... Name Device ID format Serial Number Display Parameters Timer The frequency with which this device sends ISDP packets This value is given in seconds Hold Time The length of time the receiving device should save information sent by this device This value is given in seconds lSDPv2 Advertisements The setting for sending lSDPv2 packets If disabled version 1 packets are transmitted Device ID The Devic...

Page 571: ... MAC address other indicates that the value is in the form of a platform specific ASCII string containing info that identifies the device For example ASCII string contains serialNumber appended prepended with system name 5 578 show isdp interface This command displays ISDP settings for the specified interface show isdp interface all slot port Parameters all Display ISDP mode for all available inter...

Page 572: ...tised the information IP Addresses The IP address es associated with the neighbor Platform The hardware platform advertised by the neighbor Interface The interface slot port on which the neighbor s advertisement was received Port ID The port ID of the interface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Version The software version that the ne...

Page 573: ...05 47 33 Version 1 2 0 3 Display Parameters Device ID The device ID associated with the neighbor which advertised the information IP Address es The IP addresses associated with the neighbor Capability ISDP functional capabilities advertised by the neighbor Platform The hardware platform advertised by the neighbor Interface The interface slot port on which the neighbor s advertisement was received ...

Page 574: ...ISDPv2 packets transmitted ISDP Bad Header Number of packets received with a bad header ISDP Checksum Error Number of packets received with a checksum error ISDP Transmission Failure Number of packets which failed to transmit ISDP invalid Format Number of invalid packets received ISDP Table Full Number of times a neighbor entry was not added to the table due to a full database ISDP IP Address Tabl...

Page 575: ...isable UDLD globally on the switch udld enable no udld enable Parameters None Default The default is Disabled Command Mode Global Config 5 583 udld message time Use the udld message time command in Global Config mode to configure the interval between UDLD probe messages on ports that are in the advertisement phase Use the no command to remove udld message time 7 90 Parameters None Default The defa...

Page 576: ...Interface Config mode to enable UDLD on the specified interface Use the no command to in Interface Config mode to disable UDLD on the specified interface udld enable no udld enable Parameters None Default The default is Disabled Command Mode Interface Config 5 586 udld port Use the udld port command in Interface Config mode to select the UDLD mode operating on this interface If the keyword aggress...

Page 577: ...et Use the udld reset command in Privileged EXEC mode to reset all interfaces that have been shut down by UDLD udld reset Parameters None Default The default is None Command Mode Privileged EXEC 5 588 show udld Use the show udld command in Privileged EXEC or User EXEC modes to display the global settings of UDLD show udld Parameters None Default The default is None Command Mode Privileged EXEC Use...

Page 578: ... The time period in seconds before making the decision that the link is unidirectional 5 589 show udld slot port Use the show udld slot port command in Privileged EXEC or User EXEC modes to display the UDLD settings for the specified slot port show udld slot port all Parameters slot port Enter an interface in slot port format all Display UDLD mode for all available interfaces Default The default i...

Page 579: ...ery is configured the configured auto recovery time interval has passed For interface error disable and auto recovery an error condition is detected for an interface the interface is placed in a diagnostic disabled state by shutting down the interface The error disabled interface does not allow any traffic until the interface is re enabled The error disabled interface can be manually enabled Alter...

Page 580: ...s None Command Mode Global Config 5 591 errdisable recovery interval Use this command to configure the auto recovery time interval The auto recovery time interval is common for all causes The time can be any value from 30 to 86400 seconds When the recovery interval expires the system attempts to bring interfaces in the diag disable state back into service link up Use the no command to reset the au...

Page 581: ...to recovery from D Disable state 300 Display Parameters arp inspection Enable Disable status of arp inspection auto recovery bpduguard Enable Disable status of bpduguard auto recovery dhcp rate limit Enable Disable status of dhcp rate limit auto recovery sfp mismatch Enable Disable status of sfp mismatch auto recovery udld Enable Disable status of UDLD auto recovery bpdustorm Enable Disable status...

Page 582: ...detect the peer version and match it DCBX can be configured to operate in IEEE mode or CEE mode or CIN In auto mode version detection is based on the peer device DCBX version The switch operates in either IEEE or one legacy modes on each interface ln auto mode the switch will attempt to jump start the exchange by sending an IEEE frame followed by a CEE frame followed by a CIN frame The switch will...

Page 583: ... Parameters ets config Optional Transmit the Enhanced Transmission Selection ETS configuration TLV ets recommend Optional Transmit the ETS recommendation TLV pfc Optional Transmit the PFC configuration TLV application priority Optional Transmit the application priority TLV Default The default is as follows Transmission of all TLVs is enabled Command Mode Global Config Interface Config Example The ...

Page 584: ...eir configuration affected by peer devices or by internal propagation of configuration These ports will advertise their configuration to their peer if DCBX is enabled on that port The willing bit is set to disabled on manual role ports configuration source ln this role the port has been manually selected to be the configuration source Configuration received over this port is propagated to the othe...

Page 585: ...LV can be configured ETS Config Specifies the DCBX ets configuration TLV status of the interfaces ETS Recommend Specifies the DCBX DCBX ets recommendation TLV on the interfaces PFC Specifies the DCBX priority flow control TLV on the interfaces App Displays App priority Specifies the DCBX application priority TLV on the interfaces Priority App priority Specifies the DCBX application priority TLV on...

Page 586: ...0 3 Disabled Manual Auto 0 0 0 0 0 4 Disabled Manual Auto 0 0 0 0 0 5 Disabled Manual Auto 0 0 0 0 0 6 Disabled Manual Auto 0 0 0 0 0 7 Disabled Manual Auto 0 0 0 0 0 8 Disabled Manual Auto 0 0 0 0 ln the following example DCBX is not enabled Routing show lldp dcbx interface 0 1 DCBX operational status Disabled Reason LLDP TX RX is disabled Configured DCBX version Auto Peer DCBX version Peer MAC P...

Page 587: ...gestion Notification QCN feature is an aspect of the Data Center Package 6 6 qcn enable The qcn enable command is used in the Global Configuration mode in order to enable QCN on all of the ports of the system that is the command is a master enable control Once QCN has been enabled the system will recognize the CN TAG in any received frames such that the Congestion algorithm will run on the configur...

Page 588: ...ault is 0 Command Mode Global Config 6 8 qcn cnpv priority datacenter bridging config The qcn cnpv priority command is used in the Data Center Bridging Configuration mode in order to globally configure a CP port queue that has been mapped to the specified dot1p priority as a congestion enabled interior congestion disabled disable or edge congestion point edge for all the ports that have the defens...

Page 589: ...used to steer away any traffic that is sent from CN unaware sources When entering the Congestion Notification Domain CND domain traffic from non congestion aware sources is remarked so that those resources granted to the congestion enabled queues will not be exhausted with traffic from QCN unaware sources Since those frames are being sent from non QCN sources they will not have a CN TAG As such if...

Page 590: ...mponent disable If cp creation is disabled the per port defense mode choice is set to admin Default The default is Enabled for qcn cp creation Command Mode Global Config 6 11 qcn cnpv priority defense mode choice The qcn cnpv priority defense mode choice command is used in the lnterface Configuration mode to choose admin or component as the defense mode of an interface that is to choose whether th...

Page 591: ... of the congestion notification domain CND disable Disabled for QCN Used when it is desired that the priority be congestion unaware This setting disables detection of congestion on the priority Default The default is Disabled for all QCN priority Command Mode Interface Config 6 13 qcn cnpv priority alternate priority The qcn cnpv priority alternate priority command is used in the Interface Configur...

Page 592: ... in order to configure the mode of the QCN TLV transmission to disabled QCN TLVs transmissions are propagated via LLDP qcn transmit tlv enable no qcn transmit tlv enable Parameters None Default The default is Disabled QCN TLVs transmission Command Mode Interface Config 6 15 clear qcn statistics The clear qcn statistics command is used in the Privileged EXEC mode in order to clear the CNM transmitte...

Page 593: ...ion show qcn priority priority interface slot port all Parameters priority lf only priority is specified then per priority configuration is displayed slot port If the interface number is also specified then the command displays the configuration per port priority for the given priority all If all is specified then per priority information for all dot1p priorities is displayed Default The default is...

Page 594: ... 0 1 0 8 0 5 7 0 1 10 2 edge 0 disable 0 1 0 5 7 0 1 10 3 disabled 4 disabled 5 disabled 6 disabled 7 disabled The following is an example of the CLI display output for the command Routing show qcn priority 1 interface 0 1 Global Configuration QCN status Master enable Enabled CNM transmit priority 0 Per port priority configuration Defense mode choice admin Defense mode interior Alternate priority ...

Page 595: ...ctive priority 0 7 Parameters None Default The default is None Command Mode Privileged EXEC Example Routing Interface Number Defense mode Alternate priority 0 1 interior 2 0 2 edge 0 3 interior 0 0 4 disabled 0 5 interior The following is an example of the CLI display output for the command Routing show qcn active priority 1 Port Defense mode Alternate priority 0 1 disable 0 0 2 disable 0 0 3 disa...

Page 596: ...owing is an example of the CLI display output for the command Routing show qcn interface 0 1 cp index 1 Interface 0 1 cp index 1 MAC Address 00 10 18 00 00 FF CP Identifier 00012610071005 CNM transmit Priority 0 Congestion queue weight Sample base Cp Sizesetpoint Min HeaderOctets Note CPID can be deciphered as mentioned below 000126 Last 3 bytes of system MAC Address 1 unit number on which congest...

Page 597: ...ization and maintenance traffic from other types of FCoE traffic With only one exception FIP frames are of the standard Ethernet size that is 1518 Byte 802 1q frame while FCoE frames have a maximum size of 2240 bytes This document describes FIP snooping FIP snooping is a frame inspection method that is used by FIP Snooping Bridges in order to monitor FIP frames and to apply policies based upon the ...

Page 598: ...ll be forwarded or flooded using the normal multicast rules when FIP snooping is disabled In addition no other FIP snooping commands will be available until the FIP snooping feature has been enabled feature fip snooping no feature fip snooping Parameters None Default The default is Disabled Command Mode Global Config Example The following example of the command enables the FIP snooping feature s1 c...

Page 599: ... the VLAN Configuration mode in order to configure the FP MAP value on a VLAN This value helps to secure the switch against misconfiguration If they have been configured using fabric provided MAC addresses then FCoE devices will transmit any frames containing the FC map value in the upper 24 bits However only those frames that match the configured FC map value will be passed across the VLAN while any...

Page 600: ...onfigure an interface to face towards the FCF If an interface is not configured to be an FCF facing interface then it will by default be a host facing interface In order to receive DCBX information and propagate it to the CNAs on the downstream host facing ports it is recommended that FCF facing ports be placed into the auto upstream mode Meanwhile before FCoE traffic can pass over the port interf...

Page 601: ... 1 no fip snooping port mode fcf Interface 0 1 exit 6 24 show fip snooping The show fip snooping command is used in the User EXEC or the Privileged EXEC mode to show information regarding the global FIP snooping configuration and status show fip snooping Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output ...

Page 602: ...revent dropped frames while still allowing traffic with greater loss tolerance to continue flowing over the interface The priority field of the IEEE 802 1Q VLAN header differentiates among priorities with the field identifying the given IEEE 802 1 p priority value In D LINK OS it is required that these priority value be mapped to internal class of service CoS values The following steps should be t...

Page 603: ...ess priorities may be enabled on a single interface In order to ensure end to end lossless behavior the administrator must configure the no drop priorities to be the same across the network The command does not have any effect on those interfaces not enabled for PFC In addition VLAN tagging must be turned on to transmit the dot1p value through the network while the setting of dot1pmapping to class ...

Page 604: ...ear priority flow control statistics The clear priority flow control statistics command is used to delete all global and interface PFC statistics clear priority flow control statistics Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the command Routing clear priority flow control statistics 6 28 show interface priority flow control Th...

Page 605: ...igured State Disabled PFC Operational State Enabled Configured Drop Priorities 2 7 Operational Drop Priorities 2 7 Configured No Drop Priorities 0 1 Operational No Drop Priorities 0 1 Delay Allowance 32456 bit times Peer Configuration Compatible True Compatible Configuration Count 3 Incompatible Configuration Count 1 Priority Received PFC Frames Transmitted PFC Frames 0 0 0 1 0 0 2 0 0 3 0 0 4 0 0...

Page 606: ...erface has accepted different priorities from a peer device Delay Allowance The operational status of the interface Peer Configuration Compatible Indicates whether the local switch has accepted a compatible configuration from a peer switch Compatible Configuration Count The number of received configurations accepted and processed as valid This number does not included duplicate configurations Inco...

Page 607: ...s command and the specified static IP address is not the IP address already being used by the OpenFlow feature then the feature will be automatically disabled and then re enabled The no command is used to set the OpenFlow static IP address to 0 0 0 0 The OpenFlow feature will become operationally disabled if this command is issued when OpenFlow is enabled and using a static IP openflow static ip I...

Page 608: ...ch should establish an OpenFlow Management connection portid lP port to use for an OpenFlow Management connection If the IP Port is omitted then the default IP port number 6633 is used connection mode TCP or SSL The default is SSL all Indicates deleting Default The default is as follows 6633 adding all deleting Command Mode Global Config 6 32 openflow default table This command is used to configur...

Page 609: ...ed to direct the OpenFlow feature to assign the IP address to itself automatically openflow ip mode auto static serviceport no openflow ip mode Parameters auto Use network IP address static Use static IP address serviceport Use serviceport IP address Default The default is Disabled Command Mode Global Config 6 34 openflow passive mode This command is used to enable the OpenFlow passive mode No com...

Page 610: ...obal Config 6 36 clear openflow ca cert This command is used to erase the Certificate Authority certificates that are used to validate the OpenFlow Controllers from the switch Issuing of the command will automatically disable and then re enable the OpenFlow feature The new SSL certificates will then be reloaded from the OpenFlow Controller upon the first connection to the controller or they can be l...

Page 611: ...ay output for the command Routing show openflow Administrative Mode Enable Administrative Status Enabled Disable Reason None IP Address 10 27 65 64 IP Mode Auto Static IP Address 10 1 1 1 OpenFlow Variant OpenFlow 1 0 Passive Mode Enable Display Parameters Administrative Mode The OpenFlow feature administrative mode set by the command Administrative Status The operational status of the OpenFlow fe...

Page 612: ...by the command 6 38 show openflow configured controller This command is used to display a list of the configured OpenFlow Controllers Only when the OpenFlow variant is 1 0 or 1 3 will the switch communicate with these controllers show openflow configured controller Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output...

Page 613: ...macaddr The MAC address of the destination dscp 0 63 The DSCP value ether_type 0 0xFFFF The ethertype value ingress_port slot port The slot and port for the ingress ip_proto 0 255 The IP protocol priority 1 65535 The priority of the flow source_ip ip address The IP address of the source source_ip_port 1 65535 The port number of the source source_mac macaddr The MAC address of the source table 4 24...

Page 614: ...ss port 0 1 Src MAC 00 00 02 37 38 01 Dst MAC 00 00 18 37 22 01 VLAN 1 VLAN prio 1 Ether type 0x0800 IP proto 17 Src IP 100 0 0 225 Dst IP 192 0 0 225 Src IP port 1 Dst IP port 1 TOS 32 DSCP 8 Actions New Src IP 3 3 3 3 New SrcIP Mask 255 255 255 255 New Dst IP 4 4 4 4 New DstIP Mask 255 255 255 255 Egress port 0 1 Status Duration 5 Idle 2 installed in hardware 1 Flow type 1DOT3 Match criteria Flo...

Page 615: ...the flow could be added to the hardware 1 0 is displayed if the flow cannot be added 2 1 is displayed if the flow was added 6 40 show openflow installed groups This command is used to show a list of the configured groups on the switch show openflow installed groups Parameters None Default The default is None Command Mode Privileged EXEC Example Routing show openflow installed groups Max Indirect G...

Page 616: ... Select Ref Count NA Duration 10 Bucket Count 3 Bucket Entry List Bucket Index 28 Output Port NA Src MAC NA Dst MAC NA VLAN NA Reference Group Id 12345678 Bucket Index 29 Output Port NA Src MAC NA Dst MAC NA VLAN NA Reference Group Id 12345678 Bucket Index 30 Output Port NA Src MAC NA Dst MAC NA VLAN NA Reference Group Id 12345678 Display Parameters Group Type Type of the Group Indirect All Select...

Page 617: ...ileged EXEC Example The following is an example of the CLI display output for the command Routing show openflow table status openflow10 Flow Table 1 Flow Table Name Forwarding Database Maximum Size 64 Number of Entries 8 Hardware Entries 7 Software Only Entries 1 Waiting for Space Entries 0 Flow Insertion Count 1 Flow Deletion Count 0 Insertion Failure Count 0 Flow Table Description The forwarding...

Page 618: ... delete pending entries Hardware Entries Number of entries currently inserted into hardware Software Only Entries Number of entries that are not installed in the hardware for any reason This includes entries pending for insertion entries that cannot be inserted due to missing interfaces and entries that cannot be inserted due to table full condition Waiting for Space Entries Number of entries that...

Page 619: ...a VXLAN source interface nvgre vxlan source interface loopback loopback id no nvgre vxlan source interface loopback loopback id Parameters loopback id Enter Loopback Interface ID 0 63 Default The default is None Command Mode Global Config 6 44 vxlan enable This command is used to enable the VXLAN mode on the switch The VXLAN mode which is disabled by default must be enabled before any VXLAN config...

Page 620: ... internal purposes The no command is used to delete the configuration of the local VTEP identified by ip address from the VXLAN specified by the VNID Note It is recommended that a loopback interface be configured with the intended local VXLAN Gateway IP address for use as the source ip for all tenants Tenants can also be configured if necessary with a different source ip if multiple loopback inter...

Page 621: ...er of resources that remain in the hardware layer 2 table with that number being dynamic in nature The allowed configurable range for the VNID is 1 to 16777214 while the use of 16777215 is reserved for internal purposes A maximum of 24 tenant systems per physical or port channel interface can be configured The no command is used to delete the configured tenant system forwarding entry on an interfac...

Page 622: ... IANA assigned UDP port to VXLAN Command Mode Global Config 6 48 vxlan vlan This command is used to associate an access VLAN to a specific by VXLAN tenant In the event that the VXLAN specified has not been created already then it will be created upon issuing of this command A maximum of 1024 DCVPNs can be created on the switch Those packets that have the specified VLAN vlan id tag will be associat...

Page 623: ...nt system has been configured then the configuration overrides such learning for the given MAC address The MAC addresses for the tenant system are maintained in a separate table and are not listed in the FDB mac address table These addresses internally consume shared resources for system hardware layer 2 address tables As such the maximum number of tenant systems is dependent upon the number of re...

Page 624: ...eared for all configured NVGRE NVEs Packets TX Number of unicast packets sent to the NVE Packets RX Number of unicast packets received from the NVE Bytes TX Number of unicast bytes sent to the NVE Bytes RX Number of unicast bytes received from the NVE Parameters None Default The default is None Command Mode Privileged EXEC 6 51 clear counters vxlan This command is used to clear the packet and byte...

Page 625: ...s command is used to show the configuration and status of one or more NVGRE VNs It also shows information regarding allowed limits and statistics show nvgge vsid Parameters vsid Optional Indicates a NVGRE VSID 1 16777214 Default The default is None Command Mode Privileged EXEC Example Routing ConFig show nvgre NVGRE Admin Mode Enable Maximum Allowed Limits or Table Sizes Tenant Table Size 1024 Acc...

Page 626: ...ode of NVGRE Enable Disable NVGRE ID Virtual Subnet ID VSID Source Address Source IP address of the local TEP VLAN Associated VLAN ID to classify access ports Access Ports List of access ports associated with this VN Remote TEP s List of remote NVEs participating in this VN 6 53 show nvgre nve This command is used to display the status for a specified remote NVE within a specified NVGRE virtual net...

Page 627: ...ng the NVE has been reachable Reachable Whether the NVE is currently reachable Reachable Transitions Number of times the NVE has transitioned to reachable state Packets TX Number of unicast packets sent to the NVE Packets RX Number of unicast packets received from the NVE Bytes TX Number of unicast bytes sent to the NVE Bytes RX Number of unicast bytes received from the NVE 6 54 show nvgre tenant ...

Page 628: ...ry is learned or configured This is valid for tenant system on local access interface otherwise it is blank Type Configured or learned Age How long since the entry was learned Not applicable for configured entries 6 55 show nvgre tenant systems This command is used to list all of the tenant systems that are currently configured or dynamically learned within all of the configured VNs In addition th...

Page 629: ... Current Entries Count or Table Usage Static Host Entries 4 Learned Host Entries 2 Forwarding Table Entries 6 Tenant ID Tenant MAC NVE Interface AppIfIndex Entry Type 1 00 00 00 11 22 33 0 13 8537 Static 1 00 00 00 11 22 44 0 13 8537 Static 1 00 72 44 3A D2 43 0 13 8537 Learned 1 00 00 AA BB CC DD 1 1 1 1 345 Static 1 00 00 AA BB CC EE 1 1 1 1 345 Static 1 00 EA 08 CA 16 45 1 1 1 1 345 Learned Rou...

Page 630: ...C entry is learned or configured This valid for the tenant system on the local access interface otherwise it is blank Applflndex Internal access or tunnel port handle Entry Type Configured or learned 6 56 show vxlan This command is used to display the configuration and status of one or more VXLAN VNs The command also shows information regarding allowed limits and statistics show vxlan vnid Paramet...

Page 631: ...able Disable Destination UDP Port UDP destination port used in VXLAN header VXLAN ID Virtual network ID VNID Source Address Source IP address of the local TEP Access Ports List of access ports associated with this VXLAN VLAN Associated VLAN ID to classify access ports Remote TEP s List of remote VTEPs participating in this VXLAN 6 57 show vxlan tenant systems This command is used to display a list...

Page 632: ...nce the entry was learned Not applicable for configured entries 6 58 show vxlan tenant systems This command is used to display a list of all the tenant systems that are currently configured or dynamically learned within in all the configured VNs It also shows information regarding the allowed limits on tenant system configuration and forwarding table statistics Entries can also be optionally filter...

Page 633: ...ant ID Tenant MAC VTEP Interface AppIfIndex Entry Type 1 00 00 00 23 27 a2 0 11 8545 Static 1 00 00 AC BD 12 78 0 11 8548 Static 1 00 12 88 37 BD C5 0 14 8547 Learned 1 00 00 42 B2 22 A3 12 12 12 1 346 Static 1 00 23 72 5B 62 1E 12 12 12 1 346 Static 1 00 1A 09 A3 11 21 12 12 12 1 346 Learned Routing show vxlan tenant systems local Tenant ID Tenant MAC Interface AppIfIndex Entry Type 1 00 00 00 23...

Page 634: ...pplflndex lnternal access or tunnel port handle Entry Type Configured or learned 6 59 show vxlan vtep This command is used to show the status of the remote VTEPs included in a given VXLAN virtual network show vxlan vnid vtep ip address Parameters vnid Indicates VXLAN VNID ip address Optional Indicates an IP address identifier of tenant system Default The default is None Command Mode Privileged EXE...

Page 635: ...ss Destination UDP Port UDP destination port used in UDP header Uptime How long the VTEP has been reachable Reachable Whether the VTEP is currently reachable Reachable Transitions Number of times the VTEP has transitioned to reachable state Packets TX Number of unicast packets sent to the VTEP Packets RX Number of unicast packets received from the VTEP Bytes TX Number of unicast bytes sent to the ...

Page 636: ...d deletes an ARP entry in the specified virtual router The value for arp entry is the IP address of the interface The ipaddress value is the IP address of a device on a subnet attached to an existing routing interface The parametermacaddr is the unicast MAC address for that device The next hop interface is determined by the interface parameter MAC address format is 6 two digit hexadecimal numbers ...

Page 637: ...y is reset to 0 without removing the entry from the hardware Traffic to the host continues to be forwarded in hardware without interruption lf the entry is not used to forward data packets the entry is deleted from the cache unless the dynamic renew option is enabled When dynamic renew is enabled the system sends an ARP request to renew the entry If the entry is not renewed it is removed from the ...

Page 638: ...nal The virtual router from which lP addresses will be removed ipaddress IP address to remove from the ARP cache slot port Interface from which lP addresses will be removed vlan id Enter an interface in VLAN format Default The default is None Command Mode Privileged EXEC 7 5 arp resptime Configure the ARP request response timeout The value is a positive integer which represents the IP ARP entry re...

Page 639: ...gure the ARP entry age out time The value is a positive integer which represents the IP ARP entry age out time in seconds No command configures the default ARP entry age out time arp timeout 15 21600 no arp timeout Parameters None Default The default is 1200 Command Mode Global Config 7 8 clear arp cache Cause all ARP entries of type dynamic to be removed from the ARP cache for the virtual router ...

Page 640: ...d through the Management port To observe whether this command is successful ping the DUT from the remote system Issue the show arp switch command to see the ARP entries Then issue the clear arp switch command and check the show arp switch entries clear arp switch Parameters None Default The default is None Command Mode Privileged EXEC 7 10 show arp Display the Address Resolution Protocol ARP cache...

Page 641: ... ARP component automatically attempts to renew dynamic ARP entries when they age out Total Entry Count Current Peak Total entries in the ARP table and the peak entry count in the ARP table Static Entry Count Current Max Static entry count in the ARP table and maximum static entry count in the ARP table The following are displayed for each ARP entry IP Address IP address of a device on a subnet att...

Page 642: ...seconds Time it takes for an ARP request timeout This value is configurable Retries Maximum number of times an ARP request is retried This value is configurable Cache Size Maximum number of entries in the ARP table This value is configurable Dynamic Renew Mode Displays whether the ARP component automatically attempts to renew dynamic ARP entries when they age out Total Entry Count Current Peak Tota...

Page 643: ...5 Management 00 A0 C9 00 01 AA 192 168 0 1 Management 08 00 27 70 20 0E 172 20 192 237 Management 6C EC 5A 07 E1 06 172 20 192 104 Management 6C EC 5A 07 E1 06 172 20 192 106 Management 00 05 64 30 73 BC 172 20 192 102 Management 00 A0 C9 00 00 00 172 20 192 122 Management 6C EC 5A 07 E1 06 172 20 192 118 Management 6C EC 5A 07 E1 06 172 20 192 116 Management 6C EC 5A 07 D3 A5 172 20 192 112 Manag...

Page 644: ...uting for an interface You can view the current value for this function with the show ip brief The value is labeled as Routing Mode routing no routing Parameters None Default The default is Disabled Command Mode Interface Config 7 14 ip routing Enable the IP Router Admin Mode for the master switch No command disables the IP Router Admin Mode for the master switch ip routing no ip routing Parameters...

Page 645: ...e To remove all of the IP addresses primary and secondary configured on the interface enter the command no ip address ip address ipaddr subnetmask masklen secondary no ip address ipaddr subnetmask secondary Parameters ipaddr IP address of the interface subnetmask 4 digit dotted decimal number which represents the subnet mask of the interface masklen Implements RFC 3021 Using the notation of the su...

Page 646: ...no form of the ip address dhcp client id command removes the client id option and also disables the DHCP client on the in band interface ip address dhcp client id no ip address dhcp client id Parameters client id Enable the DHCP client to specify the unique client identifier option 61 Default The default is Disabled Command Mode Interface Config Example In the following example DHCPv4 is enabled on...

Page 647: ...ss of the packet 3 Based on a hash using the Source and Destination IP addresses of the packet 4 Based on a hash using the Source IP address and the Source TCP UDP Port field of the packet 5 Based on a hash using the Destination IP address and the Destination TCP UDP Port field of the packet 6 Based on a hash using the Source and Destination IP address and the Source and Destination TCP UDP Port fi...

Page 648: ...ddress lease on the specified interface Note This command can be used on in band ports as well as the service or network out of band port renew dhcp slot port vlan id service port network port Parameters slot port Enter an interface in slot port format network port Renew IP Address on Network port service port Renew IP Address on Service port vlan id Enter an interface in VLAN format Default The d...

Page 649: ...inistrative distance of an individual static route Among routes to the same destination the route with the lowest preference value is entered into the forwarding database By specifying the preference of a static route you control whether it is more or less preferred than routes from dynamic routing protocols The preference also controls whether a static route is more or less preferred than other s...

Page 650: ...le Subnetwork 9 0 0 0 24 is a connected subnetwork in global table and subnet 56 6 6 0 24 is reachable via a gateway 9 0 0 2 in the global table Subnet 8 0 0 0 24 is a connected subnetwork in virtual router Red Now we leak the 2 routes from global route table into the virtual router Red and leak the connected subnet 8 0 0 0 24 from Red to global table When leaking a connected route in the global r...

Page 651: ...be used to forward traffic No command deletes all configured default routes If the optional nexthopip parameter is designated the specific next hop is deleted from the configured default route and if the optional preference value is designated the preference of the configured default route is reset to its default ip route default vrf vrf name nexthopip preference no ip route default nexthopip pref...

Page 652: ...obal Config 7 26 ip route net prototype Add net prototype IPv4 routes to the hardware No command deletes all the net prototype IPv4 routes added to the hardware ip route net prototype prefix prefix length nexthopip num routes no ip route net prototype prefix prefix length nexthopip num routes Parameters prefix prefix length Destination network and mask for route nexthopip Next hop ip address It mu...

Page 653: ... the size of the largest IP packet that can be transmitted on the interface without fragmentation Forwarded packets are dropped when IP MTU exceeds outgoing interface Packets originated on the router such as OSPF packets may be fragmented by the IP stack OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange If two OSPF neighbors advertise...

Page 654: ...follows Enable interface route installation for receiving gratuitous Command Mode Interface Config 7 30 ip unnumbered loopback Identify unnumbered interfaces and specify the numbered interface providing the borrowed address interface should be a loopback interface number No command removes the unnumbered configuration ip unnumbered loopback interface no ip unnumbered loopback Parameters interface ...

Page 655: ...7 32 show dhcp lease Display a list of IPv4 addresses currently leased from a DHCP server on a specific in band interface or all in band interfaces Does not apply to service or network ports show dhcp lease interface slot port vlan id Parameters slot port Enter an interface in slot port format vlan id Enter an interface in VLAN format Default The default is None Command Mode Privileged EXEC Example...

Page 656: ...address Rebind Time in seconds that the DHCP Rebind process starts Retry count Number of times the DHCPv4 client sends a DHCP REQUEST message before the server responds 7 33 show ip brief Display the summary information of the IP global configurations for the specified virtual router including the ICMP rate limit and global ICMP Redirect configuration If no router is specified default router infor...

Page 657: ...milliseconds The default burst interval is 1000 msec ICMP Rate Limit Burst Size Shows the number of lCMPv4 error messages that can be sent during one burst interval The range is from 1 to 200 messages The default value is 100 messages ICMP Echo Replies Shows whether ICMP Echo Replies are enabled or disabled lCMP Redirects Shows whether ICMP Redirects are enabled or disabled 7 34 show ip interface ...

Page 658: ...P Redirects Enabled Interface Suppress Status Unsuppressed Interface Name rt1_0_1 In the following example the DHCP client is enabled on a VLAN routing interface Routing show ip interface vlan 10 Routing Interface Status Up Method DHCP Routing Mode Enable Administrative Mode Enable Forward Net Directed Broadcasts Disable Active State Inactive Link Speed Data Rate 10 Half MAC address 00 10 18 82 16...

Page 659: ...ting the physical link data rate of the specified interface This is measured in Megabits per second Mbps MAC Address Burned in physical address of the specified interface The format is 6 two digit hexadecimal numbers that are separated by colons Encapsulation Type Encapsulation type for the specified interface The types are Ethernet or SNAP IP MTU Maximum transmission unit MTU size of a frame in b...

Page 660: ...N Fabric Mode Disabled Switch show ip interface brief Interface State IP Address IP Mask TYPE Method Vlan1 Up 1 1 1 1 255 255 255 0 Primary Manual Vlan2 Up 2 2 2 2 255 255 255 0 Primary Manual Display Parameters Interface Valid slot and port number separated by a forward slash State Routing operational state of the interface IP Address IP address of the routing interface in 32 bit dotted decimal f...

Page 661: ...ols List a summary of the configuration and status for each unicast routing protocol running in the specified virtual router If a protocol is selected on the command line the display is limited to that protocol If no virtual router is specified the configuration and status for the default router are displayed show ip protocols vrf vrf name bgp ospf Parameters vrf vrf name Display the IP protocols in...

Page 662: ...ance Pfx List 172 20 0 0 0 0 255 255 40 None 172 21 0 0 0 0 255 255 45 1 Prefix List In PfxList1 Prefix List Out None Redistributing Source Metric Dist List Route Map connected connected_list static 32120 static_routemap ospf ospf_map ospf match int extl nssa ext2 Networks Originated 10 1 1 0 255 255 255 0 active 20 1 1 0 255 255 255 0 Neighbors 172 20 1 100 Filter List In 1 Filter List Out 2 Pref...

Page 663: ...epts from its neighbors Fast Internal Failover Indicates whether BGP immediately brings down an iBGP adjacency if the routing table manager reports that the peer address is no longer reachable Fast External Failover Indicates whether BGP immediately brings down an eBGP adjacency if the link to the neighbor goes down Distance Default administrative distance or route preference for external internal...

Page 664: ...The metric type to advertise for redistributed routes of this type Subnets Indicates whether OSPF redistributes subnets of classful addresses or only classful prefixes Dist List A distribute list used to filter routes of this type Only routes that pass the distribute list are redistributed Number of Active Areas The number of OSPF areas with at least one interface running on this router Also broke...

Page 665: ...t be given if the shorter prefixes option is given mask Indicates the mask of the destination network corresponding to this route longer prefixes Indicates the option of a longer prefix setting all Not available Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows example CLI display output for the command Routing show ip route Route Codes R RIP Derived C ...

Page 666: ...N2 OSPF NSSA External Type 2 L Leaked Route C 8 0 0 0 24 0 1 directly connected 0 27 S L 9 0 0 2 32 1 1 directly connected 0 26 S L 56 6 6 0 24 1 1 via 9 0 0 2 02d 22h 15m 0 26 S 66 6 6 0 24 1 1 via 8 0 0 2 01d 22h 15m 0 27 Router show ip route Route Codes R RIP Derived O OSPF Derived C Connected S Static B BGP Derived IA OSPF Inter Area E1 OSPF External Type 1 E2 OSPF External Type 2 N1 OSPF NSSA...

Page 667: ...utput that displays with a hardware failure Router Config interface 0 1 Router Interface 0 1 routing Router Interface 0 1 ip address 9 0 0 1 2S5 255 255 0 Router Interface 0 1 exit Router Config ip route net prototype 56 6 6 0 24 9 0 0 2 1 Router show ip route Route Codes R RIP Derived O OSPF Derived C Connected S Static B BGP Derived IA OSPF Inter Area E1 OSPF External Type 1 E2 OSPF External Typ...

Page 668: ...ps has been installed in the forwarding table The forwarding table may limit the number of ECMP routes or the number of ECMP groups When an ECMP route cannot be installed because such a limit is reached the route is installed with a single next hop Such truncated routes are identified by a T after the interface name To administratively control the traffic destined to a particular network and preven...

Page 669: ...2 172 20 33 100 on interface 2 33 172 20 34 100 on interface 2 34 ECMP Group 3 with 4 next hops used by 1 route 172 20 31 100 on interface 2 31 172 20 32 100 on interface 2 32 172 20 33 100 on interface 2 33 172 20 34 100 on interface 2 34 7 40 show ip route hw failure Display the routes that failed to be added to the hardware due to hash errors or a table full condition show ip route hw failure P...

Page 670: ...1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 S U Unnumbered Peer L Leaked Route K Kernel P Net Prototype P 66 6 6 0 24 1 1 via 9 0 0 2 01d 22h 15m 0 1 hw failure P 66 6 7 0 24 1 1 via 9 0 0 2 01d 22h 15m 0 1 hw failure P 66 6 8 0 24 1 1 via 9 0 0 2 01d 22h 15m 0 1 hw failure P 66 6 9 0 24 1 1 via 9 0 0 2 01d 22h 15m 0 1 hw failure 7 41 show ip route net prototype Display the net protot...

Page 671: ... one that is not the most preferred to its destination and therefore is not installed in the forwarding table To include only the number of best routes do not use the optional keyword show ip route summary all Parameters all Optional Display all best and non best routes Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows example CLI display output for the...

Page 672: ...external BGP routes Internal Number of internal BGP routes Local Number of local BGP routes OSPF Routes Total number of routes installed by OSPF protocol Intra Area Routes Total number of Intra Area routes installed by OSPF protocol Inter Area Routes Total number of Inter Area routes installed by OSPF protocol External Type 1 Routes Total number of External Type 1 routes installed by OSPF protocol...

Page 673: ...ong all routes currently in the routing table These include local interfaces for local routes and neighbors for indirect routes The value in parentheses indicates the highest count of unique next hops since counters were last cleared NextHop Groups High Current number of next hop groups in use by one or more routes Each next hop group includes one or more next hops The value in parentheses indicat...

Page 674: ...best route Lower router preference values are preferred over higher router preference values A route with a preference of 255 cannot be used to forward traffic show ip route preferences Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows example CLI display output for the command alpha stack show ip route preferences Local 0 Static 1 BGP E...

Page 675: ...cal route preference value Configured Default Gateway Route preference value of the statically configured default gateway DHCP Default Gateway Route preference value of the default gateway learned from the DHCP server 7 45 show ip stats Display IP statistical information for a specified virtual router instance If a virtual router is not specified the IP statistical information for the default route...

Page 676: ...cmpInTimeExcds 0 IcmpInParmProbs 0 IcmpInSrcQuenchs 0 IcmpInRedirects 0 IcmpInEchos 6 IcmpInEchoReps 0 IcmpInTimestamps 0 IcmpInTimestampReps 0 IcmpInAddrMasks 0 IcmpInAddrMaskReps 0 IcmpOutMsgs 490 IcmpOutErrors 0 IcmpOutDestUnreachs 490 IcmpOutTimeExcds 0 IcmpOutParmProbs 0 IcmpOutSrcQuenchs 0 IcmpOutRedirects 0 IcmpOutEchos 0 IcmpOutEchoReps 0 IcmpOutTimestamps 0 IcmpOutTimestampReps 0 IcmpOutA...

Page 677: ...Memory Available in Heap 94996170 In Use High Water Mark 57945 Display Parameters Heap Size Amount of memory in bytes allocated at startup for the routing heap Memory In Use Number of bytes currently allocated Memory on Free List Number of bytes currently on the free list When a chunk of memory from the routing heap is freed it is placed on a free list for future reuse Memory Available in Heap Num...

Page 678: ...lue is 1000 suppress threshold Optional Value of the penalty at which the interface is dampened The configurable range is 1 20 000 Default value is 2000 max suppress time Optional Maximum amount of time in seconds an interface can be in suppressed state after it stops flapping The configurable range is 1 255 seconds The default value is four times the half life period lf half period value is allow...

Page 679: ...nterfaces configured with dampening show interface dampening Parameters None Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Router show interface dampening Interface 0 2 Flaps Penalty Supp ReuseTm HalfL ReuseV SuppV MaxSTm MaxP Restart 0 0 FALSE 0 5 1000 2000 20 16000 0 Interface 0 3 Flaps Penalty Supp ReuseTm HalfL R...

Page 680: ...e to their default values meaning 0 0 and FALSE respectively Routing Policy Commands 7 50 ip policy Identify a route map to use for policy based routing on an interface specified by route map name Policy based routing is configured on the interface that receives the packets not on the interface from which the packets are sent When new statements are added to a route map or match set terms are adde...

Page 681: ...o ip prefix list list name deletes the entire prefix list To remove an individual statement from a prefix list you must specify the statement exactly with all its options ip prefix list list name seq number permit deny network length ge length le length renumber renumber interval first statement number no ip prefix list list name seq number permit deny network length ge length le length Parameters l...

Page 682: ... to the ge value is considered a match Similarly if the le option is configured without the ge option a prefix with a network mask less than or equal to the le value is considered a match Command Mode Global Config Example The following example configures a prefix list that allows routes with one of two specific destination prefixes 172 20 0 0 16 and 192 168 1 0 24 Routing Config ip prefix list app...

Page 683: ...e no ip prefix list description before using this command to delete an IPv6 Prefix List ipv6 prefix list list name seq seq number permit deny ipv6 prefix prefix length ge ge value le le value description text renumber renumber interval first statement number no ipv6 prefix list list name Parameters list name Text name of the prefix list Up to 32 characters seq seq number Optional The sequence numb...

Page 684: ...and Mode Global Config Example The following example configures a prefix list that allows routes with one of two specific destination prefixes 2001 64 and 5F00 48 R1 Config ipv6 prefix list apple seq 10 permit 2001 64 R1 Config ipv6 prefix list apple seq 20 permit 5F00 48 7 54 route map To create a route map and enter Route Map Configuration mode use the route map command in Global Configuration mo...

Page 685: ...oute map match ip address prefix list redist pl Routing Config route map exit Routing Config router bgp 1 Routing Config router redistribute ospf route map redist rm 7 55 match as path This route map match term matches BGP autonomous system paths against an AS PATH access list If you enter a new match as path term in a route map statement that already has a match as path term the AS PATH list numb...

Page 686: ...ingle match term exact match Optional When this option is given a route is only considered a match if the set of communities on the route is an exact match for the set of communities in one of the statements in the community list Default The default is None Command Mode Route Map Config 7 57 match ip address To configure a route map to match based on a destination prefix use the match ip address c...

Page 687: ...s list numbers names in this command the duplicate configuration is ignored No command deletes a match statement from a route map match ip address access list number access list name access list number access list name no match ip address access list number access list name Parameters access list number Identifies an access list configured through access list CLI configuration commands This number...

Page 688: ...s sourced from any host in subnet 10 1 0 0 If there is a match and if the router has no explicit route for the packet s destination it is sent to next hop address 192 168 6 6 Sequence number 20 in route map equal access is used to match all packets sourced from any host in subnet 10 2 0 0 If there is a match and if the router has no explicit route for the packet s destination it is sent to next ho...

Page 689: ...ght prefix lists can be specified If multiple prefix lists are specified a match occurs if a prefix matches any one of the prefix lists If you configure a match ipv6 address statement within a route map section that already has a match ipv6 address statement the new prefix lists are added to the existing set of prefix lists and a match occurs if any prefix list in the combined set matches the prefi...

Page 690: ...s than or equal to 9198 Default The default is None Command Mode Route Map Config Example The following shows an example of the command Routing config route map match length 64 1500 7 61 match mac list Configure a route map in order to match based on the match criteria configured in a MAC access list A MAC ACL is configured before it is linked to a route map Actions present in MAC ACL configuratio...

Page 691: ...eted from that ACL this is how configuration is rejected Routing show mac access lists Current number of all ACLs 9 Maximum number of all ACLs 100 MAC ACL Name Rules Direction Interface s VLAN s madan 1 mohan 1 goud 1 Routing Routing configure Routing Config route map madan Routing Route map match mac list madan mohan goud Routing Route map exit Routing Config exit Routing show route map route map...

Page 692: ...s path string no set as path prepend as path string Parameters as path string List of AS PATH numbers to insert at the beginning of the AS_PATH attribute of matching BGP routes To prepend more than one AS number separate the ASNs with a space and enclose the string in quotes Up to ten AS numbers may be prepended Default The default is None Command Mode Route Map Config Example The following exampl...

Page 693: ...unity To modify the communities attribute of matching routes use the set community command in Route Map Configuration mode The set community command can be used to assign communities to routes originated through BGP s network and redistribute commands and to set communities on routes received from a specific neighbor or advertised to a specific neighbor lt can also be used to remove all communities...

Page 694: ...ds in the route map statement are applied If no match is found in the route map the packet is not dropped instead the packet is forwarded using the routing decision taken by performing destination based routing set interface null0 Parameters None Default The default is None Command Mode Route Map Config 7 66 set ip next hop Specify the adjacent next hop router in the path toward the destination to...

Page 695: ... route in the routing table is not considered an explicit route for an unknown destination address ln a route map statement set ip next hop and set ip default next hop terms are mutually exclusive However a set ip next hop can be configured in a separate route map statement No command removes a set command from a route map set ip default next hop ip address ip address no set ip default next hop ip...

Page 696: ...9 set ipv6 next hop BGP To set the IPv6 next hop of a route use the set ipv6 next hop command in Route Map Configuration mode When used in a route map applied to UPDATE messages received from a neighbor the command sets the next hop address for matching IPv6 routes received from the neighbor When used in a route map applied to UPDATE messages sent to a neighbor the command sets the next hop addres...

Page 697: ...mand removes a set command from a route map set local preference value no set local preference value Parameters value Local preference value from 0 to 4 294 967 295 any 32 bit integer Default The default is None Command Mode Route Map Config 7 71 set metric BGP To set the metric of a route use the set metric command In Route Map Configuration mode In BGP context sets the Multi Exit Discriminator M...

Page 698: ...ute map associated with each interface show ip policy Parameters None Default The default is None Command Mode Privileged EXEC Example The following is an example of the CLI display output for the command Routing show ip policy Interface Route Map FastEthernet0 0 equal access Display Parameters Interface Indicates the interface Route map Indicates the route map 7 73 show ip prefix list Display con...

Page 699: ... list that matches the given network length Acceptable forms of this command are as follows show ip prefix list prefix Iist name network length first match show ip prefix list prefix Iist name network length longer show ip prefix list prefix list name network length show ip prefix list prefix list name seq sequence number show ip prefix list prefix list name show ip prefix list summary show ip prefi...

Page 700: ...ormation about all prefix lists listname Optional Name of a specific prefix list ipv6 prefix prefix length Optional Network number and length in bits of the network mask seq sequence number Optional Applies the sequence number to the prefix list entry The sequence number of the prefix list entry longer Optional Displays all entries of a prefix list that are more specific than the given network lengt...

Page 701: ...1 Switch show ipv6 prefix list detail apple ipv6 prefix list apple count 6 range entries 3 sequences 5 30 refcount 31 seq 5 deny 5F00 8 le 128 hit count 0 refcount 1 seq 10 deny 0 hit count 0 refcount 1 seq 15 deny 1 hit count 0 refcount 1 seq 20 deny 2 hit count 0 refcount 1 seq 25 deny 3 ge 4 hit count 0 refcount 1 seq 30 permit 0 le 128 hit count 240664 refcount 0 Display Parameters count Numbe...

Page 702: ... clauses ip address prefix lists orange Set clauses set metric 50 7 76 clear ip prefix list To reset IP prefix list counters use the clear ip prefix Iist command in Privileged EXEC mode This command is used to clear prefix list hit counters The hit count is a value indicating the number of matches to a specific prefix list entry clear ip prefix list prefix list name network Iength Parameters prefi...

Page 703: ...ame of the prefix list from which the hit count is to be cleared ipv6 prefix prefix length Optional IPv6 prefix number and length in bits of the network mask If this option is specified hit counters are only cleared for the matching statement Default The default is None Command Mode Privileged EXEC Router Discovery Protocol Commands This section describes the commands you use to view and configure R...

Page 704: ...ess used to advertise the router for the interface ip irdp address ipaddr no ip irdp address Parameters ipaddr Enter an IP address The valid options are 224 0 0 1 and 255 255 255 255 Default The default is 224 0 0 1 Command Mode Interface Config 7 80 ip irdp holdtime Configure the value in seconds of the holdtime field of the router advertisement sent from this interface The holdtime range is the va...

Page 705: ...rface No command configures the default maximum time in seconds ip irdp maxadvertinterval 4 1800 no ip irdp maxadvertinterval Parameters None Default The default is 600 Command Mode Interface Config 7 82 ip irdp minadvertinterval Configure the minimum time in seconds allowed between sending router advertisements from the interface The range for minadvertinterval is three to the value of maxadverti...

Page 706: ...et No command configures the default preferability of the address as a default router address relative to other router addresses on the same subnet ip irdp preference 2147483648 2147483647 no ip irdp preference Parameters None Default The default is 0 Command Mode Interface Config 7 84 show ip irdp Display the router discovery information for all interfaces or a specified interface show ip irdp sl...

Page 707: ...able 224 0 0 1 600 450 1800 0 0 10 Disable 224 0 0 1 600 450 1800 0 0 11 Disable 224 0 0 1 600 450 1800 0 0 12 Disable 224 0 0 1 600 450 1800 0 0 13 Disable 224 0 0 1 600 450 1800 0 0 14 Disable 224 0 0 1 600 450 1800 0 0 15 Disable 224 0 0 1 600 450 1800 0 0 16 Disable 224 0 0 1 600 450 1800 0 0 17 Disable 224 0 0 1 600 450 1800 0 0 18 Disable 224 0 0 1 600 450 1800 0 0 19 Disable 224 0 0 1 600 4...

Page 708: ...subnet Virtual Router Commands 7 85 ip vrf Create a virtual router with a specified name and enters VRF configuration mode No command deletes the virtual router with the specified name ip vrf vrf name no ip vrf vrf name Parameters vrf name Name of the virtual router The name is a string of up to 64 characters from an ASCII set Default The default is as follows no VRs are defined Command Mode Globa...

Page 709: ... router table size it is limited to the total size warn threshold The threshold value ranges from 1 to 100 and indicates the percent of the limit value at which a warning message is to be generated If no limit value is given the platform maximum is taken as the limit value Default The default is as follows limited by the number of free routes available Command Mode Virtual Router Config Example Th...

Page 710: ... configured virtual router and associates it back to the default router ip vrf forwarding vrf name no ip vrf forwarding Parameters vrf name The name of the virtual router Default The default is Default router Command Mode Interface Config Example This example creates two virtual router instances and assigns interfaces to those virtual routers Router Config ip vrf Red Router Config ip vrf Blue Route...

Page 711: ...t of interfaces and virtual routers to which they belong memory vrf name Optional Displays the runtime memory utilization of the processes running in a virtual router Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Router show ip vrf Number of VRs 3 Name Identifier Route Distinguisher Red 2 2 200 Blue 4 4 400 Green 3 3 300 Router show ...

Page 712: ...ver if you specify an interface ID the interface ID becomes the port number in the slot port for the VLAN routing interface If you select an interface ID that is already in use the CLI displays an error message and does not create the VLAN interface For products that use text based configuration including the interface ID in the VLAN routing command for the text configuration ensures that the slot...

Page 713: ...n 14 51 Routing Vlan Routing show ip vlan MAC Address uswd by Routing VLANs 00 11 88 59 47 36 VLAN ID Logical Interface IP Address Subnet Mask 10 4 1 172 16 10 1 255 255 255 0 11 4 50 172 16 11 1 255 255 255 0 12 4 3 172 16 12 1 255 255 255 0 13 4 4 172 16 13 1 255 255 255 0 14 4 51 0 0 0 0 0 0 0 0 Select an interface ID that is already in use In this case the CLI displays an error message and doe...

Page 714: ...ays 19 hrs 5 mins 38 secs Cut through mode is configured as disabled Additional Packages BGP 4 QOS IPv6 IPv6 Management Rout1ng Data Center Current SNTP Synchronized Time Not Synchronized Set prompt 02 08 Network protocol dhcp Vlan database Vlan 10 14 Vlan routing 10 1 Vlan routing 12 3 Vlan routing 13 4 Vlan routing 11 50 Vlan routing 14 51 7 91 interface vlan Enter Interface configuration mode f...

Page 715: ... the VLAN routing interface IP Address IP address associated with this VLAN Subnet Mask Subnet mask that is associated with this VLAN Virtual Router Redundancy Protocol Commands This section describes commands you use to view and configure Virtual Router Redundancy Protocol VRRP and to view VRRP status information VRRP helps provide failover and load balancing when you configure two devices as a V...

Page 716: ...r ID vrid is an integer value that ranges from 1 to 255 ip vrrp vrid no ip vrrp vrid Parameters vrid Enter virtual router ID 1 255 Default The default is None Command Mode Interface Config 7 95 ip vrrp mode Enable the virtual router configured on the specified interface Enabling the status field starts a virtual router The parameter vrid is the virtual router ID which has an integer value ranging f...

Page 717: ...ess you must delete the virtual router on the interface ip vrrp vrid ip ipaddr secondary no ip vrrp vrid ip ipaddr secondary Parameters vrid Indicates the virtual router ID ipaddr Indicates the IP address associated with the Virtual Router secondary Optional Designates whether an IP address is a secondary address on this interface Default The default is None Command Mode Interface Config 7 97 ip v...

Page 718: ...teger value ranges from 1 to 255 No command sets the default authorization details value for the virtual router configured on a specified interface or range of interfaces ip vrrp vrid authentication none simple key no ip vrrp vrid authentication Parameters vrid Indicates the virtual router ID none Configure authentication type as none simple key Configure authentication type as simple Default The ...

Page 719: ...address owner The priority of the address owner is always 255 so that the address owner is always master If the master has a priority less than 255 it is not the address owner and you configure the priority of another router in the group higher than the master s priority the router will take over as master only if preempt mode is enabled No command sets the default priority value for the virtual r...

Page 720: ...rface is up for IP protocol the priority will be incremented by the priority value A VRRP configured interface can track more than one interface When a tracked interface goes down then the priority of the router will be decreased by 10 the default priority decrement for each downed interface The default priority decrement is changed using the priority argument The default priority of the virtual r...

Page 721: ...e default priority will be set The default priority decrement is 10 The default priority decrement is changed using the priority argument No command removes the route from the tracked list or to restore the priority decrement to its default When removing a tracked IP route from the tracked list the priority should be incremented by the decrement value if the route is not reachable ip vrrp vrid tra...

Page 722: ...ckets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 Display Parameters Uptime Time that the virtual router has been up in days hours minutes and seconds Protocol Protocol configured on the interface State Transitioned to Master Total number of times virtual router state has changed to MASTER Advertisement Received Total number ...

Page 723: ...tal number of VRRP packets received with unknown authentication type Authentication Type Mismatch Total number of VRRP advertisements received for which auth type not equal to locally configured one for this virtual router Packet Length Errors Total number of VRRP packets received with packet length less than length of VRRP header 7 105 show ip vrrp Display whether VRRP functionality is enabled or ...

Page 724: ...s of a virtual router configured on a specific interface Use the output of the command to verify the track interface and track IP route configurations show ip vrrp interface slot port vlan vlan id vrid Parameters slot port Enter an interface in slot port format vlan vlan id Enter an interface in VLAN format vrid Indicates the virtual router ID Default The default is None Command Mode Privileged EX...

Page 725: ...rfaces or routes Configured Priority Priority configured through the ip vrrp vrid priority 1 254 command Advertisement Interval Advertisement interval in seconds for the specific virtual router Pre Empt Mode Preemption mode configured on the specified virtual router Administrative Mode Status X of the specific router Enable or Disable Accept Mode When enabled the VRRP Master can accept ping packet...

Page 726: ...ual router IP Address Virtual router IP address Mode Indicates whether the virtual router is enabled or disabled State State Master Backup of the virtual router DHCP and BOOTP Relay Commands This section describes the commands you use to configure BootP DHCP Relay on the switch A DHCP relay agent operates at Layer 3 and forwards DHCP requests and replies between clients and servers when they are n...

Page 727: ...opcount Parameters None Default The default is 4 Command Mode Global Config Virtual Router Config 7 110 bootpdhcprelay minwaittime Configure the minimum wait time in seconds for BootP DHCP Relay on the system When the BOOTP relay agent receives a BOOTREQUEST message it MAY use the seconds since client began booting field of the request as a factor in deciding whether to relay the request or not No ...

Page 728: ...ay parameters of a virtual router Default The default is None Command Mode Privileged EXEC Global Config Example The following is an example of the CLI display output for the command Routing show bootpdhcprelay Maximum Hop Count 5 Minimum Wait Time Seconds 0 Admin Mode Disable Circuit Id option mode Enable Display Parameters Maximum Hop Count Maximum allowable relay agent hops Minimum Wait Time Se...

Page 729: ... or more DHCP servers and relays to the client packets that the DHCP server unicasts back to the relay agent For other protocols the relay agent only relays broadcast packets from the client to the server Packets from the server back to the client are assumed to be unicast directly to the client Because there is no relay in the return direction for protocols other than DHCP the relay agent retains...

Page 730: ...le UDP port numbers handled by a specific server No command deletes an IP helper entry The command no ip helper address with no arguments clears all global IP helper addresses ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time no ip helper address server address dest udp port dhcp domain isakmp mobile i...

Page 731: ...server at 20 1 1 1 use the following commands Routing config Routing Config ip helper address 20 1 1 1 7 114 ip helper address Interface Config Configure the relay of certain UDP broadcast packets received on a specific interface or range of interfaces This command can be invoked multiple times on a routing interface either to specify multiple server addresses for a given port number or to specify...

Page 732: ...n behavior The names recognized are as follows DHCP port 67 domain port 53 isakmp port 500 mobile ip port 434 nameserver port 42 netbios dgm port 138 netbios ns port 137 NTP port 123 pim auto rp port 496 tacacs port 49 tftp port 69 time port 37 Other ports must be specified by number Default The default is as follows helper addresses are not configured Command Mode Interface Config Example To rela...

Page 733: ...ce 0 2 ip helper address 192 168 40 2 domain Routing Interface 0 2 exit Routing Config interface 0 17 Routing Interface 0 17 ip helper address 192 168 23 1 162 Routing Interface 0 17 ip helper address discard dhcp 7 115 ip helper enable Enable relay of UDP packets This command can be used to temporarily disable IP helper without deleting all IP helper addresses This command replaces the bootpdhcpr...

Page 734: ...al Router Config Example The following shows example CLI display output for the command Routing show ip helper address IP helper is enabled Interface UDP Port Discard Hit Count Server Address 0 1 dhcp No 10 10 100 1 254 10 100 2 254 0 17 any Yes 2 any dhcp No 0 10 200 1 254 Display Parameters Interface Relay configuration is applied to packets that arrive on this interface This field is set to any...

Page 735: ...e The following shows example CLI display output for the command Routing show ip helper statistics DHCP client messages received 8 DHCP client messages relayed 2 DHCP server messages received 2 DHCP server messages relayed 2 UDP client messages received 8 UDP client messages relayed 2 DHCP message hop count exceeded max 0 DHCP message with secs field below min 0 DHCP message with giaddr set to loc...

Page 736: ... does not relay these packets DHCP message with secs field below min Number of DHCP client messages received whose secs field is less than the minimum value The minimum secs value is a configurable value and is displayed in show bootpdhcprelay A log message is written for each such failure The DHCP relay agent does not relay these packets DHCP message with giaddr set to local address Number of DHCP...

Page 737: ...mand sets the administrative mode of OSPF in the router to inactive enable no enable Parameters None Default The default is Enabled Command Mode Router OSPF Config 7 120 network area OSPF Enable OSPFv2 on an interface and set its area ID if the IP address of an interface is covered by this network command No command disables the OSPFv2 on an interface if the IP address of an interface was earlier ...

Page 738: ...mand disables OSPF 1583 compatibility Note 1583 compatibility mode is enabled by default If all OSPF routers in the routing domain are capable of operating according to RFC 2328 OSPF 1583 compatibility mode should be disabled 1583compatibility no 1583compatibility Parameters None Default The default is Enabled Command Mode Router OSPF Config 7 122 area default cost OSPF Configure the default cost ...

Page 739: ...metric value and type for the default route advertised into the NSSA The optional metric parameter specifies the metric of the default route and is to be in a range of 1 16777214 If no metric is specified the default value is The metric type can be comparable nssa external 1 or non comparable nssa external 2 No command disables the default route advertised into the NSSA area areaid nssa default inf...

Page 740: ...ed to the NSSA No command disables the NSSA ABR so that learned external routes are redistributed to the NSSA area areaid nssa no redistribute no area areaid nssa no redistribute Parameters areaid Indicates an area ID Default The default is None Command Mode Router OSPF Config 7 126 area nssa no summary OSPF Configure the NSSA so that summary LSAs are not advertised into the NSSA No command disabl...

Page 741: ... role always candidate no area areaid nssa translator role always candidate Parameters areaid Indicates an area ID always Enter always for the translator role candidate Enter candidate for the translator role Default The default is None Command Mode Router OSPF Config 7 128 area nssa translator stab intv OSPF Configure the translator stability interval of the NSSA The stability interval is the per...

Page 742: ...n the area range is used when summarizing prefixes advertised in type 3 summary LSAs nssaexternallink When this keyword is given the area range is used when translating type 7 LSAs to type 5 LSAs advertise Optional When this keyword is given the summary prefix is advertised when the area range is active This is the default not advertise Optional When this keyword is given neither the summary prefi...

Page 743: ... that using either the advertise or not advertise keyword reverts the configuration to the default For example Create area range Suppress summary Routing Config router area 1 range 10 0 0 0 255 0 0 0 summarylink not advertise Advertise summary Routing Config router no area 1 range 10 0 0 0 255 0 0 0 summarylink not advertise The no form may be use to remove a static area range cost so that OSPF se...

Page 744: ...r the stub area identified by areaid area areaid stub no summary no area areaid stub no summary Parameters areaid Indicates an area ID Default The default is Disabled Command Mode Router OSPF Config 7 132 area virtual link OSPF Create the OSPF virtual interface for the specified areaid and neighbor The neighbor parameter is the Router ID of the neighbor No command deletes the OSPF virtual interfac...

Page 745: ...es do not need an authentication key If the type is encrypted a key ID in the range of 0 and 255 must be specified The default value for authentication type is none Neither the default password key nor the default key ID are configured No command configures the default authentication type for the OSPF virtual interface identified by areaid and neighbor The neighbor parameter is the Router ID of th...

Page 746: ...ID neighbor Enter the router ID of the virtual neighbor Default The default is 40 Command Mode Router OSPF Config 7 135 area virtual link hello interval OSPF Configure the hello interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor The neighbor parameter is the Router ID of the neighbor No command configures the default hello interval for the OSPF virtu...

Page 747: ...tual link neighbor retransmit interval seconds Parameters areaid Indicates an area ID neighbor Enter the router ID of the virtual neighbor Default The default is 5 seconds Command Mode Router OSPF Config 7 137 area virtual link transmit delay OSPF Configure the transmit delay for the OSPF virtual interface on the virtual interface identified by areaid and neighbor The neighbor parameter is the Rou...

Page 748: ...st command to change the reference bandwidth specifying the reference bandwidth in megabits per second Mbps No command sets the reference bandwidth to the default value auto cost reference bandwidth 1 4294967 no auto cost reference bandwidth Parameters None Default The default is 100 Mbps Command Mode Router OSPF Config 7 139 capability opaque Enable Opaque Capability on the Router The information...

Page 749: ...ne Command Mode Privileged EXEC 7 141 clear ip ospf configuration Reset the OSPF configuration to factory defaults for the specified virtual router If no virtual router is specified the default router is cleared clear ip ospf configuration vrf vrf name Parameters vrf vrf name Optional Indicates the OSPF protocol of a virtual router Default The default is None Command Mode Privileged EXEC 7 142 cle...

Page 750: ...bors is dropped for the default router To drop all adjacencies with a specific router ID specify the neighbors Router ID using the optional parameter neighbor id clear ip ospf neighbor neighbor id vrf vrf name Parameters neighbor id Optional Enter the neighbor s Router ID vrf vrf name Optional Bounce all OSPF neighbors of a virtual router Default The default is None Command Mode Privileged EXEC 7 ...

Page 751: ... the redistribution configuration and reoriginate prefixes as necessary clear ip ospf redistribution vrf vrf name Parameters vrf vrf name Optional Flush and reoriginate external LSAs of a virtual router Default The default is None Command Mode Privileged EXEC 7 146 default information originate OSPF Control the advertisement of default routes No command controls the advertisement of default routes...

Page 752: ...ult metric 1 16777214 no default metric Parameters None Default The default is None Command Mode Router OSPF Config 7 148 distance ospf OSPF Set the route preference value of OSPF in the router Lower route preference values are preferred when determining the best route The type of OSPF route can be intra inter or external All the external type routes are given the same preference value The range o...

Page 753: ...static connected no distribute list 1 199 out bgp static connected Parameters bgp Source protocol is BGP static Source protocol is static connected Source protocol is connected Default The default is None Command Mode Router OSPF Config 7 150 exit overflow interval OSPF Configure the exit overflow interval for OSPF It describes the number of seconds after entering overflow state that a router will ...

Page 754: ...tate The router never holds more than the external LSDB limit non defaultAS external LSAs in it database The external LSDB limit MUST be set identically in all routers attached to the OSPF backbone and or any regular OSPF area No command configures the default external LSDB limit for OSPF external lsdb limit 1 2147483647 no external lsdb limit Parameters None Default The default is 1 Command Mode ...

Page 755: ... the ip ospf prefix suppression command in interface configuration mode Prefixes associated with secondary IPv4 addresses can never be suppressed No command disables prefix suppression No prefixes are suppressed from getting advertised prefix suppression no prefix suppression Parameters None Default The default is as follows prefix suppression is disabled Command Mode Router OSPF Config 7 154 pref...

Page 756: ...configured value router id ipaddress Parameters ipaddress Indicates the IP Address Default The default is None Command Mode Router OSPF Config 7 156 redistribute OSPF Configure OSPF protocol to allow redistribution of routes from the specified source protocol routers No command configures OSPF protocol to prohibit redistribution of routes from the specified source protocol routers redistribute bgp...

Page 757: ...on tag subnets Optional Allow subnets to be redistributed into OSPF Default The default is as follows metric unspecified type 2 tag 0 Command Mode Router OSPF Config 7 157 maximum paths OSPF Set the number of paths that OSPF can report for a given destination where maxpaths is platform dependent No command resets the number of paths that OSPF can report for a given destination back to its default ...

Page 758: ...fault Parameters None Default The default is Disabled Command Mode Router OSPF Config 7 159 passive interface OSPF Set the interface as passive It overrides the global passive mode that is currently effective on the interface No command sets the interface as non passive It overrides the global passive mode that is currently effective on the interface passive interface slot port vlan vlan id no pas...

Page 759: ...ommand Mode OSPFv2 Router Config 7 161 timers pacing Isa group To adjust how OSPF groups LSAs for periodic refresh use the timers pacing Isa group command in OSPFv2 Router Configuration mode OSPF refreshes self originated LSAs approximately once every 30 minutes When OSPF refreshes LSAs it considers all self originated LSAs whose age is from 1800 to 1800 plus the pacing group size Grouping LSAs fo...

Page 760: ...5 in seconds Default The default is as follows delay time 5 hold time 10 Command Mode Router OSPF Config 7 163 trapflags OSPF Enable individual OSPF traps enable a group of trap flags at a time or enable all the trap flags at once The different groups of trapflags and each group s specific trapflags to enable or disable are listed in Table 10 Table 10 Trapflags Groups Group Flags errors authentica...

Page 761: ...ror virt authentication failure virt bad packet virt config error lsa all lsa maxage lsa originate overflow all lsdb overflow lsdb approaching overflow retransmit all packets virt packets state change all I if state change neighbor state change virtif state change virtneighbor state change Parameters all Enable Disable all Traps errors Enable Disable OSPF Trap errors authentication failure Authent...

Page 762: ...pf area Enable OSPFv2 and set the area ID of an interface or range of interfaces The area id is an IP address formatted as a 4 digit dotted decimal number or a decimal value in the range of 0 4294967295 This command supersedes the effects of the network area command It can also be used to configure the advertiseability of the secondary addresses on this interface into the OSPFv2 domain No command ...

Page 763: ...ters None Default The default is as follows actual interface bandwidth Command Mode Global Config 7 166 ip ospf authentication Set the OSPF Authentication Type and Key for the specified interface or range of interfaces The value of type is either none simple or encrypt The key is composed of standard displayable non control keystrokes from a Standard 101 102 key keyboard The authentication key mus...

Page 764: ... no ip ospf cost Parameters None Default The default is 10 Command Mode Interface Config 7 168 ip ospf database filter all out Use the ip ospf database filter all out command in Interface Configuration mode to disable OSPFv2 LSA flooding on an interface Use the no command in Interface Configuration mode to enable OSPFv2 LSA flooding on an interface ip ospf database filter all out no ip ospf databas...

Page 765: ...he default OSPF dead interval for the specified interface ip ospf dead interval seconds no ip ospf dead interval Parameters seconds Indicates the interval in seconds 1 65535 Default The default is None Command Mode Interface Config 7 170 ip ospf hello interval Set the OSPF hello interval for the specified interface or range of interfaces The value for seconds is a valid positive integer which repr...

Page 766: ...t to Point Default The default is Broadcast Command Mode Interface Config 7 172 ip ospf prefix suppression Suppresses the advertisement of the IPv4 prefixes that are associated with an interface except for those associated with secondary IPv4 addresses This command takes precedence over the global configuration If this configuration is not specified the global prefix suppression configuration appl...

Page 767: ... specified router interface ip ospf priority 0 255 no ip ospf priority Parameters None Default The default is 1 highest router priority Command Mode Interface Config 7 174 ip ospf retransmit interval Set the OSPF retransmit Interval for the specified interface or range of interfaces The retransmit interval is specified in seconds The value for seconds is the number of seconds between link state adver...

Page 768: ... the specified interface ip ospf transmit delay 1 3600 no ip ospf transmit delay Parameters None Default The default is 1 Command Mode Interface Config 7 176 ip ospf mtu ignore Disables OSPF maximum transmission unit MTU mismatch detection on an interface or range of interfaces OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the...

Page 769: ...s continue to forward packets through the restarting router The restarting router relearns the network topology from its helpful neighbors Graceful restart can be enabled for either planned or unplanned restarts or both A planned restart is initiated by the operator through the management command initiate failover The operator may initiate a failover in order to take the management unit out of ser...

Page 770: ...ghbor functionality for OSPF nsf helper planned only no nsf helper Parameters planned only Optional This optional keyword indicates that OSPF should only help a restarting router performing a planned restart Default The default is as follows OSPF acts as a helpful neighbor for both planned and unplanned restarts Command Mode OSPF Router Config 7 179 nsf ietf helper disable Disable helpful neighbor...

Page 771: ...nfigure OSPF to enter stub router mode use this command in Router OSPF Global Configuration mode When OSPF is in stub router mode as defined by RFC 3137 OSPF sets the metric in the non stub links in its router LSA to Lslnfinity Other routers therefore compute very long paths through the stub router and prefer any alternate path Doing so eliminates all transit traffic through the stub router when a...

Page 772: ...ter a reboot The range is 5 to 86 400 seconds There is no default value summary lsa Optional Set the metric in type 3 and type 4 summary LSAs to Lslnfinity 0xFFFFFF metric Optional Metric to send in summary LSAs when in stub router mode The range is 1 to 16 777 215 The default is 16 711 680 0xFF0000 Default The default is as follows OSPF not in stub router mode Command Mode OSPFv2 Router Config 7 ...

Page 773: ...None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show ip ospf Router ID 3 3 3 3 OSPF Admin Mode Enable RFC 1583 Compatibility Enable External LSDB Limit No Limit Exit Overflow Interval 0 Spf Delay Time 5 sec Spf Hold Time 10 sec Flood Pacing Interval 33 ms LSA Refresh Group Pacing Time 60 sec Opaque capability Enable AutoCost Ref BW 1...

Page 774: ...LSA Checking Enabled Prefix suppression Disabled Display Parameters Note Some of the information below displays only if you enable OSPF and configure certain features Router ID 32 bit integer in dotted decimal format identifying the router about which information is displayed OSPF Admin Mode Shows whether the administrative mode of OSPF in the router is enabled or disabled RFC 1583 Compatibility I...

Page 775: ...ce OSPF is in startup stub router mode Summary LSA Metric Override One of Enabled met Disabled where met is the metric to be sent in summary LSAs when in stub router mode BFD Enabled Displays the BFD status Default Route Advertise Indicates whether the default routes received from other source protocols are advertised or not Always Shows whether default routes are always advertised Metric Metric o...

Page 776: ...s LSA Count Total number of link state advertisements currently in the link state database Maximum Number of LSAs Maximum number of LSAs that OSPF can store LSA High Water Mark Maximum size of the link state database since the system started AS Scope LSA Flood List Length Number of LSAs currently in the global flood queue waiting to be flooded through the OSPF domain LSAs with AS flooding scope su...

Page 777: ...0 1 192 168 2 1 0 1 Display Parameters Type Type of route to the destination intra intra area route inter Inter area route Router ID Router ID of the destination Cost Cost of using this route Area ID The area ID of the area from which this route is learned Next Hop Next hop toward the destination Next Hop lntf Outgoing router interface to use when forwarding traffic to the next hop 7 185 show ip o...

Page 778: ...e external routing capabilities for this area Spf Runs Number of times that the intra area route table has been calculated using this area s link state database Area Border Router Count Total number of area border routers reachable within this area Area LSA Count Total number of link state advertisements in this area s link state database excluding AS External LSAs Area LSA Checksum Number represe...

Page 779: ...ed by another router Translator State Shows whether the ABR translator state is disabled always or elected 7 186 show ip ospf asbr Display the internal OSPF routing table entries to Autonomous System Boundary Routers ASBR for the specified virtual router If no router is specified it displays information for the default router show ip ospf asbr vrf vrf name Parameters vrf vrf name Optional Display ...

Page 780: ...rs lsid Optional Use lsid to specify the link state ID LSID The value of lsid can be an IP address or an integer in the range of 0 4294967295 adv router Optional Use adv router to show the LSAs that are restricted by the advertising router asbr summary Optional Use asbr summary to show the autonomous system boundary router ASBR summary LSAs database summary Display LSA database summary information...

Page 781: ... 192 168 1 14 1458 800001d1 acc5 E 192 168 8 70 192 168 1 15 1398 800001fd 3010 E 192 168 9 2 192 168 1 101 893 80000742 9cee E 192 168 9 6 192 168 1 102 718 80000742 780d E 192 168 9 66 192 168 1 14 1278 8000021b 1a0c E 192 168 9 70 192 168 1 15 1338 800001fd 330b E 192 168 10 2 192 168 1 101 773 80000862 5c0c E 192 168 10 6 192 168 1 102 59 800001fe 14b8 E 192 168 10 66 192 168 1 14 1278 80000a3...

Page 782: ...tabase database summary Display the number of each type of LSA in the database for each area and for the router The command also displays the total number of LSAs in the database show ip ospf database database summary Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows an example of the command Router show ip ospf database database summary...

Page 783: ...er of self originated AS external LSAs in the OSPF link state database Opaque Link Number of opaque link LSAs in the database Opaque Area Number of opaque area LSAs in the database Subtotal Number of entries for the identified area Opaque AS Number of opaque AS LSAs in the database Total Number of entries for all areas 7 189 show ip ospf interface Display the information for the OSPF information f...

Page 784: ...ace OSPF Mtu ignore Disable Flood Blocking Disable OSPF is not enabled on this interface Display Parameters IP Address IP address for the specified interface Subnet Mask Mask of the network and host portion of the lP address for the OSPF interface Secondary IP Address es Secondary IP addresses if any are configured on the interface OSPF Admin Mode States whether OSPF is enabled or disabled on a rou...

Page 785: ...ANs such as Ethernet and IEEE 802 5 take the value broadcast The OSPF interface Type will be broadcast State The OSPF Interface States are down loopback waiting point to point designated router and backup designated router Designated Router Router ID representing the designated router Backup Designated Router Router ID representing the backup designated router Number of Link Events Number of link ...

Page 786: ...umber representing the OSPF Dead Interval for the specified interface Retransmit Interval Number representing the OSPF Retransmit lnterval for the specified interface Interface Transmit Delay Number representing the OSPF Transmit Delay for the specified interface LSA Ack Interval Number representing the OSPF LSA Acknowledgment lnterval for the specified interface 7 191 show ip ospf interface stats...

Page 787: ...d 0 Packet Type Sent Received Hello 5231 5230 Database Description 3 3 LS Request 1 0 LS Update 300 259 LS Acknowledgement 378 412 Display Parameters OSPF Area ID Area ID of this OSPF interface Area Border Router Count Total number of area border routers reachable within this area This is initially zero and is calculated in each SPF pass AS Border Router Count Total number of Autonomous System bor...

Page 788: ...Address Number of OSPF packets discarded because the packets destination IP address is not the address of the ingress interface and is not the AllDrRouters or AllSpfRouters multicast addresses Wrong Authentication Type Number of packets discarded because the authentication type specified in the OSPF header does not match the authentication type configured on the ingress interface Note This field a...

Page 789: ...ame Parameters vrf vrf name Optional Display the LSA group information of a virtual router Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Routing show ip ospf lsa group Total self originated LSAs 5 Average LSAs per group 0 Pacing group limit 75 Number of self originated LSAs within each LSA group Grou...

Page 790: ...eds this limit OSPF redistributes LSAs throughout the refresh interval to achieve better balance Groups For each LSA pacing group the output shows the range of LSA ages in the group and the number of LSAs in the group 7 193 show ip ospf neighbor Display information about OSPF neighbors for the specified virtual router If no router is specified it displays information for the default router If you do...

Page 791: ...7 Area Id 0 0 0 2 Options 0x2 Router Priority 1 Dead timer due in secs 15 Up Time 0 days 2 hrs 8 mins 46 secs State Full BACKUP DR Events 4 Retransmitted LSAs 32 Retransmission Queue Length 0 Restart Helper Status Helping Restart Reason Software Restart 1 Remaining Grace Time 10 sec Restart Helper Exit Reason In Progress Display Parameters If you specify an IP address for the neighbor router the f...

Page 792: ...t an adjacency change during graceful restart but continues to advertise the restarting router as a FULL adjacency A helpful neighbor continues to forward data packets to the restarting router Trusting that the restarting router s forwarding table is maintained during the restart Not Helping This router is not a helpful neighbor at this time Restart Reason When this router is in helpful neighbor m...

Page 793: ... made to contact the neighbor lnit An Hello packet has recently been seen from the neighbor but bidirectional communication has not yet been established 2 way Communication between the two routers is bidirectional Exchange start The first step in creating an adjacency between the two neighboring routers the goal is to decide which router is the master and to decide upon the initial DD sequence num...

Page 794: ...is active If a static cost is not configured the field displays Auto If the action is Suppress the field displays N A Active Indicate whether the range is currently active Y or N 7 195 show ip ospf statistics Display information about recent Shortest Path First SPF calculations for the specified virtual router If no router is specified displays information for the default router The SPF is the OSPF...

Page 795: ... 00 03 36 0 60 60 130 160 X 00 01 28 0 60 50 130 240 X 00 01 25 0 30 50 110 310 SN 00 01 22 0 0 40 50 260 SN 00 01 19 0 0 20 20 190 X 00 01 16 0 0 0 0 110 R X Display Parameters Delta T Time since the routing table was computed The time is in the format hours minutes and seconds hh mm ss Intra Time taken to compute intra area routes in milliseconds Summ Time taken to compute inter area routes in m...

Page 796: ...rameters Area ID 32 bit identifier for the created stub area Type of Service Type of service associated with the stub metric D LINK OS only supports Normal TOS Metric Val Metric value is applied based on the TOS lt defaults to the least metric of the type of service among the interfaces to other areas The OSPF cost for a route is a function of the metric value Import Summary LSA Controls the impor...

Page 797: ...eared 4000 seconds OSPFv2 Packet Statistics Hello Database Desc LS Request LS Update LS ACK Total Recd 500 10 20 50 20 600 Sent 400 8 16 40 16 480 LSAs Retransmitted 0 LS Update Max Receive Rate 20 pps LS Update Max Send Rate 10 pps Number of LSAs Received T1 Router 10 T2 Network 0 T3 Net Summary 300 T4 ASBR Summary 15 T5 External 20 T7 NSSA External 0 T9 Link Opaque 0 T10 Area Opaque 0 T11 AS Opa...

Page 798: ...eared OSPFv2 Queue Statistics For each OSPFv2 message queue the current count the high water mark the number of packets that failed to be enqueued and the queue limit The high water marks are not cleared when OSPF counters are cleared 7 198 show ip ospf virtual link Display the OSPF Virtual Interface information for a specific area and neighbor for the virtual router If no router is specified the i...

Page 799: ...er and backup designated router This is the state of the OSPF interface Neighbor State Neighbor state 7 199 show ip ospf virtual link brief Display the OSPF Virtual lnterface information for all areas in the system show ip ospf virtual link brief Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters Area ID Area ID of the requested OSPF area Neighbor...

Page 800: ...ts the generation of ICMP Destination Unreachable messages ip unreachables no ip unreachables Parameters None Default The default is Enabled Command Mode Interface Config 7 201 ip redirects Enable the generation of ICMP Redirect messages by the router You can use this command to configure an interface a range of interfaces or all interfaces No command prevents the generation of ICMP Redirect messa...

Page 801: ...rs None Default The default is Enabled Command Mode Interface Config 7 203 ip icmp echo reply Enable the generation of ICMP Echo Reply messages by the router No command prevents the generation of ICMP Echo Reply messages by the router ip icmp echo reply no ip icmp echo reply Parameters None Default The default is Enabled Command Mode Global Config Virtual Router Config 7 204 ip icmp error interval...

Page 802: ...limiting 1 200 Default The default is as follows burst interval of 1000 msec burst size of 100 messages Command Mode Global Config Virtual Router Config Bidirectional Forwarding Detection Commands Bidirectional Forwarding Detection BFD verifies bidirectional connectivity between forwarding engines which can be a single or multi hop away The protocol works over any underlying transmission mechanism...

Page 803: ...re bfd Enable BFD on the device Note that BFD must be enabled in order to configure other protocol and interface parameters No command disables BFD globally and removes runtime session data Static configurations are retained feature bfd no feature bfd Parameters None Default The default is Disabled Command Mode Global Config Example The following shows an example of the command Router configure Rou...

Page 804: ... lnterface Config mode this command resets the BFD session parameters for all sessions on an IP interface to their default values bfd interval transmit interval min_rx minimum receive interval multiplier detection time multiplier no bfd interval Parameters transmit interval Desired minimum transmit interval which is the minimum interval that the user wants to use while transmitting BFD control pac...

Page 805: ...up the required echo receive interval preference value This value determines the interval the asynchronous sessions use for BFD control packets when echo function is enabled The slow timer value is used as the new control packet interval while the echo packets use the configured BFD intervals No command resets the BFD slow timer preference value to its default bfd slow timer echo receive interval ...

Page 806: ...ver bfd Enable BFD support for fast failover for a BGP neighbor No command disables BFD support for fast failover for a BGP neighbor neighbor ipaddress fall over bfd no neighbor ipaddress fall over bfd Parameters ipaddress Enter the IP address IPv4 IPv6 of the peer Default The default is Disabled Command Mode Router BGP Config Example Do the following to trigger BFD processing through BGP on an in...

Page 807: ...d Mode Privileged EXEC Example The following shows an example of the command Router show bfd neighbors Admin Mode Enabled OurAddr NeighAddr State Interface Uptime 192 168 20 1 192 168 20 2 Up 1 0 77 0 0 21 30 2601 1 2001 2 Up 1 0 78 0 0 0 18 Router show bfd neighbors details Admin Mode Enabled Our IP address 2 1 1 1 Neighbor IP address 2 1 1 2 State Up Interface 0 15 Uptime 0 0 0 10 Registered Pro...

Page 808: ...cates if the system wishes to use Demand mode Minimum transmit interval Minimum interval to use when transmitting BFD control packets Actual TX Interval Transmitting interval being used for control packets Actual TX Echo interval Transmitting interval being used for echo packets Minimum receive interval Minimum interval at which the system can receive BFD control packets Detection interval multipl...

Page 809: ...tch CLI Reference Guide 803 Default The default is None Command Mode Privileged EXEC 7 214 debug bfd packet Display BFD control packet debugging information debug bfd packet Parameters None Default The default is None Command Mode Privileged EXEC ...

Page 810: ...ase see ip address for information on how to assign an IP address to the loopback interface 8 1 interface loopback Enters the interface Config mode for the loopback interface The no command removes the loopback interface and related configuration parameters for the given loopback interface interface loopback 0 63 no interface loopback 0 63 Parameters None Default The default is None Command Mode G...

Page 811: ...dress of the interface MTU size The maximum transmission size for packets on this interface in bytes Tunnel Interface Commands The commands described in this section are used to create delete and manage tunnel interfaces Functionality to facilitate the transition of IPv4 networks to IPv6 networks is provided by several different types of tunnels which are divided into two classes namely configured...

Page 812: ...thernet slot port loopback vlan Parameters ipv4 address Enter a valid IP address IPv4 ethernet slot port Configure the interface for IP tunnel loopback Indicates the configured Loopback interface information 0 63 vlan Indicates the VLAN ID Default The default is None Command Mode Interface Tunnel Config 8 5 tunnel destination Specifies the destination transport address for the tunnel tunnel destin...

Page 813: ...to 4 tunnel mode Default The default is None Command Mode Interface Config 8 7 show interface tunnel Displays the parameters related to the specified tunnel such as the tunnel source address tunnel mode and tunnel destination address show interface tunnel tunnel id Parameters tunnel id Optional Indicates the tunnel interface information 0 7 Default The default is None Command Mode Privileged EXEC ...

Page 814: ...you enable IPv6 on the interface and assign an address the IPv6 address and prefix display IPv6 Routing Commands In this section the IPv6 commands used to configure IPv6 on the system and on the interfaces are described The IPv6 management commands and show commands are also described 8 8 ipv6 hop limit Defines the unicast hop count utilized in ipv6 packets originated by the node The same value is ...

Page 815: ...l Config 8 10 ipv6 enable Enables IPv6 routing on a single interface or on a range of interfaces including tunnel and loopback interfaces that have not been configured with an explicit IPv6 address When this command is used the interface is configured automatically with a link local address It is not necessary to use this command if an IPv6 global address has been configured on the interface The no...

Page 816: ...100 f101 1 Local host 0000 0000 0000 0000 0000 0000 0000 0001 becomes 1 Any host 0000 0000 0000 0000 0000 0000 0000 0000 becomes The hexadecimal letters included in IPv6 addresses are not case sensitive One example of an IPv6 prefix and its prefix length is 3ffe 1 1234 64 The optional eui 64 field is used to indicate that IPv6 processing on the interfaces was enabled by use of an EUI 64 interface ...

Page 817: ...interface such that it can obtain network information e g the IPv6 address from a network DHCP server The no command releases a leased address and disables the DHCPv6 client on an interface ipv6 address dhcp no ipv6 address dhcp Parameters None Default The default is Disabled Command Mode Interface Config 8 14 ipv6 route This command configures an IPv6 static route The ipv6 prefix field indicates ...

Page 818: ...erence parameter it reverts the preference of a route to the default preference ipv6 route ipv6 prefix prefix_length next hop address Null0 interface slot port vlan vlan id tunnel tunnel_id next hop address preference no ipv6 route ipv6 prefix prefix_length next hop address Null0 interface slot port vlan vlan id tunnel tunnel_id next hop address preference Parameters ipv6 prefix prefix_length Ente...

Page 819: ... routes to the hardware The no command deletes all the net prototype IPv6 routes that have been added to the hardware ip route net prototype prefix prefix length nexthopip num routes no ip route net prototype prefix prefix length nexthopip num routes Parameters prefix prefix length The destination network and mask for the route nexthopip The next hop ip address It must belong to an active routing ...

Page 820: ...and this value cannot be changed ipv6 mtu 1280 12270 no ipv6 mtu Parameters None Default The default is 0 or the link speed MTU value 1500 Command Mode Interface Config 8 18 ipv6 nd dad attempts Sets the number of duplicate address detection probes that are transmitted on a single interface or a range of interfaces Duplicate address detection confirms that a given IPv6 address on an interface is u...

Page 821: ...pv6 nd managed config flag no ipv6 nd managed config flag Parameters None Default The default is False Command Mode Interface Config 8 20 ipv6 nd ns interval Sets the length of the interval in milliseconds between router advertisements for advertised neighbor solicitations An advertised value of 0 indicates that the interval is not specified This command can be used to configure a single interface...

Page 822: ...terface Config 8 22 ipv6 nd ra interval max Sets the length of the transmission interval between router advertisements on a given interface or a range of interfaces The no command sets the length of the router advertisement interval back to the default ipv6 nd ra interval max 4 1800 no ipv6 nd ra interval max Parameters None Default The default is 600 Command Mode Interface Config 8 23 ipv6 nd rag...

Page 823: ... indicates that the router in question is not to be used as the default router The no command resets the router lifetime value back to the default value ipv6 nd ra lifetime lifetime no ipv6 nd ra lifetime Parameters lifetime Indicates the router Advertisement Lifetime in seconds 0 9000 Default The default is 1800 Command Mode Interface Config 8 25 ipv6 nd ra hop limit unspecified Configures the ro...

Page 824: ...that the time is not specified by the router This command can be used to configure a single interface or a range of interfaces The no command indicates that the reachable time for the router is not specified ipv6 nd reachable time 0 3600000 no ipv6 nd reachable time Parameters None Default The default is 0 Command Mode Interface Config 8 27 ipv6 nd router preference Configures the default router p...

Page 825: ...ers associated with the prefixes that the router advertises in its router advertisements The valid lifetime of the router in seconds is the first optional parameter The user can specify a specific value or indicate that the lifetime value is infinite The preferred lifetime of the router is the second optional parameter This command can be utilized to configure either a single interface or a range ...

Page 826: ...ipv6 nd prefix prefix prefix_length Parameters prefix prefix_length Indicates the IPv6 prefix and prefix length lifetime Valid lifetime value in seconds 0 4294967295 infinite Optional Infinite Valid Lifetime no autoconfig off link Optional Do not use Prefix for autoconfiguration Off link Do not use Prefix for onlink determination Default The default is as follows valid lifetime 2592000 preferred l...

Page 827: ...In the event that the setting is disabled then only those entries that are actively used in the hardware will be triggered for NUD at the end of the STALE timeout of 1200 seconds If on the other hand the setting is enabled a set of 300 entries are triggered for NUD every 40 seconds irrespective of their usage in the hardware The no command disables automatic renewing of the IPv6 neighbor entries i...

Page 828: ...hes that of the given entry A nonexistent or empty prefix list permits all prefixes An implicit denial is assumed in the event that a given prefix does not match any of the entries in a prefix list Once a match or denial occurs the router does not continue examining the rest of the list A maximum of 128 prefix lists may be configured In each prefix list the maximum number of statements allowed is 6...

Page 829: ...l first statement number Optional Provides the option to renumber the sequence numbers of the IP prefix list statements with a given interval starting from a particular sequence number The valid range for renumber interval is 1 100 and the valid range for first statement number is 1 1000 Default The default is Prefix lists are not configured When neither the le nor the ge option is configured the ...

Page 830: ...figured in the form of a token bucket that has two configurable parameters namely burst size and burst interval The burst interval parameter specifies how frequently the token bucket is initialized with burst size tokens The acceptable range for the burst interval is from 0 to 2147483647 milliseconds msec The burst size parameter specifies the number of lCMPv6 error messages that may be sent durin...

Page 831: ... an example of the CLI display output for the command Routing show ipv6 brief IPv6 Unicast Routing Mode Disable IPv6 Hop Limit 0 ICMPv6 Rate Limit Error Interval 1000 msec ICMPv6 Rate Limit Burst Size 100 messages Maximum Routes 4096 IPv6 Unresolved Data Rate Limit 1024 pps IPv6 Neighbors Dynamic Renew Disable IPv6 NUD Maximum Unicast Solicits 3 IPv6 NUD Maximum Multicast Solicits 3 IPv6 NUD Expon...

Page 832: ...6 NUD Maximum Multicast Solicits Shows the maximum number of multicast Neighbor Solicitations sent during NUD neighbor unreachabililty detection when in UNREACHABLE state IPv6 NUD Exponential Backoff Multiple Shows the exponential backoff multiple to be used in the calculation of the next timeout value for Neighbor Solicitation transmission during NUD neighbor unreachabililty detection following t...

Page 833: ...face 0 4 1 IPv6 is enabled IPv6 Prefix is fe80 210 18ff fe00 1105 128 2001 1 64 Routing Mode Enabled IPv6 Enable Mode Enabled Administrative Mode Enabled IPv6 Operational Mode Enabled Bandwidth 10000 kbps Interface Maximum Transmit Unit 1500 Router Duplicate Address Detection Transmits 1 Address DHCP Mode Disabled IPv6 Hop Limit Unspecified Enabled Router Advertisement NS Interval 0 Router Adverti...

Page 834: ...um Transmission Unit Indicates the MTU size in bytes Router Duplicate Address Detection Transmits The number of consecutive duplicate address detection probes to transmit Address DHCP Mode Shows whether the DHCPv6 client is enabled on the interface IPv6 Hop Limit Unspecified Indicates if the router is configured on this interface to send Router Advertisements with unspecified 0 as the Current Hop ...

Page 835: ...valid Onlink Flag Shows whether the onlink flag is set enabled in the prefix Autonomous Flag Shows whether the autonomous address configuration flag autoconfig is set enabled in the prefix 8 39 show ipv6 dhcp interface Displays a list of all the IPv6 addresses that are currently being leased from a DHCP server on a specific in band interface The slot port argument corresponds to either a physical r...

Page 836: ...s interface Preferred Lifetime The preferred lifetime of the IPv6 address as defined in RFC 2462 Valid Lifetime The valid lifetime of the IPv6 address as defined by RFC 2462 Renew Time The time until the client tries to renew the lease Expiry Time The time until the address expires 8 40 show ipv6 nd raguard policy Shows the status of the IPv6 RA GUARD feature on the switch Using the command causes...

Page 837: ...LI display output for the command Routing show ipv6 neighbors Count of Neighbors 3 IPv6 Address MAC Address State Age Intf FE80 222 BDFF FED9 1D88 00 22 bd d9 1d 88 Stale 194673 Vlan1 FE80 222 BDFF FED9 1D89 00 22 bd d9 1d 89 Stale 194721 Vlan1 FE80 222 BDFF FED9 1D89 00 22 bd d9 1d 89 Stale 194717 Vlan5 Display Parameters Interface The interface in slot port format IPv6 Address lPv6 address of ne...

Page 838: ...clear ipv6 neighbors slot port ipv6address vlan id Parameters slot port Optional Indicates an interface in slot port format ipv6address Optional Indicates the IP address entry of a interface vlan id Optional Enter an interface in VLAN format Default The default is None Command Mode Privileged EXEC 8 43 show ipv6 protocols Lists a summary of the configuration and status details for the active IPv6 ...

Page 839: ... Internal Failover Enable Fast External Failover Enable Distance Ext 20 Int 200 Local 200 Prefixes Originated 2005 64 active 3012 48 Neighbors 172 20 1 100 Filter List In 1 Filter List Out 2 Prefix List In PfxList2 Prefix List Out PfxList3 Route Map In rmapUp Route Map Out rmapDown Routing Protocol OSPFV3 Router ID 1 1 1 1 OSPF Admin Mode Enable Maximum Paths 4 Distance Intra 110 Inter 110 Ext 110...

Page 840: ...e ranges routes from that neighbor are assigned the configured distance If a prefix list is configured then the distance is only assigned to prefixes from the neighbor that are permitted by the prefix list Redistribution A table showing information for each source protocol connected static RIP and OSPF For each of these sources the distribution list and route map are shown as well as the configure...

Page 841: ... static The optional all parameter is used to specify that all the routes including the best and non best routes will be displayed If it is not used then only the best routes will be displayed Note If the connected keyword is used for the protocol parameter then the all option will not be available because there will be no best or non best connected routes show ipv6 route ipv6 address protocol ipv...

Page 842: ...following is an example of the CLI display output for the command indicating kernel routes with the code K router show ipv6 route IPv6 Routing Table 4 entries Codes C connected S static 6To4 6to4 Route B BGP Derived O OSPF Intra OI OSPF Inter OE1 OSPF Ext 1 OE2 OSPF Ext 2 ON1 OSPF NSSA Ext Type 1 ON2 OSPF NSSA Ext Type 2 K kernel P Net Prototype C 2009 1 64 0 0 via 0 11 C 2044 1 64 0 0 via 0 18 K ...

Page 843: ...otocol that created this routing entry Default Gateway The IPv6 address of the default gateway When the system does not have a more specific route to a packet s destination it sends the packet to the default gateway IPv6 Prefix IPv6 Prefix Length The IPv6 Prefix and prefix length of the destination IPv6 network corresponding to this route Preference Metric The administrative distance preference an...

Page 844: ...RTO will be OSPF Inter Area types Reject routes REJECT route types installed by any protocol are not redistributed by OSPF and are supported in both OSPFv2 and OSPFv3 8 45 show ipv6 route ecmp groups Reports all the current ECMP groups included in the IPv6 routing table where an ECMP group consists of a set of two or more next hops that are used in one or more routes Such groups are numbered in an...

Page 845: ... Routing Table 2 entries Codes C connected S static 6To4 6to4 Route B BGP Derived O OSPF Intra OI OSPF Inter OE1 OSPF Ext 1 OE2 OSPF Ext 2 ON1 OSPF NSSA Ext Type 1 ON2 OSPF NSSA Ext Type 2 K kernel P Net Prototype C 2001 128 0 0 via 0 1 C 2005 128 0 0 via 0 2 Routing show ipv6 route hw failure IPv6 Routing Table 4 entries Codes C connected S static 6To4 6to4 Route B BGP Derived O OSPF Intra OI OSP...

Page 846: ...le of the command Routing show ipv6 route net prototype IPv6 Routing Table 2 entries Codes C connected S static 6To4 6to4 Route B BGP Derived O OSPF Intra OI OSPF Inter OE1 OSPF Ext 1 OE2 OSPF Ext 2 ON1 OSPF NSSA Ext Type 1 ON2 OSPF NSSA Ext Type 2 K kernel P Net Prototype P 3001 64 0 1 via 2001 4 00h 00m 04s 0 1 P 3001 0 0 1 64 0 1 via 2001 4 00h 00m 04s 0 1 8 48 show ipv6 route preferences Displ...

Page 847: ...utes that are outside of the area OSPF External Preference of OSPF external routes BGP External Preferepce of BGP external routes BGP Internal Preference of routes to other BGP routes that are outside of the area BGP Local Preference of routes within the BGP area 8 49 show ipv6 route summary Shows a summary of the routing table s current status If the optional all keyword is used then some statist...

Page 848: ...outes 10 External 0 Internal 10 Local 0 OSPF Routes 13 Intra Area Routes 0 Inter Area Routes 13 External Type 1 Routes 0 External Type 2 Routes 0 Reject Routes 0 Net Prototype Routes 10004 Total routes 17 Best Routes High 17 17 Alternate Routes 0 Route Adds 44 Route Deletes 27 Unresolved Route Adds 0 Invalid Route Adds 0 Failed Route Adds 0 Hardware Failed Route Adds 4 Reserved Locals 0 Unique Nex...

Page 849: ...ferent lengths Total Routes The total number of routes in the routing table Best Routes The number of best routes currently in the routing table This number only counts the best route to each destination Alternate Routes The number of alternate routes currently in the routing table An alternate route is a route that was not selected as the best route to its destination Route Adds The number of rou...

Page 850: ...ently in the routing table Truncated ECMP Routes The number of ECMP routes that are currently installed in the forwarding table with just one next hop The forwarding table may limit the number of ECMP routes or the number of ECMP groups When an ECMP route cannot be installed because such a limit is reached the route is installed with a single next hop ECMP Retries The number of ECMP routes that ha...

Page 851: ...ARD feature are shown in the command output show ipv6 snooping counters Parameters None Default The default is None Command Mode Global Config Privileged EXEC Example The following provides an example of the command Switching show ipv6 snooping counters IPv6 Dropped Messages RA Router Advertisement ICMP type 134 REDIR Router Redirect ICMP type 137 RA Redir 0 0 8 52 show ipv6 vlan Shows the IPv6 VL...

Page 852: ...s shown in a table under the following column headings Column Headings Definition VLAN ID The VLAN ID of a configured VLAN Logical Interface The interface in slot port format that is associated with the VLAN ID IPv6 Address Prefix Length The IPv6 prefix and prefix length associated with the VLAN ID 8 53 show ipv6 traffic Displays traffic and statistics for IPv6 and ICMPv6 A logical loopback or tunn...

Page 853: ...etc Received Datagrams Discarded Due To MTU Number of input datagrams that could not be forwarded because their size exceeded the link MTU of outgoing interface Received Datagrams Discarded Due To No Route Number of input datagrams discarded because no route could be found to transmit them to their destination Received Datagrams With Unknown Protocol Number of locally addressed datagrams received ...

Page 854: ...ransmitted Total number of IPv6 datagrams which local IPv6 user protocols including ICMP supplied to IPv6 in requests for transmission Note that this counter does not include any datagrams counted in ipv6lfStatsOutForwDatagrams Datagrams Transmit Failed Number of output IPv6 datagrams for which no problem was encountered to prevent their transmission to their destination but which were discarded e...

Page 855: ...received by the interface lCMPv6 Redirect Messages Received Number of Redirect messages received by the interface Transmitted Number of lCMPv6 Group Membership Query messages received by the interface Total lCMPv6 Messages Transmitted Total number of ICMP messages which this interface attempted to send Note that this counter includes all those counted by icmpOutErrors lCMPv6 Messages Not Transmitt...

Page 856: ...t Messages Transmitted Number of ICMP Neighbor Advertisement messages sent by the interface ICMPv6 Redirect Messages Received Number of Redirect messages sent For a host this object will always be zero since hosts do not send redirects ICMPv6 Group Membership Query Messages Received Number of ICMPv6 Group Membership Query messages sent ICMPv6 Group Membership Response Messages Received Number of I...

Page 857: ...back loopback id Optional Clear the IPv6 statistics for the specified Loopback interface tunnel tunnet id Optional Clear the IPv6 statistics for the specified Tunnel interface vlan id Optional Enter an interface in VLAN format Default The default is None Command Mode Privileged EXEC OSPFv3 Commands In this section the commands used to configure OSPFv3 which is a link state routing protocol that is...

Page 858: ... value of from 1 to 16777215 must be specified area areaid default cost 1 16777215 Parameters areaid Indicates a valid area ID Default The default is None Command Mode Router OSPFv3 Config 8 58 area nssa OSPFv3 Configures the area ID specified so that it will function as an NSSA The no command disables the NSSA function of the specified area ID area areaid nssa no area areaid nssa Parameters areai...

Page 859: ...a areaid nssa default info originate metric comparable non comparable no area areaid nssa default info originate metric comparable non comparable Parameters areaid Indicates a valid area ID metric Optional Indicates the metric value 1 16777214 comparable Optional Configure the Metric Type as comparable non comparable Optional Configure the Metric Type as non comparable Default The default is None ...

Page 860: ...or role OSPFv3 Configures the translator role for the NSSA Using a value of always will cause the router to assume the role of translator immediately if it becomes a border router while using a value of candidate will cause the router to participate in the translator selection process if it becomes a border router The no command disables the NSSA translator role from the specified area ID area are...

Page 861: ...ndicates a valid area ID stabilityinterval Indicates the integer for the Translator Stability interval 0 3600 Default The default is None Command Mode Router OSPFv3 Config 8 64 area range OSPFv3 Configures a summary prefix that an given area border router advertises for a specific area The no command deletes a summary prefix or removes a static cost area area id range prefix netmask summarylink ns...

Page 862: ...inter area prefix LSA to the configured value rather than setting the metric to the largest cost among the networks covered by the area range Default The default is as follows no area ranges or costs configured Command Mode Router OSPFv3 Config 8 65 area stub OSPFv3 Creates a stub area for the area ID specified The primary characteristic of a stub area is that AS External LSAs are not imported int...

Page 863: ...neighbor parameter indicates the Router ID of the neighbor The no command deletes the OSPF virtual interface from the specified interface that is identified by the areaid and neighbor parameters area areaid virtual link neighbor no area areaid virtual link neighbor Parameters areaid Indicates a valid area ID neighbor Indicates the router ID of the virtual neighbor Default The default is None Comma...

Page 864: ...ual link hello interval OSPFv3 Configures the hello interval for the OSPF virtual interface located on the virtual interface specified by the areaid and neighbor parameters The neighbor parameter indicates the Router ID of the neighbor The no command configures the default hello interval for the OSPF virtual interface located on the virtual interface specified by the areaid and neighbor parameters...

Page 865: ...alid area ID neighbor Indicates the router ID of the virtual neighbor Default The default is 5 Command Mode Router OSPFv3 Config 8 71 area virtual link transmit delay OSPFv3 Configures the transmit delay for the OSPF virtual interface located on the virtual interface specified by the areaid and neighbor parameters The neighbor parameter is the Router ID of the neighbor The no command configures th...

Page 866: ...nce bandwidth to the interface bandwidth ref_bw interface bandwidth where the interface bandwidth is determined by the bandwidth command Due to the default reference bandwidth being 100 Mbps the OSPF uses the same default link cost for all of the interfaces with a bandwidth of 100 Mbps or greater The auto cost command can be used to change the reference bandwidth with the reference bandwidth being...

Page 867: ...face statistics clear ipv6 ospf counters Parameters None Default The default is None Command Mode Privileged EXEC 8 76 clear ipv6 ospf neighbor Drops the adjacency with all OSPF neighbors A one way hello can be sent on each neighbor s interface Once that is done adjacencies can be reestablished Specify the neighbor s Router ID using the optional parameter neighbor id if you wish to drop all adjace...

Page 868: ...irectly specify the VLAN ID of the routing VLAN The optional parameter neighbor id is used to drop adjacency with a specific router ID on a specific interface clear ipv6 ospf neighbor interface slot port vlan 1 4093 neighbor id Parameters slot port Optional Indicates the interface in slot port format vlan 1 4093 Optional Indicates the interface in VLAN format neighbor id Optional Clears all OSPF c...

Page 869: ...ginate metric metric type Parameters always Indicates the default route is always advertised metric Indicates the cost for reaching the rest of the world through this route 0 16777214 metric type 1 2 Indicates how the cost of a neighbor metric is determined default type 2 Default The default is as follows metric unspecified type 2 Command Mode Router OSPFv3 Config 8 80 default metric OSPFv3 Sets a...

Page 870: ...he router The OSPF route type can be intra inter or external The external type routes are all given the same preference value distance ospf intra area 1 255 inter area 1 255 external 1 255 no distance ospf intra area inter area external Parameters intra area Indicates the distance for all routes within an area 1 255 inter area Indicates the distance for all routes from one area to another area 1 2...

Page 871: ... the OSPF exit overflow interval 0 2147483647 no exit overflow interval Parameters None Default The default is 0 seconds Command Mode Router OSPFv3 Config 8 84 external lsdb limit OSPFv3 Configures the external LSDB limit for the OSPF If the value is set to 1 then there will be no limit A router enters the overflow state when the number of non default AS external LSAs in the router s link state da...

Page 872: ...e maximum paths maxpaths no maximum paths Parameters maxpaths Indicates the maximum path value 1 48 Default The default is 4 Command Mode Router OSPFv3 Config 8 86 passive interface default OSPFv3 Enables the global passive mode by default for all interfaces Using this command overrides any interface level passive mode The OSPF will then not form adjacencies over a passive interface The no command...

Page 873: ... be non passive The command overrides the global passive mode that is currently in effect on the specified interface or tunnel passive interface slot port vlan 1 4093 tunnel tunnel id no enable password Parameters slot port Indicates the interface in slot port format vlan 1 4093 Indicates the VLAN number 1 4093 tunnel tunnel id Indicates the tunnel interface Default The default is Disabled Command...

Page 874: ...edistributed metric Optional Indicates metric for redistributed routes 0 16777214 metric type 1 2 Optional Indicates the type of metric used to meaure tag 0 4294967295 Optional Configures the OSPF route redistribution tag Default The default is as follows metric unspecified type 2 tag 0 Command Mode Router OSPFv3 Config 8 89 router id OSPFv3 Sets a 4 digit dotted decimal number that uniquely ident...

Page 875: ...arameter back to the factory default value of 60 seconds timers pacing lsa group seconds no timers pacing lsa group Parameters seconds Set width of the window for grouping LSAs for refresh 10 1800 Default The default is 60 seconds Command Mode Router OSPFv3 Config 8 91 timers throttle spf The spf hold value specifies the amount of delay for the initial wait interval In the event that an SPF calcul...

Page 876: ...ously The different groups of trapflags and each one of a group s specific trapflags that are to be enabled or disabled are listed in Table 12 Table 12 Trapflag Groups OSPFv3 Group Flags Errors authentication failure bad packet config error virt authentication failure virt bad packet virt config error Isa Isa maxage Isa originate overflow lsdb overflow lsdb approaching overflow retransmit packets ...

Page 877: ...lure on non virtual interfaces bad packet Packet parse failure on non virtual interfaces config error Config mismatch errors on non virtual interfaces virt authentication failure Authentication failure on virtual interfaces virt bad packet Packet parse failure on virtual interfaces virt config error Config mismatch errors on virtual interfaces lsa Enable Disable LSA related traps lsa maxage This t...

Page 878: ... 93 ipv6 ospf area Sets the OSPF area that the specified router interface or range of interfaces belongs to The command also enables the OSPF for the specified router interface or range of interfaces The area must consist of a 32 bit integer that is formatted as a 4 digit dotted decimal number or as a decimal value within the range of 0 4294967295 The area identifies uniquely the area to which the...

Page 879: ...tached to a common network The value should also be some multiple of the Hello interval i e 4 The no command resets the OSPF dead interval for the specified interface or range of interfaces back to the default value ipv6 ospf dead interval 1 2147483647 no ipv6 ospf dead interval Parameters None Default The default is 40 Command Mode Interface Config 8 96 ipv6 ospf hello interval Sets the OSPF hello...

Page 880: ...nsmitted on the P2P interface ipv6 ospf link lsa suppression no ipv6 ospf link lsa suppression Parameters None Default The default is False Command Mode Privileged EXEC 8 98 ipv6 ospf mtu ignore Disables OSPF maximum transmission unit MTU mismatch detection on a specified interface or a range of interfaces OSPF Database Description packets are used to specify the size of the largest IP packet that...

Page 881: ...to point as the network type eliminates the overhead of the OSPF designated router selection It is not useful under normal circumstances to set a tunnel to OSPF network type broadcast The no command resets the interface type back to the default value ipv6 ospf network broadcast point to point no ipv6 ospf network broadcast point to point Parameters broadcast Set OSPFv3 Interface Type to Broadcast ...

Page 882: ...o ipv6 ospf prefix suppression command is utilized then global prefix suppression applies to the interface Please note that not configuring the command is not the same as disabling interface level prefix suppression ipv6 ospf prefix suppression disable no ipv6 ospf prefix suppression Parameters disable Optional Disable prefix suppression on the interface Default Not configured Command Mode Interfa...

Page 883: ...erval for the specified interface to the default value ipv6 ospf retransmit interval 0 3600 no ipv6 ospf retransmit interval Parameters None Default The default is 5 seconds Command Mode Interface Config 8 103 ipv6 ospf transmit delay Sets the OSPF Transit Delay which is specified in seconds for the specified interface or a range of interfaces ln addition this command sets the estimated number of ...

Page 884: ... network topology from those helpful neighbors Graceful restarts may be enabled either for planned starts unplanned restarts or both The operator initiates a planned restart through the management command initiate failover A failover may be intiated in order to take the management unit out of service for example in order to fix a partial hardware failure to address faulty system behavior that cann...

Page 885: ... OSPFv3 Disables the helpful neighbor functionality for the OSPF Note The following commands are functionally equivalent no nsf helper and nsf ietf helper disable Meanwhile the nsf ietf helper disable command is supported solely for compatibility with other network software CLI nsf ietf helper disable Parameters None Default The default is None Command Mode Router OSPFv3 Config 8 107 nsf helper st...

Page 886: ...eloads OSPFv3 can be forced into the stub router mode administratively OSPFv3 remains in the stub router mode until the user takes OSPFv3 out of the stub router mode Alternatively OSPF can be configured to start in the stub router mode for a configurable period of time after the router boots up lf the summary LSA metric is set to 16 777 215 then other routers will skip the summary LSA when those r...

Page 887: ...nter Area Router LSAs on startup 5 86466 Optional Starts OSPF in stub router mode seconds is the number of seconds that OSPF remains in stub router mode after a reboot The range is 5 to 86 400 seconds There is no default value summary lsa 1 16777215 Optional Sends the maximum metric values for Summary LSAs Default The default is as follows OSPF not in stub router mode Command Mode OSPFv3 Router Co...

Page 888: ... show ipv6 ospf Router ID 0 0 0 0 OSPF Admin Mode Enable External LSDB Limit No Limit Exit Overflow Interval 0 SPF Start Time 2000 ms SPF Hold Time 5000 ms SPF Maximum Hold Time 5000 ms LSA Refresh Group Pacing Time 60 sec AutoCost Ref BW 100 Mbps Default Passive Setting Disabled Prefix Suppression Disabled Maximum Paths 48 Default Metric Not Configured Maximum Routes 2048 Stub Router Configuratio...

Page 889: ...he LSA refresh group window in seconds AutoCost Ref BW Shows the value of the auto cost reference bandwidth configured on the router Default Passive Setting Shows whether the interfaces are passive by default Prefix suppression Displays whether prefix suppression is enabled or disabled on the given interface Maximum Paths The maximum number of paths that OSPF can report for a given destination Def...

Page 890: ...lows no options show ipv6 ospf abr Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters Type The type of the route to the destination It can be either intra intra area route inter Inter area route Router ID Router ID of the destination Cost Cost of using this route Area ID The area ID of the area from which this route is learned Next Hop Next hop to...

Page 891: ... possible values are enabled and disabled Import Summary LSAs Shows whether to import summary LSAs enabled OSPF Stub Metric Value The metric value of the stub area This field displays only if the area is a configured as a stub area The following OSPF NSSA specific information displays only if the area is configured as an NSSA Import Summary LSAs Shows whether to import summary LSAs into the NSSA R...

Page 892: ...n the command shows the LSA headers for all areas The optional areaid parameter can be used to display the database information regarding a specific area The other optional parameters can be used to specify the type of link state advertisements to show The term external is used to display the external LSAs The term inter area is used to display the inter area LSAs The term link is used to display ...

Page 893: ... unknown area as link Optional Indicates unknown LSAs lsid Optional Indicates the link state ID LSID adv router Optional Restrict by advertising router rtrid Optional Indicates a enter an IP Address self originate Optional Indicates self originated LSAs Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters The following information is displayed for each link type an...

Page 894: ...l number of inter area prefix LSAs in the OSPFv3 link state database Inter area Router Total number of inter area router LSAs in the OSPFv3 link state database Type 7 Ext Total number of NSSA external LSAs in the OSPFv3 link state database Link Total number of link LSAs in the OSPFv3 link state database lntra area Prefix Total number of intra area prefix LSAs in the OSPFv3 link state database Link ...

Page 895: ...splay the configured Loopback interface information tunnel tunnel id Display the configured Tunnel interface information Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters IP Address The IPv6 address of the interface iflndex The interface index number associated with the interface OSPF Admin Mode Shows whether the admin mode is enabled or disabled OSPF Area ID Th...

Page 896: ... The configured state of Link LSA Suppression for the interface The following informatiognliy displays if OSPF is initialized on the interface OSPF lnterface Type Broadcast LANs such as Ethernet and IEEE 802 5 take the value broadcast The OSPF interface Type will be broadcast State The OSPF Interface States are down loopback waiting point to point designated router and backup designated router Des...

Page 897: ...n seconds the interface waits before assuming a neighbor is down Retransmit Interval The frequency in seconds at which the interface sends LSA Retransmit Delay Interval The number of seconds the interface adds to the age of LSA packets before transmission LSA Ack Interval The amount of time in seconds the interface waits before sending an LSA acknowledgement after receiving an LSA 8 118 show ipv6 ...

Page 898: ...ng the packet Virtual Link Not Found The number of received OSPF packets discarded where the ingress interface is in a non backbone area and the OSPF header identifies the packet as belonging to the backbone but OSPF does not have a virtual link to the packets sender Area Mismatch The number of OSPF packets discarded because the area ID in the OSPF header is not the area ID configured on the ingre...

Page 899: ...self originated LSAs 3019 Average LSAs per group 100 Pacing group limit 400 Number of self originated LSAs within each LSA group Group Start Age Group End Age Count 0 59 96 60 119 88 120 179 102 180 239 95 240 299 95 300 359 92 360 419 48 420 479 58 480 539 103 540 599 99 600 659 119 660 719 110 720 779 106 780 839 122 840 899 110 900 959 99 960 1019 135 1020 1079 101 1080 1139 94 1140 1199 115 12...

Page 900: ...ated LSAs in one LSA group If the number of LSAs in a group exceeds this limit OSPF redistributes LSAs throughout the refresh interval to achieve better balance Groups For each LSA pacing group the output shows the range of LSA ages in the group and the number of LSAs in the group 8 120 show ipv6 ospf max metric Shows the configured maximum metrics for the stub router mode show ipv6 ospf max metri...

Page 901: ... ip address Parameters interface Optional Indicates the restrict interface slot port Enter an interface in slot port format vlan Enter an interface in VLAN format 1 4093 tunnel tunnel_id Display the configured Tunnel interface information ip address Optional Enter the IPv6 address for the indicated neighbor interface Default The default is None Command Mode Privileged EXEC User EXEC Display Parame...

Page 902: ...this time Restart Reason When this router is in helpful neighbor mode this indicates the reason for the restart as provided by the restarting router Remaining Grace Time The number of seconds remaining in current graceful restart interval This is displayed only when this router is currently acting as a helpful neighbor for the router specified in the command Restart Helper Exit Reason Indicates th...

Page 903: ...the set of OSPFv3 area ranges that are configured for a given area show ipv6 ospf range areaid Parameters areaid Indicates an area ID Default The default is None Command Mode Privileged EXEC Display Parameters Area ID The area whose prefixes are summarized IPv6 Prefix Prefix Length The summary prefix and prefix lengtn Type S Summary Link or E External Link Action Enabled or Disabled Cost Metric to b...

Page 904: ...N 04 07 18 0 0 0 1 485 SN 04 07 14 0 1 0 1 3 X Display Parameters The following information will be displayed with the most recent statistics shown at the end of the table Delta T The time since the routing table was computed The time is in the format hours minutes and seconds hh mm ss Intra The time taken to compute intra area routes in milliseconds Summ The time taken to compute inter area route...

Page 905: ... initialized on the switch in question show ipv6 ospf stub table Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters Area ID A 32 bit identifier for the created stub area Type of Service Type of service associated with the stub metric For this release Normal TOS is the only supported type Metric Val The metric value is applied based on the TOS It d...

Page 906: ... Router ID Hello Interval The configured hello interval for the OSPF virtual interface Dead Interval The configured dead interval for the OSPF virtual interface Interface Transmit Delay The configured transmit delay for the OSPF virtual interface Retransmit Interval The configured retransmit interval for the OSPF virtual interface Authentication Type The type of authentication the interface perfor...

Page 907: ...w DHCPv6 information are described 8 127 ipv6 dhcp client pd Enables the Dynamic Host Configuration Protocol DHCP for an IPv6 client process that is if the process is not currently running and enables requests for prefix delegation PD through a specified interface A prefix is stored in the IPv6 general prefix pool with an internal name that is defined by the automatic argument when prefix delegatio...

Page 908: ...rameter indicates the DHCPv6 pool that contains stateless and or prefix delegation parameters the automatic parameter enables the server to determine automatically which pool to use when addresses for a client are allocated the rapid commit parameter is an optional parameter that allows for an abbreviated exchange between the server and client and the preference pref value parameter is a value used...

Page 909: ... string Note If the relay address parameter consists of an IPv6 global address then the relay interface parameter is not required If the relay address parameter consists of a link local or multicast address then the relay interface parameter is required Finally if a value for the relay address is not specified then a value for the relay interface parameter must be specified and the DHCPV6 ALL AGEN...

Page 910: ...nction on a given interface When a DHCPv6 pool is associated with an interface only that pool will service any requests on the associated interface The pool will also service other interfaces If a DHCPv6 pool is not associated with an interface by the user the pool can service requests on any interface If no IPv6 address prefix is used then the pool will return only configured options The no comma...

Page 911: ...e Default The default is None Command Mode IPv6 DHCP Pool Config Example The following example of the command shows how a user can configure an IPv6 address prefix for the IPv6 configuration pool pool1 Switch configure Switch Config ipv6 dhcp pool pool1 Switch Config dhcp6s pool address prefix 2001 64 Switch Config dhcp6s pool exit 8 132 domain name IPv6 Sets the DNS domain name that is provided t...

Page 912: ...cates the delegated IPv6 prefix and the DUID parameter indicates the client s unique DUID value Example 00 01 00 09 f8 79 4e 00 04 76 73 43 76 The name parameter consists of a 31 character textual client s name that is useful for logging or tracing purposes only The valid lifetime parameter indicates in seconds the valid lifetime for the delegated prefix and the preferred lifetime parameter indica...

Page 913: ...me 604800 Command Mode IPv6 DHCP Pool Config 8 135 show ipv6 dhcp statistics Shows the IPv6 DHCP statistics for all interfaces show ipv6 dhcp statistics Parameters None Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show ipv6 dhcp statistics DHCPv6 Interface Global Statistics DHCPv6 Solicit Packets Received 0 DHCPv6 Request Pa...

Page 914: ...ived Number of renew received statistics DHCPv6 Rebind Packets Received Number of rebind received statistics DHCPv6 Release Packets Received Number of release received statistics DHCPv6 Decline Packets Received Number of decline received statistics DHCPv6 Inform Packets Received Number of inform received statistics DHCPv6 Relay forward Packets Received Number of relay forward received statistics D...

Page 915: ...er can utilize the optional statistics parameter in order to view statistics for the specified interface show ipv6 dhcp interface slot port vlan 1 4093 statistics Parameters slot port Enters an interface in slot port format vlan 1 4093 Enters an interface in VLAN format statistics Optional Displays IPv6 Interface Statistics Default The default is None Command Mode Privileged EXEC Display Parameters...

Page 916: ...binding Shows the configured DHCP pool show ipv6 dhcp binding ipv6 address Parameters ipv6 address Optional Indicates the display client IPv6 Address Default The default is None Command Mode Privileged EXEC Display Parameters DHCP Client Address Address of DHCP Client DUID String that represents the Client DUID IAID Identity Association ID Prefix Prefix Length IPv6 address and mask length for dele...

Page 917: ...mbination of the local system burned in MAC address and a timestamp value Host Name of the client Prefix Prefix Length IPv6 address and mask length for delegated prefix Preferred Lifetime Preferred lifetime in seconds for delegated prefix Valid Lifetime Valid lifetime in seconds for delegated prefix DNS Server Address Address of DNS server address Domain Nane DNS domain name 8 139 show network ipv...

Page 918: ...network interface DHCPv6 Reply Packets Received The number of DHCPv6 Reply packets received on the network interface Received DHCPv6 Advertisement Packets Discarded The number of DHCPv6 Advertisement packets discarded on the network interface Received DHCPv6 Reply Packets Discarded The number of DHCPv6 Reply packets discarded on the network interface DHCPv6 Malformed Packets Received The number of...

Page 919: ...ters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Switching show serviceport ipv6 dhcp statistics DHCPv6 Client Statistics DHCPv6 Advertisement Packets Received 0 DHCPv6 Reply Packets Received 0 Received DHCPv6 Advertisement Packets Discarded 0 Received DHCPv6 Reply Packets Discarded 0 DHCPv6 M...

Page 920: ...kets transmitted on the service port interface DHCPv6 Request Packets Transmitted The number of DHCPv6 Request packets transmitted on the service port interface DHCPv6 Renew Packets Transmitted The number of DHCPv6 Renew packets transmitted on the service port interface DHCPv6 Rebind Packets Transmitted The number of DHCPv6 Rebind packets transmitted on the service port interface DHCPv6 Release Pa...

Page 921: ... lifetimes have expired or the clear IPv6 DHCP binding command is run by an administrator In the event that the clear ipv6 dhcp binding command is utilized with the optional ipv6 address argument specified then only the binding for the client that is specified is deleted When the clear ipv6 dhcp binding command is utilized without the ipv6 address argument then all of the automatic client bindings...

Page 922: ...6 dhcp statistics Parameters None Default The default is None Command Mode Privileged EXEC DHCPv6 Snooping Configuration Commands In this section the commands used to configure IPv6 DHCP Snooping are described 8 145 ipv6 dhcp snooping Globally enables IPv6 DHCP Snooping The no command globally disables IPv6 DHCP Snooping ipv6 dhcp snooping no ipv6 dhcp snooping Parameters None Default The default ...

Page 923: ...ult The default is Disabled Command Mode Global Config 8 147 ipv6 dhcp snooping verify mac address Enables the source MAC address to be verified with the client hardware address in a received DCHP message The no command disables the ability to verify the source MAC address with the client hardware address ipv6 dhcp snooping verify mac address no ipv6 dhcp snooping verify mac address Parameters Non...

Page 924: ...149 ipv6 dhcp snooping database write delay Configures the interval at which the DHCP Snooping database is persisted in seconds The no command resets the write delay value back to the default value ipv6 dhcp snooping database write delay 15 86400 no ipv6 dhcp snooping database write delay 15 86400 Parameters None Default The default is 300 seconds Command Mode Global Config 8 150 ipv6 dhcp snoopin...

Page 925: ...f interfaces as trusted The no command configures a port as untrusted ipv6 dhcp snooping trust no ipv6 dhcp snooping trust Parameters None Default The default is Disabled Command Mode Interface Config 8 152 ipv6 dhcp snooping log invalid Controls the filtration of logging DHCP messages by the DHCP Snooping application The command can be utilized to configure either a specific interface or a range ...

Page 926: ...default values ipv6 dhcp snooping limit rate 0 300 burst interval seconds no ipv6 dhcp snooping limit Parameters rate Configure rate limit in pps 0 300 burst interval seconds Optional Indicates the burst interval in seconds Default The default is Disabled no limit Command Mode Interface Config 8 154 ipv6 verify source Configures the lPv6SG source ID attribute so that it filters the data traffic in ...

Page 927: ...o command removes an IPv6SG static entry from the IPv6SG database ipv6 verify binding mac address vlan vlan id ip IPv6 address interface interface id no ipv6 verify binding mac address vlan vlan id IPv6 address interface interface id Parameters mac address Indicates a MAC address vlan vlan id Indicates a VLAN ID ip address Indicates an IPv6 Address interface interface id Indicates an interface ID ...

Page 928: ...o Yes 0 4 No No 0 6 No No Display Parameters Interface The interface for which data is displayed Trusted If it is enabled DHCP snooping considers the port as trusted The factory default is disabled Log Invalid Pkts lf it is enabled DHCP snooping application logs invalid packets on the specified interface 8 157 show ipv6 DHCP snooping binding Shows the DHCP Snooping binding entries The following opt...

Page 929: ...how ipv6 dhcp snooping binding Total number of bindings 2 MAC Address IPv6 Address VLAN Interface Type Lease time Secs 00 02 B3 06 60 80 2000 1 64 10 0 1 86400 00 0F FE 00 13 04 3000 1 64 10 0 1 86400 Display Parameters MAC Address Displays the MAC address for the binding that was added The MAC address is the key to the binding database IPv6 Address Displays the valid IPv6 address for the binding ...

Page 930: ...Agent URL Bindings database agent URL Write Delay The maximum write time to write the database into local or remote 8 159 show ipv6 dhcp snooping interfaces Shows the DHCP Snooping status for all the interfaces or for a specified interface show ipv6 dhcp snooping interfaces interface slot port Parameters interface slot port Indicates an interface in slot port format Default The default is None Comm...

Page 931: ...snooping statistics Lists the statistics regarding IPv6 DHCP Snooping security violations on untrusted ports show ipv6 dhcp snooping statistics Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command switch show ipv6 dhcp snooping statistics Interface MAC Verify Failures Client Ifc Mismatch DHC...

Page 932: ...smatch Client lfc Mismatch Represents the number of link level flow control LFC mismatches between client identifiers DHCP Server Msgs Rec d Represents the number of DHCP server messages received on Untrusted ports 8 161 clear ipv6 dhcp snooping binding Clears all DHCPv6 Snooping bindings on a specific interface or on all the interfaces clear ipv6 dhcp snooping binding interface slot port Paramete...

Page 933: ...y interface Parameters interface Indicates an interface in slot port format Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command switch show ipv6 verify 0 1 Interface Filter Type IP Address MAC Address Vlan 0 1 ipv6 mac 2000 1 64 00 02 B3 06 60 80 10 0 1 ipv6 mac 3000 1 64 00 0F FE 00 13 04 10 Display Param...

Page 934: ...nfigurations for all ports If the user specifies the interface option then the output is restricted to the slot port that was specified show ipv6 verify source interface Parameters interface Indicates an interface in slot port format Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command switch show ipv6 veri...

Page 935: ... dhcp snooping Optional Restrict the output based on DHCP snooping static Optional Restrict the output based on static entries lnterface slot port Optional Restrict the output based on a specific interface vlan Id Optional Restricts the output based on VLAN Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the comma...

Page 936: ... Managed Data Center Switch CLI Reference Guide 930 Type Entry type statically configured from CLI or dynamically learned from DHCP Snooping VLAN VLAN for the entry Interface IP address of the interface in slot port format ...

Page 937: ...play the configuration setting Multicast Commands In this section the commands used to configure IP Multicast and view IP Multicast settings and statistics are described 9 1 ip mcast boundary Adds an administrative scope multicast boundary that is specified by the groupipaddr and mask parameters which indicate the group IP address and group IP mask for which the multicast administrative boundary i...

Page 938: ...the Reverse port forwarding RPF next hop router toward the source preference The administrative distance for this Static MRoute that is the preference value The range is 1 to 255 Default The default is not configured with any MRoute Command Mode Global Config 9 3 ip multicast Sets the administrative mode for the IP multicast forwarder in a router to active This command is also used to enable the a...

Page 939: ...alue so that any data packets that are forwarded over the interface that have a TTL value above the configured value will be dropped The no command is used to apply the default ttl threshold to a given routing interface The ttl threshold indicates the TTL threshold that is to be applied to those multicast Data packets that are forwarded from the interface in question ip multicast ttl threshold 0 2...

Page 940: ...multicast table Protocol The multicast protocol running on the router Possible values are PIMDM PIMSM or DVMRP Multicast Forwarding Cache Entry Count The number of entries in the multicast forwarding cache 9 6 show ip mcast boundary Shows all the administrative scoped multicast boundaries that are configured The slot port argument corresponds to either a physical routing interface or to a VLAN rou...

Page 941: ...t information for a specific interface The slot port argument corresponds to either a physical routing interface or to a VLAN routing interface The keyword VLAN is utilized instead of the slot port format to directly specify the VLAN ID of the routing VLAN show ip mcast interface slot port vlan 1 4093 Parameters slot port Indicates an interface in slot port format vlan 1 4093 Indicates an interfac...

Page 942: ...ess Display multicast routing table entries for specified source IP address static Display the static multicast routing table entries detail Display the multicast routing table details Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the output for the summary parameter in the PIM Sparse mode Routing show ip mroute summary Multicast route ta...

Page 943: ...Reg Reg stop 0 0 Incoming interface 4 2 RPF nbr 3 3 3 11 Outgoing interface list 4 1 00 00 36 000 Joins 0 The following is an example of the output for the detail parameter in the PIM Dense mode in the event that a multicast routing protocol other than PIMSM is enabled Routing Config show ip mroute detail IP Multicast Routing Table Source IP Group IP Expiry Time Up Time RPF Neighbor Flags hh mm ss...

Page 944: ... RPF nbr 3001 10 Outgoing interface list 4 2 00 00 66 000 Joins 0 3001 10 ff43 3 00 00 07 203 Flags T Joins Prunes 0 0 Reg Reg stop 0 0 Incoming interface 4 1 RPF nbr 3001 10 Outgoing interface list 4 2 00 00 77 000 Joins 0 The following is an example of the output for the group parameter in the PIM Sparse mode U16 show ip mroute group 229 10 0 1 IP Multicast Routing Table Flags C Connected J Rece...

Page 945: ...PIM Sparse mode then the command will display the following fields Flags F Register flag Indicates that the source connected router is sending registers to RP This flag can be seen only on Designated Router connected to source T SPT bit set Indicates that packets have been received on the shortest path source tree R RP bit set Indicates that the S G entry is pointing toward the RP This flag typica...

Page 946: ...ime of expiry of this entry in seconds Up Time The time elapsed since the entry was created in seconds RPF Neighbor The IP address of the RPF neighbor Flags The flags associated with this entry If the summary parameter is used in the PIM Sparse mode then the command will display the following fields Source IP Source address of the multicast route entry Group IP Group address of the multicast route ...

Page 947: ... Parameters Source IP Addr The IP address of the multicast data source Group IP Addr The IP address of the destination of the multicast packet Protocol The multicast routing protocol by which this entry was created Incoming Interface The interface on which the packet for this group arrives Outgoing Interface List The list of outgoing interfaces on which this packet is forwarded 9 10 show ip mroute...

Page 948: ...hbor Flags The flags associated with this entry If the summary parameter is used then the following column headings will be displayed in the output table Source IP Addr The IP address of the multicast data source Group IP Addr The IP address of the destination of the multicast packet Protocol The multicast routing protocol by which this entry was created Incoming Interface The interface on which t...

Page 949: ...rce Mask The subnetwork mask pertaining to the source IP RPF Address The IP address of the RPF next hop router toward the source Preference The administrative distance for this Static MRoute 9 12 clear ip mroute Deletes all of the multicast route entries or specified IP multicast route entries Note It should be noted that this command clears only dynamic mroute entries static mroute entries will no...

Page 950: ...p Routing clear ip mroute 224 1 2 1 Issuing the following command will delete all of the entries from the IP multicast routing table that match with the multicast group address provided that is 224 1 2 1 and the multicast source address provided that is 192 168 10 10 Routing clear ip mroute 224 1 2 1 192 168 10 10 DVMRP Commands In this section the Distance Vector Multicast Routing Protocol DVMRP ...

Page 951: ...e ip dvmrp metric 1 31 no ip dvmrp metric Parameters None Default The default is 1 Command Mode lnterface Config 9 15 ip dvmrp trapflags Enables the DVMRP trap mode The no command disables the DVMRP trap mode ip dvmrp trapflags no ip dvmrp trapflags Parameters None Default The default is Disabled Command Mode Global Config 9 16 ip dvmrp Sets the administrative mode of the DVMRP on a single interfa...

Page 952: ...ation for the DVMRP show ip dvmrp Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows an example of the command Routing show ip dvmrp Admin Mode Disabled Version 3 Total Number of Routes 0 Reachable Routes 0 DVMRP INTERFACE STATUS Interface Interface Mode Operational Status 4 1 Disabled Non Operational 4 2 Disabled Non Operational 4 3 Disa...

Page 953: ...rrent state of DVMRP on this interface Possible values are Operational or Non Operational 9 18 show ip dvmrp interface Shows the interface information for the DVMRP on a specific interface The slot port argument corresponds to either a physical routing interface or to a VLAN routing interface The keyword VLAN is utilized instead of the slot port format to directly specify the VLAN ID of the routin...

Page 954: ... value for the interface This is used by the neighboring routers to detect that the DVMRP table should be resent Routing show ip dvmrp interface 4 10 Interface Mode Enabled Interface Metric 1 Local Address 192 150 2 2 Received Bad Packets 0 Received Bad Routes 0 Sent Routes 0 The following fields will be shown only if the DVMRP is enabled on the interface in question Received Bad Packets The numbe...

Page 955: ...This field is not applicable if the State is DOWN Generation ID The Generation ID value for the neighbor Major Version The major version of DVMRP protocol of neighbor Minor Version The minor version of DVMRP protocol of neighbor Capabilities The capabilities of neighbor Received Routes The number of routes received from the neighbor Rcvd Bad Pkts The number of invalid packets received from this ne...

Page 956: ...9 21 show ip dvmrp prune Shows a table in which the router s upstream prune information is listed show ip dvmrp prune Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters Group IP The multicast Address that is pruned Source IP The IP address of the source that has pruned Source Mask The network Mask for the prune source Mask is defined by 1s or a of...

Page 957: ...The expiry time in seconds which is the time left for this route to age out Up Time secs The time when a specified route was learnt in seconds PIM Commands In this section the commands used to configure the Protocol Independent Multicast Dense Mode PIM DM and the Protocol Independent Multicast Sparse Mode PIM SM are described The PIM DM and PIM SM consist of multicast routing protocols that provid...

Page 958: ...e across the router administratively The no command administratively disables the PIM Sparse mode across the router ip pim sparse no ip pim sparse Parameters None Default The default is Disabled Command Mode Global Config Example The following provides an example of the command Routing Config ip pim sparse 9 25 ip pim Enables PIM on a specific interface administratively The no command administrati...

Page 959: ...equency of hello messages between neighbors enabled for PIM back to the default value ip pim hello interval 0 18000 no ip pim hello interval Parameters None Default The default is 30 seconds Command Mode Interface Config Example The following provides an example of the command Routing Interface 0 1 ip pim hello interval 50 9 27 ip pim bsr border Prevents bootstrap router BSR messages from being tr...

Page 960: ... command take effect ip pim bsr candidate interface slot port vlan 1 4093 hash mask length bsr priority interval interval no ip pim bsr candidate interface slot port vlan 1 4093 Parameters slot port Interface number on this router from which the BSR address is derived to make it a candidate This interface must be enabled with PIM vlan 1 4093 Indicates an interface in VLAN format 1 4093 hash mask l...

Page 961: ... value determining when a given router is selected as the designated router DR The no command resets the DR Priority of the specified interface back to its default value Note Only when the Sparse mode is enabled in the Global mode will this command take effect ip pim dr priority 0 2147483647 no ip pim dr priority Parameters None Default The default is 1 Command Mode Interface Config Example The fo...

Page 962: ...rp address Defines the address for a specific multicast group range of a PIM Rendezvous point RP The no command removes the address for the specified multicast group range of the configured PIM Rendezvous point RP Note Only when the PIM SM is configured as the PIM mode will this command take effect ip pim rp address rp address group address group mask override no ip pim rp address rp address group...

Page 963: ...ured as the PIM mode will this command take effect ip pim rp candidate interface slot port vlan 1 4093 group address group mask interval interval no ip pim rp candidate interface slot port vlan 1 4093 group address group mask Parameters slot port The IP address associated with this interface type and number is advertised as a candidate RP address This interface must be enabled with PM vlan 1 4093 ...

Page 964: ...mmand take effect ip pim ssm default group address group mask no ip pim ssm default group address group mask Parameters default Defines the SSM range access list to 232 8 group address Defining the SSM Range group mask Indicates the defined SSM Range Default The default is Disabled Command Mode Global Config Example The following are examples of the command Routing Config ip pim ssm default Routin...

Page 965: ... EXEC Example Routing Config show ip mfc MFC IPv4 Mode Enabled MFC IPv6 Mode Disabled MFC Entry Count 1 Current multicast IPv4 protocol PIMSM Current multicast IPv6 protocol No protocol enabled Total software forwarded packets 0 Source address 192 168 10 5 Group address 225 1 1 1 Packets forwarded in software for this entry 0 Protocol PIM SM Expiry Time secs 206 Up Time secs 4 Incoming interface 1...

Page 966: ...ware for this entry Number of multicast packets that are forwarded in software for a specific multicast route entry Protocol Multicast Routing Protocol that has added a specific entry Expiry Time secs Expiry time for a specific Multicast Route entry in seconds Up Time secs Up Time in seconds for a specific Multicast Routing entry Incoming interface Incoming interface for a specific Multicast Route...

Page 967: ...ds in the following table will not be displayed in the command output if the PIM mode is the PIM DM dense because they are applicable only to the PIM SM PIM Mode Indicates the configured mode of the PIM protocol as dense PIM DM or sparse PIM SM Interface slot port Interface Mode Indicates whether PIM is enabled or disabled on this interface Operational Status The current state of PIM on this inter...

Page 968: ...Prefix Length The network prefix length 9 38 show ip pim interface Shows the status parameters of the PIM interface The slot port argument corresponds to either a physical routing interface or to a VLAN routing interface The keyword VLAN is utilized instead of the slot port format to directly specify the VLAN ID of the routing VLAN If an interface is not specified then the command shows the status...

Page 969: ...dicates the active PIM mode enabled on the interface is dense or sparse Hello Interval The frequency at which PIM hello messages are transmitted on this interface The default is 30 seconds Join Prune Interval The join prune interval value for the PIM router The interval is in seconds DR Priority The priority of the Designated Router configured on the interface This field is not applicable if the i...

Page 970: ...n interface in VLAN format 1 4093 Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Routing show ip pim neighbor 0 1 Neighbor Addr Interface Uptime hh mm ss Expiry Time hh mm ss DR Priority 192 168 10 2 0 1 00 02 55 00 01 15 NA Routing show ip pim neighbor Neighbor Addr Interface Uptime hh mm ss Expiry T...

Page 971: ...SR Candidate table information elected Indicates a PIM BSR Elected table information Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Routing show ip pim bsr router elected BSR Address 192 168 10 1 BSR Priority 0 BSR Hash Mask Length 30 Next Bootstrap message hh mm ss 00 00 24 Routing show ip pim bsr ro...

Page 972: ...will periodically send the C BSR advertisement messages Next Bootstrap Message Time in hours minutes and seconds in which the next bootstrap message is due from this BSR 9 41 show ip pim rp hash Shows the rendezvous point RP that has been selected for the group address specified show ip pim rp hash group address Parameters group address Indicates a group address Default The default is None Command...

Page 973: ...rder to view group to candidate RP or group to Static RP mapping information show ip pim rp mapping rp address candidate static Parameters rp address Optional Indicates an RP Address candidate Optional Indicates a group to Candidate RP mapping info static Optional Indicates a group to Static RP mapping info Default The default is None Command Mode Privileged EXEC User EXEC Example The following ar...

Page 974: ...fied Group Address The IP address of the multicast group Group Mask The subnet mask associated with the group Origin Indicates the mechanism BSR or static by which the RP was selected C RP Advertisement Interval Indicates the configured C RP Advertisement interval with which the router acting as a Candidate RP will periodically send the C RP advertisement messages to the elected BSR Next Candidate...

Page 975: ... 0 0 Tx 8 7 0 0 0 0 0 Invalid Packets Received 0 1 0 5 Rx 0 0 6 5 0 0 0 Tx 10 9 0 0 0 0 0 Invalid Packets Received 0 Routing show ip pim statistics vlan 10 Interface Stat Hello Register Reg Stop Join Pru BSR Assert CRP Vl10 Rx 0 0 0 0 0 0 0 Tx 2 0 0 0 0 0 0 Invalid Packets Received 0 Routing show ip pim statistics 1 0 5 Interface Stat Hello Register Reg Stop Join Pru BSR Assert CRP 1 0 5 Rx 0 0 6 ...

Page 976: ...ges Assert The number of PIM Assert messages CRP The number of PIM Candidate RP Advertisement messages Internet Group Message Protocol Commands In this section the commands use to view and configure Internet Group Message Protocol IGMP settings are described 9 44 ip igmp Sets the administrative mode for IGMP on a single interface range of interfaces or all interfaces in the system to active The no...

Page 977: ...pecific Queries sent out by a given interface or a range of interfaces before the router assumes that no local members are present on the interface The no command resets the number of Group Specific Queries back to the default value ip igmp last member query count 1 20 no ip igmp last member query count Parameters None Default The default is None Command Mode Interface Config 9 47 ip igmp last mem...

Page 978: ...ets the query interval for the given interface back to the default value ip igmp query interval 1 3600 no ip igmp query interval Parameters None Default The default is 125 seconds Command Mode Interface Config 9 49 ip igmp query max response time Configures the length of the maximum response time interval which is the maximum query response time advertised in IGMPv2 queries for a single interface ...

Page 979: ...have a lot of loss The no command resets the robustness value back to the default value ip igmp robustness 2 255 no ip igmp robustness Parameters None Default The default is 2 Command Mode Interface Config 9 51 ip igmp startup query count Sets the number of Queries that are sent out upon startup with the time between individual queries determined by the Startup Query Interval on the given interfac...

Page 980: ...he value of the time interval value is given in seconds The no command resets the interval between General Queries that are sent upon startup of the interface back to the default value ip igmp startup query interval 1 300 no ip igmp startup query interval Parameters None Default The default is 31 7 Command Mode Interface Config 9 53 show ip igmp Shows the system wide IGMP information show ip igmp ...

Page 981: ...ce Mode Indicates whether IGMP is enabled or disabled on the interface Operational Status The current state of IGMP on this interface Possible values are Operational or Non Operational 9 54 show ip igmp groups Shows the multicast groups registered on the interface The slot port argument corresponds to either a physical routing interface or to a VLAN routing interface The keyword VLAN is utilized i...

Page 982: ... detail keyword is used then the following fields are shown Multicast IP Address The IP address of the registered multicast group on this interface Last Reporter The IP address of the source of the last membership report received for the specified multicast group address on this interface Up Time The time elapsed since the entry was created for the specified multicast group address on this interfa...

Page 983: ...ace in VLAN format 1 4093 Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Routing show ip igmp interface 4 10 Interface Vlan10 IP address 192 150 2 2 Subnet mask 255 255 255 0 IGMP admin mode Disabled Interface Mode Disabled IGMP Version 3 Query Interval secs 125 Query Max Response Time 1 10 th of a se...

Page 984: ...ber of Queries sent out on startup separated by the Startup Query lnterval Last Member Query Interval The Maximum Response Time inserted into Group Specific Queries sent in response to Leave Group messages Last Member Query Count The number of Group Specific Queries sent before the router assumes that there are no local members 9 56 show ip igmp interface membership Shows the list of interfaces th...

Page 985: ...Pv3 Membership Report with the specified multicast group IP address This is for IGMPv1 and IGMPv2 Membership Reports Expiry Time The amount of time remaining to remove this entry before it is aged out This is for IGMPv1 and IGMPv2 Membership Reports 9 57 show ip igmp interface stats Shows the IGMP statistical information for the given interface The statistics are shown only if the interface is ena...

Page 986: ... IPv4 system to enable the system to send out IGMP host messages on behalf of those hosts that the system has discovered via standard IGMP router interfaces When the IGMP Proxy is enabled the system will behave as a proxy for all of the hosts residing on its router interfaces 9 58 ip igmp proxy Enables the IGMP Proxy on a single interface or a range of interfaces Multicast forwarding must be enabl...

Page 987: ... 9 60 ip igmp proxy reset status Resets the host interface status parameters for the given IGMP Proxy interface or for a range of interfaces The command is only valid when the user has enabled the IGMP Proxy on the interface ip igmp proxy reset status Parameters None Default The default is None Command Mode Interface Config 9 61 show ip igmp proxy Shows a summary of the host interface status param...

Page 988: ...erational Mode States whether the IGMP Proxy is operationally enabled or not This is a status parameter Version The present IGMP host version that is operational on the proxy interface Num of Multicast Groups The number of multicast groups that are associated with the IGMP Proxy interface Unsolicited Report Interval The time interval at which the IGMP Proxy interface sends unsolicited group member...

Page 989: ...output for the command Routing show ip igmp proxy interface Interface Index 0 1 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent 1 0 0 0 2 0 0 0 0 0 3 0 0 0 Display Parameters Interface Index The slot port of the IGMP proxy The column headings within the table providing information about the interface are the following Ver The IGMP version Query Rcvd Number of IGMP queries received Rep...

Page 990: ...25 4 4 4 5 5 5 48 00 02 21 DELAY_MEMBER Include 3 226 4 4 4 5 5 5 48 00 02 21 DELAY_MEMBER Include 3 227 4 4 4 5 5 5 48 00 02 21 DELAY_MEMBER Exclude 0 228 4 4 4 5 5 5 48 00 02 21 DELAY_MEMBER Include 3 Display Parameters Interface The interface number of the IGMP Proxy Group Address The IP address of the multicast group Last Reporter The IP address of host that last sent a membership report for t...

Page 991: ...yed show ip igmp proxy groups detail Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Routing show ip igmp proxy groups Interface Index 0 1 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 4 4 4 5 5 5 48 00 02 21 DELAY_MEMBER Include 3 Group Source List Expiry Tim...

Page 992: ...nt a membership report for the current group on the network attached to the IGMP Proxy interface upstream interface Up Time in secs The time elapsed since last created Member State The status of the entry Possible values are IDLE_MEMBER or DELAY_MEMBER IDLE_MEMBER interface has responded to the latest group membership query for this group DELAY_MEMBER interface is going to send a group membership ...

Page 993: ...o be reset to factory defaults IPv6 Multicast Forwarder 10 1 ipv6 mroute Configures an IPv6 Multicast Static Route for a source The no command removes the configured IPv6 Multicast Static Route ipv6 mroute src ip addr src mask rpf addr interface preference no ipv6 mroute src ip addr Parameters src ip addr The IP address of the multicast source network src mask The IP mask of the multicast data sou...

Page 994: ...r specified source IPv6 address source address Indicates the source IPv6 address grpaddr Optional Indicates the group source IPv6 address summary Optional the IPv6 multicast routing table summary Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters lf the detail parameter is used then the command will cause the following Multicast Route Table fields to be displayed...

Page 995: ...ndicates the IPv6 multicast routing table details summary Indicates the IPv6 multicast routing table summary Default The default is None Command Mode Privileged EXEC User EXEC Display Parameters Source IP Addr Indicates the IP address of the multicast data source Group IP Addr Indicates the IP address of the destination of the multicast packet Protocol Indicates the multicast routing protocol by w...

Page 996: ...e time elapsed since the entry was created in seconds RPF Neighbor The IP address of the RPF neighbor Flags The flags associated with this entry lf the summary parameter is used then the command will cause the following column headings to be displayed in the output table Source IP Addr The IP address of the multicast data source Group IP Addr The IP address of the destination of the multicast pack...

Page 997: ...This is valid if the RPF address is a link local address Preference The administrative distance for this Static MRoute 10 6 clear ipv6 mroute Deletes all of the IPv6 multicast route entries or the specified IPv6 multicast route entries Note Only dynamic mroute entries are cleared by this command Static mroute entries will not be cleared by it clear ipv6 mroute group address source address Paramete...

Page 998: ...clear ip mroute FF4E 1 2001 2 IPv6 PIM Commands In this section the commands used to configure the Protocol Independent Multicast Dense Mode PIM DM and the Protocol Independent Multicast Sparse Mode PIM SM for IPv6 multicast routing are described The PIM DM and PIM SM consist of multicast routing protocols that provide scalable inter domain multicast routing via the Internet that is independent of...

Page 999: ... Disabled Command Mode Global Config Example The following provides an example of the command Routing Config ipv6 pim sparse 10 9 ipv6 pim Enables PIM on a specific interface or range of interfaces administratively The no command sets the administrative mode of the PIM on an interface to disabled ipv6 pim no ipv6 pim Parameters None Default The default is Disabled Command Mode Interface Config Exa...

Page 1000: ...efault is 30 Command Mode Interface Config Example The following provides an example of the command Routing Interface 0 1 ipv6 pim hello interval 50 10 11 ipv6 pim bsr border Prevents bootstrap router BSR messages from being transmitted or received on a specific interface The no command disables the setting of a BSR border on the given interface Note Only when the PIM SM is enabled in the Global m...

Page 1001: ...t port lnterface number on this router from which the BSR address is derived to make it a candidate This interface must be enabled with PIM vlan Indicates an interface in VLAN format 1 4093 hash mask length Length of a mask 32 bits maximum that is to be ANDed with the group address before the hash function is called All groups with the same seed hash correspond to the same RP For example if this v...

Page 1002: ...ority Parameters None Default The default is 1 Command Mode lnterface Config Example The following is an example of the CLI display output for the command Routing Interface 0 1 ipv6 pim dr priority 10 10 14 ipv6 pim join prune interval Configures the frequency with which PIM Join Prune messages are sent on a specific interface The length of the join prune interval is specified in seconds The no co...

Page 1003: ...oup mask override Parameters rp address The IPv6 address of the RP group address The group address supported by the RP group mask The group mask for the group address override Optional Indicates that if there is a conflict the RP configured with this command prevails over the RP learned by BSR Default The default is 0 Command Mode Global Config Example The following provides an example of the comm...

Page 1004: ...ress that is advertised in association with the RP address group mask The multicast group prefix that is advertised in association with the RP address interval interval Optional Indicates the RP candidate advertisement interval The range is from 1 to 16383 seconds The default value is 60 seconds Default The default is Disabled Command Mode Global Config Example The following are examples of the co...

Page 1005: ...ault The default is Disabled Command Mode Global Config Example The following are example of the command Routing Config ipv6 pim ssm default Routing Config ipv6 pim ssm ff32 32 10 18 show ipv6 pim Shows the system wide information for the PIM DM or the PIM SM show ipv6 pim Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the ...

Page 1006: ...PIM Display Parameters Note Some of the fields in the following table will not be displayed in the command output if the PIM mode is the PIM DM dense because they are applicable only to the PIM SM PIM Mode Indicates whether the PIM mode is dense PIM DM or sparse PIM SM Interface slot port Interface Mode Indicates whether PIM is enabled or disabled on this interface Operational Status The current s...

Page 1007: ...e SSM group Prefix Length The network prefix length 10 20 show ipv6 pim interface Shows the interface information for PIM on a specific interface The slot port argument corresponds to either a physical routing interface or to a VLAN routing interface The keyword VLAN is utilized instead of the slot port format to directly specify the VLAN ID of the routing VLAN If an interface is not specified the...

Page 1008: ...es whether the PIM mode enabled on the interface is dense or sparse Hello Interval The frequency at which PIM hello messages are transmitted on this interface The default is 30 seconds Join Prune Interval The join prune interval for the PIM router The interval is in seconds DR Priority The priority of the Designated Router configured on the interface This field is not applicable if the interface m...

Page 1009: ...1 4093 Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Routing show ipv6 pim neighbor Neighbor Addr Interface Up Time Expiry Time DR Priority hh mm ss hh mm ss fe80 200 52ff feb7 58ac 0 21 00 00 03 00 01 43 0 DR The following message will be displayed if no neighbors have been learned by any of the int...

Page 1010: ... of the CLI display output for the command Routing show ipv6 pim bsr router elected BSR Address 3001 1 BSR Priority 150 BSR Hash Mask Length 120 Next Bootstrap message hh mm ss 00 00 15 Routing show ipv6 pim bsr router candidate BSR Address 3001 1 BSR Priority 150 BSR Hash Mask Length 120 C BSR Advertisement Interval secs 60 Next Bootstrap message hh mm ss NA The following message will be displaye...

Page 1011: ...ap message is due from this BSR 10 23 show ipv6 pim rp hash Shows the rendezvous point RP that is being used for a specified group show ipv6 pim rp hash group address Parameters group address The IPv6 multicast address of the SSM group Default The default is None Command Mode Privileged EXEC User EXEC Example The following is an example of the CLI display output for the command Routing show ipv6 p...

Page 1012: ...dicates the RP Address of the active rendezvous point candidate Optional Indicates the group to the candidate RP mapping info static Optional Indicates the group to static RP mapping info Default The default is None Command Mode Privileged EXEC User EXEC Example The following are examples of the CLI display output for the command Routing show ipv6 pim rp mapping 2001 1 RP Address 2001 1 Group Addr...

Page 1013: ...P sends the C RP advertisement messages to the elected BSR based on a scheduled interval IPv6 MLD Commands IGMP MLD Snooping is a type of Layer 2 functionality but IGMP MLD consist of Layer 3 multicast protocols Their use requires that a network setup should have a multicast router which can serve as a querier present in order to solicit the multicast group registrations However some types of netw...

Page 1014: ... 1 3600 no ipv6 mld query interval Parameters None Default The default is 125 seconds Command Mode Interface Config 10 27 ipv6 mld query max response time Sets the maximum response time of the MLD querier for a single interface or a range of interfaces with this value being used to assign the maximum response time for the query messages sent on the interface or interfaces in question The no comman...

Page 1015: ...ault value ipv6 mld last member query interval 0 65535 no ipv6 mld last member query interval Parameters None Default The default is 1 000 milliseconds Command Mode Interface Config 10 29 ipv6 mld last member query count Sets the number of listener specific queries that will be sent out before the router assumes that no local members are present on a single interface or a range of interfaces The n...

Page 1016: ...abled on at least one interface Otherwise there will be no group information available to display The slot port argument corresponds to either a physical routing interface or to a VLAN routing interface The keyword VLAN is utilized instead of the slot port format to directly specify the VLAN ID of the routing VLAN show ipv6 mld groups slot port vlan 1 4093 group address Parameters slot port Indica...

Page 1017: ...ss of the multicast group Interface Interface through which the multicast group is reachable Up Time Time elapsed in hours minutes and seconds since the multicast group has been known Expiry Time Time left in hours minutes and seconds before the entry is removed from the MLD membership table When the group address is specified the following fields will be displayed for each multicast group and for...

Page 1018: ...hows the MLD related information for the interface in question The slot port argument corresponds to either a physical routing interface or to a VLAN routing interface The keyword VLAN is utilized instead of the slot port format to directly specify the VLAN ID of the routing VLAN show ipv6 mld interface slot port vlan 1 4093 Parameters slot port Indicates an interface in slot port format vlan Indi...

Page 1019: ...he configured maximum query response time in seconds advertised in MLD queries on this interface Robustness Displays the configured value for the tuning of the expected packet loss on a subnet attached to the interface Startup Query Interval This valued indicates the configured interval between General Queries sent by a Querier on startup Startup Query Count This value indicates the configured num...

Page 1020: ...s interface Number of Groups The current number of membership entries for this interface 10 33 show ipv6 mld traffic Shows the MLD statistical information for the router show ipv6 mld traffic Parameters None Default The default is None Command Mode Privileged EXEC User EXEC Example The following shows an example of the command Routing show ipv6 mld traffic Valid MLD Packets Received 0 Valid MLD Pa...

Page 1021: ...eaves received by the router Leaves Sent The number of valid MLD leaves sent by the router Bad Checksum MLD Packets The number of bad checksum MLD packets received by the router Malformed MLD Packets The number of malformed MLD packets received by the router 10 34 clear ipv6 mld counters Resets the MLD counters for the specified interface to zero clear ipv6 mld slot port Parameters slot port Indic...

Page 1022: ... on the interface or range of interfaces To enable MLD Proxy on the interface you must enable multicast forwarding Also make sure that there are no other multicast routing protocols enabled n the router Use the no command to disable MLD Proxy on the router ipv6 mld proxy no ipv6 mld proxy Parameters None Default The default is None Command Mode Interface Config 10 37 ipv6 mld proxy unsolicit rprt ...

Page 1023: ...parameters of the MLD Proxy interface or range of interfaces This command is only valid when you enable MLD Proxy on the interface ipv6 mld proxy reset status Parameters None Default The default is None Command Mode Interface Config 10 39 show ipv6 mld proxy Use this command to display a summary of the host interface status parameters show ipv6 mld proxy Parameters None Default The default is None...

Page 1024: ... or disabled This is a status parameter Version The present MLD host version that is operational on the proxy interface Number of Multicast Groups The number of multicast groups that are associated with the MLD Proxy interface Unsolicited Report Interval The time interval at which the MLD Proxy interface sends unsolicited group membership report Querier IP Address on Proxy Interface The IP address...

Page 1025: ...e Index The slot port of the MLD proxy The column headings of the table associated with the interface are as follows Ver The MLD version Query Rcvd Number of MLD queries received Report Rcvd Number of MLD reports received Report Sent Number of MLD reports sent Leaves Rcvd Number of MLD leaves received Valid for version 2 only Leaves Sent Number of MLD leaves sent on the Proxy interface Valid for v...

Page 1026: ...oxy Group Address The IP address of the multicast group Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the latest group membership query for...

Page 1027: ...e Sources FF1E 1 FE80 100 2 3 244 DELAY_MEMBER Exclude 2 Group Source List Expiry Time 2001 1 00 02 40 2002 2 Group Address Last Reporter Up Time Member State Filter Mode Sources FF1E 2 FE80 100 2 3 243 DELAY_MEMBER Include 1 Group Source List Expiry Time 3001 1 00 03 32 3002 2 00 03 32 Group Address Last Reporter Up Time Member State Filter Mode Sources FF1E 3 FE80 100 2 3 328 DELAY_MEMBER Exclud...

Page 1028: ...Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the latest group membership query for this group DeIay_Member The interface is going to send a group membership report to respond to a group membership query for this group Filter Mode Possible values are Include or Exclude Sources The number of sources attached t...

Page 1029: ...instance of BGP can be run and the router can only belong to a single AS Use the no command to set BGP to disabled and all BGP configuration reverts to default values Alternatively you can use no enable BGP in BGP Router Configuration mode to disable BGP globally without clearing the BGP configuration router bgp as number no router bgp as number Parameters as number The router s autonomous system ...

Page 1030: ...9 seconds allows communities to be sent for both IPv4 and lPv6 routes and configures different inbound and outbound route maps for IPv4 and IPv6 Two neighbors 172 20 1 2 and 172 20 2 2 inherit these parameters from the template R1 ConFig rourer bgp 65000 R1 Config router neighbor 172 20 1 2 remote as 65001 R1 Config router neighbor 172 20 2 2 remote as 65001 R1 Config router template peer AGGR R1 ...

Page 1031: ...ipv4 vrf vrf name no address family ipv4 vrf vrf name Parameters vrf vrf name Indicates the name of the virtual router to configure Default The default is a disabled VRF configuration Command Mode BGP Router Config 11 4 address family ipv6 To enter IPv6 Address Family Configuration mode in order to specify IPv6 specific configuration parameters use the address family ipv6 command in BGP Router Con...

Page 1032: ...is mode address family vpnv4 unicast no address family vpnv4 unicast Parameters None Default The default is a disabled VPNv4 address family Command Mode BGP Router Config Example The following example shows how to enter the VPNv4 address family mode and configure neighbor commands Router Config router bgp 10 Router Config router neighbor 1 1 1 1 remote as 10 Router Config router address family vpn...

Page 1033: ...econds no advertisement interval Parameters ip address The neighbor s IP address seconds The minimum time between route advertisement in seconds The range is from 0 to 600 seconds Default The default is as follows 30 seconds for external peers 5 seconds for internal peers Command Mode BGP Router Config 11 7 advertisement interval IPv6 Address Family Config In IPv6 Address Family mode this command ...

Page 1034: ...prefix Any received packets that match the summary prefix but not a more specific route match the reject route and are dropped BGP accepts up to 128 summary addresses for each address family Use the no command to delete a summary address for BGP The address mask is a summary prefix and mask aggregate address address mask ipv6 prefix pfx len as set summary only no aggregate address address mask Par...

Page 1035: ...each address family Use the no command to delete a summary address for BGP The address mask is a summary prefix and mask aggregate address address mask as set summary only no aggregate address address mask Parameters address mask Summary IPv4 prefix and mask The default route 0 0 0 0 0 0 0 0 cannot be configured as an aggregate address The mask cannot be a 32 bit mask 255 255 255 255 The combinati...

Page 1036: ...erent meds no bgp aggregate different meds Parameters None Default The default is a matching MED val for all routes aggregated by a given aggregate address Command Mode BGP Router Config IPv6 Address Family Config IPv4 VRF Address Family Config 11 11 bgp always compare med To compare MED values during the decision process in paths received from different ASs use the bgp always compare med command ...

Page 1037: ...tting to avoid ignoring AS PATH length in BGP best path calculations Command Mode BGP Router Config IPv6 Address Family Config IPv4 VRF Address Family Config 11 13 bgp client to client reflection By default a route reflector reflects routes received from its clients to its other clients However if a route reflector s clients have a full BGP mesh the route reflector does not reflect to the clients ...

Page 1038: ...e no form of this command A route reflector and its clients form a cluster Since a cluster with a single route reflector has a single point of failure a cluster may be configured with multiple route reflectors To avoid sending multiple copies of a route to a client each route reflector in a cluster should be configured with the same cluster ID Route reflectors with the same cluster ID must have th...

Page 1039: ...e default value of local preference of the BGP router bgp default local preference number no bgp default local preference Parameters number The value to use as the local preference for routes advertlsed to internal peers The range is 0 to 4 294 967 295 Default The default is 100 When the command is not given BGP advertises a local preference of 100 in Update messages to internal peers Command Mode...

Page 1040: ...default is Enabled Command Mode BGP Router Config IPv4 VRF Address Family Config 11 18 bgp listen Use this command to activate the IPv4 BGP dynamic neighbors feature and create an IPv4 or IPv6 listen range and associate it with a specified peer template Use limit max number to define the global maximum number of IPv4 BGP dynamic neighbors that can be created BGP dynamic neighbors are configured us...

Page 1041: ...et range and inherited with dynamically created neighbors The template will be inherited with dynamically created neighbors Default The default is as follows BGP dynamic neighbor inactive subnets are not associated with a BGP listen subnet range Command Mode BGP Router Config IPv6 Address Family Config Example The following commands show how to create a listen range with a template to be inherited...

Page 1042: ... from its neighbors bgp maxas limit number no bgp maxas limit Parameters number The maximum length of an AS PATH that BGP will accept from any of its neighbors The length is the number of autonomous systems listed in the path The limit may be set to any vaIue from 1 to 100 Default The default is as follows D Link OS BGP configuration accepting AS PATHs containing up to 75 AS numbers Command Mode B...

Page 1043: ...Pv6 depending on the mode By default BGP does not originate a default route If a default route is redistributed into BGP BGP does not advertise the default route unless the default information originate command has been given The always option is disabled by default Use the no command to disable BGP from originating a default route default information originate always no default information origin...

Page 1044: ...sed if the Adj RIB Out does not include a default learned by other means either from the default information originate command or a default learned from a peer This type of default origination is not conditioned on the presence of a default route in the routing table This form of default origination does not install a default route in the BGP routing table it will not appear in the show ip bgp com...

Page 1045: ...ult route in the BGP routing table it will not appear in the show ip bgp command nor does it install a default route in the Adj RIB Out for the update group of peers so configured it will not appear in the show ip bgp neighbors advertised routes command Origination of the default route is not subject to a prefix filter configured with the command distribute list prefix out A route map may be confi...

Page 1046: ...u must force a hard reset of affected neighbors Use the no command to set the preference of BGP routes to the default distance distance prefix wildcard mask prefix list no distance distance prefix wildcard mask prefix list Parameters distance The preference value for matching routes The range is 1 to 255 prefix wildcard mask Optional Routes learned from BGP peers whose address falls within this pr...

Page 1047: ... not be selected as best routes and used for forwarding The change to the default BGP distances does not affect existing routes To apply a distance change to existing routes you must force the routes to be deleted from the RIB and relearned either by resetting the peers from which the routes are learned or by disabling and reenabling BGP Use the no command to set the default route preference value...

Page 1048: ...he preference value for locally originated routes The range is 1 to 255 Default The default is as follows external 20 internal 200 local 200 Command Mode IPv4 VRF Address Family Config 11 29 distance BGP IPv6 Address Family Config Use this command to set the preference also known as administrative distance for eBGP iBGP and locally originated BGP IPv6 routes Different distance values can be config...

Page 1049: ...es permitted by the prefix list are accepted If the command refers to a prefix list that does not exist the command is accepted and all routes are permitted Use the no command to disable a filter that restricts the routes that BGP accepts from all neighbors based on destination prefix distribute list prefix list name in no distribute list prefix list name in Parameters list name A prefix list used...

Page 1050: ...from that source Only routes that pass the distribute list are redistributed The protocol value may be either rip or ospf Default The default is as follows distribute lists are not defined Command Mode BGP Router Config IPv4 VRF Address Family Config 11 32 enable BGP This command globally enables BGP while retaining the configuration BGP is enabled by default once you specify the local AS number w...

Page 1051: ...eters as path list number Identifies an AS PATH list in The AS PATH list is applied to advertisements received from the neighbor out The AS PATH list is applied to advertisements to be sent to the neighbor Default The default is as follows neighbor filter lists are not defined Command Mode BGP Router Config 11 34 filter list IPv6 Address Family Config This command filters BGP to apply an AS PATH a...

Page 1052: ...avior configured globally If permit is specified the feature is enabled on the interface regardless of the global configuration If deny is specified the feature is disabled on the interface regardless of the global configuration Use the no command to unconfigure the feature on the interface and the interface uses the global setting ip bgp fast external failover permit deny no ip bgp fast external ...

Page 1053: ...ess the platform or Security Device Manager SDM template further restricts the range Default The default is a single next hop for BGP Command Mode BGP Router Config 11 37 maximum paths IPv4 VRF Address Family Config Use this command to specify the maximum number of next hops BGP may include in an Equal Cost Multipath ECMP route derived from paths received from neighbors outside the local autonomou...

Page 1054: ...no maximum paths Parameters number of paths The maximum number of next hops in a BGP route The range is from 1 to 32 unless the platform or SDM template further restricts the range Default The default is a single next hop for BGP Command Mode IPv6 Address Family Config 11 39 maximum paths igbp BGP Router Config Use this command to specify the maximum number of next hops BGP may include in an Equal...

Page 1055: ... to the default the number of next hops BGP may include in an ECMP route derived from paths received from neighbors within the local autonomous system maximum paths igbp number of paths no maximum paths igbp Parameters number of paths The maximum number of next hops in a BGP router The range is from 1 to 32 unless the platform or SDM template further restricts the range Default The default is a si...

Page 1056: ...he neighbor The neighbor can also be brought back up using the neighbor route map BGP Router Config command followed by the command no neighbor shutdown Issue this command in Address Family Configuration Mode to add it to a peer template Use the no command to revert to the default value for the maximum the number of prefixes that BGP will accept from a specified neighbor maximum prefix maximum unl...

Page 1057: ...ration Mode to add it to a peer template Use the no command to revert to the default value for the maximum the number of prefixes that BGP will accept from a specified neighbor maximum prefix maximum unlimited threshold warning only no maximum prefix Parameters maximum The maximum r of prefixes BGP will accept from this neighbor Range is 0 to the maximum numb of routes the router supports unlimite...

Page 1058: ... address in dotted notation Default The default is as follows VPNv4 prefixes are not sent to the neighbor Command Mode IPv4 VRF Address Family Config Example The following example enables the exchange of IPv4 VRF prefixes with the external peer at 1 1 1 1 Config router bgp 1 Config router neighbor 1 1 1 1 remote as 2 Config router address family vpnv4 unicast Config router af vpnv4 neighbor 1 1 1 ...

Page 1059: ... router exit Routing Config route map SET V6 NH permit 10 Routing route map set ipv6 next hop 2001 1 200 1 11 46 neighbor advertisement interval BGP Router Config Use this command to configure the minimum time that must elapse between advertisements of the same route to a given neighbor RFC 4271 recommends the interval for internal peers be shorter than the interval for external peers to enable fa...

Page 1060: ...ate of route advertisement If BGP changes the route to a destination multiple times while waiting for the advertisement interval to expire only the final result is advertised to the neighbor D LINK OS BGP enforces the advertisement interval by limiting how often phase 3 of the decision process can run for each update group The interval applies to withdrawals as well as active advertisements Use th...

Page 1061: ...nfigure the initial connection retry time for a specific neighbor If a neighbor does not respond to an initial TCP connection attempt D LINK OS retries three times The first retry is after the retry interval configured with neighbor connect retry interval Each subsequent retry doubles the previous retry interval So by default the TCP connection is retried after 2 4 and 8 seconds If none of the ret...

Page 1062: ...ubles the previous retry interval So by default the TCP connection is retried after 2 4 and 8 seconds If none of the retries is successful the adjacency is reset to the IDLE state and the IDLE hold timer is started BGP skips the retries and transitions to IDLE state if TCP returns an error such as destination unreachable on a connection attempt Issue this command in Peer Template Configuration Mod...

Page 1063: ...s on the default route sent to the neighbor If the route map includes a match ip address term that term is ignored If the route map includes match community or match as path terms the default route is not advertised If there is no route map with the route map name given the default route is not advertised Use the no command to prevent BGP from originating a default route to a specific neighbor nei...

Page 1064: ...ess default originate if default present route map map name Parameters ip address The neighbor s IPv4 address if default present Optional Use to route the originate default route to a specific neighbor only when the default route exists in the routing table route map map name Optional A route map may be configured to set attributes on the default route advertised to the neighbor Default The defaul...

Page 1065: ...p map name Optional A route map may be configured to set attributes on the default route advertised to the neighbor Default The default is No Default originated Command Mode IPv6 Address Family Config 11 54 neighbor description Use this command in BGP Router Config mode to record a text description of a neighbor The description is informational and has no functional impact Use the no command to de...

Page 1066: ...ipv6 address interface interface name autodetect interface interface name ebgp multihop hop count no neighbor ip address ipv6 address interface interface name autodetect interface interface name ebgp multihop Parameters ip address The neighbor s IPv4 address ipv6 address The neighbor s IPv6 address interface interface name Optional If the neighbor s IPv6 address is a link local address the local i...

Page 1067: ...todetect interface interface name The routing interface on which the neighbor s link local IPv6 address is auto detected hop count The maximum hop count allowed to reach the neighbor The allowed range is 1 255 Default The default is 1 Command Mode IPv4 VRF Address Family Config Example Routing Config router bgp 65000 Routing Config router neighbor 172 20 1 2 remote as 65001 Routing Config router n...

Page 1068: ...ts to or from a specific neighbor according to the advertisements AS PATH Only a single AS PATH list can be configured in each direction for each neighbor If you invoke the command a second time for a given neighbor the new AS PATH list number replaces the previous AS PATH list number lf you assign a neighbor filter list to a nonexistent AS PATH access list all routes are filtered Use the no comma...

Page 1069: ...H list in The AS PATH list is applied to advertisements received from the neighbor out The AS PATH list is applied to advertisements to be sent to the neighbor Default The default is No Neighbor Filter Lists configured Command Mode IPv6 Address Family Config 11 60 neighbor inherit peer BGP Router Config To configure a BGP peer to inherit peer configuration parameters from a peer template use the n...

Page 1070: ...er template peer AGGR Routing Config rtr tmp timers 3 9 Routing Config rtr tmp address family ipv4 Routing Config rtr tmp af send community Routing Config rtr tmp af route map RM4 IN in Routing Config rtr tmp af route map RM4 OUT out Routing Config rtr tmp af exit Routing Config rtr tmp exit Routing Config router neighdor 172 20 1 2 inherit peer AGGR Routing Config router neighdor 172 29 2 2 inher...

Page 1071: ...ig router neighbor 172 29 2 2 remote as 65001 Routing Config router template peer AGGR Routing Config rtr tmp timers 3 9 Routing Config rtr tmp address family ipv4 Routing Config rtr tmp af send community Routing Config rtr tmp af route map RM4 IN in Routing Config rtr tmp af route map RM4 OUT out Routing Config rtr tmp af exit Routing ConFig rtr tmp exit Routing Config router neighbor 172 20 1 2 ...

Page 1072: ...fig router bgp 65000 Routing Config router neighbor 172 20 1 2 remote as 65001 Routing Config router neighbor 172 20 1 2 local as 65002 no prepend replace as Routing Config router neighbor 2001 2 remote as 65003 Routing Config router neighbor 2001 2 local as 65002 no prepend replace as 11 63 neighbor local as IPv4 VRF Address Family Config To configure BGP to advertise the local as instead of the ...

Page 1073: ...e neighbor including prefixes that are rejected by inbound policy If the peering session is shut down the adjacency stays down until the clear ip bgp command is issued for the neighbor The neighbor can also be brought back up using the neighbor route map BGP Router Config command followed by the command no neighbor shutdown Use the no command to revert to the default value for the maximum the numb...

Page 1074: ...the command no neighbor shutdown Use the no command to revert to the default value for the maximum the number of prefixes that BGP will accept from a specified neighbor neighbor ip address maximum prefix maximum unlimited threshold warning only no neighbor ip address maximum prefix Parameters ip address The neighbor s IPv4 address maximum The maximum number of prefixes BGP will accept from this ne...

Page 1075: ...efixes received from the neighbor exceeds this percentage of the maximum BGP writes a log message The range is 1 to 100 percent The default is 75 warning only Optional If BGP receives more than the maximum number of prefixes BGP accepts the excess prefixes and writes a log message rather than shutting down the adjacency Default The default is Prefix Limit maximum number of supported routes in the ...

Page 1076: ...ternal peer When the next hop attribute in routes from external peers is retained internal peers must have a route to the external peer s IP address This is commonly done by configuring the IGP on the border router to advertise the external or DMZ subnet The next hop self option eliminates the need to advertise the external subnet in the IGP Use the no command to disable the peer as the next hop f...

Page 1077: ... on both peers The same password must be configured on both peers After a TCP connection is established if the password on one end is changed then the password on the other end must be changed to match before the hold time expires With default hold times both passwords must be changed within 120 seconds to guarantee the connection is not dropped Issue this command in Peer Template Configuration Mo...

Page 1078: ... must be changed to match before the hold time expires With default hold times both passwords must be changed within 120 seconds to guarantee the connection is dropped Use the no command to disable MD5 authentication of TCP segments sent to and received from a neighbor neighbor ip address autodetect interface Interface name password string no neighbor ip address autodetect interface Interface name...

Page 1079: ...outer Config 11 73 neighbor remote as BGP Router Config This command configures a neighbor and identifies the neighbor s autonomous system The neighbor s AS number must be specified when the neighbor is created Up to 256 neighbors may be configured inheriting a template with the remote as parameter automatically creates the neighbor if the neighbor does not exist Use the no command to unconfigure ...

Page 1080: ...es not exist Use the no command to unconfigure neighbors neighbor ipv4 address ipv6 address interface interface name autodetect interface interface name remote as as number no neighbor ipv4 address ipv6 address interface interface name autodetect interface interface name remote as Parameters ipv4 address The neighbor s IPv4 address ipv6 address The neighbor s IPv6 address interface interface name ...

Page 1081: ...private as Parameters ip address The neighbor s IPv4 address all replace as Optional To retain the original AS PATH length replace each Private AS number with the local AS number Default The default is Private AS numbers not removed Command Mode BGP Router Config 11 76 neighbor remove private as IPv4 VRF Address Family Config Use this command in router configuration mode to remove private AS numbe...

Page 1082: ...l AS PATH includes any non private AS numbers The AS PATH advertised to the external peer always includes at least one instance of the local AS number therefore removing private AS numbers never results in advertisement of an empty AS_PATH attribute AS numbers from 64512 to 65535 inclusive are considered private Although 65535 is a reserved ASN and not technically part of the private range it is t...

Page 1083: ...IPv6 neighbors enabled Command Mode BGP Router Config Example The following shows an example of the command Routing configure Routing Config router bgp 100 Routing Config router neighbor 2001 2 rfc5549 support 11 79 neighbor route map BGP Router Config To apply a route map to incoming or outgoing routes for a specific neighbor use the neighbor route map command in Router Configuration mode A route...

Page 1084: ... list Use the no command to remove the route map neighbor ip address route map map name in out no neighbor ip address route map map name in out Parameters ip address The neighbor s IP address map name The name of the route map to be applied in out Whether the route map is applied to incoming or outgoing routes Default The default Route Maps are not applied Command Mode IPv4 VRF Address Family Conf...

Page 1085: ...automatically makes the router a route reflector If you configure multiple route reflectors within a cluster you must configure each route reflector in the cluster with the same cluster ID Use the bgp cluster id command to configure a cluster ID An external peer may not be configured as a route reflector client When reflecting a route BGP ignores the set statements in an outbound route map to avoi...

Page 1086: ...ss The neighbor s IPv4 address Default The default is Peers are not route reflector clients Command Mode IPv4 VRF Address Family Config 11 84 neighbor route reflector client IPv6 Address Family Config Use this command in IPv6 Addres Family Config mode to configure an internal peer as an IPv6 route reflector client Normally a router does not readvertise BGP routes received from an internal peer to ...

Page 1087: ... same IP address used in the neighbor remote as command to create the peer Use the no command to disable the exchange of VPNv4 prefixes with the neighbor neighbor ip address send community extended both no neighbor ip address send community Parameters ip address The neighbor s IPv4 address extended both Optional One of the following extended enables the router to send only extended community attri...

Page 1088: ...e neighbor s IPv4 or IPv6 address Default The default is Communities Attribute is not sent to neighbors Command Mode BGP Router Config IPv4 VRF Address Family Config IPv6 Address Family Config 11 87 neighbor send community IPv4 VRF Address Family Config To configure the local router to send the BGP community attributes in Update messages to a specific neighbor use the neighbor send community comma...

Page 1089: ... address on the link that connects the two peers If the neighbor s IPv6 address is a link local address the local interface must also be specified interface interface name Optional Specify the local interface interface name when the neighbor s IPv6 address is a local link address autodetect interface interface name The routing interface on which the neighbors link local IPv6 address is auto detect...

Page 1090: ... the ESTABLISHED state A new keepalive or hold time is applied the next time an adjacency is formed Issue this command in Peer Template Configuration Mode to add it to a peer template Use the no command to revert the keep alive and hold time for a peer to their defaults After executing this command the BGP peer must be reset before the changes will take effect neighbor ipv4 address ipv6 address in...

Page 1091: ...d the next time an ad adjacency is formed Issue this command in Peer Template Configuration Mode to add it to a peer template Use the no command to revert the keep alive and hold time for a peer to their defaults After executing this command the BGP peer must be reset before the changes will take effect neighbor ipv4 address autocletect interface interface name timers keepalive holdtime no neighbo...

Page 1092: ...interface goes down Issue this command in Peer Template Configuration Mode to add it to a peer template Use the no command to configure BGP to use the primary IPv4 address on the outgoing interface to the neighbor for the TCP connection neighbor ipv4 address ipv6 address interface interface name autodetect interface interface name update source interface no neighbor ipv4 address ipv6 address inter...

Page 1093: ...ource option is not allowed for eBGP peers as this requires multi hop eBGP to be working Multi hop eBGP is not supported Issue this command in Peer Template Configuration Mode to add it to a peer template Use the no command to configure BGP to use the primary IPv4 address on the outgoing interface to the neighbor for the TCP connection neighbor ipv4 address autodetect interface interface name upda...

Page 1094: ...efix An IPv4 address Prefix in dotted notation mask network mask The network mask for the prefix in dotted quad notation e g 255 255 0 0 route map rm name Optional A route map can be used to set path attributes on the route Default The default is Networks are not advertised Command Mode BGP Router Config IPv4 VRF Address Family Config 11 95 network IPv6 Address Family Config This command identifie...

Page 1095: ...lobally unique VPNv4 prefixes An RD is either 2 byte ASN related Composed of an autonomous system number and an arbitrary number IP address related Composed of an IP address and an arbitrary number 4 byte ASN related Composed of an 4 byte autonomous system number and an arbitrary number Note This command is effective only if BGP is running on the router The RD for a VRF once configured cannot be r...

Page 1096: ...fault route cannot be redistributed unless the default information originate command is given If a route map is configured match as path and match community terms are ignored If no route map is configured with the name given no prefixes are redistributed Use the no command to remove the configuration for the redistribution for BGP protocol from the specified source protocol routers The command no ...

Page 1097: ...e configured to redistributed in the kernel The following CLI commands in both IPv4 and Pv6 BGP Router mode use the kernel option Routing Config router bsp 65401 Routing Config router redistribute cr Press enter to execute the command connected Configure redistribution of Connected routes kernel Configure redistribution of Kernel routes ospf Configure redistribution of OSPF routes rip Configure re...

Page 1098: ...BGP advertises the prefix with the Muiti Exit Discriminator path attribute set to the configured value If this option is not specified but a default metric is configured for BGP the MED is set to the default metric If a default metric is not configured the prefix is advertised without a MED attribute match Optional If you configure BGP to redistribute OSPF routes BGP by default only redistributes ...

Page 1099: ...default metric If a default metric is not configured the prefix is advertised without a MED attribute match Optional If you configure BGP to redistribute OSPF routes BGP by default only redistributes internal routes OSPF intra area and inter area routes Use the match option to configure BGP to also redistribute specific types of external routes or to disable redistribution of internal OSPF routes ...

Page 1100: ...irst route reflector client automatically makes the router a route reflector lf you configure multiple route reflectors within a cluster you must configure each route reflector in the cluster with the same cluster ID Use the bgp cluster id command to configure a cluster ID An external peer may not be configured as a route reflector client When reflecting a route BGP ignores the set statements in a...

Page 1101: ...t comm The route target extended community attributes to be added to the list of import export or both import and export route target extended communities The route target specifies a target VPN extended community Like a route distinguisher the route target extended community can be specified in one of the following formats 16 bit AS number your 32 bit value Ex 100 11 32 bit IPv4 address your 16 b...

Page 1102: ...r is created Use the no command to delete a peer template template peer name no template peer name Parameters name The name of the template The name may be no more than 32 characters Default The default is Peer templates are not configured Command Mode BGP Router Config Example The following shows an example of the command Routing ConFig router bgp 65000 Routing Config router neighbor 172 20 1 2 r...

Page 1103: ...the routing updates vlan id Specifies the VLAN identifier for the interface update source interface The primary IPv4 address on this interface is used as the source IP address for the TCP connection with the neighbor Default The default is TCP connections when an update source is not configured use the primary IPv4 address on the outgoing interface to the neighbor Command Mode Peer Template Config...

Page 1104: ...pplied Whenever policies route maps prefix lists as path lists or neighbor attributes like send community remove private asn etc are modified by the user the policies are scheduled to be applied after the current delay timeout Whenever the delay is configured by the user the pending polic ges if any are rescheduled with the new delay if the previous delay timeout is not expired yet Configuring the...

Page 1105: ...isten range network length soft in out Parameters vrf vrf name Optional The name of the VRF instance Reset adjacency with every BGP peer as number Only reset adjacencies with BCP peers in the given autonomous system ipv4 address Only reset the adjacency with a single specified peer with a given IPv4 peer address ipv6 address Only reset the adjacency with a single specified peer with a given IPv6 p...

Page 1106: ...to each destination If a VRF instance is specified the IPv4 routes in the BGP routing table of the VRF instance are displayed show ip bgp vrf vrf name network pfx len longer prefixes shorter prefixes length filter list as path list prefix list pfx list name Parameters vrf vrf name Optional Enter the Name of the Virtual Private Network VPN routing and forwarding VRF table select network pfx len Opt...

Page 1107: ...the command Routing show ip bgp BGP table version is 5 local router ID is 20 1 1 1 Status codes s suppressed valid best i internal Origin codes i IGP e EGP incomplete Network Next Hop Metric LocPrf Path 172 20 1 0 24 100 10 1 1 10 100 20 10 i 200 10 1 1 172 20 2 0 24 100 10 1 1 10 100 20 10 If one or more of the three well known communities in RFC 1997 is attached to a path show ip bgp lists them ...

Page 1108: ... BGP Next Hop 200 1 1 1 Display Parameters The command output displays the following information BGP table version Each time phase 2 of the BGP decision process runs to select new BGP routes this number is incremented Status codes s The route is aggregated into an aggregate address configured with the summary only option D LINK OS BGP never displays invalid routes so this code is always displayed ...

Page 1109: ...igin Value of the ORIGIN attribute Metric Value of the MED attribute if included Type Whether the path is received from an internal or external peer IGP Cost The interior gateway cost e g OSPF cost to the BGP NEXT HOP Peer Peer ID The IP address of the peerthat sent this route and its router ID BGP Next Hop The BGP NEXT HOP attribute Atomic Aggregate If the ATOMIC AGGEGATE attribute is attached to...

Page 1110: ...s are suppressed Y or advertised N Active Indicates whether the aggregate is currently being advertised 11 110 show ip bgp community This command shows BGP IPv4 routes that belong to a specified set of communities show ip bgp vrf vrf name community communities exact match Parameters vrf vrf name Optional Displays routes belonging to communities within a VRF instance communities A string of zero or...

Page 1111: ...h exact match Optional Displays only routes that are an exact match for the set of communities in the matching community list statement Default The default is None Command Mode Privileged EXEC 11 112 show ip bgp extcommunity list This command displays all the permit and deny attributes of the given extended community list If the list name is specified the output is displayed that matches the given...

Page 1112: ...lues RT The route target extended community attribute deny Denies access for a matching condition 11 113 show ip bgp listen range This command displays information about the IPv4 BGP listen subnet ranges If network length are specified information about the specified listen range are displayed show ip bgp network length Parameters network length Optional Indicates the network number and length bit...

Page 1113: ...Optional Displays routes belonging to communities within a VRF instance ipv4 address Specifies an IPv4 address of a neighbor to which to limit the output interface interface name Optional Displays the neighbor s IPv4 address Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show ip bgp neighbors 172 20 101 100 po...

Page 1114: ...s belonging to the VRF instance are displayed Note Policy configuration is moved from this command to the command show ip bgp neighbors policy show ip bgp vrf vrf name neighbors ip address Parameters vrf vrf name Optional Display routes belonging to communities within a VRF instance ip address Optional The IP address of a neighbor Used to limit the output to show a single neighbor Default The defa...

Page 1115: ... 27 sec Established Transitions 1 Established Time 0 day 0 hr 4 min 25 sec Time Elapsed Since Last Update 0 day 0 hr 4 min 245 sec Outbound Update Group 3 Open Update Keepalive Notification Refresh Total Msgs Sent 1 0 10 0 0 11 Msgs Rcvd 1 1 11 0 0 12 Received UPDATE Queue Size 0 bytes High 355 Limit 196096 Drops 0 IPv4 Prefix Statistics Inbound Outbound Prefixes Advertised 1 0 Prefixes Withdrawn ...

Page 1116: ...s if BFD has been enabled for BGP neighbors Peer ID The neighbors BGP router ID Peer Admin Status START or STOP Peer Type If a neighbor was created with the BGP dynamic neighbors feature Dynamic is shown Listen Range If the neighbor was created with the BGP dynamic neighbors feature the field shows the listen range to which the neighbor belongs Listen Range The listen range Local Interface Address...

Page 1117: ...hbor If the local router does not receive a KEEPALIVE or UPDATE message from this neighbor within this interval of time the local router drops the adjacency This field is only shown if the adjacency state is OPEN CONFIRM or greater MD5 Password The TCP MD5 password if one is configured in plain text Keep Alive Time The number of seconds between KEEPALIVE messages sent to this neighbor This field i...

Page 1118: ...e path attribute more than once Path with weII known optionaI conflict A received path attribute was flagged as both well known and optional or neither well known nor optional Transitive f gt set on transitive attr A received path attribute is known to be transitive but the transitive flag is not set Manda attribute non transitive or partial A mandatory path attribute was received with either the ...

Page 1119: ...in a VRF instance ip address The IP address of a neighbor Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show ip bgp neighbors 172 20 101 100 advertised routes BGP table version is 5 local router ID is 20 1 1 1 Status codes p advertisement pending Origin codes i IGP e EGP incomplete Originating default network...

Page 1120: ...The AS PATH does not include the local AS number which is added to the beginning of the AS PATH when a route is advertised to an external peer Note The value of the ORIGIN attribute follows immediately after the AS PATH 11 117 show ip bgp neighbors policy This command displays the inbound and outbound lPv4 policies configured for a specific peer The output distinguishes policies that are configure...

Page 1121: ... routes This command displays the list of IPv4 routes received from a specific neighbor The list includes either all routes received from the neighbor received routes that passed inbound policy or routes rejected by inbound policy If a VRF instance is specified the routes information is displayed for the neighbors in the VRF instance show ip bgp vrf vrf name neighbors ip address received routes ro...

Page 1122: ... of the Origin attribute as received from the peer 11 119 show ip bgp route reflection This command displays all global configuration related to IPv4 route reflection including the cluster ID and whether client to client route reflection is enabled and lists all the neighbors that are configured as route reflector clients If a VRF instance is specified the routes belonging to communities within a ...

Page 1123: ...not configured as route reflector clients Routes from non client peers are reflected to clients and vice versa 11 120 show ip bgp statistics This command displays recent decision process history Phase 1 of the decision process reacts to UPDATE messages received from peers determining what new routes are accepted and deleting withdrawn routes from the Adj RIB In Phase 2 determines the best path for...

Page 1124: ... the decision process was run Upd Grp Outbound update group ID Only applies when phase 3 is run Genld Generation ID of BGP routing table when decision process was run The generation ID is incremented each time phase 2 of the decisi cess is run and when there is a change to the status of aggregate addresses Reason The event that triggered the decision process to run Peer Phase 1 of the decision pro...

Page 1125: ...the default router instance Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show ip bgp summary Admin Mode Enable BGP Router ID 172 20 1 1 Local AS Number 200 Traps Disable Maximum Paths 32 Maximum Paths iBGP 16 Default Keep Alive Time 30 sec Default Hold Time 90 sec Number of Network Entries 20 Number of AS Pa...

Page 1126: ...her BGP is configured to advertise a default route Corresponds to the default information originate command Redistributing Source A source of routes that BGP is configured to redistribute Metric The metric configured with the redistribute command Match Value For routes redistributed from OSPF the types of OSPF routes being redistributed Distribute List The name of the prefix list used to filter re...

Page 1127: ...router show ip bgp template Template Name AF Configuration peer grp1 timers 5 15 password rivendell IPv4 advertisement interval 15 peer grp2 IPv4 prefix list strider in IPv4 maximum prefix 100 IPv6 prefix list gandolf in IPv6 maximum prefix 200 peer grp3 IPv6 send community peer grp4 update source loopback 0 IPv4 next hop self Display Parameters Name The name of a BGP peer template AF The address ...

Page 1128: ...rs Cleared 55223 Seconds BGP Message Statistics Open Update Notification Keepalive Refresh Total Recd 6 11 0 7888 0 7905 Sent 8 56 3 8465 0 8532 Max Received UPDATE rate 1 pps Max Send UPDATE rate 5 pps BGP Queue Statistics Current Max Drops Limit Events 0 2 0 800 Keepalive Tx 0 3 0 128 Dec Proc 0 3 0 133 Rx Data 0 3 0 500 RTO Notifications 0 4 0 1222 MIB Queries 0 0 0 5 Display Parameters The fir...

Page 1129: ...w ip bgp vrf vrf name update group ipv4 address ipv6 address Parameters vrf vrf name Displays the virtual router for which to display information ipv4 address ipv6 address Optional If specified this option restricts the output to the update group containing the peer with the given IPv4 or IPv6 address Default The default is None Command Mode Privileged EXEC Example The following shows an example o...

Page 1130: ... Advertisement Interval 5 seconds Neighbor AS Path Access List Out none Neighbor Prefix List Out noge Members Added 3 Members Removed 0 Update Version 4 Number of UPDATEs Sent 8 Time Since Last UPDATE 3 hrs 13 min 22 sec Current Prefixes 84 Current Paths 2 Prefixes Advertised 100 Prefixes Withdrawn 16 UPDATE Send Failures 0 Current Members 172 24 3 1 172 25 8 56 172 28 9 1 Version Delta TDuration ...

Page 1131: ...o UPDATE has been sent to the group the status is Never Current Prefixes The number of prefixes currently advertised to the group Current Paths The number of paths currently advertised to the group Prefixes Advertised The total number of prefixes advertised to the group since the group was formed Prefixes Withdrawn The total number of prefixes included in the Withdrawn Routes field of UPDATE messa...

Page 1132: ...ss in dotted decimal format and the length of the mask 0 to 32 The slash mark must be included Default The default is None Command Mode Privileged EXEC Example The following example shows all available VPNv4 information in a BGP routing table Routing show ip bgp vpnv4 all BGP table version is 5 local router ID is 20 1 1 1 Status codes s suppressed valid best i internal Origin codes i IGP e EGP inc...

Page 1133: ... 10 i The following example shows the attributes for network 172 20 1 0 that include multi paths and best path Use like any of the below formats Routing show ip bgp vpnv4 vrf red 172 20 1 0 255 255 255 0 Routing show ip bgp vpnv4 vrf red 172 20 1 0 24 Prefix Prefix Length 1 100 172 20 1 0 24 Generation ID 2056 Forwarding Yes Advertised to Update Groups 1 5 Best Path Imported from 2 200 100 10 1 1 ...

Page 1134: ...e AS PATH per route Prefix Prefix Length The destination prefix and prefix length Generation ID The version of the BGP routing table when this route last changed Forwarding If this BGP route is used for forwarding Advertised To Update Groups The outbound update groups to which this route is advertised Local Preference The local preference either as received from the peer or as set according to loc...

Page 1135: ...Optional Display the specified prefix and any longer prefixes within the same range shorter prefixes length Optional Used with the ipv6 prefix prefix length option to show routes whose prefix length is shorter than prefix length and optionally longer than a specified length This option may not be given if the longer prefixes option is given filter list as path list Optional Filter the output to th...

Page 1136: ...as the best path to the destination i If the route is learned from an internal peer Network IPv6 destination prefix Next Hop The IPv6 route s BGP NEXT HOP Metric Multi Exit Discriminator LocPrf The local preference Path The AS PATH Origin The value of the Origin attribute 11 127 show bgp ipv6 aggregate address This command lists IPv6 aggregate addresses that have been configured and indicates whet...

Page 1137: ... of communities The output format and field descriptions are the same as for the command show bgp ipv6 show bgp ipv6 community communities exact match Parameters communities A string of zero or more community values which may be in either format and may contain the well known community keywords no advertise and no export The output displays routes that belong to every community specified in the co...

Page 1138: ... command displays information adout BGP listen ranges show bgp ipv6 listen range network length Parameters listen range Displays all listen subnet ranges that have been created network length Displays information about specified listen range Default The default is None Command Mode Privileged EXEC Example The following shows an example of the command Routing show bgp ipv6 listen range Listen Range...

Page 1139: ...name Displays thepolicy for the given peer policy Display policy for a given peer Default The default is None Command Mode Privileged EXEC 11 132 show bgp ipv6 neighbors route This command displays a list of IPv6 routes received from a specific neighbor The list includes either all routes received from the neighbor received routes that passed inbound policy or routes rejected by inbound policy The...

Page 1140: ... the peer inherits from a peer template show bgp ipv6 neighbors ipv6 address interface interface name autodetect interface interface name policy Parameters ipv6 address Displays the neighbor s IP address interface interface name Optional Displays the specified local interface autodetect interface interface name Displays the routing interface on which the neighbor s link local IPv6 address is auto ...

Page 1141: ...igured the local router ID is shown and tagged as default Client to client Reflection Displays EnabIed when this router reflects routes received from its clients to its other clients othenlvise Disabled displays Clients A list of this router s internal peers that have been configured as route reflector clients Non client Internal Peers A list of this router s internal peers that are not configured...

Page 1142: ...detect interface interface name received routes routes rejected routes interface interface name policy Parameters ipv6 address Optional Displays information about the IPv6 neighbor If this argument is omitted information about all neighbors is displayed advertised routes Display routes advertised to a neighbor autodetect interface name Optional Autodetect IPv6 link local peer address interface int...

Page 1143: ...hed Transitions 1 Established Time 0 day 0 hr 4 min 25 sec Time Since Last Update 0 day 0 hr 4 min 24 sec IPv6 Outbound Update Group 7 Open Update Keepalive Notification Refresh Total Msgs Sent 1 0 10 0 0 11 MSgS Rcvd 1 1 11 0 0 12 Received UPDATE Queue Size 0 bytes High 355 Limit 196096 Drops 0 IPv6 Prefix Statistics Inbound Outbound Prefixes Advertised 1 0 Prefixes Withdrawn 0 0 Prefixes Current...

Page 1144: ...ts the status of IPv6 outbound update groups and their numbers Output and format are the same as for show ip bgp update group show bgp ipv6 update group group index ipv4 address ipv6 address interface interface name autodetect interface interface name Parameters group index Optional If specified this option restricts the output to a single update group ipv4 address Optional The IPv4 address of a p...

Page 1145: ...ormation to capture the current state of BGP snapshot bgp Parameters None Default The default is None Command Mode Support mode Routing Policy Commands Exterior routing protocols like BGP use industry standard routing policy to filter and modify routing information exchanged with peers BGP makes use of the following routing policy constructs AS PATH Access Lists BGP Community Lists Use the Routing...

Page 1146: ...first matching regular expression is applied D LINK OS allows configuration of up to 128 AS PATH access lists with up to 64 statements each To enter the question mark within a regular expression you must first enter CTRL V to prevent the CLI from interpreting the question mark as a request for help See Table 13 for a listing of AS PATH list regular expression syntax Use the no command to delete an...

Page 1147: ...gh AS 100 Routing Config ip as path access list 1 deny _100_ Routing Config ip as path access list 1 deny 100 Routing Config router bgp 1 Routing Config router neighbor 172 20 1 1 remote as 200 Routing Config router neighbor 172 20 1 1 filter list 1 in 11 141 ip bgp community new format To display BGP standard communities in AA NN format use the ip bgp community new format command in Global Config...

Page 1148: ...e permit deny community number no advertise no export no export subconfed no export no ip community list standard list name Parameters standard list name ldentifies a named standard community list The name may contain up to 32 characters permit Indicates that matching routes are permitted deny Indicates that matching routes are denied community Optional From 0 to 16 community numbers formatted as ...

Page 1149: ...example CLI display output for the command Routing show ip as path access list AS path access list 1 deny _100_ deny 100 AS path access list 2 deny _260_ deny 200 11 144 show ip community list This command displays community lists The format of community values is dictated by the command ip bgp community new format show ip community list community list name detail Parameters community list name Op...

Page 1150: ...mmunity list Standard community list buzz permit 100 200 permit 100 300 permit 100 400 Standard community list woody permit 200 1 permit 200 2 permit 200 3 11 145 clear ip community list This command clears community lists clear ip community list list name Parameters list name Optional A community list name Default The default is None Command Mode Privileged EXEC ...

Page 1151: ...ration setting Class of Service Commands This section describes the commands you use to configure and view Class of Service CoS settings for the switch The commands in this section allow you to control the priority and transmission rate of traffic Note Commands you issue in the Interface Config mode only affect a single interface Commands you issue in the Global Config mode affect all interfaces 1...

Page 1152: ...pdscp IP DSCP value trafficclass The mapping class Default The default is None Command Mode Global Config 12 3 classofservice trust This command sets the class of service trust mode of an interface or range of interfaces You can set the mode to trust one of the Dot1p 802 1 p IP DSCP or IP Precedence packet markings You can also set the interface mode to untrusted If you configure an interface to u...

Page 1153: ...um bandwidth The sum of all values entered must not exceed 100 Use the no command to restore the default for each queue s minimum bandwidth value cos queue min bandwidth bw 0 bw 1 bw n no cos queue min bandwidth Parameters bw 0 bw 1 bw n Enter the minimum bandwidth percentage for the selected queue Default The default is None Command Mode Global Config Interface Config 12 5 cos queue random detect...

Page 1154: ...ng the queue ID queue id 2 queue id n Optional Enter the value where n is the queue ID Default The default is None Command Mode Global Config Interface Config 12 6 cos queue strict This command activates the strict priority scheduler mode for each specified queue for an interface queue on an interface a range of interfaces or all interfaces Use the no command to restore the default weighted schedu...

Page 1155: ...ace In contrast in Global Config mode it applies to all interfaces The Interface Config mode command is only available on platforms that support independent per port class of service queue configuration random detect queue id 0 queue id 1 no random detect queue id 0 queue id 1 Parameters queue id 1 Enter the value ranging from 0 to 7 representing the queue ID Default Default The default is None Co...

Page 1156: ...rob prec n no random detect queue parms queue id 1 queue id 2 queue id n Parameters queue id 1 queue id n Enter the value ranging from 0 to 7 representing the queue ID queue id 2 queue id n Optional Enter the value where n is the queue ID min thresh The minimum threshold the queue depth as a percentage where WRED starts marking and dropping traffic max thresh The maximum threshold is the queue dep...

Page 1157: ...traffic classes for a specific interface The slot port parameter is optional and is only valid on platforms that support independent per port class of service mappings If specified the 802 1p mapping table of the interface is displayed If omitted the most recent global configuration settings are displayed show classofservice dot1p mapping slot port Parameters slot port Optional Displays the interf...

Page 1158: ... the most recent global configuration settings are displayed show classofservice ip precedence mapping slot port Parameters slot port Optional Displays the interface number Default The default is None Command Mode Privileged EXEC Display Parameters IP Precedence The IP Precedence value Traffic Class The traffic class internal queue identifier to which the IP Precedence value is mapped 12 13 show c...

Page 1159: ...ameters slot port Optional Displays the interface number Default The default is None Command Mode Privileged EXEC Display Parameters Non IP Traffic Class The traffic class used for non IP traffic This is only displayed when the COS trust mode is set to trust IP Precedence or lP DSCP on platforms that support IP DSCP Untrusted Traffic Class The traffic class used for all untrusted traffic This is o...

Page 1160: ...anagement Type The queue depth management technique used for this queue tail drop If you specify the interface the command also displays the following information Interface The slot port of the interface If displaying the global configuration this output line is replaced with a Global Config indication Interface Shaping Rate The maximum transmission bandwidth limit for the interface as a whole It ...

Page 1161: ...ng policy statements for a policy class combination Service o Adding and removing a policy to from an inbound interface The DiffServ class defines the packet filtering criteria The attributes of a DiffServ policy define the way the switch processes packets You can define policy attributes on a per class instance basis The switch applies these attributes when a match occurs Packet processing begins...

Page 1162: ...ate BA based on DSCP and Multi Field MF classes of traffic name match criteria This set of commands consists of class creation deletion and matching with the class match commands specifying Layer 3 Layer 2 and general match criteria The class match criteria are also known as class rules with a class definition consisting of one or more rules to identify the traffic that belongs to the class Note O...

Page 1163: ... is currently referenced by one or more policies or by any other class the delete action fails class map match all class map name ipv4 ipv6 no class map class map name Parameters match all Indicates all of the individual match conditions must be true for a packet to be considered a member of the class class map name Case sensitive alphanumeric string from 1 to 31 characters uniquely identifying th...

Page 1164: ...of 0x0600 0xFFFF Use the not option to negate the match condition match not ethertype keyword custom 0x0600 0xFFFF Parameters not Optional Specify to negate the match condition keyword Specifies appletalk arp ibmsna ipv4 ipv6 ipx mplsmcast etc custom 0x0600 0xFFFF Specifies ethertype value Default The default is None Command Mode Class Map Config 12 21 match any This command adds to the specified ...

Page 1165: ...n allowed combination based on the class type Any subsequent changes to the refclassname class match criteria must maintain this validity or the change attempt fails The total number of class rules formed by the complete reference class chain including both predecessor and successor classes must not exceed a platform specific maximum In some cases each removal ofa refclass rule reduces the maximum...

Page 1166: ...ers not Optional Specify to negate the match condition Default The default is None Command Mode Class Map Config 12 25 match destination address mac This command adds to the specified class definition a match condition based on the destination MAC address of a packet The macaddr parameter is any layer 2 MAC address formatted as six two digit hexadecimal numbers separated by colons e g 00 11 22 dd ...

Page 1167: ...pecifies an IP address bit mask and must consist of a contiguous set of leading 1 bits Use the not option to negate the match condition match not dstip ipaddr ipmask Parameters not Optional Specify to negate the match condition ipaddr Specifies an IP address ipmask Specifies an IP address bit mask note that although similar to a standard subnet mask this bit mask need not be contiguous Default The...

Page 1168: ...port number is an integer from 0 to 65535 Use the not option to negate the match condition match not dstl4port portkey 0 65535 Parameters not Optional Specify to negate the match condition portkey To specify the match condition as a single keyword the value for portkey is one of the supported port name keywords The currently supported portkey values are domain echo ftp ftpdata http smtp snmp telne...

Page 1169: ...ser notation match ip dscp dscpval Parameters dscpval Specified as either an integer from 0 to 63 or symbolically through one of the following keywords af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default The default is None Command Mode Class Map Config 12 30 match ip precedence This command adds to the specified class definition a match condit...

Page 1170: ...match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation Note This free form version of the IP DSCP Precedence TOS match specification gives the user complete control when specifying which bits of the IP Service Type field are checked match not ip tos tosbits tosmask Parameters not Optional Speci...

Page 1171: ... by IANA and is interpreted as an integer from 0 to 255 Use the not option to negate the match condition Note This command does not validate the protocol number value against the current list defined by IANA match not protocol protocol name 0 255 Parameters not Optional Specify to negate the match condition protocol name One of the supported protocol name keywords The currently supported values ar...

Page 1172: ...dress bit mask Default The default is None Command Mode Class Map Config 12 35 match srcip This command adds to the specified class definition a match condition based on the source IP address of a packet The ipaddr parameter specifies an IP address The ipmask parameter specifies an IP address bit mask and must consist of a contiguous set of leading 1 bits Use the not option to negate the match con...

Page 1173: ...tp snmp telnet tftp www Each of these translates into its equivalent port number which is used as both the start and end of a port range To specify the match condition as a numeric value one layer 4 port number is required The port number is an integer from 0 to 65535 Use the not option to negate the match condition match not srcl4port portkey 0 65535 Parameters portkey One of the supported port n...

Page 1174: ... portend Specify a match ondition for a range of layer source ports portvalue Specify a single port source Default The default is None Command Mode Class Map Config 12 39 match vlan This command adds to the specified class definition a match condition based on the value of the layer 2 VLAN identifier field the only tag in a single tagged packet or the first or outer tag ofa double VLAN tagged pack...

Page 1175: ...to an interface to form a service Specify the policy name when you create the policy Each traffic class defines a particular treatment for packets that match the class definition You can associate multiple traffic classes with a single policy When a packet satisfies the conditions of more than one class preference is based on the order in which you add the classes to the policy The first class you...

Page 1176: ...associated traffic stream are to be dropped at ingress drop Parameters None Default The default is None Command Mode Policy Class Map Config Incompatibilities Assign Queue Mark all forms Mirror Police Redirect 12 43 mirror This command specifies that all incoming packets for the associated traffic stream are copied to a specific egress interface physical port or LAG mirror slot port Parameters slo...

Page 1177: ... destination mirrored packet Default The default is None Command Mode Policy Class Map Config Incompatibilities Drop Mirror 12 45 conform color Use this command to enable color aware traffic policing and define the conform color class map Used in conjunction with the police command where the fields for the conform level are specified The class map name parameter is the name of an existing DiffServ...

Page 1178: ...tance of a particular class and its defined treatment from the specified policy classname is the names of an existing DiffServ class Note This command removes the reference to the class definition for the specified policy class classname no class classname Parameters classname The name of an existing DiffServ class The command causes the specified policy to create a reference to the class definiti...

Page 1179: ...eader the secondary or inner 802 1Q tag of a double VLAN tagged packet If the packet does not already contain this header one is inserted The CoS value is an integer from 0 to 7 mark secondary cos 0 7 Parameters None Default The default is None Command Mode Policy Class Map Config Incompatibilities Drop Mark IP DSCP IP Precedence Police 12 49 mark cos as sec cos This command marks outer VLAN tag p...

Page 1180: ...ackets for the associated traffic stream with the specified IP DSCP value mark ip dscp dscpval Parameters dscpval Specified as either an integer from 0 to 63 or symbolically through one of the following keywords af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default The default is None Command Mode Policy Class Map Config Incompatibilities Drop Ma...

Page 1181: ...pval value is required and is specified as either an integer from 0 to 63 or symbolically through one of the following keywords af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef For set prec transmit an IP Precedence value is required and is specified as an integer from 0 7 For set cos transmit an 802 1p priority value is required and is specified as...

Page 1182: ...he specified class For each outcome the only possible actions are drop set cos as sec cost set cos transmit set sec cos transmit set dscp transmit set prec transmit or transmit In this single rate form of the police command the conform action defaults to send the exceed action defaults to drop and the violate action defaults to drop These actions can be set with this command once the style has bee...

Page 1183: ... the police command the conform action defaults to send the exceed action defaults to drop and the violate action defaults to drop These actions can be set with this command once the style has been configured police two rate 1 4294967295 1 4294967295 1 128 1 128 conform action drop set cos as sec cos set cos transmit 0 7 set sec cos transmit 0 7 set prec transmit 0 7 set dscp transmit 0 63 transmi...

Page 1184: ...cific to the inbound traffic direction as indicated by the in parameter Note The CLI mode is changed to Policy Map Config when this command is successfully executed Use the no command to eliminate an existing DiffServ policy The policyname parameter is the name of an existing DiffServ policy This command may be issued at any time If the policy is currently referenced by one or more interface servi...

Page 1185: ...ection The policyname parameter is the name of an existing DiffServ policy This command causes a service to create a reference to the policy Note This command effectively enables DiffServ on an interface in the inbound direction There is no separate interface administrative mode command for DiffServ Note This command fails if any attributes within the policy definition exceed the capabilities of t...

Page 1186: ...formation is only shown when the DiffServ administrative mode is enabled 12 58 show class map This command displays all configuration information for the specified class The class name is the name of an existing DiffServ class show class map class name Parameters class name Enter the name of an existing DiffServ class Default The default is None Command Mode Privileged EXEC User EXEC Display Param...

Page 1187: ...class Note that the order in which classes are displayed is not necessarily the same order in which they were created Class Type A class type of all means every match criterion defined for the class is evaluated simultaneously and must all be true to indicate a class match Ref Class Name The name of an existing DiffServ class whose match conditions are being referenced by the specified class defin...

Page 1188: ...s for the Policy Table Policy Instance Table Size Current number of entries rows in the Policy Instance Table Policy Instance Table Max Maximum allowed entries rows for the Policy Instance Table Policy Attribute Table Size Current number of entries rows in the Policy Attribute Table Policy Attribute Table Max Maximum allowed entries rows for the Policy Attribute Table Service Table Size The curren...

Page 1189: ...ark CoS as Secondary CoS Conform Color Mode Blind Exceed Color Mode Blind Display Parameters If the Policy Name is specified the following fields are displayed Policy Name The name of this policy Policy Type The policy type only inbound policy definitions are supported for this platform The following information is repeated for each class associated with this policy only those policy attributes ac...

Page 1190: ...on a packet considered to not conform to the policing parameters This is not displayed if policing not in use for the class under this policy Conform Color Mode The current setting for the color mode Policing uses either color blind or color aware mode Color blind mode ignores the coloration marking ofthe incoming packet Color aware mode takes into consideration the current packet marking when det...

Page 1191: ...e name of the policy attached to the interface in the indicated direction Policy Details Attached policy details whose content is identical to that described for the show policy map policymapname command content not repeated here for brevity 12 62 show diffserv service brief This command displays all interfaces in the system to which a DiffServ policy has been attached The inbound direction parame...

Page 1192: ...t port parameter specifies a valid interface for the system Note This command is only allowed while the DiffServ administrative mode is enabled show policy map interface slot port lag lag id in Parameters slot port Displays the slot port interface lag lag id Displays the interface in lag format in Optional Displays the inbound direction Default The default is None Command Mode Privileged EXEC Disp...

Page 1193: ...ed with an attached policy are shown Interface The interface associated with the service policy Operational Status The current operational status of this DiffServ service interface Policy Name The name of the policy attached to the interface MAC Access Control List Commands This section describes the commands you use to configure MAC Access Control List ACL settings MAC ACLs ensure that only autho...

Page 1194: ...e from the system mac access list extended name no mac access list extended name Parameters name Enter the ACL name to identify a specific MAC ACL It is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the MAC access list Default The default is None Command Mode Global Config 12 66 mac access list extended rename This command changes the name of a MAC Access Contro...

Page 1195: ...t 1 2147483647 The sequence number from which to start The range is 1 2147483647 The default is 1 1 2147483647 The amount to increment The range is 1 2147483647 The default is 1 Default The default is 10 Command Mode Global Config 12 68 deny permit MAC ACL This command creates a new rule for the current MAC access list A rule may either deny or permit traffic according to the specified classificat...

Page 1196: ...fic matching this rule to be forwarded to the specified slot port redirect Configure the packet redirection attribute slot port Optional Enter the slot port values rate limit rate burst size Optional Set the rate limit to permit only the allowed rate of traffic as per the configured rate in kbps and burst size in kbytes The sequence number specifies the sequence number for the ACL rule The sequenc...

Page 1197: ...nterface or bound to a VLAN then the ACL rule is applied when the time range with specified name becomes active The ACL rule is removed when the time range with specified name becomes inactive For information about configuring time ranges see Time Range Commands for Time Based ACLs The assign queue parameter allows specification of a particular hardware queue for handling traffic that matches this...

Page 1198: ...de setting is applied to all interfaces The VLAN keyword is only valid in the Global Config mode The Interface Config mode command is only available on platforms that support independent per port class of service queue configuration An optional control plane is specified to apply the MAC ACL on CPU port The control packets like BPDU are also dropped because of the implicit deny all rule added to t...

Page 1199: ... remarks each of them is linked to the next created rule Use the no command remove a remark from an ACL access list When the first occurrence of the remark in ACL is found the remark is deleted Repeated execution of this command with the same remark removes the remark from the next ACL rule that has the remark associated with it if there is any rule configured with the same remark If there are no ...

Page 1200: ...value is 100 If the ACL rule is configured with RATE LIMIT the counter value is the MATCHED packet count If the sent traffic rate exceeds the configured limit the counters still display matched packet count despite getting dropped beyond the configured limit since match criteria is met which would equal the sent rate For example if rate limit is set to 10 kbps and matching traffic is sent at 100 k...

Page 1201: ... MAC Mask The source MAC mask for this rule Committed Rate The committed rate defined by the rate limit attribute Committed Burst The committed burst size defined by the rate limit attribute Destination MAC Address The destination MAC address for this rule Ethertype The Ethertype keyword or custom value for this rule VLAN ID The VLAN identifier value or range for this rule COS The COS 802 1p value...

Page 1202: ...ntrol List ACL that is identified by the access list number which is 1 99 for standard ACLs or 100 199 for extended ACLs Note IPv4 extended ACLs have the following limitations for egress ACLs Match on port ranges is not supported The rate limit command is not supported Use the no command to delete an IP ACL that is identified by the parameter accesslistnumber from the system The range for accessli...

Page 1203: ...d with a sequence number that is already used for another rule For example if user adds new ACL rule to ACL without specifying a sequence number it is placed at the bottom of the list By changing the sequence number user can move the ACL rule to a different position in the ACL 1 99 or 100 199 Range 1 to 99 is the access list number for an IP standard ACL Range 100 to 199 is the access list number ...

Page 1204: ...d port number _ 1 and one with range equal to specified port number_ 1 to 65535 Note Port number matches only apply to unfragmented or first fragments dstip dstmask any host dstip Specifies a destination IP address and netmask for match condition of the IP ACL rule Specifying any implies specifying dstip as 0 0 0 0 and dstmask as 255 255 255 255 Specifying host A B C D implies dstip as A B C D and...

Page 1205: ...ACL rule is applied when the time range with specified name becomes active The ACL rule is removed when the time range with specified name becomes inactive For information about configuring time ranges see Time Range Commands for Time Based ACLs assign queue queue id Specifies the assign queue which is the queue identifier to which packets matching this rule are assigned mirror redirect slot port ...

Page 1206: ...iquely identifying the IP access list This command fails is an IP ACL by the name newname already exists ip access list rename oldname newname Parameters oldname Enter the current access control list name newname Enter a text string to identify the access list up to 31 character length string Default The default is None Command Mode Global Config 12 75 ip access list resequence Use this command to...

Page 1207: ...rce address and destination address values must be specified The source and destination IP address fields may be specified using the keyword any to indicate a match on any value in that field The remaining command parameters are all optional but the most frequently used parameters appear in the same relative order as shown in the command format Use the no command to remove the ACL rule with the sp...

Page 1208: ... this rule are assigned the value range from 0 to 7 log Specifies that this rule is to be logged mirror redirect slot port port channel port channel group id Specifies the mirror or redirect interface which is the unit slot port to which packets matching this rule are copied or forwarded respectively redirectExtAgent agent id Allows matching flow packets to be sent to external applications running...

Page 1209: ...value routing Match on presence of routing extention header Note An implicit deny all IP rule always terminates the access list The time range parameter allows imposing time limitation on the IP ACL rule as defined by the specified time range If a time range with the specified name does not exist and the ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule i...

Page 1210: ...CL on CPU port The IPv4 control packets like RADIUS and TACACS are also dropped because of the implicit deny all rule added at the end of the list To overcome this permit rules must be added to allow the IPv4 control packets Note The keyword control plane is only available in Global Config mode Note The out option may or may not be available depending on the platform Use the no command to remove a...

Page 1211: ...e is 100 If an ACL rule is configured with RATE LIMIT the counter value will be the MATCHED packet count If the sent traffic rate exceeds the configured limit counters will still display matched packet count despite getting dropped beyond the configured Iimit since match criteria is met that would equal the sent rate For example if rate limit is set to 10 kbps and matching traffic is sent at 100 k...

Page 1212: ...ifies the VLANs to which the ACL is applied ACL VLAN bindings red irectExtAgent Indicates whether matching flow packets are allowed to be sent to external applications running alongside D LINK OS on a control CPU agent id is a unique identifier for the external receive client application agent id is an integer in the range 1 to 100 The redirectExtAgent action is mutually exclusive with the redirec...

Page 1213: ...ange redirectExtAgent Indicates whether matching flow packets are allowed to be sent to external applications running alongside D LINK OS on a control CPU agent id is a unique identifier for the external receive client application agent id is an integer in the range 1 to 100 The redirectExtAgent action is mutually exclusive with the redirect and mirror actions Committed Rate The committed rate def...

Page 1214: ...e the order of this access list relative to other access lists already assigned to this interface and direction A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified access list replaces the currently attached access list using that sequence number If the sequence number is not specified by the user a sequence number ...

Page 1215: ...empts to reach network resources The following rules apply to IPv6 ACLs The maximum number of ACLs you create is 100 regardless of type The system supports only Ethernet ll frame types The maximum number of rules per IPv6 ACL is hardware dependent 12 82 ipv6 access list This command creates an IPv6 Access Control List ACL identified by name consisting of classification fields defined for the IP he...

Page 1216: ...meters oldname Enter the previously defined name newname Enter an access list name up to 31 characters in length Default The default is None Command Mode Global Config 12 84 ipv6 access list resequence Use this command to renumber the sequence numbers of the entries for specified IPv6 access list with the given increment value starting from a particular sequence number The command is used to edit ...

Page 1217: ...ACL rule with the specified sequence number from the ACL deny permit every icmpv6 ipv6 tcp udp 0 255 source ipv6 prefix prefix length any host source tpv6 address range portkey startport portkey endport eq neq lt gt portkey 0 65535 destination ipv6 prefix prefix length any host destination ipv6 address range portkey startport portkey endport eq neq lt gt portkey 0 65535 flag fin fin syn syn rst rs...

Page 1218: ...valent to specifying the range as 0 to specified port number 1 When gt is specified IPv6 ACL rule matches if the layer 4 port number is greater than the specified port number or portkey lt is equivalent to specifying the range as specified port number 1 to 65535 Two rules are added in the hardware one with range equal to 0 to specified port number 1 and one with range equal to specified port numbe...

Page 1219: ...d na nd ns next header no admin no route packet too big port unreachable router solicitation router advertisement router renumbering time exceeded and unreachable The ICMP message is decoded into the corresponding ICMP type and ICMP code within that ICMP type fragments Specifies that IPv6 ACL rule matches on fragmented IPv6 packets packets that have the next header field set to 44 routing Specifie...

Page 1220: ... The lPv5 ACL routing keyword is not supported when an IPv6 address is specified IPv6 ACL fragment keyword matches only on the first two IPv6 extension headers for the fragment header next header code 44 If the fragment header appears in the third or subsequent header it is not matched IPv6 ACL fragment keyword matches only on the first IPv6 extension header next header code 44 If the fragment hea...

Page 1221: ...be aware that the out option may or may not be available depending on the platform Use the no command to remove an IPv6 ACL identified by name from the interface s in a given direction ipv6 traffic filter name control plane in out vlan vlan id in out sequence 1 4294967295 no ipv6 traffic filter name control plane in out vlan vlan id in out Parameters control plane Enter control plane to apply the ...

Page 1222: ...CL rule is configured with RATE LIMIT the counter value is that of the MATCHED packet count If the sent traffic rate exceeds the configured limit the counters still display matched packet count despite getting dropped beyond the configured limit since match criteria is met that equals the sent rate For example if the rate limit is set to 10 kbps and matching traffic is sent at 100 kbps counters wo...

Page 1223: ...h packets matching this rule are copied Redirect Interface The slot port to which packets matching this rule are forwarded Time Range Name Displays the name of the time range if the IPv6 ACL rule has referenced a time range red irectExtAgent Indicates whether matching flow packets are allowed to be sent to external applications running alongside D LINK OS on a control CPU agent id is a unique iden...

Page 1224: ...ameters name Enter access list name up to 31 characters in length Default The default is None Command Mode Global Config 12 89 deny permit Management ACAL This command creates a new rule for the current management access control access list ACAL A rule may either deny or permit traffic according to the specified classification fields Rules with ethernet vlan and port channel parameters will be val...

Page 1225: ...interfaces ethernet 0 1 and ethernet 0 9 Routing Config management access list mlist Routing config macal permit ethernet 0 1 priority 63 Routing config macal permit ethernet 0 9 priority 64 Routing config macal exit Routing Config management access list mlist The following example shows how to configure all the interfaces to be management interfaces except for two interfaces ethernet 0 1 and ethe...

Page 1226: ...default is None Command Mode Global Config 12 91 show management access list This command displays management access lists show management access list listname Parameters listname Optional Specify the name of the access list Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show management access list List Name m...

Page 1227: ... an empty Access List Range 1 32characters Default The default is None Command Mode Privileged EXEC Example The following shows example CLI display output for the command Routing show management access class Management access class is enabled using access list mlist Time Range Commands for Time Based ACLs Time based ACLs allow one or more rules within an ACL to be based on time Each ACL rule withi...

Page 1228: ...solute time entry to a time range Only one absolute time entry is allowed per time range The time parameter is based on the currently configured time zone The start time date parameters indicate the time and date at which the configuration that referenced the time range starts going into effect The time is expressed in a 24 hour clock in the form of hours minutes For example 8 00 is 8 00 am and 20...

Page 1229: ...me as the starting days of the week they can be omitted The first occurrence of the time argument is the starting hours minutes which the configuration that referenced the time range starts going into effect The second occurrence is the ending hours minutes at which the configuration that referenced the time range is no longer in effect The hourszminutes are expressed in a 24 hour clock For exampl...

Page 1230: ...de Privileged EXEC Example The following is an example of the CLI display output for the command Routing show time range Admin mode Disabled Current number of all Time Ranges 1 Maximum number of all Time Ranges 100 Periodic Time Range Name Status Entry count Absolute Entry absolute Active 0 Does not exist Display Parameters Admin Mode Status of the mode disabled default enabled Current Number of T...

Page 1231: ...e Status Status of the time range active inactive Absolute start Start time and day for absolute time entry Absolute end End time and day for absolute time entry Periodic Entries Number of periodic entries in a time range Periodic start Start time and day for periodic entry Periodic end End time and day for periodic entry ...

Page 1232: ...ticast Technologies O S Support Core Table 15 BSP Log Messages Component Message Cause BSP Event 0xaaaaaaaa Switch has restarted BSP Starting code BSP initialization complete starting D LINK OS application Table 16 NIM Log Messages Component Message Cause NIM NIM L7_ATTACH out of order for interface unit x slot x port x Interface creation out of order NIM NlM Failed to find interface at unit x slo...

Page 1233: ...t occurred Table 17 SIM Log Message Component Message Cause SIM IP address conflict on service port network port for IP address x x x x Conflicting host MAC address is xx xx xx xx xx xx This message appears when an address conflict is detected in the LAN for the service port network port IP Table 18 System Log Messages Component Message Cause Component Message Cause SIM IP address conflict on serv...

Page 1234: ...xist or the file s checksum is incorrect so the components default configuration file is built NVStore File XXX corrupted from file system Checksum mismatch The calculated checksum of a component s configuration file in the file system did not match the checksum of the file in memory NVStore Migrating config file XXX from version Y to Z A configuration file version mismatch was detected so a confi...

Page 1235: ...date ID xxx The RADIUS Client received an invalid message from the server RADIUS RADIUS Invalid packet length xxx The RADIUS Client received an invalid message from the server RADIUS RADIUS Response is missing Message Authenticator ID xxx The RADIUS Client received an invalid message from the server RADIUS RADIUS Server address doesn t match configured server The RADIUS Client received a server re...

Page 1236: ... a DNS Domain name server info given by the DHCP Server to the DNS Client fails DHCP4 Client DNS domain name list entry addition failed This message appears when the update of a DNS Domain name list info given by the DHCP Server to the DNS Client fails DHCP4 Client Interface xxx Link State is Down Connect the port and try again This message appears when the Network protocol is configured with DHCP...

Page 1237: ...SSH sessions were already active EmWeb Handle table overflow All the available EmWeb connection handles are being used and the connection could not be made EmWeb ConnectionType EMWEB socket accept failed errno Socket accept failure for the specified connection type EmWeb EMWEB Connection allocation failed Memory allocation failure for the new connection EmWeb EMWEB TransmitPending EWOULDBLOCK erro...

Page 1238: ...unsecure server socket address YYYY is the result returned from connect function and ZZZZ is the error code SSLT SSLT Msg Queue is full event XXXX Failed to send the received message to the SSLT message queue as message queue is full XXXX indicates the event to be sent SSLT SSLT Unknown UI event in message event XXXX Failed to dispatch the received Ul event to the appropriate SSLT function as it s...

Page 1239: ...ppears when protectedPortCfgRWLock Fails Protected Ports protectedPortCnfgrlnitPhase2 Process Unable to register for VLAN change callback This appears when nimRegisterlntfChange with VLAN fails Protected Ports Cannot add interface xxx to group yyy This appears when an interface could not be added to a particular group Protected Ports Unable to set protected port group This appears when a dtl call ...

Page 1240: ...ailed to set global igmp snooping mode to xxx Failed to set global IGMP Snooping mode due to message queue being full IGMP Snooping Failed to set igmp snooping mode xxx for interface yyy Failed to set interface IGMP Snooping mode due to message queue being full IGMP Snooping Failed to set igmp mrouter mode xxx for interface yyy Failed to set interface multicast router mode due to IGMP Snooping mes...

Page 1241: ...e Component Message Cause Double Vlan Tag dvlantaglntflsConfigurable Error accessing dvlantag config data for interface d A default configuration does not exist for this interface Typically a case when a new interface is created and has no preconfiguration Table 40 IPv6 Provisioning Log Message Component Message Cause IPv6 Provisioning ipv6ProvlntflsConfigurable Error accessing IPv6 Provisioning c...

Page 1242: ... the default VLAN Typically encountered during clear VLAN and clear config 802 1Q dtl failure when adding ports to VLAN ID d portMask s Failed to add the ports to VLAN entry in hardware 802 1Q dtl failure when deleting ports from VLAN ID d portMask s Failed to delete the ports for a VLAN entry from the hardware 802 1Q dtl failure when adding ports to tagged list for VLAN ID d portMask s Failed to ...

Page 1243: ...AN d Failed to delete VLAN ID from the VLAN database 802 1Q Dynamic entry d can only be modified after it is converted to static Failed to modify the VLAN group filter 802 1Q Cannot find VLAN d to convert it to static Failed to convert Dynamic VLAN to static VLAN VLAN ID not exists 802 1Q Only Dynamically created VLANs can be converted Error while trying to convert the static created VLAN ID to st...

Page 1244: ...ID which is already Undgr process of creation 802 1Q VLAN ID d already exists Trying to create the VLAN ID which is already exists 802 1Q Failed to delete Default VLAN d cannot be deleted Trying to delete Default VLAN ID 802 1Q Failed to delete VLAN ID d is not a static VLAN Trying to delete Dynamic VLAN ID from CLI 802 1Q Requester d attempted to releasegnal VLAN d owned by d Request to release t...

Page 1245: ...tem was unable to send an SNMP trap for this ACL rule which contains a logging attribute ACL IP ACL number Forced truncation of one or more rules during config migration While processing the saved configuration the system encountered an ACL with more rules than is supported by the current version This may happen when code is updated to a version supporting fewer rules per ACL than the previous ver...

Page 1246: ...than 4 DHCP relay Request s seconds field less than the config value The DHCP relay agent has processed a DHCP request whose SECS field is larger than the configured minimum wait time allowed DHCP relay processDhcpPacket invalid DHCP packet type u n The DHCP relay agent has processed an invalid DHCP packet Such packets are discarded by the relay agent Table 49 OSPFv2 Log Messages Component Message...

Page 1247: ... 4 checksum 0x1234 OSPFv2 ignored a received link state advertisement LSA whose checksum was incorrect Table 50 OSPFv3 Log Messages Component Message Cause OSPFv3 Best route client deregistration failed for OSPFv3 Redist OSPFv3 registers with the lPv6 routing table manager RTO6 to be notified of best route changes There are cases where OSPFv3 deregisters more than once causing the second deregistr...

Page 1248: ... logs this alert The count of total routes includes alternate routes which are not installed in hardware Table 52 VRRP Log Messages Component Message Cause VRRP VRRP packet of size xxx dropped Min VRRP packet size is xxx Max VRRP packet size is xxx This message appears when there is flood of VRRP messages in the network VRRP VR xxx on interface xxx started as xxx This message appears when the Virt...

Page 1249: ...essage appears when trying to enable disable MGMD Protocol IGMP MLD MGMD All Routers Address xxx Add to the DTL Mcast List Failed MGMD All Routers Address addition to the local multicast list Failed As a result of this MGMD Multicast packets with this address will not be received at the application IGMP MLD MGMD All Routers Address xxx Delete from the DTL Mcast List Failed MGMD All Routers Address...

Page 1250: ... PIMSM Non Zero SPT Data Threshold Rate xxx is currently Not Supported on this platform This message appears when the user tries to configure the PIMSM SPT threshold value PIMSM PIMSM Protocol Heap Memory lnit Failed Family xxx PIMSM Heap memory initialization Failed for the specified address family This message appears when trying to enable PIMSM Protocol PIMSM PIMSM Protocol Heap Memory De lnit ...

Page 1251: ...kets cannot be received on the interface PIMSM PlMSMv6 Socket Memb ship Disable Failed for rtrlfNum xxx PIMSMv6 Socket Creation options Disable with Kernel IP Stack Failed As a result of this the PIM Control packets are still received on the interface at the application though no protocol is enabled PIMSM PIMSM S G RPt Table Max Limit xxx Reached Cannot accommodate any further routes PIMSM Multica...

Page 1252: ...rotocol is enabled PIMDM Mcast Forwarding Mode Enable Failed for intf xxx Multicast Forwarding Mode Enable Failed As a result of this Multicast packets will not be received at the application though a protocol is enabled PIMDM PlMDMv6 Socket Memb ship Enable Failed for rtrlfNum xxx PlMDMv6 Socket Creation options Set with Kernel IP Stack Failed As a result of this the PIM Control packets cannot be...

Page 1253: ...ue to the non availability of some resources This message appears when trying to enable DVMRP Protocol DVMRP DVMRP All Routers Address xxx Delete from the DTL Mcast List Failed for intf xxx DMVRP All Routers Address deletion from the local multicast list Failed As a result of this DVMRP Multicast packets are still received at the application though DVMRP is disabled DVMRP Mcast Forwarding Mode Dis...

Page 1254: ...essfully A previously configured probe port is not being used in the policy The release notes state that only a single probe port can be configured Policy x does not contain rule x The rule was not added to the policy due to a discrepancy in the rule count for this specific policy Additionally the message can be displayed when an old rule is being modified but the old rule is not in the policy ERR...

Page 1255: ...e or API issue on remote unit A synchronization retry will be issued USL failed to sync VLAN table on unit x Could not synchronize unit x due to a transport failure or API issue on remote unit A synchronization retry will be issued invalid LAG ID X Possible synchronization issue between the BCM driver and HAPI invalid uport calculated from the uport x_l2_addr lport x Uport not valid from BCM drive...

Page 1256: ...led to Delete Route Error adding or deleting a default gateway in the kernel s routing table the function is really osapiRawMRouteAdd Delete OSAPI Linux osapiNetlfConfig ioctl on XX failed addr 0xYY err ZZ or osapiNetlPSet ioctl on XX failed addr 0x YY Failed trying to set the IP address in hex as YY of the interface with Linux name XX and the interface does not exist Sometimes this is a harmless ...

Page 1257: ...d happens at boot time OSAPI Linux Log_lnit Corrupt event log erasing Event log file had a non blank entry after a blank entry therefore something was messed up OSAPI Linux Failed to Set Interface IP Address or IP Netmask or Broadcast Address or Flags or Hardware Address or Failed to Retrieve interface Flags Trouble adding VRRP IP or MAC address es to a Linux network interface ...

Page 1258: ...ing in instance enter the command sudo license install activation code to activate the operating system Refer to the license activation information for the required information The switch needs to reboot to continue After the reboot go to step 2 admin Switch sudo license install activation code sudo unable to resolve host Switch License successfully installed AC activation code Please reboot the d...

Page 1259: ...luding the HW monitoring driver optional not required for upgrading dpkg I filename deb The following is an example of the CLI display output for the command Switch home admin dpkg I 3 2 nc2x 1 00 005 rc advance DLink DXS 5000 54S deb new debian package version 2 0 size 24505688 bytes control archive 4556 bytes 118 bytes 5 lines conffiles 362 bytes 10 lines control 7412 bytes 118 lines md5sums 286...

Page 1260: ...ectly to the switch The default IP of switch s management port is 192 168 3 10 with subnet mask 255 255 255 0 so the server should be configured in the 192 168 3 x subnet Note Currently only D Link and Pluribus Network operating systems are supported For more information on how to obtain a license and installation instructions for the Pluribus Network OS visit www pluribusnetworks com Use the foll...

Page 1261: ...h entry is highlighted Press enter to boot the selected OS e to edit the commands before booting or c for a command line 3 Enter the command onie discovery stop to stop ONIE discovery ONIE onie discovery stop discover installer mode detected Stopping discover done ONIE 4 Enter the command onie nos install tftp IP address ONIE installer file name In this example the command appears as follows onie ...

Page 1262: ...to 127 0 0 1 Ubuntu 14 04 LTS root Switch 2 Backup the original NTP configuration file root Switch cp etc ntp conf etc ntp conf bak 3 Configure your NTP server IP in ntp conf See the following example root Switch vi etc ntp conf 4 In the illustrated screen delete the following entries Server 0 ubuntu pool ntp org Server 1 ubuntu pool ntp org Server 2 ubuntu pool ntp org Server 3 ubuntu pool ntp or...

Page 1263: ...h home admin service ntp restart Stopping NTP server ntpd done Starting NTP server ntpd done root Switch home admin 6 To ensure the process is complete make sure the NTP server time is synchronized with your device root Switch date Mon 25 19 07 59 55 UTC 2018 time should be synchronized with server root Switch ...

Reviews:

No comments

Related manuals for 5000 Series

Cabletron Systems SmartSwitch 6500 User Manual preview
SmartSwitch 6500
Brand: Cabletron Systems Pages: 150
Cabletron Systems MMAC-Plus 9H421-12 User Manual preview
MMAC-Plus 9H421-12
Brand: Cabletron Systems Pages: 38
Cabletron Systems ESXMIM Management Manual preview
ESXMIM
Brand: Cabletron Systems Pages: 86
Cabletron Systems MMAC-Plus 9T125-24 User Manual preview
MMAC-Plus 9T125-24
Brand: Cabletron Systems Pages: 30
Cabletron Systems 7C03 MMAC SmartSWITCH Installation Manual preview
7C03 MMAC SmartSWITCH
Brand: Cabletron Systems Pages: 16
Eaton Cutler-Hammer Quick Start Instructions preview
Cutler-Hammer
Brand: Eaton Pages: 8
OEZ PS-LT Instructions For Use preview
PS-LT
Brand: OEZ Pages: 5
Ihse Draco major K474-U8/C8 User Manual preview
Draco major K474-U8/C8
Brand: Ihse Pages: 167
steute Ex 95 SB Mounting And Wiring Instructions preview
Ex 95 SB
Brand: steute Pages: 10
AVLT-Power AcePro-CE89-1 Quick Installation Manual preview
AcePro-CE89-1
Brand: AVLT-Power Pages: 12
Ubiquiti EdgeSwitch 10 XP Quick Start Manual preview
EdgeSwitch 10 XP
Brand: Ubiquiti Pages: 13
AMX AVS-OCT-6448-210 Product View preview
AVS-OCT-6448-210
Brand: AMX Pages: 1
S&T kontron KSwitch D4 MF User Manual preview
kontron KSwitch D4 MF
Brand: S&T Pages: 100
cable matters 202046 Quick Start Manual preview
202046
Brand: cable matters Pages: 8
Dahua VTNS1006A-2 User Manual preview
VTNS1006A-2
Brand: Dahua Pages: 12
S+S HYGRASREG TW-W Operating Instructions, Mounting & Installation preview
HYGRASREG TW-W
Brand: S+S Pages: 16
B&B Electronics 8 PORT SMART SWITCH CE 232D4SS8 User Manual preview
8 PORT SMART SWITCH CE 232D4SS8
Brand: B&B Electronics Pages: 29
C&C TECHNIC Smart view IC-1304-IO User Manual preview
Smart view IC-1304-IO
Brand: C&C TECHNIC Pages: 2

Brands by name

Popular brands

Load more brands