manualshive.com logo in svg

Dell 5324 - PowerConnect Switch, Command Line Interface Reference Manual

Share
Download
Dell 5324 - PowerConnect Switch Command Line Interface Reference Manual Download Page 1

w w w . d e l l . c o m   |   s u p p o r t . d e l l . c o m

Dell™ PowerConnect™ 5324 Systems

CLI Reference Guide

Summary of Contents for 5324 - PowerConnect Switch

Page 1: ...w w w d e l l c o m s u p p o r t d e l l c o m Dell PowerConnect 5324 Systems CLI Reference Guide ...

Page 2: ...Information in this document is subject to change without notice 2006 Dell Inc All rights reserved Reproduction in any manner whatsoever without the written permission of Dell Inc is strictly forbidden Trademarks used in this text Dell the DELL logo and PowerConnect are trademarks of Dell Inc Other trademarks and trade names may be used in this document to refer to either the entities claiming the...

Page 3: ...guration and Image Files Commands 25 Ethernet Configuration Commands 26 GVRP Commands 27 IGMP Snooping Commands 28 IP Addressing 28 LACP Commands 29 Line Commands 29 LLDP Commands 30 Management ACL Commands 31 PHY Diagnostics Commands 31 Port Channel Commands 32 Port Monitor Commands 32 QoS Commands 32 Radius Commands 33 RMON Commands 34 SNMP Commands 34 Spanning Tree Commands 35 ...

Page 4: ...ommands 43 2 Command Modes GC Global Configuration Mode 45 IC Interface Configuration Mode 48 LC Line Configuration Mode 50 MA Management Access level Mode 51 PE Privileged User EXEC Mode 51 SP SSH Public Key Mode 53 UE User EXEC Mode 53 VC VLAN Configuration Mode 55 3 Using the CLI CLI Command Modes 57 Starting the CLI 60 Editing Features 61 4 AAA Commands aaa authentication login 65 aaa authenti...

Page 5: ...s bridge address 77 bridge multicast filtering 78 bridge multicast address 78 bridge multicast forbidden address 80 bridge multicast forward all 81 bridge multicast forbidden forward all 81 bridge aging time 82 clear bridge 83 port security 84 port security routed secure address 85 show bridge address table 85 show bridge address table static 87 show bridge address table count 88 show bridge multi...

Page 6: ... timer 98 sntp broadcast client enable 99 sntp anycast client enable 100 sntp client enable interface 100 sntp unicast client enable 101 sntp unicast client poll 102 sntp server 102 show clock 103 show sntp configuration 105 show sntp status 106 7 Configuration and Image Files delete startup config 109 copy 109 boot system 112 show running config 113 show startup config 114 show backup config 116 ...

Page 7: ...pressure 125 port jumbo frame 126 clear counters 126 set interface active 127 show interfaces configuration 127 show interfaces status 129 show interfaces description 131 show interfaces counters 132 show ports jumbo frame 136 port storm control include multicast 137 port storm control broadcast enable 137 port storm control broadcast rate 138 show ports storm control 139 9 GVRP Commands gvrp enab...

Page 8: ...Commands ip igmp snooping Global 149 ip igmp snooping Interface 149 ip igmp snooping mrouter 150 ip igmp snooping host time out 150 ip igmp snooping mrouter time out 151 ip igmp snooping leave time out 152 show ip igmp snooping mrouter 153 show ip igmp snooping interface 153 show ip igmp snooping groups 154 11 IP Addressing Commands clear host dhcp 157 ip address 157 ip address dhcp 158 ip default...

Page 9: ...165 ip host 165 clear host 166 show hosts 167 12 LACP Commands lacp system priority 169 lacp port priority 169 lacp timeout 170 show lacp ethernet 171 show lacp port channel 171 13 Line Commands line 173 speed 173 autobaud 174 exec timeout 174 show line 175 terminal history 176 terminal history size 176 14 LLDP Commands lldp enable global 179 ...

Page 10: ...x 184 show lldp configuration 185 show lldp local 185 show lldp neighbors 186 15 Management ACL management access list 189 permit management 190 deny management 191 management access class 192 show management access list 193 show management access class 193 16 PHY Diagnostics Commands test copper port tdr 195 show copper ports tdr 195 show copper ports cable length 196 show fiber ports optical tra...

Page 11: ...interfaces port channel 203 18 Port Monitor Commands port monitor 205 show ports monitor 206 19 QoS Commands qos 209 show qos 209 wrr queue cos map 210 wrr queue bandwidth 211 priority queue out num of queues 212 show qos interface 213 qos map dscp queue 214 qos trust Global 215 qos trust Interface 216 qos cos 216 show qos map 217 20 Radius Commands radius server host 219 radius server key 220 ...

Page 12: ...ics 225 rmon collection history 227 show rmon collection history 228 show rmon history 229 rmon alarm 232 show rmon alarm table 233 show rmon alarm 234 rmon event 236 show rmon events 237 show rmon log 238 rmon table size 240 22 SNMP Commands snmp server community 241 snmp server view 242 snmp server filter 243 snmp server contact 244 snmp server location 244 snmp server enable traps 245 snmp serv...

Page 13: ...ws 255 show snmp groups 256 show snmp filters 257 show snmp users 258 23 Spanning Tree Commands spanning tree 261 spanning tree mode 261 spanning tree forward time 262 spanning tree hello time 263 spanning tree max age 264 spanning tree priority 265 spanning tree disable 265 spanning tree cost 266 spanning tree port priority 267 spanning tree portfast 267 spanning tree link type 268 spanning tree ...

Page 14: ...bort mst 275 spanning tree pathcost method 276 spanning tree bpdu 276 clear spanning tree detected protocols 277 show spanning tree 278 spanning tree mst mstp rstp 290 Spanning tree guard root 291 24 SSH Commands ip ssh port 293 ip ssh server 293 crypto key generate dsa 294 crypto key generate rsa 294 ip ssh pubkey auth 295 crypto key pubkey chain ssh 296 user key 296 key string 297 show ip ssh 29...

Page 15: ... 303 logging console 304 logging buffered 305 logging buffered size 305 clear logging 306 logging file 307 clear logging file 307 show logging 308 show logging file 309 show syslog servers 310 26 27 System Management ping 313 traceroute 314 telnet 317 resume 320 reload 321 hostname 321 show users 322 show sessions 322 show system 323 ...

Page 16: ...mmands tacacs server host 327 tacacs server key 328 tacacs server timeout 328 tacacs server source ip 329 show tacacs 330 29 User Interface enable 331 disable 331 login 332 configure 332 exit configuration 333 exit EXEC 334 end 334 help 335 history 335 history size 336 debug mode 336 show history 337 show privilege 338 ...

Page 17: ... general allowed vlan 344 switchport general pvid 345 switchport general ingress filtering disable 346 switchport general acceptable frame type tagged only 347 switchport forbidden vlan 347 map protocol protocols group 348 switchport general map protocols group vlan 349 ip internal usage vlan 349 show vlan 350 show vlan internal usage 351 show vlan protocols groups 352 show interfaces switchport 3...

Page 18: ...o certificate import pkcs12 366 show crypto certificate mycertificate 368 show ip http 369 show ip https 369 32 802 1x Commands aaa authentication dot1x 371 dot1x system auto control 372 dot1x port control 372 dot1x re authentication 373 dot1x timeout re authperiod 374 dot1x re authenticate 374 dot1x timeout quiet period 375 dot1x timeout tx period 376 dot1x max req 377 dot1x timeout supp timeout ...

Page 19: ...DELL CONFIDENTIAL PRELIMINARY 9 12 06 FOR PROOF ONLY show dot1x statistics 382 ADVANCED FEATURES 384 dot1x auth not req 384 dot1x multiple hosts 385 dot1x single host violation 385 show dot1x advanced 386 ...

Page 20: ...20 DELL CONFIDENTIAL PRELIMINARY 9 12 06 FOR PROOF ONLY ...

Page 21: ...iguring the PowerConnect switch details the procedures and provides configuration examples Basic installation configuration is described in the User s Guide and must be completed before using this document Command Groups The system commands can be broken down into the functional groups shown below Command Group Description AAA Configures connection security including authorization and passwords Ad...

Page 22: ...ics SNMP Configures SNMP communities traps and displays SNMP information Spanning Tree Configures and reports on Spanning Tree protocol SSH Configures SSH authentication Syslog Commands Manages and displays syslog messages System Management Configures the device clock name and authorized users TACACS Configures TACACS commands User Interface Describes user commands used for entering CLI commands V...

Page 23: ...ation show authentication methods Displays information about the authentication methods Privileged User EXEC password Specifies a password on a line Line Configuration enable password Sets a local password to control access to normal and privilege levels Global Configuration username Establishes a username based authentication system Global Configuration show users accounts Displays information ab...

Page 24: ... Displays statically created entries in the bridge forwarding database Privileged User EXEC show bridge address table count Displays the number of addresses present in all or at a specific VLAN Privileged User EXEC show bridge multicast address table Displays statically created entries in the bridge forwarding database Privileged User EXEC show bridge multicast filtering Displays the multicast fil...

Page 25: ...o use the Simple Network Time Protocol SNTP to request and accept Network Time Protocol NTP traffic from servers Global Configuration sntp unicast client poll Enables polling for the Simple Network Time Protocol SNTP predefined unicast clients Global Configuration sntp server Configures the device to use the Simple Network Time Protocol SNTP to request and accept Network Time Protocol NTP traffic ...

Page 26: ...tiple Ethernet type interfaces Global Configuration shutdown Disables interfaces Interface Configuration description Adds a description to an interface Interface Configuration speed Configures the speed of a given Ethernet interface when not using auto negotiation Interface Configuration duplex Configures the full half duplex operation of a given Ethernet interface when not using auto negotiation ...

Page 27: ...n port storm control broadcast rate Configures the maximum broadcast rate Interface Configuration show ports storm control Displays the storm control configuration Privileged User EXEC Command Group Description Mode gvrp enable global Enables GVRP globally Global Configuration gvrp enable interface Enables GVRP on an interface Interface Configuration garp timer Adjusts the GARP application join le...

Page 28: ...ion ip igmp snooping leave time out Configures the leave time out VLAN Configuration show ip igmp snooping mrouter Displays information on dynamically learned multicast router interfaces User EXEC show ip igmp snooping interface Displays IGMP snooping configuration User EXEC show ip igmp snooping groups Displays multicast groups learned by IGMP snooping User EXEC Command Group Description Access M...

Page 29: ...he host cache Global Configuration clear host Deletes entries from the host name to address cache Privileged User EXEC show hosts Displays the default domain name a list of name server hosts the static and cached list of host names and addresses User EXEC Command Group Description Access Mode lacp system priority Configures the system LACP priority Global Configuration lacp port priority Configure...

Page 30: ...e should hold a Link Layer Discovery Protocol packet before discarding it Global configuration lldp reinit delay Specifies the minimum time an LLDP port will wait before reinitializing LLDP transmission Global configuration lldp tx delay Specifies the delay between successive LLDP frame transmissions initiated by value status changes in the LLDP local systems MIB Global configuration lldp optional...

Page 31: ...ist is used Global Configuration show management access list Displays management access lists Privileged User EXEC show management access class Displays the active management access list Privileged User EXEC Command Group Description Access Mode test copper port tdr Diagnoses with TDR Time Domain Reflectometry technology the quality and characteristics of a copper cable attached to a port Privileg...

Page 32: ...rt channel information User EXEC Command Group Description Access Mode port monitor Starts a port monitoring session Interface Configuration show ports monitor Displays the port monitoring status User EXEC Command Group Description Access Mode qos Enables quality of service QoS on the device and enters QoS basic or advance mode Global Configuration show qos Displays the QoS status User EXEC wrr qu...

Page 33: ...hentication and encryption key for all RADIUS communications between the router and the RADIUS daemon Global Configuration radius server retransmit Specifies the number of times the software searches the list of RADIUS server hosts Global Configuration radius server source ip Specifies the source IP address used for communication with RADIUS servers Global Configuration radius server timeout Sets ...

Page 34: ...uration show rmon events Displays the RMON event table User EXEC show rmon log Displays the RMON logging table User EXEC rmon table size Configures the maximum RMON tables sizes Global Configuration Command Group Description Access Mode snmp server community Sets up the community access string to permit access to SNMP protocol Global Configuration snmp server view Creates or update a view entry Gl...

Page 35: ...gineid Displays the ID of the local Simple Network Management Protocol SNMP engine Privileged User EXEC show snmp Displays the SNMP status Privileged User EXEC show snmp views Displays the configuration of views Privileged User EXEC show snmp groups Displays the configuration of groups Privileged User EXEC show snmp filters Displays the configuration of filters Privileged User EXEC show snmp users...

Page 36: ...formation is aged out Global Configuration spanning tree mst port priority Configures port priority for the specified MST instance Interface Configuration sspanning tree mst cost Configures the path cost for multiple spanning tree MST calculations Interface Configuration spanning tree mst configuration Enables configuring an MST region by entering the Multiple Spanning Tree MST mode Global Configu...

Page 37: ... interface Interface Configuration Command Group Description Access Mode ip ssh port Specifies the port to be used by the SSH server Global Configuration ip ssh server Enables the device to be configured from a SSH server Global Configuration crypto key generate dsa Generates DSA key pairs Global Configuration crypto key generate rsa Generates RSA key pairs Global Configuration ip ssh pubkey auth ...

Page 38: ...on severity Global Configuration logging buffered size Changes the number of syslog messages stored in the internal buffer Global Configuration clear logging Clears messages from the internal logging buffer Privileged User EXEC logging file Limits syslog messages sent to the logging file based on severity Global Configuration clear logging file Clears messages from the logging file Privileged User...

Page 39: ... the open Telnet sessions User EXEC show system Displays system information User EXEC show version Displays the system version information User EXEC asset tag Specifies the device asset tag Global Configuration show system id Displays the service ID information User EXEC Command Group Description Mode tacacs server host Specifies a TACACS host Global Configuration tacacs server key Sets the authen...

Page 40: ...ption of the help system All history Enables the command history function All history size Changes the command history buffer size for a particular line All debug mode Switches the mode to debug All show history Lists the commands entered in the current session All show privilege Displays the current privilege level All Command Group Description Access Mode vlan database Enters the VLAN database c...

Page 41: ...al acceptable frame type tagged only Discards untagged frames at ingress Interface Configuration switchport forbidden vlan Forbids adding specific VLANs to a port Interface Configuration map protocol protocols group Adds a special protocol to a named group of protocols which may be used for protocol based VLAN assignment VLAN Configuration switchport general map protocols group vlan Sets a protoco...

Page 42: ... configured from a secured browser Global Configuration crypto certificate generate Generates a HTTPS certificate Global Configuration crypto certificate request Generates and displays certificate requests for HTTPS Privileged User EXEC crypto certificate import Imports a certificate signed by Certification Authority for HTTPS Global Configuration ip https certificate Configures the active certifi...

Page 43: ...ication exchange Interface Configuration dot1x timeout tx period Sets the number of seconds that the switch waits for a response to an Extensible Authentication Protocol EAP request identity frame from the client before resending the request Interface Configuration dot1x max req Sets the maximum number of times that the switch sends an EAP request identity frame to the client before restarting the...

Page 44: ...44 Command Groups w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 45: ...zone for display purposes clock summer time Configures the system to automatically switch to summer time daylight saving time crypto certificate generate Generates a HTTPS certificate crypto certificate import Imports a certificate signed by Certification Authority for HTTPS crypto key generate dsa Generates DSA key pairs crypto key generate rsa Generates RSA key pairs crypto key pubkey chain ssh ...

Page 46: ...rom a browser ip https authentication Specifies authentication methods for https ip https certificate Configures the active certificate for HTTPS Use the no form of this command to return to default ip https server Enables the device to be configured from a secured browser ip https port Configures a TCP port for use by a secure web browser to configure the device ip igmp snooping Global Enables In...

Page 47: ...sponse times when servers are unavailable radius server host Specifies a RADIUS server host radius server key Sets the authentication and encryption key for all RADIUS communications between the router and the RADIUS daemon radius server retransmit Specifies the number of times the software searches the list of RADIUS server hosts radius server source ip Specifies the source IP address used for co...

Page 48: ...mum age spanning tree mode Configures the spanning tree protocol spanning tree pathcost method Sets the default pathcost method spanning tree priority Configures the spanning tree priority tacacs server key Sets the authentication encryption key used for all TACACS communications between the device and the TACACS daemon tacacs server source ip Specifies the source IP address that will be used for ...

Page 49: ...on of an EAP request frame to the client dot1x timeout tx period Sets the number of seconds that the switch waits for a response to an Extensible Authentication Protocol EAP request identity frame from the client before resending the request show dot1x Sets the number of seconds that the switch waits for a response to an EAP request identity frame from the client before resending the request duple...

Page 50: ...s group on an interface shutdown Disables interfaces sntp client enable interface Enables the Simple Network Time Protocol SNTP client on an interface spanning tree cost Configures the spanning tree path cost for a port spanning tree disable Disables spanning tree on a specific port spanning tree link type Overrides the default link type setting spanning tree portfast Enables PortFast mode spannin...

Page 51: ...ics Clears all the GVRP statistics information clear host Deletes entries from the host name to address cache clear host dhcp Deletes entries from the host name to address mapping received from Dynamic Host Configuration Protocol DHCP clear logging Clears messages from the internal logging buffer clear logging file Clears messages from the logging file clear spanning tree detected protocols Restar...

Page 52: ... ports tdr Displays the last TDR Time Domain Reflectometry tests on specified ports show crypto key mypubkey Displays the SSH public keys stored on the device show crypto key pubkey chain ssh Displays SSH public keys stored on the device show crypto certificate mycertificate Displays the SSL certificates of the device show dot1x Displays 802 1X status for the switch or for the specified interface ...

Page 53: ...R Time Domain Reflectometry technology the quality and characteristics of a copper cable attached to a port Command Description key string Manually specifies a SSH public key user key Specifies which SSH public key is manually configured and enters the SSH public key string configuration command Command Description clear counters Clears statistics on an interface enable Enters the privileged EXEC ...

Page 54: ...usability status of interfaces configured for IP show lacp ethernet Displays LACP information for Ethernet ports show line Displays line parameters show ports jumbo frame Displays the jumbo frames configuration show ports monitor Displays the port monitoring status show privilege Displays the current privilege level show qos Displays the QoS status show qos interface Assigns CoS values to select o...

Page 55: ...en forward all Enables forbidding forwarding of all multicast frames to a port bridge multicast forward all Enables forwarding of all multicast frames on a port ip igmp snooping Interface Enables Internet Group Management Protocol IGMP snooping on a specific VLAN ip igmp snooping host time out Configures the host time out ip igmp snooping leave time out Configures the leave time out show ip igmp s...

Page 56: ...56 Command Modes w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 57: ...modes Each command mode has its own set of specific commands Entering a question mark at the system prompt console prompt displays a list of commands available for that particular command mode From each mode a specific command is used to navigate from one command mode to another The standard order to access the modes is as follows User EXEC mode Privileged EXEC mode Global Configuration mode and I...

Page 58: ...o perform basic tests and list system information The user level prompt consists of the device host name followed by the angle bracket The default host name is Console unless it has been changed using the hostname command in the Global Configuration mode Privileged EXEC Mode Privileged access is password protected to prevent unauthorized use because many of the privileged commands set operating sy...

Page 59: ...C mode command configure is used to enter the Global Configuration mode To enter the Global Configuration mode perform the following steps 1 At the Privileged EXEC mode prompt enter the command configure and press Enter The Global Configuration mode prompt is displayed The Global Configuration mode prompt consists of the device host name followed by the word config and To return from the Global Co...

Page 60: ...same as the commands in the Ethernet interface mode and are used to manage the member ports as a single entity The Global Configuration mode command interface port channel is used to enter the Port Channel Interface Configuration mode SSH Public Key chain Contains commands to manually specify other device SSH public keys The Global Configuration mode command crypto key pubkey chain ssh is used to ...

Page 61: ...e required parameters after the command keyword For example to set a password for the administrator enter Console config username admin password smith When working with the CLI the command options are not displayed The command is not selected from a menu but is manually entered To see what commands are available in each mode or within an interface configuration the CLI does provide a method of dis...

Page 62: ...ation to the default value This guide describes the negation effect for all applicable commands Command Completion If the command entered is incomplete invalid or has missing or invalid parameters then the appropriate error message is displayed This assists in entering the correct command By pressing the Tab button an incomplete command is entered If the characters already entered are not enough f...

Page 63: ...ns back to the Privileged EXEC mode from any mode Backspace key Moves the cursor back one space Convention Description In a command line square brackets indicates an optional entry In a command line curly brackets indicate a selection of compulsory parameters separated by the character One option must be selected For example flowcontrol auto on off means that for the flowcontrol command either aut...

Page 64: ...64 Using the CLI w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 65: ...rom the following table Default Configuration The local user database is checked This has the same effect as the command aaa authentication login list name local NOTE On the console login succeeds without any authentication check if the authentication method is not defined Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authentication...

Page 66: ...ssing higher privilege levels To return to the default configuration use the no form of this command Syntax aaa authentication enable default list name method1 method2 no aaa authentication enable default default Uses the listed authentication methods that follow this argument as the default list of methods when using higher privilege levels list name Character string used to name the list of auth...

Page 67: ... given sequence The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line All aaa authentication enable default requests sent by the device to a RADIUS or TACACS server include the username enab15 Example The follow...

Page 68: ...remote telnet SSH or console To return to the default specified by the enable authentication command use the no form of this command Syntax enable authentication default list name no enable authentication default Uses the default list created with the authentication enable command list name Uses the indicated list created with the authentication enable command Default Configuration Uses the defaul...

Page 69: ...ditional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example configures the http authentication Console config line console Console config line enable authentication default Keyword Source or de...

Page 70: ...additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example configures https authentication show authentication methods The authentication methods Privilege EXEC mode command displays informa...

Page 71: ...on methods Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the authentication configuration ...

Page 72: ...s level from 1 to 159 characters in length encrypted Encrypted password to be entered copied from another device configuration Console show authentication methods Login Authentication Method Lists Console_Default None Network_Default Local Enable Authentication Method Lists Console_Default Enable None Network_Default Enable Line Login Method List Enable Method List Console Default Default Telnet D...

Page 73: ...the password requirement use the no form of this command Syntax enable password level level password encrypted no enable password level level password Password for this level from 1 to 159 characters in length level level Level for which the password applies If not specified the level is 15 Range 1 15 encrypted Encrypted password entered copied from another device configuration Default Configurati...

Page 74: ...nge 1 20 characters password The authentication password for the user Range 1 159 characters level The user level Range 1 15 encrypted Encrypted password entered copied from another device configuration Default Configuration No user is defined Command Mode Global Configuration mode User Guidelines No password is required Example The following example configures user bob with the password lee and u...

Page 75: ...has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the local users configured with access to the system Console show users accounts Username Privilege Bob 15 Robert 15 ...

Page 76: ...76 AAA Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 77: ...x xx xx xx interface A valid Ethernet port port channel number A valid port channel number permanent The address can only be deleted by the no bridge address command delete on reset The address is deleted after reset delete on timeout The address is deleted after age out time has expired secure The address is deleted after the port changes mode to unlock learning no port security command This para...

Page 78: ... state to drop on the devices ports If multicast routers exist on the VLAN and IGMP snooping is not enabled the bridge multicast forward all command should be used to enable forwarding all multicast packets to the multicast routers Example In this example bridge multicast filtering is enabled bridge multicast address The bridge multicast address Interface Configuration mode command registers MAC l...

Page 79: ...ate a range of ports port channel number list Separate nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of ports Default Configuration No multicast addresses are defined Command Mode Interface configuration VLAN mode User Guidelines If the command is executed without add or remove the command only registers the group in the bridge database Static multic...

Page 80: ...ormat of xx xx xx xx xx xx ip multicast address IP multicast address is in the format xxx xxx xxx xxx interface list Separate non consecutive valid Ethernet ports with a comma and no spaces hyphen is used to designate a range of ports port channel number list Separate non consecutive valid port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Confi...

Page 81: ... designate a range of ports port channel number list Separate non consecutive valid port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration Disable forward all on the specified interface Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example In this example all multicast pack...

Page 82: ...ls Default Configuration By default this setting is disabled for example forwarding to the port is not forbidden Command Mode Interface Configuration VLAN mode User Guidelines IGMP snooping dynamically discovers multicast router ports When a multicast router port is discovered all the multicast packets are forwarded to it unconditionally This command prevents a port to be a multicast router port E...

Page 83: ...is set to 250 clear bridge The clear bridge Privileged EXEC mode command removes any learned entries from the forwarding database Syntax clear bridge This command has no keywords or arguments Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example the bridge tables are cl...

Page 84: ...efault if no option is indicated discard shutdown Discards frames with unlearned source addresses The port is also shut down trap Seconds Sends SNMP traps and defines the minimal amount of time in seconds between two consecutive traps Range 1 1 000 000 Default Configuration Disabled No port security Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user g...

Page 85: ...nge context User Guidelines The command enables adding secure MAC addresses to a routed ports in port security mode The command is available when the port is a routed port and in port security mode The address is deleted if the port exits the security mode or is not a routed port Example In this example the MAC layer address 66 66 66 66 66 66 is added to port g1 show bridge address table The show ...

Page 86: ...ion This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Internal usage VLANs VLANs that are automatically allocated on routed ports would be presented in the VLAN column by a port number and not by a VLAN ID Example In this example all classes of entries in the bridge forwarding database are displayed ...

Page 87: ...interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example all static entries in the bridge forwarding database are displayed Console show bridge address table Aging time is 300 sec vlan mac addr...

Page 88: ...c VLAN Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command displays the count for 1 VLAN for all VLANs or for a specific port No commas are allowed Example In this example the number of addresses present in the VLANs are displayed Console show bridge address table static Aging time is 300 sec vlan mac address port type 1 00...

Page 89: ...ticast address in the format of xx xx xx xx xx xx ip multicast address An IP multicast address format Multicast address format Can be ip or mac If format is unspecified the default is mac Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example multicast MAC address table ...

Page 90: ...0 5e 02 02 08 static g1 8 19 01 00 5e 02 02 08 dynamic g9 11 Forbidden ports for multicast addresses Vlan MAC Address Ports 1 01 00 5e 02 02 03 g8 19 01 00 5e 02 02 08 g8 Console show bridge multicast address table format ip Vlan IP Address Type Ports 1 224 239 130 2 2 3 static g1 g2 19 224 239 130 2 2 8 static g1 8 19 224 239 130 2 2 8 dynamic g9 11 Forbidden ports for multicast addresses Vlan IP...

Page 91: ...ode User Guidelines There are no user guidelines for this command Example In this example the multicast configuration for VLAN 1 is displayed show ports security The show ports security Privileged EXEC mode command displays the port lock status Syntax show ports security ethernet interface port channel port channel number interface A valid Ethernet port port channel number A valid port channel num...

Page 92: ...nes There are no user guidelines for this command Example In this example all classes of entries in the port lock status are displayed Console show ports security Port Status Action Trap Frequency Counter g1 Locked Discard Enable 100 88 g2 Unlocked g3 Locked Discard Shutdown Disable Frequency Minimum time in seconds between consecutive traps Counter Number of actions since last trap ...

Page 93: ...st three letters by name Jan Dec year Current year 2000 2097 Default Configuration The default time set is 0 0 0 0 Jan 1 2000 or xxxxx Month Day Year Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example sets the system time to 13 32 00 on the 7th March 2002 clock source The clock source Privileged EXEC mode command configures...

Page 94: ...use the no form of this command Syntax clock timezone hours offset minutes minutes offset zone acronym no clock timezone hours offset Hours difference from UTC Range 12 13 minutes minutes offset Minutes difference from UTC Range 0 59 zone acronym The acronym of the time zone Range Up to 4 characters Default Configuration UTC Command Mode Global Configuration mode User Guidelines The system interna...

Page 95: ... on the first specific date listed in the command and end on the second specific date in the command usa The summer time rules are the United States rules eu The summer time rules are the European Union rules week Week of the month Range 1 4 first last day Day of the week Range first three letters by name like sun date Date of the month Range 1 31 month Month Range first three letters by name year...

Page 96: ...me 2 am local time EU rule for daylight saving time Start Last Sunday in March End Last Sunday in October Time 1 00 am 01 00 Greenwich Mean Time GMT Examples The following example sets summer time starting on the first Sunday in April at 2am and finishing on the last Sunday in October at 2 am sntp authentication key The sntp authentication key Global Configuration mode command defines an authentic...

Page 97: ...nd Syntax sntp authenticate no sntp authenticate This command has no arguments or keywords Default Configuration No authentication Command Mode Global Configuration mode User Guidelines The command is relevant for both unicast and broadcast Examples The following example defines the authentication key for SNTP and grants authentication Console config sntp authentication key 8 md5 ClkKey Console co...

Page 98: ... Command Mode Global configuration mode User Guidelines The command is relevant for both received unicast and broadcast If there is at least 1 trusted key then unauthenticated messages will be ignored Examples The following example authenticates key 8 sntp client poll timer The sntp client poll timer Global Configuration mode command sets the polling time for the Simple Network Time Protocol SNTP ...

Page 99: ...ts use the no form of this command Syntax sntp broadcast client enable no sntp broadcast client enable This command has no arguments or keywords Default Configuration Disabled Command Mode Global configuration mode User Guidelines The sntp broadcast client enable Interface Configuration mode command enables the device to receive broadcast transmissions globally and on ALL interfaces Use the sntp c...

Page 100: ...the sntp client poll timer Global Configuration mode command Use the sntp client enable Interface Configuration mode command to enable the SNTP client on a specific interface Examples The following example enables anycast clients t sntp client enable interface The sntp client enable Interface Configuration mode command enables the Simple Network Time Protocol SNTP client on an interface This appli...

Page 101: ...le Network Time Protocol SNTP to request and accept Network Time Protocol NTP traffic from servers To disable requesting and accepting Network Time Protocol NTP traffic from servers use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable This command has no arguments or keywords Default Configuration Disabled Command Mode Global Configuration mode User Guide...

Page 102: ...er Global Configuration mode command Examples The following example enables polling for the Simple Network Time Protocol SNTP predefined unicast clients sntp server The sntp server Global Configuration mode command configures the device to use the Simple Network Time Protocol SNTP to request and accept Network Time Protocol NTP traffic from a server To remove a server from the list of NTP servers ...

Page 103: ... timer Global Configuration mode command If multiple servers are added then the updates applied are determined by the following Unicast Server updates take precedence followed by Anycast and then Broadcast Examples The following example configures the device to accept Network Time Protocol NTP traffic from the server on 192 1 1 1 show clock The show clock User EXEC mode command displays the time a...

Page 104: ...ion Time is not authoritative blank Time is authoritative Time is authoritative but SNTP is not synchronized Console show clock 15 29 03 PDT UTC 7 Jun 17 2002 Time source is SNTP Device show clock detail 15 29 03 PDT UTC 7 Jun 17 2002 Time source is SNTP Time zone Acronym is PST Offset is UTC 8 Summertime Acronym is PDT Recurring every year Begins at first Sunday of April at 2 00 Ends at last Sund...

Page 105: ... keywords or arguments Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples Console show sntp configuration Polling interval 7200 seconds MD5 Authentication keys 8 9 Authentication is required for synchronization Trusted Keys 8 9 Unicast Clients Polling Enabled Server Polling Encrypt...

Page 106: ...EXEC mode User Guidelines There are no user guidelines for this command Examples The following example shows the status of the SNTP 176 1 1 8 Enabled 9 176 1 8 179 Disabled Disabled Broadcast Clients Enabled Broadcast Clients Poll Enabled Broadcast Interfaces g1 g3 Console show sntp status Clock is synchronized stratum 4 reference is 176 1 1 8 Reference time is AFE2525E 70597B34 00 10 22 438 PDT J...

Page 107: ...Clock 107 176 1 8 179 Secondary Unknown AFE21789 643287C9 8 98 189 19 Broadcast Interface IP address Last response 176 1 1 8 Primary AFE252C1 6DBDDFF2 176 1 8 179 Secondary AFE21789 643287C9 ...

Page 108: ...108 Clock w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 109: ...e are no user guidelines for this command Examples The following example deletes the startup config file copy The copy Privileged EXEC mode command copies files from a source to a destination Syntax copy source url destination url SNMP source url The source file location URL or reserved keyword being copied destination url The destination file URL or reserved keyword SNMP Used only when copying fr...

Page 110: ...e copy Active Image is the image the system currently boots from see show bootvar command or set to boot next from Non active image is the spare image location Keyword Source or destination flash Source or destination URL for Flash memory It s the default in case a URL is specified without a prefix running config Represents the current running configuration file startup config Represents the start...

Page 111: ...ese commands replace the startup configuration file with the copied configuration file Storing the Running or Startup Configuration on a Server Use the copy running config destination url command to copy the current configuration file to a network server using TFTP Use the copy startup config destination url command to copy the startup configuration file to a network server The configuration file ...

Page 112: ...image 1 image 2 image 1 Specifies image 1 as the system startup image image 2 Specifies image 2 as the system startup image Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image Examples The following example loads system image 1 for the next device startup Console c...

Page 113: ...rt type Specifies the sorting type of the file Can be one of the following values interface feature Default Configuration Sort type defaults to interface if unspecified Command Mode Privileged EXEC mode User Guidelines show running config does not show all the port configurations under the port Although the device is already configured with some default parameters show running config on an empty d...

Page 114: ...ode command displays the startup configuration file contents Syntax show startup config sort type Console show running config no spanning tree vlan database vlan 2 exit interface range ethernet g 1 2 switchport access vlan 2 exit interface vlan 2 bridge address 00 00 00 00 00 01 ethernet g1 exit interface ethernet g1 gvrp enable exit gvrp enable interface ethernet g24 ip address dhcp exit ip name ...

Page 115: ...fies the sorting type of the file Can be one of the following values interface feature Default Configuration Sort type defaults to interface if unspecified Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command ...

Page 116: ...XEC mode command displays the backup configuration file contents Syntax show backup config Console show startup config no spanning tree vlan database vlan 2 exit interface range ethernet g 1 2 switchport access vlan 2 exit interface vlan 2 bridge address 00 00 00 00 00 01 ethernet g1 exit interface ethernet g1 gvrp enable exit gvrp enable interface ethernet g24 ip address dhcp exit ip name server ...

Page 117: ...ged EXEC mode User Guidelines There are no user guidelines for this command Examples Console show backup config software version 1 1 hostname device interface ethernet g1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 interface ethernet g2 ip address 176 243 100 100 255 255 255 0 duplex full speed 1000 ...

Page 118: ...tartup Syntax show bootvar Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the active system image file that the device loads at startup Console show bootvar Images currently available on the FLASH image 1 active selected for next boot image 2 not ...

Page 119: ...re are no user guidelines for this command Example The following example enables ports g8 for configuration interface range ethernet The interface range ethernet Global Configuration mode command enters the interface configuration mode to configure multiple Ethernet type interfaces Syntax interface range ethernet port range all port range List of valid ports to add Separate non consecutive ports w...

Page 120: ...how ports g18 to g20 and ports g22 to g24 are grouped to receive the same command shutdown The shutdown Interface Configuration mode command disables interfaces To restart a disabled interface use the no form of this command Syntax shutdown no shutdown Default Configuration The interface is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user gu...

Page 121: ...description Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example adds a description to the Ethernet g5 speed The speed Interface Configuration mode command configures the speed of a given Ethernet interface when not using auto negotiation To restore the default use the no form of this command Syn...

Page 122: ...force 100 Mbps operation duplex The duplex Interface Configuration mode command configures the full half duplex operation of a given Ethernet interface when not using auto negotiation To restore the default use the no form of this command Syntax duplex half full no duplex half Force half duplex operation full Force full duplex operation Default Configuration The interface is set to full duplex Com...

Page 123: ...terface Configuration Ethernet port channel mode User Guidelines Turning off auto negotiation on an aggregate link may under some circumstances make it non operational If the other side has auto negotiation turned on it may re synchronize all members of the aggregated link to half duplex operation and may as per the standards set them all inactive Example The following example enables autonegotiat...

Page 124: ...x mode is set to HALF When Flow Control is ON the head of line blocking mechanism of this port is disabled If a link is set to NOT use auto negotiation the other side of the link must also be configured to not use auto negotiation To select auto ensure negotiation for Flow Control is enabled Example In the following example Flow Control is enabled on g5 mdix The mdix Interface Configuration mode c...

Page 125: ...his setting you can only use either an ethernet standard cross over cable to connect to a PC or an ethernet standard cable to connect to another switch Example In the following example automatic crossover is enabled on g5 back pressure The back pressure Interface Configuration mode command enables Back Pressure on a given interface To disable Back Pressure use the no form of this command Syntax ba...

Page 126: ...on Jumbo Frames are not enabled Command Mode Global Configuration mode User Guidelines The command would be effective only after reset Example In the following example Jumbo Frames are enabled on the device clear counters The clear counters User EXEC mode command clears statistics on an interface Syntax clear counters ethernet interface port channel port channel number interface Valid Ethernet por...

Page 127: ...number interface Valid Ethernet port port channel number Valid port channel trunk index Default Configuration This command has no default configuration Command Mode Privilege EXEC mode User Guidelines This command is used to activate interfaces that were configured to be active but were shutdown for some reason Example The following example activates interface g5 which is disabled show interfaces ...

Page 128: ...iguration Command Modes Privilege EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration for all configured interfaces Console show interfaces configuration Port Type Duplex Speed Neg Flow Control Admin State Back Pressure Mdix Mode g1 1G Full 1000 Auto On Up Enable Auto g2 1G Full 100 Off Off Up Disable Off g3 1G Full 1000 ...

Page 129: ... status MDIX Mode Displays the Auto crossover status Admin State Displays whether the port is enabled or disabled show interfaces status The show interfaces status User EXEC mode command displays the status for all configured interfaces Syntax show interfaces status ethernet interface port channel port channel number interface A valid Ethernet port port channel number A valid port channel trunk in...

Page 130: ...peed Neg Flow Control Back Pressur e MDIX Mode Link State g1 1G Copper Full 100 Auto On Enable On Up g2 1G Copper Full 100 Off Off Disable Off Down g23 1G Fiber Full 1000 Off Off Disable On Up Ch Type Duplex Speed Neg Flow Control Back Pressur e Link State 1 1000 Full 1000 Off Off Disable Up The interface was suspended by the system ...

Page 131: ...ontrol status Back Pressure Displays the Back Pressure status Link State Displays the Link Aggregation status show interfaces description The show interfaces description User EXEC mode command displays the description for all configured interfaces Syntax show interfaces description ethernet interface port channel port channel number interface Valid Ethernet port port channel number A valid port ch...

Page 132: ...ort channel number interface A valid Ethernet port port channel number A valid port channel index Default Configuration This command has no default configuration Command Modes Privilege EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays traffic seen by the physical interface Console show interfaces description ethernet g1 Port Descriptio...

Page 133: ...stPkts InBcastPkts g1 183892 1289 987 8 g2 0 0 0 0 g3 123899 1788 373 19 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts g4 9188 9 8 0 g5 0 0 0 0 g6 8789 27 8 0 Ch InOctets InUcastPkts InMcastPkts InBcastPkts 1 27889 928 0 78 Ch OutOctets OutUcastPkts OutMcastPkts OutBcastPkts 1 23739 882 0 122 ...

Page 134: ...astPkts g1 183892 1289 987 8 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts g1 9188 9 8 0 FCS Errors 8 Single Collision Frames 0 Multiple Collision Frames 0 SQE Test Errors 0 Deferred Transmissions 0 Late Collisions 0 Excessive Collisions 0 Internal MAC Tx Errors 0 Carrier Sense Errors 0 Oversize Packets 0 Internal MAC Rx Errors 0 Received Pause Frames 0 Transmitted Pause Frames 0 Field Des...

Page 135: ...ors A count of times that the SQE TEST ERROR is received The SQE TEST ERROR is set in accordance with the rules for verification of the SQE detection mechanism in the PLS Carrier Sense Function as described in IEEE Std 802 3 2000 Edition section 7 2 4 6 Deferred Transmissions A count of frames for which the first transmission attempt is delayed because the medium is busy Late Collisions Counted ti...

Page 136: ...occurrence of an event that causes the PHY to indicate Data reception error or carrier extend error on the GMII For an interface operating in full duplex mode at 1000 Mb s the number of times the receiving media is non idle a carrier event for a period of time equal to or greater than minFrameSize and during which there was at least one occurrence of an event that causes the PHY to indicate Data r...

Page 137: ...nfiguration Multicast packets are not counted Command Modes Global Configuration mode User Guidelines To control multicasts storms use the commands port storm control broadcast enable and port storm control broadcast rate Example The following example enables the counting of multicast packets port storm control broadcast enable The port storm control broadcast enable Interface Configuration mode c...

Page 138: ... storm control broadcast rate The port storm control broadcast rate Interface Configuration mode command configures the maximum broadcast rate Use the no form of this command to return to the default value port storm control broadcast rate rate no port storm control broadcast rate rate Maximum kilobytes per second of broadcast and multicast traffic on a port Rate 0 65535 Default Configuration The ...

Page 139: ...t Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the storm control configuration console config interface ethernet g2 console config if port storm control broadcast rate 10 console config port storm control broadcast rate 333 Console show ports st...

Page 140: ...c o m s u p p o r t d e l l c o m g8 Disabled g9 Disabled g10 Disabled g11 Disabled g12 Disabled g13 Disabled g14 Disabled g15 Disabled g16 Disabled g17 Disabled g18 Disabled g19 Disabled g20 Disabled g21 Disabled g22 Disabled g23 Disabled g24 Disabled ...

Page 141: ...o disable GVRP globally on the switch use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example globally enables GVRP on the device gvrp enable interface The gvrp enable Interface Configuration mode command enable...

Page 142: ...o reset the timer to default values use the no form of this command Syntax garp timer join leave leaveall timer_value no garp timer join Indicates the time in milliseconds that PDUs are transmitted Range 10 2147483640 leave Indicates the amount of time in milliseconds that the device waits before leaving its GARP state The Leave Time is activated by a Leave All Time message sent received and cance...

Page 143: ...er for port g8 to 900 milliseconds gvrp vlan creation forbid The gvrp vlan creation forbid Interface Configuration mode command enables or disables dynamic VLAN creation To disable dynamic VLAN creation use the no form of this command Syntax gvrp vlan creation forbid no gvrp vlan creation forbid Default Configuration By default dynamic VLAN creation is enabled Command Mode Interface Configuration ...

Page 144: ...N on the port is allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example shows how default dynamic registering and deregistering is forbidden for each VLAN on port g8 clear gvrp statistics The clear gvrp statistics Privileged EXEC mode command clears all the GVRP statistics information Synta...

Page 145: ...nformation including timer values whether GVRP and dynamic VLAN creation is enabled and which ports are running GVRP Syntax show gvrp configuration ethernet interface port channel port channel number interface A valid Ethernet interface port channel number A valid port channel trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines Th...

Page 146: ...rface port channel number A valid trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Console show gvrp configuration GVRP Feature is currently enabled on the switch Maximum VLANs 256 Port s GVRP Status Registration Dynamic VLAN Creation Timers milliseconds Join Leave Leave All g1 Enab...

Page 147: ...ved rEmp Empty Received rLIn Leave In Received rLE Leave Empty Received rLA Leave All Received sJE Join Empty Sent sJIn Join In Sent sEmp Empty Sent sLIn Leave In Sent sLE Leave Empty Sent sLA Leave All Sent Port rJE rJIn rEmp rLIn rLE rLA sJE sJIn sEmp sLIn sLE sLA g1 0 0 0 0 0 0 0 0 0 0 0 0 g2 0 0 0 0 0 0 0 0 0 0 0 0 g3 0 0 0 0 0 0 0 0 0 0 0 0 g4 0 0 0 0 0 0 0 0 0 0 0 0 g5 0 0 0 0 0 0 0 0 0 0 0 ...

Page 148: ...ser Guidelines There are no user guidelines for this command Example The following example displays GVRP statistics information Console show gvrp error statistics GVRP error statistics Legend INVPROT Invalid Protocol Id INVPLEN Invalid PDU Length INVATYP Invalid Attribute Type INVALEN Invalid Attribute Length INVAVAL Invalid Attribute Value INVEVENT Invalid Event Port INVPROT INVATYP INVAVAL INVAL...

Page 149: ...ation mode User Guidelines There are no user guidelines for this command Example The following example enables IGMP snooping ip igmp snooping Interface The ip igmp snooping Interface Configuration mode command enables Internet Group Management Protocol IGMP snooping on a specific VLAN To disable IGMP snooping on a VLAN interface use the no form of this command Syntax ip igmp snooping no ip igmp sn...

Page 150: ...f mrouter ports is enabled Command Mode Interface Configuration VLAN mode User Guidelines Multicast router ports can be configured statically by the bridge multicast forward all command Example The following example enables automatic learning of multicast router ports on VLANs ip igmp snooping host time out The ip igmp snooping host time out Interface Configuration mode command configures the host...

Page 151: ...gmp snooping mrouter time out The ip igmp snooping mrouter time out Interface Configuration mode command configures the mrouter time out The mrouter time out command is used for setting the aging out time after multicast router ports are automatically learned To configure the default mrouter time out use the no form of this command Syntax ip igmp snooping mrouter time out time out no ip igmp snoop...

Page 152: ...ax ip igmp snooping leave time out time out immediate leave no ip igmp snooping leave time out time out leave time out in seconds Range 0 2147483647 immediate leave Specifies that the port should be immediately removed from the members list after receiving IGMP Leave Default Configuration The default leave time out configuration is 10 seconds Command Mode Interface Configuration VLAN mode User Gui...

Page 153: ...s no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows IGMP snooping mrouter information show ip igmp snooping interface The show ip igmp snooping interface User EXEC mode command displays IGMP snooping configuration Syntax show ip igmp snooping interface vlan id vlan_id VLAN ID value Default Configur...

Page 154: ...n id address ip multicast address vlan_id VLAN ID value ip multicast address IP multicast address Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines To see the full multicast address table including static addresses use the show bridge address table command Console show ip igmp snooping interface 1 IGMP Snooping is globaly disabled IGMP Snoo...

Page 155: ...MP Snooping Commands 155 Example The example shows IGMP snooping information Console show ip igmp snooping groups Vlan IP Address Querier Ports 1 224 239 130 2 2 3 Yes g1 g2 19 224 239 130 2 2 8 Yes g9 11 ...

Page 156: ...156 IGMP Snooping Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 157: ...guration Command Mode Privileged EXEC mode User Guidelines This command would delete the host name to address mapping temporarily until the next renew of the IP address Examples The following example deletes all entries from the host name to address mapping ip address The ip address Interface Configuration mode command sets an IP address To remove an IP address use the no form of this command Synt...

Page 158: ...ress dhcp Interface Configuration mode command acquires an IP address on an interface from the Dynamic Host Configuration Protocol DHCP server To deconfigure any acquired address use the no form of this command The no ip address dhcp command deconfigures any IP address that was acquired thus sending a DHCPRELEASE message Syntax ip address dhcp hostname host name no ip address dhcp hostname Specifi...

Page 159: ...lt the specified DHCP host name is the device globally configured host name However you can use the ip address dhcp hostname host name command to place a different name in the DHCP option 12 field than the globally configured host name of the device The no ip address dhcp command deconfigures any IP address that was acquired thus sending a DHCPRELEASE message Example The following example acquires...

Page 160: ...faces configured for IP Syntax show ip interface ethernet interface number vlan vlan id port channel number ethernet interface number port vlan vlan id VLAN number port channel number Port channel number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example the displays...

Page 161: ...ddress to map to the specified IP address or IP alias ethernet interface number Ethernet port number vlan vlan id VLAN number port channel number Port channel number Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The software uses ARP cache entries to translate 32 bit IP addresses into 48 bit hardware addresses Because most ho...

Page 162: ...s Time in seconds that an entry remains in the ARP cache Range 1 40000000 Default Configuration The default timeout is 60000 seconds Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600 Example The following example configures ARP timeout to 12000 seconds clear arp cache The clear arp cache Privileged EXEC mode command deletes all ...

Page 163: ...plays entries in the ARP table Syntax show arp Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays entries in the ARP table Console clear arp cache Console show arp ARP timeout 60000 Seconds Interface IP address HW address status g1 10 7 1 102 00 10 B5 ...

Page 164: ...ples The following example enables the IP Domain Naming System DNS based host name to address translation ip domain name The ip domain name Global Configuration mode command defines a default domain name that the software uses to complete unqualified host names names without a dotted decimal domain name To disable use of the Domain Name System DNS use the no form of this command Syntax ip domain n...

Page 165: ... server address IP addresses of the name server Up to 8 servers can be defined in one command or by using multiple commands Default Configuration No name server addresses are specified Command Mode Global Configuration mode User Guidelines The preference of the servers is determined by the order they were entered Up to 8 servers can be defined Examples The following example sets the available name...

Page 166: ... command Examples The following example defines a static host name to address mapping in the host cache clear host The clear host Privileged EXEC mode command deletes entries from the host name to address cache Syntax clear host name name Particular host entry to remove Range 1 158 characters Removes all entries Default Configuration This command has no default configuration Command Mode Privilege...

Page 167: ...e default domain name a list of name server hosts the static and the cached list of host names and addresses Syntax show hosts name name Name of the host Range 1 158 characters Default Configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays host information Console config clear host ...

Page 168: ...sole show hosts Default domain is GM COM Name address lookup is enabled Name servers 176 16 1 18 176 16 1 19 Static host name to address mapping Host Addresses www dell com 176 16 8 8 176 16 8 9 Cache TTL Hours Host Total Elapsed Type Addresses www dell com 72 3 IP 171 64 14 203 ...

Page 169: ... Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the system priority to 120 lacp port priority The lacp port priority Interface Configuration mode command configures the priority value for physical ports To reset to default priority value use the no form of this command Syntax lacp port priority value no ...

Page 170: ...ve LACP timeout use the no form of this command Syntax lacp timeout long short no lacp timeout long Specifies a long timeout value short Specifies a short timeout value Default Configuration The default port timeout value is long Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example assigns an administrative L...

Page 171: ...ode User Guidelines There are no user guidelines for this command Example The following example shows how to display LACP statistics information show lacp port channel The show lacp port channel Privileged EXEC mode command displays LACP information for a port channel Syntax show lacp port channel port_channel_number port_channel_number The port channel number Default Configuration This command ha...

Page 172: ...ser guidelines for this command Example The following example shows how to display LACP port channel information Console show lacp port channel 1 Port Channel 1 Port Type 1000 Ethernet Actor System Priority 1 MAC Address 00 02 85 0E 1C 00 Admin Key 29 Oper Key 29 Partner System Priority 0 MAC Address 00 00 00 00 00 00 Oper Key 14 ...

Page 173: ...access SSH Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example configures the device as a virtual terminal for remote console access speed The speed Line Configuration mode command sets the line baud rate Syntax speed bps bps Baud rate in bits per second b...

Page 174: ... this command to disable automatic baud rate detection Syntax autobaud no autobaud Default Configuration Disabled Command Mode Line Configuration console mode User Guidelines To start communications using automatic baud detection press the Enter key twice Examples The following example sets the line for automatic baud rate detection exec timeout The exec timeout Line Configuration mode command set...

Page 175: ...ples The following example configures the interval that the system waits until user input is detected to 20 minutes show line The show line User EXEC mode command displays line parameters Syntax show line console telnet ssh console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration Default ...

Page 176: ...mmand Mode User EXEC mode User Guidelines The command enables the command history for the current session The default would be determined by the history line configuration command terminal history size The terminal history size EXEC mode command changes the command history buffer size for the current terminal session To reset the command history buffer size to the default use the no form of this c...

Page 177: ...Line Commands 177 Default Configuration The default is determined by the history size line configuration command Command Mode User EXEC mode User Guidelines The maximum for the sum of all buffers is 256 ...

Page 178: ...178 Line Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 179: ...are no guidelines for this command Example The following example enables Link Layer Discovery Protocol LLDP lldp enable interface To enable Link Layer Discovery Protocol LLDP on an interface use the lldp enable command in interface configuration mode To disable LLDP on an interface use the no form of this command Syntax lldp enable rx tx both no lldp enable rx Receive only LLDP packets tx Transmit...

Page 180: ... the port is authorized Examples The following example enables Link Layer Discovery Protocol LLDP on an interface g5 lldp timer To specify how often the software sends Link Layer Discovery Protocol LLDP updates use the lldp timer command in global configuration mode To revert to the default setting use the no form of this command Syntax lldp timer seconds no lldp timer seconds Specifies in seconds...

Page 181: ...uraiton The default configuration is 4 Command Modes Global configuration User Guidelines The actual time to live value used in LLDP frames can be expressed by the following formula TTL min 65535 LLDP Timer LLDP HoldMultiplier For example if the value of LLDP timer is 30 and the value of the LLDP hold multiplier is 4 then the value 120 is encoded in the TTL field in the LLDP header Examples The fo...

Page 182: ...it before reinitializing LLDP transmission lldp tx delay To specify the delay between successive LLDP frame transmissions initiated by value status changes in the LLDP local systems MIB use the lldp tx delay command in global configuration mode To revert to the default setting use the no form of this command Syntax lldp tx delay seconds no lldp tx delay Parameters seconds Specifies the delay in se...

Page 183: ...lv Specifies TLV that should be included Available optional TLVs are port desc sys name sys desc and sys cap Range 1 8192 seconds Default Configuration No optional TLV is transmitted Command Modes Interface configuration Ethernet User Guidelines There are no user guidelines for this command Example The following example specifies which optional TLV 2 s from the basic set should be transmitted lldp...

Page 184: ...ollowing example specifies management address that would be advertised from an interface clear lldp rx To restart the LLDP RX state machine and clearing the neighbors table use the clear lldp rx command in privileged EXEC mode Syntax clear lldp rx ethernet interface Interface Ethernet port Command Modes Privileged EXEC User Guidelines There are no user guidelines for this command Example The folow...

Page 185: ...Example The following example displays the Link Layer Discovery Protocol LLDP configuration show lldp local To display the Link Layer Discovery Protocol LLDP information that is advertised from a specific port use the show lldp local command in privileged EXEC mode Syntax show lldp local ethernet interface Interface Ethernet port Switch show lldp configuration Timer 30 Seconds Hold multiplier 4 Re...

Page 186: ...using Link Layer Discovery Protocol LLDP use the show lldp neighbors command in privileged EXEC mode Syntax show lldp neighbors ethernet interface Interface Ethernet port Command Modes Privileged EXEC User Guidelines There are no user guidelines for this command Example The following example displays information about neighboring devices discovered using Link Layer Discovery Protocol LLDP Switch s...

Page 187: ...1 Hold Time 117 Capabilities B System Name ts 7800 2 System description Port description Management address 172 16 1 1 Port Device ID Port ID Hold Time Capabilities System Name g1 0060 704C 73FE 1 117 B ts 7800 2 g1 0060 704C 73FD 1 93 B ts 7800 2 g2 0060 704C 73F C 9 1 B R ts 7900 1 g3 0060 704C 73FB 1 92 W ts 7900 2 ...

Page 188: ...188 LLDP Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 189: ...nd Mode Global Configuration mode User Guidelines This command enters the access list configuration mode where the denied or permitted access conditions with the deny and permit commands must be defined If no match criteria are defined the default is deny If reentering to an access list context the new rules are entered at the end of the access list Use the management access class command to selec...

Page 190: ...number service service permit ip source ip address mask mask prefix length ethernet interface number vlan vlan id port channel number service service ethernet interface number A valid Ethernet port number vlan vlan id A valid VLAN number port channel number A valid port channel number ip address Source IP address Range Valid IP Address mask mask Specifies the network mask of the source IP address ...

Page 191: ...s are permitted in the access list called mlist deny management The deny Management Access List Configuration mode command defines a deny rule Syntax deny ethernet interface number vlan vlan id port channel number service service deny ip source ip address mask mask prefix length ethernet interface number vlan vlan id port channel number service service ethernet interface number A valid Ethernet po...

Page 192: ...s how all ports are denied in the access list called mlist management access class The management access class Global Configuration mode command defines which management access list is used To disable restriction use the no form of this command Syntax management access class console only name no management access class name Name of the access list If unspecified defaults to an empty access list Ra...

Page 193: ...st Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the active management access list show management access class The show management access class Privileged EXEC mode command displays the active management access list Console ...

Page 194: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the management access list information Console show management access class Management access class is enabled using access list mlist ...

Page 195: ...d Mode Privileged EXEC mode User Guidelines The port under test should be conducted when the fiber link is down NOTE The maximum distance VCT can function is 120 meters Examples The following example results in a report on the cable attached to port g3 show copper ports tdr The show copper ports tdr Privileged EXEC mode command display the last TDR Time Domain Reflectometry tests on specified port...

Page 196: ...ts cable length Privileged EXEC mode command displays the estimated copper cable length attached to a port Syntax show copper ports cable length interface interface A valid Ethernet port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The port must be active and working in 1000M Console show copper ports tdr Port Result Length meter...

Page 197: ...r diagnostics Syntax show fiber ports optical transceiver interface detailed interface A valid Ethernet port detailed Detailed diagnostics Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines To test optical transceivers ensure a fiber link is up The test is only supported on Dell supported SFP modules Console show copper ports cable len...

Page 198: ... fiber ports optical transceiver Port Temp Voltage Current Power Output Power Input Power LOS g3 Copper g21 W OK E OK OK OK g22 OK OK OK OK OK OK Temp Internally measured transceiver temperature Voltage Internally measured supply voltage Current Measured TX bias current Output Power Measured TX output power Input Power Measured RX received power LOS Loss of signal ...

Page 199: ...Port Temp C Voltage Volt Current mA Output Power mWatt Input Power mWatt LOS g23 70 7 27 0 79 3 30 2 50 No g21 70 7 24 0 78 2 20 2 49 No Temp Internally measured transceiver temperature Voltage Internally measured supply voltage Current Measured TX bias current Output Power Measured TX output power Input Power Measured RX received power LOS Loss of signal ...

Page 200: ...200 PHY Diagnostics Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 201: ...some circumstances make it non operational If the other side has auto negotiation turned on it may re synchronize all members of the aggregated link to half duplex operation and may as per the standards set them all to inactive Example The following example enters the context of port channel number 1 interface range port channel The interface range port channel Global Configuration mode command en...

Page 202: ...same command channel group The channel group Interface Configuration mode command associates a port with a port channel To remove a port from a port channel use the no form of this command Syntax channel group port channel number mode on auto no channel group port channel_number Specifies the number of the valid port channel for the current port to join on Forces the port to join a channel auto Al...

Page 203: ...oad balancing is based on layer 2 and layer 3 parameters layer 2 3 4 Port channel load balancing is based on layer 2 layer 3 and layer 4 parameters Default Configuration Layer 2 Command Modes Global Configuration User Guidelines In L2 L3 L4 load balancing policy fragmented packets might be reordered Example The following example configures the load balancing policy of the port channeling on layer ...

Page 204: ...nel Default Configuration This command has no default configuration Command Modes EXEC User Guidelines There are no user guidelines for this command Example The following example shows how all port channel information is displayed Console show interfaces port channel Load balancing Layer2 and Layer 3 Channel Ports 1 Active 1 2 2 Active 2 7 3 Active 3 8 ...

Page 205: ...nother port or between the source port src interface and a destination port the port being configured Only a single target port can be defined per system The port being monitored cannot be set faster than the monitoring port The following restrictions apply to ports configured to be destination ports The port cannot be already configured as a source port The port cannot be a member in a port chann...

Page 206: ... may exceed the bandwidth of the target port In this case the division of the monitored packets may not be equal The user is advised to use caution in assigning port monitoring Example The following example shows how traffic on port g8 source port is copied to port g1 destination port show ports monitor The show ports monitor User EXEC mode command displays the port monitoring status Syntax show p...

Page 207: ...Port Monitor Commands 207 Console show ports monitor Source Port Destination Port Type Status g1 g8 RX TX Active g2 g8 RX TX Active g18 g8 Rx Active ...

Page 208: ...208 Port Monitor Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 209: ...iguration for this command Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example shows how QoS is enabled on the device in basic mode show qos The show qos User EXEC mode command displays the quality of service QoS mode for the entire device Syntax show qos This command has no arguments or keywords Default Configuration T...

Page 210: ...r queue cos map queue id cos1 cos8 no wrr queue cos map queue id queue id The queue number to which the following CoS values are mapped cos1 cos8 Map to specific queues up to eight CoS values from 0 to 7 Default Configuration The map default values for 4 queues CoS value 1 select queue 1 CoS value 2 select queue 1 CoS value 0 select queue 2 CoS value 3 select queue 2 CoS value 4 select queue 3 CoS...

Page 211: ...eduler for the packet queues Separate each value by spaces Range 6 255 Default Configuration The default WRR weight is 1 4 ratio for all queues each weight set to 6 Command Mode Interface Configuration Ethernet port channel mode User Guidelines The ratio for each queue is defined by the queue weight divided by the sum of all queue weights i e the normalized weight This actually sets the bandwidth ...

Page 212: ...h higher indexes Range 1 4 Default Configuration All queues are expedite queues Command Mode Global Configuration mode User Guidelines When configuring the priority queue out num of queues command the weighted round robin WRR weight ratios are affected because there are fewer queues participating in WRR Queue 4 is taken as the highest index queue Queue 3 is taken as the next highest queue If two p...

Page 213: ...ue map and the EF priority Default Configuration There is no default configuration for this command Command Mode User EXEC mode User Guidelines If no keyword is specified with the show qos interface command the port QoS mode DSCP trusted CoS trusted untrusted default CoS value attached to the port attached to the interface are displayed If a specific interface is not specified the information for ...

Page 214: ...qos map dscp queue dscp list to queue id no qos map dscp queue dscp list Specify up to 8 DSCP values separate each DSCP with a space Range 0 63 queue id Enter the queue number to which the DSCP value corresponds Console show qos interface ethernet g1 queuing Ethernet g1 wrr bandwidth weights and EF priority qid weights Ef Priority 1 125 dis N A 2 125 dis N A 3 125 dis N A 4 125 dis N A Cos queue m...

Page 215: ...os Classifies ingress packets with the packet CoS values For untagged packets the port default CoS is used dscp Classifies ingress packets with the packet DSCP values Default Configuration CoS is the default trust mode Command Mode Global Configuration mode User Guidelines Packets entering a quality of service QoS domain are classified at the edge of the QoS domain When the packets are classified ...

Page 216: ...he no form of this command Syntax qos trust no qos trust Default Configuration Each port is enabled while the system is operational Command Mode Interface Configuration Ethernet port channel mode User Guidelines Use no qos trust to disable the trust mode on each port Use qos trust to enable trust mode on each port Example The following example configures port g5 to default trust state CoS qos cos ...

Page 217: ...se the default value to assign a CoS value to all untagged packets entering the port Example The following example configures port g5 default CoS value to 3 show qos map The show qos map User EXEC mode command displays all the QoS maps Syntax show qos map dscp queue dscp queue Displays the DSCP to queue map Default Configuration This command has no default configuration Command Mode User EXEC mode...

Page 218: ...D1 x 10 D2 Value of DSCP console show qos map Dscp queue map d1 d2 0 1 2 3 4 5 6 7 8 9 0 01 01 01 01 01 01 01 01 01 01 1 01 01 01 01 01 01 02 02 02 02 2 02 02 02 02 02 02 02 02 02 02 3 02 02 03 03 03 03 03 03 03 03 4 03 03 03 03 03 03 03 03 04 04 5 04 04 04 04 04 04 04 04 04 04 6 04 04 04 04 Column Description D1 Decimal Bit 1 of DSCP D2 Decimal Bit 2 of DSCP 01 04 Queue numbers ...

Page 219: ...d Range 1 30 retransmit Specifies the re transmit value If no re transmit value is specified the global value is used Range 1 10 deadtime Length of time in minutes for which a RADIUS server is skipped over by transaction requests Range 0 2000 key Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server This key must match the encryption...

Page 220: ...iod 20 seconds radius server key The radius server key Global Configuration mode command sets the authentication and encryption key for all RADIUS communications between the device and the RADIUS daemon To reset to the default use the no form of this command Syntax radius server key key string no radius server key key string Specifies the authentication and encryption key for all RADIUS communicat...

Page 221: ...transmit value Range 1 10 Default Configuration The default is 3 attempts Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the number of times the software searches the list of RADIUS server hosts to 5 attempts radius server source ip The radius server source ip Global Configuration mode command specifies ...

Page 222: ...iguration mode command sets the interval for which a device waits for a server host to reply To restore the default use the no form of this command Syntax radius server timeout timeout no radius server timeout timeout Specifies the timeout value in seconds Range 1 30 Default Configuration The default value is 3 seconds Command Mode Global Configuration mode User Guidelines There are no user guidel...

Page 223: ...requests Range 0 2000 Default Configuration The default dead time is 0 minutes Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets a dead time where a RADIUS server is skipped over by transaction requests for this period to 10 minutes show radius servers The show radius servers User EXEC mode command displays the R...

Page 224: ... displays the RADIUS server settings Console show radius servers IP address Port Auth Time Out Retransmit Dead time Source IP Priority Usage 172 16 1 1 1645 Global Global Global Global 1 All 172 16 1 2 1645 11 8 Global Global 2 All Global values TimeOut 3 Retransmit 3 Deadtime 0 Source IP 172 16 8 1 ...

Page 225: ...guration Command Mode User EXEC mode User Guidelines The following RMON Groups are supported Ethernet Statistics Group1 History Group 2 Alarms Group 3 and Events Group 4 Example The following example displays RMON Ethernet Statistics for port g1 Console show rmon statistics ethernet g1 Port g1 Dropped 8 Octets 878128 Packets 978 Broadcast 7 Multicast 1 CRC Align Errors 0 Collisions 0 Undersize Pkt...

Page 226: ...rsize Pkts The total number of packets received less than 64 octets long excluding framing bits but including FCS octets and otherwise well formed Oversize Pkts The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and otherwise well formed Fragments The total number of packets received less than 64 octets in length excluding framing bits but ...

Page 227: ...to 50 Range 1 65535 interval seconds The number of seconds in each polling cycle If unspecified defaults to 1800 Range 1 3600 Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command cannot be executed on multiple ports using the interface range ethernet command 256 to 511 Octets The total number of...

Page 228: ...mon collection history ethernet interface port channel port channel number interface Valid Ethernet port port channel number Valid port channel trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays all RMON group statistics Console config interface ...

Page 229: ... Displays drop and collision counters period seconds Specifies the requested period time to display Range 1 4294967295 Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Field Description Index An index that uniquely identifies the entry Interface The sampled Ethernet interface Interval The inter...

Page 230: ...nsole show rmon history 5 throughput Sample Set 1 Owner CLI Interface g1 Interval 1800 Requested samples 50 Granted samples 50 Maximum table size 500 Time Octets Packets Broadcast Multicast Jan 18 2002 21 57 00 303595962 357568 3289 7287 19 98 Jan 18 2002 21 57 30 287696304 275686 2789 2789 20 17 Console show rmon history 5 errors Sample Set 1 Owner CLI Interface g1 Interval 1800 Requested samples...

Page 231: ...re directed to the broadcast address Multicast The number of good packets received during this sampling interval that were directed to a multicast address This number does not include packets addressed to the broadcast address Utilization The best estimate of the mean physical layer network utilization on this interface during this sampling interval in hundredths of a percent CRC Align The number ...

Page 232: ... octets but were otherwise well formed Fragments The total number of packets received during this sampling interval that were less than 64 octets in length excluding framing bits but including FCS octets had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets AlignmentError It is normal for etherHistoryFragments to inc...

Page 233: ...an or equal to the fthreshold and direction is equal to falling or rising falling then a single falling alarm is generated owner name Enter a name that specifies who configured this alarm If unspecified the name is an empty string Default Configuration The following parameters have the following default values type type If unspecified the type is absolute startup direction If unspecified the start...

Page 234: ... table The following table describes the significant fields shown in the display show rmon alarm The show rmon alarm User EXEC mode command displays alarm configuration Syntax show rmon alarm number number Alarm index Range 1 65535 Console show rmon alarm table Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3 6 1 2 1 2 2 1 10 1 Manager 3 1 3 6 1 2 1 2 2 1 10 9 CLI Field Description Index An inde...

Page 235: ... 1 Last sample Value 878128 Interval 30 Sample Type delta Startup Alarm rising Rising Threshold 8700000 Falling Threshold 78 Rising Event 1 Falling Event 1 Owner CLI Field Description OID Monitored variable OID Last Sample Value The statistic value during the last sampling period For example if the sample type is delta this value is the difference between the samples at the beginning and end of th...

Page 236: ...g the value compared against the thresholds If the value is absolute the value of the variable is compared directly with the thresholds at the end of the sampling interval If the value is delta the value of the variable at the last sample is subtracted from the current value and the difference compared with the thresholds Startup Alarm The alarm that may be sent when this entry is first set If the...

Page 237: ...ple configures an event with the trap index of 10 show rmon events The show rmon events User EXEC mode command displays the RMON event table Syntax show rmon events Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the RMON event table Console config rmon e...

Page 238: ...roadcast Log Trap device Manager Jan 18 2002 23 59 48 Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the case of trap an SNMP trap is sent...

Page 239: ...ize 500 Event Description Time 1 Errors Jan 18 2002 23 48 19 1 Errors Jan 18 2002 23 58 17 2 High Broadcast Jan 18 2002 23 59 48 Console show rmon log Maximum table size 500 800 after reset Event Description Time 1 Errors Jan 18 2002 23 48 19 1 Errors Jan 18 2002 23 58 17 2 High Broadcast Jan 18 2002 23 59 48 Field Description Event An index that uniquely identifies the event Description A comment...

Page 240: ...es no rmon table size history log history entries Maximum number of history table entries Range 20 32767 log entries Maximum number of log table entries Range 20 32767 Default Configuration History table size is 270 Log table size is 200 Command Mode Global Configuration mode User Guidelines The configured table size is effective after the device is rebooted Example The following example configure...

Page 241: ...efined view The view defines the objects available to the community It s not relevant for su which has an access to the whole MIB If unspecified all the objects except of the community table and SNMPv3 user and access tables are available Range 1 30 chars ip address Management station IP address Default is all IP addresses An out of band IP address can be specified as described in the usage guidel...

Page 242: ...rver view To create or update a view entry use the snmp server view global configuration command To remove the specified Simple Network Management Protocol SNMP server view entry use the no form of this command Syntax snmp server view view name oid tree included excluded no snmp server view view name oid tree view name Label for the view record that you are updating or creating The name is used to...

Page 243: ...yntax snmp server filter filter name oid tree included excluded no snmp server filter filter name oid tree filter name Label for the filter record that you are updating or creating The name is used to reference the record Range Up to 30 characters oid tree Object identifier of the ASN 1 subtree to be included or excluded from the view To identify the subtree specify a text string consisting of num...

Page 244: ...p server contact text no snmp server contact text Character string up to 160 characters describing the system contact information Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string Example The following example displays setting up the system contact point as Dell_Technical_Support snmp serv...

Page 245: ...ice location as New_York snmp server enable traps The snmp server enable traps Global Configuration mode command enables the switch to send SNMP traps To disable SNMP traps use the no form of the command Syntax snmp server enable traps no snmp server enable traps Default Configuration Enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examp...

Page 246: ...ps snmp server host To specify the recipient of Simple Network Management Protocol notification operation use the snmp server host global configuration command Use the no form of this command to remove the specified host Syntax snmp server host ip address hostname community string traps informs 1 2 udp port port filter filtername timeout seconds retries retries no snmp server host ip address hostn...

Page 247: ...configuration Command Mode Global Configuration mode User Guidelines When configuring snmp v1 or v2 notification recipients the software should automatically generate notification views for those recipients for all MIBs Example The following example specifies the recipient of Simple Network Management Protocol notification operation snmp server set The snmp server set Global Configuration mode com...

Page 248: ...k Management Protocol SNMP group or a table that maps SNMP users to SNMP views use the snmp server group global configuration command To remove a specified SNMP group use the no form of this command Syntax snmp server group groupname v1 v2 v3 noauth auth priv notify notifyview context name read readview write writeview no snmp server group groupname v1 v2 v3 noauth auth priv context name groupname...

Page 249: ...rm or a trap If unspecified nothing is defined for the notify view Range Up to 30 characters Default configuration No group entry exists Command Mode Global configuration User Guidelines The Router context is translated to context in the MIB Example The following example configures a new Simple Network Management Protocol SNMP group or a table that maps SNMP users to SNMP views snmp server user To...

Page 250: ...uthentication and privacy are required you should enter 32 bytes Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or colon Range 16 32 characters auth sha key The HMAC SHA 96 authentication level The user should enter authentication and privacy keys sha des keys Concatenated hexadecimal string of the SHA key MSB and the privacy key LSB If ...

Page 251: ...ion Range 1 24 traps Indicates that SNMP traps are sent to this host informs Indicates that SNMP informs are sent to this host noauth Indicates no authentication of a packet auth Indicates authentication of a packet without encrypting it priv Indicates authentication of a packet with encryption port Specifies the UDP port of the host to use If unspecified the default UDP port number is 162 Range 1...

Page 252: ...gineID local engineid string default no snmp server engineID local engineid string Specifies a character string that identifies the engine ID Range 5 32 characters default The engine ID is created automatically based on the device MAC address Default Setting The engine ID is not configured If SNMPv3 is enabled using this command and the default is specified the default engine ID is defined per sta...

Page 253: ...d entered on the command line is converted to an MD5 or SHA security digest This digest is based on both the password and the local engine ID The user s command line password is then destroyed as required by RFC 2274 As a result the security digests of SNMPv3 users become invalid if the local value of the engine ID change and the users will have to be reconfigured You cannot specify an engine ID t...

Page 254: ...e show snmp Privileged EXEC mode command displays the SNMP status Syntax show snmp Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the SNMP communications status Console show snmp engineID Local SNMP engineID 08009009020C0B099C075878 console sh snmp...

Page 255: ...odes Privileged EXEC User Guidelines There are no user guidelines for this command Example The following example displays the configuration of views use the show snmp views Privileged EXEC command Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Communit y Version UDP Port Filter name TO sec Retrie s Version 3 notifications Target Address Type Username...

Page 256: ...roup Default Configuration There is no default configuration for this command Command Modes Privileged EXEC User Guidelines There are no user guidelines for this command Example The following example displays the configuration of views use the show snmp views Privileged EXEC command Console show snmp views Name OID Tree Type user view 1 3 6 1 2 1 1 Included user view 1 3 6 1 2 1 1 7 Excluded user ...

Page 257: ...character Default Configuration There is no default configuration for this command Console show snmp groups Name Security Views Model Level Context Read Write Notify user group V3 priv Default managers group V3 priv Default Default managers group V3 priv Default Console show snmp groups user group Name user group Security Model V3 Security Level priv Security Context Read View Default Write View N...

Page 258: ...sers Privileged EXEC command Syntax show snmp users username usernam The name of the user Range Up to 30 character Default Configuration There is no default configuration for this command Command Modes Privileged EXEC User Guidelines There are no user guidelines for this command Example The following example displays the configuration of groups use the show snmp users Privileged EXEC command Conso...

Page 259: ...e Auto Method Remote John 1 3 6 1 2 1 1 md5 John 1 3 6 1 2 1 1 7 md5 08009009020C0B09 9C075879 Console show snmp users John Name John Group name user group Auth Method md5 Remote Name John Group name user group Auth Method md5 Remote 08009009020C0B099C075879 ...

Page 260: ...260 SNMP Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 261: ...mode User Guidelines There are no user guidelines for this command Example The following example enables spanning tree functionality spanning tree mode The spanning tree mode Global Configuration mode command configures the spanning tree protocol To return to the default configuration use the no form of this command Syntax spanning tree mode stp rstp mstp no spanning tree mode stp STP is the Spann...

Page 262: ...bridge forward time which is the amount of time a port remains in the listening and learning states before entering the forwarding state To reset the default forward time use the no form of this command Syntax spanning tree forward time seconds no spanning tree forward time seconds Time in seconds Range 4 30 Default Configuration The default forwarding time for IEEE Spanning tree Protocol STP is 1...

Page 263: ...me The spanning tree hello time Global Configuration mode command configures the spanning tree bridge hello time which is how often the switch broadcasts hello messages to other switches To reset the default hello time use the no form of this command ...

Page 264: ...ng example configures spanning tree bridge hello time to 5 seconds spanning tree max age The spanning tree max age Global Configuration mode command configures the spanning tree bridge maximum age To reset the default maximum age use the no form of this command Syntax spanning tree max age seconds no spanning tree max age seconds Time in seconds Range 6 40 Default Configuration The default max age...

Page 265: ...4096 Default Configuration The default bridge priority for IEEE STP is 32768 Command Modes Global Configuration mode User Guidelines The priority value must be a multiple of 4096 The bridge with the lowest priority is elected to be the Root Bridge Example The following example configures spanning tree priority to 12288 spanning tree disable The spanning tree disable Interface Configuration mode co...

Page 266: ...h cost use the no form of this command Syntax spanning tree cost cost no spanning tree cost cost The port path cost Range 1 200 000 000 Default Configuration For the default short pathcost method the cost values are port channel 4 1000 mbps 4 100 mbps 19 10 mbps 100 Command Modes Interface Configuration Ethernet port channel mode User Guidelines The method used long or short is set by using the sp...

Page 267: ...ser Guidelines There are no user guidelines for this command Example The following example configures the spanning priority on g5 to 96 spanning tree portfast The spanning tree portfast Interface Configuration mode command enables PortFast mode In PortFast mode the interface is immediately put into the forwarding state upon linkup without waiting for the timer to expire To disable PortFast mode us...

Page 268: ...nk type point to point shared no spanning tree spanning tree link type point to point Specifies the port link type as point to point shared Specifies that the port link type is shared Default Configuration There is no default configuration for this command Command Modes Interface Configuration Ethernet port channel mode User Guidelines The switch derives the link type of a port from the duplex mod...

Page 269: ...EE Spanning Tree Protocol STP is 32768 Command Mode Global Configuration mode User Guidelines The device with the lowest priority is selected as the root of the spanning tree Example The following example configures the spanning tree priority of instance 1 to 4096 spanning tree mst max hops The spanning tree mst priority Global Configuration mode command configures the number of hops in an MST reg...

Page 270: ...onfiguration use the no form of this command Syntax spanning tree mst instance id port priority priority no spanning tree mst instance id port priority instance ID ID of the spanning tree instance Range 1 15 priority The port priority Range 0 240 in multiples of 16 Default Setting The default port priority for IEEE Multiple Spanning Tree Protocol MSTP is 128 Command Modes Interface Configuration E...

Page 271: ...fault Setting Default path cost is determined by port speed and path cost method long or short as shown below Command Modes Interface Configuration Ethernet port channel mode Default Configuration There is no default configuration for this command Example The following example configures the MSTP instance 1 path cost for Ethernet port e9 to 4 spanning tree mst configuration The spanning tree mst c...

Page 272: ...vlan vlan range instance ID ID of the MST instance Range 1 8 vlan range VLANs to be added to or removed from the specified MST instance To specify a range of VLANs use a hyphen To specify a series of VLANs use a comma Range 1 4094 Default Setting VLANs are mapped to the common and internal spanning tree CIST instance instance 0 Command Modes MST Configuration mode User Guidelines All VLANs that ar...

Page 273: ...1 32 characters Default Setting The default name is a bridge ID Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines the configuration name as regional revision mst The revision MST configuration command defines the configuration revision number To return to the default configuration use the no form of this command ...

Page 274: ...pending MST region configuration Syntax show current pending current Indicates the current region configuration pending Indicates the pending region configuration Default Setting This command has no default configuration Command Mode MST Configuration mode User Guidelines The pending MST region configuration takes effect only after exiting the MST configuration mode Example The following example d...

Page 275: ...re no user guidelines for this command Example The following example exits the MST configuration mode and saves changes abort mst The abort MST Configuration mode command exits the MST configuration mode without applying the configuration changes Syntax abort Default Setting This command has no default configuration Name Region1 Revision 1 Instance Vlans Mapped State 0 1 9 21 4094 Enabled 1 10 20 ...

Page 276: ... spanning tree pathcost method long short no spanning tree pathcost method long Specifies 1 through 200 000 000 range for port path costs short Specifies 0 through 65 535 range for port path costs Default Configuration Short Command Mode Global configuration mode User Guidelines The cost is set using the spanning tree cost command Example The following example sets the default path cost method to ...

Page 277: ...ree is disabled on an interface clear spanning tree detected protocols The clear spanning tree detected protocols Privileged EXEC mode command restarts the protocol migration process force the renegotiation with neighboring switches on all interfaces or on the specified interface Syntax clear spanning tree detected protocols ethernet interface number port channel port channel number interface A va...

Page 278: ...e id show spanning tree mst configuration detail Display detailed information active Display active ports only blockedports Display blocked ports only mst configuration Display the MST configuration identifier interface number Ethernet port number Range Valid Ethernet port port channel number Port channel index Range Valid Ethernet port instance id ID associated with a spanning tree instance Defau...

Page 279: ...ello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 Enabled 128 1 20000 FWD Root No P2p RST P 2 Enabled 128 2 20000 FWD Desg No Shar ed STP 3 Disabled 128 3 20000 4 Enabled 128 4 20000 BLK Altn No Shar ed STP 5 Enabled 128 5 20000 DIS ...

Page 280: ...t Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 Enabled 128 1 20000 FWD Desg No P2p RST P 2 Enabled 128 2 20000 FWD Desg No Shar ed STP 3 Disabled 128 3 20000 4 Enabled 128 4 20000 FWD Desg No Shar ed STP 5 Enabled 128 5 20000 DIS Console show spanning tree Spanning tree disabled BPDU filtering mode RSTP Default port cost method l...

Page 281: ...me State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 1 20000 1 2 Enabled 128 2 20000 1 3 Disabled 128 3 20000 1 4 Enabled 128 4 20000 1 5 Enabled 128 5 20000 Console show spanning tree active Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 oot Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Brid...

Page 282: ... Type 1 1 Enabled 128 1 20000 FWD Root No P2p RST P 1 2 Enabled 128 2 20000 FWD Desg No Shar ed STP 1 4 Enabled 128 4 20000 BLK Altn No Shar ed STP onsole show spanning tree blockedports Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 01 42 9 7 e0 00 Path Cost 20000 Root Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priori...

Page 283: ...e enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 2 last change occurred 2d18h ago Times hold 1 topology change 35 notification 2 hello...

Page 284: ...ort id 128 2 Port cost 20000 Type Shared configured auto STP Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated path cost 20000 Guard root Disabled BPDU guard Disabled Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Port 3 1 3 disabled State N A Role N A Port id 128 3 Port cost 20000 Type N A configured ...

Page 285: ... 2 received 120638 Port 5 1 5 enabled State Disabled Role N A Port id 128 5 Port cost 20000 Type N A configured auto Port Fast N A configured no Designated bridge Priority N A Address N A Designated port id N A Designated path cost N A Guard root Disabled BPDU guard Disabled Number of transitions to forwarding state N A BPDU sent N A received N A Console show spanning tree ethernet 1 1 Port 1 1 1 ...

Page 286: ...onsole show spanning tree mst configuration Name Region1 Revision 1 Instance Vlans Mapped State 0 1 9 21 4094 Enabled 1 10 20 Enabled Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 CST Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec IST Master ID Pr...

Page 287: ... Role PortFast Type 1 Enabled 128 1 20000 FWD Root No P2p Bound RSTP 2 Enabled 128 2 20000 FWD Desg No Shared Bound STP 3 Enabled 128 3 20000 FWD Desg No P2p 4 Enabled 128 4 20000 FWD Desg No P2p MST 1 Vlans Mapped 10 20 Root ID Priority 24576 Address 00 02 4b 29 89 76 Path Cost 20000 Root Port 4 1 4 Rem hops 19 Bridge ID Priority 32768 Address 00 02 4b 29 7a 00 ...

Page 288: ...sabled Number of transitions to forwarding state 1 BPDU sent 2 received 120638 Port 2 1 2 enabled State Forwarding Role Designated Port id 128 2 Port cost 20000 Type Shared configured auto Boundary STP Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated path cost 20000 Guard root Disabled BPDU guard Disabled Number of transition...

Page 289: ...nated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated cost 20000 Guard root Disabled BPDU guard Disabled Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 CST Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root P...

Page 290: ...mstp rstp no spanning tree mst mstp rstp This command has no arguments or keywords Address 00 02 4b 19 7a 00 Path Cost 10000 Rem hops 19 Bridge ID Priority 32768 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 CST Root ID Priority 32768 Address ...

Page 291: ...ning tree guard root Use the spanning tree guard root interface configuration command to enable root guard on all the spanning tree instances on that interface Root guard restricts the interface to be the root port for the switch Use the no form of this command to disable root guard on the interface Syntax spanning tree guard root no spanning tree guard root Default Configuration Root guard is dis...

Page 292: ...anning Tree Commands w w w d e l l c o m s u p p o r t d e l l c o m Example The following example enable root guard on port g8 Console config interface ethernet g8 Console config if spanning tree guard root ...

Page 293: ...e default value is 22 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the port to be used by the SSH server as 8080 ip ssh server The ip ssh server Global Configuration mode command enables the device to be configured from a SSH server To disable this function use the no form of this command Syntax ip ssh ...

Page 294: ...de Global Configuration mode User Guidelines DSA keys are generated in pairs one public DSA key and one private DSA key If the device already has DSA keys a warning and prompt to replace the existing keys with new keys is displayed This command is not saved in the startup configuration however the keys generated by this command are saved in the FLASH The SSH keys can be displayed with the show cry...

Page 295: ...generated by this command are saved in the FLASH The SSH keys can be displayed with the show crypto key mypubkey rsa command This command may take a considerable period of time to execute Example The following example generates RSA key pairs ip ssh pubkey auth The ip ssh pubkey auth Global Configuration mode command enables public key authentication for incoming SSH sessions To disable this functi...

Page 296: ...Use this command to enter public key chain configuration mode This command can also be used when you need to manually specify SSH client s public keys Example The following example enters the SSH Public Key chain configuration mode user key The user key SSH Public Key Chain Configuration mode command specifies which SSH public key is manually configured and enters the SSH public key string configu...

Page 297: ...string row key string row Specify SSH public key row by row key string UU encoded DER format is the same format in authorized_keys file used by OpenSSH Default Configuration By default the keys do not exist Command Mode SSH Public Key string configuration User Guidelines Use the key string row command to specify the SSH public key row by row Each row must begin with the key string row command This...

Page 298: ...no user guidelines for this command Console config crypto key pubkey chain ssh Console config pubkey chain user key bob rsa Console config pubkey key key string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQWu08licglk02LYciz Z4TrEU 9FJxwPiVQOjc KBXuR...

Page 299: ... DSA key Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Console show ip ssh SSH server enabled Port 22 RSA key was generated DSA DSS key was generated SSH Public Key Authentication is enabled Active incoming sessions IP address SSH username Version Cipher Auth Code 172 16 0 1 John Brown 2 0 3 DES HMAC SH1 Field Description IP address Client addres...

Page 300: ...mat hex Fingerprint in Hex format If fingerprint is unspecified it defaults to Hex format Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays all SSH public keys stored on the device Console show crypto key mypubkey rsa RSA key data 005C300D 06092A86 4...

Page 301: ...alled bob Console show crypto key pubkey chain ssh Username Fingerprint bob 9A CC 01 C5 78 39 27 86 79 CC 23 C5 98 59 F1 86 john 98 F7 6E 28 F2 79 87 C8 18 F8 88 CC F8 89 87 C8 Console show crypto key pubkey chain ssh username bob Username bob Key 005C300D 06092A86 ...

Page 302: ...302 SSH Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 303: ...ogging on and off for these destinations can be individually configured using the logging buffered logging file and logging Global Configuration mode commands However if the logging on command is disabled no messages are sent to these destinations Only the console receives messages Example The following example shows how logging is enabled logging The logging Global Configuration mode command logs...

Page 304: ...scribed in the field descriptions Command Mode Global Configuration mode User Guidelines Multiple syslog servers can be used If no specific severity level is specified the global values apply to each server Example The following example configures messages with a critical severity level so that they are logged to a syslog server with an IP address 10 1 1 1 logging console The logging console Globa...

Page 305: ...ritical errors warnings notifications informational debugging Default Configuration The default level is informational Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the commands displayed to the user Example The following example limits syslog messages displayed from an internal buffer based on the severity leve...

Page 306: ...command Example The following example changes the number of syslog messages stored in the internal buffer to 300 clear logging The clear logging Privileged EXEC mode command clears messages from the internal logging buffer Syntax clear logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this comm...

Page 307: ... Default Configuration The default severity level is errors Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits syslog messages sent to the logging file based on the severity level alerts clear logging file The clear logging file Privileged EXEC mode command clears messages from the logging file Syntax clear logg...

Page 308: ...how logging Privileged EXEC mode command displays the state of logging and the syslog messages stored in the internal buffer Syntax show logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console clear logging file Clear Logging File y n y ...

Page 309: ...EXEC mode Console show logging Logging is enabled Console Logging Level debug Console Messages 5 Dropped Buffer Logging Level debug Buffer Messages 16 Logged 16 Displayed 200 Max File Logging Level error File Messages 0 Logged 209 Dropped SysLog server 31 1 1 2 Logging error Messages 22 Dropped SysLog server 5 2 2 2 Logging info Messages 0 Dropped SysLog server 10 2 2 2 Logging critical Messages 2...

Page 310: ...e show logging file console show logging file Logging is enabled Console Logging Level debug Console Messages 5 Dropped Buffer Logging Level debug Buffer Messages 21 Logged 21 Displayed 200 Max File Logging Level debug File Messages 4 Logged 210 Dropped SysLog server 31 1 1 2 Logging error Messages 27 Dropped SysLog server 5 2 2 2 Logging info Messages 0 Dropped SysLog server 10 2 2 2 Logging crit...

Page 311: ...elines There are no user guidelines for this command Example The following example displays the syslog server settings Console show syslog servers IP address Port Severity Facility Description 192 180 2 275 14 Informational local 7 192 180 2 285 14 Warning local 7 ...

Page 312: ...312 Syslog Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 313: ... Range 56 1472 bytes packet_count Number of packets to send If 0 is entered it pings until stopped Range 0 65535 packets time_out Timeout in milliseconds to wait for each reply Range 50 65535 milliseconds Default Configuration timeout time_out The default is 2000 milliseconds Command Mode User EXEC mode User Guidelines Press Esc to stop pinging Following are sample results of the ping command Dest...

Page 314: ...s size packet_size Number of bytes in a packet Range 40 1472 ttl max ttl The largest TTL value that can be used The traceroute command terminates when the destination is reached or when this value is reached Range 1 255 count packet_count The number of probes to be sent at each TTL level Range 1 10 timeout time_out The number of seconds to wait for a response to a probe packet Range 1 60 Console p...

Page 315: ...raceroute command starts by sending probe datagrams with a TTL value of one This causes the first device to discard the probe datagram and send back an error message The traceroute command sends several probes at each TTL level and displays the round trip time for each The traceroute command sends out one probe at a time Each outgoing packet may result in one or two error messages A time exceeded ...

Page 316: ...sec 1 msec 4 Abilene QSV POS calren2 net 198 32 249 162 1 msec 1 msec 1 msec 5 kscyng snvang abilene ucaid edu 198 32 8 103 33 msec 35 msec 35 msec 6 iplsng kscyng abilene ucaid edu 198 32 8 80 47 msec 45 msec 45 msec 7 so 0 2 0x1 aa1 mich net 192 122 183 9 56 msec 53 msec 54 msec 8 atm1 0x24 michnet8 mich net 198 108 23 82 56 msec 56 msec 57 msec 9 10 A ARB3 LSA NG c SEB umnet umich edu 141 211 5...

Page 317: ...om the keywords table in the User Guidelines Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines The Telnet software supports special Telnet commands in the form of Telnet sequences that map generic terminal control functions to operating system specific functions To issue a special Telnet command enter Esc and then a command character Specia...

Page 318: ...t Then open a new connection with the telnet command Keywords Table Escape Sequence Purpose Ctrl shift 6 b Break Ctrl shift 6 c Interrupt Process IP Ctrl shift 6 h Erase Character EC Ctrl shift 6 o Abort Output AO Ctrl shift 6 t Are You There AYT Ctrl shift 6 u Erase Line EL Ctrl shift 6 x Suspends the Session Console Ctrl shift 6 Special telnet escape help Esc B sends telnet BREAK Esc C sends tel...

Page 319: ... Port number bgp Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands 514 daytime Daytime 13 discard Discard 9 domain Domain Name Service 53 echo Echo 7 exec Exec 512 finger Finger 79 ftp File Transfer Protocol 21 ftp data FTP data connections 20 gopher Gopher 70 hostname NIC hostname server 101 ident Ident Protocol 113 irc Internet Relay Chat 194 klogin Kerberos login 54...

Page 320: ...s command Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Examples The following command switches to another open Telnet session pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunrpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control System 49 talk Talk 517 telnet Telnet 23 time Time 37 uucp Unix to Unix Copy...

Page 321: ...d verify that no configuration files are being downloaded at the time of reset Example The following example reloads the operating system hostname The hostname Global Configuration mode command specifies or modifies the device host name To remove the existing host name use the no form of the command Syntax hostname name no hostname name The device host name Range 1 158 characters Default Configura...

Page 322: ...and has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active users show sessions The show sessions User EXEC mode command lists the open Telnet sessions Syntax show sessions This command has no arguments or keywords Console config hostname Dell Console show users Userna...

Page 323: ...o the relevant telnet session Examples The following table describes the significant fields shown in the display show system The show system User EXEC mode command displays system information Syntax show system Console show sessions Connecti on Host Address Port Byte 1 Remote device 172 16 1 1 23 89 2 172 16 1 2 172 16 1 2 23 8 Field Description Connection Connection number Host Remote host to whi...

Page 324: ...following example displays the system information show version The show version User EXEC mode command displays the system version information Syntax show version console show system System Description System Up Time days hour min sec System Contact System Name System location System MAC Address Sys Object ID Type PowerConnect 5324 Corporate 1 22 38 21 RS1 00 10 B5 F4 00 01 Power Supply Status Mai...

Page 325: ...tration purposes asset tag The asset tag Global Configuration mode command specifies the device asset tag To remove the existing asset tag use the no form of the command Syntax asset tag tag no asset tag tag The device asset tag Range 1 16 characters Router show version SW version 3 131 date 23 Jul 2002 time 17 34 19 HW version 1 0 0 Router show clock 15 29 03 Jun 17 2002 Router show history show ...

Page 326: ...pecifies the device asset tag as 1qwepot show system id The show system id User EXEC mode command displays the ID information Syntax show system id Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines The tag information is on a device by device basis Example The following example displays the system service tag information Console config asse...

Page 327: ...aemon port number Specify a server port number If unspecified the port number defaults to 49 Range 0 65535 timeout Specifies the timeout value in seconds If no timeout value is specified the global value is used Range 1 30 key string Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server This key must match the encryption used on the ...

Page 328: ... string Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server This key must match the encryption used on the TACACS daemon Range 0 128 characters Default Configuration Empty string Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example sets the authenticatio...

Page 329: ...address that will be used for the communication with TACACS servers To return to default use the no form of this command Syntax tacacs server source ip source no tacacs server source ip source source Specifies the source IP address Range Valid IP Address Default Configuration The IP address would be of the outgoing IP interface Command Mode Global Configuration mode User Guidelines There are no us...

Page 330: ...ress of the host Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays configuration and statistic for a TACACS server Console show tacacs IP address Status Port Single Connection TimeOut Source IP Priority 172 16 1 1 Connected 49 No Global Global 1 Glob...

Page 331: ... 15 Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how to enter privileged mode disable The disable Privileged EXEC mode command returns to User EXEC mode Syntax disable privilege level privilege level Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 1 Command Mode Priv...

Page 332: ...tax login Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how to enter privileged EXEC mode and login configure The configure Privileged EXEC mode command enters the global configuration mode Syntax configure This command has no keywords or arguments Console...

Page 333: ...he command entry method is displayed exit configuration The exit command exits any configuration mode to the next highest mode in the CLI mode hierarchy Syntax exit Default Configuration This command has no default configuration Command Mode All command modes User Guidelines There are no user guidelines for this command Example The following example changes the configuration mode from Interface Co...

Page 334: ...Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session end The end Global Configuration mode command ends the current configuration session and returns to the privileged command mode Syntax end Default Configuration This command has no default configuration Command Mode All Command modes User Guidelines Ther...

Page 335: ...guration Command Mode All Command modes User Guidelines There are no user guidelines for this command history The history Line Configuration mode command enables the command history function To disable the command history feature use the no form of this command Syntax history no history Default Configuration The history function is enabled Command Mode Line Configuration mode User Guidelines There...

Page 336: ...umber of commands Number of commands that the system records in its history buffer Range 0 256 Default Configuration The default history buffer size is 10 Command Mode Line Configuration mode User Guidelines There are no user guidelines for this command Example The following example changes the command history buffer size to 100 entries for a particular line debug mode The debug mode Privilege EXE...

Page 337: ...commands entered in the current session Syntax show history Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines The commands are listed from the first to the latest command The buffer is kept unchanged when entering to configuration mode and returning back The command in the buffer includes the commands that were not executed console ...

Page 338: ...XEC mode command displays the current privilege level Syntax show privilege Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines There are no user guidelines for this command Example The following example displays the current privilege level Console show history show version show clock show history Console show privilege Current privil...

Page 339: ... following example enters the VLAN database mode vlan Use the vlan VLAN Configuration mode command to create a VLAN To delete a VLAN use the no form of this command Syntax vlan vlan range no vlan vlan range vlan range A list of valid VLAN IDs to be added List separate non consecutive VLAN IDs separated by commas without spaces use a hyphen to designate a range of IDs Range 2 4094 Default Configura...

Page 340: ...onality Syntax default vlan disable no default vlan disable This command has no keywords or arguments Default Configuration Enabled Command Modes VLAN Configuration mode User Guidelines There are no user guidelines for this command Examples1 interface vlan The interface vlan Global Configuration mode command enters the interface configuration VLAN mode Syntax interface vlan vlan id vlan id The ID ...

Page 341: ...ax interface range vlan vlan range all vlan range A list of valid VLAN IDs to add Separate non consecutive VLAN IDs with a comma and no spaces a hyphen designates a range of IDs all All existing static VLANs Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on ...

Page 342: ...defined Command Mode Interface Configuration VLAN mode User Guidelines The VLAN name should be unique Example The following example names VLAN number 19 with the name Marketing switchport access vlan The switchport access vlan Interface Configuration mode command configures the VLAN ID when the interface is in access mode To reconfigure the default use the no form of this command Syntax switchport...

Page 343: ...s VLANs to or from a trunk port Syntax switchport trunk allowed vlan add vlan list remove vlan list add vlan list List of VLAN IDs to add Separate non consecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs remove vlan list List of VLAN IDs to remove Separate non consecutive VLAN IDs with a comma and no spaces A hyphen designate a range of IDs Default Configuration This ...

Page 344: ...net port channel mode User Guidelines This command has the following consequences incoming untagged frames are assigned to this VLAN and outgoing traffic in this VLAN on this port is sent untagged despite the normal situation where traffic sent from a trunk mode port is all tagged The command adds the port as a member in the VLAN If the port is already a member in the VLAN not as a native it shoul...

Page 345: ...fault Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines You can use this command to change the egress rule e g from tagged to untagged without first removing the VLAN from the list Example The following example shows how to add VLANs 2 5 and 6 to the allowed list switchport general pvid The switchport general pvi...

Page 346: ...disable The switchport general ingress filtering disable Interface Configuration mode command disables port ingress filtering To enable ingress filtering on a port use the no form of this command Syntax switchport general ingress filtering disable no switchport general ingress filtering disable Default Configuration Ingress filtering is enabled Command Mode Interface Configuration Ethernet port ch...

Page 347: ...ort forbidden vlan The switchport forbidden vlan Interface Configuration mode command forbids adding specific VLANs to a port This may be used to prevent GVRP from automatically making these VLANs active on the selected ports To revert to allowing the addition of specific VLANs to the port use the remove parameter for this command Syntax switchport forbidden vlan add vlan list remove vlan list add...

Page 348: ...group no map protocol protocol encapsulation protocol The protocol is a 16 or 40 bits protocol number or one of the following names ip arp or ipx The protocol number is in Hex format Range 0600 FFFF encapsulation One of the following values ethernet rfc1042 or llcOther If no option is indicated the default is ethernet group Protocol group number Range 1 2147483647 Default Configuration This comman...

Page 349: ...s no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example sets a protocol based classification rule of protocol group 1 to VLAN 8 ip internal usage vlan The ip internal usage vlan Interface Configuration mode command reserves a VLAN as the internal usage VLAN of an interface...

Page 350: ...at VLAN ID for static or dynamic VLAN he should either remove the IP interface creates the VLAN and recreate the IP interface or use this command to define explicit internal usage VLAN Examples The following example reserves a VLAN as the internal usage VLAN of an interface show vlan The show vlan Privileged EXEC mode command displays VLAN information Syntax show vlan tag vlan id name vlan name vl...

Page 351: ...n This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console show vlan Vlan Name Ports Type Authorization 1 default g1 2 other Required g1 4 10 VLAN0010 g3 4 dynamic Required 11 VLAN0011 g1 2 static Required 20 VLAN0020 g3 4 static Required 21 VLAN0021 static Required 30 VLAN0030 static Required 31 VLAN0031 stat...

Page 352: ...ays protocols groups information Syntax show vlan protocols groups Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays protocols groups information Console show vlan internal usage VLAN Usage Reserved IP Address 1007 g21 No Active 1008 g22 Yes Inactive ...

Page 353: ... port channel number Valid port channel trunk index Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays switchport configuration individually for g1 Console show vlan protocols groups Encapsulation Protocol Group Id ethernet 08 00 213 ethernet 08 06 213...

Page 354: ...te default for the device Syntax switchport mode customer access trunk general Console show interface switchport ethernet g1 Port g1 Port mode General GVRP Status disabled Ingress Filtering true Acceptable Frame Type admitAll Ingress Untagged VLAN NATIVE 1 Port is member in Vlan Name Egress rule Type 1 default untagged System 8 VLAN008 tagged Dynamic 11 VLAN011 tagged Static Forbidden VLANS VLAN N...

Page 355: ...d Example The following example onfigures the VLAN membership mode of a port Use the no form of this command to reset the mode to the appropriate default for the device switchport customer vlan Use the switchport customer vlan interface configuration command to set the port s VLAN when the interface is in customer mode Use the no form of this command to revert to default Syntax switchport customer...

Page 356: ...d e l l c o m User Guidelines There are no user guidelines for this command Example The following example sets the port s VLAN when the interface is in customer mode Console config interface ethernet g5 Console config if switchport customer vlan vlan id ...

Page 357: ... user with access level 15 can use the web server Example The following example enables the device to be configured from a browser ip http port The ip http port Global Configuration mode command specifies the TCP port for use by a web browser to configure the device To use the default TCP port use the no form of this command Syntax ip http port port number no ip http port port number Port number f...

Page 358: ... https server no ip https server Default Configuration The default for the device is disabled Command Mode Global Configuration mode User Guidelines You must use the crypto certificate generate command to generate the HTTPS certificate Example The following example enables the device to be configured from a browser ip https port The ip https port Global Configuration mode command configures a TCP ...

Page 359: ...the SSL RSA key length If unspecified length defaults to 1024 Range 512 2048 passphrase string Passphrase that is used for exporting the certificate in PKCS12 file format If unspecified the certificate is not exportable Range 8 96 cn common name Specifies the fully qualified URL or IP address of the device If unspecified defaults to the lowest IP address of the device where the certificate is gene...

Page 360: ...nerates a HTTPS certificate crypto certificate request The crypto certificate request Privileged EXEC mode command generates and displays certificate requests for HTTPS Syntax crypto certificate number request common name ou organization unit o organization l location st state c country number Specifies the certificate number Range 1 2 common name Specifies the fully qualified URL or IP address of...

Page 361: ...lace the self signed certificate Examples The following example generates and displays a certificate request for HTTPS Console crypto certificate 1 request BEGIN CERTIFICATE REQUEST MIwTCCASoCAQAwYjELMAkGA1UEBhMCUFAxCzAJBgNVBAgTAkNDMQswCQYDVQQH EwRDEMMAoGA1UEChMDZGxkMQwwCgYDVQQLEwNkbGQxCzAJBgNVBAMTAmxkMRAw DgKoZIhvcNAQkBFgFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ecwQ HdML0831i0fh F0MV Kib6Sz5p 3n...

Page 362: ...idelines Use this command to enter an external certificate signed by Certification Authority to the device To end the session enter a new line enter period and add another new line The imported certificate must be based on a certificate request created by the crypto certificate request Privileged EXEC mode command If the public key found in the certificate does not match the device s SSL RSA key t...

Page 363: ...onfig crypto certificate 1 import BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgclsZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ...

Page 364: ...er export pkcs12 number Specifies the certificate number Range 1 2 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The crypto certificate export pkcs12 command creates a PKCS 12 file that contains the certificate and an RSA key pair The passphrase for the exporting is determined when the key is generated The certificate and...

Page 365: ...uahTBJqKu1VHqRYJR3VYa 03HSJ741w5MzPI iuWZzrbbuXAxAgMBAAEwDQYJKoZIhvcNAQEEBQADQQBQ GTLeN1p1kARxI4C1fTU efig3ffZ tjW5q1t1r5F6zNv GuXWw7rGzmRyoMXDcYp1TaA4gAIFQCpFGqiSbAx END CERTIFICATE Bag Attributes localKeyID 0C 75 81 77 5A 31 53 D1 FF 4E 26 BE 8D 4A FD 8B 22 9F 45 D4 Key Attributes No Attributes BEGIN RSA PRIVATE KEY Proc Type 4 ENCRYPTED DEK Info DES EDE3 CBC 085DCBF3A41D2669 dac0m9jqEp1DM50sIDb...

Page 366: ...umber Specifies the certificate number Range 1 2 passphrase Passphrase that is used to encrypt the PKCS12 file for export Range 8 96 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The passphrase that was exported by the crypto certificate export pkcs12 command should be used Please note that this passphrase would be saved ...

Page 367: ...41w5MzPI iuWZzrbbuXAxAgMBAAEwDQYJKoZIhvcNAQEEBQADQQBQ GTLeN1p1kARxI4C1fTU efig3ffZ tjW5q1t1r5F6zNv GuXWw7rGzmRyoMXDcYp1TaA4gAIFQCpFGqiSbAx END CERTIFICATE Bag Attributes localKeyID 0C 75 81 77 5A 31 53 D1 FF 4E 26 BE 8D 4A FD 8B 22 9F 45 D4 Key Attributes No Attributes BEGIN RSA PRIVATE KEY Proc Type 4 ENCRYPTED DEK Info DES EDE3 CBC 085DCBF3A41D2669 dac0m9jqEp1DM50sIDb8Jq1jxW 1P0kqSxuMhc25OdBE 1f...

Page 368: ... this command Example The following example displays the certificate Console show crypto certificate mycertificate 1 BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIB...

Page 369: ...s There are no user guidelines for this command Example The following example displays the HTTP server configuration show ip https The show ip http Privileged EXEC mode command displays the HTTPS server configuration Syntax show ip https Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Co...

Page 370: ...nabled Port 443 Certificate 1 is active Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print 1873B936 88DC3411 BC8932EF 782134BA ...

Page 371: ...the AAA for authentication services it will receive a fail status Command Mode Global configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error for example the authentication server is down and not if the request for authenticate is denied access To ensure that the authentication succeeds even if all methods return an error sp...

Page 372: ...this command to return to the default setting Syntax dot1x port control auto force authorized force unauthorized no dot1x port control auto Enable 802 1X authentication on the interface and cause the port to transition to the authorized or unauthorized state based on the 802 1X authentication exchange between the switch and the client force authorized Disable 802 1X authentication on the interface...

Page 373: ... re authentication Interface Configuration mode command enables periodic re authentication of the client Use the no form of this command to return to the default setting Syntax dot1x re authentication no dot1x re authentication This command has no arguments or keywords Default Configuration Periodic re authentication is disabled Command Mode Interface configuration Ethernet User Guidelines It is r...

Page 374: ...ge 300 4294967295 Default Configuration 3600 Command Mode Interface configuration Ethernet mode User Guidelines There are no user guidelines for this command Examples The following example sets the number of seconds between re authentication attempts to 3600 dot1x re authenticate The dot1x re authenticate Privileged EXEC mode command manually initiates a re authentication of all 802 1X enabled por...

Page 375: ...dot1x timeout quiet period seconds no dot1x timeout quiet period seconds Time in seconds that the switch remains in the quiet state following a failed authentication exchange with the client Range 0 65535 seconds Default Configuration 60 Command Mode Interface configuration Ethernet User Guidelines During the quiet period the switch does not accept or initiate any authentication requests The defau...

Page 376: ...dot1x timeout tx period seconds Time in seconds that the switch should wait for a response to an EAP request identity frame from the client before resending the request Range 1 65535 seconds Default Configuration 30 Command Mode Interface configuration Ethernet mode User Guidelines You should change the default value of this command only to adjust for unusual circumstances such as unreliable links...

Page 377: ...default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers Examples The following example sets the number of times that the switch sends an EAP request identity frame to 6 dot1x timeout supp timeout The dot1x timeout supp timeout Interface Configuration mode command sets the time fo...

Page 378: ...seconds dot1x timeout server timeout The dot1x timeout server timeout Interface Configuration mode command sets the time for the retransmission of packets to the authentication server Use the no form of this command to return to the default setting Syntax dot1x timeout server timeout seconds no dot1x timeout server timeout seconds Time in seconds that the switch should wait for a response from the...

Page 379: ...ll syntax is port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays 802 1X status for the switch Console config dot1x timeout server timeout 3600 Console show dot1x Interface Admin Mode Oper Mode Reauth Control Reauth Period Username g1 Auto Authoriz...

Page 380: ...de The admin mode of the port Possible values are Force auth Force unauth Auto Oper mode The oper mode of the port Possible values are Authorized Unauthorized Reauth Control Reauthentication control Reauth Period Reauthentication period Username The User Name representing the identity of the Supplicant State The current value of the Authenticator PAE state machine Quiet period The number of second...

Page 381: ...ds shown in the display Max req The maximum number of times that the switch sends an Extensible Authentication Protocol EAP request identity frame assuming that no response is received to the client before restarting the authentication process Login Time How long the user is logged in Last Authentication Time since last authentication Mac address The supplicant MAC address Authentication Method Th...

Page 382: ...onfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Field Description Username The User Name representing the identity of the Supplicant Login Time How long the user is logged in Last Authentication Time since last authentication Authentication Method The authentication method used to establish the s...

Page 383: ... The number of valid EAPOL frames of any type that have been received by this Authenticator EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator EapolLogoffFramesRx The number of EAPOL Logoff frames that have been received by this Authenticator EapolRes...

Page 384: ...n be the Unauthenticated VLAN although only tagged packets would be accepted in Unauthorized state Examples The following example enables unauthorized users access to the VLAN EapolReqFramesTx The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator InvalidEapolFramesRx The number of EAPOL frames that have been received by this Authenticator in whic...

Page 385: ...e User Guidelines This command enables the attachment of multiple clients to a single 802 1X enabled port In this mode only one of the attached hosts must be successfully authorized for all hosts to be granted network access If the port becomes unauthorized all attached clients are denied access to the network For unauthenticated VLANs multiple hosts are always enabled Examples The following comma...

Page 386: ...No traps Command Mode Interface configuration Ethernet mode User Guidelines The command is relevant when Multiple hosts is disabled and the user has been successfully authenticated Examples The following example uses the forward action to forward frames with source addresses show dot1x advanced The show dot1x advanced Privileged EXEC mode command displays 802 1X advanced features for the switch or...

Page 387: ...witch show dot1x advanced Unauthenticated VLANs 91 92 Port Multiple Hosts g1 Disabled g2 Enabled Switch show dot1x advanced ethernet g1 Port Multiple Hosts g1 Disabled Single host parameters Violation action Discard Trap Enabled Trap frequency 100 Status Single host locked Violations since last trap 9 ...

Page 388: ...advanced ethernet g1 Guest VLAN 3978 Unauthenticated VLANs 91 92 Use user attributes from Authentication Server Enabled User VLAN not created Create Interface Multiple Hosts g1 Disabled g2 Enabled Single Host Violation Discard Trap Enabled Frequency 100 Status Authorized Locked Counter 9 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands