manualshive.com logo in svg

Dell Catalyst 3032, Command Reference Manual

The Dell Catalyst 3032 is a powerful networking product designed for seamlessly connecting multiple devices. With its comprehensive Command Reference Manual, users can easily navigate and maximize the product's features. Download this essential manual for free from our website and unlock the full potential of your Dell Catalyst 3032.

Share
Download
background image

 

2-43

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference

OL-13271-03

Chapter 2      Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands

authentication violation

authentication violation

Use the 

authentication violation 

interface configuration command to configure the violation modes that 

occur when a new device connects to a port or when a new device connects to a port after the maximum 
number of devices are connected to that port. 

authentication violation 

{

protect

 | 

restrict

 | 

shutdown

}

no authentication violation 

{

protect

 | 

restrict

 | 

shutdown

}

 

Syntax Description

Defaults

By default 

authentication violation shutdown

 mode is enabled. 

Command Modes

Interface configuration

Command History

Examples

This example shows how to configure an IEEE 802.1x-enabled port as error disabled and to shut down 
when a new device connects it:

Switch(config-if)# 

authentication violation shutdown

This example shows how to configure an IEEE 802.1x-enabled port to generate a system error message 
and to change the port to restricted mode when a new device connects to it:

Switch(config-if)# 

authentication violation restrict

This example shows how to configure an IEEE 802.1x-enabled port to ignore a new device when it 
connects to the port:

Switch(config-if)# 

authentication violation protect

You can verify your settings by entering the

 show authentication 

privileged EXEC command.

Related Commands

protect

Unexpected incoming MAC addresses are dropped. No syslog errors are 
generated.

restrict 

Generates a syslog error when a violation error occurs.

shutdown

Error disables the port or the virtual port on which an unexpected MAC 
address occurs. 

Release

Modification

12.2(50)SE

This command was introduced.

Command

Description

authentication 
control-direction

Configures the port mode as unidirectional or bidirectional.

authentication event

Sets the action for specific authentication events.

Summary of Contents for Catalyst 3032

Page 1: ... Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 527 0883 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference Cisco IOS Release 12 2 50 SE March 2009 Text Part Number OL 13271 03 ...

Page 2: ...OSSIBILITY OF SUCH DAMAGES CCDE CCENT Cisco Eos Cisco HealthPresence the Cisco logo Cisco Lumin Cisco Nexus Cisco StadiumVision Cisco TelePresence Cisco WebEx DCE and Welcome to the Human Network are trademarks Changing the Way We Work Live Play and Learn and Cisco Store are service marks and Access Registrar Aironet AsyncOS Bringing the Meeting To You Catalyst CCDA CCDP CCIE CCIP CCNA CCNP CCSP C...

Page 3: ...ged EXEC Mode 1 3 Global Configuration Mode 1 4 Interface Configuration Mode 1 4 config vlan Mode 1 5 VLAN Configuration Mode 1 5 Line Configuration Mode 1 6 C H A P T E R 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands 2 1 aaa accounting dot1x 2 1 aaa authentication dot1x 2 3 aaa authorization network 2 5 action 2 6 archive copy sw 2 8 archive download sw 2 11 archive tar ...

Page 4: ...g file 2 52 boot enable break 2 53 boot helper 2 54 boot helper config file 2 55 boot manual 2 56 boot private config file 2 57 boot system 2 58 channel group 2 60 channel protocol 2 64 cisp enable 2 65 class 2 66 class map 2 68 clear dot1x 2 70 clear eap 2 71 clear energywise neighbors 2 72 clear errdisable interface 2 73 clear ip arp inspection log 2 74 clear ip arp inspection statistics 2 75 cl...

Page 5: ...list configuration 2 100 deny IPv6 access list configuration 2 102 deny MAC access list configuration 2 107 diagnostic monitor 2 110 diagnostic schedule 2 112 diagnostic start 2 114 dot1x 2 117 dot1x auth fail max attempts 2 119 dot1x auth fail vlan 2 121 dot1x control direction 2 123 dot1x credentials global configuration 2 125 dot1x critical global configuration 2 126 dot1x critical interface co...

Page 6: ...ble recovery cause small frame 2 168 exception crashinfo 2 169 fallback profile 2 170 flowcontrol 2 172 hw module 2 174 interface port channel 2 176 interface range 2 178 interface vlan 2 180 ip access group 2 182 ip address 2 185 ip admission 2 187 ip admission name proxy http 2 188 ip arp inspection filter vlan 2 190 ip arp inspection limit 2 192 ip arp inspection log buffer 2 194 ip arp inspect...

Page 7: ... igmp snooping querier 2 229 ip igmp snooping report suppression 2 231 ip igmp snooping tcn 2 233 ip igmp snooping tcn flood 2 235 ip igmp snooping vlan immediate leave 2 236 ip igmp snooping vlan mrouter 2 237 ip igmp snooping vlan static 2 239 ip snap forwarding 2 241 ip source binding 2 242 ip ssh 2 244 ip sticky arp global configuration 2 246 ip sticky arp interface configuration 2 248 ip veri...

Page 8: ...n 2 290 logging file 2 292 mac access group 2 294 mac access list extended 2 296 mac address table aging time 2 298 mac address table learning vlan 2 299 mac address table move update 2 301 mac address table notification 2 303 mac address table static 2 305 mac address table static drop 2 306 macro apply 2 308 macro description 2 311 macro global 2 312 macro global description 2 315 macro name 2 3...

Page 9: ...qos trust 2 359 mls qos vlan based 2 361 monitor session 2 362 mvr global configuration 2 366 mvr interface configuration 2 369 network policy 2 371 network policy profile global configuration 2 372 network policy profile network policy configuration 2 373 nmsp 2 375 nmsp attachment suppress 2 376 nsf 2 377 pagp learn method 2 379 pagp port priority 2 381 permit ARP access list configuration 2 383...

Page 10: ...35 setup express 2 438 show access lists 2 440 show archive status 2 443 show arp access list 2 444 show authentication 2 445 show auto qos 2 446 show boot 2 450 show cable diagnostics tdr 2 453 show cisp 2 455 show class map 2 456 show controllers cpu interface 2 457 show controllers ethernet controller 2 459 show controllers ethernet controller fastethernet 2 466 show controllers tcam 2 469 show...

Page 11: ...show ip dhcp snooping database 2 532 show ip dhcp snooping statistics 2 534 show ip igmp profile 2 537 show ip igmp snooping 2 538 show ip igmp snooping groups 2 541 show ip igmp snooping mrouter 2 543 show ip igmp snooping querier 2 545 show ip source binding 2 547 show ip verify source 2 549 show ipc 2 551 show ipv6 access list 2 555 show ipv6 dhcp conflict 2 557 show ipv6 mld snooping 2 558 sho...

Page 12: ...le notification 2 602 show mac address table static 2 604 show mac address table vlan 2 606 show mls qos 2 608 show mls qos aggregate policer 2 609 show mls qos input queue 2 610 show mls qos interface 2 612 show mls qos maps 2 616 show mls qos queue set 2 619 show mls qos vlan 2 621 show monitor 2 622 show mvr 2 625 show mvr interface 2 627 show mvr members 2 629 show network policy profile 2 631...

Page 13: ...guard 2 702 spanning tree cost 2 704 spanning tree etherchannel guard misconfig 2 706 spanning tree extend system id 2 708 spanning tree guard 2 710 spanning tree link type 2 712 spanning tree loopguard default 2 714 spanning tree mode 2 716 spanning tree mst configuration 2 718 spanning tree mst cost 2 720 spanning tree mst forward time 2 722 spanning tree mst hello time 2 723 spanning tree mst m...

Page 14: ...switch provision 2 761 switch renumber 2 763 switchport 2 765 switchport access 2 767 switchport autostate exclude 2 769 switchport backup interface 2 771 switchport block 2 774 switchport host 2 775 switchport mode 2 776 switchport mode private vlan 2 779 switchport nonegotiate 2 781 switchport port security 2 783 switchport port security aging 2 788 switchport priority extend 2 790 switchport pr...

Page 15: ...ag native 2 836 vlan filter 2 838 vmps reconfirm privileged EXEC 2 840 vmps reconfirm global configuration 2 841 vmps retry 2 842 vmps server 2 843 vtp global configuration 2 845 vtp VLAN configuration 2 849 A P P E N D I X A Cisco Catalyst Blade Switch 3130 and 3032 for Dell Boot Loader Commands A 1 arp A 2 boot A 3 cat A 5 copy A 6 delete A 7 dir A 8 flash_init A 10 format A 11 fsck A 12 help A ...

Page 16: ...8 debug etherchannel B 9 debug fastethernet B 10 debug ip dhcp snooping B 11 debug ip verify source packet B 12 debug interface B 13 debug ip igmp filter B 14 debug ip igmp max groups B 15 debug ip igmp snooping B 16 debug lacp B 17 debug lldp packets B 18 debug mac notification B 19 debug matm B 20 debug matm move update B 21 debug monitor B 22 debug mvrdbg B 23 debug nmsp B 24 debug nvram B 25 d...

Page 17: ... platform ip wccp B 47 debug platform ipc B 48 debug platform led B 49 debug platform matm B 50 debug platform messaging application B 51 debug platform phy B 52 debug platform pm B 54 debug platform port asic B 56 debug platform port security B 57 debug platform qos acl tcam B 58 debug platform remote commands B 59 debug platform resource manager B 60 debug platform snmp B 61 debug platform span ...

Page 18: ...latform Commands C 1 show platform acl C 2 show platform backup interface C 3 show platform configuration C 4 show platform dl C 5 show platform etherchannel C 6 show platform forward C 7 show platform frontend controller C 9 show platform ip igmp snooping C 10 show platform ip multicast C 12 show platform ip unicast C 13 show platform ip unicast vrf compaction C 15 show platform ip unicast vrf tc...

Page 19: ... C 33 show platform resource manager C 34 show platform snmp counters C 36 show platform spanning tree C 37 show platform stp instance C 38 show platform stack manager C 39 show platform stack ports C 41 show platform tb C 43 show platform tcam C 45 show platform vlan C 48 A P P E N D I X D Acknowledgments for Open Source Software D 1 I N D E X ...

Page 20: ...Contents xx Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference OL 13271 03 ...

Page 21: ... For information about the standard Cisco IOS Release 12 2 commands see the Cisco IOS documentation set available from the Cisco com home page by selecting Technical Support Documentation Cisco IOS Software This guide does not provide procedures for configuring your switch For detailed configuration procedures see the software configuration guide for this release This guide does not describe syste...

Page 22: ... Switch Module section in the getting started guide or the Configuring the Switch with the CLI Based Setup Program appendix in the hardware installation guide For device manager requirements see the System Requirements section in the release notes For Network Assistant requirements see the Getting Started with Cisco Network Assistant For upgrade information see the Downloading Software section in ...

Page 23: ...Compatibility Matrix Compatibility Matrix for 1000BASE T Small Form Factor Pluggable Modules For information about the Network Admission Control NAC features see the Network Admission Control Software Configuration Guide Obtaining Documentation and Submitting a Service Request For information on obtaining documentation submitting a service request and gathering additional information see the month...

Page 24: ...xxiv Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference OL 13271 03 Preface ...

Page 25: ...ch You manage the switch stack and the stack member interfaces through the stack master You cannot manage stack members on an individual switch basis You can connect to the stack master through the console port of one or more stack members You can also connect to the stack master through the Onboard Administator to the internal Ethernet management port Be careful with using multiple CLI sessions t...

Page 26: ...erform basic tasks and list system information Switch Enter the logout command To enter privileged EXEC mode enter the enable command Privileged EXEC From user EXEC mode enter the enable command Switch To exit to user EXEC mode enter the disable command To enter global configuration mode enter the configure command Global configuration From privileged EXEC mode enter the configure command Switch c...

Page 27: ...ough which you access the remaining command modes If your system administrator has set a password you are prompted to enter it before being granted access to privileged EXEC mode The password does not appear on the screen and is case sensitive The privileged EXEC mode prompt is the device name followed by the pound sign Switch Enter the enable command to access privileged EXEC mode Switch enable S...

Page 28: ...ds can vary depending on the version of software in use To display a comprehensive list of commands enter a question mark at the prompt Switch config To exit global configuration command mode and to return to privileged EXEC mode enter the end or exit command or press Ctrl Z Interface Configuration Mode Interface configuration commands modify the operation of the interface Interface configuration ...

Page 29: ... To display a comprehensive list of commands enter a question mark at the prompt Switch config vlan For extended range VLANs all characteristics except the MTU size must remain at the default setting To return to global configuration mode enter exit to return to privileged EXEC mode enter end All the commands except shutdown take effect when you exit config vlan mode VLAN Configuration Mode You ca...

Page 30: ... line vty line_number ending_line_number command to enter line configuration mode The new prompt means line configuration mode The following example shows how to enter line configuration mode for virtual terminal line 7 Switch config line vty 0 7 The supported commands can vary depending on the version of software in use To display a comprehensive list of commands enter a question mark at the prom...

Page 31: ...cast group and group keywords default Use the accounting methods that follow as the default list for accounting services start stop Send a start accounting notice at the beginning of a process and a stop accounting notice at the end of a process The start accounting record is sent in the background The requested user process begins regardless of whether or not the start accounting notice was recei...

Page 32: ...ng dot1x default start stop group radius Note The RADIUS authentication server must be properly configured to accept and log update or watchdog packets from the AAA client Related Commands radius Optional Enable RADIUS authorization tacacs Optional Enable TACACS accounting Release Modification 12 2 40 EX1 This command was introduced Command Description aaa authentication dot1x Specifies one or mor...

Page 33: ...uthentication algorithm tries in the given sequence to validate the password provided by the client The only method that is truly IEEE 802 1x compliant is the group radius method in which the client data is validated against a RADIUS authentication server If you specify group radius you must configure the RADIUS server by entering the radius server host global configuration command Use the show ru...

Page 34: ... new model Enables the AAA access control model For syntax information see the Cisco IOS Security Command Reference Release 12 2 Authentication Authorization and Accounting Authentication Commands show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps...

Page 35: ...n parameters from the RADIUS servers in the default authorization list The authorization parameters are used by features such as per user ACLs or VLAN assignment to get parameters from the RADIUS servers Use the show running config privileged EXEC command to display the configured lists of authorization methods Examples This example shows how to configure the switch for user RADIUS authorization f...

Page 36: ... VLAN or all packets could be dropped In access map configuration mode use the match access map configuration command to define the match conditions for a VLAN map Use the action command to set the action that occurs when a packet matches the conditions The drop and forward parameters are not used in the no form of the command Examples This example shows how to identify and apply a VLAN access map...

Page 37: ...mand Reference Volume 1 of 3 Addressing and Services Release 12 2 IP Services Commands ip access list Creates a named access list For syntax information select Cisco IOS IP Command Reference Volume 1 of 3 Addressing and Services Release 12 2 IP Services Commands mac access list extended Creates a named MAC address access list match class map configuration Defines the match conditions for a VLAN ma...

Page 38: ...h file system Image names are case sensitive the image file is provided in tar format destination system destination stack member number Optional The number of the stack member to which to copy the running image The range is 1 to 9 force reload Optional Unconditionally force a system reload after successfully downloading the software image leave old sw Optional Keep the old software version after ...

Page 39: ...he overwrite option to overwrite the image on the flash device with the copied one If you specify the command without the overwrite option the algorithm verifies that the new image is not the same as the one on the switch flash device or is not running on any stack members If the images are the same the copy does not occur If the images are different the old image is deleted and the new one is cop...

Page 40: ...ple shows how to copy the running image from stack member 5 to stack member 7 If the image being copied already exists on the second stack member s flash memory it can be overwritten with the copied one The system reloads after the image is copied Switch archive copy sw destination system 7 overwrite force reload 5 Related Commands Command Description archive download sw Downloads a new image from...

Page 41: ...he range is 1 to 9 This keyword is supported only on stacking capable switches directory Specify a directory for all of the images force reload Unconditionally force a system reload after successfully downloading the software image imageonly Download only the software image but not the HTML files associated with the embedded device manager The HTML files for the existing version are deleted only i...

Page 42: ...L for the software image that the switch supports In a switch stack you can enter source URLs for the software images that the stack members support as follows Up to two source URLs without the directory keyword Up to four source URLS with the directory keyword The image name tar is the software image to download and install on the switch These options are supported Local flash file system syntax ...

Page 43: ...tem option to specify the specific stack member to be upgraded with the image Note Use the no version check option with care All stack members including the stack master must have the same stack protocol version to be in the same switch stack This option allows an image to be downloaded without first confirming the compatibility of its stack protocol version with the version of the switch stack Yo...

Page 44: ... sw tftp 10 1 1 10 cbs31x0 universal tar 122 40 EX2 tar cbs31x0 universal tar 122 40 EX1 tar This example shows how to upgrade stack members 6 and 8 Switch archive download sw imageonly destination system 6 destination system 8 tftp 172 20 129 10 test image tar Related Commands Command Description archive copy sw Copies the running image from the flash memory on one stack member to the flash memor...

Page 45: ...ile to create These options are supported The syntax for the local flash filesystem flash The syntax for the FTP ftp username password location directory tar filename tar The syntax for an HTTP server http username password hostname host ip directory image name tar The syntax for a secure HTTP server https username password hostname host ip directory image name tar The syntax for the Remote Copy P...

Page 46: ... tar The tar filename tar is the tar file to display xtract source url flash file url dir file Extract files from a tar file to the local file system For source url specify the source URL alias for the local file system These options are supported The syntax for the local flash file system flash The syntax for the FTP ftp username password location directory tar filename tar The syntax for an HTTP...

Page 47: ...bytes info ver 219 bytes This example shows how to display only the cbs31x0 universal tar 12 40 EX1 html directory and its contents Switch archive tar table flash cbs31x0 universal 12 40 EX1 tar cbs31x0 universal 12 40 html cbs31x0 universal mz 122 40 EX1 html directory cbs31x0 universal mz 122 40 EX1 html const htm 556 bytes cbs31x0 universal mz 122 40 EX1 html xhome htm 9373 bytes cbs31x0 univer...

Page 48: ...is supported only on stacking capable switches version version_string Optional Specify the specific version string of the image to be uploaded destination url The destination URL alias for a local or network file system The image name tar is the name of software image to be stored on the server These options are supported Local flash file system syntax on the standalone switch or the stack master ...

Page 49: ...The files are uploaded in this sequence the Cisco IOS image the HTML files and info After these files are uploaded the software creates the tar file Image names are case sensitive Examples This example shows how to upload the currently running image on stack member 6 to a TFTP server at 172 20 140 2 Switch archive upload sw source system num 6 tftp 172 20 140 2 test image tar Related Commands Comm...

Page 50: ... reject For more information see the deny ARP access list configuration section on page 2 101 exit exits ARP access list configuration mode no negates a command or returns to default settings permit specifies packets to forward For more information see the permit ARP access list configuration section on page 2 384 Use the permit and deny access list configuration commands to forward and to drop AR...

Page 51: ...config arp nacl permit ip host 1 1 1 1 mac host 00001 0000 abcd Switch config arp nacl end You can verify your settings by entering the show arp access list privileged EXEC command Related Commands Command Description deny ARP access list configuration Denies an ARP packet based on matches compared against the DHCP bindings ip arp inspection filter vlan Permits ARP requests and responses from a ho...

Page 52: ... mode Switch config authentication control direction both This example shows how to enable unidirectional mode Switch config authentication control direction in You can verify your settings by entering the show authentication privileged EXEC command Related Commands both Enable bidirectional control on port The port cannot receive packets from or send packets to the host in Enable unidirectional c...

Page 53: ...port authorization state authentication priority Adds an authentication method to the port priority list authentication timer Configures the timeout and reauthentication parameters for an 802 1x enabled port authentication violation Configures the violation modes that occur when a new device connects to a port or when a new device connects to a port with the maximum number of devices already conne...

Page 54: ...re configured on the port Command Modes Interface configuration Command History Usage Guidelines Use this command with the fail no response or event keywords to configure the switch response for a specific action action Configure the required action for an authentication event alive Configure the authentication authorization and accounting AAA server alive actions authorize Authorize the port dead...

Page 55: ...DIUS configured or user configured access VLAN and authentication restarts You can configure any active VLAN except a Remote Switched Port Analyzer RSPAN VLAN a primary private VLAN or a voice VLAN as an IEEE 802 1x guest VLAN The guest VLAN feature is supported only on access ports It is not supported on internal VLANs routed ports or trunk ports When MAC authentication bypass is enabled on an IE...

Page 56: ...nse action Switch config authentication event no response action authorize vlan 10 This example shows how to configure a server response action Switch config authentication event server alive action reinitialize You can verify your settings by entering the show authentication privileged EXEC command Related Commands Command Description authentication control direction Configures the port mode as u...

Page 57: ...You can only configure web authentication as a fallback method to 802 1x or MAB so one or both of these authentication methods should be configured for the fallback to enable Examples This example shows how to specify a fallback profile on a port Switch config authentication fallback profile1 You can verify your settings by entering the show authentication privileged EXEC command Related Commands ...

Page 58: ...n priority Adds an authentication method to the port priority list authentication timer Configures the timeout and reauthentication parameters for an 802 1x enabled port authentication violation Configures the violation modes that occur when a new device connects to a port or when a new device connects to a port after the maximum number of devices are connected to that port show authentication Dis...

Page 59: ... configured if the voice device needs to be authenticated Multi auth mode should be configured to allow up to eight devices behind a hub to obtain secured port access through individual authentication Only one voice device can be authenticated in this mode if a voice VLAN is configured Multi host mode also offers port access for multiple hosts behind a hub but multi host mode gives unrestricted po...

Page 60: ... clients that do not support IEEE 802 1x authentication authentication open Enables or disable open access on a port authentication order Sets the order of authentication methods used on a port authentication periodic Enables or disable reauthentication on a port authentication port control Enables manual control of the port authorization state authentication priority Adds an authentication method...

Page 61: ...ess on a port Switch config authentication open This example shows how to set the port to disable open access on a port Switch config no authentication open Related Commands Release Modification 12 2 50 SE This command was introduced Command Description authentication control direction Configures the port mode as unidirectional or bidirectional authentication event Sets the action for specific aut...

Page 62: ...imer Configures the timeout and reauthentication parameters for an 802 1x enabled port authentication violation Configures the violation modes that occur when a new device connects to a port or when a new device connects to a port after the maximum number of devices are connected to that port show authentication Displays information about authentication manager events on the switch Command Descrip...

Page 63: ... ordering is only possible between 802 1x and MAB Web authentication can be configured as either a standalone method or as the last method in the order after either 802 1x or MAB Web authentication should be configured only as fallback to dot1x or mab Examples This example shows how to add 802 1x as the first authentication method MAB as the second method and web authentication as the third method...

Page 64: ...hentication open Enables or disables open access on a port authentication periodic Enables or disables reauthentication on a port authentication port control Enables manual control of the port authorization state authentication priority Adds an authentication method to the port priority list authentication timer Configures the timeout and reauthentication parameters for an 802 1x enabled port auth...

Page 65: ...g authentication periodic This example shows how to disable periodic reauthentication on a port Switch config no authentication periodic You can verify your settings by entering the show authentication privileged EXEC command Related Commands Release Modification 12 2 50 SE This command was introduced Command Description authentication control direction Configures the port mode as unidirectional o...

Page 66: ... timer Configures the timeout and reauthentication parameters for an 802 1x enabled port authentication violation Configures the violation modes that occur when a new device connects to a port or when a new device connects to a port after the maximum number of devices are connected to that port show authentication Displays information about authentication manager events on the switch Command Descr...

Page 67: ...you try to change the mode of an IEEE 802 1x enabled port to dynamic an error message appears and the port mode does not change Dynamic access ports If you try to enable IEEE 802 1x authentication on a dynamic access VLAN Query Protocol VQP port an error message appears and IEEE 802 1x authentication is not enabled If you try to change an IEEE 802 1x enabled port to dynamic VLAN an error message a...

Page 68: ...port state to the force unauthorized state Switch config authentication port control force unauthorized You can verify your settings by entering the show authentication privileged EXEC command Related Commands Command Description authentication control direction Configures the port mode as unidirectional or bidirectional authentication event Sets the action for specific authentication events authe...

Page 69: ...hentication webauth last Assigning priorities to different authentication methods allows a higher priority method to interrupt an in progress authentation method with a lower priority Note If a client is already authenticated it might be reauthenticated if an interruption from a higher priority method occurs The default priority of an authentication method is equivalent to its position in executio...

Page 70: ...fallback method for clients that do not support IEEE 802 1x authentication authentication host mode Sets the authorization manager mode on a port authentication open Enables or disables open access on a port authentication order Sets the order of authentication methods used on a port authentication periodic Enables or disables reauthentication on a port authentication port control Enables manual c...

Page 71: ...ays authorized indefinitely No other host can use the port and the connected host cannot move to another port on the same switch Examples This example shows how to set the authentication inactivity timer to 60 seconds Switch config authentication timer inactivity 60 This example shows how to set the reauthentication timer to 120 seconds Switch config authentication timer restart 120 You can verify...

Page 72: ...uthentication host mode Sets the authorization manager mode on a port authentication open Enables or disables open access on a port authentication order Sets the order of authentication methods used on a port authentication periodic Enables or disables reauthentication on a port authentication port control Enables manual control of the port authorization state authentication priority Adds an authe...

Page 73: ...ects it Switch config if authentication violation shutdown This example shows how to configure an IEEE 802 1x enabled port to generate a system error message and to change the port to restricted mode when a new device connects to it Switch config if authentication violation restrict This example shows how to configure an IEEE 802 1x enabled port to ignore a new device when it connects to the port ...

Page 74: ...de on a port authentication open Enables or disables open access on a port authentication order Sets the order of authentication methods used on a port authentication periodic Enables or disables reauthentication on a port authentication port control Enables manual control of the port authorization state authentication priority Adds an authentication method to the port priority list authentication...

Page 75: ... Cisco IP Phone and automatically configure QoS for VoIP The QoS labels of incoming packets are trusted only when the telephone is detected cisco softphone Identify this port as connected to a device running the Cisco SoftPhone and automatically configure QoS for VoIP trust Identify this port as connected to a trusted switch or router and automatically configure QoS for VoIP The QoS labels of inco...

Page 76: ...tered from the command line interface CLI An existing user configuration can cause the application of the generated commands to fail or to be overridden by the generated commands These actions occur without warning If all the generated commands are successfully applied any user entered configuration that was not overridden remains in the running configuration Any user entered configuration that wa...

Page 77: ...cket does not have a DSCP value of 24 26 or 46 or is out of profile the switch changes the DSCP value to 0 The switch configures ingress and egress queues on the port according to the settings in Table 2 2 and Table 2 3 When you enter the auto qos voip trust interface configuration command on a port connected to the interior of the network the switch trusts the CoS value for nonrouted ports or the...

Page 78: ...s the CoS to DSCP map or the DSCP to CoS map mls qos queue set output buffers Allocates buffers to a queue set mls qos srr queue input bandwidth Assigns shaped round robin SRR weights to an ingress queue mls qos srr queue input buffers Allocates the buffers between the ingress queues mls qos srr queue input cos map Maps CoS values to an ingress queue or maps CoS values to a queue and to a threshol...

Page 79: ...This command is supported only on stacking capable switches Syntax Description This command has no arguments or keywords Defaults Enabled Command Modes Global configuration Command History Usage Guidelines A switch in VM mode is a switch that has a different minor version number than the version on the switch stack A switch in VM mode cannot join the switch stack as a fully functioning member If t...

Page 80: ...3271 03 Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands boot auto copy sw Related Commands Command Description show boot Displays the settings of the boot environment variables show version Displays version information for the hardware and firmware ...

Page 81: ...source url The source URLs for the software images The image name tar is the software image to download and install on the switch These options are supported Local flash file system syntax on the standalone switch or the stack master flash Local flash file system syntax on a stack member flash member number The member number can be from 1 to 9 FTP syntax ftp username password location directory im...

Page 82: ...nes This command specifies a URL path to use for automatic software upgrades You can use this command to configure the URL for the master switch to access in case of version mismatch Related Commands Release Modification 12 2 40 EX1 This command was introduced Command Description show boot Displays the settings of the boot environment variables show version Displays version information for the har...

Page 83: ... config file Syntax Description Defaults The default configuration file is flash config text Command Modes Global configuration Command History Usage Guidelines This command works properly only from a standalone switch in a stack Filenames and directory names are case sensitive This command changes the setting of the CONFIG_FILE environment variable For more information see Appendix A Cisco Cataly...

Page 84: ...onsole Command Modes Global configuration Command History Usage Guidelines This command works properly only from a standalone switch in a stack When you enter this command you can interrupt the automatic boot process by pressing the Break key on the console after the flash file system is initialized Note Despite the setting of this command you can interrupt the automatic boot process at any time b...

Page 85: ...ded Command Modes Global configuration Command History Usage Guidelines This variable is used only for internal development and testing Filenames and directory names are case sensitive This command changes the setting of the HELPER environment variable For more information see Appendix A Cisco Catalyst Blade Switch 3130 and 3032 for Dell Boot Loader Commands Related Commands filesystem Alias for a...

Page 86: ...er config file filesystem file url no boot helper config file Syntax Description Defaults No helper configuration file is specified Command Modes Global configuration Command History Usage Guidelines This variable is used only for internal development and testing Filenames and directory names are case sensitive This command changes the setting of the HELPER_CONFIG_FILE environment variable For mor...

Page 87: ...ing is disabled Command Modes Global configuration Command History Usage Guidelines This command works properly only from a standalone switch in a stack The next time you reboot the system the switch is in boot loader mode which is shown by the switch prompt To boot up the system use the boot boot loader command and specify the name of the bootable image This command changes the setting of the MAN...

Page 88: ...ommand to return to the default setting boot private config file filename no boot private config file Syntax Description Defaults The default configuration file is private config Command Modes Global configuration Command History Usage Guidelines Filenames are case sensitive Examples This example shows how to specify the name of the private configuration file to be pconfig Switch config boot priva...

Page 89: ... the original directory Command Modes Global configuration Command History Usage Guidelines Filenames and directory names are case sensitive If you enter the boot system filesystem file url command on the stack master the specified software image is loaded only on the stack master during the next boot cycle On the stack master use the boot system switch number command to specify that the software ...

Page 90: ...tack member for example stack member 1 an error message like this appears Command to set boot system switch all xxx on switch 1 failed If you are using the archive download sw privileged EXEC command to maintain system images you never need to use the boot system command The boot system command is automatically manipulated to load the downloaded image This command changes the setting of the BOOT e...

Page 91: ...orts by sending LACP packets A channel is formed with another port group in either the active or passive mode auto Enable the Port Aggregation Protocol PAgP only if a PAgP device is detected Auto mode places a port into a passive negotiating state in which the port responds to PAgP packets it receives but does not start PAgP packet negotiation A channel is formed only with another port group in de...

Page 92: ...ration changes applied to the physical port affect only the port where you apply the configuration To change the parameters of all ports in an EtherChannel apply configuration commands to the port channel interface for example spanning tree commands or commands to configure a Layer 2 EtherChannel as a trunk If you do not specify non silent with the auto or desirable mode silent is assumed The sile...

Page 93: ...ort mode access Switch config if range switchport access vlan 10 Switch config if range channel group 5 mode desirable Switch config if range end This example shows how to configure an EtherChannel on a single switch in the stack It assigns two static access ports in VLAN 10 to channel 5 with the LACP mode active Switch configure terminal Switch config interface range gigabitethernet2 0 1 2 Switch...

Page 94: ...sses or creates the port channel show etherchannel Displays EtherChannel information for a channel show lacp Displays LACP channel group information show pagp Displays PAgP channel group information show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ...

Page 95: ... group interface configuration command You must use the channel group interface configuration command to configure the EtherChannel parameters The channel group command also can set the mode for the EtherChannel You cannot enable both the PAgP and LACP modes on an EtherChannel group PAgP and LACP are not compatible both ends of a channel must use the same protocol Examples This example shows how t...

Page 96: ...cator and supplicant switch is a trunk When you enable VTP on both switches the VTP domain name must be the same and the VTP mode must be server When you configure VTP mode to avoid the MD5 checksum mismatch error verify that VLANs are not configured on two different switches which can be caused by two VTP servers in the same domain Both switches have the different configuration revision numbers E...

Page 97: ...figuration command After entering the class command you enter policy map class configuration mode and these configuration commands are available exit exits policy map class configuration mode and returns to policy map configuration mode no returns a command to its default setting police defines a policer or aggregate policer for the classified traffic The policer specifies the bandwidth limitation...

Page 98: ...ap class class1 Switch config pmap c set dscp 10 Switch config pmap c police 1000000 20000 exceed action policed dscp transmit Switch config pmap c exit You can verify your settings by entering the show policy map privileged EXEC command Related Commands Command Description class map Creates a class map to be used for matching packets to the class whose name you specify police Defines a policer fo...

Page 99: ...e The class map command and its subcommands are used to define packet classification marking and aggregate policing as part of a globally named service policy applied on a per port basis After you are in quality of service QoS class map configuration mode these configuration commands are available description describes the class map up to 200 characters The show class map privileged EXEC command d...

Page 100: ...example shows how to configure the class map called class1 with one match criterion which is an access list called 103 Switch config access list 103 permit ip any any dscp 10 Switch config class map class1 Switch config cmap match access group 103 Switch config cmap exit This example shows how to delete the class map class1 Switch config no class map class1 You can verify your settings by entering...

Page 101: ...r only the information for the specified interface by using the clear dot1x interface interface id command Examples This example shows how to clear all IEEE 8021 x information Switch clear dot1x all This example shows how to clear IEEE 8021 x information for the specified interface Switch clear dot1x interface gigabithethernet1 0 1 You can verify that the information was deleted by entering the sh...

Page 102: ...using the clear eap command or you can clear only the specific information by using the keywords Examples This example shows how to clear all EAP information Switch clear eap This example shows how to clear EAP session credential information for the specified profile Switch clear eap sessions credential type1 You can verify that the information was deleted by entering the show dot1x privileged EXE...

Page 103: ...yntax Description This command has no arguments or keywords Defaults No default is defined Command Modes Privileged EXEC Command History Examples This example shows how to delete the neighbor tables Switch clear energywise neighbors Cleared all non static energywise neighbors You can verify that the tables were deleted by entering the show energywise neighbors privileged EXEC command Related Comma...

Page 104: ...r disable for VLANs by using the clear errdisable interface command Examples This example shows how to re enable all VLANs that were error disabled on Gigabit Ethernet port 4 0 2 Switch clear errdisable interface gigabitethernet4 0 2 vlan Related Commands vlan list Optional Specify a list of VLANs to be re enabled If a vlan list is not specified then all VLANs are re enabled Release Modification 1...

Page 105: ...ts No default is defined Command Modes Privileged EXEC Command History Examples This example shows how to clear the contents of the log buffer Switch clear ip arp inspection log You can verify that the log was cleared by entering the show ip arp inspection log privileged command Related Commands Release Modification 12 2 40 EX1 This command was introduced Command Description arp access list Define...

Page 106: ...Command History Examples This example shows how to clear the statistics for VLAN 1 Switch clear ip arp inspection statistics vlan 1 You can verify that the statistics were deleted by entering the show ip arp inspection statistics vlan 1 privileged EXEC command Related Commands vlan vlan range Optional Clear statistics for the specified VLAN or VLANs You can specify a single VLAN identified by VLAN...

Page 107: ...ase statistics command the switch does not update the entries in the binding database and in the binding file before clearing the statistics Examples This example shows how to clear the DHCP snooping binding database agent statistics Switch clear ip dhcp snooping database statistics You can verify that the statistics were cleared by entering the show ip dhcp snooping database privileged EXEC comma...

Page 108: ...mmand Description ip dhcp snooping Enables DHCP snooping on a VLAN ip dhcp snooping database Configures the DHCP snooping binding database agent or the binding file show ip dhcp snooping binding Displays the status of DHCP snooping database agent show ip dhcp snooping database Displays the DHCP snooping binding database agent statistics show ip dhcp snooping statistics Displays the DHCP snooping s...

Page 109: ... in the binding database and in the binding file before clearing the statistics Examples This example shows how to clear the DHCP snooping binding database agent statistics Switch clear ip dhcp snooping database statistics You can verify that the statistics were cleared by entering the show ip dhcp snooping database privileged EXEC command This example shows how to clear the DHCP snooping statisti...

Page 110: ...mmand Description ip dhcp snooping Enables DHCP snooping on a VLAN ip dhcp snooping database Configures the DHCP snooping binding database agent or the binding file show ip dhcp snooping binding Displays the status of DHCP snooping database agent show ip dhcp snooping database Displays the DHCP snooping binding database agent statistics show ip dhcp snooping statistics Displays the DHCP snooping s...

Page 111: ...r all statistics by using the clear ipc statistics command or you can clear only the queue statistics by using the clear ipc queue statistics command Examples This example shows how to clear all statistics Switch clear ipc statistics This example shows how to clear only the queue statistics Switch clear ipc queue statistics You can verify that the statistics were deleted by entering the show ipc r...

Page 112: ...er dual ipv4 and ipv6 default vlan global configuration command and reload the switch When you configure the DHCPv6 server to detect conflicts it uses ping The client uses neighbor discovery to detect clients and reports to the server through a DECLINE message If an address conflict is detected the address is removed from the pool and the address is not assigned until the administrator removes the...

Page 113: ...on Defaults No default is defined Command Modes Privileged EXEC Command History Usage Guidelines Use this command to clear protocol tunnel counters on the switch or on the specified interface Examples This example shows how to clear Layer 2 protocol tunnel counters on an interface Switch clear l2protocol tunnel counters gigabitethernet1 0 3 Related Commands interface id Optional Specify the interf...

Page 114: ...ing the clear lacp counters command or you can clear only the counters for the specified channel group by using the clear lacp channel group number counters command Examples This example shows how to clear all channel group information Switch clear lacp counters This example shows how to clear LACP traffic counters for group 4 Switch clear lacp 4 counters You can verify that the information was de...

Page 115: ... keywords Defaults No default is defined Command Modes Privileged EXEC Command History Usage Guidelines We recommend that you keep OBFL enabled and do not erase the data stored in the flash memory Examples This example shows how to clear all the OBFL information except for the uptime and CLI command information Switch clear logging onboard Clear logging onboard buffer confirm You can verify that t...

Page 116: ...ress table dynamic address 0008 0070 0007 You can verify that the information was deleted by entering the show mac address table privileged EXEC command Related Commands dynamic Delete all dynamic MAC addresses dynamic address mac addr Optional Delete the specified dynamic MAC address dynamic interface interface id Optional Delete all dynamic MAC addresses on the specified physical port or port ch...

Page 117: ...ommand has no arguments or keywords Defaults No default is defined Command Modes Privileged EXEC Command History Examples This example shows how to clear the MAC address table move update counters Switch clear mac address table move update You can verify that the information was cleared by entering the show mac address table move update privileged EXEC command Related Commands Release Modification...

Page 118: ... when your switch is running the cryptographic encrypted software image clear nmsp statistics Syntax Description This command has no arguments or keywords Defaults No default is defined Command Modes Privileged EXEC Command History Examples This example shows how to clear NMSP statistics Switch clear nmsp statistics You can verify that information was deleted by entering the show nmsp statistics p...

Page 119: ...ll counters by using the clear pagp counters command or you can clear only the counters for the specified channel group by using the clear pagp channel group number counters command Examples This example shows how to clear all channel group information Switch clear pagp counters This example shows how to clear PAgP traffic counters for group 10 Switch clear pagp 10 counters You can verify that inf...

Page 120: ...from the MAC address table Switch clear port security configured address 0008 0070 0007 all Delete all secure MAC addresses configured Delete configured secure MAC addresses dynamic Delete secure MAC addresses auto learned by hardware sticky Delete secure MAC addresses either auto learned or configured address mac addr Optional Delete the specified dynamic secure MAC address interface interface id...

Page 121: ...l the dynamic secure addresses from the address table Switch clear port security dynamic You can verify that the information was deleted by entering the show port security privileged EXEC command Related Commands Command Description switchport port security Enables port security on an interface switchport port security mac address mac address Configures secure MAC addresses switchport port securit...

Page 122: ...is defined Command Modes Privileged EXEC Command History Usage Guidelines If the interface id is not specified spanning tree counters are cleared for all interfaces Examples This example shows how to clear spanning tree counters for all interfaces Switch clear spanning tree counters Related Commands interface interface id Optional Clear all spanning tree counters on the specified interface Valid i...

Page 123: ...ds only IEEE 802 1D BPDUs on that port A multiple spanning tree MST switch can also detect that a port is at the boundary of a region when it receives a legacy BPDU an MST BPDU Version 3 associated with a different region or a rapid spanning tree RST BPDU Version 2 However the switch does not automatically revert to the rapid PVST or the MSTP mode if it no longer receives IEEE 802 1D BPDUs because...

Page 124: ...s statistics Syntax Description This command has no arguments or keywords Defaults No default is defined Command Modes Privileged EXEC Command History Examples This example shows how to clear VLAN Membership Policy Server VMPS statistics Switch clear vmps statistics You can verify that information was deleted by entering the show vmps statistics privileged EXEC command Related Commands Release Mod...

Page 125: ...pruning counters clear vtp counters Syntax Description This command has no arguments or keywords Defaults No default is defined Command Modes Privileged EXEC Command History Examples This example shows how to clear the VTP counters Switch clear vtp counters You can verify that information was deleted by entering the show vtp counters privileged EXEC command Related Commands Release Modification 12...

Page 126: ...e stack This keyword is supported only on stacking capable switches destination Specify the location on the local network or file system to which the system messages are copied For destination specify the destination on the local or network file system and the filename These options are supported The syntax for the local flash file system flash number filename Use the number parameter to specify t...

Page 127: ...BFL see the hw module command Examples This example shows how to copy the OBFL data messages to the obfl_file file on the flash file system for stack member 3 Switch copy logging onboard module 3 flash obfl_file OBFL copy successful Switch Related Commands Release Modification 12 2 40 EX1 This command was introduced Command Description hw module module switch number logging onboard Enables OBFL sh...

Page 128: ... can combine multiple interface types in a macro When entering the interface range use this format type first interface last interface You must add a space between the first interface number and the hyphen when entering an interface range For example gigabitethernet 1 0 1 2 is a valid range gigabitethernet 1 0 1 2 is not a valid range Valid values for type and interface vlan vlan id vlan ID where ...

Page 129: ... ranges you must enter a space after the first entry before the comma The space after the comma is optional for example gigabitethernet1 0 3 gigabitethernet2 0 1 2 gigabitethernet1 0 3 4 tengigabitethernet1 0 1 2 Examples This example shows how to create a multiple interface macro Switch config define interface range macro1 gigabitethernet1 0 1 2 gigabitethernet1 0 5 7 gigabitethernet3 0 2 4 tengi...

Page 130: ...tions For more information about this command see the Cisco IOS Configuration Fundamentals Command Reference Release 12 2 Examples This example shows how to remove the directory that contains the old software image after a successful download of a new image Switch delete force recursive flash old image You can verify that the directory was removed by entering the dir filesystem privileged EXEC com...

Page 131: ...st sender mac sender mac sender mac mask any host target mac target mac target mac mask log This command is supported only if your switch is running the IP services feature set Syntax Description Defaults There are no default settings However at the end of the ARP access list there is an implicit deny ip any mac any command Command Modes ARP access list configuration request Optional Define a matc...

Page 132: ...00 0000 abcd Switch config arp access list static hosts Switch config arp nacl deny ip host 1 1 1 1 mac host 0000 0000 abcd Switch config arp nacl end You can verify your settings by entering the show arp access list privileged EXEC command Related Commands Release Modification 12 2 40 EX1 This command was introduced Command Description arp access list Defines an ARP access control list ACL ip arp...

Page 133: ...ber icmp type icmp code icmp message dscp value log log input routing sequence value time range name Transmission Control Protocol deny tcp source ipv6 prefix prefix length any host source ipv6 address operator port number destination ipv6 prefix prefix length any host destination ipv6 address operator port number ack dscp value established fin log log input neq port protocol psh range port protoc...

Page 134: ...the address is specified in hexadecimal using 16 bit values between colons host destination ipv6 address The destination IPv6 host address for which to set deny conditions This destination ipv6 address argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16 bit values between colons dscp value Optional Match a differentiated services code point va...

Page 135: ... ICMP packets ICMP packets that are filtered by ICMP message type can also be filtered by the ICMP message code The code is a number from 0 to 255 icmp message Optional Specify an ICMP message name for filtering ICMP packets ICMP packets can be filtered by an ICMP message name or an ICMP message type and code The possible names are listed in the Usage Guidelines section ack Optional Only for the T...

Page 136: ...neighbor discovery and to deny icmp any any nd na or icmp any any nd ns there must be an explicit deny entry in the ACL For the three implicit statements to take effect an IPv6 ACL must contain at least one entry The IPv6 neighbor discovery process uses the IPv6 network layer service Therefore by default IPv6 ACLs implicitly allow IPv6 neighbor discovery packets to be sent and received on an inter...

Page 137: ...permits all other traffic to leave the interface The second permit entry is necessary because an implicit deny all condition is at the end of each IPv6 access list Switch config ipv6 access list CISCO Switch config ipv6 acl deny tcp any any gt 5000 Switch config ipv6 acl deny 0 lt 5000 0 log Switch config ipv6 acl permit icmp any any Switch config ipv6 acl permit any any Switch config ipv6 acl exi...

Page 138: ...ost MAC address and optional subnet mask If the source address for a packet matches the defined address non IP traffic from that address is denied host dst MAC addr dst MAC addr mask Define a destination MAC address and optional subnet mask If the destination address for a packet matches the defined address non IP traffic to that address is denied type mask Optional Use the Ethertype number of a p...

Page 139: ...encapsulation to identify the protocol of the packet mask is a mask of don t care bits applied to the LSAP number before testing for a match mop console Optional Select EtherType DEC MOP Remote Console mop dump Optional Select EtherType DEC MOP Dump msdos Optional Select EtherType DEC MSDOS mumps Optional Select EtherType DEC MUMPS netbios Optional Select EtherType DEC Network Basic Input Output S...

Page 140: ...ccess lists see the software configuration guide for this release Examples This example shows how to define the named MAC extended access list to deny NETBIOS traffic from any source to MAC address 00c0 00a0 03fa Traffic matching this list is denied Switch config ext macl deny any host 00c0 00a0 03fa netbios This example shows how to remove the deny condition from the named MAC extended access lis...

Page 141: ...val Configure the interval between tests switch number Specify the switch number which is the stack member number If the switch is a standalone switch the switch number is 1 If the switch is in a stack the range is 1 to 9 depending on the switch member numbers in the stack This keyword is supported only on stacking capable switches test Specify the tests to be run name Specify the name of the test...

Page 142: ...the minutes from 0 to 60 ss Enter the seconds from 0 to 60 milliseconds Enter the test time in milliseconds from 0 to 999 day Enter the number of days between test from 0 to 20 Enter the diagnostic monitor test 1 command to enable diagnostic monitoring You must configure the failure threshold and the interval between tests before enabling diagnostic monitoring When entering the diagnostic monitor ...

Page 143: ...e range is 1 to 9 depending on the switch member numbers in the stack This keyword is supported only on stacking capable switches test Specify the tests to be scheduled name Specify the name of the test For more information see the Usage Guidelines section test id Specify the ID number of the test The range is from 1 to 7 For more information see the Usage Guidelines section test id range Specify ...

Page 144: ...per case or lower case characters dd Enter the day as a 2 digit number such as 03 or 16 yyyy Enter the year as a 4 digit number such as 2006 day of week Spell out the day of the week such as Monday Tuesday and so on with upper case or lower case characters Note If you are running a diagnostic test that has the reload attribute on a switch in a stack you could potentially partition the stack depend...

Page 145: ...6 TestPortAsicMem B D R 7 TestInlinePwrCtlr B D R switch number Specify the switch number which is the stack member number If the switch is a standalone switch the switch number is 1 If the switch is in a stack the range is 1 to 9 depending on the switch member numbers in the stack This keyword is supported only on stacking capable switches test Specify the tests to run name Specify the name of a ...

Page 146: ...st Switch 1 Running test s 2 may disrupt normal system operation Do you want to continue no y Switch 16 43 29 STACKMGR 4 STACK_LINK_CHANGE Stack Port 2 Switch 2 has changed to state DOWN 16 43 30 STACKMGR 4 STACK_LINK_CHANGE Stack Port 1 Switch 9 has changed to state DOWN 16 43 30 STACKMGR 4 SWITCH_REMOVED Switch 1 has been REMOVED from the stack Switch 16 44 35 STACKMGR 4 STACK_LINK_CHANGE Stack ...

Page 147: ...age appears if the configured test can cause a stack partition Switch 6 Running test s 2 will cause the switch under test to reload after completion of the test list Switch 6 Running test s 2 will partition stack Switch 6 Running test s 2 may disrupt normal system operation Do you want to continue no Related Commands Command Description show diagnostic Displays online diagnostic test results ...

Page 148: ...before globally enabling IEEE 802 1x authentication A method list describes the sequence and authentication methods to be used to authenticate a user Before globally enabling IEEE 802 1x authentication on a switch remove the EtherChannel configuration from the interfaces on which IEEE 802 1x authentication and EtherChannel are configured If you are using a device running the Cisco Access Control S...

Page 149: ...ior on the switch Switch config dot1x guest vlan supplicant You can verify your settings by entering the show dot1x interface interface id privileged EXEC command Related Commands Command Description dot1x critical global configuration Configures the parameters for the inaccessible authentication bypass feature on the switch dot1x guest vlan Enables and specifies an active VLAN as an IEEE 802 1x g...

Page 150: ...mmand History Usage Guidelines If you reconfigure the maximum number of authentication attempts allowed by the VLAN the change takes effect after the re authentication timer expires Examples This example shows how to set 2 as the maximum number of authentication attempts allowed before the port is moved to the restricted VLAN on port 3 Switch configure terminal Enter configuration commands one per...

Page 151: ...th fail max attempts Related Commands Command Description dot1x auth fail vlan vlan id Enables the optional restricted VLAN feature dot1x max reauth req count Sets the maximum number of times that the switch restarts the authentication process before a port changes to the unauthorized state show dot1x interface interface id Displays IEEE 802 1x status for the specified port ...

Page 152: ...ugh a hub the port might never receive a link down event when that host is disconnected and as a result might not detect any new hosts until the next re authentication attempt occurs If the supplicant fails authentication the port is moved to a restricted VLAN and an EAP success message is sent to the supplicant Because the supplicant is not notified of the actual authentication failure there migh...

Page 153: ... wait in a held state because the restricted VLAN configuration still exists While the restricted VLAN is inactive all authentication attempts are counted so that when the restricted VLAN becomes active the port is immediately placed in the restricted VLAN The restricted VLAN is supported only in single host mode the default port mode For this reason when a port is placed in a restricted VLAN the ...

Page 154: ...thentication with Wake on LAN section in the Configuring IEEE 802 1x Port Based Authentication chapter in the software configuration guide Examples This example shows how to enable unidirectional control Switch config if dot1x control direction in This example shows how to enable bidirectional control Switch config if dot1x control direction both You can verify your settings by entering the show d...

Page 155: ...rectional control this appears in the show dot1x all command output ControlDirection In If you enter the dot1x control direction in interface configuration command and the port cannot support this mode due to a configuration conflict this appears in the show dot1x all command output ControlDirection In Disabled due to port settings Related Commands Command Description show dot1x all interface inte...

Page 156: ...ed for the switch Command Modes Global configuration Command History Usage Guidelines You must have another switch set up as the authenticator for this switch to be the supplicant Examples This example shows how to configure a switch as a supplicant Switch config dot1x credentials profile You can verify your settings by entering the show running config privileged EXEC command Related Commands prof...

Page 157: ...he eapol keyword to specify that the switch sends an EAPOL Success message when the switch puts the critical port in the critical authentication state Use the recovery delay milliseconds keyword to set the recovery delay period during which the switch waits to re initialize a critical port when a RADIUS server that was unavailable becomes available The default recovery delay period is 1000 millise...

Page 158: ...itch 3130 and 3032 for Dell Cisco IOS Commands dot1x critical global configuration Related Commands Command Description dot1x critical interface configuration Enables the inaccessible authentication bypass feature and configures the access VLAN for the feature show dot1x Displays IEEE 802 1x status for the specified port ...

Page 159: ...Guidelines To specify the access VLAN to which the switch assigns a critical port when the port is in the critical authentication state use the vlan vlan id keywords The specified type of VLAN must match the type of port as follows If the critical port is an access port the VLAN must be an access VLAN If the critical port is a private VLAN host port the VLAN must be a secondary private VLAN If the...

Page 160: ... can configure the inaccessible bypass feature and port security on the same switch port Examples This example shows how to enable the inaccessible authentication bypass feature on port 1 Switch configure terminal Enter configuration commands one per line End with CNTL Z Switch config interface gigabitethernet1 0 1 Switch config if dot1x critical Switch config if end Switch config end Switch You c...

Page 161: ...n re authentication attempts is 3600 seconds The periodic re authentication is disabled The quiet period is 60 seconds The retransmission time is 30 seconds The maximum retransmission number is 2 times The host mode is single host The client timeout period is 30 seconds The authentication server timeout period is 30 seconds Command Modes Interface configuration Command History Examples This exampl...

Page 162: ...e entering this command Examples This example shows how to specify a fallback profile to a switch port that has been configured for IEEE 802 1x authentication Switch configure terminal Enter configuration commands one per line End with CNTL Z Switch config interface gigabitethernet1 0 3 Switch config if dot1x fallback profile1 Switch config fallback profile exit Switch config end You can verify yo...

Page 163: ...2 1x port on the switch you can configure a guest VLAN to provide limited services to clients a device or workstation connected to the switch not running IEEE 802 1x authentication These users might be upgrading their systems for IEEE 802 1x authentication and some hosts such as Windows 98 systems might not be IEEE 802 1x capable When you enable a guest VLAN on an IEEE 802 1x port the switch assig...

Page 164: ...sed on the client MAC address when IEEE 802 1x authentication times out while waiting for an EAPOL message exchange After detecting a client on an IEEE 802 1x port the switch waits for an Ethernet packet from the client The switch sends the authentication server a RADIUS access request frame with a username and password based on the MAC address If authorization succeeds the switch grants the clien...

Page 165: ...needs to be successfully authorized for all hosts to be granted network access If the port becomes unauthorized re authentication fails or an Extensible Authentication Protocol over LAN EAPOL logoff message is received all attached clients are denied access to the network Before entering this command make sure that the dot1x port control interface configuration command is set to auto for the speci...

Page 166: ...des Privileged EXEC Command History Usage Guidelines Use this command to initialize the IEEE 802 1x state machines and to set up a fresh environment for authentication After you enter this command the port status becomes unauthorized There is not a no form of this command Examples This example shows how to manually initialize a port Switch dot1x initialize interface gigabitethernet2 0 2 You can ve...

Page 167: ...the authentication server database the port remains in the unauthorized state However if the client MAC address is added to the database the switch can use MAC authentication bypass to re authorize the port If the port is in the authorized state the port remains in this state until re authorization occurs If an EAPOL packet is detected on the interface during the lifetime of the link the switch de...

Page 168: ...xamples This example shows how to enable MAC authentication bypass and to configure the switch to use EAP for authentication Switch config if dot1x mac auth bypass eap You can verify your settings by entering the show dot1x interface interface id privileged EXEC command Related Commands Command Description show dot1x interface interface id Displays IEEE 802 1x status for the specified port ...

Page 169: ...h certain clients and authentication servers Examples This example shows how to set 4 as the number of times that the switch restarts the authentication process before the port changes to the unauthorized state Switch config if dot1x max reauth req 4 You can verify your settings by entering the show dot1x interface interface id privileged EXEC command Related Commands count Number of times that th...

Page 170: ...f this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers Examples This example shows how to set 5 as the number of times that the switch sends an EAP frame from the authentication server to the client before restarting the authentication process Switch config if dot1x max req 5 You can verify yo...

Page 171: ...ot1x pae interface configuration command to disable IEEE 802 1x authentication on the port When you configure IEEE 802 1x authentication on a port such as by entering the dot1x port control interface configuration command the switch automatically configures the port as an EEE 802 1x authenticator After the no dot1x pae interface configuration command is entered the Authenticator PAE operation is d...

Page 172: ...k port an error message appears and IEEE 802 1x is not enabled If you try to change the mode of an IEEE 802 1x enabled port to trunk an error message appears and the port mode is not changed Dynamic ports A port in dynamic mode can negotiate with its neighbor to become a trunk port If you try to enable IEEE 802 1x authentication on a dynamic port an error message appears and IEEE 802 1x authentica...

Page 173: ...Port Analyzer SPAN and Remote SPAN RSPAN destination ports You can enable IEEE 802 1x authentication on a port that is a SPAN or RSPAN destination port However IEEE 802 1x authentication is disabled until the port is removed as a SPAN or RSPAN destination You can enable IEEE 802 1x authentication on a SPAN or RSPAN source port To globally disable IEEE 802 1x authentication on the switch use the no...

Page 174: ... History Usage Guidelines You can use this command to re authenticate a client without waiting for the configured number of seconds between re authentication attempts re authperiod and automatic re authentication Examples This example shows how to manually re authenticate the device connected to a port Switch dot1x re authenticate interface gigabitethernet2 0 1 Related Commands interface interface...

Page 175: ...hentication attempts by using the dot1x timeout reauth period interface configuration command Examples This example shows how to disable periodic re authentication of the client Switch config if no dot1x reauthentication This example shows how to enable periodic re authentication and to set the number of seconds between re authentication attempts to 4000 seconds Switch config if dot1x reauthentica...

Page 176: ...following a failed authentication exchange with the client The range is 1 to 65535 ratelimit period seconds Number of seconds that the switch ignores Extensible Authentication Protocol over LAN EAPOL packets from clients that have been successfully authenticated during this duration The range is 1 to 65535 reauth period seconds server Set the number of seconds between re authentication attempts Th...

Page 177: ...able periodic re authentication and to specify the value of the Session Timeout RADIUS attribute as the number of seconds between re authentication attempts Switch config if dot1x reauthentication Switch config if dot1x timeout reauth period server This example shows how to set 30 seconds as the quiet time on the switch Switch config if dot1x timeout quiet period 30 This example shows how to set 4...

Page 178: ...E 802 1x enabled port as error disabled and to shut down when a new device connects to the port Switch config if dot1x violation mode shutdown This example shows how to configure an IEEE 802 1x enabled port to generate a system error message and change the port to restricted mode when a new device connects to the port Switch config if dot1x violation mode restrict This example shows how to configu...

Page 179: ...ll Command Reference OL 13271 03 Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands dot1x violation mode Related Commands Command Description show dot1x interface interface id Displays IEEE 802 1x status for the specified port ...

Page 180: ... to auto has the same effect as specifying full if the attached device does not autonegotiate the duplex parameter Note Half duplex mode is supported on Gigabit Ethernet interfaces if the duplex mode is auto and the connected device is operating at half duplex However you cannot configure these interfaces to operate in half duplex mode Certain ports can be configured to be either full duplex or ha...

Page 181: ...to auto Caution Changing the interface speed and duplex mode configuration might shut down and re enable the interface during the reconfiguration For guidelines on setting the switch speed and duplex parameters see the Configuring Interface Characteristics chapter in the software configuration guide for this release Examples This example shows how to configure an interface for full duplex operatio...

Page 182: ...word for the entity When assigning multiple keywords separate the keywords with commas and do not use spaces between keywords You can enter alphanumeric characters and symbols such as or Do not use an asterisk or a blank space between the characters and symbols level level Set the power level of the entity The range is from 1 to 10 management udp port number Specify the UDP port that sends and rec...

Page 183: ...d set the password Switch configure terminal Enter configuration commands one per line End with CNTL Z Switch config energywise domain cisco secret cisco protocol udp port 43440 ip 2 2 4 30 Switch config energywise importance 50 Switch config energywise keywords lab1 devlab Switch config energywise management 60500 Switch config energywise name Entity01 Switch config energywise neighbor TG3560G 21...

Page 184: ...e keywords with commas and do not use spaces between keywords You can enter alphanumeric characters and symbols such as or Do not use an asterisk or a blank space between the characters and symbols level level Optional Set the power level of the port The range is from 0 and 10 If the power level is 0 the port is powered off If the power level is from 1 to 10 the port is powered You can enter any v...

Page 185: ...0 recurrence importance 90 at 0 8 Switch config if energywise level 0 recurrence importance 90 at 0 20 Switch config if energywise inportance 50 Switch config if energywise name lobbyInterface 3 Switch config if energywise role role lobbyaccess Switch config if end Related Commands name name Optional Specify the EnergyWise specific port name You can enter alphanumeric characters and symbols such a...

Page 186: ...mmand Modes Privileged EXEC Command History domain domain name Assign the entity to a domain with the specified domain name You can enter alphanumeric characters and symbols such as or Do not use an asterisk or a blank space between the characters and symbols secret 0 7 password Set the password for secure communication among the entities in the domain Optional 0 Use an unencrypted password Option...

Page 187: ... the entity selects the first available port to communicate with the network and with management applications Examples This example shows how to enable EnergyWise set the domain name and password and specify the IP address Switch config energywise domain cisco secret cisco protocol udp port 43440 ip 2 2 4 30 Related Commands Command Description show energywise Displays the EnergyWise settings and ...

Page 188: ...ple keywords separate the keywords with commas and do not use spaces between keywords You can enter alphanumeric characters and symbols such as or Do not use an asterisk or a blank space between the characters and symbols name name Filter the results based on the name For the wildcard use or name with the asterisk at the end of the name phrase You can enter alphanumeric characters and symbols such...

Page 189: ...level command Caution Use this query with care because it affects the entity on which you enter the command and other domain devices that match the query criteria Examples These examples show how to filter with the entity name Switch energywise query name phone collect usage EnergyWise query timeout is 3 seconds Host Name Usage 2 2 2 21 phone 0 0 W 2 2 2 21 phone 15 4 W 2 2 2 21 phoneA 0 0 W 2 2 2...

Page 190: ...se query name sum delta EnergyWise query timeout is 3 seconds Level Label Delta Power W 0 Shut 12 9 1 Hibernate 723 8 2 Sleep 723 8 3 Standby 723 8 4 Ready 723 8 5 Low 723 8 6 Frugal 723 8 7 Medium 723 8 8 Reduced 723 8 9 High 723 8 10 Full 723 8 Queried 48 Responded 48 Time 0 15 seconds This example shows the power usage in the domain Switch show energywise children Interface Role Name Usage Lvl ...

Page 191: ...ig if energywise keywords public Switch config if end Switch show running config interface gigabitethernet1 0 2 interface GigabitEthernet1 0 2 energywise level 0 recurrence importance 90 at 0 8 energywise level 10 recurrence importance 90 at 0 20 energywise importance 50 energywise role role lobbyaccess energywise keywords lobby sattelite public energywise name lobbyInterface 2 end Switch energywi...

Page 192: ...lation occurs the entire port is disabled Use the no form of this command to disable the per VLAN error disable feature errdisable detect cause bpduguard shutdown vlan no errdisable detect cause bpduguard shutdown vlan Syntax Description Note Though visible in the command line help strings the inline power keyword is not supported Defaults Detection is enabled for all causes all Enable error detec...

Page 193: ... the cause the interface is brought out of the error disabled state and allowed to retry the operation when all causes have timed out If you do not set a recovery mechanism you must enter the shutdown and then the no shutdown commands to manually recover an interface from the error disabled state Examples This example shows how to enable error disabled detection for the link flap error disabled ca...

Page 194: ...mand has no arguments or keywords Defaults This feature is disabled Command Modes Global configuration Command History Usage Guidelines This command globally enables the small frame arrival feature Use the small violation rate interface configuration command to set the threshold for each port You can configure the port to be automatically re enabled by using the errdisable recovery cause small fra...

Page 195: ...nd Description errdisable detect cause small frame Enables the recovery timer errdisable recovery interval interval Specifies the time to recover from the specified error disabled state show interfaces Displays the interface settings on the switch including input and output flow control small frame violation rate Configures the rate threshold for incoming small frames to cause a port to be put int...

Page 196: ...led state arp inspection Enable the timer to recover from the Address Resolution Protocol ARP inspection error disabled state channel misconfig Enable the timer to recover from the EtherChannel misconfiguration error disabled state dhcp rate limit Enable the timer to recover from the DHCP snooping error disabled state dtp flap Enable the timer to recover from the Dynamic Trunking Protocol DTP flap...

Page 197: ...and the no shutdown interface configuration commands If you enable the recovery for a cause the interface is brought out of the error disabled state and allowed to retry the operation again when all the causes have timed out Otherwise you must enter the shutdown and then the no shutdown commands to manually recover an interface from the error disabled state Examples This example shows how to enabl...

Page 198: ...ble recovery Related Commands Command Description show errdisable recovery Displays error disabled recovery timer information show interfaces status err disabled Displays interface status or a list of interfaces in error disabled state clear errdisable interface Clears the error disabled state from a port or VLAN that was error disabled by the per VLAN error disable feature ...

Page 199: ...l configuration Command History Usage Guidelines This command enables the recovery timer for error disabled ports You configure the recovery time by using the errdisable recovery interval interval interface configuration command Examples This example shows how to set the recovery timer Switch config errdisable recovery cause small frame You can verify your setting by entering the show interfaces u...

Page 200: ...des additional information that can help determine the cause of the switch failure If you enter the exception crashinfo global configuration command on a stack master it configures all the stack members to create the extended crashinfo file if the Cisco IOS image on the stack members fail Use the no exception crashinfo global configuration command to configure the switch to not create the extended...

Page 201: ... profile command you enter profile configuration mode and these configuration commands are available ip Create an IP configuration access group Specify access control for packets sent by hosts that have not yet been authenticated admission Apply an IP admission rule Examples This example shows how to create a fallback profile to be used with web authentication Switch configure terminal Switch conf...

Page 202: ... dot1x fallback Configure a port to use web authentication as a fallback method for clients that do not support IEEE 802 1x authentication ip admission Enable web authentication on a switch port ip admission name proxy http Enable web authentication globally on a switch show dot1x interface interface id Displays IEEE 802 1x status for the specified port show fallback profile Display the configured...

Page 203: ...ow control pause frames Note that the on and desired keywords have the same result When you use the flowcontrol command to set a port to control traffic rates during congestion you are setting flow control on a port to one of these conditions receive on or desired The port cannot send pause frames but can operate with an attached device that is required to or is able to send pause frames The port ...

Page 204: ...l Resolution Local Device Remote Device Local Device Remote Device send off receive on send on receive on send on receive off send desired receive on send desired receive off send off receive on send off receive off Receives only Receives only Receives only Receives only Receives only Does not send or receive Sends and receives Sends only Sends and receives Sends only Receives only Does not send o...

Page 205: ...ed by the switch are stored in the flash memory On a standalone switch entering the hw module module switch number logging onboard message level level command is the same as entering the hw module module logging onboard message level level command Entering the hw module module logging onboard message level level on a stack master enables OBFL on all the stack members that support OBFL Examples Thi...

Page 206: ... standalone switch and to specify that only severity 1 hardware related messages are stored in the flash memory of the switch Switch config hw module module 1 logging onboard message level 1 You can verify your settings by entering the show logging onboard privileged EXEC command Related Commands Command Description clear logging Removes the OBFL data in the flash memory show logging onboard Displ...

Page 207: ...lly creates the port channel interface when the channel group gets its first physical port If you create the port channel interface first the channel group number can be the same as the port channel number or you can use a new number If you use a new number the channel group command dynamically creates a new port channel You create Layer 3 port channels by using the interface port channel command ...

Page 208: ...guring EtherChannels chapter in the software configuration guide for this release Examples This example shows how to create a port channel interface with a port channel number of 5 Switch config interface port channel 5 You can verify your setting by entering the show running config privileged EXEC or show etherchannel channel group number detail privileged EXEC command Related Commands Command De...

Page 209: ...ileged EXEC command VLANs not displayed cannot be used in the interface range command The commands entered under interface range command are applied to all existing VLAN SVIs in the range All configuration changes made to an interface range are saved to NVRAM but the interface range itself is not saved to NVRAM You can enter the interface range in two ways Specifying up to five interface ranges Sp...

Page 210: ...ot specify both a macro and an interface range in the same command You can also specify a single interface in port range The command is then similar to the interface interface id global configuration command For more information about configuring interface ranges see the software configuration guide for this release Examples This example shows how to use the interface range command to enter interf...

Page 211: ... trunk or the VLAN ID configured for an access port Note When you create an SVI it does not become active until it is associated with a physical port If you delete an SVI by entering the no interface vlan vlan id command the deleted interface is no longer visible in the output from the show interfaces privileged EXEC command Note You cannot delete the VLAN 1 interface You can re instate a deleted ...

Page 212: ...ws how to create a new SVI with VLAN ID 23 and to enter interface configuration mode Switch config interface vlan 23 Switch config if You can verify your setting by entering the show interfaces and show interfaces vlan vlan id privileged EXEC commands Related Commands Command Description show interfaces vlan vlan id Displays the administrative and operational status of all interfaces or the specif...

Page 213: ...uration command You can used numbered standard access lists ranging from 1 to 99 and 1300 to 1999 or extended access lists ranging from 100 to 199 and 2000 to 2699 You can use this command to apply an access list to a Layer 2 or Layer 3 interface However note these limitations for Layer 2 interfaces port ACLs You can only apply ACLs in the inbound direction the out keyword is not supported for Lay...

Page 214: ... by the port ACL Outgoing routed IP packets are filtered by both the VLAN map and the router ACL Other packets are filtered only by the VLAN map You can apply IP ACLs to both outbound or inbound Layer 3 interfaces A Layer 3 interface can have one IP ACL applied in each direction You can configure only one VLAN map and one router ACL in each direction input output on a VLAN interface For standard i...

Page 215: ...res a named ACL For syntax information select Cisco IOS IP Command Reference Volume 1 of 3 Addressing and Services Release 12 2 IP Services Commands show access lists Displays ACLs configured on the switch show ip access lists Displays IP ACLs configured on the switch For syntax information select Cisco IOS IP Command Reference Volume 1 of 3 Addressing and Services Release 12 2 IP Services Command...

Page 216: ...face by removing its IP address with the no ip address command If the switch detects another host using one of its IP addresses it will send an error message to the console You can use the optional keyword secondary to specify an unlimited number of secondary addresses Secondary addresses are treated like primary addresses except the system never generates datagrams other than routing updates with...

Page 217: ... reallocate system hardware resources based on templates and feature tables For more information see the sdm prefer command Examples This example shows how to configure the IP address for the Layer 2 switch on a subnetted network Switch config interface vlan 1 Switch config if ip address 172 20 128 2 255 255 255 0 This example shows how to configure the IP address for a port on the Layer 3 switch ...

Page 218: ...interface gigabitethernet1 0 1 Switch config if ip admission rule1 This example shows how to apply a web authentication rule to a fallback profile for use on an IEEE 802 1x enabled switch port Switch configure terminal Switch config fallback profile profile1 Switch config ip admission name rule1 Switch config end Related Commands rule Apply an IP admission rule to the interface Release Modificatio...

Page 219: ...p access group in and ip admission web rule interface configuration commands to enable web authentication on a specific interface Examples This example shows how to configure only web authentication on a switchport Switch configure terminal Switch config ip admission name http rule proxy http Switch config interface gigabitethernet1 0 1 Switch config if ip access group 101 in Switch config if ip a...

Page 220: ...dot1x fallback Configure a port to use web authentication as a fallback method for clients that do not support IEEE 802 1x authentication fallback profile Create a web authentication fallback profile ip admission Enable web authentication on a port show ip admission Displays information about NAC cached entries or the NAC configuration For more information see the Network Admission Control Softwar...

Page 221: ...it All other packet types are bridged in the ingress VLAN without validation If the switch denies a packet because of an explicit deny statement in the ACL the packet is dropped If the switch denies a packet because of an implicit deny statement the packet is then compared against the list of DHCP bindings unless the ACL is static which means that packets are not compared against the bindings Use ...

Page 222: ...verify your settings by entering the show ip arp inspection vlan 1 privileged EXEC command Related Commands Command Description arp access list Defines an ARP ACL deny ARP access list configuration Denies an ARP packet based on matches against the DHCP bindings permit ARP access list configuration Permits an ARP packet based on matches against the DHCP bindings show arp access list Displays detail...

Page 223: ...yword to make the rate unlimited After a switch receives more than the configured rate of packets every second consecutively over a number of burst seconds the interface is placed into an error disabled state Unless you explicitly configure a rate limit on an interface changing the trust state of the interface also changes its rate limit to the default value for that trust state After you configur...

Page 224: ... The rate of incoming ARP packets on EtherChannel ports equals the sum of the incoming rate of ARP packets from all the channel members Configure the rate limit for EtherChannel ports only after examining the rate of incoming ARP packets on all the channel members Examples This example shows how to limit the rate of incoming ARP requests on a port to 25 pps and to set the interface monitoring inte...

Page 225: ...ample if the logs number is 20 and the interval seconds is 4 the switch generates system messages for five entries every second while there are entries in the log buffer A log buffer entry can represent more than one packet For example if an interface receives many packets on the same VLAN with the same ARP parameters the switch combines the packets as one entry in the log buffer and generates a s...

Page 226: ...ffer to hold up to 45 entries Switch config ip arp inspection log buffer entries 45 This example shows how to configure the logging rate to 20 log entries per 4 seconds With this configuration the switch generates system messages for five entries every second while there are entries in the log buffer Switch config ip arp inspection log buffer logs 20 interval 4 You can verify your settings by ente...

Page 227: ... Command Modes Interface configuration Command History Usage Guidelines The switch does not check ARP packets that it receives on the trusted interface it simply forwards the packets For untrusted interfaces the switch intercepts all ARP requests and responses It verifies that the intercepted packets have valid IP to MAC address bindings before updating the local cache and before forwarding the pa...

Page 228: ... arp inspection trust Related Commands Command Description ip arp inspection log buffer Configures the dynamic ARP inspection logging buffer show inventory interfaces Displays the trust state and the rate limit of ARP packets for the specified interface or all interfaces show inventory log Displays the configuration and contents of the dynamic ARP inspection log buffer ...

Page 229: ... if a command enables src mac and dst mac validations and a second command enables IP validation only the src mac and dst mac validations are disabled as a result of the second command src mac Compare the source MAC address in the Ethernet header against the sender MAC address in the ARP body This check is performed on both ARP requests and responses When enabled packets with different MAC address...

Page 230: ...ARP probes and configure the ip arp inspection validate ip command ARP probes are dropped unless you enter the allow zeros keyword The no form of the command disables only the specified checks If none of the options are enabled all checks are disabled Examples This example show how to enable source MAC validation Switch config ip arp inspection validate src mac You can verify your setting by enter...

Page 231: ...iguration Command History Usage Guidelines You must specify the VLANs on which to enable dynamic ARP inspection Dynamic ARP inspection is supported on access ports trunk ports EtherChannel ports or private VLAN ports Examples This example shows how to enable dynamic ARP inspection on VLAN 1 Switch config ip arp inspection vlan 1 You can verify your setting by entering the show ip arp inspection vl...

Page 232: ...nfigured for logging You can specify a single VLAN identified by VLAN ID number a range of VLANs separated by a hyphen or a series of VLANs separated by a comma The range is 1 to 4094 acl match matchlog none Specify that the logging of packets is based on access control list ACL matches The keywords have these meanings matchlog Log packets based on the logging configuration specified in the access...

Page 233: ...e the static keyword in the ip arp inspection filter vlan global configuration command the ACL overrides the DHCP bindings Some denied packets might not be logged unless you explicitly specify the deny ip any mac any log ACE at the end of the ARP ACL Examples This example shows how to configure ARP inspection on VLAN 1 to log packets that match the permit commands in the ACL Switch config arp acce...

Page 234: ...s Global configuration Command History Usage Guidelines For any DHCP snooping configuration to take effect you must globally enable DHCP snooping DHCP snooping is not active until you enable snooping on a VLAN by using the ip dhcp snooping vlan vlan id global configuration command Examples This example shows how to enable DHCP snooping Switch config ip dhcp snooping You can verify your settings by...

Page 235: ...o referred to a binding has an IP address an associated MAC address the lease time in hexadecimal format the interface to which the binding applies and the VLAN to which the interface belongs The database can have up to 8192 bindings Use the show ip dhcp snooping binding privileged EXEC command to display only the configured bindings Use the show ip source binding privileged EXEC command to displa...

Page 236: ...cp snooping binding Related Commands Command Description ip dhcp snooping Enables DHCP snooping on a VLAN show ip dhcp snooping binding Displays the dynamically configured bindings in the DHCP snooping binding database and the configuration information show ip source binding Displays the dynamically and statically configured bindings in the DHCP snooping binding database ...

Page 237: ... The write delay value is 300 seconds 5 minutes Command Modes Global configuration flash number filename Specify that the database agent or the binding file is in the flash memory Optional Use the number parameter to specify the stack member number of the stack master The range for number is 1 to 9 ftp user password host filename Specify that the database agent or the binding file is on an FTP ser...

Page 238: ...ou set the ip dhcp snooping database timeout command to 0 seconds and the database is being written to a TFTP file if the TFTP server goes down the database agent continues to try the transfer indefinitely No other transfer can be initiated while this one is in progress This might be inconsequential because if the server is down no file can be written to it Use the no ip dhcp snooping database com...

Page 239: ... MAC address the remote ID suboption and the port identifier vlan mod port from which the packet is received circuit ID suboption The switch forwards the DHCP request that includes the option 82 field to the DHCP server When the DHCP server receives the packet it can use the remote ID the circuit ID or both to assign IP addresses and implement policies such as restricting the number of IP addresse...

Page 240: ...apter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands ip dhcp snooping information option Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration show ip dhcp snooping binding Displays the DHCP snooping binding information ...

Page 241: ...namic Address Resolution Protocol ARP inspection on an aggregation switch However if DHCP snooping is enabled on the aggregation switch the switch drops packets with option 82 information that are received on an untrusted port and does not learn DHCP snooping bindings for connected devices on a trusted interface If the edge switch to which a host is connected inserts option 82 information and you ...

Page 242: ...for Dell Cisco IOS Commands ip dhcp snooping information option allow untrusted You can verify your settings by entering the show ip dhcp snooping user EXEC command Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration show ip dhcp snooping binding Displays the DHCP snooping binding information ...

Page 243: ...bal configuration command for any DHCP snooping configuration to take effect When the option 82 feature is enabled the default remote ID suboption is the switch MAC address This command allows you to configure either the switch hostname or a string of up to 63 ASCII characters but no spaces to be the remote ID Note If the hostname exceeds 63 characters it will be truncated to 63 characters in the ...

Page 244: ... the switch and you will need to adjust the interface rate limits to a higher value If the rate limit is exceeded the interface is error disabled If you enabled error recovery by entering the errdisable recovery dhcp rate limit global configuration command the interface retries the operation again when all the causes have timed out If the error recovery mechanism is not enabled the interface stays...

Page 245: ...guments or keywords Defaults DHCP snooping trust is disabled Command Modes Interface configuration Command History Usage Guidelines Configure as trusted ports those that are connected to a DHCP server or to other switches or routers Configure as untrusted ports those that are connected to DHCP clients Examples This example shows how to enable DHCP snooping trust on a port Switch config if ip dhcp ...

Page 246: ...he switch verifies the source MAC address in a DHCP packet that is received on untrusted ports matches the client hardware address in the packet Command Modes Global configuration Command History Usage Guidelines In a service provider network when a switch receives a packet from a DHCP client on an untrusted port it automatically verifies that the source MAC address and the DHCP client hardware ad...

Page 247: ...y enable DHCP snooping before enabling DHCP snooping on a VLAN Examples This example shows how to enable DHCP snooping on VLAN 10 Switch config ip dhcp snooping vlan 10 You can verify your settings by entering the show ip dhcp snooping user EXEC command Related Commands vlan vlan range Specify a VLAN ID or a range of VLANs on which to enable DHCP snooping The range is 1 to 4094 You can enter a sin...

Page 248: ...Guidelines You must globally enable DHCP snooping by using the ip dhcp snooping global configuration command for any DHCP snooping configuration to take effect When the option 82 feature is enabled the default circuit ID suboption is the switch VLAN and the port identifier in the format vlan mod port This command allows you to configure a string of ASCII characters to be the circuit ID Note When c...

Page 249: ...id string Note The show ip dhcp snooping user EXEC command only displays the global command output including a remote ID configuration It does not display any per interface per VLAN string that you have configured for the circuit ID Related Commands Command Description ip dhcp snooping information option format remote id Configures the option 82 remote ID suboption show ip dhcp snooping Displays t...

Page 250: ...ion Defaults No IGMP filters are applied Command Modes Interface configuration Command History Usage Guidelines You can apply IGMP filters only to Layer 2 physical interfaces you cannot apply IGMP filters to routed ports switch virtual interfaces SVIs or ports that belong to an EtherChannel group An IGMP profile can be applied to one or more switch port interfaces but one port can have only one pr...

Page 251: ...specified IGMP profile number show ip dhcp snooping statistics Displays the characteristics of the specified IGMP profile show running config interface interface id Displays the running configuration on the switch interface including the IGMP profile if any that is applied to an interface For syntax information select Cisco IOS Configuration Fundamentals Command Reference Release 12 2 File Managem...

Page 252: ...ps is no limit After the switch learns the maximum number of IGMP group entries on an interface the default throttling action is to drop the next IGMP report that the interface receives and to not add an entry for the IGMP group to the interface Command Modes Interface configuration Command History Usage Guidelines You can use this command only on Layer 2 physical interfaces and on logical EtherCh...

Page 253: ...mum group limitation is set to the default no maximum entering the ip igmp max groups deny replace command has no effect Examples This example shows how to limit to 25 the number of IGMP groups that a port can join Switch config interface gigabitethernet1 0 2 Switch config if ip igmp max groups 25 This example shows how to configure the switch to replace the existing group with the new group for w...

Page 254: ...ion mode you can create the profile by using these commands deny specifies that matching addresses are denied this is the default condition exit exits from igmp profile configuration mode no negates a command or resets to its defaults permit specifies that matching addresses are permitted range specifies a range of IP addresses for the profile This can be a single IP address or a range with a star...

Page 255: ... Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands ip igmp profile Related Commands Command Description ip igmp filter Applies the IGMP profile to the specified interface show ip dhcp snooping statistics Displays the characteristics of all IGMP profiles or the specified IGMP profile number ...

Page 256: ...oping is enabled on VLAN interfaces Command Modes Global configuration Command History Usage Guidelines When IGMP snooping is enabled globally it is enabled in all the existing VLAN interfaces When IGMP snooping is globally disabled it is disabled on all the existing VLAN interfaces VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping Examples This e...

Page 257: ... Description ip igmp snooping report suppression Enables IGMP report suppression show ip igmp snooping Displays the snooping configuration show ip igmp snooping groups Displays IGMP snooping multicast information show ip igmp snooping mrouter Displays the IGMP snooping router ports show ip igmp snooping querier Displays the configuration and operation information for the IGMP querier configured on...

Page 258: ...When IGMP snooping is globally disabled IGMP snooping is disabled on all the existing VLAN interfaces VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping Configuring the leave timer on a VLAN overrides the global setting The IGMP configurable leave time is only supported on devices running IGMP Version 2 The configuration is saved in NVRAM Examples ...

Page 259: ...val Related Commands Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN ip igmp snooping vlan immediate leave Enables IGMP Immediate Leave processing ip igmp snooping vlan mrouter Configures a Layer 2 port as a multicast router port ip igmp snooping vlan static Configures a Layer 2 port as a member of a group show ip igmp snooping Displays the IGMP snooping confi...

Page 260: ... disables itself if it detects IGMP traffic from a multicast enabled device Command Modes Global configuration Command History vlan vlan id Optional Enable IGMP snooping and the IGMP querier function on the specified VLAN The range is 1 to 1001 and 1006 to 4094 address ip address Optional Specify a source IP address If you do not specify an IP address the querier tries to use the global IP address...

Page 261: ...s and cannot be used in IGMP snooping Examples This example shows how to globally enable the IGMP snooping querier feature Switch config ip igmp snooping querier This example shows how to set the IGMP snooping querier maximum response time to 25 seconds Switch config ip igmp snooping querier max response time 25 This example shows how to set the IGMP snooping querier interval time to 60 seconds Sw...

Page 262: ...ssion to forward only one IGMP report per multicast router query to multicast devices When IGMP router suppression is enabled the default the switch sends the first IGMP report from all hosts for a group to all the multicast routers The switch does not send the remaining IGMP reports for the group to the multicast routers This feature prevents duplicate reports from being sent to the multicast dev...

Page 263: ... Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands ip igmp snooping report suppression Related Commands Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN show ip igmp snooping Displays the IGMP snooping configuration of the switch or the VLAN ...

Page 264: ...mp snooping tcn flood query count command the flooding stops after receiving 1 general query If you set the count to 7 the flooding of multicast traffic due to the TCN event lasts until 7 general queries are received Groups are relearned based on the general queries received during the TCN event Use the ip igmp snooping tcn query solicit global configuration command to enable the switch to send th...

Page 265: ...ell Cisco IOS Commands ip igmp snooping tcn Related Commands Command Description ip igmp snooping Enables IGMP snooping on the switch or on a VLAN ip igmp snooping tcn flood Specifies flooding on an interface as the IGMP snooping spanning tree TCN behavior show ip igmp snooping Displays the IGMP snooping configuration of the switch or the VLAN ...

Page 266: ...uidelines When the switch receives a TCN multicast traffic is flooded to all the ports until two general queries are received If the switch has many ports with attached hosts that are subscribed to different multicast groups the flooding might exceed the capacity of the link and cause packet loss You can change the flooding query count by using the ip igmp snooping tcn flood query count count glob...

Page 267: ... should configure the Immediate Leave feature only when there is a maximum of one receiver on every port in the VLAN The configuration is saved in NVRAM The Immediate Leave feature is supported only with IGMP Version 2 hosts Examples This example shows how to enable IGMP immediate leave processing on VLAN 1 Switch config ip igmp snooping vlan 1 immediate leave You can verify your settings by enter...

Page 268: ...e reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping The CGMP learn method is useful for reducing control traffic The configuration is saved in NVRAM vlan id Enable IGMP snooping and add the port in the specified VLAN as the multicast router port The range is 1 to 1001 and 1006 to 4094 interface interface id Specify the next hop interface to the multicast router The keyword...

Page 269: ...r learning method as CGMP Switch config ip igmp snooping vlan 1 mrouter learn cgmp You can verify your settings by entering the show ip igmp snooping privileged EXEC command Related Commands Command Description ip igmp snooping report suppression Enables IGMP report suppression show ip igmp snooping Displays the snooping configuration show ip igmp snooping groups Displays IGMP snooping multicast i...

Page 270: ... History Usage Guidelines VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping The configuration is saved in NVRAM Examples This example shows how to statically configure a host on an interface Switch config ip igmp snooping vlan 1 static 0100 5e02 0203 interface gigabitethernet1 0 1 Configuring port gigabitethernet1 0 1 on group 0100 5e02 0203 You c...

Page 271: ...ommand Description ip igmp snooping report suppression Enables IGMP report suppression show ip igmp snooping Displays the snooping configuration show ip igmp snooping groups Displays IGMP snooping multicast information show ip igmp snooping mrouter Displays the IGMP snooping router ports show ip igmp snooping querier Displays the configuration and operation information for the IGMP querier configu...

Page 272: ...ding global configuration command to enable forwarding of IPv4 and IPv6 frames with SNAP encapsulation If a switch that is joining the stack does not support forwarding of IPv4 and IPv6 frames with SNAP encapsulation all the switches in the stack do not forward the IPv4 and IPv6 frames and this forwarding feature is disabled Examples This example shows how to enable forwarding of IPv4 and IPv6 fra...

Page 273: ...s associated MAC address and its associated VLAN number The entry is based on the MAC address and the VLAN number If you modify an entry by changing only the IP address the switch updates the entry instead creating a new one Examples This example shows how to add a static IP source binding Switch config ip source binding 0001 1234 1234 vlan 1 172 20 50 5 interface gigabitethernet1 0 1 This example...

Page 274: ...130 and 3032 for Dell Cisco IOS Commands ip source binding Related Commands Command Description ip verify source Enables IP source guard on an interface show ip source binding Displays the IP source bindings on the switch show ip verify source Displays the IP source guard configuration on the switch or on a specific interface ...

Page 275: ...delines If you do not enter this command or if you do not specify a keyword the SSH server selects the latest SSH version supported by the SSH client For example if the SSH client supports SSHv1 and SSHv2 the SSH server selects SSHv2 The switch supports an SSHv1 or an SSHv2 server It also supports an SSHv1 client For more information about the SSH server and the SSH client see the software configu...

Page 276: ...on and configuration information for the SSH server For syntax information select Cisco IOS Release 12 2 Configuration Guides and Command References Cisco IOS Security Command Reference Release 12 2 Other Security Features Secure Shell Commands show ssh Displays the status of the SSH server For syntax information select Cisco IOS Release 12 2 Configuration Guides and Command References Cisco IOS S...

Page 277: ...you configure a private VLAN sticky ARP is enabled on the switch the default If you enter the ip sticky arp interface configuration command it does not take effect If you enter the no ip sticky arp interface configuration command you do not disable sticky ARP on an interface Note We recommend that you use the show arp privileged EXEC command to display and verify private VLAN interface ARP entries...

Page 278: ...le sticky ARP on an interface when sticky ARP is disabled on the switch Examples To disable sticky ARP Switch config no ip sticky arp You can verify your settings by using the show arp privileged EXEC command Related Commands Command Description arp Adds a permanent entry in the ARP table For syntax information see the Cisco IOS IP Addressing Services Command Reference Release 12 4 ARP Commands sh...

Page 279: ...ARP entries are those learned on SVIs and Layer 3 interfaces These entries do not age out The ip sticky arp interface configuration command is only supported on Layer 3 interfaces SVIs belonging to normal VLANs SVIs belonging to private VLANs On a Layer 3 interface or on an SVI belonging to a normal VLAN Use the sticky arp interface configuration command to enable sticky ARP Use the no sticky arp ...

Page 280: ...tries Use the arp ip address hardware address type global configuration command to add a private VLAN ARP entry Use the no sticky arp global configuration command to disable sticky ARP on the switch Use the no sticky arp interface configuration command to disable sticky ARP on an interface Examples To enable sticky ARP on a normal SVI Switch config if ip sticky arp To disable sticky ARP on a Layer...

Page 281: ... ip verify source port security interface configuration command To enable IP source guard with source IP and MAC address filtering you must enable port security on the interface Examples This example shows how to enable IP source guard with source IP address filtering Switch config if ip verify source This example shows how to enable IP source guard with source IP and MAC address filtering Switch ...

Page 282: ...ccess list command is similar to the ip access list command but it is IPv6 specific Note IPv6 ACLs are defined by a unique name IPv6 does not support numbered ACLs An IPv4 ACL and an IPv6 ACL cannot share the same name See the deny IPv6 access list configuration and permit IPv6 access list configuration commands for more information on filtering IPv6 traffic based on IPv6 option headers and option...

Page 283: ...ies the ACL to outbound traffic on an interface The first ACL entry prevents all packets from the network FE80 0 0 2 64 packets that have the link local prefix FE80 0 0 2 as the first 64 bits of their source IPv6 address from leaving the interface The second entry in the ACL permits all other traffic to leave the interface The second entry is necessary because an implicit deny all condition is at ...

Page 284: ...ines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch The ipv6 address dhcp interface configuration command allows any interface to dynamically learn its IPv6 address by using the DHCP protocol The rapid commit keyword enables the use of the two message exchange for address allocation and other conf...

Page 285: ...ts or keywords Defaults No default is defined Command Modes Interface configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch Use the ipv6 dhcp client request vendor interface configuration to request a vendor specific option When enabled the command is checke...

Page 286: ...emplate on the switch Syntax Description Defaults The default is 0 Command Modes Global configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch The DHCPv6 server pings a pool address before assigning the address to a requesting client If the ping is unanswered...

Page 287: ...Switch 3130 and 3032 for Dell Cisco IOS Commands ipv6 dhcp ping packets Related Commands Command Description clear ipv6 dhcp conflict Clears an address conflict from the DHCPv6 server database show ipv6 dhcp conflict Displays address conflicts found by a DHCPv6 server or reported through a DECLINE message from a client ...

Page 288: ...pv6 dhcp pool command enables the DHCPv6 pool configuration mode These configuration commands are available address prefix IPv6 prefix sets an address prefix for address assignment This address must be in hexadecimal using 16 bit values between colons lifetime t1 t2 sets a valid and a preferred time interval in seconds for the IPv6 address The range is 5 to 4294967295 seconds The valid default is ...

Page 289: ...matching a link address without necessarily allocating an address You can match the pool from multiple relays by using multiple link address configuration commands inside a pool Because a longest match is performed on either the address pool information or the link information you can configure one pool to allocate addresses and another pool on a subprefix that only returns configured options Exam...

Page 290: ... when allocating addresses for a client When an IPv6 DHCP packet is received by the server the server determines if it was received from a DHCP relay or if it was directly received from the client If the packet was received from a relay the server verifies the link address field inside the packet associated with the first relay that is closest to the client The server matches this link address aga...

Page 291: ... client immediately sends a request message to the server from which the message was received If the allow hint keyword is specified the server allocates a valid client suggested address in the solicit and request messages The prefix address is valid if it is in the associated local prefix address pool and it is not assigned to a device If the allow hint keyword is not specified the server ignores...

Page 292: ... MLD snooping must be globally enabled before VLAN snooping will take place Command Modes Global configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch When MLD snooping is globally disabled it is disabled on all the existing VLAN interfaces When you globally...

Page 293: ...le MLD snooping Switch config ipv6 mld snooping This example shows how to disable MLD snooping on a VLAN Switch config no ipv6 mld snooping vlan 11 You can verify your settings by entering the show ipv6 mld snooping user EXEC command Related Commands Command Description sdm prefer Configures an SDM template to optimize system resources based on how the switch is being used show ipv6 mld snooping D...

Page 294: ...n Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch In MLD snooping the IPv6 multicast router periodically sends out queries to hosts belonging to the multicast group If a host wants to leave a multicast group it can silently leave or it can respond to the query with ...

Page 295: ...1 This example shows how to set the last listener query count for VLAN 10 Switch config ipv6 mld snooping vlan 10 last listener query count 3 You can verify your settings by entering the show ipv6 mld snooping vlan vlan id user EXEC command Related Commands Command Description ipv6 mld snooping last listener query interval Sets IPv6 MLD snooping last listener query interval sdm prefer Configures a...

Page 296: ...AN query interval maximum response time is 0 the global count is used Command Modes Global configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch In MLD snooping when the IPv6 multicast router receives an MLD leave message it sends out queries to hosts belong...

Page 297: ...his example shows how to set the last listener query interval for VLAN 1 to 5 5 seconds Switch config ipv6 mld snooping vlan 1 last listener query interval 5500 You can verify your settings by entering the show ipv6 MLD snooping vlan vlan id user EXEC command Related Commands Command Description ipv6 mld snooping last listener query count Sets IPv6 MLD snooping last listener query count sdm prefer...

Page 298: ... Default The default is for MLD snooping listener message suppression to be disabled Command Modes Global configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch MLD snooping listener message suppression is equivalent to IGMP snooping report suppression When e...

Page 299: ...0 and 3032 for Dell Cisco IOS Commands ipv6 mld snooping listener message suppression Related Commands Command Description ipv6 mld snooping Enables IPv6 MLD snooping sdm prefer Configures an SDM template to optimize system resources based on how the switch is being used show ipv6 mld snooping Displays MLD snooping configuration ...

Page 300: ...riable number of queries before aging out a multicast address is 0 which means that the system uses the global robustness variable for aging out the listener Command Modes Global configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch Robustness is measured in...

Page 301: ...ing robustness variable 3 This example shows how to configure the robustness variable for VLAN 1 This value overrides the global configuration for the VLAN Switch config ipv6 mld snooping vlan 1 robustness variable 1 You can verify your settings by entering the show ipv6 mld snooping vlan vlan id user EXEC command Related Commands Command Description ipv6 mld snooping last listener query count Set...

Page 302: ...Description Command Default TCN query soliciting is disabled When enabled the default flood query count is 2 Command Modes Global configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch Examples This example shows how to enable TCN query soliciting Switch conf...

Page 303: ... 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands ipv6 mld snooping tcn Related Commands Command Description sdm prefer Configures an SDM template to optimize system resources based on how the switch is being used show ipv6 mld snooping Displays MLD snooping configuration ...

Page 304: ...tatic IPv6 multicast groups By default there are no multicast router ports Command Modes Global configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch You should only configure the Immediate Leave feature when there is only one receiver on every port in the V...

Page 305: ...ample shows how to enable MLD Immediate Leave processing on VLAN 1 Switch config ipv6 mld snooping vlan 1 immediate leave This example shows how to disable MLD Immediate Leave processing on VLAN 1 Switch config no ipv6 mld snooping vlan 1 immediate leave This example shows how to configure a port as a multicast router port Switch config ipv6 mld snooping vlan 1 mrouter interface gigabitethernet1 0...

Page 306: ...on Defaults Filtering of IPv6 traffic on an interface is not configured Command Modes Interface configuration Command History Usage Guidelines To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch You can use the ipv6 traffic filter command on physical interfaces Layer 2 or Layer 3 ports Layer 3 port cha...

Page 307: ...ess list named cisco Switch config interface gigabitethernet1 0 1 Switch config if no switchport Switch config if ipv6 address 2001 64 eui 64 Switch config if ipv6 traffic filter cisco in Related Commands Command Description ipv6 access list Defines an IPv6 access list and sets deny or permit conditions for the defined access list show ipv6 access list Displays the contents of all current IPv6 acc...

Page 308: ...ets The default is no drop threshold for the number of Layer 2 protocol packets l2protocol tunnel Enable point to multipoint tunneling of CDP STP and VTP packets cdp Optional Enable tunneling of CDP specify a shutdown threshold for CDP or specify a drop threshold for CDP stp Optional Enable tunneling of STP specify a shutdown threshold for STP or specify a drop threshold for STP vtp Optional Enabl...

Page 309: ... tunneling for PAgP LACP and UDLD individually or for all three protocols Caution PAgP LACP and UDLD tunneling is only intended to emulate a point to point topology An erroneous configuration that sends tunneled packets to many ports could lead to a network failure Enter the shutdown threshold keyword to control the number of protocol packets per second that are received on an interface before it ...

Page 310: ...e drop threshold as 400 packets per second Switch config if l2protocol tunnel stp Switch config if l2protocol tunnel drop threshold stp 400 This example shows how to enable point to point protocol tunneling for PAgP and UDLD packets and to configure the PAgP drop threshold as 1000 packets per second Switch config if l2protocol tunnel point to point pagp Switch config if l2protocol tunnel point to ...

Page 311: ...the default is 5 for all tunneled Layer 2 protocol packets Command Modes Global configuration Command History Usage Guidelines When enabled the tunneled Layer 2 protocol packets use this CoS value The value is saved in NVRAM Examples This example shows how to configure a Layer 2 protocol tunnel CoS value of 7 Switch config l2protocol tunnel cos 7 Related Commands value Specify CoS priority value f...

Page 312: ...t ports can be in standby mode In port priority comparisons a numerically lower value has a higher priority When there are more than eight ports in an LACP channel group the eight ports with the numerically lowest values highest priority values for LACP port priority are bundled into the channel group and the lower priority ports are put in hot standby mode If two or more ports have the same LACP ...

Page 313: ...config interface gigabitethernet2 0 1 Switch config if lacp port priority 1000 You can verify your settings by entering the show lacp channel group number internal privileged EXEC command Related Commands Command Description channel group Assigns an Ethernet port to an EtherChannel group lacp system priority Configures the LACP system priority show lacp channel group number internal Displays inter...

Page 314: ...e channel and which ports are put in hot standby mode Port priorities on the other switch the noncontrolling end of the link are ignored In priority comparisons numerically lower values have higher priority Therefore the system with the numerically lower value higher priority value for LACP system priority becomes the controlling system If both switches have the same LACP system priority for examp...

Page 315: ...lyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands lacp system priority Related Commands Command Description channel group Assigns an Ethernet port to an EtherChannel group lacp port priority Configures the LACP port priority show lacp sys id Displays the system identifier that is being used by LACP ...

Page 316: ...undled together The downstream interfaces are bound to the upstream interfaces Interfaces connected to servers are referred to as downstream interfaces and interfaces connected to distribution switches and network devices are referred to as upstream interfaces For more information about the interactions between the downstream and upstream interfaces see the Configuring EtherChannels and Link State...

Page 317: ...Switch config if end You can verify your settings by entering the show running config privileged EXEC command Related Commands Command Description link state track Enables a link state group show link state group Displays the link state group information show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference lis...

Page 318: ...h config link state track 2 You can verify your settings by entering the show running config privileged EXEC command Related Commands number Optional Specify the link state group number For a stacking capable switch the group number can be 1 to 10 For a nonstacking capable switch the group number can be from 1 to 2 The default is 1 Release Modification 12 2 40 EX1 This command was introduced Comma...

Page 319: ...ormation interface configuration command to disable the location TLV The location TLV is enabled by default For more information see the Configuring LLDP and LLDP MED chapter of the software configuration guide for this release Examples This example shows how to configure civic location information on the switch Switch config location civic location identifier 1 Switch config civic number 3550 Swi...

Page 320: ...ws how to configure the emergency location information location on the switch Switch config location elin location 14085553881 identifier 1 You can verify your settings by entering the show location elin privileged EXEC command Related Commands Command Description location interface configuration Configures the location information for an interface show location Displays the location information f...

Page 321: ...er civic location information for an interface Switch config if interface gigabitethernet1 0 1 Switch config if location civic location id 1 Switch config if end Switch config if interface gigabitethernet2 0 1 Switch config if location civic location id 1 Switch config if end You can verify your settings by entering the show location civic interface privileged EXEC command This example shows how t...

Page 322: ...pter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands location interface configuration Related Commands Command Description location global configuration Configures the location information for an endpoint show location Displays the location information for an endpoint ...

Page 323: ...nd name of the file that contains the log messages The syntax for the local flash file system on the stack member or the stack master flash From the stack master the syntax for the local flash file system on a stack member flash member number max file size Optional Specify the maximum logging file size The range is 4096 to 2147483647 nomax Optional Specify the maximum file size of 2147483647 min f...

Page 324: ... filename global configuration command After saving the log to flash memory by using the logging file flash filename global configuration command you can use the more flash filename privileged EXEC command to display its contents The command rejects the minimum file size if it is greater than the maximum file size minus 1024 the minimum file size then becomes the maximum file size minus 1024 Speci...

Page 325: ...raffic on the same Layer 2 interface by applying both an IP ACL and a MAC ACL to the interface You can apply no more than one IP access list and one MAC access list to the same Layer 2 interface If a MAC ACL is already configured on a Layer 2 interface and you apply a new MAC ACL to the interface the new ACL replaces the previously configured one If you apply an ACL to a Layer 2 interface on a swi...

Page 326: ...ss group privileged EXEC command You can see configured ACLs on the switch by entering the show access lists privileged EXEC command Related Commands Command Description show access lists Displays the ACLs configured on the switch show mac access group Displays the MAC ACLs configured on the switch show running config Displays the operating configuration For syntax information use this link to the...

Page 327: ...lines MAC named extended lists are used with VLAN maps and class maps You can apply named MAC extended ACLs to VLAN maps or to Layer 2 interfaces you cannot apply named MAC extended ACLs to Layer 3 interfaces Entering the mac access list extended command enables the MAC access list configuration mode These configuration commands are available default sets a command to its default deny specifies pa...

Page 328: ...macl This example shows how to delete MAC named extended access list mac1 Switch config no mac access list extended mac1 You can verify your settings by entering the show access lists privileged EXEC command Related Commands Command Description deny MAC access list configuration permit MAC access list configuration Configures the MAC ACL in extended MAC access list configuration mode show access l...

Page 329: ... Usage Guidelines If hosts do not send continuously increase the aging time to record the dynamic entries for a longer time Increasing the time can reduce the possibility of flooding when the hosts send again If you do not specify a specific VLAN this command sets the aging time for all VLANs Examples This example shows how to set the aging time to 200 seconds for all VLANs Switch config mac addre...

Page 330: ...iguration Disabling MAC address learning on a VLAN could cause flooding in the network For example if you disable MAC address learning on a VLAN with a configured switch virtual interface SVI the switch floods all IP packets in the Layer 2 domain If you disable MAC address learning on a VLAN that includes more than two ports every packet entering the switch is flooded in that VLAN domain We recomm...

Page 331: ...e port If you later disable port security on the interface the disabled MAC address learning state is enabled Examples This example shows how to disable MAC address learning on VLAN 2003 Switch config no mac address table learning vlan 2003 To display MAC address learning status of all VLANs or a specified VLAN enter the show mac address table learning vlan vlan id command Related Commands Command...

Page 332: ...rwarding traffic You can configure the access switch to send the MAC address table move update messages if the primary link goes down and the standby link comes up You can configure the uplink switches to receive and process the MAC address table move update messages Examples This example shows how to configure an access switch to send MAC address table move update messages Switch configure termin...

Page 333: ...S Commands mac address table move update Related Commands Command Description clear mac address table move update Clears the MAC address table move update global counters debug matm move update Debugs the MAC address table move update message processing show mac address table move update Displays the MAC address table move update information on the switch ...

Page 334: ...anagement system NMS whenever a new MAC address is added or an old address is deleted from the forwarding tables MAC notifications are generated only for dynamic and secure MAC addresses Events are not generated for self addresses multicast addresses or other static addresses When you configure the history size option the existing MAC address history table is deleted and a new table is created You...

Page 335: ...ication interval 60 Switch config mac address table notification history size 100 You can verify your settings by entering the show mac address table notification privileged EXEC command Related Commands Command Description clear mac address table notification Clears the MAC address notification global counters show mac address table notification Displays the MAC address notification settings on a...

Page 336: ...f3 220a 12f4 to the MAC address table When a packet is received in VLAN 4 with this MAC address as its destination the packet is forwarded to the specified interface Switch config mac address table static c2f3 220a 12f4 vlan 4 interface gigabitethernet6 0 1 You can verify your setting by entering the show mac address table privileged EXEC command Related Commands mac addr Destination MAC address u...

Page 337: ... not supported Packets that are forwarded to the CPU are also not supported If you add a unicast MAC address as a static address and configure unicast MAC address filtering the switch either adds the MAC address as a static address or drops packets with that MAC address depending on which command was entered last The second command that you entered overrides the first command For example if you en...

Page 338: ...ion address of c2f3 220a 12f4 When a packet is received in VLAN 4 with this MAC address as its source or destination the packet is dropped Switch config mac address table static c2f3 220a 12f4 vlan 4 drop This example shows how to disable unicast MAC address filtering Switch config no mac address table static c2f3 220a 12f4 vlan 4 You can verify your setting by entering the show mac address table ...

Page 339: ...ds to designate values specific to the interface Keyword matching is case sensitive All matching occurrences of the keyword are replaced with the corresponding value Any full match of a keyword even if it is part of a larger string is considered a match and is replaced by the corresponding value Some macros might contain keywords that require a parameter value You can use the macro apply macro nam...

Page 340: ...remaining interfaces You can delete a macro applied configuration on an interface by entering the default interface interface id interface configuration command Examples After you have created a macro by using the macro name global configuration command you can apply it to an interface This example shows how to apply a user created macro called duplex to an interface Switch config if macro apply d...

Page 341: ...itch config interface gigabitethernet1 0 4 Switch config if macro apply cisco desktop AVID 25 Related Commands Command Description macro description Adds a description about the macros that are applied to an interface macro global Applies a macro on a switch or applies and traces a macro on a switch macro global description Adds a description about the macros that are applied to the switch macro n...

Page 342: ...rface When multiple macros are applied on a single interface the description text will be from the last applied macro This example shows how to add a description to an interface Switch config if macro description duplex settings You can verify your settings by entering the show parser macro description privileged EXEC command Related Commands description text Enter a description about the macros t...

Page 343: ...er value keywords to designate values specific to the switch Keyword matching is case sensitive All matching occurrences of the keyword are replaced with the corresponding value Any full match of a keyword even if it is part of a larger string is considered a match and is replaced by the corresponding value Some macros might contain keywords that require a parameter value You can use the macro glo...

Page 344: ...the macro Examples After you have created a new macro by using the macro name global configuration command you can apply it to a switch This example shows how see the snmp macro and how to apply the macro and set the hostname to test server and set the IP precedence value to 7 Switch show parser macro name snmp Macro name snmp Macro type customizable enable port security linkup and linkdown traps ...

Page 345: ...mand Description macro apply Applies a macro on an interface or applies and traces a macro on an interface macro description Adds a description about the macros that are applied to an interface macro global description Adds a description about the macros that are applied to the switch macro name Creates a macro show parser macro Displays the macro definition for all macros or for the specified mac...

Page 346: ... macro name with a switch When multiple macros are applied on a switch the description text will be from the last applied macro This example shows how to add a description to a switch Switch config macro global description udld aggressive mode enabled You can verify your settings by entering the show parser macro description privileged EXEC command Related Commands description text Enter a descrip...

Page 347: ... macro keywords only the first three are shown Macro names are case sensitive For example the commands macro name Sample Macro and macro name sample macro will result in two separate macros When creating a macro do not use the exit or end commands or change the command mode by using interface interface id This could cause commands that follow exit end or interface interface id to execute in a diff...

Page 348: ...h config interface gigabitethernet1 0 1 Switch config if macro apply test WORD keyword to replace with a value e g VLANID MAX cr Switch config if macro apply test VLANID WORD Value of first keyword to replace Switch config if macro apply test VLANID 2 WORD keyword to replace with a value e g VLANID MAX cr Switch config if macro apply test VLANID 2 MAX WORD Value of second keyword to replace Relate...

Page 349: ...cess map global configuration command You must enter one access list name or number others are optional You can match packets against one or more access lists Matching any of the lists counts as a match of the entry In access map configuration mode use the match command to define the match conditions for a VLAN map applied to a VLAN Use the action command to set the action that occurs when the pac...

Page 350: ...vmap4 vlan list 5 6 You can verify your settings by entering the show vlan access map privileged EXEC command Related Commands Command Description access list Configures a standard numbered ACL For syntax information select Cisco IOS IP Command Reference Volume 1 of 3 Addressing and Services Release 12 2 IP Services Commands action Specifies the action to be taken if the packet matches an entry in...

Page 351: ... or name Number or name of an IP standard or extended access control list ACL or MAC ACL For an IP standard ACL the ACL index range is 1 to 99 and 1300 to 1999 For an IP extended ACL the ACL index range is 100 to 199 and 2000 to 2699 input interface interface id list Specify the physical ports to which the interface level class map in a hierarchical policy map applies This command can only be used...

Page 352: ...monics enter the match ip dscp or the match ip precedence command to see the command line help strings Use the input interface interface id list keyword when you are configuring an interface level class map in a hierarchical policy map For the interface id list you can specify up to six entries Examples This example shows how to create a class map called class2 which matches all the incoming traff...

Page 353: ...e level class map in a hierarchical policy map applies Switch config class map match all class4 Switch config cmap match input interface gigabitethernet2 0 1 gigabitethernet2 0 5 Switch config cmap exit You can verify your settings by entering the show class map privileged EXEC command Related Commands Command Description class map Creates a class map to be used for matching packets to the class w...

Page 354: ...hen you enable auto MDIX on an interface you must also set the interface speed and duplex to auto so that the feature operates correctly When auto MDIX and autonegotiation of speed and duplex is enabled on one or both of connected interfaces link up occurs even if the cable type straight through or crossover is incorrect Auto MDIX is supported on all 10 100 and 10 100 1000 Mb s interfaces and on 1...

Page 355: ...pter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands mdix auto Related Commands Command Description show controllers ethernet controller interface id phy Displays general information about internal registers of an interface including the operational state of auto MDIX ...

Page 356: ... and CoS value is set to 0 without any policing No policy maps are configured The default port trust state on all ports is untrusted The default ingress and egress queue settings are in effect Command Modes Global configuration Command History Usage Guidelines QoS must be globally enabled to use QoS classification policing mark down or drop queueing and traffic shaping features You can create a po...

Page 357: ...de Switch 3130 and 3032 for Dell Command Reference OL 13271 03 Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands mls qos Related Commands Command Description show mls qos Displays QoS information ...

Page 358: ...rs on the switch 255 user configurable policers plus 1 policer reserved for internal use The maximum number of configurable policers supported per port is 63 Policers are allocated on demand by the software and are constrained by the hardware and ASIC boundaries You cannot reserve policers per port there is no guarantee that a port will be assigned to any policer You apply an aggregate policer to ...

Page 359: ... release Examples This example shows how to define the aggregate policer parameters and how to apply the policer to multiple classes in a policy map Switch config mls qos aggregate policer agg_policer1 1000000 1000000 exceed action drop Switch config policy map policy2 Switch config pmap class class1 Switch config pmap c police aggregate agg_policer1 Switch config pmap c exit Switch config pmap cl...

Page 360: ... assign a default CoS and DSCP value to all incoming packets by using the override keyword Use the override keyword when all incoming packets on certain ports deserve higher or lower priority than packets entering from other ports Even if a port is previously set to trust DSCP CoS or IP precedence this command overrides the previously configured trust state and all the incoming CoS values are assi...

Page 361: ...how to assign all the packets entering a port to the default port CoS value of 4 on a port Switch config interface gigabitethernet2 0 1 Switch config if mls qos cos 4 Switch config if mls qos cos override You can verify your settings by entering the show mls qos interface privileged EXEC command Related Commands Command Description show mls qos interface Displays quality of service QoS information...

Page 362: ...n You apply the DSCP to DSCP mutation map to the receiving port ingress mutation at the boundary of a quality of service QoS administrative domain With ingress mutation the new DSCP value overwrites the one in the packet and QoS handles the packet with this new value The switch sends the packet out the port with the new DSCP value You can configure multiple DSCP to DSCP mutation maps on ingress po...

Page 363: ... to DSCP mutation map name dscpmutation1 from the port and to reset the map to the default Switch config if no mls qos dscp mutation dscpmutation1 You can verify your settings by entering the show mls qos maps privileged EXEC command Related Commands Command Description mls qos map dscp mutation Defines the DSCP to DSCP mutation map mls qos trust Configures the port trust state show mls qos maps D...

Page 364: ...values 0 to 7 Separate each DSCP value with a space The range is 0 to 63 dscp cos dscp list to cos Define the DSCP to CoS map For dscp list enter up to eight DSCP values with each value separated by a space The range is 0 to 63 Then enter the to keyword For cos enter a single CoS value to which the DSCP values correspond The range is 0 to 7 dscp mutation dscp mutation name in dscp to out dscp Defi...

Page 365: ...CP map Table 2 7 shows the default DSCP to CoS map Table 2 8 shows the default IP precedence to DSCP map Table 2 6 Default CoS to DSCP Map CoS Value DSCP Value 0 0 1 8 2 16 3 24 4 32 5 40 6 48 7 56 Table 2 7 Default DSCP to CoS Map DSCP Value CoS Value 0 7 0 8 15 1 16 23 2 24 31 3 32 39 4 40 47 5 48 55 6 56 63 7 Table 2 8 Default IP Precedence to DSCP Map IP Precedence Value DSCP Value 0 0 1 8 2 1...

Page 366: ...d are not modified Switch configure terminal Switch config mls qos map policed dscp 1 2 3 4 5 6 to 0 This example shows how to define the DSCP to CoS map DSCP values 20 21 22 23 and 24 are mapped to CoS 1 DSCP values 10 11 12 13 14 15 16 and 17 are mapped to CoS 0 Switch configure terminal Switch config mls qos map dscp cos 20 21 22 23 24 to 1 Switch config mls qos map dscp cos 10 11 12 13 14 15 1...

Page 367: ...1 03 Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands mls qos map Related Commands Command Description mls qos dscp mutation Applies a DSCP to DSCP mutation map to a DSCP trusted port show mls qos maps Displays quality of service QoS mapping information ...

Page 368: ...e highest priority traffic To configure different classes of traffic with different characteristics use this command with the mls qos queue set output qset id threshold global configuration command Note The egress queue default settings are suitable for most situations You should change them only when you have a thorough understanding of the egress queues and if these settings do not meet your QoS...

Page 369: ...rface id buffers or the show mls qos queue set privileged EXEC command Related Commands Command Description mls qos queue set output threshold Configures the weighted tail drop WTD thresholds guarantees the availability of buffers and configures the maximum memory allocation to a queue set queue set Maps a port to a queue set show mls qos interface buffers Displays quality of service QoS informati...

Page 370: ... of the queue set Each port belongs to a queue set which defines all the characteristics of the four egress queues per port The range is 1 to 2 queue id Specific queue in the queue set on which the command is performed The range is 1 to 4 drop threshold1 drop threshold2 Two WTD thresholds expressed as a percentage of the allocated memory of the queue The range is 1 to 3200 percent reserved thresho...

Page 371: ...ether to grant buffer space to a requesting queue The switch decides whether the target queue has not consumed more buffers than its reserved amount under limit whether it has consumed all of its maximum buffers over limit and whether the common pool is empty no free buffers or not empty free buffers If the queue is not over limit the switch can allocate buffer space from the reserved pool or from...

Page 372: ... in the incoming packet and the DSCP field in the outgoing packet is the same as that in the incoming packet Note Enabling DSCP transparency does not affect the port trust settings on IEEE 802 1Q tunneling ports By default DSCP transparency is disabled The switch modifies the DSCP field in an incoming packet and the DSCP field in the outgoing packet is based on the quality of service QoS configura...

Page 373: ...arency and configure the switch to change the DSCP value of the incoming IP packet Switch config mls qos Switch config mls qos rewrite ip dscp You can verify your settings by entering the show running config include rewrite privileged EXEC command Related Commands Command Description mls qos Enables QoS globally show mls qos Displays QoS information show running config include rewrite Displays the...

Page 374: ...the mls qos srr queue input priority queue queue id bandwidth weight global configuration command Then SRR shares the remaining bandwidth with both ingress queues and services them as specified by the weights configured with the mls qos srr queue input bandwidth weight1 weight2 global configuration command You specify which ingress queue is the priority queue by using the mls qos srr queue input p...

Page 375: ...r queue input bandwidth 4 4 You can verify your settings by entering the show mls qos interface interface id queueing or the show mls qos input queue privileged EXEC command Related Commands Command Description mls qos srr queue input buffers Allocates the buffers between the ingress queues mls qos srr queue input cos map Maps class of service CoS values to an ingress queue or maps CoS values to a...

Page 376: ...t of the buffers is allocated to queue 1 and 10 percent of the buffers is allocated to queue 2 Command Modes Global configuration Command History Usage Guidelines You should allocate the buffers so that the queues can handle any incoming bursty traffic Examples This example shows how to allocate 60 percent of the buffer space to ingress queue 1 and 40 percent of the buffer space to ingress queue 2...

Page 377: ...e CoS values to an ingress queue or maps CoS values to a queue and to a threshold ID mls qos srr queue input dscp map Maps Differentiated Services Code Point DSCP values to an ingress queue or maps DSCP values to a queue and to a threshold ID mls qos srr queue input priority queue Configures the ingress priority queue and guarantees bandwidth mls qos srr queue input threshold Assigns weighted tail...

Page 378: ...uration Command History Usage Guidelines The CoS assigned at the ingress port selects an ingress or egress queue and threshold The drop threshold percentage for threshold 3 is predefined It is set to the queue full state You can assign two weighted tail drop WTD threshold percentages to an ingress queue by using the mls qos srr queue input threshold global configuration command queue queue id Spec...

Page 379: ...1 2 3 Switch config mls qos srr queue input cos map queue 1 threshold 2 4 5 Switch config mls qos srr queue input threshold 1 50 70 You can verify your settings by entering the show mls qos maps privileged EXEC command Related Commands Command Description mls qos srr queue input bandwidth Assigns shaped round robin SRR weights to an ingress queue mls qos srr queue input buffers Allocates the buffe...

Page 380: ...nfiguration Command History Usage Guidelines The DSCP assigned at the ingress port selects an ingress or egress queue and threshold The drop threshold percentage for threshold 3 is predefined It is set to the queue full state You can assign two weighted tail drop WTD threshold percentages to an ingress queue by using the mls qos srr queue input threshold global configuration command queue queue id...

Page 381: ...p queue 1 threshold 1 0 1 2 3 4 5 6 Switch config mls qos srr queue input dscp map queue 1 threshold 2 20 21 22 23 24 25 26 Switch config mls qos srr queue input threshold 1 50 70 You can verify your settings by entering the show mls qos maps privileged EXEC command Related Commands Command Description mls qos srr queue input bandwidth Assigns shaped round robin SRR weights to an ingress queue mls...

Page 382: ...ter The priority queue is guaranteed part of the bandwidth on the stack or internal ring which reduces the delay and jitter under heavy network traffic on an oversubscribed ring or stack when there is more traffic than the backplane can carry and the queues are full and dropping frames The amount of bandwidth that can be guaranteed is restricted because a large value affects the entire stack and c...

Page 383: ...g mls qos srr queue input bandwidth 4 4 You can verify your settings by entering the show mls qos interface interface id queueing or the show mls qos input queue privileged EXEC command Related Commands Command Description mls qos srr queue input bandwidth Assigns shaped round robin SRR weights to an ingress queue mls qos srr queue input buffers Allocates the buffers between the ingress queues mls...

Page 384: ...opped until the threshold is no longer exceeded However packets assigned to threshold 2 continue to be queued and sent as long as the second threshold is not exceeded Each queue has two configurable explicit drop threshold and one preset implicit drop threshold full You configure the CoS to threshold map by using the mls qos srr queue input cos map global configuration command You configure the DS...

Page 385: ...tes the buffers between the ingress queues mls qos srr queue input cos map Maps class of service CoS values to an ingress queue or maps CoS values to a queue and to a threshold ID mls qos srr queue input dscp map Maps Differentiated Services Code Point DSCP values to an ingress queue or maps DSCP values to a queue and to a threshold ID mls qos srr queue input priority queue Configures the ingress ...

Page 386: ...threshold id cos1 cos8 no mls qos srr queue output cos map Syntax Description Defaults Table 2 12 shows the default CoS output queue threshold map Command Modes Global configuration Command History queue queue id Specify a queue number For queue id the range is 1 to 4 cos1 cos8 Map CoS values to an egress queue For cos1 cos8 enter up to eight values and separate each value with a space The range i...

Page 387: ...p thresholds for queue 1 to 50 and 70 percent of the allocated memory guarantees reserves 100 percent of the allocated memory and configures 200 percent as the maximum memory that this queue can have before packets are dropped Switch config mls qos srr queue output cos map queue 1 threshold 1 0 1 2 3 Switch config mls qos queue set output 1 threshold 1 50 70 100 200 Switch config interface gigabit...

Page 388: ...old id dscp1 dscp8 no mls qos srr queue output dscp map Syntax Description Defaults Table 2 13 shows the default DSCP output queue threshold map Command Modes Global configuration Command History queue queue id Specify a queue number For queue id the range is 1 to 4 dscp1 dscp8 Map DSCP values to an egress queue For dscp1 dscp8 enter up to eight values and separate each value with a space The rang...

Page 389: ...nfigures the drop thresholds for queue 1 to 50 and 70 percent of the allocated memory guarantees reserves 100 percent of the allocated memory and configures 200 percent as the maximum memory that this queue can have before packets are dropped Switch config mls qos srr queue output dscp map queue 1 threshold 1 0 1 2 3 Switch config mls qos queue set output 1 threshold 1 50 70 100 200 Switch config ...

Page 390: ...raffic When a port is configured with trust DSCP or trust IP precedence and the incoming packet is a non IP packet the CoS to DSCP map is used to derive the corresponding DSCP value from the CoS value The CoS can be the packet CoS for trunk ports or the port default CoS for nontrunk ports If the DSCP is trusted the DSCP field of the IP packet is not modified However it is still possible that the C...

Page 391: ...t to the DSCP trusted state and apply the DSCP to DSCP mutation map if the DSCP values are different between the QoS domains Classification using a port trust state for example mls qos trust cos dscp ip precedence and a policy map for example service policy input policy map name are mutually exclusive The last one configured overwrites the previous configuration Examples This example shows how to ...

Page 392: ...port if the port is to be specified in the secondary interface level of the hierarchical policy map When you configure hierarchical policing the hierarchical policy map is attached to the SVI and affects all traffic belonging to the VLAN The individual policer in the interface level traffic classification only affects the physical ports specified for that classification For detailed instructions a...

Page 393: ...monitor session session_number all local remote no monitor session session_number destination interface interface id encapsulation replicate ingress dot1q vlan vlan id isl untagged vlan vlan id vlan vlan id remote vlan vlan id no monitor session session_number filter vlan vlan id no monitor session session_number source interface interface id both rx tx vlan vlan id both rx tx remote vlan vlan id ...

Page 394: ...specified VLAN as the default VLAN vlan vlan id When used with only the ingress keyword set default VLAN for ingress traffic remote vlan vlan id Specify the remote VLAN for an RSPAN source or destination session The range is 2 to 1001 and 1006 to 4094 The RSPAN VLAN cannot be VLAN 1 the default VLAN or VLAN IDs 1002 to 1005 reserved for Token Ring and FDDI VLANs Optional Specify a series of interf...

Page 395: ...RSPAN destination port however IEEE 802 1x authentication is disabled until the port is removed as a SPAN destination If IEEE 802 1x authentication is not available on the port the switch returns an error message You can enable IEEE 802 1x authentication on a SPAN or RSPAN source port VLAN filtering refers to analyzing network traffic on a selected set of VLANs on trunk source ports By default all...

Page 396: ...monitor session 10 source remote vlan 900 Switch config monitor session 10 destination interface gigabitethernet1 0 2 This example shows how to configure the destination port for ingress traffic on VLAN 5 by using a security device that supports IEEE 802 1Q encapsulation Egress traffic replicates the source ingress traffic uses IEEE 802 1Q encapsulation Switch config monitor session 2 destination ...

Page 397: ...IP multicast address on the switch Use the no form of this command to remove a statically configured IP multicast address or contiguous addresses or when no IP address is entered to remove all statically configured MVR IP multicast addresses count Optional Configure multiple contiguous MVR group addresses The range is 1 to 256 the default is 1 mode Optional Specify the MVR mode of operation The de...

Page 398: ...ing protocol while MVR is enabled MVR is disabled and a warning message appears If you try to enable MVR while multicast routing and a multicast routing protocol are enabled the operation to enable MVR is cancelled with an Error message Examples This example shows how to enable MVR Switch config mvr Use the show mvr privileged EXEC command to display the current setting for maximum multicast group...

Page 399: ...on mvr interface configuration Configures MVR ports show mvr Displays MVR global parameters or port parameters show mvr interface Displays the configured MVR interfaces with their type status and Immediate Leave configuration Also displays all MVR groups of which the interface is a member show mvr members Displays all ports that are members of an MVR multicast group if the group has no members its...

Page 400: ...multicast data bound for the configured multicast groups Multicast data is received on all ports configured as source ports immediate Optional Enable the Immediate Leave feature of MVR on a port Use the no mvr immediate command to disable the feature type Optional Configure the port as an MVR receiver port or a source port The default port type is neither an MVR source nor a receiver port The no m...

Page 401: ... the IP multicast address A port statically configured as a member of group remains a member of the group until statically removed In compatible mode this command applies only to receiver ports in dynamic mode it can also apply to source ports Receiver ports can also dynamically join multicast groups by using IGMP join messages When operating in compatible mode MVR does not support IGMP dynamic jo...

Page 402: ...rofile on an interface you cannot apply the switchport voice vlan command on the interface If switchport voice vlan vlan id is already configured on an interface you can apply a network policy profile on the interface The interface then has the voice or voice signaling VLAN network policy profile applied on the interface Examples This example shows how to apply network policy profile 60 to an inte...

Page 403: ...return to the privileged EXEC mode from the network policy profile configuration mode enter the exit command When you are in network policy profile configuration mode you can create the profile for voice and voice signalling by specifying the values for VLAN class of service CoS differentiated services code point DSCP and tagging mode These profile attributes are then contained in the Link Layer D...

Page 404: ...milar devices that support interactive voice services These devices are typically deployed on a separate VLAN for ease of deployment and enhanced security through isolation from data applications The voice signaling application type is for network topologies that require a different policy for voice signaling than for voice media This application type should not be advertised if all the same netwo...

Page 405: ...cos 4 This example shows how to configure the voice application type for VLAN 100 with a DSCP value of 34 Switch config network policy profile 1 Switch config network policy voice vlan 100 dscp 34 This example shows how to configure the voice application type for the native VLAN with priority tagging Switch config network policy voice vlan dot1p cos 4 Related Commands Command Description network p...

Page 406: ...d to enable the switch to send NMSP location and attachment notifications to a Cisco Mobility Services Engine MSE Examples This example shows how to enable NMSP on a switch and set the location notification time to 10 seconds Switch config nmsp enable Switch config nmsp notification interval location 10 Related Commands enable Enable the NMSP features on the switch notification interval Specify th...

Page 407: ...tachment suppress Syntax Description This command has no arguments or keywords Defaults This command has no default setting Command Modes Interface configuration Command History Usage Guidelines Use the nmsp attachment suppress interface configuration command to configure an interface to not send location and attachment notifications to a Cisco Mobility Services Engine MSE Examples This example sh...

Page 408: ... affects all interfaces that are covered by the designated routing process The switch supports Cisco NSF for OSPF and EIGRP protocols When NSF is enabled and a stack master switchover is detected the NSF capable routers rebuild routing information from NSF aware or NSF capable neighbors and do not wait for a restart Examples This example shows how to enable OSPF NSF Switch config router ospf 100 S...

Page 409: ...ommands nsf Related Commands Command Description router protocol id number Enables a routing process Displays the current operating configuration For syntax information select Cisco IOS IP Command Reference Volume 2 of 3 Routing Protocols Release 12 2 EIGRP Commands and Cisco IOS IP Command Reference Volume 2 of 3 Routing Protocols Release 12 2 OSFP Commands ...

Page 410: ...they are required for PAgP interoperability with devices that only support address learning by physical ports such as the Catalyst 1900 switch When the link partner to the switch is a physical learner we recommend that you configure the switch as a physical port learner by using the pagp learn method physical port interface configuration command and to set the load distribution method based on the...

Page 411: ...agp learn method aggregation port You can verify your settings by entering the show running config privileged EXEC command or the show pagp channel group number internal privileged EXEC command Related Commands Command Description pagp port priority Selects a port over which all traffic through the EtherChannel is sent show pagp Displays PAgP channel group information show running config Displays ...

Page 412: ...g only on aggregate ports even though the physical port keyword is provided in the command line interface CLI The pagp learn method and the pagp port priority interface configuration commands have no effect on the switch hardware but they are required for PAgP interoperability with devices that only support address learning by physical ports such as the Catalyst 1900 switch When the link partner t...

Page 413: ...Provides the ability to learn the source address of incoming packets show pagp Displays PAgP channel group information show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_command_ reference_list html Select the Cisco IOS Commands Master Li...

Page 414: ...ost target mac target mac target mac mask log This command is supported only if your switch is running the IP services feature set Syntax Description Defaults There are no default settings Command Modes ARP access list configuration request Optional Requests a match for the ARP request When request is not specified matching is performed against all ARP packets ip Specify the sender IP address any ...

Page 415: ...ss of 0000 0000 abcd Switch config arp access list static hosts Switch config arp nacl permit ip host 1 1 1 1 mac host 0000 0000 abcd Switch config arp nacl end You can verify your settings by entering the show arp access list privileged EXEC command Related Commands Release Modification 12 2 40 EX1 This command was introduced Command Description arp access list Defines an ARP access control list ...

Page 416: ...trol Message Protocol permit icmp source ipv6 prefix prefix length any host source ipv6 address operator port number destination ipv6 prefix prefix length any host destination ipv6 address operator port number icmp type icmp code icmp message dscp value log log input routing sequence value time range name Transmission Control Protocol permit tcp source ipv6 prefix prefix length any host source ipv...

Page 417: ...gth argument it must match the source port If the operator is positioned after the destination ipv6 prefix prefix length argument it must match the destination port The range operator requires two port numbers All other operators require one port number The optional port number argument is a decimal number or the name of a TCP or a UDP port A port number is a number from 0 to 65535 TCP port names ...

Page 418: ...nt The name of the time range and its restrictions are specified by the time range and absolute or periodic commands respectively icmp type Optional Specify an ICMP message type for filtering ICMP packets ICMP packets can be filtered by the ICMP message type The type is a number from 0 to 255 icmp code Optional Specify an ICMP message code for filtering ICMP packets ICMP packets that are filtered ...

Page 419: ...ast match conditions The two permit conditions allow ICMPv6 neighbor discovery To disallow ICMPv6 neighbor discovery and to deny icmp any any nd na or icmp any any nd ns there must be an explicit deny entry in the ACL For the three implicit statements to take effect an IPv6 ACL must contain at least one entry The IPv6 neighbor discovery process uses the IPv6 network layer service Therefore by defa...

Page 420: ...nfig ipv6 acl deny FE80 0 0 0201 64 any Switch config ipv6 acl permit icmp any any Switch config ipv6 acl exit Switch config ipv6 access list INBOUND Switch config ipv6 acl permit icmp any any Switch config ipv6 acl exit Switch config interface gigabitethernet1 0 3 Switch config if no switchport Switch config if ipv6 address 2001 64 eui 64 Switch config if ipv6 traffic filter OUTBOUND out Switch c...

Page 421: ...AC address host src MAC addr src MAC addr mask Define a host MAC address and optional subnet mask If the source address for a packet matches the defined address non IP traffic from that address is denied host dst MAC addr dst MAC addr mask Define a destination MAC address and optional subnet mask If the destination address for a packet matches the defined address non IP traffic to that address is ...

Page 422: ...must enter an address mask lsap lsap number mask Optional Use the LSAP number 0 to 65535 of a packet with 802 2 encapsulation to identify the protocol of the packet The mask is a mask of don t care bits applied to the LSAP number before testing for a match mop console Optional Select EtherType DEC MOP Remote Console mop dump Optional Select EtherType DEC MOP Dump msdos Optional Select EtherType DE...

Page 423: ... access list to allow NETBIOS traffic from any source to MAC address 00c0 00a0 03fa Traffic matching this list is allowed Switch config ext macl permit any host 00c0 00a0 03fa netbios This example shows how to remove the permit condition from the MAC named extended access list Switch config ext macl no permit any 00c0 00a0 03fa 0000 0000 0000 netbios This example permits all packets with Ethertype...

Page 424: ...re constrained by the hardware and ASIC boundaries You cannot reserve policers per port There is no guarantee that a port will be assigned to any policer To return to policy map configuration mode use the exit command To return to privileged EXEC mode use the end command Policing uses a token bucket algorithm You configure the bucket depth the maximum burst that is tolerated before the bucket over...

Page 425: ...t Switch config policy map policy2 Switch config pmap class class2 Switch config pmap c police 1000000 20000 exceed action policed dscp transmit Switch config pmap c exit You can verify your settings by entering the show policy map privileged EXEC command Related Commands Command Description class Defines a traffic classification match criteria through the police set and trust policy map class con...

Page 426: ...sage Guidelines The port ASIC device which controls more than one physical port supports 256 policers on the switch 255 user configurable policers plus 1 policer reserved for internal use The maximum number of configurable policers supported per port is 63 Policers are allocated on demand by the software and are constrained by the hardware and ASIC boundaries You cannot reserve policers per port T...

Page 427: ... c police aggregate agg_policer1 Switch config pmap c exit Switch config pmap class class2 Switch config pmap c set dscp 10 Switch config pmap c police aggregate agg_policer1 Switch config pmap c exit Switch config pmap class class3 Switch config pmap c trust dscp Switch config pmap c police aggregate agg_policer2 Switch config pmap c exit You can verify your settings by entering the show mls qos ...

Page 428: ...on commands are available class defines the classification match criteria for the specified class map For more information see the class section on page 2 67 description describes the policy map up to 200 characters exit exits policy map configuration mode and returns you to global configuration mode no removes a previously defined policy map rename renames the current policy map To return to glob...

Page 429: ...nfiguring QoS chapter of the software configuration guide for this release Examples This example shows how to create a policy map called policy1 When attached to the ingress port it matches all the incoming traffic defined in class1 sets the IP DSCP to 10 and polices the traffic at an average rate of 1 Mb s and bursts at 20 KB Traffic exceeding the profile is marked down to a DSCP value gotten fro...

Page 430: ...olicy pm test int Switch config pmap c end Switch config cmap exit Switch config interface vlan 10 Switch config if service policy input pm test pm 2 This example shows how to delete policymap2 Switch config no policy map policymap2 You can verify your settings by entering the show policy map privileged EXEC command Related Commands Command Description class Defines a traffic classification match ...

Page 431: ...his release Examples This example shows how to set the load distribution method to dst mac Switch config port channel load balance dst mac You can verify your setting by entering the show running config privileged EXEC command or the show etherchannel load balance privileged EXEC command dst ip Load distribution is based on the destination host IP address dst mac Load distribution is based on the ...

Page 432: ... port channel Accesses or creates the port channel show etherchannel Displays EtherChannel information for a channel show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_comman d_reference_list html Select the Cisco IOS Commands Master List...

Page 433: ...queue is a priority queue and it is serviced until empty before the other queues are serviced Follow these guidelines when the expedite queue is enabled or the egress queues are serviced based on their SRR weights If the egress expedite queue is enabled it overrides the SRR shaped and shared weights for queue 1 If the egress expedite queue is disabled and the SRR shaped and shared weights are conf...

Page 434: ...queue bandwidth share 30 20 25 25 Switch config if no priority queue out You can verify your settings by entering the show mls qos interface interface id queueing or the show running config privileged EXEC command Related Commands Command Description show mls qos interface queueing Displays the queueing strategy SRR priority queueing the weights corresponding to the queues and the CoS to egress qu...

Page 435: ...2 network to merge their Layer 2 databases and to prevent flooding of private VLAN traffic You cannot include VLAN 1 or VLANs 1002 to 1005 in the private VLAN configuration Extended VLANs VLAN IDs 1006 to 4094 can be configured in private VLANs You can associate a secondary isolated or community VLAN with only one primary VLAN A primary VLAN can have one isolated VLAN and multiple community VLANs ...

Page 436: ...a Remote Switched Port Analyzer RSPAN VLAN Do not configure a private VLAN as a voice VLAN Do not configure fallback bridging on switches with private VLANs Although a private VLAN contains more than one VLAN only one STP instance runs for the entire private VLAN When a secondary VLAN is associated with the primary VLAN the STP parameters of the primary VLAN are propagated to the secondary VLAN Fo...

Page 437: ...mmands private vlan Related Commands Command Description show interfaces status Displays the status of interfaces including the VLANs to which they belong show vlan private vlan Displays the private VLANs and VLAN associations configured on the switch or switch stack switchport mode private vlan Configures a private VLAN port as a host port or promiscuous port ...

Page 438: ...rfaces SVIs only for primary VLANs You cannot configure Layer 3 VLAN interfaces for secondary VLANs SVIs for secondary VLANs are inactive while the VLAN is configured as a secondary VLAN The secondary_vlan_list parameter cannot contain spaces It can contain multiple comma separated items Each item can be a single private VLAN ID or a hyphenated range of private VLAN IDs The list can contain one is...

Page 439: ... if private vlan mapping 20 Switch config vlan end This example shows how to permit routing of secondary VLAN traffic from secondary VLANs 303 to 305 and 307 through VLAN 20 SVI Switch configure terminal Switch interface vlan 20 Switch config if private vlan mapping 303 305 307 Switch config vlan end You can verify your setting by entering the show interfaces private vlan mapping privileged EXEC c...

Page 440: ...eue set 2 Switch config interface gigabitethernet2 0 1 Switch config if queue set 2 You can verify your settings by entering the show mls qos interface interface id buffers privileged EXEC command Related Commands qset id ID of the queue set Each port belongs to a queue set which defines all the characteristics of the four egress queues per port The range is 1 to 2 Release Modification 12 2 40 EX1...

Page 441: ...ntication times out The switch dynamically determines the default seconds value that is from 10 to 60 seconds Use the radius server retransmit retries global configuration command to specify the number of times the switch tries to reach the RADIUS servers before considering the servers to be unavailable The switch dynamically determines the default tries value that is from 10 to 100 The seconds pa...

Page 442: ...f times that the switch tries to reach the RADIUS servers before considering the servers to be unavailable For syntax information select Cisco IOS Security Command Reference Release 12 2 Server Security Protocols RADIUS Commands radius server timeout seconds Specifies the time in seconds during which the switch waits for a RADIUS server to respond before the IEEE 802 1x authentication times out Fo...

Page 443: ...tory ip address Specify the IP address of the RADIUS server acct port udp port Optional Specify the UDP port for the RADIUS accounting server The range is from 0 to 65536 auth port udp port Optional Specify the UDP port for the RADIUS authentication server The range is from 0 to 65536 key string Optional Specify the authentication and encryption key for all RADIUS communication between the switch ...

Page 444: ...ng of the RADIUS server status specify the username to be used and configure a key string Switch config radius server host 1 1 1 2 acct port 800 auth port 900 test username aaafail idle time 75 key abc123 You can verify your settings by entering the show running config privileged EXEC command Related Commands Command Description dot1x critical global configuration Configures the parameters for the...

Page 445: ...to save the configuration Examples This example shows how to reload the switch stack Switch config reload System configuration has been modified Save yes no y Proceed to reload the whole Stack confirm y This example shows how to reload a specific stack member Switch config reload slot 6 Proceed with reload confirm y This example shows how to reload a single switch switch stack there is only one me...

Page 446: ...2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands reload Related Commands Command Description switch priority Changes the stack member priority value switch renumber Changes the stack member number show switch Displays information about the switch stack and its stack members ...

Page 447: ... the LINE command to execute string apply to a specific stack member or to the switch stack Examples This example shows how to execute the undebug command on the switch stack Switch config remote command all undebug all Switch 1 All possible debugging has been turned off Switch 5 All possible debugging has been turned off Switch 9 All possible debugging has been turned off This example shows how t...

Page 448: ...witch 3130 and 3032 for Dell Cisco IOS Commands remote command Related Commands Command Description reload Accesses a specific stack member switch priority Changes the stack member priority value switch renumber Changes the stack member number show switch Displays information about the switch stack and its stack members ...

Page 449: ...N configuration mode entered by using the vlan database privileged EXEC command If VLAN Trunking Protocol VTP is enabled the RSPAN feature is propagated by VTP for VLAN IDs that are lower than 1005 If the RSPAN VLAN ID is in the extended range you must manually configure intermediate switches those in the RSPAN VLAN between the source switch and the destination switch Before you configure the RSPA...

Page 450: ...lan remote span This example shows how to remove the RSPAN feature from a VLAN Switch config vlan 901 Switch config vlan no remote span You can verify your settings by entering the show vlan remote span user EXEC command Related Commands Command Description monitor session Enables Switched Port Analyzer SPAN and RSPAN monitoring on a port and configures a port as a source or destination port vlan ...

Page 451: ...oping binding database without checking CRC values in the file Switch renew ip dhcp snooping database validation none You can verify your settings by entering the show ip dhcp snooping database privileged EXEC command flash number filen ame Optional Specify that the database agent or the binding file is in the flash memory Use the number parameter to specify the stack member number of the stack ma...

Page 452: ...itch 3130 and 3032 for Dell Cisco IOS Commands renew ip dhcp snooping database Related Commands Command Description ip dhcp snooping Enables DHCP snooping on a VLAN ip dhcp snooping binding Configures the DHCP snooping binding database show ip dhcp snooping database Displays the status of the DHCP snooping database agent ...

Page 453: ...igured reservations Unreserved addresses that are part of the network or on pool ranges are not offered to the client and other clients are not served by the pool By entering this command users can configure a group of switches with DHCP pools that share a common IP subnet and that ignore requests from clients of other switches To access DHCP pool configuration mode enter the ip dhcp pool name glo...

Page 454: ...2 424 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference OL 13271 03 Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands reserved only ...

Page 455: ...s The RMON statistics collection is disabled Command Modes Interface configuration Command History Usage Guidelines The RMON statistics collection command is based on hardware counters Examples This example shows how to collect RMON statistics for the owner root Switch config interface gigabitethernet2 0 1 Switch config if rmon collection stats 2 owner root You can verify your setting by entering ...

Page 456: ... If you enter the show sdm prefer command before you enter the reload privileged EXEC command the show sdm prefer command shows the template currently in use and the template that will become active after a reload The IPv6 packets are routed in hardware across the stack as long as the packet does not have exceptions IPv6Options and the switches have not run out of hardware resources access Provide...

Page 457: ...ch Entering the sdm prefer routing global configuration command prevents other features from using the memory allocated to unicast routing in the routing template Do not use the ipv4 and ipv6 templates if you do not plan to enable IPv6 routing on the switch Entering the sdm prefer ipv4 and ipv6 default routing vlan global configuration command divides resources between IPv4 and IPv6 limiting those...

Page 458: ...to the default template Switch config no sdm prefer Switch config exit Switch reload You can verify your settings by entering the show sdm prefer privileged EXEC command Related Commands Table 2 16 Approximate Feature Resources Allowed by Dual IPv4 IPv6 Templates Resource Default Routing VLAN Unicast MAC addresses 2 K 1 5 K 8 K IPv4 IGMP groups and multicast routes 1 K 1 K 1 K for IGMP groups 0 fo...

Page 459: ... recovery command to disable some of the functionality of the password recovery feature by allowing an end user to reset a password only by agreeing to return to the default configuration To use the password recovery procedure a user with physical access to the switch holds down the Mode button while the unit powers up and for a second or two after the LED above port 1X turns off When the button i...

Page 460: ...sparent mode we recommend that you also save a copy of the vlan dat file in a location away from the switch When you enter the service password recovery or no service password recovery command on the stack master it is propagated throughout the stack and applied to all switches in the stack You can verify if password recovery is enabled or disabled by entering the show version privileged EXEC comm...

Page 461: ...quality of service QoS is disabled by using the no mls qos vlan based interface configuration command on a physical port you can configure a port based policy map on the port If VLAN based QoS is enabled by using the mls qos vlan based interface configuration command on a physical port the switch removes the previously configured port based policy map After a hierarchical policy map is configured ...

Page 462: ...itch Switch configure terminal Enter configuration commands one per line End with CNTL Z Switch config class map cm interface 1 Switch config cmap match input gigabitethernet3 0 1 gigabitethernet3 0 2 Switch config cmap exit Switch config policy map port plcmap Switch config pmap class map cm interface 1 Switch config pmap c police 900000 9000 exc policed dscp transmit Switch config pmap c exit Sw...

Page 463: ...y map that can be attached to multiple ports to specify a service policy show policy map Displays QoS policy maps show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_command _reference_list html Select the Cisco IOS Commands Master List Re...

Page 464: ...en you access the stack member its stack member number is appended to the system prompt Examples This example shows how to access stack member 6 Switch config session 6 Switch 6 Related Commands stack member number Specify the stack member number The range is 1 to 9 Release Modification 12 2 40 EX1 This command was introduced Command Description reload Reloads the stack member and puts a configura...

Page 465: ... or the set precedence policy map class configuration command This setting appears as set ip precedence in the switch configuration The set command is mutually exclusive with the trust policy map class configuration command within the same policy map For the set dscp new dscp or the set ip precedence new precedence command you can enter a mnemonic name for a commonly used value For example you can...

Page 466: ...y entering the show policy map privileged EXEC command Related Commands Command Description class Defines a traffic classification match criteria through the police set and trust policy map class configuration commands for the specified class map name police Defines a policer for classified traffic policy map Creates or modifies a policy map that can be attached to multiple ports to specify a serv...

Page 467: ... provided for each prompt To access help text press the question mark key at a prompt To return to the privileged EXEC prompt without making changes and without running through the entire System Configuration Dialog press Ctrl C When you complete your changes the setup program shows you the configuration command script that was created during the setup session You can save the configuration in NVR...

Page 468: ...y interface listed with OK value NO does not have a valid configuration Interface IP Address OK Method Status Protocol Vlan1 172 20 135 202 YES NVRAM up up GigabitEthernet6 0 1 unassigned YES unset up up GigabitEthernet6 0 2 unassigned YES unset up down output truncated Port channel1 unassigned YES unset up down Enter interface name used to connect to the management network from the above interfac...

Page 469: ...2 Save this configuration to nvram and exit Enter your selection 2 Related Commands Command Description show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_co mmand_reference_list html Select the Cisco IOS Commands Master List Release 12 2...

Page 470: ...on a configured switch the LEDs above the Mode button start blinking If you press the Mode button for a total of 10 seconds the switch configuration is deleted and the switch reboots The switch can then be configured like a new switch either through the web based Express Setup program or the CLI based setup program Note As soon as you make any change to the switch configuration including entering ...

Page 471: ...3 seconds On a configured switch the mode LEDs begin blinking after 2 seconds and turn solid green after 10 seconds Caution If you hold the Mode button down for a total of 10 seconds the configuration is deleted and the switch reboots This example shows how to disable Express Setup mode Switch config no setup express You can verify that Express Setup mode is disabled by pressing the Mode button Th...

Page 472: ...and 1300 to 2699 This command also displays the MAC ACLs that are configured Expressions are case sensitive For example if you enter exclude output the lines that contain output are not displayed but the lines that contain Output are displayed name Optional Name of the ACL number Optional ACL number The range is 1 to 2699 hardware counters Optional Display global hardware ACL statistics for switch...

Page 473: ...p host 10 91 28 64 any 70 permit ip host 10 99 75 128 any 80 permit ip host 10 38 49 0 any This is an example of output from the show access lists hardware counters command Switch show access lists hardware counters L2 ACL INPUT Statistics Drop All frame count 855 Drop All bytes count 94143 Drop And Log All frame count 0 Drop And Log All bytes count 0 Bridge Only All frame count 0 Bridge Only All ...

Page 474: ...All frame count 0 Drop And Log All bytes count 0 Bridge Only All frame count 0 Bridge Only All bytes count 0 Bridge Only And Log All frame count 0 Bridge Only And Log All bytes count 0 Forwarding To CPU All frame count 0 Forwarding To CPU All bytes count 0 Forwarded All frame count 514434 Forwarded All bytes count 39048748 Forwarded And Log All frame count 0 Forwarded And Log All bytes count 0 Rel...

Page 475: ...shows the progress of the download Expressions are case sensitive For example if you enter exclude output the lines that contain output are not displayed but the lines that contain Output are displayed Examples These are examples of output from the show archive status command Switch show archive status IDLE No upgrade in progress Switch show archive status LOADING Upgrade in progress Switch show a...

Page 476: ...rom the show arp access list command Switch show arp access list ARP access list rose permit ip 10 101 1 1 0 0 0 255 mac any permit ip 20 3 1 0 0 0 0 255 mac any Related Commands acl name Optional Name of the ACL begin Optional Display begins with the line that matches the expression exclude Optional Display excludes lines that match the expression include Optional Display includes lines that matc...

Page 477: ...vided a result interface interface id Optional Display all of the authentication manager details for the specified interface method method Optional Displays all clients authorized by a specified authentication method dot1x mab or webauth registrations Optional Display authentication manager registrations sessions Optional Display detail of the current authentication manager sessions for example cl...

Page 478: ...e Priority Name 3 0 dot1x Runnable methods list Handle Priority Name 3 0 dot1x This is an example of the show authentication sessions command Switch show authentication sessions Interface MAC Address Method Domain Status Session ID Gi3 45 unknown N A DATA Authz Failed 0908140400000007003651EC Gi3 46 unknown N A DATA Authz Success 09081404000000080057C274 Authc Success A method has resulted in auth...

Page 479: ...r host mode single host Authorized By Authentication Server Vlan Policy 10 Handle 0xE0000000 Runnable methods list Method State dot1x Authc Success This is an example of the show authentication session method command for a specified method Switch show authentication sessions method mab No Auth Manager contexts match supplied criteria Switch show authentication sessions method dot1x MAC Address Dom...

Page 480: ...n priority Adds an authentication method to the port priority list authentication timer Configures the timeout and reauthentication parameters for an 802 1x enabled port authentication violation Configures the violation modes that occur when a new device connects to a port or when a new device connects to a port with the maximum number of devices already connected to that port ...

Page 481: ...iguration and the user modifications To display information about the QoS configuration that might be affected by auto QoS use one of these commands show mls qos show mls qos maps cos dscp show mls qos interface interface id buffers queueing show mls qos maps cos dscp cos input q cos output q dscp cos dscp input q dscp output q show mls qos input queue show running config Examples This is an examp...

Page 482: ...put dscp map queue 2 threshold 2 49 50 51 52 53 54 55 56 mls qos srr queue input dscp map queue 2 threshold 2 57 58 59 60 61 62 63 mls qos srr queue input dscp map queue 2 threshold 3 24 25 26 27 28 29 30 31 mls qos srr queue input dscp map queue 2 threshold 3 40 41 42 43 44 45 46 47 mls qos srr queue output cos map queue 1 threshold 3 5 mls qos srr queue output cos map queue 2 threshold 3 3 6 7 m...

Page 483: ...hernet2 0 4 switchport mode access switchport port security maximum 400 service policy input AutoQoS Police SoftPhone speed 100 duplex half srr queue bandwidth share 10 10 60 20 priority queue out auto qos voip cisco softphone interface GigabitEthernet2 0 5 switchport mode access switchport port security maximum 1999 speed 100 duplex full srr queue bandwidth share 10 10 60 20 priority queue out ml...

Page 484: ... 2 GigabitEthernet1 0 2 auto qos voip cisco phone These are examples of output from the show auto qos command when auto QoS is disabled on the switch Switch show auto qos AutoQoS not enabled on any interface These are examples of output from the show auto qos interface interface id command when auto QoS is disabled on an interface Switch show auto qos interface gigabitethernet3 0 1 AutoQoS is disa...

Page 485: ...how boot command for all stack members Switch show boot BOOT path list flash cbs31x0 universal mz Config file flash config text Private Config file flash private config text Enable Break no Manual Boot yes HELPER path list Auto upgrade yes Auto upgrade path Switch 2 BOOT path list flash cbs31x0 universal mz Config file flash config text Private Config file flash private config text Enable Break no...

Page 486: ... IOS uses to read and write a nonvolatile copy of the system configuration Enable Break Displays whether a break during booting is enabled or disabled If it is set to yes on or 1 you can interrupt the automatic boot process by pressing the Break key on the console after the flash file system is initialized Manual Boot Displays whether the switch automatically or manually boots If it is set to no o...

Page 487: ...sw Specifies the software image to use in the auto upgrade process boot config file Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration boot enable break Enables interrupting the automatic boot process boot manual Enables manually booting the switch during the next boot cycle boot private config file Specifies the filename that Cisco IOS uses...

Page 488: ...rom the show cable diagnostics tdr interface interface id command Switch show cable diagnostics tdr interface gigabitethernet0 2 TDR test last run on March 01 00 04 08 Interface Speed Local pair Pair length Remote pair Pair status Gi1 0 2 1000M Pair A 1 1 meters Pair A Normal Pair B 1 1 meters Pair B Normal Pair C 1 1 meters Pair C Normal Pair D 1 1 meters Pair D Normal Table 2 20 lists the descri...

Page 489: ...witch TDR can only find the location in one of these cases The cable is properly connected the link is up and the interface speed is 1000 Mb s The cable is open The cable has a short Remote pair Name of the pair of wires to which the local pair is connected TDR can learn about the remote pair only when the cable is properly connected and the link is up Pair status The status of the pair of wires o...

Page 490: ... from the show cisp summary command CISP is not running on any interface Related Commands clients Optional Display CISP client details interface interface id Optional Display CISP information about the specified interface Valid interfaces include physical ports and port channels summary Optional Display begin Optional Display begins with the line that matches the expression exclude Optional Displa...

Page 491: ...the show class map command Switch show class map Class Map match all videowizard_10 10 10 10 id 2 Match access group name videowizard_10 10 10 10 Class Map match any class default id 0 Match any Class Map match all dscp5 id 3 Match ip dscp 5 Related Commands class map name Optional Display the contents of the specified class map begin Optional Display begins with the line that matches the expressi...

Page 492: ...ines that contain output are not displayed but the lines that contain Output are displayed Examples This is a partial output example from the show controllers cpu interface command Switch show controllers cpu interface cpu queue frames retrieved dropped invalid hol block rpc 4523063 0 0 0 stp 1545035 0 0 0 ipc 1903047 0 0 0 routing protocol 96145 0 0 0 L2 protocol 79596 0 0 0 remote console 0 0 0 ...

Page 493: ...0 StartPtrs 038C2800 ReadPtr 038C2C38 WritePtrs 038C2C38 Fifo_Flag 8A800800 Weights 001E001E Fifo1 StartPtr 03A9BC00 ReadPtr 03A9BC60 WritePtrs 03A9BC60 Fifo_Flag 89800400 writeHeaderPtr 03A9BC60 Fifo2 StartPtr 038C8800 ReadPtr 038C88E0 WritePtrs 038C88E0 Fifo_Flag 88800200 writeHeaderPtr 038C88E0 Fifo3 StartPtr 03C30400 ReadPtr 03C30638 WritePtrs 03C30638 Fifo_Flag 89800400 writeHeaderPtr 03C3063...

Page 494: ...r Cisco technical support representatives troubleshooting the switch Expressions are case sensitive For example if you enter exclude output the lines that contain output are not displayed but the lines that contain Output are displayed interface id The physical interface including type stack member module and port number phy Optional Display the status of the internal registers on the switch physi...

Page 495: ...es 0 Symbol error frames 0 Excessive collisions 0 Late collisions 0 Invalid frames too large 0 VLAN discard frames 0 Valid frames too large 0 Excess defer frames 0 Invalid frames too small 0 64 byte frames 0 Valid frames too small 0 127 byte frames 0 255 byte frames 0 Too old frames 0 511 byte frames 0 Valid oversize frames 0 1023 byte frames 0 System FCS error frames 0 1518 byte frames 0 RxPortFi...

Page 496: ...ile the frame was sent VLAN discard frames The number of frames dropped on an interface because the CFI1 bit is set Excess defer frames The number of frames that are not sent after the time exceeds the maximum packet time 64 byte frames The total number of frames sent on an interface that are 64 bytes 127 byte frames The total number of frames sent on an interface that are from 65 to 127 bytes 255...

Page 497: ...es The total number of frames that are from 128 to 255 bytes 256 to 511 byte frames The total number of frames that are from 256 to 511 bytes 512 to 1023 byte frames The total number of frames that are from 512 to 1023 bytes 1024 to 1518 byte frames The total number of frames that are from 1024 to 1518 bytes Overrun frames The total number of overrun frames received on an interface Pause frames Th...

Page 498: ...000 0000 0000 Reserved Register 1 0000 0000 0000 0000 Global Status 0000 0000 0000 0000 LED Control 0100 0001 0000 0000 Manual LED Override 0000 1000 0010 1010 Extended PHY Specific Control 0000 0000 0001 1010 Disable Receiver 1 0000 0000 0000 1011 Disable Receiver 2 1000 0000 0000 0100 Extended PHY Specific Status 1000 0100 1000 0000 Auto MDIX On AdminState 1 Flags 0x00052248 This is an example o...

Page 499: ...oSramInfo 000007D0 000007D0 40000000 SupervisorTransmitFifoSramInfo 000001D0 000001D0 40000000 GlobalStatus 00000800 IndicationStatus 00000000 IndicationStatusMask FFFFFFFF InterruptStatus 00000000 InterruptStatusMask 01FFE800 SupervisorDiag 00000000 SupervisorFrameSizeLimit 000007C8 SupervisorBroadcast 000A0F01 GeneralIO 000003F9 00000000 00000004 StackPcsInfo FFFF1000 860329BD 5555FFFF FFFFFFFF ...

Page 500: ... 0 Rx Invalid Too Large Frames 0 TxQueue Bandwidth Drop Coun 0 Rx Invalid Too Large Frames 0 TxQueue Missed Drop Statist 0 Rx Invalid Too Small Frames 74 RxBuffer Drop DestIndex Cou 0 Rx Too Old Frames 0 SneakQueue Drop Count 0 Tx Too Old Frames 0 Learning Queue Overflow Fra 0 System Fcs Error Frames 0 Learning Cam Skip Count 15 Sup Queue 0 Drop Frames 0 Sup Queue 8 Drop Frames 0 Sup Queue 1 Drop ...

Page 501: ...ontain output do not appear but the lines that contain Output appear phy detail Optional Display the status of the internal registers on the switch physical layer device PHY for the Ethernet management port on the switch when the command is entered on a switch Display the status of the internal registers on the switch PHYs for all the Ethernet management ports in the switch stack when the command ...

Page 502: ...ion frames 0 512 to 1023 byte frames 0 12 collision frames 0 1024 to 1518 byte frames 0 13 collision frames 0 Overrun frames 0 14 collision frames 0 Pause frames 0 15 collision frames 0 Excessive collisions 0 Symbol error frames 0 Late collisions 0 Invalid frames too large 0 VLAN discard frames 0 Valid frames too large 0 Excess defer frames 0 Invalid frames too small 0 64 byte frames 0 Valid frame...

Page 503: ...120 malrxctp0r 0x0F0272C0 0x140 malrcbs0 0x00000060 0x160 output truncated This is an example of output from the show controllers ethernet controller fastethernet 0 stack command on a stack member Switch show controller ethernet controller fastethernet 0 stack Switch Interface Name Duplex Speed Link State Active Link 3 Fa0 a full a 100 up 3 Fa0 Physical a full a 100 up Related Commands Command Des...

Page 504: ...at might be useful for Cisco technical support representatives troubleshooting the switch Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear asic Optional Display port ASIC hardware information number Optional Display information for the specified port ASIC number The range is from 0 to 15 deta...

Page 505: ...00000_00000000 HRR5 00000000_00000000 HRR6 00000000_00000000 HRR7 00000000_00000000 output truncated GMR31 FF_FFFFFFFF_FFFFFFFF GMR32 FF_FFFFFFFF_FFFFFFFF GMR33 FF_FFFFFFFF_FFFFFFFF TCAM related PortASIC 1 registers LookupType 89A1C67D_24E35F00 LastCamIndex 0000FFE0 LocalNoMatch 000069E0 ForwardingRamBaseAddress 00022A00 0002FE00 00040600 0002FE00 0000D400 00000000 003FBA00 00009000 00009000 00040...

Page 506: ...Receive Utilization Transmit Utilization Gi1 0 2 0 0 Gi1 0 3 0 0 Gi1 0 4 0 0 Gi1 0 5 0 0 Gi1 0 6 0 0 Gi1 0 7 0 0 output truncated Gi2 0 1 0 0 Gi2 0 2 0 0 output truncated Switch Receive Bandwidth Percentage Utilization 0 Switch Transmit Bandwidth Percentage Utilization 0 Switch Fabric Percentage Utilization 0 This is an example of output from the show controllers utilization command on a specific ...

Page 507: ...on Displays the received bandwidth usage of the switch which is the sum of the received traffic on all the ports divided by the switch receive capacity Transmit Bandwidth Percentage Utilization Displays the transmitted bandwidth usage of the switch which is the sum of the transmitted traffic on all the ports divided it by the switch transmit capacity Fabric Percentage Utilization Displays the aver...

Page 508: ...f these options Optional Use the number parameter to display test information for a specific switch The switch number is the stack member If the switch is a standalone switch the switch number is 1 If the switch is a stack master or a stack member the range is 1 to 9 depending on the switch member numbers in the stack Optional Use the all keyword to display all the test information for the switch ...

Page 509: ...w to display the online diagnostics that are configured on all the switches in a stack Switch show diagnostic content switch all Switch 1 Diagnostics test suite attributes B Basic ondemand test NA P V Per port test Per device test NA D N Disruptive test Non disruptive test NA S Only applicable to standby unit NA X Not a health monitoring test NA F Fixed monitoring interval test NA E Always enabled...

Page 510: ...g capable switch Switch show diagnostic schedule Current Time 14 39 49 PST Tue Jul 5 2005 Diagnostic for Switch 1 Schedule 1 To be run daily 12 00 Test ID s to be executed 1 This example shows how to display the detailed switch results for all the switches in stack You can also use the show diagnostic result switch all detail command to display these results Switch show diagnostic switch all detai...

Page 511: ...est failure time n a Last test failure time n a Last test pass time n a Total failure count 0 Consecutive failure count 0 ___________________________________________________________________________ 5 TestMicRingLoopback U Error code 0 DIAG_SUCCESS Total run count 0 Last test execution time n a First test failure time n a Last test failure time n a Last test pass time n a Total failure count 0 Cons...

Page 512: ...ass time n a Total failure count 0 Consecutive failure count 0 __________________________________________________________________________ Related Commands Command Description diagnostic monitor Configures teh health monitoring diagnostic test diagnostic schedule Sets the scheduling of test based online diagnostic testing diagnostic start Starts the online diagnostic test ...

Page 513: ...dot1q tunnel dot1q tunnel mode LAN Port s Gi1 0 1 Gi1 0 2 Gi1 0 3 Gi1 0 6 Po2 Switch show dot1q tunnel interface gigabitethernet1 0 1 dot1q tunnel mode LAN Port s Gi1 0 1 Related Commands interface interface id Optional Specify the interface for which to display IEEE 802 1Q tunneling information Valid interfaces include physical ports and port channels begin Optional Display begins with the line t...

Page 514: ...olDirection In Inactive Expressions are case sensitive For example if you enter exclude output the lines that contain output are not displayed but the lines that contain Output appear Examples This is an example of output from the show dot1x user EXEC command Switch show dot1x Sysauthcontrol Enabled Dot1x Protocol Version 2 Critical Recovery Delay 100 Critical EAPOL Disabled all summary Optional D...

Page 515: ...riod 3600 Locally configured ReAuthMax 2 MaxReq 2 TxPeriod 30 RateLimitPeriod 0 output truncated This is an example of output from the show dot1x all summary user EXEC command Switch show dot1x all summary Interface PAE Client Status Gi2 0 1 AUTH none UNAUTHORIZED Gi2 0 2 AUTH 00a0 c9b8 0072 AUTHORIZED Gi2 0 3 AUTH none UNAUTHORIZED This is an example of output from the show dot1x interface interf...

Page 516: ... port is assigned to a guest VLAN and the host mode changes to multiple hosts mode Switch show dot1x interface gigabitethernet1 0 1 details Dot1x Info for GigabitEthernet1 0 1 PAE AUTHENTICATOR PortControl AUTO ControlDirection Both HostMode SINGLE_HOST ReAuthentication Enabled QuietPeriod 60 ServerTimeout 30 SuppTimeout 30 ReAuthPeriod 3600 Locally configured ReAuthMax 2 MaxReq 2 TxPeriod 30 Rate...

Page 517: ...Number of EAPOL frames that have been received and have an unrecognized frame type RxLenError Number of EAPOL frames that have been received in which the packet body length field is invalid RxTotal Number of valid EAPOL frames of any type that have been received TxReq Number of EAP request frames other than request identity frames that have been sent TxReqId Number of Extensible Authentication Pro...

Page 518: ...t from the show dtp interface command Switch show dtp interface gigabitethernet1 0 1 DTP information for GigabitEthernet1 0 1 TOS TAS TNS ACCESS AUTO ACCESS TOT TAT TNT NATIVE NEGOTIATE NATIVE Neighbor address 1 000943A7D081 Neighbor address 2 000000000000 Hello timer expiration sec state 1 RUNNING Access timer expiration sec state never STOPPED Negotiation timer expiration sec state never STOPPED...

Page 519: ...160 good 0 packets dropped 0 nonegotiate 0 bad version 0 domain mismatches 0 bad TLVs 0 other 6320 packets output 6320 good 3160 native 3160 software encap isl 0 isl hardware native 0 output errors 0 trunk timeouts 1 link ups last link up on Mon Mar 01 1993 01 02 29 0 link downs Related Commands Command Description show interfaces trunk Displays interface trunking information ...

Page 520: ...trations When you use the show eap sessions privileged EXEC command with these keywords the command output shows this information None All active EAP sessions credentials name keyword The specified credentials profile interface interface id keyword The parameters for the specified interface method name keyword The specified EAP method transport name keyword The specified lower layer registrations ...

Page 521: ...AB This is an example of output from the show eap sessions privileged EXEC command Switch show eap sessions Role Authenticator Decision Fail Lower layer Dot1x AuthenticaInterface Gi1 0 1 Current method None Method state Uninitialised Retransmission count 0 max 2 Timer Authenticator ReqId Retransmit timeout 30s remaining 2s EAP handle 0x5200000A Credentials profile None Lower layer context ID 0x930...

Page 522: ...wer layer Dot1x AuthenticaInterface Gi1 0 1 Current method None Method state Uninitialised Retransmission count 1 max 2 Timer Authenticator ReqId Retransmit timeout 30s remaining 13s EAP handle 0x5200000A Credentials profile None Lower layer context ID 0x93000004 Eap profile name None Method context ID 0x00000000 Peer Identity None Start timeout s 1 Retransmit timeout s 30 30 Current ID 2 Availabl...

Page 523: ...play the available power levels children Available power levels for the entity and the PoE ports current Current power levels for the entity Optional children Current power levels for the entity and the PoE ports delta Difference between the current and available power levels for the entity Optional children Difference between the current and available power levels for the entity and the PoE ports...

Page 524: ...n Name TG3560G 41 Domain cisco Protocol udp IP 2 2 2 21 Port 43440 Switch show energywise events Sequence 246818 References 0 1 Errors Class PN_CLASS_QUERY Action PN_ACTION_CPQR_POWERNET_QUERY_SET Reply To 8 8 8 24 43440 Sequence 246827 References 0 1 Errors Class PN_CLASS_DISCOVERY Action PN_ACTION_CPQR_POWERNET_DISCOVERY_DISCOVERY_UPDATE Reply To 8 8 8 24 43440 Switch show energywise level Level...

Page 525: ...Gi1 0 1 0 0 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 Gi1 0 2 Gi1 0 2 0 0 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 Gi1 0 3 Gi1 0 3 0 0 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 Gi1 0 4 Gi1 0 4 0 0 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 15 4 output truncated Switch show energywise neighbors Capability Codes R Router T Trans Bridge B Source Route Bridge S Switch H Host...

Page 526: ...0 1 Gi1 0 1 0 0 W presumed Gi1 0 2 Gi1 0 2 0 0 W presumed Gi1 0 3 Gi1 0 3 0 0 W presumed Gi1 0 4 Gi1 0 4 0 0 W presumed Gi1 0 5 Gi1 0 5 0 0 W presumed output truncated Switch show energywise version EnergyWise is Enabled IOS Version 12 2 50 SE EnergyWise Specification 1 0 1 Related Commands Command Description energywise global configuration Enables and configures EnergyWise on the entity energywi...

Page 527: ...emperature status The command output shows the green and yellow states as OK and the red state as FAULTY If you enter the show env all command the command output is the same as the show env temperature status command output Expressions are case sensitive For example if you enter exclude output the lines that contain output are not displayed but the lines that contain Output are displayed all Displ...

Page 528: ... 3 from the master switch Switch show env stack 3 SWITCH 3 FAN is OK TEMPERATURE is OK Temperature Value 33 Degree Celsius Temperature State GREEN Yellow Threshold 65 Degree Celsius Red Threshold 75 Degree Celsius POWER is OK RPS is AVAILABLE This example shows how to display the temperature value state and the threshold values on a standalone switch Table 2 25 describes the temperature states in ...

Page 529: ...e lines that contain Output are displayed The error disable reasons in the command output are listed in alphabetical order The mode column shows how error disable is configured for each feature You can configure error disabled detection in these modes port mode The entire physical port is error disabled if a violation occurs vlan mode The VLAN is error disabled if a violation occurs port vlan mode...

Page 530: ...ine power Enabled port invalid policy Enabled port l2ptguard Enabled port link flap Enabled port loopback Enabled port lsgroup Enabled port pagp flap Enabled port psecure violation Enabled port vlan security violatio Enabled port sfp config mismat Enabled port storm control Enabled port udld Enabled port vmps Enabled port Related Commands Command Description errdisable detect cause Enables error d...

Page 531: ...values command which shows that an error will be assumed and the port shut down if three Dynamic Trunking Protocol DTP state port mode access trunk or Port Aggregation Protocol PAgP flap changes occur during a 30 second interval or if 5 link state link up down changes occur during a 10 second interval Switch show errdisable flap values ErrDisable Reason Flaps Time sec pagp flap 3 30 dtp flap 3 30 ...

Page 532: ...played Examples This is an example of output from the show errdisable recovery command Switch show errdisable recovery ErrDisable Reason Timer Status udld Disabled bpduguard Disabled security violatio Disabled channel misconfig Disabled vmps Disabled pagp flap Disabled dtp flap Disabled link flap Enabled l2ptguard Disabled psecure violation Disabled gbic invalid Disabled dhcp rate limit Disabled u...

Page 533: ...link flap 279 Note Though visible in the output the unicast flood field is not valid Related Commands Command Description errdisable recovery Configures the recover mechanism variables show errdisable detect Displays error disabled detection status show errdisable flap values Displays error condition recognition information show interfaces status Displays interface status or a list of interfaces i...

Page 534: ...y is in the only port channel in the channel group Expressions are case sensitive For example if you enter exclude output the lines that contain output are not displayed but the lines that contain Output are displayed channel group number Optional Number of the channel group The range is 1 to 64 detail Display detailed EtherChannel information load balance Display the load balance or frame distrib...

Page 535: ...ocol LACP Flags S Device is sending Slow LACPDUs F Device is sending fast LACPDU A Device is in active mode P Device is in passive mode Local information LACP port Admin Oper Port Port Port Flags State Priority Key Key Number State Gi1 0 1 SA bndl 32768 0x1 0x1 0x101 0x3D Gi1 0 2 A bndl 32768 0x0 0x1 0x0 0x3D Age of the port in the current state 01d 20h 06m 04s Port channels in the group Port chan...

Page 536: ... port channel command Switch show etherchannel 1 port channel Port channels in the group Port channel Po1 Primary Aggregator Age of the Port channel 01d 20h 24m 50s Logical slot port 10 1 Number of ports 2 HotStandBy port null Port state Port channel Ag Inuse Protocol LACP Ports in the Port channel Index Load Port EC state No of bits 0 00 Gi1 0 1 Active 0 0 00 Gi1 0 2 Active 0 Time since last port...

Page 537: ...d Examples This is an example of output from the show fallback profile command Switch show fallback profile Profile Name dot1x www Description NONE IP Admission Rule webauth fallback IP Access Group IN default policy Profile Name dot1x www lpip Description NONE IP Admission Rule web lpip IP Access Group IN default policy Profile Name profile1 Description NONE IP Admission Rule NONE IP Access Group...

Page 538: ... fallback Configure a port to use web authentication as a fallback method for clients that do not support IEEE 802 1x authentication fallback profile Create a web authentication fallback profile ip admission Enable web authentication on a switch port ip admission name proxy http Enable web authentication globally on a switch show dot1x interface interface id Displays IEEE 802 1x status for the spe...

Page 539: ... flowcontrol module number command Use the show flowcontrol interface interface id command to display information about a specific interface Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear interface interface id Optional Display the flow control status and statistics for a specific interface...

Page 540: ...l RxPause TxPause admin oper admin oper Gi2 0 1 Unsupp Unsupp off off 0 0 Gi2 0 2 desired off off off 0 0 Gi2 0 3 desired off off off 0 0 output truncated This is an example of output from the show flowcontrol interface interface id command Switch show flowcontrol gigabitethernet2 0 2 Port Send FlowControl Receive FlowControl RxPause TxPause admin oper admin oper Gi2 0 2 desired off off off 0 0 Re...

Page 541: ...e tengigabitethernet1 0 1 X2 Serial EEPROM Contents Non Volatile Register NVR Fields X2 MSA Version supported 0xA NVR Size in bytes 0x100 Number of bytes used 0x100 Basic Field Address 0xB Customer Field Address 0x77 Vendor Field Address 0xA7 Extended Vendor Field Address 0x100 Reserved 0x0 Transceiver type 0x2 X2 Optical connector type 0x0 Unspecified Bit encoding 0x1 NRZ Normal BitRate in multip...

Page 542: ...e CISCO OPNEXT INC Part number provided by transceiver vendor TRTC010EN BMC Revision level of part number provided by vendor 00 Vendor serial number OSA093900JK Vendor manufacturing date code 2005092800 Reserved1 01 01 20 04 00 01 00 Basic Field Checksum 0x63 Customer Writable Area 0x00 58 32 2D 31 30 47 42 2D 43 58 34 20 20 20 20 20 0x10 20 56 30 31 20 4F 53 41 30 39 33 39 30 30 4A 4B 0x20 31 30 ...

Page 543: ...nterface Though visible in the command line help this option is not available for VLAN IDs module number Optional Display capabilities switchport configuration or transceiver characteristics depending on preceding keyword of all interfaces on the switch or specified stack member This option is not available if you entered a specific interface ID counters Optional See the show interfaces counters c...

Page 544: ...r interface ID to display the capabilities of all interfaces in the stack se the show interfaces capabilities with no module number or interface ID to display the capabilities of all interfaces on the switch transceiver detail properties Optional Display the physical properties of a coarse wavelength division multiplexer CWDM or dense wavelength division multiplexer DWDM small form factor SFP modu...

Page 545: ... 04 00 00 Last input never output never output hang never Last clearing of show interface counters never Input queue 0 75 0 0 size max drops flushes Total output drops 0 Queueing strategy fifo Output queue 0 40 size max 5 minute input rate 0 bits sec 0 packets sec 5 minute output rate 0 bits sec 0 packets sec 2 packets input 1040 bytes 0 no buffer Received 0 broadcasts 0 runts 0 giants 0 throttles...

Page 546: ...Dot1x yes This is an example of output from the show interfaces interface description command when the interface has been described as Connects to Marketing by using the description interface configuration command Switch show interfaces gigabitethernet1 0 2 description Interface Status Protocol Description Gi1 0 2 up down Connects to Marketing This is an example of output from the show interfaces ...

Page 547: ...ple of partial output from the show interfaces status command It displays the status of all interfaces Switch show interfaces status Port Name Status Vlan Duplex Speed Type Gi1 0 1 connected routed a half a 100 10 100 1000BaseTX Gi1 0 2 notconnect 121 40 auto auto 10 100 1000BaseTX Gi1 0 3 notconnect 1 auto auto 10 100 1000BaseTX Gi1 0 4 notconnect 18 auto auto Not Present Gi1 0 5 connected 121 a ...

Page 548: ...ult Trunking Native Mode VLAN 1 default Voice VLAN none Administrative private vlan host association 10 VLAN0010 502 VLAN0502 Administrative private vlan mapping none Administrative private vlan trunk native VLAN none Administrative private vlan trunk encapsulation dot1q Administrative private vlan trunk normal VLANs none Administrative private vlan trunk private VLANs none Operational private vla...

Page 549: ...lan trunk normal VLANs none Administrative private vlan trunk private VLANs none Operational private vlan 20 VLAN0020 25 VLAN0025 30 VLAN0030 35 VLAN0035 output truncated Access Mode VLAN Displays the VLAN ID to which the port is configured Trunking Native Mode VLAN Trunking VLANs Enabled Trunking VLANs Active Lists the VLAN ID of the trunk that is in native mode Lists the allowed VLANs on the tru...

Page 550: ...interfaces switchport backup Switch Backup Interface Pairs Active Interface Backup Interface State GigabitEthernet2 0 6 GigabitEthernet2 0 8 Active Up Backup Up Vlans on Interface Gi 2 0 6 1 50 Vlans on Interface Gi 2 0 8 60 100 120 When a Flex Link interface goes down LINK_DOWN VLANs preferred on this interface are moved to the peer interface of the Flex Link pair In this example if interface Gi2...

Page 551: ... and active in management domain Gi1 0 1 1 4 Port Vlans in spanning tree forwarding state and not pruned Gi1 0 1 1 4 This is an example of output from the show interfaces interface id transceiver properties command Switch show interfaces gigabitethernet1 0 1 transceiver properties Name Gi1 0 1 Administrative Speed auto Operational Speed auto Administrative Duplex auto Administrative Power Inline e...

Page 552: ...auto Administrative Auto MDIX off Operational Auto MDIX off This is an example of output from the show interfaces interface id transceiver detail command Switch show interfaces gigabitethernet2 0 3 transceiver detail ITU Channel not available Wavelength not available Transceiver is externally calibrated mA milliamperes dBm decibels milliwatts N A not applicable high alarm high warning low warning ...

Page 553: ...26 8 70 0 60 0 5 0 0 0 High Alarm High Warn Low Warn Low Alarm Voltage Threshold Threshold Threshold Threshold Port Volts Volts Volts Volts Volts Te1 0 1 3 15 3 63 3 63 2 97 2 97 High Alarm High Warn Low Warn Low Alarm Current Threshold Threshold Threshold Threshold Port milliamperes mA mA mA mA Te1 0 1 5 0 16 3 15 3 3 9 3 2 Optical High Alarm High Warn Low Warn Low Alarm Transmit Power Threshold ...

Page 554: ...rface Configures Flex Links a pair of Layer 2 interfaces that provide mutual backup switchport mode Configures the VLAN membership mode of a port switchport mode private vlan Configures a port as a private VLAN host or a promiscuous port switchport private vlan Defines private VLAN association for a host port or private VLAN mapping for a promiscuous port switchport protected Isolates unicast mult...

Page 555: ... Optional ID of the physical interface including type stack member stacking capable switch only module and port number errors Optional Display error counters etherchannel Optional Display EtherChannel counters including octets broadcast packets multicast packets and unicast packets received and sent module switch number Optional Display counters for the specified stack member The range is from 1 t...

Page 556: ... 520 2 0 0 Gi2 0 2 520 2 0 0 Gi2 0 3 520 2 0 0 Gi2 0 4 520 2 0 0 Gi2 0 5 520 2 0 0 Gi2 0 6 520 2 0 0 Gi2 0 7 520 2 0 0 Gi2 0 8 520 2 0 0 output truncated This is an example of partial output from the show interfaces counters protocol status command for all interfaces Switch show interfaces counters protocol status Protocols allocated Vlan1 Other IP Vlan20 Other IP ARP Vlan30 Other IP ARP Vlan40 Ot...

Page 557: ...le of output from the show interfaces counters trunk command It displays trunk counters for all interfaces Switch show interfaces counters trunk Port TrunkFramesTx TrunkFramesRx WrongEncap Gi1 0 1 0 0 0 Gi1 0 2 0 0 0 Gi1 0 3 80678 4155 0 Gi1 0 4 82320 126 0 Gi1 0 5 0 0 0 output truncated Related Commands Command Description show interfaces Displays additional interface characteristics ...

Page 558: ...utput the lines that contain output are not displayed but the lines that contain Output are displayed Examples This is example output from the show inventory command on a switch stack Switch show inventory NAME 1 DESCR WS CBS3130G S F PID WS CBS3130G S F VID V01 SN FOC1143H02U NAME Switch 1 Slot 1 DESCR TwinGig Converter Module PID 800 27645 01 A VID A0 SN CAT11115UN3 NAME GigabitEthernet1 0 21 DE...

Page 559: ...AME Switch 2 Slot 2 DESCR TwinGig Converter Module PID 800 27645 01 A VID A0 SN CAT11115UVM This is example output from the show inventory command on a nonstacking capable switch Switch show inventory NAME 1 DESCR WS CBS3032 DEL PID WS CBS3032 DEL VID V01 SN FOC1132HZUJ NAME Switch 1 Slot 1 DESCR TwinGig Converter Module PID 800 27645 01 A VID A0 SN CAT111163WT NAME Switch 1 Slot 2 DESCR TwinGig C...

Page 560: ...splay statistics for forwarded dropped MAC validation failure IP validation failure access control list ACL permitted and denied and DHCP permitted and denied packets for the specified VLAN If no VLANs are specified or if a range is specified display information only for VLANs with dynamic ARP inspection enabled active You can specify a single VLAN identified by VLAN ID number a range of VLANs sep...

Page 561: ...MAC Failures 1 0 0 0 0 Vlan Dest MAC Failures IP Validation Failures Invalid Protocol Data 1 0 0 0 This is an example of output from the show ip arp inspection interfaces command Switch show ip arp inspection interfaces Interface Trust State Rate pps Burst Interval Gi1 0 1 Untrusted 15 1 Gi1 0 2 Untrusted 15 1 Gi1 0 3 Untrusted 15 1 This is an example of output from the show ip arp inspection inte...

Page 562: ...is is an example of output from the show ip arp inspection statistics command It shows the statistics for packets that have been processed by dynamic ARP inspection for all active VLANs Switch show ip arp inspection statistics Vlan Forwarded Dropped DHCP Drops ACL Drops 5 3 4618 4605 4 2000 0 0 0 0 Vlan DHCP Permits ACL Permits Source MAC Failures 5 0 12 0 2000 0 0 0 Vlan Dest MAC Failures IP Vali...

Page 563: ... Enabled IP Address Validation Enabled Vlan Configuration Operation ACL Match Static ACL 5 Enabled Active second No Vlan ACL Logging DHCP Logging 5 Acl Match All Related Commands Command Description arp access list Defines an ARP ACL clear ip arp inspection log Clears the dynamic ARP inspection log buffer clear ip arp inspection statistics Clears the dynamic ARP inspection statistics ip arp inspec...

Page 564: ...Examples This is an example of output from the show ip dhcp snooping command Switch show ip dhcp snooping Switch DHCP snooping is enabled DHCP snooping is configured on following VLANs 40 42 Insertion of option 82 is enabled circuit id format vlan mod port remote id format string Option 82 on untrusted port is allowed Verification of hwaddr field is enabled Interface Trusted Rate limit pps Gigabit...

Page 565: ...oes not delete the statically configured bindings Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This example shows how to display the DHCP snooping binding entries for a switch Switch show ip dhcp snooping binding MacAddress IpAddress Lease sec Type VLAN Interface 01 02 03 04 05 0...

Page 566: ...ber of bindings 1 This example shows how to display the DHCP snooping binding entries on VLAN 20 Switch show ip dhcp snooping binding vlan 20 MacAddress IpAddress Lease sec Type VLAN Interface 01 02 03 04 05 06 10 1 2 150 9747 dhcp snooping 20 GigabitEthernet2 0 1 00 00 00 00 00 02 10 1 2 151 65 dhcp snooping 20 GigabitEthernet2 0 2 Total number of bindings 2 Table 2 27 describes the fields in the...

Page 567: ...itch show ip dhcp snooping database Agent URL Write delay Timer 300 seconds Abort Timer 300 seconds Agent Running No Delay Timer Expiry Not Running Abort Timer Expiry Not Running Last Succeded Time None Last Failed Time None Last Failed Reason No failure recorded Total Attempts 0 Startup Failures 0 Successful Transfers 0 Failed Transfers 0 Successful Reads 0 Failed Reads 0 Successful Writes 0 Fail...

Page 568: ... Failed Reason Unable to access URL Total Attempts 21 Startup Failures 0 Successful Transfers 0 Failed Transfers 21 Successful Reads 0 Failed Reads 0 Successful Writes 0 Failed Writes 21 Media Failures 0 First successful access Read Last ignored bindings counters Binding Collisions 0 Expired leases 0 Invalid interfaces 0 Unsupported vlans 0 Parse failures 0 Last Ignored Time None Total ignored bin...

Page 569: ...atistics command Switch show ip dhcp snooping statistics Packets Forwarded 0 Packets Dropped 0 Packets Dropped From untrusted ports 0 This is an example of output from the show ip dhcp snooping statistics detail command Switch show ip dhcp snooping statistics detail Packets Processed by DHCP Snooping 0 Packets Dropped Because IDB not known 0 Queue full 0 Interface is in errdisabled 0 Rate limit ex...

Page 570: ...ded Number of times the rate limit configured on the port was exceeded and the interface was put into the error disabled state Received on untrusted ports Number of times a DHCP server packet OFFER ACK NAK or LEASEQUERY was received on an untrusted port and was dropped Nonzero giaddr Number of times the relay agent address field giaddr in the DHCP packet received on an untrusted port was not zero ...

Page 571: ...ly packet cannot be determined by either option 82 data or a lookup in the MAC address table The packet is dropped This can happen if option 82 is not used and the client MAC address has aged out If IPSG is enabled with the port security option and option 82 is not enabled the MAC address of the client is not learned and the reply packets will be dropped Reply output port equal to input port Numbe...

Page 572: ...command with and without specifying a profile number If no profile number is entered the display includes all profiles configured on the switch Switch show ip igmp profile 40 IGMP Profile 40 permit range 233 1 1 1 233 255 255 255 Switch show ip igmp profile IGMP Profile 3 range 230 9 9 0 230 9 9 0 IGMP Profile 4 permit range 229 9 9 0 229 255 255 255 Related Commands profile number Optional The IG...

Page 573: ...ontain Output appear Examples This is an example of output from the show ip igmp snooping vlan 1 command It shows snooping characteristics for a specific VLAN Switch show ip igmp snooping vlan 1 Global IGMP Snooping configuration IGMP snooping Enabled IGMPv3 snooping minimal Enabled Report suppression Enabled TCN solicit query Disabled TCN flood query count 2 Last member query interval 100 groups ...

Page 574: ...cs for all VLANs on the switch Switch show ip igmp snooping Global IGMP Snooping configuration IGMP snooping Enabled IGMPv3 snooping minimal Enabled Report suppression Enabled TCN solicit query Disabled TCN flood query count 2 Last member query interval 100 Vlan 1 IGMP snooping Enabled Immediate leave Disabled Multicast router learning mode pim dvmrp Source only learning age timer 10 CGMP interope...

Page 575: ...tification behavior ip igmp snooping tcn flood Specifies multicast flooding as the IGMP spanning tree topology change notification behavior ip igmp snooping vlan immediate leave Enables IGMP snooping immediate leave processing on a VLAN ip igmp snooping vlan mrouter Adds a multicast router port or configures the multicast learning method ip igmp snooping vlan static Statically adds a Layer 2 port ...

Page 576: ...ormation or the multicast table VLAN IDs 1002 to 1005 are reserved for Token Ring and FDDI VLANs and cannot be used in IGMP snooping Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear count Optional Display the total number of entries for the specified command options instead of the actual entr...

Page 577: ...p igmp snooping groups dynamic command It shows only the entries learned by IGMP snooping Switch show ip igmp snooping groups vlan 1 dynamic Vlan Group Type Version Port List 104 224 1 4 2 igmp v2 Gi2 0 1 Gi1 0 14 104 224 1 4 3 igmp v2 Gi2 0 1 Gi1 0 14 This is an example of output from the show ip igmp snooping groups vlan vlan id ip address command It shows the entries for the group with the spec...

Page 578: ... be used in IGMP snooping When multicast VLAN registration MVR is enabled the show ip igmp snooping mrouter command displays MVR multicast router information and IGMP snooping information Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show ip i...

Page 579: ...p snooping Enables IGMP snooping on the switch or on a VLAN ip igmp snooping vlan mrouter Adds a multicast router port ip igmp snooping vlan static Statically adds a Layer 2 port as a member of a multicast group show ip igmp snooping Displays the IGMP snooping configuration of the switch or the VLAN show ip igmp snooping groups Displays IGMP snooping multicast information for the switch or for the...

Page 580: ...ber on which the querier is learned in the Port field The show ip igmp snooping querier detail user EXEC command is similar to the show ip igmp snooping querier command However the show ip igmp snooping querier command displays only the device IP address most recently detected by the switch querier The show ip igmp snooping querier detail command displays the device IP address most recently detect...

Page 581: ...state Enabled admin version 2 source IP address 0 0 0 0 query interval sec 60 max response time sec 10 querier timeout sec 120 tcn query count 2 tcn query interval sec 10 Vlan 1 IGMP switch querier status elected querier is 1 1 1 1 on port Fa8 0 1 admin state Enabled admin version 2 source IP address 10 1 1 65 query interval sec 60 max response time sec 10 querier timeout sec 120 tcn query count 2...

Page 582: ...output do not appear but the lines that contain Output appear Examples This is an example of output from the show ip source binding command Switch show ip source binding MacAddress IpAddress Lease sec Type VLAN Interface 00 00 00 0A 00 0B 11 0 0 1 infinite static 10 GigabitEthernet1 0 1 00 00 00 0A 00 0A 11 0 0 2 10000 dhcp snooping 10 GigabitEthernet1 0 1 ip address Optional Display IP source bin...

Page 583: ...8 03 Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands show ip source binding Related Commands Command Description ip dhcp snooping binding Configures the DHCP snooping binding database ip source binding Configures static IP source bindings on the switch ...

Page 584: ...bb cccd 11 gi1 0 4 ip mac active deny all deny all 12 20 gi1 0 5 ip mac active 10 0 0 3 permit all 10 gi1 0 5 ip mac active deny all permit all 11 20 In the previous example this is the IP source guard configuration On the Gigabit Ethernet 1 0 1 interface DHCP snooping is enabled on VLANs 10 to 20 For VLAN 10 IP source guard with IP address filtering is configured on the interface and a binding ex...

Page 585: ...lied on the interface for the VLANs on which IP source guard is not configured On the Gigabit Ethernet 1 0 5 interface IP source guard with source IP and MAC address filtering is enabled and configured with a static IP binding but port security is disabled The switch cannot filter source MAC addresses This is an example of output on an interface on which IP source guard is disabled Switch show ip ...

Page 586: ...n ports queue Display the contents of the IPC transmission queue rpc Display the IPC remote procedure statistics session all rx tx Display the IPC session statistics available only in privileged EXEC mode The keywords have these meanings all Display all the session statistics rx Display the sessions statistics for traffic that the switch receives tx Display the sessions statistics for traffic that...

Page 587: ... 0 0 Total Retries 0 Total Timeouts 0 Total OOB Retries 0 Total OOB Timeouts 0 Total flushes 0 Total No ports 0 This example shows how to display the participating nodes Switch show ipc nodes There is 1 node in this IPC realm ID Type Name Last Last Sent Heard 10000 Local IPC Master 0 0 This example shows how to display the local IPC ports Switch show ipc ports There are 8 ports defined Port ID Typ...

Page 588: ...tatistics Switch show ipc session all Tx Sessions Port ID Type Name 10000 7 Unicast MDFS RP Statistics port_index 0 type Unreliable last sent 0 last heard 0 Msgs requested 180 Msgs returned 180 10000 8 Unicast Slot 1 MDFS control RIL port_index 0 type Reliable last sent 0 last heard 0 Msgs requested 0 Msgs returned 0 Rx Sessions Port ID Type Name 10000 7 Unicast MDFS RP Statistics port_index 0 sea...

Page 589: ...for HP Cisco IOS Commands show ipc Service Usage Total via Unreliable Connection Less Service 12783 171 Total via Unreliable Sequenced Connection Less Svc 0 0 Total via Reliable Connection Oriented Service 17 116 output truncated Related Commands Command Description clear ipc Clears the IPC multicast routing statistics ...

Page 590: ...ate enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch Examples The following output from the show ipv6 access list command shows IPv6 access lists named inbound and outbound Switch show ipv6 access list IPv6 access list inbound permit tcp any any eq bgp 8 matches sequence 10 permit tcp any any eq telnet 15 matches sequence 20 permit udp any any...

Page 591: ...an access list Access list lines are ordered from first priority lowest number for example 10 to last priority highest number for example 80 Table 2 29 show ipv6 access list Field Descriptions continued Field Description Command Description clear ipv6 access list Resets the IPv6 access list match counters For syntax information go to http www cisco com en US products ps5845 products_command_refere...

Page 592: ... IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch When you configure the DHCPv6 server to detect conflicts it uses ping The client uses neighbor discovery to detect clients and reports to the server through a DECLINE message If an address conflict is detected the address is removed from the pool and the address is not as...

Page 593: ...refer dual ipv4 and ipv6 default vlan global configuration command and reload the switch Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show ipv6 mld snooping vlan command It shows snooping characteristics for a specific VLAN Switch show ipv6 m...

Page 594: ...ener message suppression Enabled TCN solicit query Disabled TCN flood query count 2 Robustness variable 3 Last listener query count 2 Last listener query interval 1000 Vlan 1 MLD snooping Disabled MLDv1 immediate leave Disabled Explicit host tracking Enabled Multicast router learning mode pim dvmrp Robustness variable 1 Last listener query count 2 Last listener query interval 1000 output truncated...

Page 595: ...se the user keyword to display information only about groups that have been configured To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear vlan vla...

Page 596: ...0 3 This is an example of output from the show snooping address count user EXEC command Switch show ipv6 mld snooping address count Total number of multicast groups 2 This is an example of output from the show snooping address user user EXEC command Switch show ipv6 mld snooping address user Vlan Group Type Version Port List 2 FF12 3 user v2 Gi1 0 2 Gi2 0 2 Gi3 0 1 Gi3 0 3 Related Commands Command...

Page 597: ...ANs and cannot be used in MLD snooping To configure the dual IPv4 and IPv6 template enter the sdm prefer dual ipv4 and ipv6 default vlan global configuration command and reload the switch Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show ipv6...

Page 598: ...ter ports for a specific VLAN Switch show ipv6 mld snooping mrouter vlan 100 Vlan ports 2 Gi1 0 11 dynamic Related Commands Command Description ipv6 mld snooping Enables and configures MLD snooping on the switch or on a VLAN ipv6 mld snooping vlan mrouter interface interface id static ipv6 multicast address interface interface id Configures multicast router ports for a VLAN sdm prefer Configures a...

Page 599: ...r If the querier is a router the output shows the port number on which the querier is learned in the Port field The output of the show ipv6 mld snoop querier vlan command displays the information received in response to a query message from an external or internal querier It does not display user configured VLAN values such as the snooping robustness variable on the particular VLAN This querier in...

Page 600: ... ipv6 mld snooping querier vlan command Switch show ipv6 mld snooping querier vlan 2 IP address FE80 201 C9FF FE40 6000 MLD version v1 Port Gi3 0 1 Max response time 1000s Related Commands Command Description ipv6 mld snooping Enables and configures IPv6 MLD snooping on the switch or on a VLAN ipv6 mld snooping last listener query count Configures the maximum number of queries that the switch send...

Page 601: ...ed type of route using any of these keywords connected local static interface interface id boot up Display the current contents of the IPv6 routing table hh mm Enter the time as a 2 digit number for a 24 hour clock Make sure to use the colons For example enter 13 32 day Enter the day of the month The range is from 1 to 31 month Enter the month in upper case or lower case letters You can enter the ...

Page 602: ...OI OSPF Inter OE1 OSPF ext 1 OE2 OSPF ext 2 ON1 OSPF NSSA ext 1 ON2 OSPF NSSA ext 2 R 2001 64 120 2 via FE80 A8BB CCFF FE00 8D01 GigabitEthernet1 0 1 Last updated 10 31 10 27 February 2007 R 2004 64 120 2 via FE80 A8BB CCFF FE00 9001 GigabitEthernet1 0 2 Last updated 17 23 05 22 February 2007 R 4000 64 120 2 via FE80 A8BB CCFF FE00 9001 GigabitEthernet1 0 3 Last updated 17 23 05 22 February 2007 R...

Page 603: ...nterface interface id command only information about the active ports on which all the parameters are configured appears If you enter the show l2protocol tunnel summary command only information about the active ports on which some or all of the parameters are configured appears Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but th...

Page 604: ... 0 897960 Gi3 0 4 pagp 1000 24249 242700 lacp 24256 242660 udld 0 897960 Gi6 0 1 cdp 134482 1344820 pagp 1000 0 242500 lacp 500 0 485320 udld 300 44899 448980 Gi6 0 2 cdp 134482 1344820 pagp 1000 0 242700 lacp 0 485220 udld 300 44899 448980 This is an example of output from the show l2protocol tunnel summary command Switch show l2protocol tunnel summary COS for Encapsulated Packets 5 Drop Threshol...

Page 605: ...mmands show l2protocol tunnel Related Commands Command Description clear l2protocol tunnel counters Clears counters for protocol tunneling ports l2protocol tunnel Enables Layer 2 protocol tunneling for CDP STP or VTP packets on an interface l2protocol tunnel cos Configures a class of service CoS value for tunneled Layer 2 protocol packets ...

Page 606: ...mple if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show lacp counters user EXEC command Switch show lacp counters LACPDUs Marker Marker Response LACPDUs Port Sent Recv Sent Recv Sent Recv Pkts Err Channel group 1 Gi2 0 1 19 10 0 0 0 0 0 Gi2 0 2 14 6 0 0 0 0 0 channel group number Optio...

Page 607: ...Sent and Recv The number of LACP marker packets sent and received by a port Marker Response Sent and Recv The number of LACP marker response packets sent and received by a port LACPDUs Pkts and Err The number of unknown and illegal packets received by LACP for a port Table 2 31 show lacp internal Field Descriptions Field Description State State of the specific port These are the allowed values Por...

Page 608: ... Key Port State 32768 0x3 0x3C Admin Key Administrative key assigned to this port LACP automatically generates an administrative key value as a hexadecimal number The administrative key defines the ability of a port to aggregate with other ports A port s ability to aggregate with other ports is determined by the port physical characteristics for example data rate and duplex capability and configur...

Page 609: ...5 0002 4b29 3a00 The system identification is made up of the system priority and the system MAC address The first two bytes are the system priority and the last six bytes are the globally administered individual MAC address associated to the system Related Commands Command Description clear lacp Clears the LACP channel group information lacp port priority Configures the LACP port priority lacp sys...

Page 610: ...up detail command displays only those link state groups that have link state tracking enabled or that have upstream or downstream interfaces or both configured If there is no link state configuration for a group the group is not shown as enabled or disabled Expressions are case sensitive For example if you enter exclude output the lines that contain output are not displayed but the lines that cont...

Page 611: ...8 Dwn Downstream Interfaces Gi1 0 11 Dis Gi1 0 12 Dis Gi1 0 13 Dis Gi1 0 14 Dis Up Interface up Dwn Interface Down Dis Interface disabled Related Commands Command Description link state group Configures an interface as a member of a link state group link state track Enables a link state group show running config Displays the operating configuration For syntax information use this link to the Cisco...

Page 612: ...nsitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear admin tag Display administrative tag or site information civic location Display civic location information elin location Display emergency location information ELIN identifier id Specify the ID for the civic location or the elin location The id range is 1 to 4095 int...

Page 613: ...is an example of output from the show location civic location command that displays all the civic location information Switch show location civic location static Civic location information Identifier 1 County Santa Clara Street number 3550 Building 19 Room C6 Primary road name Cisco Way City San Jose State CA Country US Ports Gi2 0 1 Identifier 2 Street number 24568 Street number suffix West Landm...

Page 614: ...elin static command that displays all emergency location information Switch show location elin static Elin location information Identifier 1 Elin 14085553881 Ports Gi2 0 2 Identifier 2 Elin 18002228999 Related Commands Command Description location global configuration Configures the global location information for an endpoint location interface configuration Configures the location information for...

Page 615: ... unique device identifier UDI information for the standalone switch or specified stack members and for all the connected FRU devices the product identification PID the version identification VID and the serial number message Display the hardware related system messages generated by the standalone switch or specified stack members temperature Display the temperature of the standalone switch or spec...

Page 616: ...the stack members that support OBFL On a nonstacking capable switch if you enter the module keyword you must enter the switch number value of 1 Use the start and end keywords to display data collected only during a particular time period When specifying the start and end times follow these guidelines hh mm ss Enter the time as a 2 digit number for a 24 hour clock Make sure to use the colons For ex...

Page 617: ... 57 show logging onboard clilog summary This is an example of output from the show logging onboard message command Switch show logging onboard message ERROR MESSAGE SUMMARY INFORMATION Facility Sev Name Count Persistence Flag MM DD YYYY HH MM SS No historical data to display This is an example of output from the show logging onboard status command Switch show logging onboard status Devices registe...

Page 618: ... 12 2006 20 31 21 35 05 12 2006 21 29 22 35 05 12 2006 22 29 22 35 05 12 2006 23 29 22 35 05 13 2006 00 29 22 35 05 13 2006 01 29 22 35 05 13 2006 02 27 23 35 05 13 2006 03 27 23 35 05 13 2006 04 27 23 35 05 13 2006 05 27 23 35 05 13 2006 06 27 23 35 05 13 2006 07 25 24 36 05 13 2006 08 25 24 35 output truncated This is an example of output from the show logging onboard uptime summary command Swit...

Page 619: ...tage summary VOLTAGE SUMMARY INFORMATION Number of sensors 8 Sampling frequency 60 seconds Maximum time of storage 3600 minutes Sensor ID Maximum Voltage 12 00V 0 12 567 5 00V 1 5 198 3 30V 2 3 439 2 50V 3 2 594 1 50V 4 1 556 1 20V 5 1 239 1 00V 6 0 980 0 75V 7 0 768 Nominal Range Sensor ID No historical data to display Related Commands Command Description clear logging Removes the OBFL data in th...

Page 620: ...ss group Interface GigabitEthernet1 0 1 Inbound access list is not set Interface GigabitEthernet1 0 2 Inbound access list is macl_e1 Interface GigabitEthernet1 0 3 Inbound access list is not set Interface GigabitEthernet1 0 4 Inbound access list is not set output truncated This is an example of output from the show mac access group interface gigabitethernet1 0 1 command Switch show mac access grou...

Page 621: ...ch 3120 for HP Command Reference OL 12248 03 Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands show mac access group Related Commands Command Description mac access group Applies a MAC access group to an interface ...

Page 622: ...This is an example of output from the show mac address table command Switch show mac address table Mac Address Table Vlan Mac Address Type Ports All 0000 0000 0001 STATIC CPU All 0000 0000 0002 STATIC CPU All 0000 0000 0003 STATIC CPU All 0000 0000 0009 STATIC CPU All 0000 0000 0012 STATIC CPU All 0180 c200 000b STATIC CPU All 0180 c200 000c STATIC CPU All 0180 c200 000d STATIC CPU All 0180 c200 0...

Page 623: ...the aging time in all VLANs or the specified VLAN show mac address table count Displays the number of addresses present in all VLANs or the specified VLAN show mac address table dynamic Displays dynamic MAC address table entries only show mac address table interface Displays the MAC address table information for the specified interface show mac address table notification Displays the MAC address n...

Page 624: ...mples This is an example of output from the show mac address table address command Switch show mac address table address 0002 4b28 c482 Mac Address Table Vlan Mac Address Type Ports All 0002 4b28 c482 STATIC CPU Total Mac Addresses for this criterion 1 mac address Specify the 48 bit MAC address the valid format is H H H interface interface id Optional Display information for a specific interface V...

Page 625: ...e number of addresses present in all VLANs or the specified VLAN show mac address table dynamic Displays dynamic MAC address table entries only show mac address table interface Displays the MAC address table information for the specified interface show mac address table notification Displays the MAC address notification settings for all interfaces or the specified interface show mac address table ...

Page 626: ... sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show mac address table aging time command Switch show mac address table aging time Vlan Aging Time 1 300 This is an example of output from the show mac address table aging time vlan 10 command Switch show mac address ...

Page 627: ...ation for the specified MAC address show mac address table count Displays the number of addresses present in all VLANs or the specified VLAN show mac address table dynamic Displays dynamic MAC address table entries only show mac address table interface Displays the MAC address table information for the specified interface show mac address table notification Displays the MAC address notification se...

Page 628: ...ensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show mac address table count command Switch show mac address table count Mac Entries for Vlan 1 Dynamic Address Count 2 Static Address Count 0 Total Mac Addresses 2 vlan vlan id Optional Display the number of addresses ...

Page 629: ...me Displays the aging time in all VLANs or the specified VLAN show mac address table dynamic Displays dynamic MAC address table entries only show mac address table interface Displays the MAC address table information for the specified interface show mac address table notification Displays the MAC address notification settings for all interfaces or the specified interface show mac address table sta...

Page 630: ...t from the show mac address table dynamic command Switch show mac address table dynamic Mac Address Table Vlan Mac Address Type Ports 1 0030 b635 7862 DYNAMIC Gi6 0 2 1 00b0 6496 2741 DYNAMIC Gi6 0 2 Total Mac Addresses for this criterion 2 address mac address Optional Specify a 48 bit MAC address the valid format is H H H available in privileged EXEC mode only interface interface id Optional Spec...

Page 631: ...articular VLAN show mac address table address Displays MAC address table information for the specified MAC address show mac address table aging time Displays the aging time in all VLANs or the specified VLAN show mac address table count Displays the number of addresses present in all VLANs or the specified VLAN show mac address table interface Displays the MAC address table information for the spe...

Page 632: ... lines that contain Output appear Examples This is an example of output from the show mac address table interface command Switch show mac address table interface gigabitethernet6 0 2 Mac Address Table Vlan Mac Address Type Ports 1 0030 b635 7862 DYNAMIC Gi6 0 2 1 00b0 6496 2741 DYNAMIC Gi6 0 2 Total Mac Addresses for this criterion 2 interface id Specify an interface type valid interfaces include ...

Page 633: ...ime Displays the aging time in all VLANs or the specified VLAN show mac address table count Displays the number of addresses present in all VLANs or the specified VLAN show mac address table dynamic Displays dynamic MAC address table entries only show mac address table notification Displays the MAC address notification settings for all interfaces or the specified interface show mac address table s...

Page 634: ...ay the learning status on an individual VLAN Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show mac address table learning user EXEC command showing that MAC address learning is disabled on VLAN 200 Switch show mac address table learning VLAN ...

Page 635: ...witch show mac address table move update Switch ID 010b 4630 1780 Dst mac address 0180 c200 0010 Vlans Macs supported 1023 8320 Default Current settings Rcv Off On Xmt Off On Max packets per min Rcv 40 Xmt 60 Rcv packet count 10 Rcv conforming packet count 5 Rcv invalid packet count 0 Rcv packet count this min 0 Rcv threshold exceed count 0 Rcv last sequence this min 0 Rcv last interface Po2 Rcv l...

Page 636: ...Blade Switch 3120 for HP Cisco IOS Commands show mac address table move update Related Commands Command Description clear mac address table move update Clears the MAC address table move update counters mac address table move update receive transmit Configures MAC address table move update on the switch ...

Page 637: ...owed in the history table and the history table contents Use the interface keyword to display the flags for all interfaces If the interface id is included only the flags for that interface appear Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear interface Optional Display information for all i...

Page 638: ...02 Module 0 Port 1 Operation Added Vlan 2 MAC Addr 0000 0000 0003 Module 0 Port 1 History Index 2 Entry Timestamp 1074254 Despatch Timestamp 1074254 MAC Changed Message Operation Deleted Vlan 2 MAC Addr 0000 0000 0000 Module 0 Port 1 Operation Deleted Vlan 2 MAC Addr 0000 0000 0001 Module 0 Port 1 Operation Deleted Vlan 2 MAC Addr 0000 0000 0002 Module 0 Port 1 Operation Deleted Vlan 2 MAC Addr 00...

Page 639: ...c Address Table Vlan Mac Address Type Ports All 0100 0ccc cccc STATIC CPU All 0180 c200 0000 STATIC CPU All 0100 0ccc cccd STATIC CPU All 0180 c200 0001 STATIC CPU All 0180 c200 0004 STATIC CPU All 0180 c200 0005 STATIC CPU 4 0001 0002 0004 STATIC Drop 6 0001 0002 0007 STATIC Drop Total Mac Addresses for this criterion 8 address mac address Optional Specify a 48 bit MAC address the valid format is...

Page 640: ...s Displays MAC address table information for the specified MAC address show mac address table aging time Displays the aging time in all VLANs or the specified VLAN show mac address table count Displays the number of addresses present in all VLANs or the specified VLAN show mac address table dynamic Displays dynamic MAC address table entries only show mac address table interface Displays the MAC ad...

Page 641: ...e of output from the show mac address table vlan 1 command Switch show mac address table vlan 1 Mac Address Table Vlan Mac Address Type Ports 1 0100 0ccc cccc STATIC CPU 1 0180 c200 0000 STATIC CPU 1 0100 0ccc cccd STATIC CPU 1 0180 c200 0001 STATIC CPU 1 0180 c200 0002 STATIC CPU 1 0180 c200 0003 STATIC CPU 1 0180 c200 0005 STATIC CPU 1 0180 c200 0006 STATIC CPU 1 0180 c200 0007 STATIC CPU Total ...

Page 642: ...plays the aging time in all VLANs or the specified VLAN show mac address table count Displays the number of addresses present in all VLANs or the specified VLAN show mac address table dynamic Displays dynamic MAC address table entries only show mac address table interface Displays the MAC address table information for the specified interface show mac address table notification Displays the MAC add...

Page 643: ...from the show mls qos command when QoS is enabled and Differentiated Services Code Point DSCP transparency is disabled Switch show mls qos QoS is enabled QoS ip packet dscp rewrite is disabled This is an example of output from the show mls qos command when QoS is enabled and DSCP transparency is enabled Switch show mls qos QoS is enabled QoS ip packet dscp rewrite is enabled Related Commands begin...

Page 644: ...ter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show mls qos aggregate policer command Switch show mls qos aggregate policer policer1 aggregate policer policer1 1000000 2000000 exceed action drop Not used by any policy map Related Commands aggregate policer name Optional Display the policer confi...

Page 645: ...sitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show mls qos input queue command Switch show mls qos input queue Queue 1 2 buffers 90 10 bandwidth 4 4 priority 0 10 threshold1 100 100 threshold2 100 100 begin Optional Display begins with the line that matches the expre...

Page 646: ...between the ingress queues mls qos srr queue input cos map Maps assigned class of service CoS values to an ingress queue and assigns CoS values to a queue and to a threshold ID mls qos srr queue input dscp map Maps assigned Differentiated Services Code Point DSCP values to an ingress queue and assigns DSCP values to a queue and to a threshold ID mls qos srr queue input priority queue Configures th...

Page 647: ...tain Output appear interface id Optional Display QoS information for the specified port Valid interfaces include physical ports buffers Optional Display the buffer allocation among the queues queueing Optional Display the queueing strategy shared or shaped and the weights corresponding to the queues statistics Optional Display statistics for sent and received Differentiated Services Code Points DS...

Page 648: ...e qos mode port based This is an example of output from the show mls qos interface interface id buffers command Switch show mls qos interface gigabitethernet1 0 2 buffers GigabitEthernet1 0 2 The port is mapped to qset 1 The allocations between the queues are 25 25 25 25 This is an example of output from the show mls qos interface interface id queueing command The egress expedite queue overrides t...

Page 649: ... 0 0 50 54 0 0 0 0 0 55 59 0 0 0 0 0 60 64 0 0 0 0 cos incoming 0 4 132067 0 0 0 0 5 9 0 0 0 cos outgoing 0 4 739155 0 0 0 0 5 9 90 0 0 Policer Inprofile 0 OutofProfile 0 Table 2 32 show mls qos interface statistics Field Descriptions Field Description DSCP incoming Number of packets received for each DSCP value outgoing Number of packets sent for each DSCP value CoS incoming Number of packets rec...

Page 650: ...SCP values to an ingress queue or maps DSCP values to a queue and to a threshold ID mls qos srr queue input priority queue Configures the ingress priority queue and guarantees bandwidth mls qos srr queue input threshold Assigns WTD threshold percentages to an ingress queue mls qos srr queue output cos map Maps CoS values to an egress queue or maps CoS values to a queue and to a threshold ID mls qo...

Page 651: ...ix The d1 column specifies the most significant digit in the DSCP The d2 row specifies the least significant digit in the DSCP The intersection of the d1 and d2 values provides the policed DSCP the CoS or the mutated DSCP value For example in the DSCP to CoS map a DSCP value of 43 corresponds to a CoS value of 5 cos dscp Optional Display class of service CoS to DSCP map cos input q Optional Displa...

Page 652: ...mls qos maps command Switch show mls qos maps Policed dscp map d1 d2 0 1 2 3 4 5 6 7 8 9 0 00 01 02 03 04 05 06 07 08 09 1 10 11 12 13 14 15 16 17 18 19 2 20 21 22 23 24 25 26 27 28 29 3 30 31 32 33 34 35 36 37 38 39 4 40 41 42 43 44 45 46 47 48 49 5 50 51 52 53 54 55 56 57 58 59 6 60 61 62 63 Dscp cos map d1 d2 0 1 2 3 4 5 6 7 8 9 0 00 00 00 00 00 00 00 00 01 01 1 01 01 01 01 01 01 02 02 02 02 2 ...

Page 653: ... 1 1 1 1 1 1 1 1 1 1 2 1 1 1 1 1 Dscp dscp mutation map Default DSCP Mutation Map d1 d2 0 1 2 3 4 5 6 7 8 9 0 00 01 02 03 04 05 06 07 08 09 1 10 11 12 13 14 15 16 17 18 19 2 20 21 22 23 24 25 26 27 28 29 3 30 31 32 33 34 35 36 37 38 39 4 40 41 42 43 44 45 46 47 48 49 5 50 51 52 53 54 55 56 57 58 59 6 60 61 62 63 Related Commands Command Description mls qos map Defines the CoS to DSCP map DSCP to C...

Page 654: ...e show mls qos queue set command Switch show mls qos queue set Queueset 1 Queue 1 2 3 4 buffers 25 25 25 25 threshold1 100 200 100 100 threshold2 100 200 100 100 reserved 50 50 50 50 maximum 400 400 400 400 Queueset 2 Queue 1 2 3 4 buffers 25 25 25 25 threshold1 100 200 100 100 threshold2 100 200 100 100 reserved 50 50 50 50 maximum 400 400 400 400 qset id Optional ID of the queue set Each port be...

Page 655: ...sco IOS Commands show mls qos queue set Related Commands Command Description mls qos queue set output buffers Allocates buffers to the queue set mls qos queue set output threshold Configures the weighted tail drop WTD thresholds guarantees the availability of buffers and configures the maximum memory allocation of the queue set ...

Page 656: ...nter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show mls qos vlan command Switch show mls qos vlan 10 Vlan10 Attached policy map for Ingress pm test pm 2 Related Commands vlan id Specify the VLAN ID of the SVI to display the policy maps The range is 1 to 4094 begin Optional Display begins with t...

Page 657: ...how monitor session all command session Optional Display information about specified SPAN sessions session_number Specify the number of the SPAN or RSPAN session The range is 1 to 66 all Display all SPAN sessions local Display only local SPAN sessions range list Display a range of SPAN sessions where list is the range of valid sessions either a single session or a range of sessions described by tw...

Page 658: ...put for the show monitor user EXEC command for local SPAN source session 1 Switch show monitor session 1 Session 1 Type Local Session Source Ports RX Only Gi4 0 1 Both Gi4 0 2 3 Gi4 0 5 6 Destination Ports Gi4 0 10 Encapsulation Replicate Ingress Disabled This is an example of output for the show monitor session all user EXEC command when ingress traffic forwarding is enabled Switch show monitor s...

Page 659: ... Switch 3120 for HP Command Reference OL 12248 03 Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands show monitor Related Commands Command Description monitor session Starts or modifies a SPAN or RSPAN session ...

Page 660: ...at contain Output appear Examples This is an example of output from the show mvr command Switch show mvr MVR Running TRUE MVR multicast VLAN 1 MVR Max Multicast Groups 256 MVR Current multicast groups 0 MVR Global query response time 5 tenths of sec MVR Mode compatible In the preceding display the maximum number of multicast groups is fixed at 256 The MVR mode is either compatible for interoperabi...

Page 661: ... multicast VLAN registration on the switch mvr interface configuration Configures MVR ports show mvr interface Displays the configured MVR interfaces status of the specified interface or all multicast groups to which the interface belongs when the interface and members keywords are appended to the command show mvr members Displays all ports that are members of an MVR multicast group or if there ar...

Page 662: ...group members in the VLAN appear Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show mvr interface command Switch show mvr interface Port Type Status Immediate Leave Gi1 0 1 SOURCE ACTIVE UP DISABLED Gi1 0 2 RECEIVER ACTIVE DOWN DISABLED interf...

Page 663: ...ve DISABLED This is an example of output from the show mvr interface interface id members command Switch show mvr interface gigabitethernet1 0 2 members 239 255 0 0 DYNAMIC ACTIVE 239 255 0 1 DYNAMIC ACTIVE 239 255 0 2 DYNAMIC ACTIVE 239 255 0 3 DYNAMIC ACTIVE 239 255 0 4 DYNAMIC ACTIVE 239 255 0 5 DYNAMIC ACTIVE 239 255 0 6 DYNAMIC ACTIVE 239 255 0 7 DYNAMIC ACTIVE 239 255 0 8 DYNAMIC ACTIVE 239 ...

Page 664: ...he show mvr members command Switch show mvr members MVR Group IP Status Members 239 255 0 1 ACTIVE Gi1 0 1 d Gi1 0 5 s 239 255 0 2 INACTIVE None 239 255 0 3 INACTIVE None 239 255 0 4 INACTIVE None 239 255 0 5 INACTIVE None 239 255 0 6 INACTIVE None 239 255 0 7 INACTIVE None 239 255 0 8 INACTIVE None 239 255 0 9 INACTIVE None 239 255 0 10 INACTIVE None output truncated ip address Optional The IP mu...

Page 665: ...mbers 239 255 0 2 239 255 003 22 ACTIVE Gi1 1 d Gi1 0 2 d Gi1 0 3 d Gi1 0 4 d Gi1 0 5 s Related Commands Command Description mvr global configuration Enables and configures multicast VLAN registration on the switch mvr interface configuration Configures MVR ports show mvr Displays the global MVR configuration on the switch show mvr interface Displays the configured MVR interfaces status of the spe...

Page 666: ... network policy profile Network Policy Profile 10 voice vlan 17 cos 4 Interface none Network Policy Profile 30 voice vlan 30 cos 5 Interface none Network Policy Profile 36 voice vlan 4 cos 3 Interface Interface_id profile number Optional Display the network policy profile number If no profile is entered all network policy profiles appear detail Optional Display detailed status and statistics infor...

Page 667: ...P Cisco IOS Commands show network policy profile Related Commands Command Description network policy Applies a network policy to an interface network policy profile global configuration Creates the network policy profile network policy profile network policy configuration Configures the attributes of network policy profiles ...

Page 668: ...bitEthernet1 2 attachment suppress interface Display attachment suppress interfaces capability Display switch capabilities including the supported services and subservices notification interval Display the notification intervals of the supported services statistics connection summary Display the NMSP statistics information connection display the message counters on each connection summary display ...

Page 669: ...tistics connection and show nmsp statistics summary commands Switch show nmsp statistics connection NMSP Connection Counters Connection 1 Connection status UP Freed connection 0 Tx message count Rx message count Subscr Resp 1 Subscr Req 1 Capa Notif 1 Capa Notif 1 Atta Resp 1 Atta Req 1 Atta Notif 0 Loc Resp 1 Loc Req 1 Loc Notif 0 Unsupported msg 0 Switch show nmsp statistics summary NMSP Global ...

Page 670: ...ption summary commands Switch show nmsp subscription detail Mobility Services Subscribed by 172 19 35 109 Services Subservices Attachment Wired Station Location Subscription Switch show nmsp subscription summary Mobility Services Subscribed MSE IP Address Services 172 19 35 109 Attachment Location Related Commands Command Description clear nmsp statistics Clears the NMSP statistic counters nmsp En...

Page 671: ...lines that contain output do not appear but the lines that contain Output are appear Examples This is an example of output from the show pagp 1 counters command Switch show pagp 1 counters Information Flush Port Sent Recv Sent Recv Channel group 1 Gi1 0 1 45 42 0 0 Gi1 0 2 45 41 0 0 channel group number Optional Number of the channel group The range is 1 to 64 counters Display traffic information ...

Page 672: ...is is an example of output from the show pagp 1 neighbor command Switch show pagp 1 neighbor Flags S Device is sending Slow hello C Device is in Consistent state A Device is in Auto mode P Device learns on physical port Channel group 1 neighbors Partner Partner Partner Partner Group Port Name Device ID Port Age Flags Cap Gi1 0 1 switch p2 0002 4b29 4600 Gi01 1 9s SC 10001 Gi1 0 2 switch p2 0002 4b...

Page 673: ...orm and the software image running on the switch Switch show parser macro Total number of macros 6 Macro name cisco global Macro type default global Enable dynamic port error recovery for link state failures errdisable recovery cause link flap errdisable recovery interval 60 output truncated Macro name cisco desktop Macro type default interface macro keywords AVID Basic interface Enable data VLAN ...

Page 674: ... default interface macro keywords NVID Access Uplink to Distribution Do not apply to EtherChannel Port Group Define unique Native VLAN on trunk ports Recommended value for native vlan NVID should not be 1 switchport trunk native vlan NVID output truncated Macro name cisco router Macro type default interface macro keywords NVID Access Uplink to Distribution Define unique Native VLAN on trunk ports ...

Page 675: ...escription Global Macro s cisco global Interface Macro Description s Gi1 0 1 standard switch10 Gi0 2 this is test macro This is an example of output from the show parser description interface command Switch show parser macro description interface gigabitethernet1 0 2 Interface Macro Description Gi1 0 2 this is test macro Related Commands Command Description macro apply Applies a macro on an interf...

Page 676: ...User EXEC Command History Usage Guidelines Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show policy map command Switch show policy map Policy Map videowizard_policy2 class videowizard_10 10 10 10 set dscp 34 police 100000000 2000000 exceed ac...

Page 677: ... Reference OL 12248 03 Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands show policy map Related Commands Command Description policy map Creates or modifies a policy map that can be attached to multiple ports to specify a service policy ...

Page 678: ...ll the MAC addresses for an interface even if you have not enabled port security on it If you enter the vlan keyword the command displays the configured maximum and the current number of secure MAC addresses for all VLANs on the interface This option is visible only on interfaces that have the switchport mode set to trunk Expressions are case sensitive For example if you enter exclude output the l...

Page 679: ... Absolute SecureStatic address aging Disabled Security Violation count 0 This is an example of output from the show port security address command Switch show port security address Secure Mac Address Table Vlan Mac Address Type Ports Remaining Age mins 1 0006 0700 0800 SecureConfigured Gi1 0 2 1 Total Addresses in System excluding one mac per port 1 Max Addresses limit in System excluding one mac p...

Page 680: ...rt security Related Commands Command Description clear port security Deletes from the MAC address table a specific type of secure address or all the secure addresses on the switch or an interface switchport port security Enables port security on a port restricts the use of the port to a user defined group of stations and configures secure MAC addresses ...

Page 681: ...mplate represent an approximate maximum number for each feature resource The actual number might vary depending on the actual number of other features configured Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear access Optional Display the template that maximizes system resources for ACLs defa...

Page 682: ...mplate The selected template optimizes the resources in the switch to support this level of features for 8 routed interfaces and 1024 VLANs number of unicast mac addresses 6K number of igmp groups multicast routes 1K number of unicast routes 8K number of directly connected hosts 6K number of indirect routes 2K number of policy based routing aces 0 number of qos aces 0 5K number of security aces 1K...

Page 683: ...IPv6 security aces 0 5K This is an example of output from the show sdm prefer vlan command Switch show sdm prefer vlan desktop vlan template The selected template optimizes the resources in the switch to support this level of features for 8 routed interfaces and 1024 VLANs number of unicast mac addresses 12K number of IPv4 IGMP groups 1K number of IPv4 multicast routes 0 number of IPv4 unicast rou...

Page 684: ...isco Catalyst Blade Switch 3120 for HP Cisco IOS Commands show sdm prefer Related Commands Command Description sdm prefer Sets the SDM template to maximize resources for routing or VLANs or to the default template to select a dual IPv4 and IPv6 template or to select the desktop templates ...

Page 685: ...d Command Modes Privileged EXEC Command History Examples This is an example of output from the show setup express command Switch show setup express express setup mode is active Related Commands begin Optional Display begins with the line that matches the expression exclude Optional Display excludes lines that match the expression include Optional Display includes lines that match the specified exp...

Page 686: ...ency portfast priority rootcost state begin exclude include expression show spanning tree mst configuration digest instance id detail interface interface id detail begin exclude include expression Syntax Description bridge group Optional Specify the bridge group number The range is 1 to 255 active detail Optional Display spanning tree information only on active interfaces available only in privile...

Page 687: ...ation until the port returns to the forwarding state or ceases to be designated instance id You can specify a single instance ID a range of IDs separated by a hyphen or a series of IDs separated by a comma The range is 1 to 4094 The display shows the number of currently configured instances interface interface id Optional Valid interfaces include physical ports VLANs and port channels The VLAN ran...

Page 688: ...inkfast enabled Interface Role Sts Cost Prio Nbr Type Gi2 0 1 Root FWD 3019 128 24 P2p output truncated This is an example of output from the show spanning tree detail command Switch show spanning tree detail VLAN0001 is executing the ieee compatible Spanning Tree protocol Bridge Identifier has priority 49152 sysid 1 address 0003 fd63 9580 Configured hello time 2 max age 20 forward delay 15 Curren...

Page 689: ... tree summary Switch is in pvst mode Root bridge for none EtherChannel misconfiguration guard is enabled Extended system ID is enabled Portfast is disabled by default PortFast BPDU Guard is disabled by default Portfast BPDU Filter is disabled by default Loopguard is disabled by default UplinkFast is enabled BackboneFast is enabled Pathcost method used is short Name Blocking Listening Learning Forw...

Page 690: ...t to point auto bpdu filter disable default Boundary boundary STP bpdu guard disable default Bpdus sent 5 received 74 Instance role state cost prio vlans mapped 0 root FWD 200000 128 1 12 14 4094 This is an example of output from the show spanning tree mst 0 command Switch show spanning tree mst 0 MST00 vlans mapped 1 9 21 4094 Bridge address 0002 4b29 7a00 priority 32768 32768 sysid 0 Root addres...

Page 691: ...n mode through which the MST region configuration occurs spanning tree mst cost Sets the path cost for MST calculations spanning tree mst forward time Sets the forward delay time for all MST instances spanning tree mst hello time Sets the interval between hello BPDUs sent by root switch configuration messages spanning tree mst max age Sets the interval between messages that the spanning tree recei...

Page 692: ...e output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of a partial output from the show storm control command when no keywords are entered Because no traffic type keyword was entered the broadcast storm control settings appear Switch show storm control Interface Filter State Upper Lower Current Gi1 0 1 Forwarding 20 pps 10 pps 5 p...

Page 693: ... Displays the ID of the interface Filter State Displays the status of the filter Blocking Storm control is enabled and a storm has occurred Forwarding Storm control is enabled and no storms have occurred Inactive Storm control is disabled Upper Displays the rising suppression level as a percentage of total available bandwidth in packets per second or in bits per second Lower Displays the falling s...

Page 694: ...splay information for the specified stack member The range is 1 to 9 chassis mgmt Optional Display information about the enclosures in which the stack members are installed detail Optional Display detailed information about the stack ring neighbors Optional Display the neighbors for the entire switch stack stack ports summary Optional Display port information for the entire switch stack Use the su...

Page 695: ...ster Provisioned The state of a preconfigured switch before it becomes an active member of a switch stack or the state of a stack member after it has left the switch stack The MAC address and the priority number in the display are always 0 for the provisioned switch A typical state transition for a stack member including a stack master booting up is Waiting Initializing Ready A typical state trans...

Page 696: ...ation Switch show switch 6 Current Switch Role Mac Address Priority State 6 Member 0003 e31a 1e00 1 Ready This example shows the neighbor information for a stack Switch show switch neighbors Switch Port A Port B 6 None 8 8 6 None This example shows stack port information Switch show switch stack ports Switch Port A Port B 6 Down Ok 8 Ok Down Table 2 34 shows the output for the show switch stack po...

Page 697: ...not be connected or the link might be unreliable Li nk OK This shows if the link is stable The link partner is a stack port on a neighbor switch No The link partner receives invalid protocol messages from the port Yes The link partner receives valid protocol messages from the port Link Active This shows if the stack port is in the same state as its link partner No The port cannot send traffic to t...

Page 698: ...020901 90833 101680 0 2213414 2 1 52 0 0 0 52 Switch 2 Total 2213466 Total frames sent to stack ring 5818507 Note these counts do not include frames sent to the ring by certain output features such as output SPAN and output ACLs Related Commands Command Description reload Reloads the stack member and puts a configuration change into effect remote command Monitors all or specified stack members ses...

Page 699: ...e MTU values see the system mtu command Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show system mtu command Switch show system mtu System MTU size is 1500 bytes System Jumbo MTU size is 1500 bytes On next reload System Jumbo MTU will be 9198...

Page 700: ...nd UDLD detects that the link is bidirectional Switch show udld gigabitethernet2 0 1 Interface gi2 0 1 Port enable administrative configuration setting Follows device default Port enable operational state Enabled Current bidirectional state Bidirectional Current operational state Advertisement Single Neighbor detected Message interval 60 Time out interval 5 Entry 1 Expiration time 146 Device ID 1 ...

Page 701: ...rval How often advertisement messages are sent from the local device Measured in seconds Time out interval The time period in seconds that UDLD waits for echoes from a neighbor device during the detection window Entry 1 Information from the first cache entry which contains a copy of echo information received from the neighbor Expiration time The amount of time in seconds remaining before this cach...

Page 702: ...mands Command Description udld Enables aggressive or normal mode in UDLD or sets the configurable message timer time udld port Enables UDLD on an individual interface or prevents a fiber optic interface from being enabled by the udld global configuration command udld reset Resets all interfaces shutdown by UDLD and permits traffic to begin passing through them again ...

Page 703: ...tch show version Cisco IOS Software CBS31X0 Software CBS31X0 UNIVERSAL M Version 12 2 40 EX2 RELEASE SOFTWARE fc1 Copyright c 1986 2007 by Cisco Systems Inc Compiled Fri 05 Oct 07 01 05 by myl Image text base 0x00003000 data base 0x02000000 ROM Bootstrap program is CBS31X0 boot loader BOOTLDR CBS31X0 Boot Loader C31X0 HBOOT M Version 12 2 40r EX2 RELEASE SOFTWARE fc1 Switch uptime is 4 days 19 hou...

Page 704: ...mber 73 10920 04 Motherboard serial number FHH11270015 Motherboard revision number 04 Model number WS CBS3130X S System serial number FHH1128P00F Hardware Board Revision Number 0x00 Switch Ports Model SW Version SW Image 1 28 WS CBS3130X S 12 2 40 EX2 CBS31X0 UNIVERSAL M 2 28 WS CBS3130X S 12 2 40 EX2 CBS31X0 UNIVERSAL M Switch 02 Switch Uptime 4 days 19 hours 18 minutes Base ethernet MAC Address ...

Page 705: ...ended range VLAN IDs 1006 to 4094 and you cannot create VLANs with these IDS by using the vlan global configuration command until you remove them from internal use mtu Optional Display a list of VLANs and the minimum and maximum transmission unit MTU sizes configured on ports in the VLAN name vlan name Optional Display information about a single VLAN identified by VLAN name The VLAN name is an ASC...

Page 706: ...mary and secondary VLANs and then delete the secondary VLAN configuration without removing the association from the primary VLAN the VLAN that was the secondary VLAN is shown as normal in the display In the show vlan private vlan output the primary and secondary VLAN pair is shown as non operational Expressions are case sensitive For example if you enter exclude output the lines that contain outpu...

Page 707: ...3 0 14 Gi3 0 1 Table 2 36 show vlan Command Output Fields Field Description VLAN VLAN number Name Name if configured of the VLAN Status Status of the VLAN active or suspend Ports Ports that belong to the VLAN Type Media type of the VLAN SAID Security association ID value for the VLAN MTU Maximum transmission unit size for the VLAN Parent Parent VLAN if one exists RingNo Ring number for the VLAN if...

Page 708: ...nded VLANs 0 This is an example of output from the show vlan id command Switch show vlan id 2 VLAN Name Status Ports 2 VLAN0200 active Gi1 0 7 Gi1 0 8 2 VLAN0200 active Gi2 0 1 Gi2 0 2 VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 2 enet 100002 1500 0 0 Remote SPAN VLAN Disabled This is an example of output from the show vlan internal usage command It shows that VLANs 1025 a...

Page 709: ...a VLAN as a community isolated or primary VLAN or associates a primary VLAN with secondary VLANs switchport mode Configures the VLAN membership mode of a port vlan global configuration Enables VLAN configuration mode where you can configure VLANs 1 to 4094 vlan VLAN configuration Configures VLAN characteristics in the VLAN database Only available for normal range VLANs VLAN IDs 1 to 1005 Do not en...

Page 710: ...mple of output from the show vlan access map command Switch show vlan access map Vlan access map SecWiz 10 Match clauses ip address SecWiz_Gi0_3_in_ip ip address SecWiz_Fa10_3_in_ip Action forward Related Commands mapname Optional Name of a specific VLAN access map begin Optional Display begins with the line that matches the expression exclude Optional Display excludes lines that match the express...

Page 711: ... the show vlan filter command Switch show vlan filter VLAN Map map_1 is filtering VLANs 20 22 Related Commands access map name Optional Display filtering information for the specified VLAN access map vlan vlan id Optional Display filtering information for the specified VLAN The range is 1 to 4094 begin Optional Display begins with the line that matches the expression exclude Optional Display exclu...

Page 712: ...t contain Output appear Examples This is an example of output from the show vmps command Switch show vmps VQP Client Status VMPS VQP Version 1 Reconfirm Interval 60 min Server Retry Count 3 VMPS domain server Reconfirmation status VMPS Action other This is an example of output from the show vmps statistics command Table 2 37 describes each field in the display Switch show vmps statistics VMPS Clie...

Page 713: ...the VMPS for each new packet received from this workstation The client ages the address if no new packets are received from this workstation on this port within the aging time period VQP Wrong Domain Number of times the management domain in the request does not match the one for the VMPS Any previous VLAN assignments of the port are not changed This response means that the server and the client ha...

Page 714: ...bset advertisements received 0 Request advertisements received 0 Summary advertisements transmitted 0 Subset advertisements transmitted 0 Request advertisements transmitted 0 Number of config revision errors 0 Number of config digest errors 0 Number of V1 summary errors 0 VTP pruning statistics Trunk Join Transmitted Join Received Summary advts received from non pruning capable device Gi1 0 47 0 0...

Page 715: ...ent by this switch on its trunk ports Subset advertisements contain all the information for one or more VLANs Request advertisements transmitted Number of advertisement requests sent by this switch on its trunk ports Advertisement requests normally request information on all VLANs They can also request information on a subset of VLANs Number of configuration revision errors Number of revision erro...

Page 716: ... that at least one neighboring switch is either running VTP Version 1 or VTP Version 2 with V2 mode disabled To solve this problem change the configuration of the switches in VTP V2 mode to disabled Join Transmitted Number of VTP pruning messages sent on the trunk Join Received Number of VTP pruning messages received on the trunk Summary Advts Received from non pruning capable device Number of VTP...

Page 717: ...he switch receives VTP advertisements and forwards them on all trunk ports except the one on which the advertisement was received VTP Domain Name Name that identifies the administrative domain for the switch VTP Pruning Mode Displays whether pruning is enabled or disabled Enabling pruning on a VTP server enables pruning for the entire management domain Pruning restricts flooded traffic to those tr...

Page 718: ...2 688 Cisco Catalyst Blade Switch 3120 for HP Command Reference OL 12248 03 Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands show vtp ...

Page 719: ...igned to a VLAN that has been deleted suspended or shut down The port must first be a member of an active VLAN before it can be re enabled The shutdown command disables all functions on the specified interface This command also marks the interface as unavailable To see if an interface is disabled use the show interfaces privileged EXEC command An interface that has been shut down is shown as admin...

Page 720: ...ation in the VTP database The command shuts down local traffic but the switch still advertises VTP information Examples This example shows how to shut down traffic on VLAN 2 Switch config shutdown vlan 2 You can verify your setting by entering the show vlan privileged EXEC command Related Commands vlan id ID of the VLAN to be locally shut down The range is 2 to 1001 VLANs defined as default VLANs ...

Page 721: ...bled when it receives small frames Small frames are considered packets that are 67 frames or less Use the errdisable detect cause small frame global configuration command to globally enable the small frames threshold for each port You can configure the port to be automatically re enabled by using the errdisable recovery cause small frame global configuration command You configure the recovery time...

Page 722: ...nds Command Description errdisable detect cause small frame Allows any switch port to be put into the error disabled state if an incoming frame is smaller than the minimum size and arrives at the specified rate threshold errdisable recovery cause small frame Enables the recovery timer show interfaces Displays the interface settings on the switch including input and output flow control ...

Page 723: ...ency loop inconsistency syslog tty vlan membership vlancreate vlandelete vtp no snmp server enable traps bgp bridge newroot topologychange cluster config copy config cpu threshold dot1x auth fail vlan guest vlan no auth fail vlan no guest vlan entity envmon fan shutdown status supply temperature flash insertion removal fru ctrl hsrp ipmulticast mac notification msdp ospf cisco specific errors lsa ...

Page 724: ...P environmental status change traps supply Optional Enable environmental monitor power supply traps temperature Optional Enable environmental monitor temperature traps flash insertion removal Optional Enable SNMP FLASH notifications The keywords have these meanings insertion Optional Generate a trap when a switch flash is inserted into a stack either physically or because of a power cycle or reloa...

Page 725: ...default is 0 no limit imposed a trap is sent at every occurrence rtr Optional Enable SNMP Response Time Reporter traps snmp authentication coldstart linkdown linkup warmstart Optional Enable SNMP traps The keywords have these meanings authentication Optional Enable authentication trap coldstart Optional Enable cold start trap linkdown Optional Enable linkdown trap linkup Optional Enable linkup tra...

Page 726: ...mmand for each trap type Examples This example shows how to send VTP traps to the NMS Switch config snmp server enable traps vtp You can verify your setting by entering the show vtp status or the show running config privileged EXEC command Related Commands Release Modification 12 2 40 EX1 This command was introduced 12 2 46 SE The dot1x auth fail vlan guest vlan no auth fail vlan no guest vlan key...

Page 727: ...e targeted recipient udp port port Optional Configure the User Datagram Protocol UDP port number of the host to receive the traps The range is 0 to 65535 informs traps Optional Send SNMP traps or informs to this host version 1 2c 3 Optional Version of the SNMP used to send the traps These keywords are supported 1 SNMPv1 This option is not available with informs 2c SNMPv2C 3 SNMPv3 These optional k...

Page 728: ...P copy configuration traps cpu threshold Allow CPU related traps entity Send SNMP entity traps envmon Send environmental monitor traps flash Send SNMP FLASH notifications fru ctrl Send entity FRU control traps In the switch stack this trap refers to the insertion or removal of a switch in the stack hsrp Send SNMP Hot Standby Router Protocol HSRP traps ipmulticast Send SNMP IP multicast routing tra...

Page 729: ...onse is received or the request times out Traps are also sent only once but an inform might be retried several times The retries increase traffic and contribute to a higher overhead on the network If you do not enter an snmp server host command no notifications are sent To configure the switch to send SNMP notifications you must enter at least one snmp server host command If you enter the command ...

Page 730: ...access Switch config access list 10 deny any This example shows how to send the SNMP traps to the host specified by the name myhost cisco com The community string is defined as comaccess Switch config snmp server enable traps Switch config snmp server host myhost cisco com comaccess snmp This example shows how to enable the switch to send all traps to the host myhost cisco com by using the communi...

Page 731: ...des Interface configuration Command History Usage Guidelines Even though you enable the notification trap for a specific interface by using the snmp trap mac notification command the trap is generated only when you enable the snmp server enable traps mac notification and the mac address table notification global configuration commands Examples This example shows how to enable the MAC notification ...

Page 732: ... table notification Clears the MAC address notification global counters mac address table notification Enables the MAC address notification feature show mac address table notification Displays the MAC address notification settings for all interfaces or on the specified interface when the interface keyword is appended snmp server enable traps Sends the SNMP MAC notification traps when the mac notif...

Page 733: ...clares itself as both the root bridge and the designated switch When a switch receives an inferior BPDU it means that a link to which the switch is not directly connected an indirect link has failed that is the designated switch has lost its connection to the root switch If there are alternate paths to the root switch BackboneFast causes the maximum aging time on the interfaces on which it receive...

Page 734: ...PVST rapid PVST or the multiple spanning tree MST mode Caution Enabling BPDU filtering on an interface is the same as disabling spanning tree on it and can result in spanning tree loops You can globally enable BPDU filtering on all Port Fast enabled interfaces by using the spanning tree portfast bpdufilter default global configuration command You can use the spanning tree bpdufilter interface conf...

Page 735: ... 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod _command_reference_list html Select the Cisco IOS Commands Master List Release 12 2 to navigate to the command spanning tree portfast global configuration Globally enables the BPDU filtering or the BPDU guard feature on Port Fast enabled interface or enables the Port Fast feature on all nontrunking inter...

Page 736: ...ure in a service provider network to prevent an interface from being included in the spanning tree topology You can enable the BPDU guard feature when the switch is operating in the per VLAN spanning tree plus PVST rapid PVST or the multiple spanning tree MST mode You can globally enable BPDU guard on all Port Fast enabled interfaces by using the spanning tree portfast bpduguard default global con...

Page 737: ...12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod _command_reference_list html Select the Cisco IOS Commands Master List Release 12 2 to navigate to the command spanning tree portfast global configuration Globally enables the BPDU filtering or the BPDU guard feature on Port Fast enabled interfaces or enables the Port Fast feature on all nontrunking inter...

Page 738: ...nes When you configure the cost higher values represent higher costs If you configure an interface with both the spanning tree vlan vlan id cost cost command and the spanning tree cost cost command the spanning tree vlan vlan id cost cost command takes effect Examples This example shows how to set the path cost to 250 on a port Switch config interface gigabitethernet2 0 1 Switch config if spanning...

Page 739: ...co IOS Commands spanning tree cost Related Commands Command Description show spanning tree interface interface id Displays spanning tree information for the specified interface spanning tree port priority Configures an interface priority spanning tree vlan priority Sets the switch priority for the specified spanning tree instance ...

Page 740: ...e appears PM 4 ERR_DISABLE Channel misconfig error detected on chars putting chars in err disable state To show switch ports that are in the misconfigured EtherChannel use the show interfaces status err disabled privileged EXEC command To verify the EtherChannel configuration on a remote device use the show etherchannel summary privileged EXEC command on the remote device When a port is in the err...

Page 741: ...isconfig Related Commands Command Description errdisable recovery cause channel misconfig Enables the timer to recover from the EtherChannel misconfiguration error disabled state show etherchannel summary Displays EtherChannel information for a channel as a one line summary per channel group show interfaces status err disabled Displays the interfaces in the error disabled state ...

Page 742: ...er for the multiple spanning tree MST The spanning tree uses the extended system ID the switch priority and the allocated spanning tree MAC address to make the bridge ID unique for each VLAN or multiple spanning tree instance Because the switch stack appears as a single switch to the rest of the network all switches in the stack use the same bridge ID for a given spanning tree If the stack master ...

Page 743: ... spanning tree extend system id Related Commands Command Description show spanning tree summary Displays a summary of spanning tree interface states spanning tree mst root Configures the MST root switch priority and timers based on the network diameter spanning tree vlan priority Sets the switch priority for the specified spanning tree instance ...

Page 744: ...d as the root port the interface transitions to the root inconsistent blocked state to prevent the customer s switch from becoming the root switch or being in the path to the root The root port provides the best path from the switch to the root switch When the no spanning tree guard or the no spanning tree guard none command is entered root guard is disabled for all VLANs on the selected interface...

Page 745: ...associated with the specified port Switch config interface gigabitethernet2 0 2 Switch config if spanning tree guard loop You can verify your settings by entering the show running config privileged EXEC command Related Commands Command Description show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing pa...

Page 746: ...a shared link Command Modes Interface configuration Command History Usage Guidelines You can override the default setting of the link type by using the spanning tree link type command For example a half duplex link can be physically connected point to point to a single interface on a remote switch running the Multiple Spanning Tree Protocol MSTP or the rapid per VLAN spanning tree plus rapid PVST ...

Page 747: ...escription clear spanning tree detected protocols Restarts the protocol migration process force the renegotiation with neighboring switches on all interfaces or on the specified interface show spanning tree interface interface id Displays spanning tree state information for the specified interface show spanning tree mst interface interface id Displays MST information for the specified interface ...

Page 748: ...le spanning tree MST mode Loop guard is most effective when it is configured on the entire switched network When the switch is operating in PVST or rapid PVST mode loop guard prevents alternate and root ports from becoming designated ports and spanning tree does not send bridge protocol data units BPDUs on root or alternate ports When the switch is operating in MST mode BPDUs are not sent on nonbo...

Page 749: ...ng config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_co mmand_reference_list html Select the Cisco IOS Commands Master List Release 12 2 to navigate to the command spanning tree guard loop Enables the loop guard feature on all the VLANs associated wi...

Page 750: ...ion can be active at any time All VLANs run PVST all VLANs run rapid PVST or all VLANs run MSTP All stack members run the same version of spanning tree When you enable the MST mode RSTP is automatically enabled Caution Changing spanning tree modes can disrupt traffic because all spanning tree instances are stopped for the previous mode and restarted in the new mode Examples This example shows to e...

Page 751: ...de Related Commands Command Description show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_comm and_reference_list html Select the Cisco IOS Commands Master List Release 12 2 to navigate to the command ...

Page 752: ...se configuration commands are available abort exits the MST region configuration mode without applying configuration changes exit exits the MST region configuration mode and applies all configuration changes instance instance id vlan vlan range maps VLANs to an MST instance The range for the instance id is 1 to 4094 The range for vlan range is 1 to 4094 You can specify a single VLAN identified by ...

Page 753: ...r MST configuration mode map VLANs 10 to 20 to MST instance 1 name the region region1 set the configuration revision to 1 display the pending configuration apply the changes and return to global configuration mode Switch spanning tree mst configuration Switch config mst instance 1 vlan 10 20 Switch config mst name region1 Switch config mst revision 1 Switch config mst show pending Pending MST conf...

Page 754: ...e interface bandwidth setting These are the IEEE default path cost values 1000 Mb s 20000 100 Mb s 200000 10 Mb s 2000000 Command Modes Interface configuration Command History Usage Guidelines When you configure the cost higher values represent higher costs Examples This example shows how to set a path cost of 250 on a port associated with instances 2 and 4 Switch config interface gigabitethernet1...

Page 755: ...OS Commands spanning tree mst cost Related Commands Command Description show spanning tree mst interface interface id Displays MST information for the specified interface spanning tree mst port priority Configures an interface priority spanning tree mst priority Configures the switch priority for the specified spanning tree instance ...

Page 756: ...ation Command History Usage Guidelines Changing the spanning tree mst forward time command affects all spanning tree instances Examples This example shows how to set the spanning tree forwarding time to 18 seconds for all MST instances Switch config spanning tree mst forward time 18 You can verify your setting by entering the show spanning tree mst privileged EXEC command Related Commands seconds ...

Page 757: ...the specified interval the switch recomputes the spanning tree topology The max age setting must be greater than the hello time setting Changing the spanning tree mst hello time command affects all spanning tree instances Examples This example shows how to set the spanning tree hello time to 3 seconds for all multiple spanning tree MST instances Switch config spanning tree mst hello time 3 You can...

Page 758: ... if a switch does not receive BPDUs from the root switch within the specified interval the switch recomputes the spanning tree topology The max age setting must be greater than the hello time setting Changing the spanning tree mst max age command affects all spanning tree instances Examples This example shows how to set the spanning tree max age to 30 seconds for all multiple spanning tree MST ins...

Page 759: ...ining hop count by one and propagates the decremented count as the remaining hop count in the generated M records A switch discards the BPDU and ages the information held for the interface when the count reaches 0 Changing the spanning tree mst max hops command affects all spanning tree instances Examples This example shows how to set the spanning tree max hops to 10 for all multiple spanning tree...

Page 760: ... other interfaces If your switch is a member of a switch stack you must use the spanning tree mst instance id cost cost interface configuration command instead of the spanning tree mst instance vlan id port priority priority interface configuration command to select an interface to put in the forwarding state Assign lower cost values to interfaces that you want selected first and higher cost value...

Page 761: ...OS Commands spanning tree mst port priority Related Commands Command Description show spanning tree mst interface interface id Displays MST information for the specified interface spanning tree mst cost Sets the path cost for MST calculations spanning tree mst priority Sets the switch priority for the specified spanning tree instance ...

Page 762: ...ternal spanning tree CIST runs on this interface Note If a switch port is connected to a switch running prestandard Cisco IOS software you must use the spanning tree mst pre standard interface configuration command on the port If you do not configure the port to send only prestandard BPDUs the Multiple STP MSTP performance might diminish When the port is configured to automatically detect prestand...

Page 763: ...ings by entering the show spanning tree mst instance id privileged EXEC command Related Commands instance id Range of spanning tree instances You can specify a single instance a range of instances separated by a hyphen or a series of instances separated by a comma The range is 0 to 4094 priority priority Set the switch priority for the specified spanning tree instance This setting affects the like...

Page 764: ...the spanning tree instance Because of the extended system ID support the switch sets the switch priority for the instance to 24576 if this value will cause this switch to become the root for the specified instance If any root switch for the specified instance has a switch priority lower than 24576 the switch sets its own priority to 4096 less than the lowest switch priority 4096 is the value of th...

Page 765: ...ter of 4 Switch config spanning tree mst 10 root primary diameter 4 This example shows how to configure the switch as the secondary root switch for instance 10 with a network diameter of 4 Switch config spanning tree mst 10 root secondary diameter 4 You can verify your settings by entering the show spanning tree mst instance id privileged EXEC command Related Commands Command Description show span...

Page 766: ...mmand and the spanning tree port priority priority command the spanning tree vlan vlan id port priority priority command takes effect If your switch is a member of a switch stack you must use the spanning tree vlan vlan id cost cost interface configuration command instead of the spanning tree vlan vlan id port priority priority interface configuration command to select an interface to put in the f...

Page 767: ... if spanning tree vlan 20 25 port priority 0 You can verify your settings by entering the show spanning tree interface interface id privileged EXEC command Related Commands Command Description show spanning tree interface interface id Displays spanning tree information for the specified interface spanning tree cost Sets the path cost for spanning tree calculations spanning tree vlan priority Sets ...

Page 768: ...spanning tree plus PVST rapid PVST or the multiple spanning tree MST mode Use the spanning tree portfast bpdufilter default global configuration command to globally enable BPDU filtering on interfaces that are Port Fast enabled the interfaces are in a Port Fast operational state The interfaces still send a few BPDUs at link up before the switch begins to filter outbound BPDUs You should globally e...

Page 769: ...nterface configuration command Use the spanning tree portfast default global configuration command to globally enable the Port Fast feature on all nontrunking interfaces Configure Port Fast only on interfaces that connect to end stations otherwise an accidental topology loop could cause a data packet loop and disrupt switch and network operation A Port Fast enabled interface moves directly to the ...

Page 770: ...o the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod _command_reference_list html Select the Cisco IOS Commands Master List Release 12 2 to navigate to the command spanning tree bpdufilter Prevents an interface from sending or receiving BPDUs spanning tree bpduguard Puts an interface in the error disabled state when it receives a BPD...

Page 771: ...data packet loop and disrupt switch and network operation To enable Port Fast on trunk ports you must use the spanning tree portfast trunk interface configuration command The spanning tree portfast command is not supported on trunk ports You can enable this feature when the switch is operating in the per VLAN spanning tree plus PVST rapid PVST or the multiple spanning tree MST mode This feature af...

Page 772: ...plays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_c ommand_reference_list html Select the Cisco IOS Commands Master List Release 12 2 to navigate to the command spanning tree bpdufilter Prevents an interface from sending or receiving bridge protocol data units...

Page 773: ... Command History Usage Guidelines Increasing the transmit hold count value can have a significant impact on CPU utilization when the switch is in rapid per VLAN spanning tree plus rapid PVST mode Decreasing this value might slow down convergence We recommend using the default setting Examples This example shows how to set the transmit hold count to 8 Switch config spanning tree transmit hold count...

Page 774: ... you enable or disable UplinkFast cross stack UplinkFast CSUF also is automatically enabled or disabled on all nonstack port interfaces CSUF accelerates the choice of a new root port when a link or switch fails or when spanning tree reconfigures itself When UplinkFast is enabled the switch priority of all VLANs is set to 49152 If you change the path cost to a value less than 3000 and you enable Up...

Page 775: ...st feature are placed in the root inconsistent state blocked and prevented from reaching the forwarding state If you set the max update rate to 0 station learning frames are not generated so the spanning tree topology converges more slowly after a loss of connectivity Examples This example shows how to enable UplinkFast Switch config spanning tree uplinkfast You can verify your setting by entering...

Page 776: ...rning states last before the interface begins forwarding The range is 4 to 30 seconds hello time seconds Optional Set the interval between hello bridge protocol data units BPDUs sent by the root switch configuration messages The range is 1 to 10 seconds max age seconds Optional Set the interval between messages the spanning tree receives from the root switch If a switch does not receive a BPDU mes...

Page 777: ...e spanning tree options on a VLAN that has no interfaces assigned to it The setting takes effect when you assign interfaces to it When setting the max age seconds if a switch does not receive BPDUs from the root switch within the specified interval it recomputes the spanning tree topology The max age setting must be greater than the hello time setting The spanning tree vlan vlan id root command sh...

Page 778: ...VLAN 20 Switch config spanning tree vlan 20 priority 8192 This example shows how to configure the switch as the root switch for VLAN 10 with a network diameter of 4 Switch config spanning tree vlan 10 root primary diameter 4 This example shows how to configure the switch as the secondary root switch for VLAN 10 with a network diameter of 4 Switch config spanning tree vlan 10 root secondary diamete...

Page 779: ...e device at the other end of the link for the speed setting and then forces the speed setting to the negotiated value The duplex setting remains as configured on each end of the link which could result in a duplex setting mismatch If both ends of the line support autonegotiation we highly recommend the default autonegotiation settings If one interface supports autonegotiation and the other end doe...

Page 780: ...tethernet1 0 17 Switch config if speed 100 This example shows how to set a port to autonegotiate at only 10 Mb s Switch config interface gigabitethernet1 0 17 Switch config if speed auto 10 This example shows how to set a port to autonegotiate at only 10 or 100 Mb s Switch config interface gigabitethernet1 0 17 Switch config if speed auto 10 100 You can verify your settings by entering the show in...

Page 781: ...and to 80 percent the port is idle 20 percent of the time The line rate drops to 80 percent of the connected speed These values are not exact because the hardware adjusts the line rate in increments of six Note The egress queue default settings are suitable for most situations You should change them only when you have a thorough understanding of the egress queues and if these settings do not meet ...

Page 782: ...Differentiated Services Code Point DSCP values to an egress queue or maps DSCP values to a queue and to a threshold ID mls qos queue set output threshold Configures the weighted tail drop WTD thresholds guarantees the availability of buffers and configures the maximum memory allocation for the queue set queue set Maps a port to a queue set show mls qos interface queueing Displays QoS information s...

Page 783: ...n if the link is idle Use shaping to smooth bursty traffic or to provide a smoother output over time The shaped mode overrides the shared mode If you configure a shaped queue weight to 0 by using the srr queue bandwidth shape interface configuration command this queue participates in shared mode The weight specified with the srr queue bandwidth shape command is ignored and the weights specified wi...

Page 784: ... 0 0 Switch config if srr queue bandwidth share 4 4 4 4 You can verify your settings by entering the show mls qos interface interface id queueing privileged EXEC command Related Commands Command Description mls qos queue set output buffers Allocates buffers to a queue set mls qos srr queue output cos map Maps class of service CoS values to an egress queue or maps CoS values to a queue and to a thr...

Page 785: ...ccording to the configured weights The bandwidth is guaranteed at this level but not limited to it For example if a queue empties and does not require a share of the link the remaining queues can expand into the unused bandwidth and share it among themselves If you configure a shaped queue weight to 0 by using the srr queue bandwidth shape interface configuration command this queue participates in...

Page 786: ...y entering the show mls qos interface interface id queueing privileged EXEC command Related Commands Command Description mls qos queue set output buffers Allocates buffers to a queue set mls qos srr queue output cos map Maps class of service CoS values to an egress queue or maps CoS values to a queue and to a threshold ID mls qos srr queue output dscp map Maps Differentiated Services Code Point DS...

Page 787: ... recommend that you configure an explicit value for this command Command Modes Global configuration Command History Usage Guidelines The MAC address of the switch stack is determined by the MAC address of the stack master In the default state persistent MAC address disabled if a new switch becomes stack master the stack MAC address changes to the MAC address of the new stack master When persistent...

Page 788: ...your settings by entering the show running config privileged EXEC command If enabled stack mac persistent timer is shown in the output Related Commands Command Description show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command Reference listing page http www cisco com en US products sw iosswrel ps1835 prod_command _refere...

Page 789: ... and falling suppression levels as a percentage of total bandwidth of the port level Rising suppression level up to two decimal places The range is 0 00 to 100 00 Block the flooding of storm packets when the value specified for level is reached level low Optional Falling suppression level up to two decimal places The range is 0 00 to 100 00 This value must be less than or equal to the rising suppr...

Page 790: ...ausing the storm and to send no SNMP traps Note When the storm control threshold for multicast traffic is reached all multicast traffic except control traffic such as bridge protocol data unit BDPU and Cisco Discovery Protocol CDP frames are blocked However the switch does not differentiate between routing updates such as Open Shortest Path First OSPF and regular multicast data traffic so both typ...

Page 791: ...ol settings propagate to the EtherChannel physical interfaces When a broadcast storm occurs and the action is to filter traffic the switch blocks only broadcast traffic For more information see the software configuration guide for this release Examples This example shows how to enable broadcast storm control with a 75 5 percent rising suppression level Switch config if storm control broadcast leve...

Page 792: ...hrough the stack ports and are in the ready state The stack is in the partial ring state when All members are connected through their stack ports but some are not in the ready state Some members are not connected through the stack ports If you enter the switch stack member number stack port port number disable privileged EXEC command and The stack is in the full ring state you can disable only one...

Page 793: ... Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands switch Examples This example shows how to disable stack port 2 on member 4 Switch switch 4 stack port 2 disable Related Commands Command Description show switch Displays information about the switch stack and the stack members ...

Page 794: ...ction Therefore changing the priority value does not change the stack master immediately Examples This example shows how to change the priority value of stack member 6 to 9 Switch config switch 6 priority 9 Changing the Switch Priority of Switch Number 6 to 9 Do you want to continue confirm Related Commands stack member number Specify the current stack member number The range is 1 to 9 priority ne...

Page 795: ...figuration To change the switch type you must also remove the specified switch from the switch stack You can change the stack member number of a provisioned switch that is physically present in the switch stack if you do not also change the switch type If the switch type of the provisioned switch does not match the switch type in the provisioned configuration on the stack the switch stack applies ...

Page 796: ...e switch 2 interface GigabitEthernet2 0 1 interface GigabitEthernet2 0 2 interface GigabitEthernet2 0 3 output truncated You also can enter the show switch user EXEC command to display the provisioning status of the switch stack This example shows how to delete all configuration information about a stack member 5 when the switch is removed from the stack Switch config no switch 5 provision You can...

Page 797: ...ses its current configuration and resets to its default configuration For more information about stack member numbers and configurations see the software configuration guide Do not use the switch current stack member number renumber new stack member number command on a provisioned switch If you do the command is rejected Use the reload slot current stack member number privileged EXEC to reload the...

Page 798: ...HP Cisco IOS Commands switch renumber Related Commands Command Description reload Reloads the stack member and puts a configuration change into effect session Accesses a specific stack member switch priority Changes the stack member priority value show switch Displays information about the switch stack and its stack members ...

Page 799: ...ory Usage Guidelines Entering the no switchport command shuts the port down and then re enables it which might generate messages on the device to which the port is connected When you put an interface that is in Layer 2 mode into Layer 3 mode or the reverse the previous configuration information related to the affected interface might be lost and the interface is returned to its default configurati...

Page 800: ...interface by entering the show running config privileged EXEC command Related Commands Command Description show interfaces switchport Displays the administrative and operational status of a switching nonrouting port including port blocking and port protection settings show running config Displays the operating configuration For syntax information use this link to the Cisco IOS Release 12 2 Command...

Page 801: ... based on the packet it receives Command Modes Interface configuration Command History Usage Guidelines The no switchport access command resets the access mode VLAN to the appropriate default VLAN for the device The port must be in access mode before the switchport access vlan command can take effect An access port can be assigned to only one VLAN The VMPS server such as a Catalyst 6000 series swi...

Page 802: ...ports Dynamic access ports can only be in one VLAN and do not use VLAN tagging Dynamic access ports cannot be configured as Members of an EtherChannel port group dynamic access ports cannot be grouped with any other port including other dynamic ports Source or destination ports in a static address entry Monitor ports Examples This example shows how to change a switched port interface that is opera...

Page 803: ...t least one port in the VLAN must be up and forwarding You can use the switchport autostate exclude command to exclude a port from the SVI interface up or down calculation For example you might exclude a monitoring port from the calculations so that the VLAN is not considered up when only the monitoring port is active When you enter the switchport autostate exclude command on a port the command ap...

Page 804: ...ivate vlan trunk normal VLANs none Administrative private vlan trunk associations none Administrative private vlan trunk mappings none Operational private vlan none Trunking VLANs Enabled ALL Pruning VLANs Enabled 2 1001 Capture Mode Disabled Capture VLANs Allowed ALL Autostate mode exclude Related Commands Command Description show interfaces interface id switchport Displays the administrative and...

Page 805: ...st fast convergence preemption delay interface name mode prefer vlan name Syntax Description Defaults The default is to have no Flex Links defined The preemption mode is off No preemption occurs Preemption delay is set to 35 seconds Command Modes Interface configuration Command History fastethernet FastEthernet IEEE 802 3 port name Valid range is 0 to 9 gigabitethernet GigabitEthernet IEEE 802 3z ...

Page 806: ...erChannel However you can configure two port channels EtherChannel logical interfaces as Flex Links and you can configure a port channel and a physical interface as Flex Links with either the port channel or the physical interface as the active link If STP is configured on the switch Flex Links do not participate in STP in all valid VLANs If STP is not running be sure that there are no loops in th...

Page 807: ...Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands switchport backup interface Related Commands Command Description show interfaces interface id switchport backup Displays the configured Flex Links and their status on the switch or for the specified interface ...

Page 808: ...n protected or nonprotected ports If unknown multicast or unicast traffic is not blocked on a protected port there could be security issues Blocking unknown multicast or unicast traffic is not automatically enabled on protected ports you must explicitly configure it For more information about blocking packets see the software configuration guide for this release Examples This example shows how to ...

Page 809: ...end station can accept this configuration Because spanning tree Port Fast is enabled you should enter the switchport host command only on ports that are connected to a single host Connecting other switches hubs concentrators or bridges to a fast start port can cause temporary spanning tree loops Enable the switchport host command to decrease the time that it takes to start up packet forwarding Exa...

Page 810: ...runking mode and negotiates to convert the link into a trunk link even if the interface connecting to it does not agree to the change When you enter dynamic auto mode the interface converts the link to a trunk link if the neighboring interface is set to trunk or desirable mode access Set the port to access mode either static access or dynamic access depending on the setting of the switchport acces...

Page 811: ...ch does not recognize the protocol inside the IEEE 802 1Q header This restriction applies to router ACLs port ACLs and VLAN maps Configuring a port as an IEEE 802 1Q tunnel port has these limitations IP routing and fallback bridging are not supported on tunnel ports Tunnel ports do not support IP ACLs If an IP ACL is applied to a trunk port in a VLAN that includes tunnel ports or if a VLAN map is ...

Page 812: ...net2 0 1 Switch config if switchport mode trunk This example shows how to configure a port as an IEEE 802 1Q tunnel port Switch config interface gigabitethernet2 0 1 Switch config if switchport mode dot1q tunnel You can verify your settings by entering the show interfaces interface id switchport privileged EXEC command and examining information in the Administrative Mode and Operational Mode rows ...

Page 813: ...nalyzer SPAN destination port If you configure a SPAN destination port as a private VLAN host or promiscuous port the port becomes inactive Do not configure private VLAN on ports with these other features Dynamic access port VLAN membership Dynamic Trunking Protocol DTP Port Aggregation Protocol PAgP Link Aggregation Control Protocol LACP Multicast VLAN Registration MVR Voice VLAN A private VLAN p...

Page 814: ...as a private VLAN host port you should also enable BPDU guard and Port Fast by using the spanning tree portfast bpduguard default global configuration command and the spanning tree portfast interface configuration command Switch configure terminal Switch config interface gigabitethernet 1 0 1 Switch config if switchport mode private vlan host Switch config if switchport private vlan host associati...

Page 815: ...port mode is access or trunk configured by using the switchport mode access or the switchport mode trunk interface configuration command This command returns an error if you attempt to execute it in dynamic auto or desirable mode Internetworking devices that do not support DTP might forward DTP frames improperly and cause misconfigurations To avoid this you should turn off DTP by using the switchp...

Page 816: ...ess port depending on the mode set Switch config interface gigabitethernet2 0 1 Switch config if switchport nonegotiate You can verify your setting by entering the show interfaces interface id switchport privileged EXEC command Related Commands Command Description show interfaces switchport Displays the administrative and operational status of a switching nonrouting port including port blocking an...

Page 817: ...he interface by entering a 48 bit MAC address You can add additional secure MAC addresses up to the maximum value configured vlan vlan id Optional On a trunk port only specify the VLAN ID and the MAC address If no VLAN ID is specified the native VLAN is used vlan access Optional On an access port only specify the VLAN as an access VLAN vlan voice Optional On an access port only specify the VLAN as...

Page 818: ...MAC addresses to drop below the maximum value or increase the number of maximum allowable addresses You are not notified that a security violation has occurred Note We do not recommend configuring the protect mode on a trunk port The protect mode disables learning when any VLAN reaches its maximum limit even if the port has not reached its maximum limit restrict Set the security violation restrict...

Page 819: ...lue is greater than the previous value the new value overrides the previously configured value If the new value is less than the previous value and the number of configured secure addresses on the interface exceeds the new value the command is rejected The switch does not support port security aging of sticky secure MAC addresses A security violation occurs when the maximum number of secure MAC ad...

Page 820: ... secure addresses they are lost If sticky learning is disabled the sticky secure MAC addresses are converted to dynamic secure addresses and are removed from the running configuration If you disable sticky learning and enter the switchport port security mac address sticky mac address interface configuration command an error message appears and the sticky secure MAC address is not added to the runn...

Page 821: ...mands Command Description clear port security Deletes from the MAC address table a specific type of secure address or all the secure addresses on the switch or an interface show port security address Displays all the secure addresses configured on the switch show port security interface interface id Displays port security configuration for the switch or for the specified interface ...

Page 822: ... other than 0 for that port To allow limited time access to particular secure addresses set the aging type as absolute When the aging time lapses the secure addresses are deleted To allow continuous access to a limited number of secure addresses set the aging type as inactivity This removes the secure address when it become inactive and other addresses can become secure To allow unlimited access t...

Page 823: ...d secure addresses on the port Switch config interface gigabitethernet1 0 2 Switch config if switchport port security aging time 2 Switch config if switchport port security aging type inactivity Switch config if switchport port security aging static This example shows how to disable aging for configured secure addresses Switch config interface gigabitethernet1 0 2 Switch config if no switchport po...

Page 824: ...t connected to the Cisco IP Phone to send the configuration to the Cisco IP Phone CDP is enabled by default globally and on all switch interfaces You should configure voice VLAN on switch access ports You can configure a voice VLAN only on Layer 2 ports Before you enable voice VLAN we recommend that you enable quality of service QoS on the switch by entering the mls qos global configuration comman...

Page 825: ...r 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands switchport priority extend Related Commands Command Description show interfaces Displays the administrative and operational status of a switching nonrouting port switchport voice vlan Configures the voice VLAN on the port ...

Page 826: ...have no private VLAN association or mapping configured Command Modes Interface configuration Command History Usage Guidelines Private VLAN association or mapping has no effect on the port unless the port has been configured as a private VLAN host or promiscuous port by using the switchport mode private vlan host promiscuous interface configuration command If the port is in private VLAN host or pro...

Page 827: ...tchport private vlan mapping interface configuration command Examples This example shows how to configure an interface as a private VLAN host port and associate it with primary VLAN 20 and secondary VLAN 501 Switch configure terminal Switch config interface gigabitethernet 1 0 1 Switch config if switchport mode private vlan host Switch config if switchport private vlan host association 20 501 Swit...

Page 828: ...d ports for unique VLANs on each switch and configure a trunk link between the switches A protected port is different from a secure port A protected port does not forward any traffic unicast multicast or broadcast to any other port that is also a protected port Data traffic cannot be forwarded between protected ports at Layer 2 only control traffic such as PIM packets is forwarded because these pa...

Page 829: ...r HP Cisco IOS Commands switchport protected Related Commands Command Description show interfaces switchport Displays the administrative and operational status of a switching nonrouting port including port blocking and port protection settings switchport block Prevents unknown multicast or unicast traffic on the interface ...

Page 830: ...ANs VLAN IDs greater than 1005 are valid in some cases Note You can add extended range VLANs to the allowed VLAN list but not to the pruning eligible VLAN list Separate nonconsecutive VLAN IDs with a comma use a hyphen to designate a range of IDs allowed vlan vlan list Set the list of allowed VLANs that can receive and send traffic on this interface in tagged format when in trunking mode See the f...

Page 831: ...lt for all VLAN lists is to include all VLANs Command Modes Interface configuration Command History Usage Guidelines Encapsulation The switchport trunk encapsulation command is supported only for platforms and interface hardware that can support both ISL and IEEE 802 1Q formats You cannot configure one end of the trunk as an IEEE 802 1Q trunk and the other end as an ISL or nontrunk port However yo...

Page 832: ... cannot be pruned Examples This example shows how to cause a port configured as a switched interface to encapsulate in IEEE 802 1Q trunking format regardless of its default trunking format in trunking mode Switch config interface gigabitethernet1 0 2 Switch config if switchport trunk encapsulation dot1q This example shows how to configure VLAN 3 as the default for the port to send all untagged tra...

Page 833: ...t and recognize a Cisco IP phone Examples This example shows how to enable detection and recognition of a Cisco IP phone on the switch Switch config interface gigabitethernet1 0 1 Switch config if switchport voice detect cisco phone This example shows how to disable detection and recognition of a Cisco IP phone on the switch Switch config interface gigabitethernet1 0 1 Switch config if no switchpo...

Page 834: ...y of service QoS on the switch by entering the mls qos global configuration command and configure the port trust state to trust by entering the mls qos trust cos interface configuration command When you enter a VLAN ID the IP phone forwards voice traffic in IEEE 802 1Q frames tagged with the specified VLAN ID The switch puts IEEE 802 1Q voice traffic in the voice VLAN When you select dot1q none or...

Page 835: ...port security is enabled on the access VLAN dynamic port security is automatically enabled on the voice VLAN You cannot configure static secure MAC addresses in the voice VLAN A voice VLAN port cannot be a private VLAN port The Port Fast feature is automatically enabled when voice VLAN is configured When you disable voice VLAN the Port Fast feature is not automatically disabled Examples This examp...

Page 836: ...ow 80 C Red 85 C Command Modes Global configuration Command History Usage Guidelines You cannot configure the green and red thresholds but can configure the yellow threshold Use the system env temperature threshold yellow value global configuration command to specify the difference between the yellow and red thresholds and to configure the yellow threshold For example if the red threshold is 66 de...

Page 837: ...co IOS Commands system env temperature threshold yellow Examples This example sets 15 as the difference between the yellow and red thresholds Switch config system env temperature threshold yellow 15 Switch config Related Commands Command Description show env temperature status Displays the temperature status and threshold levels ...

Page 838: ... MTU jumbo setting is saved in the switch environmental variable in NVRAM and becomes effective when the switch reloads Unlike the system MTU routing configuration the MTU settings that you enter with the system mtu jumbo command is not saved in the switch Cisco IOS configuration file even if you enter the copy running config startup config privileged EXEC command Therefore if you use TFTP to conf...

Page 839: ...If you enter a value that is outside the allowed range for the specific type of interface the value is not accepted Examples This example shows how to set the maximum jumbo packet size for Gigabit Ethernet ports to 6000 bytes Switch config system mtu jumbo 6000 Switch config exit Switch reload You can verify your setting by entering the show system mtu privileged EXEC command Related Commands Comm...

Page 840: ...face id command use the show cable diagnostics tdr interface interface id privileged EXEC command to display the results Examples This example shows how to run TDR on an interface Switch test cable diagnostics tdr interface gigabitethernet1 0 2 TDR test started on interface Gi1 0 2 A TDR test can take a few seconds to run on an interface Use show cable diagnostics tdr to read the TDR results If yo...

Page 841: ... only unicast traffic If you specify a multicast source or destination MAC address the physical path is not identified and an error message appears The traceroute mac command output shows the Layer 2 path when the specified source and destination addresses belong to the same VLAN If you specify source and destination addresses that belong to different VLANs the Layer 2 path is not identified and a...

Page 842: ... 2 2 6 6 con6 WS CBS3130G S 2 2 6 6 Gi0 0 2 auto auto Gi0 0 3 auto auto con5 WS C2950G 24 EI 2 2 5 5 Fa0 3 auto auto Gi0 1 auto auto con1 WS C3550 12G 2 2 1 1 Gi0 1 auto auto Gi0 2 auto auto con2 WS C3550 24 2 2 2 2 Gi0 2 auto auto Fa0 1 auto auto Destination 0000 0201 0201 found on con2 WS C3550 24 2 2 2 2 Layer 2 trace completed This example shows how to display the Layer 2 path by specifying th...

Page 843: ...e mac 0000 0201 0601 0000 0301 0201 Error Source and destination macs are on different vlans Layer2 trace aborted This example shows the Layer 2 path when the destination MAC address is a multicast address Switch traceroute mac 0000 0201 0601 0100 0201 0201 Invalid destination mac address This example shows the Layer 2 path when source and destination switches belong to multiple VLANs Switch trace...

Page 844: ... hops identified in the path is ten The traceroute mac ip command output shows the Layer 2 path when the specified source and destination IP addresses are in the same subnet When you specify the IP addresses the switch uses Address Resolution Protocol ARP to associate the IP addresses with the corresponding MAC addresses and the VLAN IDs If an ARP entry exists for the specified IP address the swit...

Page 845: ... auto con5 WS C2950G 24 EI 2 2 5 5 Fa0 3 auto auto Gi0 1 auto auto con1 WS C3550 12G 2 2 1 1 Gi0 1 auto auto Gi0 2 auto auto con2 WS C3550 24 2 2 2 2 Gi0 2 auto auto Fa0 1 auto auto Destination 0000 0201 0201 found on con2 WS C3550 24 2 2 2 2 Layer 2 trace completed This example shows how to display the Layer 2 path by specifying the source and destination hostnames Switch traceroute mac ip con6 c...

Page 846: ...tually exclusive with set policy map class configuration command within the same policy map If you specify trust cos QoS uses the received or default port CoS value and the CoS to DSCP map to generate a DSCP value for the packet If you specify trust dscp QoS uses the DSCP value from the ingress packet For non IP packets that are tagged QoS uses the received CoS value for non IP packets that are un...

Page 847: ...ne a port trust state to trust incoming DSCP values for traffic classified with class1 Switch config policy map policy1 Switch config pmap class class1 Switch config pmap c trust dscp Switch config pmap c police 1000000 20000 exceed action policed dscp transmit Switch config pmap c exit You can verify your settings by entering the show policy map privileged EXEC command Related Commands Command De...

Page 848: ...ber optic links For information about normal and aggressive modes see the Understanding UDLD section in the software configuration guide for this release If you change the message time between probe packets you are making a trade off between the detection speed and the CPU load By decreasing the time you can make the detection response faster but increase the load on the CPU This command affects f...

Page 849: ... commands to automatically recover from the UDLD error disabled state Examples This example shows how to enable UDLD on all fiber optic interfaces Switch config udld enable You can verify your setting by entering the show udld privileged EXEC command Related Commands Command Description show udld Displays UDLD administrative and operational status for all ports or the specified port udld port Enab...

Page 850: ...ther switch UDLD supports two modes of operation normal the default and aggressive In normal mode UDLD detects unidirectional links due to misconnected interfaces on fiber optic connections In aggressive mode UDLD also detects unidirectional links due to one way traffic on fiber optic and twisted pair links and due to misconnected interfaces on fiber optic links For information about normal and ag...

Page 851: ...le shows how to enable UDLD on an port Switch config interface gigabitethernet6 0 1 Switch config if udld port This example shows how to disable UDLD on a fiber optic interface despite the setting of the udld global configuration command Switch config interface gigabitethernet6 0 1 Switch config if no udld port You can verify your settings by entering the show running config or the show udld inter...

Page 852: ...ot been corrected Examples This example shows how to reset all interfaces disabled by UDLD Switch udld reset 1 ports shutdown by UDLD were reset You can verify your setting by entering the show udld privileged EXEC command Related Commands Release Modification 12 2 40 EX1 This command was introduced Command Description show running config Displays the operating configuration For syntax information...

Page 853: ...lobal configuration or VLAN configuration command to put the switch in VTP transparent mode Extended range VLANs are not learned by VTP and are not added to the VLAN database but when VTP mode is transparent VTP mode and domain name and all VLAN configurations are saved in the running configuration and you can save them in the switch startup configuration file When you save the VLAN and VTP config...

Page 854: ...is keyword applies only to TrCRF VLANs enable backup CRF mode for this VLAN disable backup CRF mode for this VLAN the default bridge bridge number type specifies the logical distributed source routing bridge the bridge that interconnects all logical rings having this VLAN as a parent VLAN in FDDI NET Token Ring NET and TrBRF VLANs The range is 0 to 15 The default bridge number is 0 no source routi...

Page 855: ... on the VLAN See the remote span command for more information ring ring number defines the logical ring for an FDDI Token Ring or TrCRF VLAN The range is 1 to 4095 The default for Token Ring VLANs is 0 For FDDI VLANs there is no default said said value specifies the security association identifier SAID as documented in IEEE 802 10 The range is 1 to 4294967294 and the number must be unique within t...

Page 856: ...n id tb vlan1 tb vlan1 id tb vlan2 tb vlan2 id Token Ring concentrator relay function TrCRF VTP v2 mode is enabled name vlan name media tokenring state suspend active said said value mtu mtu size ring ring number parent parent vlan id bridge type srb srt are are number ste ste number backupcrf enable disable tb vlan1 tb vlan1 id tb vlan2 tb vlan2 id Token Ring NET VTP v1 mode is enabled name vlan ...

Page 857: ...onfiguration file Switch config vtp mode transparent Switch config vlan 2000 Switch config vlan end Switch copy running config startup config You can verify your setting by entering the show vlan privileged EXEC command VTP v2 mode is enabled and you are configuring a TrBRF VLAN media type Specify a bridge number Do not leave this field blank VTP v1 mode is enabled No VLAN can have an STP type set...

Page 858: ...witch 3120 for HP Cisco IOS Commands vlan global configuration Related Commands Command Description show vlan Displays the parameters for all configured VLANs or one VLAN if the VLAN ID or name is specified in the administrative domain vlan VLAN configuration Configures normal range VLANs in the VLAN database ...

Page 859: ...ieee ibm auto tb vlan1 tb vlan1 id tb vlan2 tb vlan2 id Extended range VLANs with VLAN IDs from 1006 to 4094 cannot be added or modified by using these commands To add extended range VLANs use the vlan global configuration command to enter config vlan mode Note The switch supports only Ethernet ports You configure only FDDI and Token Ring media specific characteristics for VLAN Trunking Protocol V...

Page 860: ...s and is required when defining a TrCRF The range is 0 to 1005 ring ring number Optional Specify the logical ring for an FDDI Token Ring or TrCRF VLAN The range is 1 to 4095 said said value Optional Enter the security association identifier SAID as documented in IEEE 802 10 The range is 1 to 4294967294 and the number must be unique within the administrative domain state suspend active Optional Spe...

Page 861: ...lan1 tb vlan1 id tb vlan2 tb vlan2 id Token Ring concentrator relay function TrCRF VTP v2 mode is enabled vlan vlan id name vlan name media tokenring state suspend active said said value mtu mtu size ring ring number parent parent vlan id bridge type srb srt are are number ste ste number backupcrf enable disable tb vlan1 tb vlan1 id tb vlan2 tb vlan2 id Token Ring NET VTP v1 mode is enabled vlan v...

Page 862: ...and Token Ring VLANs the default is no type specified The tb vlan1 id and tb vlan2 id variables are zero no translational bridging Command Modes VLAN configuration VTP v2 mode is enabled and you are configuring a TrBRF VLAN media type Specify a bridge number Do not leave this field blank VTP v1 mode is enabled No VLAN can have an STP type set to auto This rule applies to Ethernet FDDI FDDI NET Tok...

Page 863: ...used the VLAN is deleted Deleting VLANs automatically resets to zero any other parent VLANs and translational bridging parameters that see the deleted VLAN When the no vlan vlan id bridge form is used the VLAN source routing bridge number returns to the default 0 The vlan vlan id bridge command is used only for FDDI NET and Token Ring NET VLANs and is ignored in other VLAN types When the no vlan v...

Page 864: ...example shows how to add an Ethernet VLAN with default media characteristics The default includes a vlan name of VLANxxx where xxxx represents four numeric digits including leading zeros equal to the VLAN ID number The default media option is ethernet the state option is active The default said value variable is 100000 plus the VLAN ID the mtu size variable is 1500 the stp type option is ieee When...

Page 865: ...ion where you can use the match access map configuration command to specify the access lists for IP or non IP traffic to match and use the action command to set whether a match causes the packet to be forwarded or dropped In VLAN access map configuration mode these commands are available action sets the action to be taken forward or drop default sets a command to its defaults exit exits from VLAN ...

Page 866: ... how to create a VLAN map named vac1 and apply matching conditions and actions to it If no other entries already exist in the map this will be entry 10 Switch config vlan access map vac1 Switch config access map match ip address acl1 Switch config access map action forward This example shows how to delete VLAN map vac1 Switch config no vlan access map vac1 Related Commands Command Description acti...

Page 867: ...1006 to 4094 use the vlan global configuration command to enter config vlan mode You can also configure VLAN IDs 1 to 1005 by using the vlan global configuration command To return to the privileged EXEC mode from the VLAN configuration mode enter the exit command Note This command mode is different from other modes because it is session oriented When you add delete or modify VLAN parameters the ch...

Page 868: ...atabase on the switch and remains in VLAN configuration mode show displays VLAN database information show changes vlan id displays the differences between the VLAN database on the switch and the proposed VLAN database for all normal range VLAN IDs 1 to 1005 or the specified VLAN ID 1 to 1005 show current vlan id displays the VLAN database on the switch or on a selected VLAN 1 to 1005 show proposed...

Page 869: ...te Operational Modified State Suspended This example shows how to display the differences between VLAN 7 in the current database and the proposed database Switch vlan show changes 7 MODIFIED VLAN ISL Id 7 Current State Operational Modified State Suspended This is an example of output from the show current 20 command It displays only VLAN 20 of the current database Switch vlan show current 20 VLAN ...

Page 870: ... 802 1Q tunneling feature This feature operates on an edge switch of a service provider network and expands VLAN space by using a VLAN in VLAN hierarchy and tagging the tagged packets You must use IEEE 802 1Q trunk ports for sending packets to the service provider network However packets going through the core of the service provider network might also be carried on IEEE 802 1Q trunks If the nativ...

Page 871: ... for HP Command Reference OL 12248 03 Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands vlan dot1q tag native Related Commands Command Description show vlan dot1q tag native Displays IEEE 802 1Q native VLAN tagging status ...

Page 872: ...ectivity in the middle of the configuration process we recommend that you completely define the VLAN access map before applying it to a VLAN For more information about VLAN map entries see the software configuration guide for this release Examples This example applies VLAN map entry map1 to VLANs 20 and 30 Switch config vlan filter map1 vlan list 20 30 This example shows how to delete VLAN map ent...

Page 873: ...OS Commands vlan filter Related Commands Command Description show vlan access map Displays information about a particular VLAN access map or all VLAN access maps show vlan filter Displays information about all VLAN filters or about a particular VLAN or VLAN access map vlan access map Creates a VLAN map entry for VLAN packet filtering ...

Page 874: ...fault is defined Command Modes Privileged EXEC Command History Examples This example shows how to immediately send VQP queries to the VMPS Switch vmps reconfirm You can verify your setting by entering the show vmps privileged EXEC command and examining the VMPS Action row of the Reconfirmation Status section The show vmps command shows the result of the last time the assignments were reconfirmed e...

Page 875: ...nterval is 60 minutes Command Modes Global configuration Command History Examples This example shows how to set the VQP client to reconfirm dynamic VLAN entries every 20 minutes Switch config vmps reconfirm 20 You can verify your setting by entering the show vmps privileged EXEC command and examining information in the Reconfirm Interval row Related Commands interval Reconfirmation interval for VQ...

Page 876: ... retry Syntax Description Defaults The default retry count is 3 Command Modes Global configuration Command History Examples This example shows how to set the retry count to 7 Switch config vmps retry 7 You can verify your setting by entering the show vmps privileged EXEC command and examining information in the Server Retry Count row Related Commands count Number of attempts to contact the VLAN Me...

Page 877: ...gured servers are deleted If you delete all servers when dynamic access ports are present the switch cannot forward packets from new sources on these ports because it cannot query the VMPS Examples This example shows how to configure the server with IP address 191 10 49 20 as the primary VMPS server The servers with IP addresses 191 10 49 21 and 191 10 49 22 are configured as secondary servers Swi...

Page 878: ...st Blade Switch 3120 for HP Command Reference OL 12248 03 Chapter 2 Cisco Catalyst Blade Switch 3120 for HP Cisco IOS Commands vmps server Related Commands Command Description show vmps Displays VQP and VMPS information ...

Page 879: ...nvolatile storage to store VLAN configurations You cannot configure VLANs on the switch When a VTP client starts up it does not send VTP advertisements until it receives advertisements to initialize its VLAN database server Place the switch in VTP server mode A switch in VTP server mode is enabled for VTP and sends advertisements You can configure VLANs on the switch The switch can recover all the...

Page 880: ...e VTP mode and VLAN configuration for the first 1005 VLANs are selected by VLAN database information and VLANs greater than 1005 are configured from the switch configuration file The vtp file filename cannot be used to load a new database it renames only the file in which the existing database is stored Follow these guidelines when configuring a VTP domain name The switch is in the no management d...

Page 881: ... configuration file If extended range VLANs are configured on the switch and you attempt to set the VTP mode to server or client you receive an error message and the configuration is not allowed VTP can be set to either server or client mode only when dynamic VLAN creation is disabled Follow these guidelines when setting a VTP password Passwords are case sensitive Passwords should match on all swi...

Page 882: ...s how to specify the name of the interface providing the VTP updater ID for this device Switch config vtp interface gigabitethernet This example shows how to set the administrative domain for the switch Switch config vtp domain OurDomainName This example shows how to place the switch in VTP transparent mode Switch config vtp mode transparent This example shows how to configure the VTP domain passw...

Page 883: ...validate received VTP advertisements The password can be an ASCII string from 1 to 32 characters The password is case sensitive pruning Enable pruning in the VTP administrative domain VTP pruning causes information about each pruning eligible VLAN to be removed from VTP updates if there are no stations belonging to that VLAN v2 mode Enable VLAN Trunking Protocol VTP Version 2 in the administrative...

Page 884: ...u make a change to the VTP or VLAN configuration on a switch in server mode that change is propagated to all the switches in the same VTP domain The vtp transparent command disables VTP from the domain but does not remove the domain from the switch The VTP mode must be transparent for you to add extended range VLANs or for the VTP and the VLAN configurations to be saved in the running configuratio...

Page 885: ...nfigure them to operate in VTP Version 1 no vtp v2 mode If all switches in a domain are VTP Version 2 capable you need only to enable VTP Version 2 on one switch the version number is then propagated to the other Version 2 capable switches in the VTP domain If you are using VTP in a Token Ring environment or configuring a Token Ring bridge relay function TrBRF or Token Ring concentrator relay func...

Page 886: ...AN configuration Related Commands Command Description show vtp status Displays the VTP statistics for the switch and general information about the VTP management domain status switchport trunk pruning Configures the VLAN pruning eligible list for ports in trunking mode vtp global configuration Configures the VTP filename interface domain name and mode ...

Page 887: ...terrupting the boot process while the switch is powering up and then entering a new password The password recovery disable feature allows the system administrator to protect access to the switch password by disabling part of this functionality and allowing the user to interrupt the boot process only by agreeing to set the system back to the default configuration With password recovery disabled the...

Page 888: ...rotocol ARP table arp ip_address Syntax Description Command Modes Boot loader Command History Usage Guidelines The ARP table has the IP address to MAC address mappings Examples This example shows how to display the ARP table switch arp 172 20 136 8 arp ing 172 20 136 8 172 20 136 8 is at 00 1b 78 d1 25 ae via port 0 ip_address Optional Show the ARP table or the mapping for a specific IP address Re...

Page 889: ...he system by using the information in the BOOT environment variable if any If you supply an image name for the file url variable the boot command attempts to boot the specified image When you set boot loader boot command options they are executed immediately and apply only to the current boot loader session These settings are not saved for the next boot operation Filenames and directory names are ...

Page 890: ...nd Reference OL 13271 03 Appendix A Cisco Catalyst Blade Switch 3130 and 3032 for Dell Boot Loader Commands boot Related Commands Command Description set Sets the BOOT environment variable to boot a specific image when the BOOT keyword is appended to the command ...

Page 891: ...niversal mz 122 40 EX1 info version_suffix universal 122 40 EX1 version_directory cbs31x0 universal mz 122 40 EX1 image_system_type_id 0x00000002 image_name cbs31x0 universal mz 122 40 EX1 bin ios_image_file_size 8919552 total_image_file_size 11592192 image_feature IP LAYER_3 PLUS MIN_DRAM_MEG 128 image_family CBS31x0 stacking_number 1 34 board_ids 0x00000068 0x00000069 0x0000006a 0x0000006b info_...

Page 892: ...ters the name cannot contain control characters spaces deletes slashes quotes semicolons or colons If you are copying a file to a new directory the directory must already exist Examples This example show how to copy a file at the root switch copy flash test1 text flash test4 text File flash test1 text successfully copied to flash test4 text You can verify that the file was copied by entering the d...

Page 893: ...g each file Examples This example shows how to delete two files switch delete flash test2 text flash test5 text Are you sure you want to delete flash test2 text y n y File flash test2 text deleted Are you sure you want to delete flash test5 text y n y File flash test2 text deleted You can verify that the files were deleted by entering the dir flash boot loader command Related Commands filesystem A...

Page 894: ...3 00 04 31 00 00 cbs31x0 universal mz 122 40 EX1 6 rwx 1147 Mar 1 1993 00 40 29 00 00 FHH105002F6_IPBase lic 9 rwx 1155 Mar 1 1993 23 55 57 00 00 FHH105002F6_IPServ lic 10 rwx 1161 Mar 1 1993 23 56 21 00 00 FHH105002F6_AdvIPServ lic 8 rwx 8016 Mar 1 1993 00 00 51 00 00 vlan dat 57931776 bytes total 35725824 bytes free Table A 1 describes the fields in the display filesystem Alias for a flash file ...

Page 895: ... Cisco Catalyst Blade Switch 3130 and 3032 for Dell Boot Loader Commands dir Related Commands date Last modification date env_vars Filename Table A 1 dir Field Descriptions continued Field Description Command Description mkdir Creates one or more directories rmdir Removes one or more directories ...

Page 896: ...on This command has no arguments or keywords Defaults The flash file system is automatically initialized during normal system operation Command Modes Boot loader Command History Usage Guidelines During the normal boot process the flash file system is automatically initialized Use this command to manually initialize the flash file system For example you use this command during the recovery procedur...

Page 897: ...format the specified file system and destroy all data in that file system format filesystem Syntax Description Command Modes Boot loader Command History Usage Guidelines Caution Use this command with care it destroys all data on the file system and renders your system unusable filesystem Alias for a flash file system Use flash for the system board flash device Release Modification 12 2 40 EX1 This...

Page 898: ...disconnect the switch power and then reconnect the power Examples This example shows how to perform an extensive file system check on flash memory switch fsck test flash test Optional Initialize the file system code and perform extra POST on flash memory An extensive nondestructive memory test is performed on every byte that makes up the file system f Optional Initialize the file system code and p...

Page 899: ...r Commands help help Use the help boot loader command to display the available commands help Syntax Description This command has no arguments or keywords Command Modes Boot loader Command History Usage Guidelines You can also use the question mark to display a list of available boot loader commands Release Modification 12 2 40 EX1 This command was introduced ...

Page 900: ...x00800000 0x000a9068 bytes Bottom heap utilization is 22 percent Top heap utilization is 0 percent Total heap utilization is 22 percent Total bytes 0xa9068 692328 Bytes used 0x26888 157832 Bytes available 0x827e0 534496 Alternate heap utilization is 0 percent Total alternate heap bytes 0x6fd000 7327744 Alternate heap bytes used 0x0 0 Alternate heap bytes available 0x6fd000 7327744 Table A 2 descri...

Page 901: ...ll Boot Loader Commands memory Stack Beginning and ending address of the area in memory allocated to the software to store automatic variables return addresses and so forth Heap Beginning and ending address of the area in memory that memory is dynamically allocated to and freed from Table A 2 memory Field Descriptions continued Field Description ...

Page 902: ...gmt_clr mgmt_clr Use the mgmt_clr boot loader command to clear the Ethernet management port statistics mgmt_clr Syntax Description This command has no arguments or keywords Command Modes Boot loader Command History Examples This example shows how to clear the Ethernet management port statistics switch mgmt_clr Release Modification 12 2 40 EX1 This command was introduced ...

Page 903: ...der command to initialize the Ethernet management port mgmt_init Syntax Description This command has no arguments or keywords Command Modes Boot loader Command History Usage Guidelines Use the mgmt_init command only during debugging of the Ethernet management port Examples This example shows how to initialize the Ethernet management port switch mgmt_init Release Modification 12 2 40 EX1 This comma...

Page 904: ...management port statistics mgmt_show Syntax Description This command has no arguments or keywords Command Modes Boot loader Command History Examples This example shows how to display the Ethernet management port statistics switch mgmt_show Statistics Received Transmitted good frame bytes 60 120 good frames 1 2 bad frames 0 0 dropped frames 0 0 queue overflowed 0 0 memory access errors 0 0 Release ...

Page 905: ...xample shows how to make a directory called Saved_Configs switch mkdir flash Saved_Configs Directory flash Saved_Configs created This example shows how to make two directories switch mkdir flash Saved_Configs1 flash Test Directory flash Saved_Configs1 created Directory flash Test created You can verify that the directory was created by entering the dir filesystem boot loader command Related Comman...

Page 906: ...bs31x0 universal mz 122 40 EX1 info version_suffix universal 122 40 EX1 version_directory cbs universal mz 122 40 EX1 image_system_type_id 0x00000002 image_name cbs universal mz 122 40 EX1 bin ios_image_file_size 8919552 total_image_file_size 11592192 image_feature IP LAYER_3 PLUS MIN_DRAM_MEG 128 image_family CBS31x0 stacking_number 1 34 board_ids 0x00000068 0x00000069 0x0000006a 0x0000006b info_...

Page 907: ...s deletes slashes quotes semicolons or colons Filenames are limited to 45 characters the name cannot contain control characters spaces deletes slashes quotes semicolons or colons Examples This example shows a file named config text being renamed to config1 text switch rename flash config text flash config1 text You can verify that the file was renamed by entering the dir filesystem boot loader com...

Page 908: ...ower cycling the switch clearing the processor registers and memory reset Syntax Description This command has no arguments or keywords Command Modes Boot loader Command History Examples This example shows how to reset the system switch reset Are you sure you want to reset the system y n y System resetting Related Commands Release Modification 12 2 40 EX1 This command was introduced Command Descrip...

Page 909: ...ns Before removing a directory you must first delete all the files in the directory The switch prompts you for confirmation before deleting each directory Examples This example shows how to remove a directory switch rmdir flash Test You can verify that the directory was deleted by entering the dir filesystem boot loader command Related Commands filesystem Alias for a flash file system Use flash fo...

Page 910: ...be interrupted by using the Break key on the console Valid values are 1 yes on 0 no and off If it is set to 1 yes or on you can interrupt the automatic boot process by pressing the Break key on the console after the flash file system has initialized HELPER filesystem file url A semicolon separated list of loadable files to dynamically load during the boot loader initialization Helper files extend ...

Page 911: ...xample is a variable with a value Many environment variables are predefined and have default values Command Modes Boot loader Command History Usage Guidelines Environment variables are case sensitive and must be entered as documented Environment variables that have values are stored in flash memory outside of the flash file system Under normal circumstances it is not necessary to alter the setting...

Page 912: ...ation command For stacking capable switches the SWITCH_PRIORITY environment variable can also be set by using the switch stack member number priority priority number global configuration command The boot loader prompt string PS1 can be up to 120 printable characters except the equal sign Examples This example shows how to change the boot loader prompt switch set PS1 loader loader You can verify yo...

Page 913: ...bs31x0 universal mz 122 40 EX1 info version_suffix universal 122 40 EX1 version_directory cbs universal mz 122 40 EX1 image_system_type_id 0x00000002 image_name cbs universal mz 122 40 EX1 bin ios_image_file_size 8919552 total_image_file_size 11592192 image_feature IP LAYER_3 PLUS MIN_DRAM_MEG 128 image_family CBS31x0 stacking_number 1 34 board_ids 0x00000068 0x00000069 0x0000006a 0x0000006b info_...

Page 914: ...des whether the automatic boot process can be interrupted by using the Break key on the console after the flash file system has been initialized HELPER A semicolon separated list of loadable files to dynamically load during the boot loader initialization Helper files extend or patch the functionality of the boot loader PS1 A string that is used as the command line prompt in boot loader mode CONFIG...

Page 915: ...l configuration command The ENABLE_BREAK environment variable can also be reset by using the no boot enable break global configuration command The HELPER environment variable can also be reset by using the no boot helper global configuration command The CONFIG_FILE environment variable can also be reset by using the no boot config file global configuration command The HELPER_CONFIG_FILE environmen...

Page 916: ...boot loader command to display the boot loader version version Syntax Description This command has no arguments or keywords Command Modes Boot loader Command History Examples This example shows how to display the boot loader version on a switch CBS31X0 Boot Loader C31X0 HBOOT M Version 12 2 40r EX1 Compiled Fri 05 Oct 07 01 05 by myl switch Release Modification 12 2 40 EX1 This command was introdu...

Page 917: ...ems and should be enabled only under the guidance of Cisco technical support staff Caution Because debugging output is assigned high priority in the CPU process it can render the system unusable For this reason use the debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff It is best to use the debug commands during periods of lo...

Page 918: ...d only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch wit...

Page 919: ... 27 28 29 30 31 21 29 47 mls qos srr queue input dscp map queue 2 threshold 3 40 41 42 43 44 45 46 47 21 29 47 mls qos srr queue output dscp map queue 1 threshold 3 40 41 42 43 44 45 46 47 21 29 47 mls qos srr queue output dscp map queue 2 threshold 3 24 25 26 27 28 29 30 31 21 29 47 mls qos srr queue output dscp map queue 2 threshold 3 48 49 50 51 52 53 54 55 21 29 48 mls qos srr queue output dsc...

Page 920: ...h when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to...

Page 921: ...alization interface configuration rpc Syntax Description Defaults Debugging is disabled Command Modes Privileged EXEC Command History Related Commands all Display all CISP debug messages errors Display CISP debug messages events Display CISP event debug messages packets Display CISP packet debug messages sync Display CISP operational synchronization debug messages Release Modification 12 2 50 SE T...

Page 922: ...ing on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Comma...

Page 923: ...k master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands aggregation Display DTP user message aggregation debug ...

Page 924: ...ack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands all Dis...

Page 925: ...mand is the same as the no debug etherchannel command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote comma...

Page 926: ... is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member ...

Page 927: ...p snooping command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privile...

Page 928: ...delines The undebug ip verify source packet command is the same as the no debug ip verify source packet command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line pr...

Page 929: ...ck member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands interfac...

Page 930: ...ge Guidelines The undebug ip igmp filter command is the same as the no debug ip igmp filter command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the ...

Page 931: ...istory Usage Guidelines The undebug ip igmp max groups command is the same as the no debug ip igmp max groups command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command l...

Page 932: ... enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session...

Page 933: ...ter To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a s...

Page 934: ...ry Usage Guidelines The undebug lldp packets command is the same as the no debug lldp packets command When you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can u...

Page 935: ... mac notification command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE ...

Page 936: ...g matm command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged ...

Page 937: ...when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to e...

Page 938: ...ssion switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands all Display all SPAN debug messages errors Display detailed SPAN error debug me...

Page 939: ...ter To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a s...

Page 940: ...abled Command Modes Privileged EXEC Command History Usage Guidelines The undebug nmsp command is the same as the no debug nmsp command When you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt o...

Page 941: ...ommand is the same as the no debug nvram command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command st...

Page 942: ... can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands all Optional Display ...

Page 943: ...ing capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack...

Page 944: ...r Dell Command Reference OL 13271 03 Appendix B Cisco Catalyst Blade Switch 3130 and 3032 for Dell Debug Commands debug platform acl Related Commands Command Description show debugging Displays information about the types of debugging that are enabled ...

Page 945: ...d EXEC Command History Usage Guidelines The undebug platform backup interface command is the same as the no platform debug backup interface command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the ...

Page 946: ...led only on the stack master To enable debugging on a stack member start a session from the stack master by using the session switch number privileged EXEC command and enter enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number line privileged EXEC command on the stack master switch to enable debugging on a member switch with...

Page 947: ...s disabled Command Modes Privileged EXEC Command History Usage Guidelines The undebug platform cli redirection main command is the same as the no debug platform cli redirection main command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch numb...

Page 948: ...ation command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged E...

Page 949: ... spt q Display debug messages about packets received by the core based tree to shortest path tree cbt to spt queue cpuhub q Display debug messages about packets received by the CPU heartbeat queue host q Display debug messages about packets received by the host queue icmp q Display debug messages about packets received by the Internet Control Message Protocol ICMP queue igmp snooping q Display deb...

Page 950: ...t is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member...

Page 951: ...nable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debu...

Page 952: ...ug platform dot1x command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE ...

Page 953: ...tacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the s...

Page 954: ...rm fallback bridging command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LI...

Page 955: ...enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member swit...

Page 956: ... member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands all Option...

Page 957: ... debug messages di Display IGMP snooping destination index di coordination remote procedure call RPC debug messages error Display IGMP snooping error messages event Display IGMP snooping event debug messages group Display IGMP snooping group debug messages mgmt Display IGMP snooping management debug messages pak ip address error ipopt leave query report rx svi tx Display IGMP snooping packet event...

Page 958: ...the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands rpc cfg l3mm misc vlan Display IGMP snooping remote procedure call RPC event debug messages The keywords have these meanings cfg Optional Display IGMP snooping RPC debug messages l3m...

Page 959: ...te Using this command can degrade the performance of the switch mdb Display IP multicast debug messages for multicast distributed fast switching MDFS multicast descriptor block mdb events mdfs rp retry Display IP multicast MDFS rendezvous point RP retry event debug messages midb Display IP multicast MDFS multicast interface descriptor block MIDB debug messages mroute rp Display IP multicast RP eve...

Page 960: ...g it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a mem...

Page 961: ...hcp Display IP unicast routing DHCP dynamic address related event debug messages errors Display all IP unicast routing error debug messages including resource allocation failures events Display all IP unicast routing event debug messages including registry and miscellaneous events interface Display IP unicast routing interface event debug messages mpath Display IP unicast routing multi path adjace...

Page 962: ...he stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first ...

Page 963: ... ip wccp command is the same as the no debug platform ip wccp command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use ...

Page 964: ...on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without fi...

Page 965: ...e switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master sw...

Page 966: ...er by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands aging Display MAC address aging debug messages all Display al...

Page 967: ...tch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch ...

Page 968: ...medium dependent interface crossover auto MDIX debug messages cablediag Display PHY cable diagnostic debug messages dual purpose Display PHY dual purpose event debug messages flcd configure ipc iter trace Display PHY FLCD debug messages The keywords have these meanings configure Display PHY configure debug messages ipc Display Interprocess Communication Protocol IPC debug messages iter Display ite...

Page 969: ...ed only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch wi...

Page 970: ...ages etherchnl Display EtherChannel related events debug messages exceptions Display system exception debug messages hpm events Display platform port manager event debug messages idb events Display interface descriptor block IDB related events debug messages if numbers Display interface number translation event debug messages ios events Display Cisco IOS event debug messages link status Display in...

Page 971: ...sion switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands stack manager Display stack manager related events debug messages This keyword i...

Page 972: ... enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable de...

Page 973: ... when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to ...

Page 974: ...only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch witho...

Page 975: ...uidelines The undebug platform remote commands command is the same as the no debug platform remote commands command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command lin...

Page 976: ...on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without fi...

Page 977: ...ory Usage Guidelines The undebug platform snmp command is the same as the no debug platform snmp command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of...

Page 978: ...age Guidelines The undebug platform span command is the same as the no debug platform span command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the s...

Page 979: ... switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master swi...

Page 980: ...tform supervisor asic command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number L...

Page 981: ...and On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC comman...

Page 982: ...ite debug platform tcam log l2 acl input output local qos debug platform tcam log l3 acl input output ipv6 acl input output local qos secondary local qos secondary debug platform tcam read reg ssram tcam debug platform tcam search debug platform tcam write forw ram reg tcam no debug platform tcam log read search write no debug platform tcam log l2 acl input output local qos no debug platform tcam ...

Page 983: ...qos secondary Display IPv6 based look up debug messages Options include displaying input or output ACL look up local forwarding look up classification and QoS look up or secondary forwarding look up debug messages local Display local forwarding look up debug messages qos Display classification and quality of service QoS look up debug messages secondary Display secondary forwarding look up debug me...

Page 984: ...led only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch w...

Page 985: ...when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to e...

Page 986: ... a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on t...

Page 987: ... vp Syntax Description Note Though visible in the command line help strings the scp and pvlan keywords are not supported Defaults Debugging is disabled Command Modes Privileged EXEC Command History all Display all PM debug messages assert Display assert debug messages card Display line card related events debug messages etherchnl Display EtherChannel related events debug messages hatable Display H...

Page 988: ...stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first sta...

Page 989: ...mand is the same as the no debug port security command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote comm...

Page 990: ...mmand On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC comm...

Page 991: ...ssages bpdu opt Display optimized BPDU handling debug messages config Display spanning tree configuration change debug messages csuf csrt Display cross stack UplinkFast and cross stack rapid transition activity debug messages This keyword is supported only on stacking capable switches etherchannel Display EtherChannel support debug messages events Display spanning tree topology event debug message...

Page 992: ...a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands Rel...

Page 993: ...g tree backbonefast command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LIN...

Page 994: ...ommand On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC com...

Page 995: ... tree bpdu opt command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE pri...

Page 996: ...se boundaries An multiple spanning tree MST region and a single spanning tree region running Rapid Spanning Tree Protocol RSTP An MST region and a single spanning tree region running 802 1D An MST region and another MST region with a different configuration bpdu rx Debug the received MST bridge protocol data units BPDUs bpdu tx Debug the sent MST BPDUs errors Debug MSTP errors flush Debug the port...

Page 997: ...master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting ...

Page 998: ...panning tree switch debug messages errors Display debug messages for the interface between the spanning tree software module and the port manager software module flush Display debug messages for the shim flush operation general Display general event debug messages helper Display spanning tree helper task debug messages Helper tasks handle bulk spanning tree updates pm Display port manager event de...

Page 999: ...ck master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starti...

Page 1000: ...he no debug spanning tree uplinkfast command On a stacking capable switch when you enable debugging it is enabled only on the stack master To enable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack ...

Page 1001: ...badpmcookies Display debug messages for VLAN manager incidents of bad port manager cookies cfg vlan bootup cli Display config vlan debug messages The keywords have these meanings bootup Display messages when the switch is booting up cli Display messages when the command line interface CLI is in config vlan mode events Display debug messages for VLAN manager events ifs See the debug sw vlan ifs com...

Page 1002: ...g the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session Related Commands Command Description show debugging Displays information about the types...

Page 1003: ...e the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session When selecting the file read operation Operation 1 reads the file header which contains the header verification word and the file version number Operation 2 reads the main body of the file which contains most of the domain and VLAN...

Page 1004: ...bugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session accfwdcha...

Page 1005: ...tch 3130 and 3032 for Dell Debug Commands debug sw vlan notification Related Commands Command Description show debugging Displays information about the types of debugging that are enabled show vlan Displays the parameters for all configured VLANs or one VLAN if the VLAN name or ID is specified in the administrative domain ...

Page 1006: ...e command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session events Display debug messages for general purpose logic flow and detailed VTP messages generated by the VTP_LOG_RUNTIME macro in the VTP code packets Display debug messages for the contents of all incoming VTP packets that have been passed in...

Page 1007: ...runing keyword VTP pruning debugging messages appear They are generated by the VTP_PRUNING_LOG_NOTICE VTP_PRUNING_LOG_INFO VTP_PRUNING_LOG_DEBUG VTP_PRUNING_LOG_ALERT and VTP_PRUNING_LOG_WARNING macros in the VTP pruning code Related Commands Command Description show debugging Displays information about the types of debugging that are enabled show vtp Displays general information about VTP managem...

Page 1008: ...mber privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session For debug udld events these debugging messages appear General UDLD program logic flow State machine state chang...

Page 1009: ...kets received such as type length versions TLVs as they are examined by the packet reception code Packet transmission attempts and the outcome For debug udld registries these categories of debugging messages appear Sub block creation Fiber port status changes State change indications from the port manager software MAC address registry calls Related Commands Command Description show debugging Displ...

Page 1010: ...nable debugging on a stack member you can start a session from the stack master by using the session switch number privileged EXEC command Then enter the debug command at the command line prompt of the stack member You also can use the remote command stack member number LINE privileged EXEC command on the stack master switch to enable debugging on a member switch without first starting a session R...

Page 1011: ...and 3032 for Dell Show Platform Commands This appendix describes the show platform privileged EXEC commands that have been created or changed for use with the switch These commands display information helpful in diagnosing and resolving internetworking problems and should be used only under the guidance of Cisco technical support staff ...

Page 1012: ... not appear but the lines that contain Output appear interface interface id Display per interface ACL manager information for the specified interface The interface can be a physical interface or a VLAN label label number detail Display per label ACL manager information The label number range is 0 to 255 The keyword has this meaning detail Optional Display detailed ACL manager label information sta...

Page 1013: ...rt representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear interface id Optional Display backup information for all interfaces or the specified interface The interface c...

Page 1014: ... command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear config output Display the output of the last auto configuration application default Display whether or not the system is running the default configuration running Display a sn...

Page 1015: ...echnical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear detail Optional Display detailed dynamically loaded module information begin Optional Display be...

Page 1016: ...rking directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear flags Display EtherChannel port flags time stamps Display EtherChannel ti...

Page 1017: ...ional Subnetwork Access Protocol SNAP encapsulation type cos cos Optional Class of service CoS value of the frame The range is 0 to 7 ip src ip dst ip Optional but required for IP packets Source and destination IP addresses in dotted decimal notation frag field Optional The IP fragment field for a fragmented IP packet The range is 0 to 65535 dscp dscp Optional Differentiated Services Code Point DS...

Page 1018: ...ort representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples For examples of the show platform forward command output displays and what they mean see the Troubleshooting chapter of the software configuration guide for this release exclude Optional Display exc...

Page 1019: ...so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear buffer Display the last 1024 bytes sent from the manager to the subordinate and the reverse generic Display the generic counters that do not specifically apply to the manager or subordinate manager number Display the counters for the manager...

Page 1020: ...unters Display IGMP snooping counters flood vlan vlan id Display IGMP snooping flood information The keyword has this meaning vlan vlan id Optional Display flood information for the specified VLAN The range is 1 to 4094 group ip address Display the IGMP snooping multicast group information where ip address is the IP address of the group hardware Display IGMP snooping information loaded into hardwa...

Page 1021: ...oping Usage Guidelines You should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear ...

Page 1022: ...that contain Output appear acl full info Display IP multicast routing access control list ACL information in particular the number of outgoing VLANs for which router ACLs at the output cannot be applied in hardware counters Display IP multicast counters and statistics groups Display IP multicast routes per group hardware detail Display IP multicast routes loaded into hardware The optional detail k...

Page 1023: ... adjacency entries that failed to be programmed in hardware arp Display the Address Resolution Protocol ARP deletions because of failure and because of retries A B C D Optional Prefix of the ARP entries to display route Display the route entries that failed to be programmed in hardware loadbalance Display the platform load balance database mpaths Display the Layer 3 unicast routing multipath adjac...

Page 1024: ...e Guidelines You should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Release Modi...

Page 1025: ...expression Syntax Description Command Modes Privileged EXEC Command History Usage Guidelines You should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so begin Optional Display begins with the line that matches the expression exclude Optional...

Page 1026: ...lude expression Syntax Description Command Modes Privileged EXEC Command History Usage Guidelines You should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so begin Optional Display begins with the line that matches the expression exclude Opt...

Page 1027: ...should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear detail Display the platform W...

Page 1028: ...mand History Usage Guidelines You should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output ap...

Page 1029: ...cy Display adjacency backwalk information loadbalance Display backwalk load balance information compress ipv6 prefix prefix length Display IPv6 prefix compression information ipv6 prefix The IPv6 network prefix length The length of the IPv6 network prefix A decimal value from 0 to 128 that shows how many of the high order contiguous bits of the address comprise the prefix the network portion of th...

Page 1030: ...ge Guidelines You should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Release Mod...

Page 1031: ...r example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear acl Display access control list ACL Layer 4 operators information pacl port asic Display port ACL Layer 4 operators information The keyword has this meaning port asic Optional Port ASIC number qos port asic Display quality of service QoS Layer 4 operators information The keywo...

Page 1032: ...his command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear aging array Optional Display the MAC address table aging array hash table Optional Display the MAC address table hash table mac address mac address Optional Display the MAC...

Page 1033: ...nter exclude output the lines that contain output do not appear but the lines that contain Output appear application incoming outgoing summary Display application message information The keywords have these meanings incoming Optional Display only information about incoming application messaging requests outgoing Optional Display only information about incoming application messaging requests summar...

Page 1034: ...y with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear session session number Optional Display SPAN information for the specified SPAN sessio...

Page 1035: ...uidelines You should use this command only when you are working directly with a technical support representative while troubleshooting a problem Do not use this command unless a technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear begin Optional ...

Page 1036: ...splay module counters information group masks Display EtherChannel group masks information idbs active idbs deleted idbs Display interface data block IDB information The keywords have these meanings active idbs Display active IDB information deleted idbs Display deleted and leaked IDB information if numbers Display interface numbers information link status Display local port link status informatio...

Page 1037: ...ack control dest map learning messages mvid prog parser span stats asic number port number asic number stats drop enqueue miscellaneous supervisor asic number port number asic number transmit port fifo queue supervisor sram asic number port number asic number vct asic number port number asic number version begin exclude include expression Syntax Description cpu queue map table asic number port num...

Page 1038: ...isplay entries in the learning cache The keywords have these meanings asic number Optional Display information for the specified ASIC The range is 0 to 1 port number Optional Display information for the specified port and ASIC number The range is 0 to 27 where 0 is the supervisor and 1 to 25 are the ports mac info asic number port number asic number Display the contents of the MAC information regi...

Page 1039: ... Optional Display information for the specified port and ASIC number The range is 0 to 27 where 0 is the supervisor and 1 to 25 are the ports receive buffer queue port fifo supervisor sram asic number port number asic number Display receive information The keywords have these meanings buffer queue Display the buffer queue information port fifo Display the port FIFO information supervisor sram Disp...

Page 1040: ... 25 are the ports This keyword is supported only on stacking capable switches stats drop enqueue miscellaneous supervisor asic number port number asic number Display raw statistics for the port ASIC The keywords have these meanings drop Display drop statistics enqueue Display enqueue statistics miscellaneous Display miscellaneous statistics supervisor Display supervisor statistics asic number Opti...

Page 1041: ...tput appear vct asic number port number asic number Display the VLAN compression table entries for the specified ASIC or for the specified port and ASIC The keywords have these meanings asic number Optional Display information for the specified ASIC The range is 0 to 1 port number Optional Display information for the specified port and ASIC number The range is 0 to 27 where 0 is the supervisor and...

Page 1042: ...his command only when you are working directly with your technical support representative while troubleshooting a problem Do not use this command unless your technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear begin Optional Display begins with ...

Page 1043: ...s are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear label asic number Display QoS label maps for the specified ASIC Optional For asic number the range is 0 to 1 policer parameters asic number port alloc number asic number Display policer information The keywords have these meanings parameters asic number ...

Page 1044: ... the specified index The range is 0 to 65535 med index number Display the multi expansion descriptor table for the specified index The keyword has this meaning index number Optional Display the specified index The range is 0 to 65535 mod Display the resource manager module information msm hash table vlan vlan id mac address mac address vlan vlan id Display the MAC address descriptor table and the ...

Page 1045: ...ectly with your technical support representative while troubleshooting a problem Do not use this command unless your technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear include Optional Display includes lines that match the specified expression ...

Page 1046: ... You should use this command only when you are working directly with your technical support representative while troubleshooting a problem Do not use this command unless your technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear begin Optional Dis...

Page 1047: ...e this command unless your technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear synchronization detail vlan vlan id Display spanning tree state synchronization information The keywords have these meanings detail Optional Display detailed spanning...

Page 1048: ...ctly with your technical support representative while troubleshooting a problem Do not use this command unless your technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear vlan id Display spanning tree instance information for the specified VLAN The...

Page 1049: ...put do not appear but the lines that contain Output appear all Display all information for the entire switch stack counters Display the stack manager counters trace sdp reverse Display trace information The keywords have these meanings sdp Optional Display Stack Discovery Protocol SDP information reverse Optional Display trace information in reverse chronological order from recent to older chronol...

Page 1050: ...tem and interface level configuration from the stack master and loading it Ready The member has completed loading the system and interface level configurations and can forward traffic Master Re Init The state immediately after a master re election and a different member is elected master The new master is re initializing its configuration This state applies only to the new master Ver Mismatch A sw...

Page 1051: ...tain output do not appear but the lines that contain Output appear Examples This is an example of the show platform stack port buffer command output Switch show platform stack ports buffer Stack Debug Event Data Trace Event type LINK Link status change Event type RAC RAC changes to Not OK Event type SYNC Sync changes to Not OK Event Stack Stack PCS Info Ctrl Status Loopback Cable Count Port IOS HW...

Page 1052: ...000000012 2 FF08FF00 86031805 55AAFFFF FFFFFFFF 1CE61CE6 Yes Yes No cable Event type RAC 0000000013 1 FF08FF00 860302A5 AA55FFFF FFFFFFFF 1CE61CE6 Yes Yes No cable 0000000013 2 FF08FF00 86031805 55AAFFFF FFFFFFFF 1CE61CE6 Yes Yes No cable This is an example of show platform stack ports history command output Switch show platform stack ports history Switch Lost Sync times Link Changes Port Events N...

Page 1053: ... case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Examples This is an example of output from the show platform tb command Switch show platform tb Print TB sub block information Fa1 0 2 device Cisco phone current interfaces with TB enabled and the trust device type Current master switch Yes Is this switch the...

Page 1054: ...r expired CDP neighbors of all the TB enabled interfaces will be verified to make sure the replacement of IP phone and PC did not happen during the master switch over Print TB residue trust ports information The interfaces with TB enabled right before master switch over Print port CDP neighbor information Is the CDP message still received after switch over HULC TB is not detecting CDP events Curre...

Page 1055: ...etail invalid invalid num number detail invalid invalid invalid num number detail invalid invalid begin exclude include expression show platform tcam table local asic number detail invalid index number detail invalid invalid num number detail invalid invalid invalid num number detail invalid invalid begin exclude include expression show platform tcam table mac address asic number detail invalid in...

Page 1056: ... Display the local table mac address Display the MAC address table multicast expansion Display the IPv6 multicast expansion table qos Display the QoS table secondary Display the secondary table station Display the station table vlan list Display the VLAN list table usage Display the CAM and forwarding table usage asic number detail invalid index number detail invalid invalid num number detail inva...

Page 1057: ...elines You should use this command only when you are working directly with your technical support representative while troubleshooting a problem Do not use this command unless your technical support representative asks you to do so Expressions are case sensitive For example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear Release Modi...

Page 1058: ...example if you enter exclude output the lines that contain output do not appear but the lines that contain Output appear misc Display miscellaneous VLAN module information mvid Display the mapped VLAN ID MVID allocation information prune Display the stack pruning database on stacking capable switches Display the platform maintained pruning database on nonstacking capable switches refcount Display ...

Page 1059: ...lephone and Telegraph Company or of the Regents of the University of California Permission is granted to anyone to use this software for any purpose on any computer system and to alter it and redistribute it subject to the following restrictions 1 The author is not responsible for the consequences of use of this software no matter how awful even if they arise from flaws in it 2 The origin of this ...

Page 1060: ...D 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference OL 13271 03 Appendix D Acknowledgments for Open Source Software ...

Page 1061: ...2 838 archive copy sw command 2 8 archive download sw command 2 11 archive tar command 2 15 archive upload sw command 2 18 arp boot loader command A 2 arp access list command 2 20 authentication control direction command 2 22 authentication event command 2 24 authentication failed VLAN See dot1x auth fail vlan authentication fallback command 2 27 authentication host mode command 2 29 authenticatio...

Page 1062: ...ent variables described A 24 displaying settings A 24 location of A 25 setting A 24 unsetting A 28 boot loader continued files copying A 6 deleting A 7 displaying a list of A 8 displaying the contents of A 5 A 20 A 27 renaming A 21 file system formatting A 11 initializing flash A 10 running a consistency check A 12 prompt A 1 resetting the system A 22 boot manual command 2 57 boot private config f...

Page 1063: ...g the name 2 53 2 58 configuring multiple interfaces 2 179 config vlan mode commands 2 824 description 1 5 entering 2 823 summary 1 2 copy boot loader command A 6 copy logging onboard command 2 96 CoS assigning default value to incoming packets 2 330 assigning to Layer 2 protocol packets 2 281 overriding the incoming value 2 330 CoS to DSCP map 2 334 CPU ASIC statistics displaying 2 462 crashinfo ...

Page 1064: ...ommand B 66 debug platform udld command B 69 debug platform vlan command B 70 debug pm command B 71 debug port security command B 73 debug qos manager command B 74 debug spanning tree backbonefast command B 77 debug spanning tree bpdu command B 78 debug spanning tree bpdu opt command B 79 debug spanning tree command B 75 debug spanning tree mstp command B 80 debug spanning tree switch command B 82...

Page 1065: ... protocol tunneling 2 278 DSCP to CoS map 2 334 DSCP to DSCP mutation map 2 334 DTP 2 781 DTP flap error detection for 2 162 error recovery timer 2 166 DTP negotiation 2 785 dual IPv4 and IPv6 templates 2 386 duplex command 2 150 dynamic access ports configuring 2 771 restrictions 2 772 dynamic ARP inspection ARP ACLs apply to a VLAN 2 191 define 2 20 deny packets 2 101 display 2 446 permit packet...

Page 1066: ... display B 17 displaying 2 576 modes 2 61 port priority for hot standby ports 2 282 restricting a protocol 2 65 system priority 2 284 load distribution methods 2 401 PAgP aggregate port learner 2 380 EtherChannel continued clearing channel group information 2 89 debug messages display B 26 displaying 2 641 error detection for 2 162 error recovery timer 2 166 learn method 2 380 modes 2 61 physical ...

Page 1067: ... displaying 2 543 2 548 2 550 enabling 2 226 enabling the configurable leave timer 2 228 enabling the Immediate Leave feature 2 237 flooding query count 2 234 interface topology change notification behavior 2 236 multicast table 2 546 querier 2 230 query solicitation 2 234 report suppression 2 232 switch topology change notification behavior 2 234 images See software images Immediate Leave process...

Page 1068: ... snooping last member query interval command 2 228 ip igmp snooping querier command 2 230 ip igmp snooping report suppression command 2 232 ip igmp snooping tcn command 2 234 ip igmp snooping tcn flood command 2 236 ip igmp snooping vlan immediate leave command 2 237 ip igmp snooping vlan mrouter command 2 238 ip igmp snooping vlan static command 2 240 IP multicast addresses 2 367 IP phones auto Q...

Page 1069: ...Channel 2 401 location global configuration command 2 289 location interface configuration command 2 291 logging file command 2 293 logical interface 2 177 loopback error detection for 2 162 recovery timer 2 166 loop guard for spanning tree 2 714 2 718 M mac access group command 2 295 MAC access groups displaying 2 590 MAC access list configuration mode 2 297 mac access list extended command 2 297...

Page 1070: ...4 mgmt_clr boot loader command A 16 mgmt_init boot loader command A 17 A 18 mkdir boot loader command A 19 MLD snooping configuring 2 268 2 270 configuring queries 2 264 2 266 configuring topology change notification 2 272 displaying 2 563 2 565 2 567 2 569 enabling 2 262 enabling on a VLAN 2 274 mls qos aggregate policer command 2 328 mls qos command 2 326 mls qos cos command 2 330 mls qos dscp m...

Page 1071: ...ng BPDU guard 2 706 2 738 enabling Port Fast 2 738 2 741 forward delay time 2 726 length of listening and learning states 2 726 rapid transition to forwarding 2 716 shutting down Port Fast enabled ports 2 738 MSTP continued state information display 2 656 MTU configuring size 2 808 displaying global setting 2 669 Multicase Listener Discovery See MLD multicast group address MVR 2 370 multicast grou...

Page 1072: ...tinued global configuration mode clearing health monitoring diagnostic test schedule 2 111 clearing test based testing schedule 2 113 setting health monitoring diagnostic testing 2 111 setting test based testing 2 113 setting up health monitoring diagnostic test schedule 2 111 setting up test based testing 2 113 removing scheduling 2 113 scheduled switchover disabling 2 113 enabling 2 113 setting ...

Page 1073: ...n attempts 2 146 quiet period between failed authentication exchanges 2 146 re authenticating IEEE 802 1x enabled ports 2 144 resetting configurable IEEE 802 1x parameters 2 131 port based authentication continued switch to authentication server retransmission time 2 146 switch to client frame retransmission number 2 139 to 2 140 switch to client retransmission time 2 146 port channel load balance...

Page 1074: ... settings 2 624 QoS continued enabling bandwidth shaping and scheduling 2 753 enabling bandwidth sharing and scheduling 2 755 limiting the maximum output on a port 2 751 mapping a port to a queue set 2 410 mapping CoS values to a queue and threshold 2 356 mapping DSCP values to a queue and threshold 2 358 setting maximum and reserved memory allocations 2 340 setting WTD thresholds 2 340 enabling 2...

Page 1075: ...e STP re authenticating IEEE 802 1x enabled ports 2 144 re authentication periodic 2 145 time between attempts 2 146 receiver ports MVR 2 370 receiving flow control packets 2 173 recovery mechanism causes 2 166 display 2 74 2 458 2 499 2 502 timer interval 2 167 reload command 2 415 remote command 2 417 remote span command 2 419 Remote Switched Port Analyzer See RSPAN rename boot loader command A ...

Page 1076: ...ble detect command 2 499 show errdisable flap values command 2 501 show errdisable recovery command 2 502 show etherchannel command 2 504 show fallback profile command 2 507 show flowcontrol command 2 509 show idprom command 2 511 show interfaces command 2 513 show interfaces counters command 2 525 show inventory command 2 528 show ip arp inspection command 2 530 show ipc command 2 556 show ip dhc...

Page 1077: ...and C 19 show platform ip wccp command C 17 show platform layer4op command C 21 show platform mac address table command C 22 show platform messaging command C 23 show platform monitor command C 24 show platform mvr table command C 25 show platform pm command C 26 show platform port asic command C 27 show platform port security command C 32 show platform qos command C 33 show platform resource mana...

Page 1078: ... tree mst cost command 2 724 spanning tree mst forward time command 2 726 spanning tree mst hello time command 2 727 spanning tree mst max age command 2 728 spanning tree mst max hops command 2 729 spanning tree mst port priority command 2 730 spanning tree mst pre standard command 2 732 spanning tree mst priority command 2 733 spanning tree mst root command 2 734 spanning tree portfast global con...

Page 1079: ... blocking to forwarding state 2 741 enabling BPDU filtering 2 704 2 738 enabling BPDU guard 2 706 2 738 enabling Port Fast 2 738 2 741 enabling timer to recover from error state 2 166 forward delay time 2 746 length of listening and learning states 2 746 shutting down Port Fast enabled ports 2 738 state information display 2 656 VLAN options 2 733 2 746 SVIs creating 2 181 SVI status calculation 2...

Page 1080: ...ace 2 820 error recovery timer 2 166 message timer 2 818 normal mode 2 818 2 820 reset a shutdown interface 2 822 status 2 670 udld command 2 818 udld port command 2 820 udld reset command 2 822 unicast storm control 2 759 UniDirectional Link Detection See UDLD unknown multicast traffic preventing 2 778 unknown unicast traffic preventing 2 778 unset boot loader command A 28 upgrading copying softw...

Page 1081: ...l See VTP VM mode 2 665 C 40 VMPS configuring servers 2 847 displaying 2 682 error recovery timer 2 167 reconfirming dynamic VLAN assignments 2 844 vmps reconfirm global configuration command 2 845 vmps reconfirm privileged EXEC command 2 844 vmps retry command 2 846 vmps server command 2 847 voice VLAN configuring 2 803 2 804 setting port priority 2 794 VQP and dynamic access ports 2 772 clearing...

Page 1082: ...Index IN 22 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference OL 13271 03 vtp global configuration command 2 849 vtp VLAN configuration command 2 853 ...

Reviews:

No comments

Related manuals for Catalyst 3032

Cole Hersee 75920 Quick Start Manual preview
75920
Brand: Cole Hersee Pages: 2
Siqura XSNet C6108SW Quick Start Manual preview
XSNet C6108SW
Brand: Siqura Pages: 2
Gefen EXT-DVI-441DL User Manual preview
EXT-DVI-441DL
Brand: Gefen Pages: 31
ORiNG IGS-1082GP Quick Installation Manual preview
IGS-1082GP
Brand: ORiNG Pages: 2
Theben TIMEGUARD WF10COM Installation & Operating Instructions Manual preview
TIMEGUARD WF10COM
Brand: Theben Pages: 35
Hirschmann PAT TRS 05 / PATB3 Installation And Setup Manual preview
PAT TRS 05 / PATB3
Brand: Hirschmann Pages: 12
Lantech IGS-2206C User Manual preview
IGS-2206C
Brand: Lantech Pages: 118
AbleNet SCATIR 51100 Manual preview
SCATIR 51100
Brand: AbleNet Pages: 12
A2A Simulations BONANZA ACCU-SIM V35B Manual preview
BONANZA ACCU-SIM V35B
Brand: A2A Simulations Pages: 112
Asante FRIENDLYNET FS4116R Quick Installation Manual preview
FRIENDLYNET FS4116R
Brand: Asante Pages: 6
Enterasys SecureStack C3K-2XFP IOM Hardware Installation Manual preview
SecureStack C3K-2XFP IOM
Brand: Enterasys Pages: 72
E&C ITS 3000 Installation And Operation Manual preview
ITS 3000
Brand: E&C Pages: 10
Harman AMX ENOVA DVX-3250HD-SP Instruction Manual preview
AMX ENOVA DVX-3250HD-SP
Brand: Harman Pages: 119
Crestron CLW-SW1/4RF Operation Manual preview
CLW-SW1/4RF
Brand: Crestron Pages: 36
LEGRAND Plexo Instructions Manual preview
Plexo
Brand: LEGRAND Pages: 140
Black Box KV1044A-R2 Specifications preview
KV1044A-R2
Brand: Black Box Pages: 4
Minicom DX DX 432 Operating Manual preview
DX 432
Brand: Minicom DX Pages: 36
ZIMCO RS74A-750F Installation & Operation Manual preview
RS74A-750F
Brand: ZIMCO Pages: 7

Brands by name

Popular brands

Load more brands