Dell N1100-ON Reference Manual Download Page 1064

Page: 1064 / 2332

Security Commands

1064

Command Mode

Global Configuration mode

User Guidelines

DSA keys are generated in pairs: one public DSA key and one private DSA

key. These keys are used the encrypt communication with the switch when

using SSH or HTTPS. If your switch already has DSA keys when you issue this

command, you are warned and prompted to replace the existing keys. Existing

certificates generated from the previous keys will be invalidated.The keys are

not saved in the switch configuration; they are saved in the file system and

the private key is never displayed to the user. DSA keys, along with other

switch credentials, are distributed to all units in a stack on a configuration

save.
Use the

crypto key zeroize dsa

command to remove the DSA key pair from

the system.
Private keys should never be shared with unauthorized users. This command

generates the following private/public key pair in the ssh_host_dsa_key and

ssh_host_dsa_key.pub files. Both the RSA and DSA keys must be generated to

enable the SSH server.

Example

The following example generates DSA key pairs.

console(config)#crypto key generate dsa

crypto key generate rsa

Use the

crypto key generate rsa

command in Global Configuration mode to

generate RSA key pairs for use by the SSH or HTTPS server. Use the

crypto

key zeroize

form of the command to delete the private key from the local file

system.

Syntax

crypto key generate rsa

Default Configuration

RSA key pairs do not exist.

«
...
1062
1063
1064
1065
1066
...
»

Summary of Contents for N1100-ON

Page 1: ... Version 6 3 0 x N2000 N3000 N4000 Series Switches Version 6 3 5 x N3100 ON Series Switches Version 6 3 6 x N2100 ON N3100 ON Series Switches Version 6 4 x x N1100 ON Series Switches Regulatory Model E17W E18W E15W E16W E05W E04W E06W E07W PowerConnect 8132 PowerConnect 8132F PowerConnect 8164 PowerConnect 8164F ...

Page 2: ......

Page 3: ...ce Copyright 2017 Dell EMC Inc All rights reserved This product is protected by U S and international copyright and intellectual property laws Dell EMC and the Dell EMC logo are trademarks of Dell EMC Inc in the United States and or other jurisdictions All other marks and names mentioned herein may be trademarks of their respective companies Regulatory Model E17W E18W E15W E16W E05W E04W E06W E07W...

Page 4: ......

Page 5: ...s 101 2 Using the CLI 217 Introduction 217 Entering and Editing CLI Commands 217 CLI Command Modes 230 Starting the CLI 244 Using CLI Functions and Tools 245 3 Layer 2 Switching Commands 259 ACL Commands 260 ACL Logging 260 Commands in this Section 263 ip access list 263 deny permit IP ACL 264 ...

Page 6: ...ists interface 282 show ip access lists 282 show mac access lists 285 MAC Address Table Commands 287 Commands in this Section 288 clear mac address table 288 mac address table aging time 289 mac address table multicast forbidden address 290 mac address table static vlan 291 switchport port security Global Configuration 292 switchport port security Interface Configuration 295 show mac address table...

Page 7: ... address table vlan 307 show port security 308 Auto VoIP Commands 311 Commands in this Section 311 show switchport voice 312 switchport voice detect auto 314 CDP Interoperability Commands 315 Commands in this Section 315 clear isdp counters 315 clear isdp table 316 isdp advertise v2 316 isdp enable 317 isdp holdtime 318 isdp timer 319 show isdp 319 show isdp entry 320 show isdp interface 321 ...

Page 8: ...hcp l2relay trust 328 dhcp l2relay vlan 329 show dhcp l2relay all 330 show dhcp l2relay interface 331 show dhcp l2relay stats interface 331 show dhcp l2relay agent option vlan 332 show dhcp l2relay vlan 333 show dhcp l2relay circuit id vlan 334 show dhcp l2relay remote id vlan 335 clear dhcp l2relay statistics interface 335 DHCP Snooping Commands 337 Commands in this Section 338 clear ip dhcp snoo...

Page 9: ...ac address 346 show ip dhcp snooping 346 show ip dhcp snooping binding 347 show ip dhcp snooping database 348 show ip dhcp snooping interfaces 349 show ip dhcp snooping statistics 350 DHCPv6 Snooping Commands 352 clear ipv6 dhcp snooping binding 352 clear ipv6 dhcp snooping statistics 353 ipv6 dhcp snooping 353 ipv6 dhcp snooping vlan 354 ipv6 dhcp snooping binding 355 ipv6 dhcp snooping database ...

Page 10: ...v6 dhcp snooping binding 364 show ipv6 dhcp snooping database 365 show ipv6 dhcp snooping interfaces 366 show ipv6 dhcp snooping statistics 366 show ipv6 source binding 368 show ipv6 verify 368 show ipv6 verify source 369 Dynamic ARP Inspection Commands 371 Commands in this Section 371 arp access list 371 clear ip arp inspection statistics 372 ip arp inspection filter 373 ip arp inspection limit 3...

Page 11: ...figuration Commands 382 Commands in this Section 383 clear counters 383 description 384 duplex 385 flowcontrol 386 interface 387 interface range 388 link debounce time 390 rate limit cpu 391 show interfaces 393 show interfaces advertise 396 show interfaces configuration 398 show interfaces counters 399 show interfaces debounce 403 show interfaces description 403 ...

Page 12: ...control 414 show storm control action 415 shutdown 416 speed 416 switchport protected 419 switchport protected name 420 show switchport protected 420 show system mtu 421 system jumbo mtu 422 Ethernet CFM Commands 424 Commands in this Section 424 ethernet cfm domain 425 service 426 ethernet cfm cc level 426 ethernet cfm mep level 427 ethernet cfm mep enable 428 ...

Page 13: ...fm maintenance points local 435 show ethernet cfm maintenance points remote 436 show ethernet cfm statistics 437 Green Ethernet Commands 440 Energy Detect Mode 440 Energy Efficient Ethernet 440 Commands in this Section 440 green mode energy detect 441 green mode eee 442 green mode eee tx idle time tx wake time 443 clear green mode statistics 444 green mode eee lpi history 444 show green mode inter...

Page 14: ...s Section 457 clear gvrp statistics 457 garp timer 458 gvrp enable Global Configuration 459 gvrp enable Interface Configuration 460 gvrp registration forbid 461 gvrp vlan creation forbid 462 show gvrp configuration 463 show gvrp error statistics 464 show gvrp statistics 465 IGMP Snooping Commands 467 Commands in this Section 468 ip igmp snooping 468 show ip igmp snooping 470 show ip igmp snooping ...

Page 15: ...oping vlan mrouter 478 IGMP Snooping Querier Commands 480 Commands in this Section 480 ip igmp snooping querier 480 ip igmp snooping querier election participate 482 ip igmp snooping querier query interval 483 ip igmp snooping querier timer expiry 484 ip igmp snooping querier version 485 show ip igmp snooping querier 485 Interface Error Disable and Auto Recovery 489 Commands in this Section 489 er...

Page 16: ... groupmembership interval 511 ipv6 mld snooping vlan immediate leave 511 ipv6 mld snooping listener message suppression 512 ipv6 mld snooping vlan last listener query interval 513 ipv6 mld snooping vlan mcrtrexpiretime 514 ipv6 mld snooping vlan mrouter 515 ipv6 mld snooping Global 515 show ipv6 mld snooping 516 show ipv6 mld snooping groups 518 show ipv6 mld snooping mrouter 519 IPv6 MLD Snooping...

Page 17: ...xpiry 525 show ipv6 mld snooping querier 526 IP Source Guard Commands 528 Commands in this Section 528 ip verify source 528 ip verify binding 530 show ip verify 530 show ip verify source 531 show ip source binding 532 iSCSI Optimization Commands 534 Commands in this Section 535 iscsi aging time 535 iscsi cos 536 iscsi enable 538 iscsi target port 539 show iscsi 540 show iscsi sessions 541 Link Dep...

Page 18: ...ands 549 Commands in this Section 550 clear lldp remote data 550 clear lldp statistics 551 dcb enable 552 lldp med 552 lldp med confignotification 553 lldp med faststartrepeatcount 553 lldp med transmit tlv 554 lldp notification 555 lldp notification interval 556 lldp receive 556 lldp timers 557 lldp transmit 558 lldp transmit mgmt 559 ...

Page 19: ...565 show lldp med remote device 567 show lldp remote device 569 show lldp statistics 570 Loop Protection 573 Commands in this Section 573 keepalive Interface Config 573 keepalive Global Config 575 keepalive action 576 show keepalive 577 show keepalive statistics 578 MLAG Commands 580 Commands in this Section 580 clear vpc statistics 580 feature vpc 581 peer detection enable 582 ...

Page 20: ...7 show vpc 588 show vpc brief 589 show vpc consistency parameters 591 show vpc consistency features 593 show vpc peer keepalive 594 show vpc role 595 show vpc statistics 596 system mac 598 system priority 599 vpc 600 vpc domain 601 vpc peer link 602 Multicast VLAN Registration Commands 604 Commands in this Section 605 mvr 605 mvr group 605 ...

Page 21: ...mvr members 613 show mvr interface 614 show mvr traffic 616 Port Channel Commands 618 Static LAGS 619 VLANs and LAGs 620 LAG Thresholds 620 LAG Hashing 620 Enhanced LAG Hashing 621 Manual Aggregation of LAGs 621 Flexible Assignment of Ports to LAGs 622 Commands in this Section 622 channel group 622 interface port channel 623 ...

Page 22: ...show interfaces port channel 631 show lacp 632 show statistics port channel 634 Port Monitor Commands 637 Commands in this Section 638 monitor capture Global Configuration 638 monitor capture Privileged Exec 640 monitor capture mode 640 monitor session 645 remote span 650 show monitor capture 651 show monitor session 653 show vlan remote span 655 QoS Commands 657 Access Control Lists 657 ...

Page 23: ...n this Section 660 assign queue 661 class 662 class map 663 class map rename 663 classofservice dot1p mapping 664 classofservice ip dscp mapping 665 classofservice trust 669 conform color 670 cos queue min bandwidth 672 cos queue random detect 673 cos queue strict 676 diffserv 677 drop 678 mark cos 678 mark ip dscp 679 ...

Page 24: ...tip 684 match dstip6 685 match dstl4port 686 match ethertype 686 match ip6flowlbl 687 match ip dscp 688 match ip precedence 689 match ip tos 690 match protocol 691 match source address mac 692 match srcip 693 match srcip6 693 match srcl4port 694 match vlan 695 mirror 696 police simple 696 police single rate 698 ...

Page 25: ...ssofservice dot1p mapping 711 show classofservice ip dscp mapping 713 show classofservice trust 715 show diffserv 715 show diffserv service interface 716 show diffserv service brief 717 show interfaces cos queue 718 show interfaces random detect 720 show policy map 722 show policy map interface 723 show service policy 724 traffic shape 725 vlan priority 726 Spanning Tree Commands 727 ...

Page 26: ...ng tree summary 742 show spanning tree vlan 743 spanning tree 744 spanning tree auto portfast 745 spanning tree backbonefast 746 spanning tree bpdu flooding 747 spanning tree bpdu protection 747 spanning tree cost 748 spanning tree disable 750 spanning tree forward time 750 spanning tree guard 751 spanning tree loopguard 752 spanning tree max age 753 spanning tree max hops 754 ...

Page 27: ... portfast default 762 spanning tree port priority Interface Configuration 763 spanning tree priority 764 spanning tree tcnguard 765 spanning tree transmit hold count 766 spanning tree uplinkfast 766 spanning tree vlan 768 spanning tree vlan forward time 769 spanning tree vlan hello time 770 spanning tree vlan max age 771 spanning tree vlan root 772 spanning tree vlan priority 773 UDLD Commands 775...

Page 28: ...77 udld reset 778 udld message time 779 udld timeout interval 780 udld enable Interface Configuration 780 udld port 781 show udld 782 VLAN Commands 784 Double VLAN Mode 785 Independent VLAN Learning 785 Protocol Based VLANs 786 IP Subnet Based VLANs 786 MAC Based VLANs 786 Private VLAN Commands 787 Commands in this Section 789 interface vlan 790 interface range vlan 791 ...

Page 29: ...vlan 802 show vlan association mac 804 show vlan association subnet 805 show vlan private vlan 806 switchport access vlan 807 switchport dot1q ethertype Global Configuration 808 switchport dot1q ethertype Interface Configuration 810 switchport general forbidden vlan 812 switchport general acceptable frame type tagged only 813 switchport general allowed vlan 813 switchport general ingress filtering...

Page 30: ...ncapsulation dot1q 823 vlan 824 vlan association mac 825 vlan association subnet 825 vlan makestatic 826 vlan protocol group 827 vlan protocol group add protocol 828 vlan protocol group name 829 vlan protocol group remove 829 Voice VLAN Commands 831 Commands in this Section 832 voice vlan 832 voice vlan Interface 832 voice vlan data priority 834 show voice vlan 835 ...

Page 31: ...1 Network Authentication 841 Local 802 1x Authentication Server 841 MAC Authentication Bypass 842 Guest VLAN 843 Unauthenticated VLAN 843 Commands in this Section 844 aaa accounting 844 aaa authentication dot1x default 847 aaa authentication enable 848 aaa authentication login 850 aaa authorization 852 aaa authorization network default radius 855 aaa ias user username 856 aaa new model 857 ...

Page 32: ...ntication authentication history 864 enable password 864 ip http authentication 865 ip https authentication 866 password AAA IAS User Configuration 868 password User Exec 869 show aaa ias users 870 show aaa statistics 870 show accounting methods 871 show authentication 872 show authentication authentication history 873 show authentication methods 874 show authentication statistics 875 show authori...

Page 33: ...Profile Configuration 885 rule 886 show admin profiles 887 show admin profiles brief 888 show cli modes 889 E mail Alerting Commands 890 Commands in this Section 890 logging email 891 logging email urgent 892 logging email message type to addr 893 logging email from addr 894 logging email message type subject 895 logging email logtime 896 logging email test message type 897 show logging email stat...

Page 34: ...ation Mode 901 password Mail Server Configuration Mode 902 show mail server 903 RADIUS Commands 905 RADIUS based Dynamic VLAN Assignment 905 RADIUS Change of Authorization 906 Commands in this Section 907 acct port 908 attribute 6 909 attribute 8 910 attribute 25 911 attribute 31 911 authentication event fail retry 913 auth port 914 deadtime 915 key 916 msgauth 917 ...

Page 35: ... radius server attribute 25 924 radius server attribute 31 924 radius server deadtime 926 radius server host 927 radius server key 928 radius server retransmit 929 radius server source ip 930 radius server source interface 931 radius server timeout 932 retransmit 932 show aaa servers 933 show radius statistics 936 source ip 940 timeout 940 usage 941 ...

Page 36: ...ver key 948 tacacs server source interface 949 tacacs server timeout 950 timeout 951 802 1x Commands 953 802 1x Monitor Mode 953 Commands in this Section 954 dot1x dynamic vlan enable 955 dot1x eapolflood 956 dot1x initialize 956 dot1x mac auth bypass 957 dot1x max req 958 dot1x max users 959 dot1x port control 959 dot1x re authenticate 961 ...

Page 37: ... dot1x timeout server timeout 966 dot1x timeout supp timeout 967 dot1x timeout tx period 968 auth type 969 client 970 ignore 972 port 973 server key 973 show dot1x 975 show dot1x authentication history 977 show dot1x clients 979 show dot1x interface 980 show dot1x interface statistics 982 show dot1x users 983 clear dot1x authentication history 984 dot1x guest vlan 985 ...

Page 38: ...Commands 990 Commands in this Section 990 authentication timeout 992 captive portal 992 enable 993 http port 994 https port 994 show captive portal 995 show captive portal status 996 block 997 configuration 997 enable 998 group 999 interface 999 locale 1000 name Captive Portal 1001 protocol 1001 redirect 1002 ...

Page 39: ...ient status 1007 show captive portal interface configuration status 1008 clear captive portal users 1009 no user 1010 show captive portal user 1010 user group 1011 user logout 1012 user name 1013 user password 1014 user session timeout 1014 show captive portal configuration 1015 show captive portal configuration interface 1016 show captive portal configuration locales 1017 show captive portal conf...

Page 40: ... dos control sipdip 1025 dos control tcpflag 1026 dos control tcpfrag 1026 rate limit cpu 1027 show dos control 1029 show system internal pktmgr 1030 storm control broadcast 1031 storm control multicast 1032 storm control unicast 1034 Management ACL Commands 1036 Commands in this Section 1036 deny management 1037 management access class 1038 management access list 1039 permit management 1041 ...

Page 41: ...s aging 1048 passwords history 1048 passwords lock out 1049 passwords min length 1050 passwords strength check 1051 passwords strength minimum uppercase letters 1052 passwords strength minimum lowercase letters 1053 passwords strength minimum numeric characters 1054 passwords strength minimum special characters 1054 passwords strength max limit consecutive characters 1055 passwords strength max li...

Page 42: ...a 1063 crypto key generate rsa 1064 crypto key pubkey chain ssh 1065 crypto key zeroize pubkey chain 1066 crypto key zeroize rsa dsa 1067 ip ssh port 1068 ip ssh pubkey auth 1069 ip ssh server 1070 key string 1071 show crypto key mypubkey 1072 show crypto key pubkey chain ssh 1073 show ip ssh 1074 5 Audio Visual Bridging Commands 1075 Multiple MAC Registration Protocol Commands 1076 Commands in th...

Page 43: ...s 1083 Commands in this Section 1083 clear mvrp statistics 1083 mvrp 1084 mvrp global 1085 mvrp periodic state machine 1086 show mvrp 1087 show mvrp statistics 1088 Multiple Stream Reservation Protocol Commands 1090 Commands in this Section 1090 clear msrp statistics 1090 msrp Interface 1091 msrp boundary propagate 1092 msrp delta bw 1093 msrp global 1094 msrp max fan in ports 1095 ...

Page 44: ...esync Commands 1109 Commands in this Section 1109 clear dot1as statistics 1109 dot1as Global Configuration 1110 dot1as Interface Configuration 1111 dot1as priority 1112 dot1as interval announce 1113 dot1as interval sync 1115 dot1as interval pdelay 1116 dot1as timeout announce 1117 dot1as timeout sync 1119 dot1as pdelay threshold 1120 dot1as interval pdelay loss 1121 show dot1as 1123 ...

Page 45: ...pability Exchange Commands 1138 datacenter bridging 1138 lldp dcbx version 1139 lldp tlv select dcbxp dcb enable 1140 lldp dcbx port role 1142 show lldp tlv select 1143 show lldp dcbx 1144 Enhanced Transmission Selection ETS Commands 1148 classofservice traffic class group 1148 traffic class group max bandwidth 1150 traffic class group min bandwidth 1151 traffic class group strict 1152 traffic cla...

Page 46: ... ipv4 address 1163 mode 1165 openflow 1167 passive 1168 protocol version 1169 show openflow 1171 Priority Flow Control Commands 1179 Commands in this Section 1180 priority flow control mode 1180 priority flow control priority 1181 clear priority flow control statistics 1182 show interfaces priority flow control 1183 7 Layer 3 Routing Commands 1187 ARP Commands 1188 ARP Aging 1189 ...

Page 47: ...arp retries 1195 arp timeout 1195 clear arp cache 1196 clear arp cache management 1197 ip local proxy arp 1198 ip proxy arp 1198 show arp 1199 Bidirectional Forwarding Detection Commands 1201 Commands in this Section 1201 feature bfd 1201 bfd echo 1202 bfd interval 1203 bfd slow timer 1205 ip ospf bfd 1206 ipv6 ospf bfd 1207 ...

Page 48: ... 1219 aggregate address 1221 bgp aggregate different meds BGP Router Configuration 1222 bgp aggregate different meds IPv6 Address Family Configuration 1223 bgp always compare med 1224 bgp client to client reflection BGP Router Configuration 1225 bgp client to client reflection IPv6 Address Family Configuration 1226 bgp cluster id 1227 bgp default local preference 1228 bgp fast external fallover 12...

Page 49: ...P Router Configuration 1239 default metric IPv6 Address Family Configuration 1240 distance 1241 distance bgp BGP Router Configuration 1242 distance bgp IPv6 Address Family Configuration 1243 distribute list prefix in 1245 distribute list prefix out BGP Router Configuration 1245 distribute list prefix out IPv6 Address Family Configuration 1246 enable 1247 ip as path access list 1248 ip bgp communit...

Page 50: ...guration 1263 neighbor advertisement interval IPv6 Address Family Configuration 1264 neighbor allowas in 1265 neighbor connect retry interval 1267 neighbor default originate BGP Router Configuration 1268 neighbor default originate IPv6 Address Family Configuration 1269 neighbor description 1271 neighbor ebgp multihop 1272 neighbor filter list BGP Router Configuration 1274 neighbor filter list IPv6...

Page 51: ...ve private as 1290 neighbor rfc5549 support 1291 neighbor route map BGP Router Configuration 1293 neighbor route map IPv6 Address Family Configuration 1294 neighbor route reflector client BGP Router Configuration 1295 neighbor route reflector client IPv6 Address Family Configuration 1296 neighbor send community BGP Router Configuration 1298 neighbor send community IPv6 Address Family Configuration...

Page 52: ...mmunity 1320 show bgp ipv6 community list 1322 show bgp ipv6 listen range 1323 show bgp ipv6 neighbors 1324 show bgp ipv6 neighbors advertised routes 1330 show bgp ipv6 neighbors policy 1332 show bgp ipv6 neighbors received routes 1333 show bgp ipv6 statistics 1335 show bgp ipv6 summary 1336 show bgp ipv6 update group 1339 show bgp ipv6 route reflection 1342 show ip bgp 1343 show ip bgp aggregate ...

Page 53: ...how ip bgp neighbors received routes 1359 show ip bgp neighbors policy 1361 show ip bgp route reflection 1362 show ip bgp statistics 1363 show ip bgp summary 1365 show ip bgp template 1368 show ip bgp traffic 1369 show ip bgp update group 1371 show ip bgp vpn4 1375 show router capability 1379 template peer 1380 timers bgp 1382 BGP Routing Policy 1384 Commands in this Section 1384 ip as path access...

Page 54: ...6 match ip address prefix list 1397 match ipv6 address prefix list 1398 show ip as path access list 1399 show ip community list 1400 show ip prefix list 1401 show ipv6 prefix list 1403 clear ip prefix list 1405 clear ipv6 prefix list 1406 clear ip community list 1407 set as path 1408 set comm list delete 1409 set community 1410 set ipv6 next hop BGP 1411 set local preference 1412 ...

Page 55: ...dvmrp nexthop 1419 show ip dvmrp prune 1420 show ip dvmrp route 1421 IGMP Commands 1422 Commands in this Section 1423 ip igmp last member query count 1423 ip igmp last member query interval 1424 ip igmp mroute proxy 1425 ip igmp query interval 1426 ip igmp query max response time 1427 ip igmp robustness 1428 ip igmp startup query count 1428 ip igmp startup query interval 1429 ip igmp version 1430 ...

Page 56: ...mp proxy service unsolicit rprt interval 1438 show ip igmp proxy service 1439 show ip igmp proxy service interface 1440 show ip igmp proxy groups 1440 show ip igmp proxy service groups detail 1441 IP Helper DHCP Relay Commands 1443 Commands in this Section 1445 bootpdhcprelay maxhopcount 1446 bootpdhcprelay minwaittime 1447 clear ip helper statistics 1448 ip dhcp relay information check 1448 ip dh...

Page 57: ...s 1457 show ip dhcp relay 1458 show ip helper statistics 1459 IP Routing Commands 1462 Static Routes ECMP Static Routes 1462 Static Reject Routes 1463 Default Routes 1463 Commands in this Section 1463 encapsulation 1464 ip icmp echo reply 1464 ip icmp error interval 1465 ip netdirbcast 1466 ip policy route map 1467 ip redirects 1469 ip route 1469 ip route default 1474 ip route distance 1476 ...

Page 58: ...1484 match mac list 1485 route map 1485 set interface null0 1487 set ip default next hop 1488 set ip next hop 1489 set ip precedence 1490 show ip brief 1491 show ip interface 1492 show ip policy 1494 show ip protocols 1494 show ip route 1498 show ip route static 1501 show ip route preferences 1502 show ip route summary 1503 show ip traffic 1504 ...

Page 59: ... ipv6 statistics 1513 ipv6 address 1514 ipv6 enable 1515 ipv6 hop limit 1516 ipv6 host 1516 ipv6 icmp error interval 1517 ipv6 mld last member query count 1518 ipv6 mld last member query interval 1519 ipv6 mld host proxy 1519 ipv6 mld host proxy reset status 1520 ipv6 mld host proxy unsolicit rprt interval 1521 ipv6 mld query interval 1521 ipv6 mld query max response time 1522 ipv6 nd dad attempts...

Page 60: ... nud retry 1528 ipv6 nd other config flag 1529 ipv6 nd prefix 1530 ipv6 nd raguard attach policy 1531 ipv6 nd ra interval 1532 ipv6 nd ra lifetime 1533 ipv6 nd reachable time 1534 ipv6 nd suppress ra 1535 ipv6 route 1535 ipv6 route distance 1537 ipv6 unicast routing 1538 ipv6 unreachables 1538 show ipv6 brief 1539 show ipv6 interface 1540 show ipv6 mld groups 1542 show ipv6 mld interface 1544 ...

Page 61: ...show ipv6 neighbors 1555 show ipv6 protocols 1555 show ipv6 route 1557 show ipv6 route preferences 1558 show ipv6 route summary 1559 show ipv6 snooping counters 1560 show ipv6 traffic 1561 show ipv6 vlan 1562 traceroute ipv6 1563 Loopback Interface Commands 1565 Commands in this Section 1565 interface loopback 1565 show interfaces loopback 1566 IP Multicast Commands 1568 Commands in this Section 1...

Page 62: ...sr candidate 1576 ip pim dense mode 1577 ip pim dr priority 1578 ip pim hello interval 1578 ip pim join prune interval 1579 ip pim rp address 1580 ip pim rp candidate 1581 ip pim sparse mode 1581 ip pim ssm 1582 show ip mfc 1583 show ip multicast 1584 show ip pim boundary 1585 show ip multicast interface 1586 show ip mroute 1587 show ip mroute group 1587 ...

Page 63: ...ow ip pim rp mapping 1595 show ip pim statistics 1596 IPv6 Multicast Commands 1599 clear ipv6 mroute 1599 ipv6 pim VLAN Interface config 1600 ipv6 pim bsr border 1601 ipv6 pim bsr candidate 1602 ipv6 pim dense mode 1603 ipv6 pim dr priority 1603 ipv6 pim hello interval 1604 ipv6 pim join prune interval 1605 ipv6 pim register threshold 1605 ipv6 pim rp address 1606 ipv6 pim rp candidate 1607 ...

Page 64: ...17 show ipv6 pim rp hash 1618 show ipv6 pim rp mapping 1618 show ipv6 pim statistics 1619 OSPF Commands 1622 Route Preferences 1623 OSPF Equal Cost Multipath ECMP 1623 Forwarding of OSPF Opaque LSAs Enabled by Default 1624 Passive Interfaces 1624 Graceful Restart 1625 Commands in this Section 1625 area default cost Router OSPF 1626 area nssa Router OSPF 1627 area nssa default info originate Router...

Page 65: ...a virtual link 1637 area virtual link authentication 1639 area virtual link dead interval 1641 area virtual link hello interval 1642 area virtual link retransmit interval 1643 area virtual link transmit delay 1644 auto cost 1644 bandwidth 1645 bfd 1646 capability opaque 1647 clear ip ospf 1648 clear ip ospf stub router 1649 compatible rfc1583 1650 default information originate Router OSPF Configur...

Page 66: ...7 ip ospf authentication 1658 ip ospf cost 1659 ip ospf database filter all out 1659 ip ospf dead interval 1660 ip ospf hello interval 1661 ip ospf mtu ignore 1661 ip ospf network 1662 ip ospf priority 1663 ip ospf retransmit interval 1664 ip ospf transmit delay 1665 log adjacency changes 1665 max metric router lsa 1666 maximum paths 1668 network area 1669 ...

Page 67: ...F 1675 router id 1676 router ospf 1677 show ip ospf 1678 show ip ospf abr 1685 show ip ospf area 1685 show ip ospf asbr 1687 show ip ospf database 1688 show ip ospf database database summary 1691 show ip ospf interface 1693 show ip ospf interface brief 1695 show ip ospf interface stats 1696 show ip ospf lsa group 1697 show ip ospf neighbor 1698 show ip ospf range 1702 ...

Page 68: ...11 timers spf 1712 OSPFv3 Commands 1713 area default cost Router OSPFv3 1714 area nssa Router OSPFv3 1715 area nssa default info originate Router OSPFv3 Config 1716 area nssa no redistribute 1717 area nssa no summary 1718 area nssa translator role 1719 area nssa translator stab intv 1720 area range Router OSPFv3 1721 area stub 1722 area stub no summary 1723 area virtual link 1723 area virtual link...

Page 69: ...default metric 1729 distance ospf 1730 enable 1731 exit overflow interval 1732 external lsdb limit 1733 ipv6 ospf 1733 ipv6 ospf area 1734 ipv6 ospf cost 1735 ipv6 ospf dead interval 1736 ipv6 ospf hello interval 1736 ipv6 ospf mtu ignore 1737 ipv6 ospf network 1738 ipv6 ospf priority 1739 ipv6 ospf retransmit interval 1740 ipv6 ospf transmit delay 1741 ipv6 router ospf 1741 maximum paths 1742 ...

Page 70: ...show ipv6 ospf 1749 show ipv6 ospf abr 1753 show ipv6 ospf area 1754 show ipv6 ospf asbr 1755 show ipv6 ospf border routers 1755 show ipv6 ospf database 1756 show ipv6 ospf database database summary 1758 show ipv6 ospf interface 1759 show ipv6 ospf interface brief 1760 show ipv6 ospf interface stats 1761 show ipv6 ospf interface vlan 1762 show ipv6 ospf neighbor 1763 show ipv6 ospf range 1764 ...

Page 71: ...rdp holdtime 1770 ip irdp maxadvertinterval 1771 ip irdp minadvertinterval 1772 ip irdp multicast 1773 ip irdp preference 1773 show ip irdp 1774 Routing Information Protocol Commands 1776 Commands in this Section 1776 auto summary 1776 default information originate Router RIP Configuration 1777 default metric 1778 distance rip 1779 distribute list out 1779 enable 1780 hostroutesaccept 1781 ip rip ...

Page 72: ...ce 1788 show ip rip interface brief 1789 split horizon 1790 Tunnel Interface Commands 1791 Commands in this Section 1791 interface tunnel 1791 show interfaces tunnel 1792 tunnel destination 1793 tunnel mode ipv6ip 1794 tunnel source 1794 Virtual Router Commands 1796 Commands in this Section 1797 description 1798 ip vrf 1799 ip vrf forwarding 1800 maximum routes 1801 ...

Page 73: ... Tracking 1807 Route Tracking 1807 Commands in this Section 1807 ip vrrp 1808 vrrp accept mode 1808 vrrp authentication 1809 vrrp description 1810 vrrp ip 1811 vrrp mode 1812 vrrp preempt 1813 vrrp priority 1814 vrrp timers advertise 1814 vrrp timers learn 1815 vrrp track interface 1816 vrrp track ip route 1817 show vrrp 1818 show vrrp interface 1820 ...

Page 74: ...cation 1827 Auto Install Commands 1829 Commands in this Section 1830 boot auto copy sw 1830 boot auto copy sw allow downgrade 1831 boot host auto reboot 1832 boot host auto save 1832 boot host dhcp 1833 boot host retry count 1834 show auto copy sw 1835 show boot 1835 CLI Macro Commands 1837 Commands in this Section 1838 macro name 1838 macro global apply 1840 macro global trace 1840 ...

Page 75: ... Simple Network Time Protocol 1845 Commands in this Section 1846 show sntp configuration 1846 show sntp server 1847 show sntp status 1848 sntp authenticate 1849 sntp authentication key 1850 sntp broadcast client enable 1851 sntp client poll timer 1851 sntp server 1852 sntp source interface 1853 sntp trusted key 1854 sntp unicast client enable 1855 clock set 1856 ...

Page 76: ...ommand Line Configuration Scripting Commands 1862 Commands in this Section 1862 script apply 1862 script delete 1863 script list 1864 script show 1864 script validate 1865 Configuration and Image File Commands 1867 File System Commands 1867 Command Line Interface Scripting 1867 Commands in this Section 1867 boot system 1868 clear config 1869 copy 1869 delete 1879 dir 1879 ...

Page 77: ...nfig 1886 write 1887 DHCP Client Commands 1889 Commands in this Section 1889 release dhcp 1890 renew dhcp 1890 show dhcp lease 1892 DHCP Server Commands 1894 Commands in this Section 1895 ip dhcp pool 1895 bootfile 1898 clear ip dhcp binding 1898 clear ip dhcp conflict 1899 client identifier 1900 client name 1900 default router 1901 ...

Page 78: ...onflict logging 1906 ip dhcp excluded address 1906 ip dhcp ping packets 1907 lease 1908 netbios name server 1909 netbios node type 1910 network 1911 next server 1911 option 1912 service dhcp 1917 sntp 1917 show ip dhcp binding 1918 show ip dhcp conflict 1919 show ip dhcp global configuration 1919 show ip dhcp pool 1920 show ip dhcp server statistics 1920 ...

Page 79: ...6 dhcp server 1926 prefix delegation 1928 service dhcpv6 1929 show ipv6 dhcp 1930 show ipv6 dhcp binding 1930 show ipv6 dhcp interface User Exec 1931 show ipv6 dhcp interface Privileged Exec 1932 show ipv6 dhcp pool 1935 show ipv6 dhcp statistics 1936 HiveAgent Commands 1938 Commands in this Section 1938 eula consent 1938 hiveagent 1939 server 1940 enable 1941 proxy ip address 1942 ...

Page 80: ...ct 1948 interface out of band 1949 ip address 1950 ip address Out of Band 1951 ip address conflict detect run 1952 ip address dhcp Interface Configuration 1953 ip default gateway 1954 ip domain lookup 1956 ip domain name 1956 ip host 1957 ip name server 1958 ip name server source interface 1959 ipv6 address Interface Configuration 1960 ipv6 address OOB Port 1962 ipv6 address dhcp 1963 ...

Page 81: ...7 show ip helper address 1968 show ipv6 dhcp interface out of band statistics 1969 show ipv6 interface out of band 1970 Line Commands 1972 accounting 1972 authorization 1973 enable authentication 1974 exec banner 1975 exec timeout 1976 history 1977 history size 1977 line 1978 login authentication 1979 login banner 1980 motd banner 1981 password Line Configuration 1981 ...

Page 82: ...1990 Flexible Power Management 1990 Commands in this Section 1991 power inline 1991 power inline detection 1992 power inline four pair forced 1993 power inline limit 1994 power inline management 1997 power inline powered device 1998 power inline priority 1999 power inline reset 2000 power inline usage threshold 2000 clear power inline statistics 2001 show power inline 2002 show power inline firmwa...

Page 83: ...011 show rmon alarms 2013 show rmon collection history 2014 show rmon events 2015 show rmon hcalarm 2016 show rmon history 2017 show rmon log 2020 show rmon statistics 2021 Serviceability Commands 2025 Commands in this Section 2025 debug aaa accounting 2026 debug arp 2027 debug authentication interface 2028 debug auto voip 2029 debug bfd 2029 debug cfm 2030 ...

Page 84: ... dot1ag 2037 debug dot1x 2038 debug igmpsnooping 2039 debug ip acl 2040 debug ip bgp 2040 debug ip dvmrp 2042 debug ip igmp 2043 debug ip mcache 2044 debug ip pimdm packet 2044 debug ip pimsm packet 2045 debug ipv6 dhcp 2046 debug ipv6 mcache 2047 debug ipv6 mld 2047 debug ipv6 pimdm 2048 debug ipv6 pimsm 2049 debug isdp 2050 ...

Page 85: ...ebug sflow 2055 debug spanning tree 2056 debug udld 2057 debug vpc 2058 debug vrrp 2059 exception core file 2059 exception dump 2060 exception protocol 2062 exception switch chip register 2065 ip http timeout policy 2065 show debugging 2066 show supported mibs 2069 snapshot bgp 2074 write core 2075 Sflow Commands 2077 ...

Page 86: ... Mode 2082 sflow source interface 2083 show sflow agent 2084 show sflow destination 2085 show sflow polling 2086 show sflow sampling 2087 show sflow source interface 2088 SNMP Commands 2090 Commands in this Section 2090 show snmp 2090 show snmp engineid 2092 show snmp filters 2092 show snmp group 2093 show snmp user 2095 show snmp views 2096 show trapflags 2097 ...

Page 87: ...snmp server filter 2106 snmp server group 2108 snmp server host 2109 snmp server location 2111 snmp server user 2111 snmp server view 2114 snmp server v3 host 2115 snmp server source interface 2117 SupportAssist Commands 2119 Commands in this Section 2119 eula consent 2119 contact company 2121 contact person 2122 enable 2123 proxy ip address 2124 server 2125 ...

Page 88: ...to Local File and SYSLOG Server 2132 Commands in this Section 2133 clear logging 2133 clear logging file 2134 description Logging 2135 level 2135 logging cli command 2136 logging 2138 logging audit 2140 logging buffered 2140 logging console 2142 logging facility 2143 logging file 2143 logging monitor 2145 logging on 2146 logging protocol 2146 ...

Page 89: ...how logging file 2154 show syslog servers 2154 terminal monitor 2155 System and Stack Management Commands 2157 asset tag 2158 banner exec 2159 banner login 2159 banner motd 2160 banner motd acknowledge 2161 buffers 2163 clear checkpoint statistics 2165 clear counters stack ports 2165 connect 2166 cut through mode 2167 disconnect 2168 ...

Page 90: ...l 2173 locate 2174 logout 2175 member 2176 memory free low watermark 2177 nsf 2178 ping 2178 process cpu threshold 2182 quit 2183 reload 2184 service unsupported transceiver 2186 set description 2186 slot 2187 show banner 2189 show buffers 2190 show checkpoint statistics 2191 show cut through mode 2192 ...

Page 91: ... memory cpu 2200 show nsf 2201 show power usage history 2203 show process app list 2204 show process app resource list 2206 show process cpu 2207 show process proc list 2208 show sessions 2210 show slot 2211 show supported cardtype 2213 show supported switchtype 2215 show switch 2217 show system 2222 show system fan 2224 show system id 2225 show system power 2225 ...

Page 92: ... shutdown 2236 standby 2237 switch renumber 2238 telnet 2239 traceroute 2240 traceroute ipv6 2242 update bootcode 2244 Telnet Server Commands 2246 Telnet Client Behaviors 2246 Commands in this Section 2248 ip telnet server disable 2248 ip telnet port 2249 show ip telnet 2249 Time Ranges Commands 2251 time range name 2251 absolute 2252 ...

Page 93: ...iles Uploaded from Switch to USB Flash Drive 2257 Downloading and Uploading of Files 2258 Commands in this Section 2258 unmount usb 2258 show usb 2259 dir usb 2260 User Interface Commands 2263 configure terminal 2263 do 2263 enable 2265 end 2266 exit 2267 quit 2267 Web Server Commands 2269 Web Sessions 2269 Commands in this Section 2270 common name 2270 ...

Page 94: ...2278 ip http server 2279 ip http secure certificate 2280 ip http secure port 2280 ip http secure server 2281 key generate 2282 location 2283 no crypto certificate 2283 organization unit 2284 show crypto certificate mycertificate 2285 show ip http server status 2286 show ip http server secure status 2287 state 2288 A Appendix A List of Commands 2289 ...

Page 95: ...red by a terminal keyboard and the output displayed as text via a terminal monitor The CLI can be accessed from a console terminal connected to an RS 232 port or through a Telnet SSH session Serial communication via a dedicated USB port is available on the N1100 ON Series switch This guide describes how the CLI is structured describes the command syntax and describes the command functionality This...

Page 96: ...ic ARP Inspection Configures for rejection of invalid and malicious ARP packets Ethernet Configuration Configures all port configuration options for example ports storm control port speed and auto negotiation Ethernet CFM Configures and displays GVRP configuration and information Green Ethernet Configures Green Ethernet and displays Green Ethernet information GVRP Configures GVRP snooping and disp...

Page 97: ...hannel Configures and displays Port channel information Port Monitor Monitors activity on specific target ports QoS Configures and displays QoS information Spanning Tree Configures and reports on Spanning Tree protocol UDLD Configures UDLD and displays UDLD information VLAN Configures VLANs and displays VLAN information Voice VLAN Configures voice VLANs and displays voice VLAN information Security...

Page 98: ...res and displays commands related to 802 1AS timesync Data Center Commands Data Center Bridging Configures data center bridging snooping and displays data center bridging information OpenFlow Configures the switch to be managed by a centralized OpenFlow Controller using the OpenFlow protocol Priority Flow Control Configures priority flow control and displays priority flow control information Layer...

Page 99: ...ng and addressing Loopback Interface IPv6 Manages Loopback configurations Multicast Mcast Manages Multicasting on the system OSPF IPv4 Manages shortest path operations OSPFv3 IPv6 Manages IPv6 shortest path operations Router Discovery Protocol IPv4 Manages router discovery operations Routing Information Protocol IPv4 Configures RIP activities Tunnel Interface IPv6 Managing tunneling operations Vir...

Page 100: ...and displays PoE information RMON Can be configured through the CLI and displays RMON information Serviceability Tracing Controls display of debug output to serial port or telnet console sFlow Configures sFlow monitoring SNMP Configures SNMP communities traps and displays SNMP information Syslog Manages and displays syslog messages System Management Configures the switch clock name and authorized ...

Page 101: ...ce CMC Class Map Configuration DCB Datacenter Bridging Configuration DP IP DHCP Pool Configuration DRC Dynamic Radius Configuration mode GC Global Configuration HAC Hive Agent Sever Configuration IC Interface Configuration IP IP Access List Configuration IPAF4 IPv4 Address Family Configuration IPAF IPv6 Address Family Configuration IR Interface Range KC Key Chain KE Key L Logging LC Line Configura...

Page 102: ...vileged Exec PM Policy Map Configuration PCGC Policy Map Global Configuration PCMC Policy Class Map Configuration PTC Peer Template Configuration R Radius RIP Router RIP Configuration RC Router Configuration RM Route Map Configuration ROSPF Router Open Shortest Path First ROSV3 Router Open Shortest Path First Version 3 S Support SAC Support Assist Configuration SC Stack Configuration SP SSH Public...

Page 103: ...t command allows traffic if the conditions defined in the permit statement are matched ML deny permit Mac Access List Configuration The deny command denies traffic if the conditions defined in the deny statement are matched The permit command allows traffic if the conditions defined in the permit statement are matched ML ip access group Attaches a specified access control list to an interface GC o...

Page 104: ...e abbreviation see Mode Types Command Description Modea clear mac address table Removes any learned entries from the forwarding database PE mac address table aging time Sets the address table aging time GC mac address table multicast forbidden address Forbids adding a specific multicast address to specific ports GC mac address table static vlan Registers MAC layer multicast addresses to the bridge...

Page 105: ... table vlan Displays all entries in the bridge forwarding database for the specified VLAN UE or PE show port security Displays the port lock status PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea a For the meaning of each Mode abbreviation see Mode Types switchport voice detect auto Enables the VoIP Profile on all the interfaces of the switch GC or IC show s...

Page 106: ...escription Modea dhcp l2relay Global Configuration Enables the Layer 2 DHCP Relay agent for an interface or globally GC or IC dhcp l2relay Interface Configuration Enables DHCP L2 Relay for an interface IC dhcp l2relay circuit id Enables user to set the DHCP Option 82 Circuit ID for a VLAN GC dhcp l2relay remote id Enables user to set the DHCP Option 82 Remote ID for a VLAN GC dhcp l2relay trust Co...

Page 107: ... ID configured on the specified VLAN or VLAN range PE or GC clear dhcp l2relay statistics interface Resets the DHCP L2 Relay counters to zero PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea clear ip dhcp snooping binding Clears all DHCP Snooping entries PE clear ip dhcp snooping statistics Clears all DHCP Snooping statistics PE ip dhcp snooping Enables DHCP ...

Page 108: ...ping configuration related to the database persistence PE show ip dhcp snooping interfaces Displays the DHCP Snooping status of the interfaces PE show ip dhcp snooping statistics Displays the DHCP snooping filtration statistics PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea arp access list Creates an ARP ACL GC clear ip arp inspection statistics Resets the ...

Page 109: ...the Dynamic ARP Inspection configuration PE 12 Enabled Disabled Displays the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea clear counters Clears statistics on an interface or globally PE description Adds a description to an interface IC flowcontrol Configures the flow control on ...

Page 110: ...igured interfaces UE show interfaces status Displays the status for all configured interfaces UE show interfaces transceiver Display the optic static parameters as well as the Dell EMC qualification PE show statistics Displays statistics for one port or for the entire switch PE show statistics switchport Displays detailed statistics for a specific port or for the entire switch PE show storm contro...

Page 111: ...interval and level on a VLAN monitored by an existing domain GC ethernet cfm mep level Creates a Maintenance End Point MEP on an interface at the specified level and direction IC ethernet cfm mep enable Enables a MEP at the specified level and direction IC ethernet cfm mep active Activates a MEP at the specified level and direction IC ethernet cfm mep archive hold time Maintains internal informati...

Page 112: ...terface or all the interfaces IC description Clears The EEE LPI event count and LPI duration The EEE LPI history table entries The Cumulative Power savings estimates for a specified interface or for all the interfaces based upon the argument PE green mode eee lpi history Configures the Global EEE LPI history collection interval and buffer size This value is applied globally on all interfaces on th...

Page 113: ...istics information PE garp timer Adjusts the GARP application join leave and leaveall GARP timer values IC gvrp enable Global Configuration Enables GVRP globally GC gvrp enable Interface Configuration Enables GVRP on an interface IC gvrp registration forbid Deregisters all VLANs and prevents dynamic VLAN registration on the port IC gvrp vlan creation forbid Enables or disables dynamic VLAN creatio...

Page 114: ...isables IGMP Snooping fast leave mode on a selected VLAN VC ip igmp snooping vlan groupmembership interval Sets the IGMP Group Membership Interval time on a VLAN VC ip igmp snooping vlan last member query interval Sets the IGMP Maximum Response time on a particular VLAN VC ip igmp snooping vlan mcrtrexpiretime Sets the Multicast Router Present Expiration time VC ip igmp snooping report suppression...

Page 115: ...reviation see Mode Types Command Description Modea clear host Deletes entries from the host name to address cache PE clear ip address conflict detect Clears the address conflict detection status in the switch PE interface out of band Enters into OOB interface configuration mode GC ip address Configures an IP address on an in band interface IC ip address Out of Band Sets an IP address for the out o...

Page 116: ...Pv6 on the management interface GC ipv6 enable OOB Configuration Enables IPv6 operation on the out of band interface IC ipv6 gateway OOB Configuration Configures the address of the IPv6 gateway IC show hosts Displays the default domain name a list of name server hosts static and cached list of host names and addresses UE show ip address conflict Displays the status information corresponding to the...

Page 117: ...odea ipv6 mld snooping vlan groupmembership interval Sets the MLD Group Membership Interval time on a VLAN or interface VC ipv6 mld snooping vlan immediate leave Enables or disables MLD Snooping immediate leave admin mode on a selected interface or VLAN VC ipv6 mld snooping vlan last listener query interval Sets the MLD Maximum Response time for an interface or VLAN IC or VC ipv6 mld snooping list...

Page 118: ... MLD Snooping Querier address on the system or on a VLAN GC or VC ipv6 mld snooping querier election participate Enables the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Querier in the VLAN VC ipv6 mld snooping querier query interval Sets the MLD Querier Query Interval time GC ipv6 mld snooping querier timer expiry Sets the MLD Querier t...

Page 119: ...rt Configures an iSCSI target port optionally configures target port address and name GC show iscsi Displays the iSCSI settings PE show iscsi sessions Displays the iSCSI sessions PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types action Indicates if the link dependency group should mirror or invert the status of the depended on interfaces LD link dependency gro...

Page 120: ...otifications IC lldp notification interval Limits how frequently remote data change notifications are sent GC lldp receive Enables the LLDP receive capability IC lldp timers Sets the timing parameters for local data transmission on ports enabled for LLDP GC lldp transmit Enables the LLDP advertise capability IC lldp transmit mgmt Specifies that transmission of the local system management address i...

Page 121: ...Modea a For the meaning of each Mode abbreviation see Mode Types keepalive Interface Config Enables loop protection on an interface IC keepalive Global Config Globally enable loop protection and optionally configure the loop protection timer and packet count GC keepalive action Configure the action taken when a loop is detected on an interface IC show keepalive Displays the global loop protect con...

Page 122: ...tch for primary secondary role selection MD show vpc Displays information about an MLAG PE show vpc brief Displays the MLAG global status PE show vpc consistency parameters Displays MLAG related configuration information in a format suitable for comparison with the other MLAG peer PE show vpc consistency features Displays MLAG related configuration information in a format suitable for comparison w...

Page 123: ... Command Description Modea a For the meaning of each Mode abbreviation see Mode Types mvr Enables MVR GC or IC mvr group Adds an MVR membership group GC mvr mode Changes the MVR mode type GC mvr querytime Sets the MVR query response time GC mvr vlan Sets the MVR multicast VLAN GC mvr immediate Enables MVR Immediate Leave mode IC mvr type Sets the MVR port type IC mvr vlan group Use to participate ...

Page 124: ... lacp timeout Assigns an administrative LACP timeout IC port channel min links Sets the minimum number of links that must be up in order for the port channel interface to be declared up IC show interfaces port channel Displays port channel information PE show lacp Displays LACP information for ports PE show statistics port channel Displays port channel statistics PE Command Description Modea monit...

Page 125: ...C classofservice dot1p mapping Maps an 802 1p priority to an internal traffic class for a switch GC or IC classofservice ip dscp mapping Maps an IP DSCP value to an internal traffic class GC classofservice trust Sets the class of service trust mode of an interface GC or IC conform color Specifies the precoloring of packets conforming to or exceeding the specified rate s The possible actions are dr...

Page 126: ...ified class definition a match condition for the Class of Service value CMC match destination address mac Adds to the specified class definition a match condition based on the destination MAC address of a packet CMC match dstip Adds to the specified class definition a match condition based on the destination IP address of a packet CMC match dstip6 Adds to the specified class definition a match con...

Page 127: ...on the source MAC address of the packet CMC match srcip Adds to the specified class definition a match condition based on the source IP address of a packet CMC match srcip6 Adds to the specified class definition a match condition based on the source IPv6 address of a packet v6CMC match srcl4port Adds to the specified class definition a match condition based on the source layer 4 port of a packet u...

Page 128: ...licy Attaches a policy to an interface in a particular direction GC or IC show class map Displays all configuration information for the specified class PE show classofservice dot1p mapping Displays the current 802 1p priority mapping to internal traffic classes for a specific interface PE show classofservice ip dscp mapping Displays the current IP DSCP mapping to internal traffic classes for a spe...

Page 129: ...de abbreviation see Mode Types Command Description Modea clear spanning tree detected protocols Restarts the protocol migration process on all interfaces or on the specified interface PE exit mst Exits the MST configuration mode and applies configuration changes MC instance mst Maps VLANs to an MST instance MC name mst Defines the MST configuration name MC revision mst Defines the configuration re...

Page 130: ...panning tree guard Selects whether loop guard or root guard is enabled on an interface IC spanning tree loopguard Enables loop guard on all ports GC spanning tree max age Configures the spanning tree bridge maximum age GC spanning tree max hops Sets the MSTP Max Hops parameter to a new value for the common and internal spanning tree GC spanning tree mode Configures the spanning tree protocol GC sp...

Page 131: ...tchover to an alternate port and enables Direct Link Rapid Convergence GC spanning tree vlan Enables per VLAN spanning tree on a VLAN GC spanning tree vlan forward time Configures the spanning tree forward delay time for a specified VLAN or a range of VLANs GC spanning tree vlan hello time Configures the spanning tree hello time for a specified VLAN or a range of VLANs GC spanning tree vlan max ag...

Page 132: ...nd Description Modea interface vlan Enters the VLAN interface configuration mode GC interface range vlan Enters the interface configuration mode to configure multiple VLANs GC name VLAN Configuration Configures a name to a VLAN IC private vlan Defines a private VLAN association between the primary and secondary VLANs VC protocol group Attaches a vlan id to the protocol based VLAN identified by gro...

Page 133: ...mation about the configured private VLANs PE switchport access vlan Configures the VLAN ID when the interface is in access mode IC switchport dot1q ethertype Global Configuration Defines additional QinQ tunneling TPIDs for matching in the outer VLAN tag of received frames GC switchportgeneralforbidden vlan Forbids adding specific VLANs to a port IC switchport general acceptable frame type tagged o...

Page 134: ... GC vlan association mac Associates a MAC address to a VLAN VC vlan association subnet Associates an IP subnet to a VLAN VC vlan makestatic Changes a GVRP dynamically created VLAN to a static VLAN GC vlan protocol group Adds protocol based VLAN groups to the system GC vlan protocol group add protocol Adds a protocol to the protocol based VLAN identified by groupid GC vlan protocol group name Adds ...

Page 135: ... login Defines login authentication GC aaa authorization Creates an authorization method list GC aaa authorization network default radius Enables the switch to accept VLAN assignment by the RADIUS server GC aaa ias user username Configures IAS users and their attributes Also changes the mode to aa user Configuration mode GC aaa new model This command is a no op command It is present only for compa...

Page 136: ...word User Exec Specifies a user password UE show aaa ias users Displays configured IAS users and their attributes PE show aaa statistics Displays accounting statistics PE show accounting methods Displays the configured accounting method lists PE show authentication Shows information about authentication methods PE show authentication authentication history Displays the authentication history on on...

Page 137: ...profile GC description Administrative Profile Configuration Adds a description to an administrative profile APC rule Adds a rule to an administrative profile APC show admin profiles Displays the administrative profiles PE show admin profiles brief Lists the names of the administrative profiles defined on the switch PE show cli modes Lists the names of all the CLI modes PE show users Shows which ad...

Page 138: ...any e mails failed when the last e mail was sent how long it has been since the last e mail was sent how long it has been since the e mail changed to disabled mode PE clear logging email statistics Clears the e mail alerting statistics GC security Sets the e mail alerting security protocol MSC mail server ip address hostname Configures the SMTP server IP address and changes the mode to Mail Server...

Page 139: ...s the format of the MAC address sent in the Calling Station Id attribute to the RADIUS server when authenticating using 802 1X MAC based authentication for an interface R authentication event fail retry Sets the number of times authentication may be reattempted by the user for the RADIUS method for an IEEE 802 1X supplicant GC auth port Sets the port number for authentication requests of the desig...

Page 140: ...supplied by the RADIUS server in accounting messages sent to the accounting server GC radius server attribute 31 Globally enables the switch to send the RADIUS Class attribute as supplied by the RADIUS server in accounting messages sent to the accounting server GC radius server deadtime Improves RADIUS response times when servers are unavailable Causes the unavailable servers to be skipped GC radi...

Page 141: ...ed for communication with RADIUS servers R timeout Sets the timeout value in seconds for the designated RADIUS server R usage Specifies the usage type of the server R a For the meaning of each Mode abbreviation see Mode Types Command Description Modea key Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server TC port Specifies a serve...

Page 142: ...802 1x frames in the VLAN GC dot1x initialize Begins the initialization sequence on the specified port PE dot1x mac auth bypass Enables MAB on an interface IC dot1x max req Sets the maximum number of times the switch sends an EAP request frame to the client before restarting the authentication process IC dot1x max users Sets the maximum number of clients supported on the port when MAC based 802 1X...

Page 143: ...the client IC dot1x timeout tx period Sets the number of seconds the switch waits for a response to an EAP request identify frame from the client before resending the request IC auth type Set the accepted authorization types for dynamic RADIUS clients DRC client Sets the CoA client parameters DRC ignore Sets the switch to ignore certain authentication parameters from dynamic RADIUS clients DRC por...

Page 144: ...he guest VLAN on a port IC dot1x unauth vlan Specifies the unauthenticated VLAN on a port IC show dot1x advanced Displays 802 1X advanced features for the switch or specified interface PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea authentication timeout Configures the authentication timeout CP captive portal Enables the captive portal configuration mode GC...

Page 145: ...tive portal configuration CPI redirect url Configures the redirect URL for a captive portal configuration CPI session timeout Configures the session timeout for a captive portal configuration CPI verification Configures the verification mode for a captive portal configuration CPI captive portal client deauthenticate De authenticates a specific captive portal client PE show captive portal client st...

Page 146: ...ser CP user session timeout Sets the session timeout value for a captive portal user CP show captive portal configuration Displays the operational status of each captive portal configuration PE show captive portal configuration interface Displays information about all interfaces assigned to a captive portal configuration or about a specific interface assigned to a captive portal configuration PE s...

Page 147: ...t Denial of Service protection GC rate limit cpu Configures the rate in packets per second for the number of IPv6 data packets trapped to CPU when the packet fails to be forwarded in the hardware due to unresolved hardware address of the destined IPv6 node GC show dos control Displays Denial of Service configuration information PE show system internal pktmgr Displays the configured CPU rate limit ...

Page 148: ...sers do not reuse their passwords too frequently GC passwords lock out Enables the administrator to strengthen the security of the switch by enabling the user lockout feature When a lockout count is configured a user who is logging in must enter the correct password within that count GC passwords min length Enables the administrator to enforce a minimum length required for a password GC passwords ...

Page 149: ...ters that a password can contain GC enable password encrypted Used by an Administrator to transfer the enable password between devices without having to know the password PE show passwords configuration Displays the configuration parameters for password configuration PE show passwords result Displays the last password set result information PE a For the meaning of each Mode abbreviation see Mode T...

Page 150: ...how ip ssh Displays the SSH server configuration PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea a For the meaning of each Mode abbreviation see Mode Types clear mmrp statistics Clears the MMRP statistics for an interface or all interfaces PE mmrp Enables MMRP on a specific interface IC or IR mmrp global Globally enables MMRP GC mmrp periodic state machine G...

Page 151: ...lays the MVRP statistics for an interface or globally PE GC Command Description Modea clear msrp statistics Clears the MSRP statistics for an interface or all interfaces PE msrp Interface Enables MSRP on a specific interface IC msrp boundary propagate Configures the IEEE 802 1Qav boundary propagation GC msrp delta bw Configures the MSRP VLAN ID for the SR traffic class on the interface IC msrp glo...

Page 152: ...lan enable Globally enables IEEE 802 1AS GC dot1as Interface Configuration Enables IEEE 802 1AS on an interface IC dot1as priority Globally configures the priority 1 or priority 2 value GC dot1as interval announce Configures the initial log announcement interval for an interface IC dot1as interval sync Configures the sync interval for an interface IC dot1as interval pdelay Configures the pdelay in...

Page 153: ... globally PE show dot1as statistics Displays the IEEE 802 1AS statistics for an interface PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea datacenter bridging Enables an Ethernet interface to enter DataCenterBridging mode IC lldp dcbx version Configures the administrative version for the Data Center Bridging Capability Exchange DCBX protocol GC lldp tlv selec...

Page 154: ...specified TCG GC or IC traffic class group weight Specifies the scheduling weight for each TCG GC or IC show classofservice traffic class group Displays the Traffic Class to Traffic Class Group mapping PE show interfaces traffic Displays traffic information PE show interfaces traffic class group Displays the Traffic Class to Traffic Class Group mapping PE a For the meaning of each Mode abbreviatio...

Page 155: ...ode Types Command Description Modea a For the meaning of each Mode abbreviation see Mode Types Data Center Bridging Capability Exchange Commands Enables Priority Flow Control PFC on an interface DCB priority flow control priority Enables the priority group for lossless no drop or lossy drop behavior on the selected interface DCB clear priority flow control statistics Clears all or interface Priori...

Page 156: ...P cache PE clear arp cache management Removes all entries from the ARP cache learned from the management port PE ip local proxy arp Enables proxying of ARP requests IC ip proxy arp Enables proxy ARP on a router interface IC show arp Displays the Address Resolution Protocol ARP cache PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea feature bfd Enables BFD on t...

Page 157: ...ly ipv4 vrf address family ipv6 Specifies IPv6 configuration parameters BR aggregate address Configures a summary address for BGP BR or IPAF bgp aggregate different meds BGP Router Configuration Controls the aggregation of routes with different multi exit discriminator MED attributes BR bgp aggregate different meds IPv6 Address Family Configuration Allows IPv6 routes with different MEDs to be aggr...

Page 158: ...xas limit Specifies a limit on the length of AS Paths that BGP accepts from its neighbors BR bgp router id Sets the BGP router ID BR clear ip bgp Resets peering sessions with all of a subnet of BGP peers PE clear ip bgp counters Resets all BGP counters to 0 PE default information originate BGP Router Configuration Enables BGP to originate a default route BR default information originate IPv6 Addre...

Page 159: ... ip as path access list Creates an AS path access list GC ip bgp community new format Displays BGP standard communities in AA NN format GC ip bgp fast external fallover Configures fast external failover behavior for a specific routing interface IC ip community list Creates or configures a BGP community list GC ip extcommunity list Creates an extended community list to configure VRF route filtering...

Page 160: ... allowas in Configures BGP to accept prefixes even if the local ASN is part of the AS_PATH BR neighbor connect retry interval Configure the initial connection retry time for a specific neighbor BR neighbor default originate BGP Router Configuration Configures BGP to originate a default route to a specific neighbor BR neighbor default originate IPv6 Address Family Configuration Configures BGP to or...

Page 161: ...GP to use a local address as the IPv6 next hop when advertising IPv6 routes to a specific peer IPAF neighbor password Enables MD5 authentication of TCP segments sent to and received from a neighbor and to configure an authentication key BR neighbor prefix list BGP Router Configuration Filters advertisements sent to a specific neighbor based on the destination prefix of each route BR neighbor prefi...

Page 162: ...rtised to the peer IPAF neighbor shutdown Administratively disables communications with a specific BGP neighbor BR IPAF neighbor timers Overrides the global keepalive and hold timer values as well as set the keepalive and hold timers for a specific neighbor BR neighbor update source Configures BGP to use a specific IP address as the source address for the TCP connection with a neighbor BR network ...

Page 163: ...s PE show bgp ipv6 community list Displays the IPv6 routes that match a specified community list PE show bgp ipv6 listen range Displays information about IPv6 BGP listen ranges PE show bgp ipv6 neighbors Displays neighbors with IPv4 or IPv6 peer addresses that are enabled for the exchange of IPv6 prefixes PE show bgp ipv6 neighbors advertised routes Displays IPv6 routes advertised to a specific ne...

Page 164: ...ow ip bgp neighbors Shows details about BGP neighbor configuration and status UE show ip bgp neighbors advertised routes Displays the list of routes advertised to a specific neighbor PE show ip bgp neighbors received routes Displays the list of routes received from a specific neighbor PE show ip bgp neighbors policy Displays the inbound and outbound IPv4 policies configured for a specific peer PE ...

Page 165: ...breviation see Mode Types Command Description Modea ip as path access list Create an AS path access list GC ip bgp community new format Displays BGP standard communities in AA NN format GC ip community list Creates or configures a BGP community list GC ip prefix list Creates a prefix list or adds a prefix list entry GC ip prefix list description Applies a text description to a prefix list GC ipv6 ...

Page 166: ...ix list counters PE clear ip community list Resets the IPv6 prefix list counters PE set as path Prepends one or more AS numbers to the AS path in a BGP route RC set comm list delete Removes BGP communities from an inbound or outbound UPDATE message RM set community Modifies the communities attribute of matching routes RM set ipv6 next hop BGP Sets the IPv6 next hop of a route RM set local preferen...

Page 167: ...a DHCP client by the DHCP server DP hardware address Specifies the MAC address of a client to be manually assigned an address DP host Specifies a manual binding for a DHCP client host DP ip dhcp bootp automatic Enables automatic BOOTP address assignments GC ip dhcp conflict logging Enables DHCP address conflict detection GC ip dhcp excluded address Excludes one or more DHCP addresses from automati...

Page 168: ...cp global configuration Displays the DHCP global configuration PE show ip dhcp pool Displays the configured DHCP pool or pools UE or PE show ip dhcp server statistics Displays the DHCP server binding and message counters PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea clear ipv6 dhcp Clears DHCPv6 statistics for all interfaces or for a specific interface PE ...

Page 169: ... specified interface PE show ipv6 dhcp pool Displays the configured DHCP pool PE show ipv6 dhcp statistics Displays the DHCPv6 server name and status UE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea clear ipv6 dhcp snooping binding Clears all IPv6 DHCP snooping entries UE or PE clear ipv6 dhcp snooping statistics Clears all IPv6 DHCP snooping statistics UE or...

Page 170: ...e not present in the DHCP binding database IC show ipv6 dhcp snooping Displays the IPv6 DHCP snooping configuration UE or PE show ipv6 dhcp snooping binding Displays the IPv6 DHCP snooping configuration UE or PE show ipv6 dhcp snooping database Displays IPv6 DHCP snooping configurations related to database persistency UE or PE show ipv6 dhcp snooping statistics Displays IPv6 DHCP snooping filtrati...

Page 171: ...PE show ip dvmrp neighbor Displays the neighbor information for DVMRP PE show ip dvmrp nexthop Displays the next hop information on outgoing interfaces for routing multicast datagrams PE show ip dvmrp prune Displays the table that lists the router s upstream prune information PE show ip dvmrp route Displays the multicast routing information for DVMRP PE Command Description Modea a For the meaning ...

Page 172: ... on this interface IC ip igmp query max response time Configures the maximum response time interval for the specified interface IC ip igmp robustness Configures the robustness that allows tuning of the interface IC ip igmp startup query count Sets the number of queries sent out on startup at intervals equal to the startup query interval for the interface IC ip igmp startup query interval Sets the ...

Page 173: ...ervice Displays a summary of the host interface status parameters PE show ip igmp proxy service interface Displays a detailed list of the host interface status parameters PE show ip igmp proxy groups Displays a table of information about multicast groups that IGMP Proxy reported PE show ip igmp proxy service groups detail Displays complete information about multicast groups that IGMP Proxy has rep...

Page 174: ...elay on the interface also called option 82 GC ip helper address global configuration Configures the relay of certain UDP broadcast packets received on any interface GC ip helper address interface configuration Configures the relay of certain UDP broadcast packets received on a specific interface IC ip helper enable Enables relay of UDP packets GC show ip helper address Displays the IP helper addr...

Page 175: ...interface and specifies the numbered interface providing the borrowed address IC ip unnumbered gratuitous arp accept Enables installation of a static interface route to the unnumbered peer upon receiving a gratuitous ARP IC ip unreachables Enables the generation of ICMP Destination Unreachable messages IC match ip address Specify IP address match criteria for a route map RM match length Configures...

Page 176: ...ip route Displays the routing table PE show ip route static Displays the configured routes whether or not they are reachable PE show ip route preferences Displays detailed information about the route preferences PE show ip route summary Shows the number of all routes including best and non best routes PE show ip traffic Displays IP statistical information UE or PE show ip vlan Displays the VLAN ro...

Page 177: ... router assumes that there are no local members on the interface IC VC ipv6 mld last member query interval Sets the last member query interval for the MLD interface which is the value of the maximum response time parameter in the group specific queries sent out of this interface IC VC ipv6 mld host proxy Enables MLD Proxy on the router IC ipv6 mld host proxy reset status Resets the host interface ...

Page 178: ...off multiple to be used in the calculation of the next timeout value for Neighbor Solicitation transmission during NUD neighbor unreachabililty detection following the exponential backoff algorithm GC ipv6 nd other config flag Sets the other stateful configuration flag in router advertisements sent from the interface IC ipv6 nd prefix Sets the IPv6 prefixes to include in the router advertisement I...

Page 179: ... MLD related information for an interface PE show ipv6 mld host proxy Displays a summary of the host interface status parameters PE show ipv6 mld host proxy groups Displays information about multicast groups that the MLD Proxy reported PE show ipv6 mld host proxy groups detail Displays information about multicast groups that MLD Proxy reported PE show ipv6 mld host proxy interface Displays a detai...

Page 180: ...ling to their destination through the network on a hop by hop basis PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea a For the meaning of each Mode abbreviation see Mode Types arp Enters the Interface Loopback configuration mode GC show interfaces loopback Displays information about configured loopback interfaces PE Command Description Modea arp Adds an admin...

Page 181: ...igures the frequency of join prune messages on the specified interface IC ip pim rp address Defines the address of a PIM RP for a specific multicast group range GC ip pim rp candidate Configures the router to advertise itself to the bootstrap router BSR as a PIM candidate rendezvous point RP for a specific multicast group range IC ip pim sparse mode Administratively configures PIM sparse mode for ...

Page 182: ...nabled interfaces UE or PE show ip pim neighbor Displays PIM neighbors discovered by PIMv2 Hello messages If no interface is specified the command displays the neighbors discovered on all PIM enabled interfaces UE or PE show ip pim rp hash Displays the rendezvous point RP selected for the specified group address UE or PE show ip pim rp mapping Displays the mappings for the PIM group to the active ...

Page 183: ...Register Threshold rate for the RP router to switch to the shortest path GC ipv6 pim rp address Statically configures the Rendezvous Point RP address for one or more multicast groups GC ipv6 pim rp candidate Configures the router to advertise itself as a PIM candidate rendezvous point RP to the bootstrap router BSR GC ipv6 pim sparse mode Administratively configures PIM sparse mode for multicast r...

Page 184: ...nction as an NSSA ROSPF area nssa default info originate Router OSPF Config Configures the metric value and type for the default route advertised into the NSSA ROSPF area nssa no redistribute Configures the NSSA Area Border router ABR so that learned external routes are not redistributed to the NSSA ROSPF area nssa no summary Configures the NSSA so that summary LSAs are not advertised into the NSS...

Page 185: ...virtual interface identified by the area ID and neighbor ID ROSPF area virtual link transmit delay Configures the transmit delay for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID ROSPF auto cost Allows user to change the reference bandwidth used in computing link cost ROSPF bandwidth Allows user to change the bandwidth used in computing link cost IC ...

Page 186: ...spf dead intervall Sets the OSPF dead interval for the specified interface IC ip ospf hello interval Sets the OSPF hello interval for the specified interface IC ip ospf mtu ignore Disables OSPF maximum transmission unit MTU mismatch detection IC ip ospf network Configure OSPF to treat an interface as a point to point rather than broadcast interface IC ip ospf priority Sets the OSPF priority for th...

Page 187: ...face or tunnel as passive ROSPF redistribute BGP Configures OSPF protocol to allow redistribution of routes from the specified source protocol routers ROSPF router id Sets a 4 digit dotted decimal number uniquely identifying the router OSPF ID ROSPF router ospf Enters Router OSPF mode GC show ip ospf Displays information relevant to the OSPF router PE show ip ospf abr Displays the internal OSPF ro...

Page 188: ...recent Shortest Path First SPF calculations PE show ip ospf stub table Displays the OSPF stub table PE show ip ospf virtual links Displays the OSPF Virtual Interface information for a specific area and neighbor PE show ip ospf virtual links brief Displays the OSPF Virtual Interface information for all areas in the system PE timers pacing flood Adjusts the rate at which OSPFv2 sends LS Update packe...

Page 189: ...ea identified by areaid ROSV3 area virtual link Creates the OSPF virtual interface for the specified areaid and neighbor ROSV3 area virtual link dead interval Configures the dead interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor ROSV3 area virtual link hello interval Configures the hello interval for the OSPF virtual interface on the virtual interfa...

Page 190: ...face IC ipv6 ospf hello interval Sets the OSPF hello interval for the specified interface IC ipv6 ospf mtu ignore Disables OSPF maximum transmission unit MTU mismatch detection IC ipv6 ospf network Changes the default OSPF network type for the interface IC ipv6 ospf priority Sets the OSPF priority for the specified router interface IC ipv6 ospf retransmit interval Sets the OSPF retransmit interval...

Page 191: ...ternal OSPFv3 routes to reach Area Border Routers ABR PE show ipv6 ospf area Displays information about the area PE show ipv6 ospf asbr Displays the internal OSPFv3 routes to reach Autonomous System Boundary Routes ASBR PE show ipv6 ospf border routers Displays internal OSPFv3 routers to reach Area Border Routers ABR and Autonomous System Boundary Routers ASBR UE or PE show ipv6 ospf database Disp...

Page 192: ...nd Description Modea a For the meaning of each Mode abbreviation see Mode Types encapsulation Enables Router Discovery on an interface IC ip irdp holdtime Configures the value in seconds of the hold time field of the router advertisement sent from this interface IC ip irdp maxadvertinterval Configures the maximum time in seconds allowed between sending router advertisements from the interface IC i...

Page 193: ... ip rip Enables RIP on a router interface IC ip rip authentication Sets the RIP Version 2 Authentication Type and Key for the specified interface IC ip rip receive version Configures the interface to allow RIP control packets of the specified version s to be received IC ip rip send version Configures the interface to allow RIP control packets of the specified version to be sent IC redistribute RIP...

Page 194: ...cifies the mode of the tunnel IC tunnel source Specifies the source transport address of the tunnel either explicitly or by reference to an interface IC Command Description Modea a For the meaning of each Mode abbreviation see Mode Types description Assigns descriptive text to the VRF instance VR ip vrf Creates a virtual router with a specified name and enters Virtual Router Configuration mode GC ...

Page 195: ...starts a virtual router IC vrrp preempt Sets the preemption mode value for the virtual router configured on a specified interface IC vrrp priority Sets the priority value for the virtual router configured on a specified interface IC vrrp timers advertise Sets the frequency in seconds that an interface on the specified virtual router sends a virtual router advertisement IC vrrp timers learn Configu...

Page 196: ...ster GC application stop Stops a Dell supplied application if the application is executing on the stack master GC show application Displays installed applications and optionally displays application files GC Command Description Modea boot auto copy sw Enables or disables Stack Firmware Synchronization GC boot auto copy sw allow downgrade Enables downgrading the firmware version on the stack member...

Page 197: ...obal apply Use to apply a macro GC macro global trace Applies and traces a macro GC macro global description Appends a line to the global macro description GC macro apply Use to apply a macro IC macro trace Applies and traces a macro IC macro description Appends a line to the macro description IC show parser macro Displays information about defined macros PE Command Description Modea show sntp con...

Page 198: ...TP predefined Unicast clients GC clock timezone hours offset Sets the offset to Coordinated Universal Time GC no clock timezone Resets the time zone settings GC clock summer time recurring Sets the summertime offset to UTC recursively every year GC clock summer time date Sets the summertime offset to UTC GC no clock summer time Resets the summertime configuration GC show clock Displays the time an...

Page 199: ...e PE filedescr Adds a description to a file PE rename Renames the file present in flash PE show backup config Displays contents of a backup configuration file PE show bootvar Displays the active system image file that the switch loads at startup UE show running config Displays the contents of the currently running configuration file PE show startup config Displays the startup configuration file co...

Page 200: ...t server configuration mode HAC enable Enables a HiveAgent server HAC proxy ip address Configures a proxy server to be used to contact the HiveManager NG HAC url Configures the URL to reach on HiveManager NG HAC show hiveagent status Displays information on the HiveAgent configuration PE GC show eula consent hiveagent Reviews the EULA details PE GC Command Description Modea accounting Applies an a...

Page 201: ...ntication method list for a remote telnet or console LC login banner Enables login banner on the console telnet or SSH connection LC nsf Enables display of the message of the day banner on the console telnet or SSH connection LC password Line Configuration Specifies a password on a line LC show line Displays line parameters UE speed Sets the serial port BAUD rate LC terminal length Sets the termin...

Page 202: ...ower feed on an interface IC power inline limit Configure the type of power limit IC power inline management Sets the power management type GC power inline powered device Adds a comment or description of the powered device type IC Ethernet power inline priority Configures the port priority level for the delivery of power to an attached device IC Ethernet power inline reset Use to reset the port IC...

Page 203: ...s the requested group of statistics UE show rmon events Displays the RMON event table UE show rmon hcalarm Displays the high capacity alarms PE show rmon history Displays RMON Ethernet Statistics history UE show rmon log Displays the RMON logging table UE show rmon statistics Displays RMON Ethernet Statistics UE Command Description Modea debug aaa accounting Enables debugging for accounting PE deb...

Page 204: ...nd or received by the switch PE debug ip acl Enables debug of IP Protocol packets matching the ACL criteria PE debug ip bgp Enables debug tracing of BGP events PE debug ip dvmrp Traces DVMRP packet reception and transmission PE debug ip igmp Traces IGMP packet reception and transmission PE debug ip mcache Traces MDATA packet reception and transmission PE debug ip pimdm packet Traces PIMDM packet r...

Page 205: ... ICMP echo requests and responses PE debug rip Enables tracing of RIP requests and responses PE debug sflow Enables sFlow debug packet trace PE debug spanning tree Traces spanning tree BPDU packet reception and transmission PE debug spanning tree Traces spanning tree BPDU packet reception and transmission PE debug udld Enables the display of UDLD packets or event processing PE debug vpc Enables de...

Page 206: ...ination Configures sFlow collector parameters owner string receiver timeout ip address and port GC sflow polling Enables a new sflow poller instance for the data source if rcvr_idx is valid GC sflow polling Interface Mode Enable a new sflow poller instance for this data source if rcvr_idx is valid IC sflow sampling Enables a new sflow sampler instance for this data source if rcvr_idx is valid GC s...

Page 207: ...mp views Displays the configuration of views PE show trapflags Displays SNMP traps globally or displays specific SNMP traps PE snmp server community Sets up the community access string to permit access to SNMP protocol GC snmp server community group Maps SNMP v1 and v2 security models to the group name GC snmp server contact Sets up a system contact sysContact string GC snmp server enable traps En...

Page 208: ...reviation see Mode Types Command Description Modea eula consent Accepts or rejects the end user license agreement EULA for the SupportAssist server GC contact company Configures the contact information to be sent to the SupportAssist server SAC contact person Configures the contact information to be sent to the SupportAssist server SAC enable Enables a SupportAssist server SAC proxy ip address Con...

Page 209: ... logging GC logging Configures a SYSLOG server GC logging audit Enables switch auditing GC logging buffered Enables logging to the in memory log GC logging console Enables logging to the console GC logging facility Configures the facility to be used in SYSLOG messages GC logging file Enables logging to the persistent on flash log GC logging monitor Enables logging messages to telnet and SSH sessio...

Page 210: ...es over a telnet of SSH session PE a For the meaning of each Mode abbreviation see Mode Types Command Description Modea asset tag Specifies the switch asset tag GC banner exec Sets the message that is displayed after a successful login GC banner login Sets the message that is displayed just before the login prompt GC banner motd Specifies message of the day banner GC banner motd acknowledge Acknow...

Page 211: ... a remote unit on a stack member UE member Preconfigures a stack member SG memory free low watermark Configures the notification of a low memory condition on the switch for the issuance of the CPU overload SNMP trap and notification via a SYSLOG message GC nsf Specifies non stop forwarding GC ping Sends ICMP echo request packets to another node on the network UE process cpu threshold Configures th...

Page 212: ...namic parameters for the optics UE or PE show interfaces utilization Displays the interface utilization PE show memory cpu Checks the total and available RAM space on the switch PE show nsf Shows non stop forwarding status PE show power usage history Shows the history of unit power consumption for the unit specified in the command and total stack power consumption PE show process app list Displays...

Page 213: ... UE or PE show tech support Displays system and configuration information for debugging calls to technical support PE show users Displays information about the active users including which profiles have been assigned to local user accounts and which profiles are active for logged in users PE show version Displays the system version information UE stack Sets the mode to Stack Configuration mode GC ...

Page 214: ... GC ip telnet port Configures the Telnet TCP port number on the switch GC show ip telnet Displays the status of the Telnet server and the Telnet TCP port number PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types time range name Creates a time range identified by name consisting of one absolute time entry and or one or more periodic time entries GC absolute Adds...

Page 215: ...Enters Global Configuration mode PE do Executes commands available in Privileged Exec mode with command line completion All except PE and UE enable Enters the privileged Exec mode UE end Gets the CLI user control back to the privileged execution mode or user execution mode Any exit Exits any configuration mode to the previously highest mode in the CLI mode hierarchy All quit exit logout Closes an ...

Page 216: ... browser to configure the switch GC ip http secure server Enables the switch to be configured monitored or modified securely from a browser GC key generate Specifies the key generate CC location Specifies the location or city name CC no crypto certificate Deletes a certificate from the switch GC organization unit Specifies the organization unit or department name CC show crypto certificate mycerti...

Page 217: ... The total number of characters that may be entered in a single command is limited to 1536 characters Keywords identify a command and arguments specify configuration parameters For example in the command show interfaces status gigabitethernet 1 0 5 show interfaces and status are keywords gigabitethernet is an argument that specifies the interface type and 1 0 5 is an argument that specifies the un...

Page 218: ...cific command Command line parameters are not syntax or range checked until the carriage return is entered In some cases the user may need to enter special characters most often in a string parameter such as a password or a label Special characters are one of the following characters _ or a blank In these cases it may be necessary to enclose the entire string in double or single quotes for the com...

Page 219: ...es Show Command The show command executes in the User Executive Exec Privileged Executive Exec Global Configuration mode Interface Configuration mode and all configuration submodes with command completion Output from show commands is paginated Use the terminal length command to set the number of lines displayed in a page When the paging prompt appears press the space bar to display the next page o...

Page 220: ...yed to assist in entering the correct command By pressing the tab key an incomplete command is changed into a complete command If the characters already entered are not enough for the system to identify a single matching command the key displays the available commands matching the characters already entered Short Form Commands The CLI supports the short forms of all commands As long as it is possi...

Page 221: ...ce Delete previous character Ctrl A Go to beginning of line Ctrl E Go to end of line Ctrl F Go forward one character Ctrl B Go backward one character Ctrl D Delete current character Ctrl U X Delete to beginning of line Ctrl K Delete to the end of the line Ctrl W Delete previous word Ctrl T Transpose previous character Ctrl P Go to previous line history buffer Ctrl R Rewrites or pastes the line Ctr...

Page 222: ...ed as a programmable management interface To facilitate this function any characters entered after the character are treated as a comment and ignored by the CLI Also the CLI allows the user to disable session timeouts CLI Command Notation Conventions When entering commands there are certain command entry notations which apply to all commands Table 2 3 describes these conventions as they are used i...

Page 223: ...nit The unit number is greater than 1 only in a stacking solution where a number of switches are stacked to form a virtual switch In this case the Unit indicates the logical position of the switch in a stack The range is 1 12 The unit value is 1 for standalone switches Convention Description In a command line square brackets indicate an optional entry In a command line inclusive brackets indicate ...

Page 224: ...ered from 1 to the maximum number of ports available on the switch unit typically 24 or 48 Logical interfaces are identified by one of the keywords loopback port channel tunnel or vlan followed an integer index identifying the specific logical interface Within this document the tag interface id refers to a logical or Ethernet interface identifier that follows the naming convention above If the com...

Page 225: ... using Ethernet notation Loopback Interfaces Loopback interfaces are represented in the CLI by the keyword loopback followed by the variable loopback id which can assume values from 0 7 Port Channel Interfaces Port channel or LAG interfaces are represented in the CLI by the keyword port channel followed by the variable port channel number Interface Type Long Form Short Form Interface Identifier Gi...

Page 226: ...he range key word is used to identify that an interface range specifier follows An interface range specifier consists of an interface identifier followed by an optional range parameter The interface type may be a physical interface or a logical interface port channel or VLAN as described in the Interface Naming Conventions section The range parameter may be written in the following manner a range ...

Page 227: ... be uniquely configured for each instance The CLI uses best effort when operating on a list of objects If the user requests an operation on a list of objects the CLI attempts to execute the operation on as many objects in the list as possible even if failure occurs for some of the items in the list The CLI provides the user with a detailed list of all failures listing the objects and the reasons f...

Page 228: ...tatus State State Model ID Pluggable 1 0 Full Enable Enable Dell Networking N3024F No 1 1 Empty Disable Disable Yes 2 0 Empty Enable Enable Dell Networking N3024F No 2 1 Empty Enable Enable Yes 3 0 Empty Enable Enable Dell Networking N3048 No 3 1 Empty Enable Enable Yes console config if Gi1 0 23 show slot 1 0 Slot 1 0 Slot Status Full Admin State Enable Power State Enable Inserted Card Model Iden...

Page 229: ... 1 bits in the net mask The net mask is always separated from an IPv4 address by one or more spaces Examples 1 2 3 0 24 is equivalent to 1 2 3 0 255 255 255 0 IPv6 Addresses IPv6 addresses may be expressed in up to eight blocks of four upper or lower case hexadecimal characters For simplification the leading zeros of each 16 bit block may be omitted One sequence of 16 bit blocks containing only ze...

Page 230: ...o configure switch administrator and end user network access Audio Visual Bridging describes the commands utilized to configure IEEE 802 1BA systems Data Center Technology describes the commands used to configure ANSI T11 FC BB 5 and OpenFlow capabilities Layer 3 Routing describes the commands used to forward packets within and across VLANs based upon the IP addresses as well as management of the ...

Page 231: ...ands available for that particular command mode A specific command is used to navigate from one command mode to another The standard order to access the modes is as follows User Exec mode Privileged Exec mode Global Configuration mode and Interface Configuration and other specific configuration modes User Exec Mode After logging into the switch the user is automatically in the User Exec command mo...

Page 232: ...ime out settings The Global Configuration mode command line is used to enter the Line Interface mode Router OSPF Configuration Global configuration mode command router ospf is used to enter into the Router OSPF Configuration mode Router RIP Configuration Global configuration mode command router rip is used to enter into the Router RIP Configuration mode Router OSPFv3 Configuration Global configura...

Page 233: ...to key pub key chain ssh is used to enter the SSH Public Key chain configuration mode SSH Public Key string Contains commands to manually specify the SSH Public key of a remote SSH Client MAC Access List Configures conditions required to allow traffic based on MAC addresses The Global Configuration mode command mac access list is used to enter the MAC Access List configuration mode TACACS Configur...

Page 234: ...et port configuration The Global Configuration mode command interface interface id enters the Interface Configuration mode to configure an Ethernet interface Port Channel Contains commands to configure port channels i e assigning ports to a port channel Most of these commands are the same as the commands in the Ethernet interface mode and are used to manage the member ports as a single entity The ...

Page 235: ...ndicates specific object or range of objects within the configuration mode For example if the current configuration mode is config if and the object being operated on is Gigabit Ethernet 1 on unit 1 the prompt displays the object type and unit for example Gi1 0 1 The sign is used to indicate that the system is in the Privileged Exec mode The symbol indicates that the system is in the User Exec mod...

Page 236: ...o the Privileged Exec mode Line Interface From Global Configuration mode use the line command console config line ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode BGP Router Configuration From Global Configuration mode use the router bgp command console config router ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged E...

Page 237: ...figuration mode use the exit command or press Ctrl Z to Privileged Exec mode Policy Class Map From Global Configuration mode use the policy map class command console config policy map ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode Class Map From Global Configuration mode use the class map command console config classmap ToexittoGlobal Configuration m...

Page 238: ...he exit command or press Ctrl Z to Privileged Exec mode SSH Public Key String From the SSH Public Key Chain mode use the user key user name rsa dsa command console config pubkey key To return to the SSH Public key chain mode use the exit command or press Ctrl Z to Privileged Exec mode TACACS From Global Configuration mode use the tacacs server host command console tacacs ToexittoGlobal Configurati...

Page 239: ...he exit command or press Ctrl Z to Privileged Exec mode SNMP Host Configuration From Global Configuration mode use the snmp server command console config snmp ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode SNMP v3 Host Configuration From Global Configuration mode use the snmp server v3 host command console config snmp ToexittoGlobal Configuration mod...

Page 240: ...Global Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode Crypto Certificate Request From Privileged Exec mode use the crypto certificate number request command console config crypto cert To exit to Privileged Exec mode use the exit command or press Ctrl Z Stack From Global Configuration mode use the stack command console config stack ToexittoGlobal Configuration mode ...

Page 241: ...xit command or press Ctrl Z to Privileged Exec mode VLAN Config From Global Configuration mode use the vlan command console config vlan ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode Router OSPF Config From Global Configuration mode use the router ospf command console config router ToexittoGlobal Configuration mode use the exit command or press Ctrl ...

Page 242: ...or press Ctrl Z to Privileged Exec mode Router OSPFv3 Config From Global Configuration mode use the ipv6 router ospf command console config rtr ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode IPv6 DHCP Pool Mode From Global Configuration mode use the ipv6 dhcp pool command console config dhcp6s pool ToexittoGlobal Configuration mode use the exit comma...

Page 243: ...exit command or press Ctrl Z to Privileged Exec mode 40 Gigabit Ethernet From Global Configuration mode use the interface fortygigabitetherne t command Or use the abbreviation interface fo console config if Founit slot port ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode Port Channel From Global Configuration mode use the interface port channel comman...

Page 244: ...de use the interface vlan command console config if vlanvlan id ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode Tunnel From Global Configuration mode use the interface tunnel command Or use the abbreviation interface tu console config tunneltunnel id ToexittoGlobal Configuration mode use the exit command or press Ctrl Z to Privileged Exec mode Loopbac...

Page 245: ...ware images may be stored on the system but only one of them is active The other one is a backup image The same is true for configuration files which store the configuration parameters for the switch The system has three configuration files One file is a memory only file and is the current configuration file for the switch The second file is the one that is loaded by the system when it reboots The...

Page 246: ...n or software images are copied to or retrieved from remote systems using the TFTP or FTP protocols tftp server name path filename identifies a file on a remote TFTP server identified by the server name Trivial file transfer protocol is a simplified FTP and uses a UDP port instead of TCP and does not have password protection ftp user ipaddress hostname filepath filename Identifies a file on a remo...

Page 247: ... minimum set of management interface security measures implemented by the CLI Management interface security consists of user account management user access control and remote network host access controls CLI through Telnet SSH Serial Interfaces The CLI is accessible through a local serial interface console port the out of band interface or in band interfaces Since the console port requires a physi...

Page 248: ...ius authentication servers The CLI allows the administrator to configure primary and secondary authentication servers If the primary authentication server fails to respond within a configurable period the CLI automatically tries the secondary authentication server The administrator can specify whether the CLI should revert to using local accounts when the remote authentication servers do not respo...

Page 249: ...identify at least two remote servers the user may choose to configure only one server and what protocol to use with the server TACACS or Radius One of the servers is primary and the other is the secondary server the user is not required to specify a secondary server If the primary server fails to respond in a configurable time period the CLI automatically attempts to authenticate the user with the...

Page 250: ...he event is related to a remote management system The IP address from which the user is connecting or the IP address of the remote management system A description of the security event A timestamp of the event If a SYSLOG server is configured and available the switch sends security records to the configured servers Management ACL In addition to user access control the system also supports filterin...

Page 251: ...CLI pauses at 24 lines and prompts the user with the More or q uit prompt on the 25th line The CLI waits for the user to press either q or Enter or any other key If the user presses any key other than Enter or q the CLI shows the next page A q key stops the display and returns to the CLI prompt The Enter key advances the display by one line Use the terminal length command to change the number of l...

Page 252: ...nterface configuration please wait Boot Utility Menu If a user is connected through the serial interface during the boot sequence the operator is presented with the option to enter the Boot Utility Menu during the boot sequence Selecting item 2 displays the menu and may be typed only during the initial boot up sequence Select startup option within 5 seconds else Operational Code will start automat...

Page 253: ...ault gateway 10 27 20 1 to the Routing Table done Bringing down eth0 interface done Erasing dev mtd6 Erasing 128 Kibyte 17e0000 99 complete Updating code file Code Update Instructions Found Critical components modified on Back Up Partition Please activate Back Up Image to load the same on Reboot Do you wish to activate Back Up Image Y N Cleaning tmpfs filesystem on mnt download done Enter Choice 5...

Page 254: ...onal Code for Password Recovery active dev mtd6 Extracting Operational Code from stk file done Loading Operational Code done Decompressing Operational Code done 4 START_OPR_CODE_PASSWD_RECOVERY MODE Uncompressing apps lzma SyncDB Running DMA pool size 16777216 PCI unit 0 Dev 0xb842 Rev 0x02 Chip BCM56842_A1 Driver BCM56840_B0 SOC unit 0 attached to PCI device BCM56842_A1 hpc No stack ports Startin...

Page 255: ...ormation user supplied contact information names of data volumes IP addresses access control lists diagnostics performance information network configuration information host server configuration performance information and related data Collected Data and transmits this information to Dell By downloading SupportAssist and agreeing to be bound by the set terms and the Dell end user license agreement...

Page 256: ... setup wizard you must answer this question within 60 seconds y n Regardless of if the administrator runs or does not run the Easy Setup wizard and if the SupportAssist application is installed eula consent support assist accept is entered into the running config if the SupportAssist EULA Accept file exists on the stack master and contains the EULA Accepted text Regardless of whether the administr...

Page 257: ...ging console Traps generated by the system are dumped to all CLI sessions that have requested monitoring mode to be enabled The no logging console command disables trap monitoring for the session By default console logging is enabled Use the terminal monitor command to observe logging messages when connected via telnet or SSH Viewing System Messages System messages autonomously display information...

Page 258: ...Using the CLI 258 ...

Page 259: ... Commands MACAddressTable Commands Ethernet CFM Commands IPv6 Access List Commands Port Channel Commands Auto VoIP Commands Green Ethernet Commands IPv6 MLD Snooping Commands Port Monitor Commands CDP Interoperability Commands GMRP Commands IPv6 MLD Snooping Querier Commands QoS Commands GVRP Commands IP Source Guard Commands Spanning Tree Commands DHCP Layer 2 Relay Commands IGMP Snooping Command...

Page 260: ...are positioned between the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of the internal network The Dell EMC Networking ACL feature allows classification of packets based upon Layer 2 through Layer 4 header information An Ethernet IPv6 packet is ...

Page 261: ...bit false matches Administrators are cautioned to specify ACL access list permit and deny rule criteria as fully as is possible in order to avoid false matches As an example rules that specify a TCP or UDP port value should also specify the TCP or UDP protocol and the IPv4 or IPv6 Ether type Rules that specify an IP protocol should also specify the Ether type value for the frame In general any rul...

Page 262: ...N tagged frame IEEE 802 1Q 0x86DD Internet Protocol version 6 IPv6 0x8808 MAC Control 0x8809 Slow Protocols IEEE 802 3 0x8870 Jumbo frames 0x888E EAP over LAN EAPOL 802 1x 0x88CC Link Layer Discovery Protocol 0x8906 Fibre Channel over Ethernet 0x8914 FCoE Initialization Protocol 0x9100 Q in Q Table 3 2 Common IP Protocol Numbers IP Protocol Numbers Protocol 0x00 IPv6 Hop by hop option 0x01 ICMP 0x...

Page 263: ...ss list name up to 31 characters in length Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Access lists use the extended access list format Multiple permit and deny clauses and actions may be specified without requiring the access list name to be entered each time Permit and deny clauses are entered in order from the first matc...

Page 264: ...ortkey 0 65535 dstip dstmask any host dstip range portkey startport portkey endport eq neq lt gt portkey 0 65535 flag fin fin syn syn rst rst psh psh ack ack urg urg established icmp type icmp type icmp code icmp code icmp message icmp message igmp type igmp type fragments precedence precedence tos tos tosmask dscp dscp time range time range name log assign queue queue id mirror redirect interface...

Page 265: ...may be entered Each of these keywords translates into its equivalent destination port number When range is specified IP ACL rule matches only if the layer 4 port number falls within the specified port range The startport and endport parameters identify the first and last ports that are part of the port range They have values from 0 to 65535 The ending port must have a value equal or greater than t...

Page 266: ...r an IP TCP UDP ACL rule depending on a match of precedence or DSCP values using the parameters dscp precedence or tos tosmask flag fin fin syn syn rst rst psh psh ack ack urg urg established Specifies that the IP TCP UDP ACL rule matches on the TCP flags Ack Acknowledgment bit Fin Finished bit Psh push bit Rst reset bit Syn Synchronize bit Urg Urgent bit When tcpflagname is specified a match occu...

Page 267: ... Specifies the rule matches packets that are non initial fragments fragment bit asserted Not valid for rules that match L4 information such as TCP port number since that information is carried in the initial packet log Specifies that this rule is to be logged if the permit deny rule has been matched one or more times since the expiry of the last logging interval The logging interval is 5 minutes t...

Page 268: ...nfiguration No ACLs are configured by default An implicit deny all condition is added by the system after the last MAC or IP IPv6 access group if no route map is configured on the interface Command Mode Ipv4 Access List Configuration mode User Guidelines Administrators are cautioned to specify permit and deny rule matches as fully as is possible in order to avoid false matches Rules that specify a...

Page 269: ...mand is not supported for ACLs configured in egress out IPv4 access groups on the N4000 switches Rate limits are only valid for permit rules Any is equivalent to 0 0 0 0 255 255 255 255 for IPv4 access lists Host indicates specified address with mask equal to 255 255 255 255 and address 0 0 0 0 for IPv4 0x0806 Address Resolution Protocol ARP 0x0842 Wake on LAN Packet 0x8035 Reverse Address Resolut...

Page 270: ...ning is issued and the rule is applied to the hardware without the counter If a permit deny clause is entered with the same sequence number as an existing rule an error is displayed and the existing rule is not updated with the new information Command History Updated in 6 3 0 1 firmware Description updated in the 6 4 release Example console config ip access list ipv4 console config ip acl 100 deny...

Page 271: ...rate limit rate burst size no sequence number sequence number Identifies the order of application of the permit deny statement If no sequence number is assigned permit deny statements are assigned a sequence number beginning at 1000 and incrementing by 10 Statements are applied in hardware beginning with the lowest sequence number Sequence numbers only have applicability within an access group i e...

Page 272: ...ueue for handling traffic that matches the rule queue id 0 6 where n is number of user configurable queues available for that hardware platform The queue ID is the internal queue number traffic class not the CoS value Use the show classofservice command to display the assignment of CoS and DSCP values to internal queue numbers mirror Copies the traffic matching this rule to the specified interface...

Page 273: ...umber as an existing rule an error is displayed and the existing rule is not updated with the new information Command History Updated in 6 3 0 1 firmware Secondary VLAN option added in 6 3 5 release Example The following example configures a MAC ACL to deny traffic from MAC address 0806 c200 0000 console config mac access list extended DELL123 console config mac access list 500 deny 0806 c200 0000...

Page 274: ...port configuration of multiple access groups Packets are matched against group entries from lowest sequence number to highest Configuring an access group using the same sequence number as an existing entry replaces the original group entry If the access list specified in the command does not exist an error is given The ACLs in the access group are configured in hardware when the interface becomes ...

Page 275: ...the 6 4 release mac access group Use the mac access group command in Global Configuration or Interface Configuration mode to attach a specific MAC Access Control List ACL to an interface Syntax mac access group name in out control plane sequence no mac access group name in out control plane name Name of the existing MAC access list Range 1 31 characters in out control plane The packet direction in...

Page 276: ... already is in use for this interface and direction the specified access list replaces the currently attached access list using that sequence number If the sequence number is not specified for this command a sequence number is selected that is one greater than the highest sequence number currently in use for this interface and direction The optional control plane keyword allows the application of ...

Page 277: ...on Command Mode Global Configuration mode User Guidelines Use this command to create a mac access control list The CLI mode is changed to Mac Access List Configuration when this command is successfully executed Example The following example creates MAC ACL and enters MAC Access List Configuration mode console config mac access list extended dell networking mac access list extended rename Use the m...

Page 278: ... list extended DELL1 console config mac access list exit console config mac access list extended rename DELL1 DELL2 remark Use the remark command to add a comment to an ACL rule Use the no form of the command to remove a comment from an ACL rule Syntax remark comment no remark comment comment Each remark line is limited to 100 characters The remark may consist of characters in the range A Z a z 0 ...

Page 279: ...epeated execution of this command with the same remark comment removes the remark from the next ACL rule which associated with the comment if there is any rule configured with the same comment or an error message is displayed if there are no matching comments Command History Updated in 6 3 0 1 firmware Example console config arp access list new console config arp access list remark test1 console c...

Page 280: ...rwarded blockdtp To block DTP PDU s from being forwarded blockudld To block UDLD PDU s from being forwarded blockpagp To block PAgP PDU s from being forwarded blocksstp To block SSTP PDU s from being forwarded blockall To block all the PDU s with MAC of 01 00 00 0c cc cx x don t care from being forwarded Default Configuration The default is that none of the listed protocol PDUs are blocked Command...

Page 281: ...ventions for interface representation Default Configuration UDLD is blocked by default No other protocol is blocked by default Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show service acl interface te1 0 1 console config if Te1 0 1 show service acl interface te1 0 1 Service acl Interf...

Page 282: ... ACLs control plane Show the control plane ACLs Default Configuration No ACLs are configured by default Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Examples console show access lists interface control plane ACL Type ACL Name Sequence Number IPv6 ip61 1000 show ip access lists Use the show i...

Page 283: ... associated with the matching rule is incremented e g consider an ACL with three rules rule 1 does not match and rule 2 is matched Rule 3 is not processed The counters for rule 1 and rule 3 are not incremented If an ACL rule is configured with a rate limit the counter value is the matched packet count i e both the forwarded and dropped packets are counted If an ACL rule is configured without a rat...

Page 284: ...isplays the IP ACLs configured on a device console show ip access lists asdasd IP ACL Name asdasd Inbound Interface s Gi1 0 7 Rule Number 1 Action permit Match All FALSE Protocol 6 tcp Source IP Address 1 2 3 4 Source IP Mask 0 0 0 0 Source Layer 4 Operator Equal To Source L4 Port Keyword 43 Destination IP Address any TCP Flags FIN Ignore SYN Set RST Ignore PSH Ignore ACK Ignore URG Ignore ACL Hit...

Page 285: ...ACL to display Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The hit counter applies to the ACL not to the interface It shows the sum of all matching packets across all interfaces to which the ACL is applied For an ACL applied to multiple interfaces the hit counter will be i...

Page 286: ... console show mac access lists mac acl MAC ACL Name mac acl Outbound Interface s Gi1 0 8 Rule Number 1 Action permit Source MAC Address 0000 1122 3344 Source MAC Mask FFFF 0000 0000 EtherType ipx VLAN 100 ACL Hit Count 213 Rule Number 2 Action permit Source MAC Address 0000 1133 2244 Source MAC Mask FFFF 0000 0000 EtherType ip VLAN 100 ACL Hit Count 213 ...

Page 287: ...g entry is found the matching entry timestamp is refreshed such that it will continue to remain in the MAC address table Dynamic MAC address entries for which no frames have been received within the aging period are removed out of the MAC address table The administrator can globally configure the MAC address aging timer Administrators can configure static MAC address entries Static MAC entries are...

Page 288: ...vlan id Delete all dynamic MAC addresses for the specified VLAN The range is 1 to 4093 Default Configuration This command has no default configuration Command Mode Privileged Exec mode clear mac address table show mac address table multicast show mac address table dynamic mac address table aging time show mac address table show mac address table interface mac address table multicast forbidden addr...

Page 289: ... To restore the default use the no form of the mac address table aging time command Syntax mac address table aging time 0 10 1000000 no mac address table aging time 0 Disable aging time for the MAC Address Table 10 1000000 Set the number of seconds aging time for the MAC Address Table Default Configuration 300 seconds Command Mode Global Configuration mode User Guidelines This command has no user ...

Page 290: ...dress table multicast forbidden address vlan vlan id mac multicast address ip multicast address add Adds ports to the group remove Removes ports from the group vlan vlan id A valid vlan id Range 1 4093 mac multicast address MAC Multicast address in the format xxxx xxxx xxxx ip multicast address IP Multicast address interface list Specify a comma separated list of interface identifiers a range of i...

Page 291: ...tic mac addr vlan vlan id interface id mac address A valid MAC address in the format xxxx xxxx xxxx or xx xx xx xx xx xx vlan id Valid VLAN ID 1 4093 interface id The interface to which the received packet is forwarded Ethernet interface identifiers and port channel identifiers are valid for this command Default Configuration No static addresses are defined The default mode for an added address is...

Page 292: ...gigabitethernet6 0 1 switchport port security Global Configuration Use the switchport port security command in Global Configuration mode to enable port security globally Use the no form of the command to disable port security globally Syntax switchport port security no switchport port security Default Configuration Port security is disabled by default No MAC addresses are learned or configured by ...

Page 293: ...to the administrator specified limit A dynamically locked MAC address is eligible to be aged out if another packet with that MAC address is not seen within the age out time Dynamically locked MAC addresses are also eligible to be relearned on another port if station movement occurs Statically locked MAC addresses are not eligible for aging If a packet arrives on a port with a source MAC address th...

Page 294: ...ort security mac address 0011 2233 4455 vlan 33 Command History Updated in 6 3 0 1 firmware Example Enable port security MAC locking globally and on an interface console config switchport port security console config interface gi1 0 3 console config if gi1 0 3 switchport port security Enable port security MAC locking globally and on an interface enable sticky mode on the interface and convert all ...

Page 295: ... config if Gi1 0 3 switchport mode trunk console config if Gi1 0 3 switchport port security mac address sticky console config do write Convert all sticky MAC addresses on trunk port gi1 0 3 to sticky MAC addresses and save the running config so the configuration will persist across reboots console config vlan 33 console config vlan33 interface gi1 0 3 console config if Gi1 0 3 switchport mode trun...

Page 296: ...that may be configured on the interface violation Configure the interface to protect Protect the interface by discarding MAC frames that are not learned default and issuing a log message and a trap shutdown Protect the interface by error disabling the interface and issuing a log message and a trap Default Configuration Port security is disabled by default No static or sticky MAC addresses are lear...

Page 297: ...n MAC addresses to be considered as violations When a port security enabled link goes down all of the dynamically learned addresses are removed from the MAC forwarding database When the link is restored that port can once again learn MAC addresses up to the administrator specified limit A dynamically learned MAC address is eligible to be aged out if another packet with that MAC address is not seen...

Page 298: ...existing dynamically learned MAC addresses on an interface to sticky It also converts the last violation MAC address to sticky even if the dynamic limit is set to 0 These MAC addresses will not age out and will appear in the running config In addition new addresses learned on the interface will also become sticky Note that sticky is not the same as static the difference is that all sticky addresse...

Page 299: ... config if Gi1 0 3 switchport mode trunk console config if Gi1 0 3 switchport port security mac address 0011 2233 4455 vlan 33 Add a sticky mode statically locked locked MAC address to trunk port Gi1 0 3 and VLAN 33 console config vlan 33 console config vlan33 interface gi1 0 3 console config if Gi1 0 3 switchport mode trunk console config if Gi1 0 3 switchport port security mac address sticky 001...

Page 300: ... address table multicast count vlan vlan id address mac multicast address ip multicast address format ip mac vlan id A valid VLAN ID value mac multicast address A valid MAC Multicast address ip multicast address A valid IP Multicast address format Multicast address display format Can be ip or mac Default Configuration If format is unspecified the default is mac Command Mode Privileged Exec mode Gl...

Page 301: ...ormation is displayed console show mac address table multicast Vlan MAC Address Type Ports 1 0100 5E05 0505 Static Forbidden ports for multicast addresses Vlan MAC Address Ports 1 0100 5E05 0505 NOTE A multicast MAC address maps to multiple IP addresses as shown above Command History The description was updated in the 6 4 release show mac address table Use the show mac address table command in Use...

Page 302: ...C9AA AC19 Dynamic Gi1 0 21 1 001E C9AA AE1B Management Vl1 10 001E C9AA AE1B Management Vl10 90 001E C9AA AE1B Management Vl90 Total MAC Addresses in use 5 show mac address table address Use the show mac address table address command in User Exec or Privileged Exec mode to display all entries in the bridge forwarding database for the specified MAC address Syntax show mac address table address mac ...

Page 303: ...s table address 0000 E26D 2C2A Vlan Mac Address Type Port 1 0000 E26D 2C2A Dynamic Gi1 0 1 show mac address table count Use the show mac address table count command in User Exec or Privileged Exec mode to display the number of addresses present in the Forwarding Database Syntax show mac address table count vlan vlan id interface interface id interface id Specify an interface type valid interfaces ...

Page 304: ...the show mac address table command in User Exec or Privileged Exec mode to display all dynamic entries in the bridge forwarding database Syntax show mac address table dynamic address mac address interface interface id vlan vlan id mac address A MAC address in the format xxxx xxxx xxxx interface id Display information for a specific interface Valid interfaces include Ethernet ports and port channel...

Page 305: ...Dynamic Gi1 0 1 show mac address table interface Use the show mac address table command in User Exec or Privileged Exec mode to display all entries in the mac address table Syntax show mac address table interface interface id vlan vlan id interface id Specify an interface type Valid interfaces include Ethernet ports and port channels vlan id Specify a valid VLAN The range is 1 to 4093 Default Conf...

Page 306: ...static Use the show mac address table static command in User Exec or Privileged Exec mode to display static entries in the bridge forwarding database Syntax show mac address table static address mac address interface interface id vlan vlan id mac address A MAC address with the format xxxx xxxx xxxx interface id Specify an interface type valid interfaces include Ethernet ports and port channels vla...

Page 307: ...tabase for the specified VLAN Syntax show mac address table vlan vlan id vlan id Specify a valid VLAN the range is 1 to 4093 Default Configuration This command has no default configuration Command Mode User Exec Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example In this example multiple classes of entries in the...

Page 308: ...interfaces Default Configuration Port security is disabled by default No port security MAC addresses are learned or configured by default The maximum static MAC address limit is 100 MAC addresses The maximum dynamic MAC address limit is 600 MAC addresses Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines Setting the dynamic limit to 0 causes ...

Page 309: ... The dynamic MAC address limit Max static The static address limit Protect Trap issued on violation enabled disabled Frequency The frequency of trap issuance in seconds Shutdown Shut down err disable interface on violation enabled disabled Sticky Mode Sticky mode configuration enabled disabled Field Description Dynamically Learned MAC Address Dynamically learned MAC addresses VLAN ID The VLAN on w...

Page 310: ...ddresses configured 2 Static MAC address VLAN ID Sticky 00 01 ad 32 01 2 Yes 00 10 fe 48 19 2 No Field Description MAC address The source MAC address of the last packet discarded on the interface These are packets with unknown MAC addresses e g as in the case of the dynamic limit set to 0 VLAN ID The VLAN identifier of the discarded packet if applicable ...

Page 311: ...them with a better class of service than ordinary traffic The Auto VoIP module provides the capability to assign the highest priority for the following VoIP packets Session Initiation Protocol SIP H 323 Skinny Client Control Protocol SCCP Auto VoIP borrows ACL lists from the global system pool ACL lists allocated by Auto VoIP reduce the total number of ACLs available for use by the network operato...

Page 312: ...vileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines See the debug auto voip command for assistance in troubleshooting Auto VoIP issues This command accepts an Ethernet interface identifier or a port channel identifier Examples The following example shows command output when a port is not specified console show switchport voice Interface Auto VoIP Mode Traffic...

Page 313: ...abled 6 Gi1 0 23 Disabled 6 Gi1 0 24 Disabled 6 Po1 Disabled 6 Po2 Disabled 6 Po3 Disabled 6 Po4 Disabled 6 Po5 Disabled 6 Po6 Disabled 6 Po7 Disabled 6 Po8 Disabled 6 Po9 Disabled 6 Po10 Disabled 6 Po11 Disabled 6 Po12 Disabled 6 Po13 Disabled 6 Po14 Disabled 6 Po15 Disabled 6 The following example shows command output when a port is specified console show switchport voice gigabitethernet 1 0 1 I...

Page 314: ...auto no switchport voice detect auto Default Configuration This feature is disabled by default Command Mode Global Configuration mode and all Configuration submodes Interface gigabitethernet port channel tengigabitethernet fortygigabitethernet Configuration mode User Guidelines The switch Auto VoIP capability is independent of the Voice VLAN capability Voice VLAN configuration has no effect on the...

Page 315: ...d are able to both discover and be discovered by devices that support the Cisco Discovery Protocol CDP ISDP is based on CDP which is a precursor to LLDP Commands in this Section This section explains the following commands clear isdp counters The clear isdp counters command clears the ISDP counters Syntax clear isdp counters Default Configuration There is no default configuration for this command ...

Page 316: ...dp table Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode User Guidelines There are no user guidelines for this command Example console clear isdp table isdp advertise v2 The isdp advertise v2 command enables the sending of ISDP version 2 packets from the device Use the no form of this command to send version 1 packets Syntax isdp advertise...

Page 317: ...ser the no form of this command to disable ISDP Use this command in global configuration mode to enable the ISDP function on the switch Use this command in interface mode to enable sending ISDP packets on a specific interface Syntax isdp enable no isdp enable Default Configuration ISDP is enabled Command Mode Global Configuration mode Interface Configuration Ethernet mode User Guidelines There are...

Page 318: ...holdtime time no isdp holdtime time The time in seconds range 10 255 seconds Default Configuration The default holdtime is 180 seconds Command Mode Global Configuration mode User Guidelines This command specifies the amount of time the partner device should maintain the ISDP information The local device uses the hold time in packets received from the partner device Configuring the hold time locall...

Page 319: ...ion The default timer is 30 seconds Command Mode Global Configuration mode User Guidelines Configuring the timer to a low value on a large number interfaces may affect system processing due to CPU overload Use the show process cpu command to examine the system load Example The following example sets the isdp timer value to 40 seconds console config isdp timer 40 show isdp The show isdp command dis...

Page 320: ...ormat capability Serial Number Device ID format Serial Number show isdp entry The show isdp entry command displays ISDP entries If a device id specified then only the entry about that device is displayed Syntax show isdp entry all deviceid all Show ISDP settings for all devices deviceid The device ID associated with a neighbor Default Configuration There is no default configuration for this comman...

Page 321: ... EWA9 RELEASE SOFTWARE fc3 Technical Support http www cisco com techsupport Copyright c 1986 2007 by Cisco Systems Inc Compiled Wed 21 Mar 07 12 20 by tinhuang show isdp interface The show isdp interface command displays ISDP settings for the specified interface Syntax show isdp interface all interface id interface id An Ethernet interface identifier all Display all interfaces Default Configuratio...

Page 322: ...erface Mode Gi1 0 1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices Syntax show isdp neighbors interface id detail interface id A physical interface identifier Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The inf...

Page 323: ...Port ID GigabitEthernet1 1 Holdtime 162 Advertisement Version 2 Entry last changed time 0 days 00 55 20 Version Cisco IOS Software Catalyst 4000 L3 Switch Software cat4000 I9K91S M Version 12 2 25 EWA9 RELEASE SOFTWARE fc3 Technical Support http www cisco com techsupport Copyright c 1986 2007 by Cisco Systems Inc Compiled Wed 21 Mar 07 12 20 by tinhuang show isdp traffic The show isdp traffic comm...

Page 324: ...253 ISDP Packets Transmitted 127 ISDPv1 Packets Received 0 ISDPv1 Packets Transmitted 0 ISDPv2 Packets Received 4253 ISDPv2 Packets Transmitted 4351 ISDP Bad Header 0 ISDP Checksum Error 0 ISDP Transmission Failure 0 ISDP Invalid Format 0 ISDP Table Full 392 ISDP Ip Address Table Full 737 ...

Page 325: ...P server to a server or next hop agent on another subnet Unlike a router which switches IP packets transparently a DHCP Relay agent processes DHCP messages and generates new DHCP messages as a result The Dell EMC Networking DHCP Relay supports DHCP Option 82 circuit id and remote id for a VLAN Commands in this Section This section explains the following commands dhcp l2relay Global Configuration s...

Page 326: ... l2relay no dhcp l2relay Default Configuration DHCP L2 Relay is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l2relay dhcp l2relay Interface Configuration Use the dhcp l2relay command to enable DHCP L2 Relay for an interface Use the no form of this command to disable DHCP L2 Relay for an interface Syn...

Page 327: ... in DHCP option 82 Use the no form of this command to disable setting the DHCP Option 82 Circuit ID Syntax dhcp l2relay circuit id vlan vlan list no dhcp l2relay circuit id vlan vlan list vlan list A list of VLAN IDs List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen to designate a range of IDs Range 1 4093 Default Configuration Setting the DHCP Option 82 Circui...

Page 328: ...as the remote ID in the Option 82 Range 1 128 characters vlan list A list of VLAN IDs List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen to designate a range of IDs Range 1 4093 Default Configuration Setting the DHCP Option 82 Remote ID is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example ...

Page 329: ...Ns All DHCP packets which arrive on interfaces in the configured VLAN are subject to L2 Relay processing Use the no form of this command to disable L2 DHCP Relay for a set of VLANs Syntax dhcp l2relay vlan vlan list no dhcp l2relay vlan vlan list vlan list A list of VLAN IDs List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen to designate a range of IDs Range 1 4...

Page 330: ...nd Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay all DHCP L2 Relay is Enabled Interface L2RelayMode TrustMode Gi1 0 2 Enabled untrusted Gi1 0 4 Disabled trusted VLAN Id L2 Relay CircuitId RemoteId 3 Disabled Enabled NULL 5 Enabled Enabled NULL 6 Enabled Enabled dell ...

Page 331: ...uration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay interface all DHCP L2 Relay is Enabled Interface L2RelayMode TrustMode 0 2 Enabled untrusted 0 4 Disabled trusted show dhcp l2relay stats interface Use the show dhcp l2relay stats interface command to disp...

Page 332: ...Client TrustedServer TrustedClient MsgsWithOpt82MsgsWithOpt82 MsgsWithoutOpt82 MsgsWithoutOpt82 Gi1 0 1 0 0 0 0 Gi1 0 2 0 0 3 7 Gi1 0 3 0 0 0 0 show dhcp l2relay agent option vlan Use the show dhcp l2relay agent option vlan command to display DHCP L2 Relay Option 82 configuration specific to VLANs Syntax show dhcp l2relay agent option vlan vlan list vlan list Show information for the specified VLA...

Page 333: ...sabled NULL 9 Enabled Disabled NULL 10 Enabled Disabled NULL show dhcp l2relay vlan Use the show dhcp l2relay vlan command to display whether DHCP L2 Relay is globally enabled on the specified VLAN or VLAN range Syntax show dhcp l2relay vlan vlan list vlan list Show information for the specified VLAN range List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen to de...

Page 334: ...ied VLAN or VLAN range Syntax show dhcp l2relay circuit id vlan vlan list vlan list Show information for the specified VLAN range List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen to designate a range of IDs Range 1 4093 Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configurat...

Page 335: ... of IDs Range 1 4093 Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay remote id vlan 200 DHCP L2 Relay is Enabled VLAN ID Remote Id 200 remote_22 clear dhcp l2relay statistics interface Use the show...

Page 336: ...nterface id An Ethernet interface Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines There are no user guidelines for this command Example console clear dhcp l2relay statistics interface gi1 0 1 ...

Page 337: ...wards valid client messages on trusted members within the VLAN If DHCP Relay and or DHCP Server coexist with DHCP Snooping the DHCP client message is sent to the DHCP Relay or and DHCP Server for further processing The DHCP Snooping application uses DHCP messages to build and maintain the binding s database The binding s database only includes data for clients on untrusted ports DHCP Snooping crea...

Page 338: ...ified interface Default Configuration There is no default configuration for this command Command Mode Privileged Exec User Guidelines There are no user guidelines for this command clear ip dhcp snooping binding ip dhcp snooping trust clear ip dhcp snooping statistics ip dhcp snooping verify mac address ip dhcp snooping show ip dhcp snooping ip dhcp snooping binding show ip dhcp snooping binding ip...

Page 339: ...ec User Guidelines There are no user guidelines for this command Example console clear ip dhcp snooping statistics ip dhcp snooping Use the ip dhcp snooping command to enable DHCP snooping globally or on a range of VLANs Use the no form of this command to disable DHCP snooping Syntax ip dhcp snooping vlan vlan list no ip dhcp snooping Default Configuration DHCP Snooping is globally disabled by def...

Page 340: ...sole config ip dhcp snooping console config ip dhcp snooping vlan 1 console config if vlan1 exit console config interface gi1 0 4 console config if Gi1 0 4 ip dhcp snooping trust ip dhcp snooping binding Use the ip dhcp snooping binding command to configure a static DHCP Snooping binding Use the no form of this command to remove a static binding Syntax ip dhcp snooping binding mac address vlan vla...

Page 341: ...base This can be local to the switch or on a remote machine Syntax ip dhcp snooping database local tftp hostIP filename hostIP The IP address of the remote host filename The name of the file for the database on the remote host The filename may contain any printable character except a question mark and is checked only when attempting to open the file The file must reside in the working directory of...

Page 342: ...oping database write delay command to configure the interval in seconds at which the DHCP Snooping database will be stored in persistent storage Use the no form of this command to reset the write delay to the default Syntax ip dhcp snooping database write delay seconds no ip dhcp snooping database write delay seconds The write delay Range 15 86400 seconds Default Configuration The write delay is 3...

Page 343: ...ace to be disabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet fortygigabitethernet mode User Guidelines This command is available in Ethernet interface configuration mode or port channel interface configuration mode The switch hardware rate limits DHCP packets sent to the CPU from snooping enabled interfaces to 512 Kbps To prevent DHCP packets from being u...

Page 344: ...og invalid Use the ip dhcp snooping log invalid command to enable logging of DHCP messages filtered by the DHCP Snooping application Use the no form of this command to disable logging Syntax ip dhcp snooping log invalid no ip dhcp snooping log invalid Default Configuration Logging of filtered messages is disabled by default Invalid DHCP messages are not logged by default Command Mode Interface Con...

Page 345: ...HCP snooping validation of DHCP packets and exposes the port to IPv4 DHCP DoS attacks Configuring an interface as untrusted indicates that the switch should firewall DHCP messages and act as if the port is connected to a device outside the DMZ DHCP snooping must be enabled globally and on the VLAN for which the port is a member for this command to have an effect Interfaces connected to the DHCP se...

Page 346: ... dhcp snooping verify mac address no ip dhcp snooping verify mac address Default Configuration Source MAC address verification is disabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip dhcp snooping verify mac address show ip dhcp snooping Use the show ip dhcp snooping command to display the DHCP snooping g...

Page 347: ...g Invalid Pkts Gi1 0 1 Yes No Gi1 0 2 No Yes Gi1 0 3 No Yes Gi1 0 4 No No Gi1 0 6 No No show ip dhcp snooping binding Use the show ip dhcp snooping binding command to display the DHCP snooping binding entries Syntax show ip dhcp snooping binding static dynamic interface interface id port channel port channel number vlan vlan id static dynamic Use these keywords to filter by static or dynamic bindi...

Page 348: ...ress VLAN Interface Type Lease Secs 00 02 B3 06 60 80 210 1 1 3 10 Gi1 0 1 Dyn 86400 00 02 FE 06 13 04 210 1 1 4 10 Gi1 0 1 Dyn 86400 show ip dhcp snooping database Use the show ip dhcp snooping database command to display the DHCP snooping configuration related to the database persistence Syntax show ip dhcp snooping database Default Configuration There is no default configuration for this comman...

Page 349: ...A valid physical interface Default Configuration There is no default configuration for this command Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping interfaces Interface Trust State Rate Limit Burst Interval pps seconds Gi1 0 1 No 15 1 Gi1 0 2 No 15 1 Gi1 0 3 No ...

Page 350: ... User Guidelines The following fields are displayed by this command Example console show ip dhcp snooping statistics Interface MAC Verify Client Ifc DHCP Server Failures Mismatch Msgs Rec d Gi1 0 2 0 0 0 Gi1 0 3 0 0 0 Fields Description MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch Client I...

Page 351: ...0 0 0 Gi1 0 5 0 0 0 Gi1 0 6 0 0 0 Gi1 0 7 0 0 0 Gi1 0 8 0 0 0 Gi1 0 9 0 0 0 Gi1 0 10 0 0 0 Gi1 0 11 0 0 0 Gi1 0 12 0 0 0 Gi1 0 13 0 0 0 Gi1 0 14 0 0 0 Gi1 0 15 0 0 0 Gi1 0 16 0 0 0 Gi1 0 17 0 0 0 Gi1 0 18 0 0 0 Gi1 0 19 0 0 0 Gi1 0 20 0 0 0 ...

Page 352: ...ical interface Default Configuration This command has no default configuration clear ipv6 dhcp snooping binding ipv6 dhcp snooping verify mac address clear ipv6 dhcp snooping binding ipv6 verify binding ipv6 dhcp snooping ipv6 verify source ipv6 dhcp snooping vlan show ipv6 dhcp snooping ipv6 dhcp snooping binding show ipv6 dhcp snooping binding ipv6 dhcp snooping database show ipv6 dhcp snooping ...

Page 353: ... DHCP Snooping statistics Syntax clear ipv6 dhcp snooping statistics Default Configuration This command has no default configuration Command Modes User Exec Privileged Exec User Guidelines The IPv6 snooping statistics are also cleared by the clear counters command Example console clear ipv6 dhcp snooping statistics ipv6 dhcp snooping Use the ipv6 dhcp snooping command to globally enable IPv6 DHCP ...

Page 354: ...red for valid client messages DHCP snooping additionally compares the source MAC address to the DHCP client hardware address If there is a mismatch DHCP snooping logs a message and drops the packet The network administrator can disable this option using the no ip v6 dhcp snooping verify mac address for DHCPv6 DHCP snooping always forwards client messages on trusted interfaces within the VLAN If DH...

Page 355: ...ally enabled to become operational Example console config ipv6 dhcp snooping console config ipv6 dhcp snooping vlan 5 10 15 30 console config interface Te1 0 1 console config if Te1 0 1 switchport mode access console config if Te1 0 1 switchport access vlan 10 console config if Te1 0 1 no ipv6 dhcp snooping trust ipv6 dhcp snooping binding Use the ipv6 dhcp snooping binding command to configure a ...

Page 356: ... bindings are configured Command Modes Global Configuration mode User Guidelines Static bindings do not age out of the DHCP binding database ipv6 dhcp snooping database Use the ipv6 dhcp snooping database command to configure the persistent location of the DHCP snooping database This can be a local or remote file on a TFTP server Syntax ipv6 dhcp snooping database local tftp hostIP filename no ipv...

Page 357: ...ose the bindings and may cause connectivity loss for hosts if IPSG or DAI is enabled ipv6 dhcp snooping database write delay Use the ipv6 dhcp snooping database write delay command to configure the time period between successive writes of the binding database The binding database is used to persistently store the DHCP bindings Use the no form of the command to return the write delay to the default...

Page 358: ...ets Range 1 15 default 1 second Default Configuration By default DHCP messages do not shut down the interface Command Modes Interface Configuration mode User Guidelines The switch hardware rate limits DHCP packets sent to the CPU from snooping enabled interfaces to 512 Kbps To prevent DHCP packets from being used in a DoS attack when DHCP snooping is enabled the snooping application allows configu...

Page 359: ...t invalid DHCP messages are not logged Command Modes Interface Configuration mode User Guidelines An invalid DHCP message is one that is received on an untrusted interface that is not a member of the VLAN over which the IP address and optionally the MAC address has been learned Receiving large number of invalid messages may be an indication of an attack Logging invalid messages can use valuable CP...

Page 360: ...ttacks DHCP snooping must be enabled globally and on the VLAN for which the port is a member for this command to have an effect Configuring a port as trusted indicates that the port is connected to an IPv6 DHCP server or to a trusted device Configuring a port as untrusted indicates that the switch should firewall IPv6 DHCP messages and act as if the port is connected to an untrusted device Use the...

Page 361: ...ed in renew process For DHCP servers and relay agents connected to untrusted interfaces source MAC verification should be disabled DHCP snooping must be enabled on at least one VLAN and globally enabled to become operational Example console config ipv6 dhcp snooping console config ipv6 dhcp snooping vlan 5 10 15 30 console config interface te1 0 1 console config if Te1 0 1 switchport mode access c...

Page 362: ...idelines Traffic is filtered based upon the source IPv6 address and VLAN Use the switchport port security command in interface mode to optionally add MAC address filtering in addition to source IPv6 address filtering If port security is enabled the filtering is based upon IPv6 address MAC address and VLAN ipv6 verify source Use the ipv6 verify source command to configure an interface to filter dro...

Page 363: ...is configured filtering occur based upon source IP address VLAN and source MAC address IP source guard also interacts with the port security component Use the port security command in interface mode to optionally add checking of learned MAC addresses When port security is enabled MAC learning coordinates with the IP Source Guard component to verify that the MAC address is in the DHCP binding datab...

Page 364: ...ding Use the show ipv6 dhcp snooping binding command to display the IPv6 DHCP snooping configuration Syntax show ipv6 dhcp snooping binding static dynamic interface interface id port channel port channel number vlan vlan id static Only show static entries dynamic Only show dynamic entries interface id Limit the display to entries associated with physical interface id vlan id Limit the display to e...

Page 365: ...64 10 0 1 86400 00 0F FE 00 13 04 3000 1 64 10 0 1 86400 show ipv6 dhcp snooping database Use the show ipv6 dhcp snooping database command to display IPv6 DHCP snooping configuration related to database persistency Syntax show ipv6 dhcp snooping database Default Configuration This command has no default configuration Command Modes User Exec Privileged Exec all show modes User Guidelines This comma...

Page 366: ... Default Configuration There is no default configuration for this command Command Modes User Exec Privileged Exec all show modes User Guidelines If no parameter is given all interfaces are shown Example console show ipv6 dhcp interfaces Interface Trust State Rate Limit Burst Interval pps seconds Gi1 0 1 No 15 1 Gi1 0 2 No 15 1 Gi1 0 3 No 15 1 show ipv6 dhcp snooping statistics Use the show ipv6 dh...

Page 367: ... DHCP Server Failures Mismatch Msgs Rec d Gi1 0 2 0 0 0 Gi1 0 3 0 0 0 Gi1 0 4 0 0 0 Gi1 0 5 0 0 0 Gi1 0 6 0 0 0 Parameter Description MAC Verify Failures The number of DHCP messages that got filtered on an untrusted interface because of the source MAC address and client hardware address mismatch Client Ifc mismatch The number of DHCP release and reply messages received on different ports than the ...

Page 368: ...n This command has no default configuration Command Modes User Exec Privileged Exec all show modes User Guidelines This command has no user guidelines Example console show ipv6 source binding MAC Address IP Address Type Vlan Interface 00 00 00 00 00 08 2000 1 dhcpv6 snooping 2 Gi1 0 1 00 00 00 00 00 09 3000 1 dhcpv6 snooping 3 Gi1 0 1 00 00 00 00 00 0A 4000 1 dhcpv6 snooping 4 Gi1 0 1 show ipv6 ve...

Page 369: ...s filtering is configured on this interface N A No filtering is configured on the interface Example console config if Gi1 0 5 show ipv6 verify Interface Filter Type Gi1 0 1 ipv6 Gi1 0 2 ipv6 mac Gi1 0 3 N A Gi1 0 4 N A Gi1 0 5 ipv6 mac Gi1 0 6 N A Gi1 0 7 N A Gi1 0 8 N A Gi1 0 9 N A console config if Gi1 0 5 show ipv6 verify interface gi1 0 5 Interface Filter Type Gi1 0 5 ipv6 mac show ipv6 verify...

Page 370: ...e MAC Address field is empty If port security is disabled on the interface the MAC Address field displays permit all The filter type is one of the following ipv6 mac User has configured MAC address filtering on this interface ipv6 Only IPv6 address filtering is configured on this interface Example show ipv6 verify source Interface Filter Type IPv6 Address MAC Address Vlan Gi1 0 1 ipv6 mac 2000 1 6...

Page 371: ...MAC address DAI drops ARP packets whose sender MAC address and sender IP address do not match an entry in the DHCP Snooping bindings database Commands in this Section This section explains the following commands arp access list Use the arp access list command to create an ARP ACL It will place the user in ARP ACL Configuration mode Use the no form of this command to delete an ARP ACL Syntax arp ac...

Page 372: ...le config arp access list tier1 clear ip arp inspection statistics Use the clear ip arp inspection statistics command to reset the statistics for Dynamic Address Resolution Protocol ARP inspection on all VLANs Syntax clear ip arp inspection statistics Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines There are no user guidelines for t...

Page 373: ...e The name of a valid ARP ACL Range 1 31 characters vlan list A list of VLAN identifiers List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen to designate a range of IDs Range 1 4093 Default Configuration No ARP ACL is configured Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip arp inspe...

Page 374: ...packets are received on a port at a rate that exceeds the threshold for a specified time that port will be diagnostically disabled The threshold is configurable up to 300 pps and the burst is configurable up to 15s long The default is 15 pps and 1s burst Use the no shut command to bring the port back in to service Example console config if Gi1 0 1 ip arp inspection limit none console config if Gi1...

Page 375: ...packets Each command overrides the configuration of the previous command For example if a command enables source MAC address and destination MAC address validations and a second command enables IP address validation only the source MAC address and destination MAC address validations are disabled as a result of the second command Use the no form of this command to disable additional validation chec...

Page 376: ...nspection on a single VLAN or a range of VLANs Use the no form of this command to disable Dynamic ARP Inspection on a single VLAN or a range of VLANs Syntax ip arp inspection vlan vlan list logging no ip arp inspection vlan vlan list logging vlan list A list of VLAN identifiers List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen to designate a range of IDs Range ...

Page 377: ...t ip host sender ip mac host sender mac sender ip Valid IP address used by a host sender mac Valid MAC address in combination with the above sender ip used by a host Default Configuration There are no ARP ACL rules created by default Command Mode ARP Access list Configuration mode User Guidelines There are no user guidelines for this command Example console Config arp access list permit ip host 1 ...

Page 378: ...ss list H2 permit ip host 1 1 1 1 mac host 00 01 02 03 04 05 permit ip host 1 1 1 2 mac host 00 03 04 05 06 07 ARP access list H3 ARP access list H4 permit ip host 2 1 1 2 mac host 00 03 04 05 06 08 show ip arp inspection Use the show ip arp inspection command to display the Dynamic ARP Inspection and status Syntax show ip arp inspection interfaces interface id statistics vlan vlan list vlan vlan ...

Page 379: ...nate a range of IDs Range 1 4093 Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following information is displayed for each VLAN when a VLAN range is supplied Field Description VLAN The VLAN ID for each displayed row DHCP Drops The number of packets dropped due t...

Page 380: ...rfaces command console show ip arp inspection interfaces Interface Trust State Rate Limit Burst Interval pps seconds Gi1 0 1 Untrusted 15 1 Gi1 0 2 Untrusted 10 10 Following is an example of the show ip arp inspection statistics command console show ip arp inspection statistics VLAN Forwarded Dropped 10 90 14 20 10 3 console show ip arp inspection statistics vlan 10 20 VLAN DHCP ACL DHCP ACL Bad S...

Page 381: ...d 11 Disabled Enabled 12 Enabled Disabled Parameter Description Source Mac Validation If Source Mac validation of ARP frame is enabled Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled IP Address Validation If IP address validation of ARP frame is enabled Field Description VLAN The VLAN ID for each displayed row Configuration Whether DAI is enabled on the VL...

Page 382: ... jumbo frames feature extends the standard Ethernet MTU Max Frame Size from 1518 1522 with VLAN header bytes to 9216 bytes However any device connecting to the same broadcast domain should support the same or larger MTU Flow control is a mechanism or protocol used to temporarily suspend transmission of data to a device to avoid overloading the device receive path Dell EMC Networking switching impl...

Page 383: ...mmands clear counters Use the clear counters command to clear statistics on an interface Syntax clear counters vrf vrf name stack ports switchport interface id vrf name The name of the VRF instance on which the command operates stack ports Clears stack port statistics switchport Clear all the interface counters clear counters show interfaces configuration show storm control description show interf...

Page 384: ...ied the command clears the port channel counters including the flap counters The VRF identified in the parameter must have been previously created or an error is returned Example In the following example the counters for port Gi1 0 1 are cleared console clear counters gigabitethernet 1 0 1 description Use the description command in Interface Configuration mode to add a description to an interface ...

Page 385: ...tion of a given Ethernet interface To restore the default use the no form of this command Syntax duplex auto half full no duplex auto Enable auto negotiation for the port half Force half duplex operation and disable auto negotiation full Force full duplex operation and disable auto negotiation Default Configuration Auto negotiation is enabled by default on copper ports Command Mode Interface Confi...

Page 386: ...o 1000M console config interface te1 0 5 console config if Te1 0 5 duplex full console config if Te1 0 5 speed 1000 flowcontrol Use the flowcontrol command in Global Configuration mode to configure the flow control To disable flow control use the no form of this command Syntax flowcontrol receive on off no flowcontrol receive Default Configuration Flow Control is enabled by default Command Mode Gl...

Page 387: ...trol receive on interface Use this command to configure parameters for the Gigabit Ethernet and ten Gigabit Ethernet ports and for port channels While in Global Configuration mode enter the interface command with a specific interface To exit to Global Configuration mode enter exit To return to Privileged Exec mode press Ctrl Z or enter end Additional forms of the interface command enable configuri...

Page 388: ...t buffers are consumed This situation may cause traffic loss on other ports that are not congested or flow controlled See http www ieee802 org 3 cm_study public september04 thaler_3_0904 pdf for more information Example The following example enables Gigabit port 2 on stack member 1 for configuration console config interface gigabitethernet 1 0 2 interface range Use the interface range command in G...

Page 389: ...elines Commands under the interface range context are executed independently on each active interface in the range If the command returns an error on one of the active interfaces it does not stop executing commands on other active interfaces If a range of interfaces is specified using the dash notation the beginning range number to the left of the hyphen must be less than or equal to the last numb...

Page 390: ...out value must be a multiple of 100 Default Configuration Physical interfaces do not have debounce enabled by default Command Mode Interface Physical Configuration mode Interface Range mode User Guidelines The link bounce time configures a link bounce hysteresis on link loss of link Loss of link signal starts a link bounce timer If the link is restored prior to expiry of the timer operation contin...

Page 391: ...e The following example disables the link debounce timer for interface gi1 0 1 switch conf t console config interface gi1 0 1 console config if Gi1 0 1 no link debounce time The following example sets the link debounce timer for interface gi1 0 1 to 500 ms switch conf t console config interface gi1 0 1 console config if Gi1 0 1 link debounce time 500 rate limit cpu Use the rate limit cpu command t...

Page 392: ...sitional period when the system is actively adding a hardware forwarding entry but the hardware is not yet updated Processing delays for higher priority packets may occur when the internal CPU queue is continually kept busy handling low priority packets This command does not affect the rate limits for control plane packets It is almost never necessary to use this command to change from the default...

Page 393: ...mRX 23 00 27 01 18 01 1147 ipMapForwardingTas 32 97 37 11 29 92 1155 bcmLINK 0 0 34 0 36 0 36 1156 cpuUtilMonitorTask 0 09 0 05 0 04 1170 nim_t 0 09 0 08 0 07 1208 dot1s_timer_task 0 00 0 00 0 01 1222 snoopTask 0 00 0 00 0 01 1291 RMONTask 0 00 0 02 0 03 1293 boxs Req 0 00 0 01 0 01 Total CPU Utilization 27 31 28 97 31 01 show interfaces Use the show interfaces command to list the traffic statisti...

Page 394: ...he keepalive status shows None when keepalives are disabled or the port is down Up when keepalives are enabled and no loop is detected and Down when keepalives are enabled and a loop is detected Some example values are Link Status Up Up Link detected keepalives enabled no loop detected Link Status Shut None Port is administratively disabled Link Status Down None No link detected Link Status Err di...

Page 395: ...g example shows the output for a 1G interface console show interfaces gi1 0 1 Interface Name Gi1 0 1 SOC Hardware Info BCM56342_A0 Link Status Up Up Keepalive Enabled TRUE Err disable Cause None VLAN Membership Mode Trunk Mode VLAN Membership 1 2 3 101 113 813 3232 MTU Size 1518 Port Mode Duplex Full Port Speed 1000 Link Debounce Flaps 0 Auto Negotation Status Auto Burned MAC Address 001E C9DE B11...

Page 396: ...ash Type Min links Local Prf Po1 Active Gi1 0 1 Dynamic 7 1 Disabled Hash Algorithm Type 1 Source MAC VLAN EtherType source module and port Id 2 Destination MAC VLAN EtherType source module and port Id 3 Source IP and source TCP UDP port 4 Destination IP and destination TCP UDP port 5 Source Destination MAC VLAN EtherType source MODID port 6 Source Destination IP and source destination TCP UDP por...

Page 397: ... Oper Peer Advertisement and Priority Resolution fields will show dashes Examples The following examples display information about auto negotiation advertisement Example 1 console show interfaces advertise Port Type Neg Operational Link Advertisement Gi1 0 1 Gigabit Level Enabled 1000f 100f 10f Gi1 0 2 Gigabit Level Enabled 1000f 100f 10f Gi1 0 3 Gigabit Level Enabled 1000f 100f 10f Gi1 0 4 Gigabi...

Page 398: ...iguration gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port fortygigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User Exec mode Global Configuration mode and all Configuration submodes User Guidelines The displayed port configuration information includes the following Field Description Port ...

Page 399: ...number tengigabitethernet unit slot port fortygigabitethernet unit slot port errors Show the error counts frame discards and reasons in the in and out direction gigabitethernet Shows the traffic for the specified Gigabit Ethernet port port channel Shows the traffic for the specified port channel port tengigabitethernet Shows the traffic for the specified 10 Gigabit Ethernet port fortygigabitethern...

Page 400: ... integral number of octets in length and do not pass the FCS check FCS Errors Counted frames received that are an integral number of octets in length but do not pass the FCS check Single Collision Frames Counted frames that are involved in a single collision and are subsequently transmitted successfully Multiple Collision Frames A count of frames that are involved in a multiple collision and are s...

Page 401: ...Gi1 0 18 0 0 0 0 Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error Received Pause Frames A count of MAC Control frames received with an opcode indicating the PAUSE operation Transmitted Pause Frames Counted MAC Control frames transmitted on this interface with an opcode indicating the PAUSE operation Received PFC Frames A count of the ...

Page 402: ...onfig if Te1 0 1 show interfaces counters tengigabitethernet 1 0 13 Port InTotalPkts InUcastPkts InMcastPkts InBcastPkts Te1 0 13 21614369 21614360 9 0 Port OutTotalPkts OutUcastPkts OutMcastPkts OutBcastPkts Te1 0 13 40620964 40620547 19 398 FCS Errors 0 Single Collision Frames 0 Late Collisions 0 Excessive Collisions 0 Multiple Collisions 0 Received packets dropped MTU 0 Transmitted oversized pa...

Page 403: ...tion Physical interfaces have a 100 ms debounce time enabled Command Mode Exec mode Privileged Exec Global Configuration and all show modes User Guidelines Use the link debounce time command to configure the debounce time for an interface Command History Introduced in version 6 2 0 1 firmware Example The following example shows the output for representative interfaces console show interfaces debou...

Page 404: ...ration submodes User Guidelines This command has no user guidelines Example The following example displays the description for all interfaces console show interfaces description Port Description Gi1 0 1 Port that should be used for management only Gi2 0 1 Gi2 0 2 Port Description Po1 show interfaces detail Use the show interfaces detail command to display detailed status and configuration of the s...

Page 405: ...i1 0 1 Port Description Duplex Speed Neg MTU Admin Link State State Gi1 0 1 N A Unknown Auto 1518 Up Down Port Description Gi1 0 1 Flow Control Enabled Port Gi1 0 1 VLAN Membership mode Access Mode Operating parameters PVID 1 Ingress Filtering Enabled Acceptable Frame Type Admit All Default Priority 0 GVRP status Disabled Protected Disabled Port Gi1 0 1 is member in VLAN Name Egress rule Type 1 de...

Page 406: ...t Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines Port channels are only displayed if configured Use the show interfaces port channel command to display configured and unconfigured port channels Interfaces configured as stacking ports will show as detached in the output of the show in...

Page 407: ...ce Description Description of the port This field may be truncated in the command output Duplex Displays the port Duplex status VLAN The VLAN membership for the port The native VLAN is enclosed in parentheses Speed Refers to the port speed Neg Describes the Auto negotiation status Link State Displays the Link status either Up or Down Flow Ctrl Status Displays the Flow Control status either Active ...

Page 408: ...A 1 Gi1 0 9 N A Unknown Auto Down Off A 1 Oob Type Link State oob Out Of Band Up Port Description Link M VLAN Channel State Po1 Down H 4 5 show interfaces transceiver Use the show interfaces transceiver command to display the optic static parameters as well as the Dell EMC qualification Syntax show interfaces transceiver properties properties Displays the static parameters for the optics Default C...

Page 409: ...ASE LRM ANF0L5J Yes Te1 0 11 SFP 10GBASE LRM ANF0L5R Yes Te1 0 13 SFP 1GBASE SX PCC1PT5 N A Te1 0 15 SFP 10GBASE SR AD1125A002R No Te1 0 17 SFP 10GBASE SR AD0815E00PC No show statistics Use the show statistics command to display detailed statistics for a specific port or for the internal CPU interface Syntax show statistics gigabitethernet unit slot port switchport port channel port channel number...

Page 410: ...s Received 128 255 Octets 0 Packets Received 256 511 Octets 0 Packets Received 512 1023 Octets 0 Packets Received 1024 1518 Octets 0 Packets Received 1518 Octets 0 Packets RX and TX 64 Octets 0 Packets RX and TX 65 127 Octets 0 Packets RX and TX 128 255 Octets 0 Packets RX and TX 256 511 Octets 0 Packets RX and TX 512 1023 Octets 0 Packets RX and TX 1024 1518 Octets 0 Packets RX and TX 1519 2047 O...

Page 411: ...ctets 0 Max Frame Size 1518 Total Packets Transmitted Successfully 0 Unicast Packets Transmitted 0 Multicast Packets Transmitted 0 Broadcast Packets Transmitted 0 Transmit Packets Discarded 0 Total Transmit Errors 0 Total Transmit Packets Discarded 0 Single Collision Frames 0 Multiple Collision Frames 0 Excessive Collision Frames 0 802 3x Pause Frames Transmitted 0 GVRP PDUs received 0 GVRP PDUs T...

Page 412: ...ault configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines It is possible to enter interface configuration mode from global configuration mode or from interface configuration mode RFC Cross Reference Textual Explanation RFC 2863 MIB Identifier Total Packets Received Octets ifHCInOctets Unicast Packets Received ifHCInUcastPkts Multi...

Page 413: ...or 0 Unicast Packets Received 0 Multicast Packets Received 0 Broadcast Packets Received 0 Receive Packets Discarded 0 Octets Transmitted 0 Packets Transmitted Without Errors 0 Unicast Packets Transmitted 0 Multicast Packets Transmitted 0 Broadcast Packets Transmitted 0 Transmit Packets Discarded 0 Most Address Entries Ever Used 3 Address Entries Currently in Use 3 Maximum VLAN Entries 1024 Most VL...

Page 414: ...bmodes User Guidelines This command has no user guidelines Examples The following example shows storm control configurations for a Gigabit Ethernet port The second example shows flow control mode status console show storm control 802 3x Flow Control Mode Disable console show storm control gigabitethernet 1 0 1 Bcast Bcast Mcast Mcast Ucast Ucast Flow Intf Mode Level Mode Level Mode Level Ctrl Gi1 ...

Page 415: ...action command to display the storm control action configuration for one or all interfaces Syntax show storm control action all interface id all Show the storm control action configuration for all interfaces interface id A physical interface on which storm control is enabled Default Configuration This command has no default configuration Command Mode Privileged Exec mode and all show modes User Gu...

Page 416: ...nd has no user guidelines Examples The following example disables Gigabit Ethernet port 1 0 5 console config interface gigabitethernet 1 0 5 console config if Gi1 0 5 shutdown The following example reenables Gigabit Ethernet port 1 0 5 console config interface gigabitethernet 1 0 5 console config if Gi1 0 5 no shutdown speed Use the speed command in Interface Configuration mode to configure the sp...

Page 417: ...auto parameter to enable auto negotiation on an interface Auto negotiation on copper interfaces selects a clock master performs link training to tune the pre emphasis settings to the individual switch and cable negotiates the internal media and may enable a decision feedback equalizer DFE to correct burst errors if the PHY has the capability To disable auto negotiation on a port it is necessary to...

Page 418: ...irect Attach Cables should have auto negotiation enabled if the link partner is also capable of performing auto negotiation If the link partner cannot perform auto negotiation then a fixed speed must be utilized In all cases the link partners need compatible settings e g both sides must be set to use auto negotiation or a fixed speed In the case of a fixed speed link both sides must be set to the ...

Page 419: ...otected group will not forward traffic to other ports in the group Syntax switchport protected groupid no switchport protected groupid Identifies which group this port will be protected in Range 0 2 Default Configuration No protected switchports are defined Command Mode Interface Configuration Ethernet mode User Guidelines When an interface is enabled for routing using the interface vlan command t...

Page 420: ... the group Range 0 32 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example assigns the name protected to group 1 console config switchport protected 1 name protected show switchport protected Use the show switchport protected command to display the status o...

Page 421: ...how switchport protected 0 Name test show system mtu Use the show system mtu command to display the configured MTU The MTU is set using the global system jumbo mtu command This command deprecates the show interfaces mtu command Syntax show system mtu Default Configuration The default mtu size is 1518 bytes 1522 bytes for VLAN tagged frames Command Modes Privileged Exec mode Global Configuration mo...

Page 422: ... ip mtu and ipv6 mtu commands Use the no form of the command to reset the MTU to the default Syntax system jumbo mtu frame size no system jumbo mtu frame size The maximum frame size in bytes received by the system which is not forwarded Default Configuration The default MTU size is 1518 bytes 1522 bytes for VLAN tagged frames Command Modes Global Configuration mode User Guidelines Dell EMC Network...

Page 423: ...h the ip ospf mtuignore command The allowed range is 1298 to 9216 This allows for configuration of an IPv4 and IPv6 MTU of 1280 to 9198 In conformance with RFC 2460 the system performs IPv6 path MTU discovery for IPv6 packets originated by the switch This may result in individual connections using an IPv6 MTU less than that configured by the network operator ...

Page 424: ... 3 media Refer to IEEE 802 1ag for an explanation of CFM Typically the MEP ID and maintenance association levels are assigned by the top level network service provider Dell EMC Networking CFM is only available on the N4000 series switches CFM is not compatible with iSCSI optimization Disable iSCSI optimization before enabling CFM Dell EMC Networking CFM supports the following functionality Path di...

Page 425: ...omain name level 0 7 domain name Name of the maintenance domain Alphanumeric string of up to 43 characters Default Configuration No CFM domains are preconfigured Command Mode Global Configuration mode User Guidelines Each domain must have a unique name and level for example one cannot create a domain qwerty at level 2 if domain qwerty already exists at level 1 Likewise one cannot create a domain d...

Page 426: ...nce association The range is 1 4093 Default Configuration No VLANs are associated with a maintenance domain by default Command Mode Maintenance Domain Configuration mode User Guidelines This command has no user guidelines Example console config cfm mdomain service serv1 vlan 10 ethernet cfm cc level Use the ethernet cfm cc level command in Global Configuration mode to initiate sending continuity c...

Page 427: ...thernet cfm mep level Use the ethernet cfm mep level command in Interface Configuration mode to create a Maintenance End Point MEP on an interface at the specified level and direction MEPs are configured per Maintenance Association per Maintenance Domain Use the no form of the command to delete a MEP Syntax ethernet cfm mep level 0 7 direction up down mpid 1 8191 vlan vlan id level Maintenance ass...

Page 428: ... Use the ethernet cfm mep enable command in Interface Configuration mode to enable a MEP at the specified level and direction Use the no form of the command to disable the MEP Syntax ethernet cfm mep enable level 0 7 vlan vlan id mpid 1 8191 level Maintenance association level mpid Maintenance entity identifier vlan VLAN on which the MEP operates The range is 1 4093 Default Configuration No MEPs a...

Page 429: ...ethernet cfm mep active level 0 7 vlan vlan id mpid 1 8191 level Maintenance association level mpid Maintenance entity identifier vlan VLAN on which the MEP operates The range is 1 4093 Default Configuration No MEPs are preconfigured Command Mode Interface Configuration User Guidelines This command has no user guidelines ethernet cfm mep archive hold time Use the ethernet cfm mep archive hold time...

Page 430: ...ets the hold time for maintaining internal information regarding a missing MEP console config ethernet cfm mep archive hold time 1200 ethernet cfm mip level Use the ethernet cfm mip level command in Interface Configuration mode to create a Maintenance Intermediate Point MIP at the specified level The MEPs are configured per Maintenance Domain per interface Use the no form of the command to delete ...

Page 431: ...aintenance association level mac addr The destination MAC address for which the connectivity needs to be verified Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity is to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VLAN associated with the maintenance do...

Page 432: ...nation MAC address for which the connectivity needs to be verified Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity is to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VLAN associated with the maintenance domain Range 1 4093 mpid The MEP ID from which th...

Page 433: ...characters in length Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines Level The maintenance association level SVID The service identifier MPID The maintenance endpoint identifier DefRDICcm A remote MEP reported the RDI bit in a CCM DefMACStatus Some remote MEP reported its Interface...

Page 434: ...nd to display the configured parameters in a maintenance domain Syntax show ethernet cfm domain brief domain id domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines This command has no user gui...

Page 435: ...ce identifiers and port channel interface identifiers Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines Refer to IEEE 802 1ag for an explanation of the maintenance association level and MEP ID Typically these are assigned by the top level network service provider MPID The maintenance...

Page 436: ...how ethernet cfm maintenance points remote level 0 7 domain domain name detail mac mac address mep mpid domain domain name level 0 7 vlan vlan id domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length level Maintenance association level mac addr The destination MAC address for which the connectivity needs to be verified Either MEP ID or the MAC address option...

Page 437: ... expiry timer Service Id The configured service identifier Example console show ethernet cfm maintenance points remove level 1 MEP Id RMEP Id Level MAC VLAN Expiry Timer sec Service Id 1 2 1 00 11 22 33 44 55 10 25 serv1 show ethernet cfm statistics Use the show ethernet cfm maintenance points remote command to display the CFM statistics Syntax show ethernet cfm statistics domain domain name level...

Page 438: ...eceived Count of the number of loopback replies received with a MAC Service Data Unit that did not match the corresponding LBM Unexpected LTR s received A count of the number of Link Trace Replies fore which no LTM was sent Example show Ethernet cfm statistics domain domain name level 0 7 Console show ethernet cfm statistics Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 1 Out of sequence CC...

Page 439: ...s transmitted 0 Unexpected LTR s received 0 Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 3 Out of sequence CCM s received 0 CCM s transmitted 1 In order Loopback Replies received 0 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 5 Unexpected LTR s received 0 ...

Page 440: ...hen no link partner is present This feature is currently available only on GE copper ports Energy Efficient Ethernet Energy Efficient Ethernet EEE combines the MAC with a family of PHYs that support operation in a Low Power Mode as defined by the IEEE 802 3az Energy Efficient Ethernet Task Force Lower Power Mode enables both the send and receive sides of the link to disable some functionality for ...

Page 441: ...e no form of the command to disable energy detect mode on the interface s Syntax green mode energy detect no green mode energy detect Default Configuration On N1100 ON N1500 N2000 N2100 ON N3000 and N3100 ON switches energy detect is enabled by default Energy detect mode is enabled by default and cannot be disabled on N4000 10G copper interfaces Command Mode Interface Configuration mode User Guide...

Page 442: ...e some functionality for power savings when lightly loaded The transition to Low Power Idle mode does not change the link status Frames in transit are not dropped or corrupted in transition to and from Low Power Idle mode On combo ports eee mode can be enabled even if the port is using the fiber interface If enabled eee mode is only active when the copper interface is active Use the no form of the...

Page 443: ...e Default Configuration By default the transmit idle time is 600 micro seconds and the transmit wake time is 8 micro seconds Command Mode Interface Configuration mode Interface Range Configuration mode User Guidelines The tx idle time parameter sets the amount of time the link must be idle before transitioning to the low power idle state The tx wake time configures the delay before transitioning t...

Page 444: ... a specified interface or for all the interfaces based upon the argument Syntax clear green mode statistics interface id all interface id An Ethernet interface identifier See Interface Naming Conventions for interface representation all All Ethernet interfaces Default Configuration This command has no default configuration Command Mode Privileged Exec User Guidelines This command has no user guide...

Page 445: ...to keep Default Configuration The sampling interval default value is 3600 seconds and the max samples default value is 168 Command Mode Global Configuration User Guidelines EEE and energy detect modes are only supported on N4000 series 10G copper ports and on N1100 ON N1500 N2000 N2100 ON N3000 N3100 ON 1G copper ports Examples Use the command below to set the EEE LPI History sampling interval to ...

Page 446: ...n Ethernet interface identifier See Interface Naming Conventions for interface representation Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines This command output provides the following information Term Description Energy Detect Energy detect admin mode Energy detect mode is enabled...

Page 447: ...field is incremented each time MAC TX enters LP IDLE state Shows the total number of Tx LPI Events since EEE counters are last cleared Rx Low Power Idle Duration μSec This field indicates duration of Tx LPI state in 10us increments Shows the total duration of Tx LPI since the EEE counters are last cleared Tw_sys_tx μSec Integer that indicates the value of Tw_sys that the local system can support T...

Page 448: ...bute Remote Tw_sys_rx Echo μSec Integer that indicates the value of Receive Tw_sys echoed back by the remote system This value maps from the aLldpXdot3RemRxTwSysEcho attribute Remote Fallback Tw_sys μSec Integer that indicates the value of fallback Tw_sys that the remote system is advertising This attribute maps to the variable RemFbSystemValue as defined in 78 4 2 3 Tx_dll_enabled Initialization ...

Page 449: ...tx usec 21 Remote Tw_sys_tx Echo usec 21 Remote Tw_sys_rx usec 21 Remote Tw_sys_tx Echo usec 21 Remote fallback Tw_sys usec 21 Tx DLL enabled Yes Tx DLL ready Yes Rx DLL enabled Yes Rx DLL ready Yes Cumulative Energy Saving W H 2 37 Time Since Counters Last Cleared 1 day 20 hr 47 min 34 sec show green mode Use the show green mode command to display the green mode configuration for the whole system...

Page 450: ...thernet Features Supported 1 Energy Detect EEE LPI History LLDP Cap Exchg Pwr Usg Est Interface Energy Detect Short Reach Config Short Reach EEE Config Opr Auto Forced Opr Config Gi1 0 1 Enabled Active Enabled Disabled In Active Enabled Gi1 0 2 Enabled Active Enabled Disabled In Active Enabled Term Description Energy Detect Energy detect Config Energy detect Admin mode is enabled or disabled Energ...

Page 451: ...ode eee lpi history interface interface id interface id An Ethernet interface identifier See Interface Naming Conventions for interface representation Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines On combo ports samples are only collected on the copper ports when enabled The foll...

Page 452: ...f Sample Time Since Time spent in Time spent in No The Sample LPI mode since LPI mode since Was Recorded last sample last reset 3 00 00 00 09 3 3 2 00 00 00 40 4 7 1 00 00 01 11 3 10 Sample Time Time since last reset Time Spent in LPI Mode Since Last Sample Percentage of time spent in LPI mode on this port when compared to sampling interval Time Spent in LPI Mode Since Last Reset Percentage of tot...

Page 453: ... addresses associated with the Group 2 Group service requirements information This indicates that one or more GMRP participants require Forward all Groups or Forward Unregistered to be the default filtering behavior NOTE The Group Service capability is not supported Registration of group membership information allow networking devices to be made aware that frames destined for that group MAC addres...

Page 454: ...group members NOTE This feature is not available on the N3000 when loaded with the AGGREGATION ROUTER enabled firmware e g N3000_BGPvA B C D stk Commands in this Section This section explains the following commands gmrp enable Use the gmrp enable command in Global Configuration mode to enable GMRP globally or Interface Configuration mode to enable GMRP on a port Syntax gmrp enable no gmrp enable D...

Page 455: ...nit slot port fortygigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines Example The following example clears all the GMRP statistics information on port Gi1 0 8 console clear gmrp statistics gigabitethernet 1 0 8 show gmrp configuration Use the show gmrp configuration com...

Page 456: ...RP Mode Create Register centisecs centisecs centisecs Forbid Forbid Gi1 0 1 20 60 1000 Disabled Gi1 0 2 20 60 1000 Disabled Gi1 0 3 20 60 1000 Disabled Gi1 0 4 20 60 1000 Disabled Gi1 0 5 20 60 1000 Disabled Gi1 0 6 20 60 1000 Disabled Gi1 0 7 20 60 1000 Disabled Gi1 0 8 20 90 1000 Enabled X Gi1 0 9 20 60 1000 Disabled Gi1 0 10 20 60 1000 Disabled Gi1 0 11 20 60 1000 Disabled Gi1 0 12 20 60 1000 D...

Page 457: ...P then process the GPDUs The VLAN registration is made in the context of the port that receives the GPDU The networking device propagates this VLAN membership on all of its other ports in the active topology Thus the end station VLAN ID is propagated throughout the network GVRP is an application defined in the IEEE 802 1p standard that allows for the control of 802 1Q VLANs NOTE This feature is no...

Page 458: ...se the garp timer command in Interface Configuration mode to adjust the GARP application join leave and leaveall GARP timer values To reset the timer to default values use the no form of this command Syntax garp timer join leave leaveall timer_value no garp timer join Indicates the time in centiseconds that PDUs are transmitted leave Indicates the time in centiseconds that the device waits before ...

Page 459: ...han or equal to three times the join time Leaveall time must be greater than the leave time Set the same GARP timer values on all Layer 2 connected devices If the GARP timers are set differently on Layer 2 connected devices the GARP application will not operate successfully The timer_value setting must be a multiple of 10 Example The following example sets the leave timer for port 1 0 8 to 90 cent...

Page 460: ...the device console config gvrp enable gvrp enable Interface Configuration Use the gvrp enable command in Interface Configuration mode to enable GVRP on an interface To disable GVRP on an interface use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is disabled on all interfaces by default Command Mode Interface Configuration gigabitethernet port channel ten...

Page 461: ...ce gigabitethernet 1 0 8 console config if Gi1 0 8 gvrp enable gvrp registration forbid Use the gvrp registration forbid command in Interface Configuration mode to deregister all VLANs on a port and prevent any dynamic registration on the port To allow dynamic registering for VLANs on a port use the no form of this command Syntax gvrp registration forbid no gvrp registration forbid Default Configu...

Page 462: ...le dynamic VLAN creation use the no form of this command Syntax gvrp vlan creation forbid no gvrp vlan creation forbid Default Configuration By default dynamic VLAN creation is enabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet fortygigabitethernet mode User Guidelines This command is available in Ethernet interface configuration mode and port channel inte...

Page 463: ...nd is valid for Ethernet and port channel interfaces If no interface id parameter is given all interfaces are shown Example The following example shows how to display GVRP configuration information console show gvrp configuration Global GVRP Mode Disabled Join Leave LeaveAll Port VLAN Interface Timer Timer Timer GVRP Mode Create Register centisecs centisecs centisecs Forbid Forbid Gi1 0 1 20 60 10...

Page 464: ... identifier Default Configuration This command has no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines If no interface id parameter is given all interfaces are shown Example The following example displays GVRP error statistics information console show gvrp error statistics GVRP error statistics Legend IN...

Page 465: ...mand has no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example This example shows output of the show gvrp statistics command console show gvrp statistics GVRP statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Received rLIn Leave In Receiv...

Page 466: ...sEmp sLIn sLE sLA Gi1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 Gi1 0 2 0 0 0 0 0 0 0 0 0 0 0 0 Gi1 0 3 0 0 0 0 0 0 0 0 0 0 0 0 Gi1 0 4 0 0 0 0 0 0 0 0 0 0 0 0 Gi1 0 5 0 0 0 0 0 0 0 0 0 0 0 0 Gi1 0 6 0 0 0 0 0 0 0 0 0 0 0 0 Gi1 0 7 0 0 0 0 0 0 0 0 0 0 0 0 Gi1 0 8 0 0 0 0 0 0 0 0 0 0 0 0 ...

Page 467: ...MC Networking are mapped to link layer addresses The Multicast Forwarding Database MFDB manages the forwarding address table for Layer 2 multicast protocols such as IGMP Snooping The IGMP Snooping code in the CPU ages out IGMP entries in the MFDB If a report for a particular group on a particular interface is not received within a certain time interval query interval the IGMP Snooping code deletes...

Page 468: ...e the ip igmp snooping command in Global Configuration mode without parameters to globally enable Internet Group Management Protocol IGMP snooping Use the vlan form of the command to enable IGMP snooping on a specific VLAN Use the no form of this command to disable IGMP snooping globally Syntax ip igmp snooping vlan vlan id no ip igmp snooping vlan vlan id vlan id Specifies a VLAN ID value ip igmp...

Page 469: ...is recommended If a multicast source is connected to a VLAN on which both L3 multicast and IGMP MLD snooping are enabled the multicast source is forwarded to the mrouter ports including the internal mrouter port If IGMP snooping is disabled multicast data plane packets are flooded in the VLAN IGMP snooping and IGMP querier validates IGMP packets As part of the validation IGMP checks for the router...

Page 470: ... Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console config show ip igmp snooping Admin Mode Enable IGMP Router Alert check Enabled Multicast Control Frame Count 0 SSM FDB Capacity 0 SSM FDB Current Entries 0 SSM FDB High Water Mark 0 Flooding Unregistered to All Ports Disabled Vlan 1 IGMP Snooping Admin Mode Enabled Immediate Leave...

Page 471: ... address Default Configuration This command has no default configuration Command Mode User Exec mode Global Configuration mode and all Configuration submodes User Guidelines To see the full Multicast address table including static addresses use the show mac address table command Example This example shows IGMPv2 snooping entries console config show ip igmp snooping groups Vlan Group Type OIFs 1 22...

Page 472: ...Unregistered to All Ports Disabled Vlan 1 IGMP Snooping Admin Mode Enabled Immediate Leave Mode Disabled Group Membership Interval 260 Last Member Query Interval 10 Multicast Router Expiry Time 300 Report Suppression Mode Enabled show ip igmp snooping mrouter Use the show ip igmp snooping mrouter command to display information on dynamically learned Multicast router interfaces Syntax show ip igmp ...

Page 473: ...ral queries to the interface The no form of this command disables IGMP Snooping immediate leave mode on a VLAN You should enable immediate leave admin mode only on VLANs where only one host is connected to each layer 2 LAN port This setting prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 LAN port but were still interested in receiving multicast traffic ...

Page 474: ...a particular interface before deleting the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds The no form of this command sets the IGMPv3 Group Membership Interval time to the default value Syntax ip igmp snooping vlan vlan id groupmembership interval time no ip igmp snooping vlan vlan id groupmembership interval vlan id A...

Page 475: ...The range is 1 to 25 seconds The no form of this command sets the last member query interval on the VLAN to the default value Syntax ip igmp snooping vlan vlan id last member query interval time no ip igmp snooping vlan vlan id last member query interval vlan id A VLAN identifier Range 1 4093 time Number of seconds after which a host is considered to have left the group Range 1 25 Default Configur...

Page 476: ...ion time to 0 The time is set for a particular VLAN Syntax ip igmp snooping vlan vlan id mcrtexpiretime time no ip igmp snooping vlan vlan id mcrtexpiretime time vlan id A VLAN identifier Range 1 4093 time Multicast router present expiration time Range 1 3600 Default Configuration The default multicast router present expiration time is 300 seconds Command Mode Global Configuration mode User Guidel...

Page 477: ... Report suppression is only applicable to IGMPv1 and IGMPv2 Example The following example sets the snooping report suppressions time to 10 seconds console config ip igmp snooping vlan 10 report suppression ip igmp snooping unregistered floodall This command enables flooding of unregistered multicast traffic to all ports in the VLAN Use the no form of this command to only flood unregistered multica...

Page 478: ... ip igmp snooping vlan vlan id mrouter interface interface id vlan id A VLAN identifier Range 1 4093 interface id The next hop interface to the multicast router Ethernet interface identifiers and port channel identifiers are allowed Default Configuration There are no multicast router ports configured by default Command Mode Global Configuration mode User Guidelines It is preferable to configure mr...

Page 479: ...re that IGMP snooping will selectively forward IPv4 multicast data traffic in a VLAN even if no dynamically discovered IPv4 multicast router has been discovered Multicast data plane traffic from multicast sources in a VLAN is always forwarded to the mrouter ports in the VLAN Multicast control plane packets those addressed to the reserved 224 0 0 X address are always flooded in the VLAN regardless ...

Page 480: ...present in the network the Dell EMC Networking switch can be configured as an IGMP querier When IGMP Snooping Querier is enabled the Querier sends out periodic IGMP General Queries that trigger the multicast listeners members to send their joins to the querier so as to receive the multicast data traffic IGMP snooping listens to these reports to establish the appropriate L2 forwarding table entries...

Page 481: ...rce address Default Configuration The IGMP Snooping Querier feature is globally disabled on the switch When enabled the IGMP Snooping Querier stops sending queries if it detects IGMP queries from a multicast enabled router The Snooping Querier periodically querier timer expiry wakes up and listens for IGMP queries and if found goes back to sleep If no IGMP queries are heard then the Snooping Queri...

Page 482: ...nfig ip igmp snooping querier vlan 1 address 10 19 67 1 ip igmp snooping querier election participate This command enables the Snooping Querier to participate in the Querier Election process when it discovers the presence of another Snooping Querier in the VLAN When election mode is enabled if the Snooping Querier finds that the other Querier source address is numerically higher than the Snooping ...

Page 483: ...snooping querier election participate 10 ip igmp snooping querier query interval This command sets the IGMP Querier Query Interval time which is the amount of time in seconds that the switch waits before sending another periodic query The no form of this command sets the IGMP Querier Query Interval time to its default value Syntax ip igmp snooping querier query interval interval count no ip igmp s...

Page 484: ...00 ip igmp snooping querier timer expiry This command sets the IGMP Querier timer expiration period which is the time period that the switch remains in Non Querier mode after it has discovered that there is a Multicast Querier in the network The no form of this command sets the IGMP Querier timer expiration period to its default value Syntax ip igmp snooping querier timer expiry seconds no ip igmp...

Page 485: ...gmp snooping querier version version IGMP version Range 1 2 Default Configuration The querier version default is 2 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the IGMP version of the querier to 1 console config ip igmp snooping querier version 1 show ip igmp snooping querier This command displays IGMP Snooping Querie...

Page 486: ... Indicates whether or not IGMP Snooping Querier is active on the switch IGMP Version Indicates the version of IGMP that will be used while sending out the queries Querier Address Shows the IP address that is used in the IPv4 header when sending out IGMP queries It can be configured using the appropriate command Querier Query Interval Shows the amount of time in seconds that a Snooping Querier wait...

Page 487: ...rier state it waits for moving to Querier state and does not send out any queries VLAN Operational Max Response Time Indicates the time to wait before removing a Leave from a host upon receiving a Leave request This value is calculated dynamically from the Queries received from the network If the Snooping Switch is in Querier state then it is equal to the configured value Querier Election Particip...

Page 488: ...Layer 2 Switching Commands 488 Operational State Querier Operational version 1 ...

Page 489: ...sabled interface can be manually enabled using the no shutdown command Alternatively administrator can enable auto recovery feature Dell EMC Networking Auto Recovery re enables the interface after the expiry of configured time interval Commands in this Section This section explains the following commands errdisable recovery cause Use the errdisable recovery cause command to enable automatic recove...

Page 490: ...nsertion of an unsupported transceiver sfpplus mismatch Recovery for insertion of an SFP transceiver in an SFP port udld Recovery for UDLD disabled interfaces is enabled ucast storm Recovery for unicast storm disabled interfaces is enabled Default Configuration No recovery causes are enabled by default Command Mode Global Configuration mode User Guidelines Error disabled interfaces indicate that a...

Page 491: ...ups Command History Implemented in version 6 3 0 1 firmware Example The following example enables auto recovery for all causes console config errdisable recovery cause all errdisable recovery interval Use the errdisable recovery interval command to configure the interval for error recovery of interfaces disabled due to any cause Use the no form of the command to reset the interval to the default S...

Page 492: ...face time expires Interfaces recovered by auto recovery issue a log message indicating that recovery is being attempted 13 Sep 25 14 38 32 10 130 135 107 1 UDLD nim_t udld_util c 1829 87 Interface Gi1 0 1 is restored from the error disabled state Command History Implemented in version 6 3 0 1 firmware Example The following example sets the error recovery timer to 30 seconds console config errdisab...

Page 493: ...14 38 32 10 130 135 107 1 UDLD nim_t udld_util c 1829 87 Interface Gi1 0 1 is restored from the error disabled state The following information is displayed Command History Implemented in version 6 3 0 1 firmware Term Description ARP inspection ARP inspection auto recovery BPDU Guard BPDU guard auto recovery Broadcast Storm Broadcast storm auto recovery BPDU Storm BPDU storm auto recovery DHCP Rate...

Page 494: ... auto recovery of error disabled interfaces 300 seconds show interfaces status err disabled Use the show interfaces status err disabled command to display the interfaces that are error disabled by the system Syntax show interfaces status err disabled Default Configuration No recovery causes are enabled by default Command Mode Privileged Exec mode Global Configuration mode and all submodes User Gui...

Page 495: ... c 1829 87 Interface Gi1 0 1 is restored from the error disabled state The possible causes for error disabled interfaces are Command History Implemented in version 6 3 0 1 firmware Term Description ARP inspection ARP inspection auto recovery BPDU Guard BPDU guard auto recovery Broadcast Storm Broadcast storm auto recovery BPDU Storm BPDU storm auto recovery DHCP Rate Limit DHCP rate limit auto rec...

Page 496: ...Layer 2 Switching Commands 496 Example The following example console show interfaces status err disabled Interface Reason Recovery Delay Gi1 0 1 UDLD 279 Gi1 0 2 BPDU Guard 285 Gi1 0 3 BPDU Storm 291 ...

Page 497: ...s of routing updates decide which types of traffic are forwarded or blocked and above all provide security for the network ACLs are normally used in firewall routers that are positioned between the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of ...

Page 498: ... the optional time range parameter The time range parameter allows imposing a time limitation on the IPv6 ACL rule as defined by the parameter time range name If a time range with the specified name does not exist and the IPv6 ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with the specified name exists and the IP...

Page 499: ...dp Every Match any protocol don t care source ipv6 prefix prefixlength any host src ipv6 address Specifies a source IP address and netmask to match for the IP ACL rule For IPv6 ACLs any implies a 0 128 prefix and a mask of all ones Specifying host X X implies a prefix length as 128 and a mask of 0 128 range portkey startport portkey endport eq neq lt gt portkey 0 65535 Specifies the layer 4 destin...

Page 500: ... 4 destination port number is not equal to the specified port number or portkey IPv6 TCP port names bgp domain echo ftp ftp data http smtp telnet www pop2 pop3 IPv6 UDP port names domain echo ntp rip snmp time who destination ipv6 prefix prefix length any host destination ipv6 address Specifies a destination IP address and netmask for match condition of the IP ACL rule For IPv6 ACLs any implies 0 ...

Page 501: ...is option is visible only if the protocol is icmpv6 ICMPv6 message types destination unreachable echo reply echo request header hop limit mld query mld reduction mld report nd na nd ns next header no admin no route packet too big port unreachable router solicitation router advertisement router renumbering time exceeded unreachable The icmpv6 message types are available only if the protocol is icmp...

Page 502: ...the assign queue which is the queue identifier to which packets matching this rule are assigned mirror redirect interface id Specifies the mirror or redirect Ethernet interface to which packets matching this rule are copied or forwarded respectively rate limit rate burst size Specifies the allowed rate of traffic as per the configured rate in Kbps and burst size in kbytes Rate the committed rate i...

Page 503: ... permit deny rule that does not have a rate limit parameter is assigned a counter If counter resources become exhausted a warning is issued and the rule is applied to the hardware without the counter If a permit deny clause is entered with the same sequence number as an existing rule an error is displayed and the existing rule is not updated with the new information Since ACLs have an implicit den...

Page 504: ...d in 6 3 0 1 firmware Example and description updated in the 6 4 release Example The following example creates rules in an IPv6 ACL named STOP_HTTP to discard any HTTP traffic from the 2001 DB8 0 32 network but allow all other traffic from that network console config ipv6 access list STOP_HTTP console Config ipv6 acl deny tcp 2001 DB8 0 32 any eq http console Config ipv6 acl permit every ipv6 acce...

Page 505: ... creates an IPv6 ACL named DELL_IP6 and enters the IPv6 Access List Configuration mode console config ipv6 access list DELL_IP6 console Config ipv6 acl ipv6 access list rename The ipv6 access list rename command changes the name of an IPv6 Access Control List ACL This command fails if an IPv6 ACL with the new name already exists Syntax ipv6 access list rename name newname name the name of an exist...

Page 506: ...erface and direction A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified IPv6 access list replaces the currently attached IPv6 access list using that sequence number If the sequence number is not specified for this command a sequence number that is one greater than the highest sequence number currently in use for th...

Page 507: ...llows application of an ACL on the CPU port ingress queue Control plane packets e g BPDUs are dropped because of the implicit deny all rule added at the end of every access control list To mitigate this behavior permit rules must be added by the operator to allow the appropriate control plane packets to ingress the CPU i e ARP DHCP LACP STP BPDU etc The control plane keyword does not filter traffi...

Page 508: ...mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show ipv6 access lists Current number of ACLs 4 Maximum number of ACLs 100 ACL Name Rules Interface s Direction Count IPv6 ACL 1 Gi1 0 8 Inbound 43981900 asdasd 2 Gi1 0 7 Inbound 3981901 console show ipv6 access lists IPv6 ACL IPV6 ACL Name IPv6 ACL Inbound Interface s Gi1 0 8 Rule Num...

Page 509: ... Address fe80 2121 128 Destination IPV6 Address fe80 1212 128 Destination Layer 4 Operator Equal To Destination L4 Port Keyword 800 Flow Label 65535 TCP Flags FIN Set SYN Ignore RST Ignore PSH Ignore ACK Ignore URG Ignore ACL Hit Count 43981900 ...

Page 510: ...o IGMPv2 MLD version 2 MLDv2 is equivalent to IGMPv3 MLD is a subprotocol of Internet Control Message Protocol version 6 ICMPv6 and MLD messages are a subset of ICMPv6 messages identified in IPv6 packets by a preceding Next Header value of 58 Dell EMC Networking switches can snoop on both MLDv1 and MLDv2 protocol packets and bridge IPv6 multicast data based on destination IPv6 Multicast MAC Addres...

Page 511: ... mld snooping vlan id groupmembership interval time vlan id A VLAN identifier Range 1 4093 time MLD group membership interval time in seconds Range 2 3600 Default Configuration The default group membership interval time is 260 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ipv6 mld snooping vlan 2 groupmembership interval 1...

Page 512: ...entifier Range 1 4093 Default Configuration Immediate leave is disabled on all VLANs by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example This example enables mld snooping immediate leave for VLAN 2 console config ipv6 mld snooping vlan 2 immediate leave ipv6 mld snooping listener message suppression This command enables MLD listen...

Page 513: ... suppression ipv6 mld snooping vlan last listener query interval The ipv6 mld snooping vlan last listener query interval command sets the number of seconds after which a host is considered to have left the group This value must be less than the MLD Query Interval time value The range is 1 to 25 seconds Syntax ipv6 mld snooping vlan vlan id last listener query interval time no ipv6 mld snooping vla...

Page 514: ...o be received on an interface before the interface is removed from the list of interfaces with multicast routers attached The range is 1 to 3600 seconds Syntax ipv6 mld snooping vlan vlan id mcrtrexpiretime time no ipv6 mld snooping vlan vlan id mcrtrexpiretime vlan id A VLAN identifier Range 1 4093 time Multicast router present expiration time in seconds Range 1 3600 Default Configuration The def...

Page 515: ...ault Command Mode Global Configuration mode User Guidelines MLD snooping will forward IPv6 multicast data packets in the VLAN if a static mrouter port is configured This behavior can be used to ensure that MLD snooping will selectively forward IPv6 multicast data traffic even if no dynamically discovered IPv6 multicast router has been discovered Example console config ipv6 mld snooping vlan 10 mro...

Page 516: ...s not occur Enabling MLD snooping on an IPv6 L3 multicast router is recommended If a multicast source is connected to a VLAN on which both L3 multicast and IGMP MLD snooping are enabled the multicast source is forwarded to the mrouter ports as well as the internal mrouter port MLD snooping does not flood IPv6 multicast data plane packets in the VLAN if IPv6 L3 routing is enabled If MLD snooping is...

Page 517: ...abled If enabled multicast data traffic for which no listeners have registered is flooded to all ports in a VLAN instead of only flooded to multicast router ports SSM FDB Capacity The capacity of the SSM FDB SSM FDB Current Entries The current count of SSM FDB entries SSM FDB High Water Mark The highest count of FDB entries since the last clear counters When you specify an interface or VLAN the fo...

Page 518: ...only the first report received in response to a query to the router Example console config show ipv6 mld snooping Admin Mode Enable Multicast Control Frame Count 6255 SSM FDB Capacity 64 SSM FDB High Water Mark 1 SSM FDB Current Entries 1 Flooding Unregistered to All Ports Disabled Vlan 1 MLD Snooping Admin Mode Enabled Immediate Leave Mode Disabled Group Membership Interval 260 Last Listener Quer...

Page 519: ...ow mac address table multicast command Example This example shows MLDv2 snooping entries console show ipv6 mld snooping groups Vlan Group Type OIFs 1 3333 0000 0003 Dynamic Te1 0 1 Te1 0 17 MLD SSM Entries VLAN Group Reporter Filter IIF Source Address 1 ff1e 2222 2222 fe80 200 3ff f include Te1 0 1 2001 2 2222 2222 2222 e00 b00 2222 2222 show ipv6 mld snooping mrouter Use the show ipv6 mld snoopin...

Page 520: ...r ports including statically configured mrouter ports If a static mrouter port is configured in a VLAN MLD snooping will forward multicast data plane packets received on the VLAN even if the interface is down This behavior can be used to ensure that MLD snooping will selectively forward IPv6 multicast data traffic even if no dynamically discovered IPv6 multicast router has been discovered Example ...

Page 521: ...e switched the switch can be configured as an MLD querier When MLD Snooping Querier is enabled the Querier sends out periodic MLD General Queries that trigger the Multicast listeners member to send their joins so as to receive the Multicast data traffic MLD Snooping listens to these reports to establish the appropriate forwarding table entries Commands in this Section This section explains the fol...

Page 522: ...st routing Example console config ipv6 mld snooping querier ipv6 mld snooping querier VLAN mode Use the ipv6 mld snooping querier command in VLAN mode to enable MLD Snooping Querier on a VLAN Use the no form of this command to disable MLD Snooping Querier on a VLAN Syntax ipv6 mld snooping querier vlanvlan id no ipv6 mld snooping querier vlan vlan id vlan id A VLAN identifier Range 1 4093 Default ...

Page 523: ...er address prefix An IPv6 address prefix prefix length Designates how many of the high order contiguous bits of the address make up the prefix Default Configuration There is no global MLD Snooping Querier address configured by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 mld snooping querier address Fe80 5 ...

Page 524: ...al Configuration mode User Guidelines If there is another querier in the network and the local querier is in election mode then the querier with the lower IP address is elected and the other querier stops querying If the local querier is not in election mode and another querier is detected the local querier stops querying Example console config vlan ipv6 mld snooping querier election participate 1...

Page 525: ... command to set the MLD Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is another Multicast Querier in the network Use the no form of this command to reset the timer expiration period to the default Syntax ipv6 mld snooping querier timer expiry timer ipv6 mld snooping querier timer expiry timer The time that the s...

Page 526: ...nge 1 4093 Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines When the optional argument vlan vlan id is not used the command shows the following information Parameter Description MLD Snooping Querier Mode Indicates whether or not MLD Snooping Querier is active on the sw...

Page 527: ...e MLD Snooping Querier participates in querier election if it discovers the presence of a querier in the VLAN Querier VLAN Address Shows the IP Address which will be used in the IPv6 header while sending out MLD queries Operational State Indicates whether MLD Snooping Querier is in Querier or Non Querier state When the switch is in Querier state it will send out periodic general queries When in No...

Page 528: ...port where DHCP snooping is disabled or where DHCP snooping is enabled but the port is trusted all IP traffic received on that port is dropped depending upon the admin configured IPSG entries IPSG cannot be enabled on a port based routing interface IPSG uses two enforcement mechanisms the L2FDB to enforce the source MAC address and ingress VLAN and an ingress classifier to enforce the source IP ad...

Page 529: ...oming traffic on the interface is dropped Incoming traffic is filtered based on the source IP address and VLAN When the port security keyword is configured filtering occurs based upon source IP address VLAN and source MAC address IP source guard also interacts with the port security component Use the switchport port security command in interface mode to optionally add checking of learned MAC addre...

Page 530: ...ss and MAC address are used to match the source IP address and source MAC address for packets received on the interface Hosts sending packets using the configured source IP address and source MAC address are trusted on the interface Example console config ip verify binding 00 11 22 33 44 55 vlan 1 1 2 3 4 interface gigabitethernet 1 0 2 show ip verify Use the show ip verify command to display the ...

Page 531: ...ng ipv6 mac IPv6 plus MAC address filtering N A No filtering is configured on the interface Example console config if Gi1 0 5 show ip verify Interface Filter Type Gi1 0 1 ip Gi1 0 2 ipv4 mac Gi1 0 3 N A Gi1 0 4 N A Gi1 0 5 ipv4 mac Gi1 0 6 N A Gi1 0 7 N A Gi1 0 8 N A Gi1 0 9 N A console config if Gi1 0 5 show ip verify interface gi1 0 5 Interface Filter Type Gi1 0 5 ipv6 mac show ip verify source ...

Page 532: ...submodes User Guidelines This command has no user guidelines Example console show ip verify source interface gigabitethernet 1 0 1 Interface Filter Type IP Address MAC Address Vlan Gi1 0 1 ip 1 2 3 4 00 12 32 43 54 66 1 show ip source binding Use the show ip source binding command to display all bindings static and dynamic Syntax show ip source binding Default Configuration There is no default con...

Page 533: ...ayer 2 Switching Commands 533 User Guidelines This command has no user guidelines Example console show ip source binding MAC Address IP Address Type VLAN Interface 0011 2233 4455 1 2 3 4 static 1 Gi1 0 2 ...

Page 534: ...ccurate 802 3x Flow Control Pause Frame generation In these cases the application of QoS treatment other than the default policy may result in less overall throughput or more packet loss By default iSCSI optimization is enabled and iSCSI QoS treatment is disabled LLDP is used to detect the presence of EqualLogic storage arrays When iSCSI optimization is enabled and LLDP detects an EQL array on a p...

Page 535: ...eature is not available on the N3000 when loaded with the AGGREGATION ROUTER enabled firmware e g N3000_BGPvA B C D stk Commands in this Section This section explains the following commands iscsi aging time The iscsi aging time command sets the time out value for iSCSI sessions To reset the aging time to the default value use the no form of this command Syntax iscsi aging time time no iscsi aging ...

Page 536: ... iscsi aging time 100 iscsi cos Use the iscsi cos command in Global Configuration mode to set the quality of service profile that will be applied to iSCSI flows To return the VPT DSCP setting to the default value use the no form of this command VPT DSCP values can be configured independently from the application of QoS treatment Syntax iscsi cos enable disable vpt vpt dscp dscp remark no iscsi cos...

Page 537: ...obin WRR You may alter the QoS setting by configuring the relevant ports to work in other scheduling and queue management modes via the Class of Service settings These choices may include strict priority for the queue used for iSCSI traffic The downside of strict priority is that in certain circumstances under heavy high priority traffic other lower priority traffic may get starved In WRR the queu...

Page 538: ...ualLogic Storage arrays via LLDP is also enabled by this command Upon detection of an EQL array the specific interface involved will have spanning tree portfast enabled and unicast storm control disabled These changes appear in the running config Disabling iSCSI Optimization does not disable flow control portfast or storm control configuration applied as a result of enabling iSCSI Optimization On ...

Page 539: ...ddress ip address name targetname no iscsi target port tcp port 1 tcp port 2 tcp port 16 address ip address tcp port TCP port number or list of TCP port numbers on which iSCSI target s listen to requests Up to 16 TCP ports can be defined in the system in one command or by using multiple commands ip address IP address of the iSCSI target When the no form is used and the tcp port to be deleted is on...

Page 540: ...her applications also choose to use these non standard ports When a port is already defined and not bound to an IP address and you want to bind the port to an IP address first remove the port by using the no form of the command and then add it again this time together with the relevant IP address Target names are only for display when using the show iscsi command These names are not used to match ...

Page 541: ...abled iSCSI CoS enabled iSCSI vpt is 5 Session aging time 10 min Maximum number of sessions is 192 iSCSI Targets and TCP Ports TCP Port Target IP Address Name 860 3260 30001 172 16 1 1iqn 1993 11 com disk vendor diskarrays sn 45678 tape sys1 xyz 30033172 16 1 10 iSCSI Static Rule Table Index TCP Port IP Address IP Address Mask TCP Port Target IP AddressName show iscsi sessions Use the show iscsi s...

Page 542: ...bout the iSCSI sessions console show iscsi sessions Target iqn 1993 11 com disk vendor diskarrays sn 45678 Initiator iqn 1992 04 com os vendor plan9 cdrom 12 ISID 11 Initiator iqn 1995 05 com os vendor plan9 cdrom 10 ISID 222 Target iqn 103 1 com storage vendor sn 43338 storage tape sys1 xyz Session 3 Initiator iqn 1992 04 com os vendor plan9 cdrom 12 Session 4 Initiator iqn 1995 05 com os vendor ...

Page 543: ...72 16 1 4 49155 172 16 1 21 30001 172 16 1 5 49156 172 16 1 22 30001 Session 2 Initiator iqn 1995 05 com os vendor plan9 cdrom 10 Time started 17 Aug 2008 21 04 50 Time for aging out 2 min ISID 22 Initiator Initiator Target Target IP address TCP port IP address IP port 172 16 1 30 49200 172 16 1 20 30001 172 16 1 30 49201 172 16 1 21 30001 ...

Page 544: ...hen the system will not allow the operator to configure another link dependency group where port channel 2 depends on port channel 1 Commands in this Section This section explains the following commands action Use the action command in Link Dependency mode to indicate if the link dependency group should mirror or invert the status of the depended on interfaces Syntax action down up down Mirror the...

Page 545: ...ink dependency group Syntax link dependency group GroupId no link dependency group GroupId GroupId Link dependency group identifier Range 1 72 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The preference of a group is to remain in the up state A group will be in the up state if any depends on interface is up and will be in th...

Page 546: ...Guidelines Adding an interface to a dependency list brings the interface down until the depends on command is entered The link status will then follow the interface specified in the depends on command To avoid bringing down interfaces enter the depends on command prior to entering the add command Example console config depend 1 add gigabitethernet 1 0 1 console config depend 1 add tengigabitethern...

Page 547: ...oup or a different group If an interface appears in the add list of any group the interfaces in the corresponding depends on list may not refer back to the interfaces in the add group Examples console config linkDep group 1 depends on gigabitethernet 1 0 10 console config linkDep group 1 depends on port channel 6 show link dependency Use the show link dependency command to show the link dependenci...

Page 548: ...Ports Ports Depended On Link Action Group State 1 Gi4 0 2 3 Gi4 0 5 Gi4 0 10 12 Link Up Up Down The following command shows link dependencies for group 1 only console show link dependency group 1 GroupId Member Ports Ports Depended On Link Action Group State 1 Gi4 0 2 3 Gi4 0 5 Gi4 0 10 12 Link Up Up Down The following command shows detailed information for group 1 console show link dependency gro...

Page 549: ...ment both transmit and receive functions and each function can be enabled or disabled separately by the network manager Dell EMC Networking supports both the transmit and receive functions in order to support device discovery The LLDP component transmit and receive functions can be enabled disabled separately per physical port By default both transmit and receive functions are enabled on all ports...

Page 550: ...nd retrieved using SNMP as defined in the MIB definitions Commands in this Section This section explains the following commands clear lldp remote data Use the clear lldp remote data command to delete all LLDP information from the remote data table Syntax clear lldp remote data clear lldp remote data lldp notification interval show lldp local device clear lldp statistics lldp receive show lldp med ...

Page 551: ...the LLDP remote data console clear lldp remote data clear lldp statistics Use the clear lldp statistics command to reset all LLDP statistics Syntax clear lldp statistics Default Configuration By default the statistics are only cleared on a system reset Command Mode Privileged Exec mode User Guidelines This command has no user guidelines Example The following example displays how to reset all LLDP ...

Page 552: ...es Use this command to disable the sending of DCBX information when it is desirable to utilize legacy QoS and disable the automatic configuration of CNAs based on transmitted DCBX information Example console config no dcb enable lldp med This command is used to enable disable LLDP MED on an interface By enabling MED the transmit and receive functions of LLDP are effectively enabled Syntax lldp med...

Page 553: ...ication This command is used to enable sending topology change notifications Syntax lldp med confignotification no lldp med confignotification Command Mode Interface Configuration Ethernet mode Default Value By default notifications are disabled on all physical interfaces User Guidelines There are no guidelines for this command Example console config lldp med confignotification lldp med faststartr...

Page 554: ...o specify which optional TLVs in the LLDP MED set are transmitted in the LLDPDUs There are certain conditions that have to be met for a port to be MED compliant These conditions are explained in the normative section of the ANSI TIA 1057 specification For example the MED TLV capabilities is mandatory By disabling transmission of the MED capabilities TLV MED is effectively disabled on the interface...

Page 555: ...ole config if Gi1 0 1 lldp med transmit tlv capabilities console config if Gi1 0 1 lldp med transmit tlv network policies lldp notification Use the lldp notification command in Interface Configuration mode to enable remote data change notifications To disable notifications use the no form of this command Syntax lldp notification no lldp notification Default Configuration By default notifications a...

Page 556: ...ion interval interval The smallest interval in seconds at which to send remote data change notifications Range 5 3600 seconds Default Configuration The default value is 5 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to set the interval value to 10 seconds console config lldp notification interval 10 ll...

Page 557: ...parameters for local data transmission on ports enabled for LLDP To return any or all parameters to factory default use the no form of this command Syntax lldp timers interval transmit interval hold hold multiplier reinit reinit delay no lldp timers interval hold reinit transmit interval The interval in seconds at which to transmit local data LLDPDUs Range 5 32768 seconds hold multiplier Multiplie...

Page 558: ...000 The following example displays how to set the timing parameter at 1000 seconds with a hold multiplier of 8 and a 5 second delay before reinitialization console config lldp timers interval 1000 hold 8 reinit 5 lldp transmit Use the lldp transmit command in Interface Configuration mode to enable the LLDP advertise transmit capability To disable local data transmission use the no form of this com...

Page 559: ... of the local system management address information in the LLDPDUs To cancel inclusion of the management information use the no form of this command Syntax lldp transmit mgmt no lldp transmit mgmt Default Configuration By default management address information is not included Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The followin...

Page 560: ...s is the configured host name for the system sys desc Transmits the system description TLV sys cap Transmits the system capabilities TLV port desc Transmits the port description TLV Default Configuration By default the port desc and sys name TLVs are transmitted Command Mode Interface Configuration Ethernet mode User Guidelines The string configured by the hostname command is transmitted by in the...

Page 561: ... all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the current LLDP configuration summary console show lldp LLDP Global Configuration Transmit Interval 30 seconds Transmit Hold Multiplier 4 Reinit Delay 2 seconds Notification Interval 5 seconds Command History Example updated in the 6 4 release show lldp interface Use the show lld...

Page 562: ...ole show lldp interface all Interface Link Transmit Receive Notify TLVs Mgmt Gi1 0 1 Up Enabled Enabled Enabled 0 1 2 3 Y Gi1 0 2 Down Enabled Enabled Disabled Y Gi1 0 3 Down Disabled Disabled Disabled 1 2 N TLV Codes 0 Port Description 1 System Name 2 System Description 3 System Capability console show lldp interface Gi1 0 1 Interface Link Transmit Receive Notify TLVs Mgmt Gi1 0 1 Up Enabled Enab...

Page 563: ... Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Examples These examples show advertised LLDP local data in two levels of detail console show lldp local device all LLDP Local Device Summary Interface Port ID Port Description Gi1 0 1 Gi1 0 1 console show lldp local device detail Gi1 0 1 LLDP Local Device Detail I...

Page 564: ...odes Default Value Not applicable User Guidelines No specific guidelines Example console config show lldp med LLDP MED Global Configuration Fast Start Repeat Count 3 Device Class Network Connectivity show lldp med interface This command displays a summary of the current LLDP MED configuration for a specific interface Syntax show lldp med interface gigabitethernet unit slot port tengigabitethernet ...

Page 565: ... Disabled Disabled Disabled 0 1 Gi1 0 5 Detach Disabled Disabled Disabled 0 1 console show lldp med interface gi1 0 1 LLDP MED Interface Configuration Interface Link configMED operMED ConfigNotify TLVsTx Gi1 0 1 Up Enabled Enabled Disabled 0 1 TLV Codes 0 Capabilities 1 Network Policy 2 Location 3 Extended PSE 4 Extended PD 5 Inventory show lldp med local device detail This command displays the ad...

Page 566: ... 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Software Rev xxx xxx xxx Serial Num xxx xxx xxx Mfg Name xxx xxx xxx Model Name xxx xxx xxx Asset ID xxx xxx xxx Location Subtype elin Info xxx xxx xxx Extended POE Device Type pseDevice Extended POE PSE Availab...

Page 567: ...ote device detail gigabitethernet unit slot port tengigabitethernet unit slot port all Indicates all valid LLDP interfaces detail Includes a detailed version of remote data for the indicated interface Command Mode Privileged Exec Global Configuration mode and all Configuration submodes Default Value Not applicable Example console show lldp med remote device all LLDP Remote Device Summary Local Int...

Page 568: ...ID 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Software Rev xxx xxx xxx Serial Num xxx xxx xxx Mfg Name xxx xxx xxx Model Name xxx xxx xxx Asset ID xxx xxx xxx Location Subtype elin Info xxx xxx xxx Extended POE Device Type pseDevice Ext...

Page 569: ...terface on the device Substitute gigabitethernet unit slot port or tengigabitethernet unit slot port or fortygigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Examples These examples show current LLDP remote data...

Page 570: ...pabilities Enabled Time to Live 113 seconds show lldp statistics Use the show lldp statistics command to display the current LLDP traffic statistics Syntax show lldp statistics unit slot port all Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelin...

Page 571: ...w lldp statistics Gi1 0 7 LLDP Device Statistics Last Update 0 days 00 38 16 Total Inserts 13 Total Deletes 0 Total Drops 0 Total Ageouts 0 Tx Rx TLV TLV TLV TLV TLV Interface Total Total Discards Errors Ageout Discards Unknowns MED 802 1 802 3 Gi1 0 7 2297 2298 0 0 0 0 0 0 0 10 The following table explains the fields in this example Fields Description Last Update The value of system of time the l...

Page 572: ...icated port Discards Number of LLDP frames received on the indicated port and discarded for any reason Errors Number of non valid LLDP frames received on the indicated port Ageouts Number of times a remote data entry on the indicated port has been deleted due to TTL expiration TLV Discards Number LLDP TLVs Type Length Value sets received on the indicated port and discarded for any reason by the LL...

Page 573: ...ection explains the following commands keepalive Interface Config Use the keepalive command in Interface Configuration mode to enable loop protection on an interface Use the no form of the command to return the configuration to the defaults Syntax keepalive no keepalive Default Configuration Loop protection is disabled globally by default and disabled on all interfaces by default Command Mode Inte...

Page 574: ...use The switch never sends a response to received CTP packets The switch may flood the first few CTP packets it receives until a MAC address entry is placed in the CAM The CTP protocol operates on physical Ethernet interfaces only It does not operate over Link Aggregation Groups It may be configured to operate on LAG members The CTP protocol does not operate over the out of band interface Command ...

Page 575: ...utive CTP packets addressed to and received by the local switch before the interface is error disabled Default 3 packets Default Configuration Loop protection is disabled globally by default The default period is 10 seconds The default count is 3 packets Command Mode Global Configuration mode User Guidelines Loop protect must be enabled individually on a physical interface as well as globally If o...

Page 576: ...kets it will error disable the interface console config no keepalive keepalive action Use the keepalive action command to configure the action taken when a loop is detected on an interface Use the no form of the command to return the action to the default Syntax keepalive action error disable log only no keepalive action error disable When a loop is detected the interface is disabled and a log mes...

Page 577: ...rrected in 6 4 release Example The following example configures loop protection to log detected loop conditions without error disabling the port console config interface gi1 0 1 console config if Gi1 0 1 keepalive action log show keepalive Use the show keepalive command to display the global loop protect configuration Syntax show keepalive Default Configuration There is no default configuration Co...

Page 578: ...ct status for one or all interfaces Syntax show keepalive statistics interface id all interface id Displays the statistics for the specified Ethernet Physical interface all Displays statistics for all interfaces Default Configuration There is no default configuration Command Mode Privileged Exec mode and all configuration sub modes Transmit Interval The transmission interval in seconds Retry Count...

Page 579: ...Detected Count Last Loop Action Status Gi1 0 3 Yes No Error disable Enable Field Description Port The interface identifier Keep Alive Are keepalives transmitted on this interface Yes No Loop Detected Has a loop been detected Yes No Loop Count The number of CTP packets detected Time Since Last Loop The last time a loop was detected Rx Action Action when a loop is detected Error disable Log Port Sta...

Page 580: ...loaded with the AGGREGATION ROUTER enabled firmware e g N3000_BGPvA B C D stk Commands in this Section This section explains the following commands clear vpc statistics Use the clear vpc statistics command to clear the counters for the keepalive messages transmitted and received by the MLAG switch Syntax clear vpc statistics peer keepalive peer link clear vpc statistics show vpc consistency parame...

Page 581: ... form of the command to globally disable MLAG Syntax feature vpc no feature vpc Default Configuration By default the MLAG feature is not globally enabled Command Modes Global Configuration mode User Guidelines The MLAG configuration is retained even when the feature is disabled The peer link will not be enabled if the VPC feature is not enabled MLAG role election occurs if the MLAG feature is enab...

Page 582: ...Usage Guidelines Use of the Dual Control Plane Detection Protocol is optional It provides a second layer of redundancy beyond that provided by the peer link protocol System that operate without the DCPDP protocol enabled and use static LAGs run the risk of a split brain scenario in the case of peer link failure Example console config vpc domain 1 console config vpc 1 peer keepalive enable console ...

Page 583: ... timeout values If an MLAG switch does not receive DCPDP messages from the peer for the configured timeout value it takes the decision to transition its role if required Command History Introduced in version 6 2 0 1 firmware Example console config vpc 1 peer detection interval 750 timeout 3000 peer keepalive destination Use the peer keepalive destination command to enable the Dual Control Plane De...

Page 584: ...rs is to disable the DCPDP protocol on both switches configure the new parameters on both switches and then re enable the DCPDP protocol on both switches The Dual Control Plane Detection Protocol is a UDP based protocol The administrator must configure this protocol on an IP interface with a VLAN that is not shared with any of the MLAG interfaces This can include the out of band port When enabled ...

Page 585: ... process of transitioning to the primary role if standby Use the no form of the command to disable the peer keepalive protocol Syntax peer keepalive enable no peer keepalive enable Default Configuration The peer keepalive protocol is disabled by default Command Modes MLAG Domain Configuration mode User Guidelines MLAG will not become operational until the peer keepalive protocol detects a peer and...

Page 586: ... fails This occurs when either switch cannot contact the peer through the peer keepalive protocol and the DCPDP protocol The secondary switch transitions to a primary role which results in two primary switches Both primaries continue forwarding traffic Each primary also processes control traffic and sends LACP and BPDU packets with a unique source MAC address the system MAC of the local switch The...

Page 587: ...ecision to transition its role if required The keepalive state machine is not restarted if keepalive priority is modified post election Command History Introduced in version 6 2 0 1 firmware Example console config vpc 1 peer keepalive timeout 10 role priority Use the role priority command to configure the priority value used on a switch for primary secondary role selection The primary switch is re...

Page 588: ...are not preemptive The keepalive role selection state machine is not restarted even if the keepalive priority is modified post election This means that priority value changes in a running MLAG domain do not affect the selection of the primary and secondary switches In order for changes to take effect disable the VPC with the no feature vpc command and re enable it Example console config vpc 1 role...

Page 589: ...ort channel Po1 Self member ports Status Gi1 0 2 Up Gi1 0 6 Down show vpc brief Use the show vpc brief command to display the MLAG global status The command displays the current MLAG operational mode as well as the peerlink and keepalive status is also displayed The number of configured and operational MLAGs along with the system MAC and role are also displayed Syntax show vpc brief Default Config...

Page 590: ...nectivity is lost The Keepalive admin status field shows the status of the peer link protocol The VPC operational status shows the overall MLAG status The Peer detection admin status field shows the status of the DCPDP protocol Example console show vpc brief VPC domain id is not configured console show vpc brief VPC Domain ID 2 VPC admin status Disabled Keepalive admin status Disabled VPC operatio...

Page 591: ...red Vlans 1 10 11 12 13 14 15 16 17 VPC Interface State Active show vpc consistency parameters Use the show vpc consistency parameters on both MLAG peers to display MLAG related configuration information in a format suitable for comparison with the other MLAG peer Syntax show vpc consistency parameters global interface port channel number port channel number A valid port channel identifier Default...

Page 592: ...g Time 300 seconds VPC System MAC Address AA BB CC DD EE FF VPC System Priority 32767 VPC System MAC Address 00 1E C9 DE A2 08 VPC System Priority 32767 VPC Domain ID 1 MST VLAN Configuration Instance Associated VLANs 1 7 8 10 20 2 4 5 40 50 4 30 32 34 38 RSTP PV Configuration Direct Rapid Convergence Enabled Disabled DRC Update Rate 0 32000 per second Indirect Rapid Convergence Enabled Disabled V...

Page 593: ...nnel Type Static Configured VLANs 4 5 7 8 MTU 1518 Active Port Speed Duplex Gi1 0 1 100 Full Gi1 0 2 100 Full MST VLAN Configuration Instance Associated VLANS 1 7 8 2 4 5 RSTP PV Configuration STP Port Priority 0 240 VLAN Port Priority Cost ID 0 240 Auto 1 200000000 show vpc consistency features Use the show vpc consistency parameters on both MLAG peers to display MLAG related configuration inform...

Page 594: ... vpc peer keepalive command to display the peer MLAG switch s IP address used by the Dual Control Plane Detection Protocol The port used for the Dual Control Plane Detection Protocol is shown as well as if peer detection is enabled or not If enabled the detection status is displayed Syntax show vpc peer keepalive Default Configuration There is no default configuration for this command Command Mode...

Page 595: ...ole command to display information about the keepalive status and parameters The role of the MLAG switch as well as the system MAC and priority are displayed Syntax show vpc role Default Configuration There is no default configuration for this command Command Modes Privileged Exec mode and above User Guidelines A VPC domain ID must be configured for this command to display the VPC role Example con...

Page 596: ...ystem priority 32767 Role Secondary Local System MAC 00 10 18 82 1b ab show vpc statistics Use the show vpc statistics command to display the counters for the keepalive messages transmitted and received by the MLAG switch Syntax show vpc statistics peer keepalive peer link Default Configuration There is no default configuration for this command Command Modes Privileged Exec mode and above User Gui...

Page 597: ...eceived from peer 143 Peer link BPDU s Rx error 1 Peer link LACPDU s transmitted to peer 123 Peer link LACPDU s Tx error 9 Peer link LACPDU s received from peer 143 Peer link LACPDU s Rx error 1 console show vpc statistics peer link Peer link control messages transmitted 24 Peer link control messages Tx errors 0 Peer link control messages Tx timeout 0 Peer link control messages ACK transmitted 23 ...

Page 598: ...at and is not equal to the physical MAC address of either the primary VPC or secondary VPC device The configured VPC domain MAC address is exchanged during role election and if configured differently on the peer devices VPC does not become operational The configured domain MAC address is present in the LACP PDUs and STP BPDUs that are sent on VPC member ports if VPC primary device election takes p...

Page 599: ...main mode User Guidelines The system priority must be configured identically on all VPC peers If the configured VPC system priority is different on any VPC peer the VPC will not come up The system priority is present in the LACP PDUs that are sent out on VPC member ports When the VPC system priority is configured after a VPC primary device is elected the already agreed operational VPC system prior...

Page 600: ...nging to an MLAG instance are connected to switch or switches which consider the links to be members of a single LAG This configuration must be present on both the primary and secondary switches The port channel number and VPC number can be different from each other but the mapping must be the same on the primary and secondary MLAG peers i e the port channel number must map to the same VPC number ...

Page 601: ...ain Syntax vpc domain domain id domain id The MLAG domain instance The range is 1 255 Default Configuration By default no MLAG domains are configured Command Modes Global Configuration mode User Guidelines Only one MLAG domain per MLAG is supported This command creates a VPC domain with the specified domain id and enters into the VPC domain configuration mode Only one VPC domain can be created on ...

Page 602: ...G peer link for a domain and enables the peer link protocol Use the no form of the command to remove the peer link configuration from an MLAG domain and disable the peer link protocol Syntax vpc peer link no vpc peer link Default Configuration There are no peer links configured by default Command Modes Port channel configuration mode User Guidelines This configuration must the present on both the ...

Page 603: ...nds 603 console config if Po1 spanning tree disable console config if Po1 switchport mode trunk console config if Po1 switchport trunk allowed vlan 1 99 101 4093 console config if Po1 vpc peer link console config if Po1 exit ...

Page 604: ...essages only for groups configured statically All other groups are managed by IGMP snooping There are two types of MVR ports source and receiver Source port is the port to which the multicast traffic is flowing using the multicast VLAN Receiver port is the port where a listening host is connected to the switch It can utilize any or no VLAN except the multicast VLAN This implies that the MVR switch...

Page 605: ...onfiguration The default value is Disabled Command Mode Global Configuration Interface Configuration User Guidelines MVR can only be configured on physical interfaces mvr group Use the mvr group command in Global Configuration mode to add an MVR membership group Use the no form of the command to remove an MVR membership group mvr mvr type mvr group mvr vlan group mvr mode show mvr mvr querytime sh...

Page 606: ...Global Configuration User Guidelines The following table lists the completion messages Example console config mvr console config mvr group 239 0 1 0 31 console config mvr vlan 10 mvr mode Use the mvr mode command in Global Configuration mode to change the MVR mode type Use the no form of the command to set the mode type to the default value Syntax mvr mode compatible dynamic Message Type Message D...

Page 607: ...ytime command in Global Configuration mode to set the MVR query response time The query time is the maximum time to wait for an IGMP membership report on a receiver port before removing the port from the multicast group after receiving a leave message The query time only applies to receiver ports and is specified in tenths of a second Use the no form of the command to set the MVR query response ti...

Page 608: ...vlan command in Global Configuration mode to set the MVR multicast VLAN Use the no form of the command to set the MVR multicast VLAN to the default value Syntax mvr vlan vlan id no mvr vlan vlan id Specifies the port on which multicast data is expected to be received Source ports should belong to this VLAN Default Configuration The default value is 1 Command Mode Global Configuration User Guidelin...

Page 609: ... enabled a receiver port will leave a group on receipt of a leave message Without immediate leave upon receipt of a leave message the port sends an IGMP query and waits for an IGMP membership report Example console config interface Gi1 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver console config if Gi1 0 1 mvr imme...

Page 610: ...ports are ports over which multicast data is received or sent Default Configuration The default value is None Command Mode Interface Configuration User Guidelines The following table lists the completion messages Example console config mvr console config mvr group 239 1 1 1 console config vlan 99 console config vlan99 exit console config interface Gi1 0 1 console config if Gi1 0 1 switchport acces...

Page 611: ...move the port participation from the specific MVR group Syntax mvr vlan vlan id group A B C D no mvr vlan vlan id group A B C D vlan id The VLAN over which multicast data from the specified group is to be received A B C D The multicast group for which multicast data is to be received over the specified VLAN Default Configuration This command has no default configuration Command Mode Interface Conf...

Page 612: ...1 1 1 show mvr Use the show mvr command to display global MVR settings Syntax show mvr Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines The following table lists the completion messages The following table explains the output parameters Message Type Message Description Successful Co...

Page 613: ...lid multicast address in IPv4 dotted notation Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines The following table lists the completion messages MVR Max Multicast Groups The maximum number of multicast groups that is supported by MVR MVR Current Multicast groups The current number o...

Page 614: ...play the MVR enabled interfaces configuration Syntax show mvr interface interface id members vlan vlan id interface id Identifies a specific interface vlan id VLAN identifier Default Configuration This command has no default configuration Message Type Message Description Successful Completion Message None Error Completion Message MVR disabled Parameter Description MVR Group IP MVR group multicast ...

Page 615: ... RECEIVER Status ACTIVE Immediate Leave DISABLED console show mvr interface gi1 0 23 members 235 0 0 1 STATIC ACTIVE Message Type Message Description Successful Completion Message None Error Completion Message MVR disabled Parameter Description Port Interface number Type The MVR port type It can be None Receiver or Source type Status The interface status It consists of two characteristics 1 active...

Page 616: ... Guidelines The following table lists the completion messages Examples The following table explains the output parameters Message Type Message Description Successful Completion Message None Error Completion Message MVR disabled Parameter Description IGMP Query Received Number of received IGMP Queries IGMP Report V1 Received Number of received IGMP Reports V1 IGMP Report V2 Received Number of recei...

Page 617: ...eport V2 Transmitted 3 IGMP Leave Transmitted 1 IGMP Packet Receive Failures 0 IGMP Packet Transmit Failures 0 IGMP Report V2 Transmitted Number of transmitted IGMP Reports V2 IGMP Leave Transmitted Number of transmitted IGMP Leaves IGMP Packet Receive Failures Number of failures on receiving the IGMP packets IGMP Packet Transmit Failures Number of failures on transmitting the IGMP packets Paramet...

Page 618: ...ting This allows operators to aggregate links that use auto negotiation to set values for speed and duplex or to aggregate ports with SFP technology operating at a lower speeds e g 1G Dissimilar ports will not become active in the LAG if their operational settings do not match those of the first member of the LAG In practice some ports in a LAG may auto negotiate a different operational speed than...

Page 619: ...nning Link Aggregation Control Protocol LACP to be able to aggregate it s member ports Care must be taken while enabling this type of configuration If the Partner System is not 802 3AD compliant or the Link Aggregation Control protocol is not enabled there may be network instability Network instability occurs when one side assumes that the members in an aggregation are one single link while the ot...

Page 620: ...hieved by aggregating multiple ports in one logical group A common problem of port channels is the possibility of changing packets order in a particular TCP session The resolution of this problem is correct selection of an Ethernet port within the port channel for transmitting the packet to keep the original packet order The hashing algorithm is configurable for each LAG Typically an administrator...

Page 621: ...es MODULO N operation based on the number of ports in the LAG Packet attributes selection based on the packet type For L2 packets Source and Destination MAC address are used for hash computation For IP packets Source IP Destination IP address TCP UDP ports are used Non Unicast traffic and Unicast traffic is hashed using a common hash algorithm Excellent load balancing performance Enhanced LAG hash...

Page 622: ...oup command in Interface Ethernet Configuration mode to associate a port with a port channel To remove the channel group configuration from the interface use the no form of this command Syntax channel group port channel number mode on active no channel group port channel number Number of a valid port channel with which to associate the current interface on Forces the port to join a channel without...

Page 623: ...rnet 1 0 5 console config if Gi1 0 5 channel group 1 mode on The following example shows how port gi1 0 6 is configured to port channel 2 with LACP dynamic LAG console config interface gigabitethernet 1 0 6 console config if Gi1 0 6 channel group 2 mode active interface port channel Use the interface port channel command in Global Configuration mode to enter port channel configuration mode Syntax ...

Page 624: ...nel port channel range all port channel range List of port channels to configure Separate non consecutive port channels with a comma and no spaces A hyphen designates a range of port channels Range valid port channel all All the channel ports Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands in the interface range contex...

Page 625: ... and port ID 2 Destination MAC VLAN EtherType source module and port ID 3 Source IP and source TCP UDP port 4 Destination IP and destination TCP UDP port 5 Source destination MAC VLAN EtherType and source MODID port 6 Source destination IP and source destination TCP UDP port 7 Enhanced hashing mode This mode is not available on Dell EMC Networking N1100 ON N1500 Series switches Default Configurati...

Page 626: ... to configure the priority value for physical ports To reset to default priority value use the no form of this command Syntax lacp port priority value no lacp port priority value Port priority value Range 1 65535 Default Configuration The default port priority value is 1 Command Mode Interface Configuration Ethernet mode Interface Range mode User Guidelines Per IEEE 802 1AX 2008 Section 5 6 ports ...

Page 627: ...ns the group and any subsequent changes to the set of active links are made according to the above algorithm Example The following example configures the priority value for port 1 0 8 to 247 console config interface gigabitethernet 1 0 8 console config if Gi1 0 8 lacp port priority 247 lacp system priority Use the lacp system priority command in Global Configuration mode to configure the Link Aggr...

Page 628: ...and link aggregation partner the switch with the numerically lower value of system priority has the higher priority The selection algorithm is reapplied upon changes in the membership of the port channel for example if a link fails or if a new link joins the group and any subsequent changes to the set of active links are made according to the above algorithm Example The following example configure...

Page 629: ..._Timeout setting in IEEE Std 802 1AX 2008 Example The following example assigns an administrative LACP timeout for port Gi1 0 8 to a long timeout value console config interface gigabitethernet 1 0 8 console config if Gi1 0 8 lacp timeout long port channel local preference Use the port channel local preference command in Interface Configuration mode to enable the local preference mode on a port cha...

Page 630: ...ufficient egress bandwidth is available in the LAG links on every stack member to avoid excessive discards By default the local preference mode for a port channel is disabled This command can be used only on port channel interfaces Example console config interface port channel 1 console config if Po1 port channel local preference console config if Po1 no port channel local preference Command Histo...

Page 631: ...if Po1 port channel min links 3 console config if Po1 no port channel min links show interfaces port channel Use the show interfaces port channel command to show port channel information Syntax show interfaces port channel port channel number Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Gu...

Page 632: ...ashing mode show lacp Use this command to display LACP information for Ethernet ports Syntax show lacp gigabitethernet unit slot port tengigabitethernet unit slot port fortygigabitethernet unit slot port parameters statistics Parameter Description Channel Number of the port channel to show This parameter is optional If the port channel number is not given all the channel groups are displayed Range...

Page 633: ...acp gi1 0 1 port Gi1 0 1 LACP parameters Actor system priority 1 port Admin key 0 port oper key 1 port oper priority 1 port oper timeout LONG port Admin timeout LONG LACP Activity ACTIVE Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE Partner port Admin key 0 port oper key 0 port Admin priority 0 port oper priority 0 port Oper timeout LONG LACP Acti...

Page 634: ...has no user guidelines Example The following example shows statistics about port channel 1 console show statistics port channel 1 Total Packets Received Octets 0 Packets Received 64 Octets 0 Packets Received 65 127 Octets 0 Packets Received 128 255 Octets 0 Packets Received 256 511 Octets 0 Packets Received 512 1023 Octets 0 Packets Received 1024 1518 Octets 0 Packets Received 1518 Octets 0 Packet...

Page 635: ... Packets Transmitted Octets 0 Packets Transmitted 64 Octets 0 Packets Transmitted 65 127 Octets 0 Packets Transmitted 128 255 Octets 0 Packets Transmitted 256 511 Octets 0 Packets Transmitted 512 1023 Octets 0 Packets Transmitted 1024 1518 Octets 0 Packets Transmitted 1518 Octets 0 Max Frame Size 1518 Total Packets Transmitted Successfully 0 Unicast Packets Transmitted 0 Multicast Packets Transmit...

Page 636: ...Commands 636 GVRP PDUs Transmitted 0 GVRP Failed Registrations 0 GMRP PDUs Received 0 GMRP PDUs Transmitted 0 GMRP Failed Registrations 0 BPDUs Sent 0 Received 0 Time since counters last cleared 0 day 6 hr 19 min 42 sec ...

Page 637: ...attached to destination ports to analyze the traffic patterns of source ports A session is operationally active only if both a destination port and at least one source port are configured If neither is true the session is inactive A port configured as a destination port acts as a mirroring port when the session is operationally active If it is not the port acts as a normal port and participates in...

Page 638: ...al Configuration Use the monitor capture command to capture packets transmitted or received from the CPU This facility captures switch control plane traffic and is useful in monitoring network control traffic and analyzing network security No monitor capture file size returns the capture file size to the defaults No monitor capture remote port returns the TCP port to the default Syntax monitor cap...

Page 639: ...reShark See the Users Configuration Guide for an example of how to configure WireShark for packet capture Changes to configuration take effect on the next execution of the monitor capture start command Only one of file remote or line may be specified Setting the file remote or line stops the capture No monitor capture file size returns the capture file size to the defaults No monitor capture remot...

Page 640: ...rded to the switch CPU All Capture both transmitted and received packets Default Configuration Capture is not enabled by default By default both transmitted and received packets are captured Command Modes Privileged Exec mode User Guidelines In general starting packet capture erases the previous capture buffer contents Example console monitor capture start all monitor capture mode Use the monitor ...

Page 641: ... displayed on the console using the show monitor capture packets command Captured packets can be displayed when actively capturing or when stopped When a capture session is active it is possible to display only the captured packets which were not previously displayed as the show command empties the capture buffer When a capture session is stopped it is possible to display all saved packets as ofte...

Page 642: ...rogress the packets display continues until all saved packets are shown and then the buffer is cleared The next invocation of the show capture packets command will not display any packets Please note that this behavior is observed only if the capturing session is stopped automatically when the packet displaying is in progress The in memory capture can also be configured to wrap This makes it possi...

Page 643: ...ackets command displays up to 128 captured packets If the capturing session is stopped automatically when the packet display is in progress then packet display continues until all packets are shown The next call of the show capture packets command displays nothing Please note that such behavior is observed only if the capturing session is stopped automatically when the packet display is in progres...

Page 644: ...onnection to Wireshark has been established captured CPU packets are written to the data socket Wireshark receives the packets and processes them locally This continues until the session is terminated by either end The following Wireshark request packets are supported Request to list all the remote interfaces Request to open a remote device Request to start a capture on a remote device Request to ...

Page 645: ...span vlan id no monitor session session_number destination interface interface id remove rspan tag remote vlan rspan vlan id no monitor session session_number filter ip access group acl name acl number mac access group acl name no monitor session session_number mode session number Session identification number Range 1 4 interface interface id Ethernet interface Range Any valid Ethernet Port CPU in...

Page 646: ...tination interface to specify the interface to receive the monitored traffic Use the mode parameter to enabled the administrative mode of the session If enabled the destination probe port monitors all the traffic received and transmitted on the physical monitored port The probe port should not be connected to a network Connect it to a monitoring tool or a standalone static IP address workstation r...

Page 647: ...CP of 0 On ingress the port mirroring logic stage is after the VLAN tag processing stage in the hardware This means that on ingress packets may not appear as they do on the wire if processing such as VLAN or CoS value rewriting is programmed or DVLAN tunneling is enabled on the source interface Examples of ingress VLAN tag processing are DVLAN tunneling QinQ or VLAN rewriting Likewise on egress th...

Page 648: ...nitored in the ingress direction only Careful consideration to placement of source mirroring sessions will allow bidirectional traffic to be monitored Another alternative is to use port mirroring and a VLAN ACL filter if duplicate packets are received on the probe device The reflector port must be configured as the only member of the RSPAN VLAN on the source switch Multiple source interfaces may m...

Page 649: ...the reflector port is not supported Configuring a second session on a source switch that mirrors an RSPAN source port to a local probe port is supported VLAN mirroring is not recommended for RSPAN if sources on multiple switches are members of the VLAN This is because as stations communicate with each other over the mirrored VLAN duplicate packets will be sent to the probe once for the source port...

Page 650: ...nly be configured on interface Te1 0 1 console config vlan 723 console config vlan723 remote span console config vlan723 exit console config interface Te1 0 1 console config if Te1 0 1 switchport mode trunk console config if Te1 0 10 exit console config monitor session 1 source remote vlan 723 console config monitor session 1 destination interface gi1 0 10 console config monitor session 1 mode con...

Page 651: ...s are disabled on RSPAN VLANs VLANs on transit switches must be configured as remote span VLANs in order to ensure delivery of all mirrored packets Remote span VLANs configured on transit switches may co exist with other non remote span VLANs on trunk ports Do not configure the RSPAN VLAN as a member of spanning tree RSTP PV or MST Example console vlan 10 console config vlan10 remote span show mon...

Page 652: ...00 00 24 00 01 fe 80 00 00 00 00 0020 00 00 00 00 88 ff fe 2f 8e 82 ff 02 00 00 00 00 0030 00 00 00 00 00 00 00 00 00 01 3a 00 05 02 00 00 0040 01 00 82 00 43 62 27 10 00 00 00 00 00 00 00 00 0050 00 00 00 00 00 00 00 00 00 00 ff ff 00 00 Gi1 0 1 Length 94 RECEIVE 02 29 24 0000 0000 33 33 00 00 00 01 00 11 88 2f 8e 82 81 00 00 01 0010 86 dd 60 00 00 00 00 24 00 01 fe 80 00 00 00 00 0020 00 00 00 0...

Page 653: ...00 00 00 00 00 01 3a 00 05 02 00 00 0040 01 00 82 00 43 62 27 10 00 00 00 00 00 00 00 00 0050 00 00 00 00 00 00 00 00 00 00 ff ff 00 00 show monitor session Use the show monitor session command to display status of port monitoring VLAN based mirroring Flow based mirroring and mirroring across RSPAN Syntax show monitor session session_number detail session _number Session identification number deta...

Page 654: ...de Disabled Type Local session Source ports Rx only None Tx only None Both Te1 0 10 Source VLANs Rx only None Source RSPAN VLAN None Destination ports Te2 0 20 Destination RSPAN VLAN None IP access group a1 MAC access group None The following example shows the detailed status of a VLAN session on source switch where session is span across multiple switches console show monitor session 1 detail Ses...

Page 655: ...Only None Source RSPAN VLAN 999 Destination Ports Gi1 0 15 Dest RSPAN VLAN None show vlan remote span Use this command to display the RSPAN VLAN IDs Syntax show vlan remote span Default Configuration This command has no default configuration Command Modes User Exec Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Exam...

Page 656: ...Layer 2 Switching Commands 656 10 ...

Page 657: ... requirements from those that are more tolerant of delay Packets with strict timing requirements are given special treatment in a QoS capable network To accomplish this all elements of the network must be QoS capable If one node is unable to meet the necessary timing requirements this creates a deficiency in the network path and the performance of the entire packet flow is compromised Access Contr...

Page 658: ...L feature supports extended IP access lists These lists check the Layer 3 portion of a packet looking specifically at information contained in the IP header and in certain cases the TCP or UDP header An EtherType of 0x0800 is assumed in the case of IP access lists Permit and deny actions are supported for each ACL rule Standard layer 3 4 ACLs can be classified based on the source IP address and ne...

Page 659: ...nd untrusted ports A trusted port is one that takes at face value a certain priority designation within arriving packets Specifically a port may be configured to trust one of the following packet fields IEEE 802 1p User Priority IP Precedence IP DSCP Packets arriving at the port ingress are inspected and their trusted field value is used to designate the COS queue that the packet is placed when fo...

Page 660: ...apply a distinguished service to traffic based on a number of criteria The distinguished service can meter traffic and apply per hop behavior based upon the bandwidth utilization and burstiness of traffic In addition preferential drop characteristics can be configured in support of an assured forwarding capability such that TCP clients are informed if they exceed the switch buffering limits Comman...

Page 661: ...he show classofservice command to display the assignment of CoS and DSCP values to internal queue numbers classofservice trust match dstip6 police simple show diffserv service brief conform color match dstl4port police single rate show interfaces cos queue cos queue min bandwidth match ethertype police two rate show interfaces random detect cos queue random detect match ip6flowlbl policy map show ...

Page 662: ...s classname no class classname Specifies the name of an existing DiffServ class Range 1 31 characters Default Configuration This command has no default configuration Command Mode Policy Map Configuration mode User Guidelines This command causes the specified policy to create a reference to the class definition The command mode is changed to Policy Class Map Configuration when this command is execu...

Page 663: ... DiffServ class Default Configuration The class map defaults to IPv4 Command Mode Global Configuration mode User Guidelines The match all parameter indicates that all of the match criteria configured in the class map must be met for the packet to be processed by the class map Example The following example creates a class map named DELL which requires all ACE s to be matched console config class ma...

Page 664: ...me DELL DELL1 console config classofservice dot1p mapping Use the classofservice dot1p mapping command in Global Configuration mode to map an IEEE 802 1p user priority to an internal traffic class In Interface Configuration mode the mapping is applied only to packets received on that interface Use the no form of the command to remove mapping between an 802 1p priority and an internal traffic class...

Page 665: ...lassofservice trust dot1p packets received on any interface marked with IEEE 802 1p priority 1 will be assigned to internal CoS queue 2 console config classofservice dot1p mapping 1 2 classofservice ip dscp mapping Use the classofservice ip dscp mapping command in Global Configuration mode to map an IP DSCP value to an internal traffic class Use the no form of the command to return the classofserv...

Page 666: ...fic class Range 0 63 or an IP DSCP keyword af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef trafficclass Specifies the traffic class for this value mapping Range 0 6 Default Configuration The default DSCP mapping is as follows IP DSCP Traffic Class queue id 0 be cs0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 cs1 0 9 0 10 af11 0 11 0 12 af12 0 13 0 14 af13 0 15...

Page 667: ... 16 cs2 0 17 0 18 af21 0 19 0 20 af22 0 21 0 22 af23 0 23 0 24 cs3 1 25 1 26 af31 1 27 1 28 af32 1 29 1 30 af33 1 31 1 32 cs4 2 33 2 34 af41 2 35 2 36 af42 2 37 2 38 af43 2 39 2 40 cs5 2 41 2 42 2 43 2 IP DSCP Traffic Class queue id ...

Page 668: ... but not both Setting the trust mode does not affect ACL packet matching e g it is still possible to use an ACL that matches on a received CoS value and assigns the packet to a queue even when DSCP is trusted 44 2 45 2 46 ef 2 47 2 48 cs6 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 56 cs7 3 57 3 58 3 59 3 60 3 61 3 62 3 63 3 IP DSCP Traffic Class queue id ...

Page 669: ...class of service trust mode of an interface To set the interface mode to trust 802 1p markings use the no form of this command Syntax classofservice trust dot1p untrusted ip dscp no classofservice trust dot1p Specifies that the mode be set to trust IEEE 802 1p packet markings untrusted Sets the Class of Service Trust Mode to Untrusted ip dscp Specifies that the mode be set to trust IP DSCP packet ...

Page 670: ...nd has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command must be preceded by a police command If the conform color command is not entered the police algorithm uses the color blind version meaning in the incoming color is ignored The conform color command can be used with any of the three police algorithms In the simple algorithm only the conform...

Page 671: ...green prior to metering After metering non conforming packets are colored red Both green and red packets are transmitted but may be subject to further color based action on egress The example configuration below also shows the configuration of WRED drop thresholds and probabilities for colored traffic console config class map match all class ipv4 ipv4 console config classmap match any console conf...

Page 672: ...ndwidth guarantee Command Mode Global Configuration mode or Interface Configuration gigabitethernet port channel tengigabitethernet fortygigabitethernet mode User Guidelines This command changes the scheduling policy for packet transmission of the selected CoS queues It does not change the packet buffering policy nor does it reserve packet buffers to a CoS queue The maximum number of queues suppor...

Page 673: ...idth guarantee for cos queues 0 through 6 as follows Cos Queue 0 5 scheduler capacity CoS Queue 1 5 scheduler capacity CoS Queue 2 10 scheduler capacity CoS Queue 3 10 scheduler capacity CoS Queue 4 7 Shared scheduler capacity console config cos queue min bandwidth 5 5 10 10 0 0 0 cos queue random detect Use the cos queue random detect command in Global Configuration or Interface Configuration mod...

Page 674: ...minimum scheduler bandwidth percentage guarantee for the CoS queues Use the show interfaces random detect command to display the WRED configuration including ECN configuration Use the policy map and conform color commands to mark traffic with a color other than default green color The drop probability scale supports values in the range 0 10 and the discrete values 25 50 75 and 100 Other values are...

Page 675: ...on with a drop probability of 1 2 and 3 respectively In this configuration non TCP traffic uses tail drop queue discipline with a drop threshold at 100 of the statically calculated port queue length vs the dynamically calculated value used by the normal tail drop mechanism approx 1 2 remaining free packet buffer memory console config cos queue random detect 0 console config random detect queue par...

Page 676: ...net fortygigabitethernet mode User Guidelines Strict priority SP queues are scheduled in priority order ahead of WRR queues Strict priority queues are allocated unlimited bandwidth by default Configuring the min bandwidth on a CoS queue also configured for strict priority wastes the scheduler slots Use the cos queue min bandwidth command on lower priority SP and WRR queues to ensure fairness to lo...

Page 677: ...onfig cos queue strict 1 2 4 console config cos queue min bandwidth 5 0 0 10 0 10 10 diffserv Use the diffserv command in Global Configuration mode to set the DiffServ operational mode to active While disabled the DiffServ configuration is retained and can be changed but it is not operational When enabled DiffServ services are operational on queues configured for WRED To set the DiffServ operation...

Page 678: ...s no default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to specify that matching packets are to be dropped at ingress console config policy classmap drop mark cos Use the mark cos command in Policy Class Map Configuration mode to mark all packets for the associated traffic stream with...

Page 679: ...ue and it s mapping onto an internal CoS queue Frames may be remarked using either an in or an out policy map Changing the CoS value in the VLAN tag of a frame does not alter the internal CoS assigned to the packet it only rewrites the CoS value in the Ethernet frame header Example The following example displays how to mark all packets with a CoS value console config policy classmap mark cos 7 mar...

Page 680: ...to an internal CoS queue IP packets may be remarked using either an in or an out policy map Changing the IP DSCP value in the ToS value of an IP packet does not alter the internal CoS assigned to the packet it only rewrites the ToS value in the IP packet header Example The following example displays how to mark all packets with an IP DSCP value of cs4 console config policy classmap mark ip dscp cs...

Page 681: ...ewrites the ToS value in the IP packet header Example The following example displays console config policy map p1 in console config policy map class c1 console config policy classmap mark ip precedence 2 console config policy classmap match class map Use the match class map command to add to the specified class definition the set of match conditions defined for another class Use the no form of thi...

Page 682: ...mplete reference class chain including both predecessor and successor classes must not exceed a platform specific maximum In some cases each removal of a refclass rule reduces the maximum number of available rules in the class definition by one Example The following example adds match conditions defined for the Dell class to the class currently being configured console config classmap match class ...

Page 683: ...match destination address mac Use the match destination address mac command in Class Map Configuration mode to add a match condition based on the destination MAC address of a packet NOTE This command is not available on the N1500 Series switches Syntax match destination address mac macaddr macmask macaddr Specifies any valid layer 2 MAC address formatted as six two digit hexadecimal numbers separa...

Page 684: ...1 06 FF FF FF EF EE EE match dstip Use the match dstip command in Class Map Configuration mode to add a match condition based on the destination IP address of a packet NOTE This command is not available on the N1500 Series switches Syntax match dstip ipaddr ipmask ipaddr Specifies a valid IP address ipmask Specifies a valid IP address bit mask Note that even though this parameter is similar to a s...

Page 685: ...ased on the destination IPv6 address of a packet NOTE This command is not available on the N1500 Series switches Syntax match dstip6 destination ipv6 prefix prefix length destination ipv6 prefix IPv6 prefix in IPv6 global address format prefix length IPv6 prefix length value Default Configuration There is no default configuration for this command Command Mode Ipv6 Class Map Configuration mode User...

Page 686: ...alues are domain echo ftp ftpdata http smtp snmp telnet tftp and www port number Specifies a layer 4 port number Range 0 65535 Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays adding a match condition based on the destination layer 4 port of a packet u...

Page 687: ...de User Guidelines This command has no user guidelines Example The following example displays how to add a match condition based on ethertype console config classmap match ethertype arp match ip6flowlbl The match ip6flowlbl command adds to the specified class definition a match condition based on the IPv6 flow label of a packet NOTE This command is not available on the N1500 Series switches Syntax...

Page 688: ... on the value of the IP DiffServ Code Point DSCP field in a packet NOTE This command is not available on the N1500 Series switches Syntax match ip dscp dscpval dscpval Specifies an integer value or a keyword value for the DSCP field Integer Range 0 63 Keyword Values af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default Configuration This command ...

Page 689: ...p precedence command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP precedence field NOTE This command is not available on the N1500 Series switches Syntax match ip precedence precedence precedence Specifies the precedence field in a packet This field is the high order three bits of the Service Type octet in the IP header Int...

Page 690: ...ght bits of the Service Type octet in the IP header NOTE This command is not available on the N1500 Series switches Syntax match ip tos tosbits tosmask tosbits Specifies a two digit hexadecimal number Range 00 ff tosmask Specifies the bit positions in the tosbits parameter that are used for comparison against the IP TOS field in a packet This value of this parameter is expressed as a two digit hex...

Page 691: ...ation mode to add to the specified class definition a match condition based on the value of the IP Protocol field in a packet using a single keyword notation or a numeric value notation NOTE This command is not available on the N1500 Series switches Syntax match protocol protocol name protocol number protocol name Specifies one of the supported protocol name keywords The supported values are icmp ...

Page 692: ...mac address macmask macaddr Specifies any valid layer 2 MAC address formatted as six two digit hexadecimal numbers separated by colons macmask Specifies a layer 2 MAC address bit mask formatted as six two digit hexadecimal numbers separated by colons This bit mask does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mod...

Page 693: ...ubnet mask it does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines Only one srcip matching criteria can be specified To remove the matching criteria delete the class map Example The following example displays adding a match condition for the specified IP address and address bit mask console config c...

Page 694: ...the match srcl4port command in Class Map Configuration mode to add to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword or a numeric notation NOTE This command is not available on the N1500 Series switches Syntax match srcl4port portkey port number portkey Specifies one of the supported port name keywords A match condition is speci...

Page 695: ...ation mode to add to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field This field is the only tag in a single tagged packet or the first or outer tag of a double VLAN packet NOTE This command is not available on the N1500 Series switches Syntax match vlan vlan id vlan id Specifies a VLAN ID as an integer Range 1 4093 Default Configuration This...

Page 696: ...ecifies the Ethernet port to which data needs to be copied Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines The port identified in this command is identical to the destination port of the monitor command Example The following example displays how to copy all the data to port Gi1 0 5 console config policy classmap mirro...

Page 697: ...p prec and transmit Range 0 7 set dscp transmit dscp val Remark the DSCP in the packet to dscp val and transmit Range 0 63 set cos transmit 802 1p priority Remark the 802 1p priority in the packet to 802 1p priority and transmit Range 0 7 transmit Transmit the packet unmodified The same actions are available for packets that violate the policing rule violate action Configures the action taken for ...

Page 698: ...e that rate are dropped The transmitted packets are colored green should the operator desire to configure a WRED drop policy console config policy classmap police simple 1000 64 conform action transmit violate action drop police single rate Use the police single rate command to implement a single rate Three Color Market srTCM per RFC 2697 NOTE This command is not available on the N1500 Series swit...

Page 699: ... and the PBS yellow if it exceeds the CBS but not the PBS and green if it exceeds neither An srTCM is useful in situations where only the length of the burst but not the peak rate determines the service assignment The CIR is measured in Kbps the CBS in Kbytes and the PBS in Kbytes It is recommended that the CBS and PBS be configured to be larger than the largest expected IP packet A class command ...

Page 700: ...olor Select one of drop Drop the packet set prec transmit ip prec Remark the IP precedence in the packet to ip prec and transmit Range 0 7 set dscp transmit dscp val Remark the DSCP in the packet to dscp val and transmit Range 0 63 set cos transmit 802 1p priority Remark the 802 1p priority in the packet to 802 1p priority and transmit Range 0 7 transmit Transmit the packet unmodified Default Conf...

Page 701: ...onform action set cos transmit 7 exceed action set prec transmit 7 violate action drop policy map Use the policy map command in Global Configuration mode to establish a new DiffServ policy or to enter policy map configuration mode To remove the policy use the no form of this command NOTE This command is not available on the N1500 Series switches Syntax policy map policyname in out no policy map po...

Page 702: ...e config policy classmap random detect queue parms Use the random detect queue parms command to configure the WRED green yellow and red TCP and non TCP packet minimum and maximum drop thresholds and corresponding drop probabilities on an interface or globally NOTE On the N1500 Series switches enable Simple RED since the hardware is not capable of Weighted Red Syntax random detect queue parms queue...

Page 703: ...d drop prob scale The maximum drop probability Range 0 100 This is the drop probability for a packet when the maximum threshold is reached Above the maximum threshold 100 of matching packets are dropped ecn Enables ECN marking for the selected CoS queues Packets marked as ECN capable are not dropped when selected for discard by WRED Default Configuration The table below shows the default green yel...

Page 704: ...ecedence for non TCP traffic all colors Users may configure the congestion thresholds at which packets experiencing congestion are dropped randomly for each drop precedence and may also configure the probability of a packet being dropped Packets are dropped at 100 when the egress queue size exceeds the maximum value and at 0 when the queue size is below the minimum value Configuring a queue with a...

Page 705: ... minimum and maximum thresholds the drop probability is divided into eight discrete levels of increasing probability of packet drop The levels are as follows 0 6 25 of maximum drop probability 1 18 75 of maximum drop probability 2 30 25 of maximum drop probability 3 43 75 of maximum drop probability 4 56 25 of maximum drop probability 5 68 75 of maximum drop probability 6 81 25 of maximum drop pro...

Page 706: ...tch does not support configuration of the maximum threshold nor can the threshold or drop probability be configured for non TCP traffic Dell EMC Networking N1500 Series switches implements a simple Random Early Discard RED capability Only the minimum threshold min thresh and drop probability drop prob scale may be configured for the TCP colors green yellow red The maximum threshold may not be conf...

Page 707: ...available on the N1500 Series switches Syntax random detect exponential weighting constant 0 15 no random detect exponential weighting constant 0 15 The weighting constant is used to smooth the calculation of the queue size using the following formula where the 0 15 value is N Default Configuration The default value is 15 This value corresponds to maximum smoothing of the average queue size Comman...

Page 708: ...ode to specify that all incoming packets for the associated traffic stream are redirected to a specific egress interface physical port or port channel NOTE This command is not available on the N1500 Series switches Syntax redirect interface interface Specifies any valid interface Interface is Ethernet port or port channel Range po1 po32 or gi1 0 1 gi1 0 24 Default Configuration This command has no...

Page 709: ...ault Command Mode Global Configuration mode for all system interfaces Interface Configuration Ethernet Port channel mode for a specific interface User Guidelines This command applies a DiffServ policy to an interface and enables DiffServ on the interface No separate interface administrative mode command for DiffServ is available Use the policy map command to configure the DiffServ policy The servi...

Page 710: ...show class map command to display all configuration information for the specified class NOTE This command is not available on the N1500 Series switches Syntax show class map classname classname Specifies the valid name of an existing DiffServ class Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and a...

Page 711: ...tp_class Class Name stop_http_class Class Type All Class Layer3 Protocol ipv6 Match Criteria Values Source IP Address 2001 DB8 0 32 Source Layer 4 Port 80 http www show classofservice dot1p mapping Use the show classofservice dot1p mapping command to display the current IEEE 802 1p priority mapping to internal traffic classes for a specific interface Syntax show classofservice dot1p mapping gigabi...

Page 712: ...apping table of the interface is displayed If omitted the global configuration settings are displayed The following table lists the parameters in the example and gives a description of each Example The following example displays the default 802 1p traffic class mapping and user priorities console show classofservice dot1p mapping User Priority Traffic Class 0 1 1 0 2 0 3 1 4 2 5 2 6 3 7 3 Paramete...

Page 713: ...w classofservice ip dscp mapping Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show classofservice ip dscp mapping IP DSCP Traffic Class 0 be cs0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 cs1 0 9 0 10 af11 0 11 0 12 af12 0 13 0 14 af...

Page 714: ... af23 0 23 0 24 cs3 1 25 1 26 af31 1 27 1 28 af32 1 29 1 30 af33 1 31 1 32 cs4 2 33 2 34 af41 2 35 2 36 af42 2 37 2 38 af43 2 39 2 40 cs5 2 41 2 42 2 43 2 44 2 45 2 46 ef 2 47 2 48 cs6 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 56 cs7 3 57 3 58 3 59 3 60 3 61 3 62 3 63 3 ...

Page 715: ...guration submodes User Guidelines If the interface is specified the port trust mode of the interface is displayed If omitted the port trust mode for global configuration is shown Example The following example displays the current trust mode settings for the specified port console show classofservice trust gigabitethernet 1 0 2 Class of Service Trust Mode Dot1P show diffserv Use the show diffserv c...

Page 716: ...ass Table Size Current Max 5 25 Class Rule Table Size Current Max 6 150 Policy Table Size Current Max 2 64 Policy Instance Table Size Current Max 2 640 Policy Attribute Table Size Current Max 2 1920 Service Table Size Current Max 26 214 show diffserv service interface Use this command to display policy service information for the specified interface NOTE This command is not available on the N1500 ...

Page 717: ...e Gi1 0 1 Direction In No policy is attached to this interface in this direction show diffserv service brief Use the show diffserv service brief command to display all interfaces in the system to which a DiffServ policy has been attached NOTE This command is not available on the N1500 Series switches Syntax show diffserv service brief Default Configuration This command has no default configuration...

Page 718: ...iguration for the specified interface Syntax show interfaces cos queue gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port fortygigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines If the interface is spec...

Page 719: ...Shaping Rate 0 Queue Id Min Bandwidth Scheduler Type Queue Management Type 0 0 Weighted Tail Drop 1 0 Weighted Tail Drop 2 0 Weighted Tail Drop 3 0 Weighted Tail Drop 4 0 Weighted Tail Drop 5 0 Weighted Tail Drop 6 0 Weighted Tail Drop The following table lists the parameters in the examples and gives a description of each Parameter Description Interface The port of the interface If displaying the...

Page 720: ...ec mode Global Configuration mode and all Configuration submodes Queue Mgmt Type The queue depth management technique used for all queues on this interface Queue An interface supports n queues numbered 0 to n 1 The specific n value is platform dependent Internal egress queue of the interface queues 0 6 are available Minimum Bandwidth The minimum transmission bandwidth guarantee for the queue expre...

Page 721: ...nfiguration of the maximum threshold nor can the threshold or drop probability be configured for non TCP traffic Example Example 1 This example shows ECN enabled for green color packets on CoS queues 0 and 1 console show interfaces random detect Global Configuration WRED WRED WRED Queue ID Minimum Threshold Maximum Threshold Drop Probability ECN Enabled 0 40 30 20 100 100 90 80 100 10 10 10 10 1 0...

Page 722: ...d policy NOTE This command is not available on the N1500 Series switches Syntax show policy map policyname policyname Specifies the name of a valid existing DiffServ policy Range 1 31 Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example T...

Page 723: ... received by the classifier out Show outbound service policies The discarded value indicates the number of packets discarded by the policy Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the statistics ...

Page 724: ...mmand Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays a summary of policy oriented statistics information console show service policy in Oper Policy Intf Stat Name Gi1 0 1 Down DELL Gi1 0 2 Down DELL Gi1 0 3 Down DELL Gi1 0 4 Down DELL Gi1 0 5 Down DELL Gi1 0 6 Down DELL Gi...

Page 725: ...thernet fortygigabitethernet mode User Guidelines Traffic shaping also known as rate shaping has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded This command implements a true egress shaper where bursts of traffic are buffered and smoothed Shaping occurs if the average rate exceeds the configured limit or a burst exceeds 2 of the configure...

Page 726: ...is mapped to a class of service value which determines the handling of the frame Use the show interfaces detail command to display the configured priority Use the show classofservice dot1p mapping command to display the mapping of VLAN priorities to COS values Command Modes Interface physical Configuration mode User Guidelines This command has no user guidelines Example The following example confi...

Page 727: ... Multiple Spanning Tree Protocol Loop guard protects a network from forwarding loops induced by BPDU packet loss It can be configured to prevent a blocked port from transitioning to the forwarding state when the port stops receiving BPDUs for some reason such as a uni directional link failure STP BPDU Guard The STP BPDU guard allows the network administrator to enforce the STP domain borders and k...

Page 728: ... switch administratively When this feature is enabled on the switch it floods all the ports which have the BPDU flood feature enabled BPDU Storm Protection If STP BPDUs are received at a rate of 15 pps or greater for 3 consecutive seconds on a port the port will be diagnostically disabled A message of the following form is logged 188 MAY 04 09 45 23 10 10 10 10 1 DOT1S 276072720 dot1s_ih c 1587 15...

Page 729: ...eature is used only when working in RSTP or MSTP mode Example The following example restarts the protocol migration process forces the renegotiation with neighboring switches on Gi1 0 1 show spanning tree spanning tree forward time spanning tree portfast spanning tree vlan forward time show spanning tree summary spanning tree guard spanning tree portfast bpdufilter default spanning tree vlan hello...

Page 730: ...s no user guidelines Example The following example shows how to exit the MST configuration mode and save changes console config spanning tree mst configuration console config mst exit instance mst Use the instance command in MST mode to map VLANS to an MST instance Syntax instance instance id add remove vlan vlan list instance ID ID of the MST instance Range 1 4094 vlan list VLANs to be added to t...

Page 731: ...ot be defined on the switch Traffic received on VLANs not defined on the port received is dropped For interoperability purposes VLAN 4094 may be mapped to an MSTI however VLAN 4094 is reserved internally and may not be used to forward traffic Example The following example maps the entire range of VLANs to MST instances MST instance 0 is mapped to VLAN 1 by default Additionally two 10G ports have s...

Page 732: ...ority 16 console config if Te1 1 1 interface te1 1 2 console config if Te1 1 2 switchport mode trunk console config if Te1 1 2 switchport trunk allowed vlan add 200 349 console config if Te1 1 2 spanning tree mst 2 port priority 16 console config if Te1 1 2 exit name mst Use the name command in MST mode to define the region name To return to the default setting use the no form of this command Synt...

Page 733: ...x revision version no revision version Configuration revision number Range 0 65535 Default Configuration Revision number is 0 Command Mode MST mode User Guidelines When configuring the switch in MSTP mode be sure to configure the MST region name For multiple switches to become members of the same region the configuration name the configuration revision and mapping of VLANs to MSTIs must be identic...

Page 734: ...information active Displays active ports only blockedports Displays blocked ports only mst configuration Displays the MST configuration identifier instance id ID of the spanning tree instance uplinkfast Displays Direct Link Rapid Convergence information backbonefast Displays Indirect Link Rapid Convergence information Default Configuration This command has no default configuration Command Mode Pri...

Page 735: ... DIS Disb No Gi1 0 5 Enabled 128 5 0 DIS Disb No Gi1 0 6 Enabled 128 6 0 DIS Disb No console show spanning tree gi1 0 1 Port Gi1 0 1 Enabled State Forwarding Role Designated Port ID 128 1 Port Cost 20000 Port Fast No Root Protection No Designated Bridge Priority 32768 Address 001E C9DE D447 Designated Port ID 128 1 Designated Path Cost 0 CST Regional Root 80 00 00 1E C9 DE D4 47 Root Guard False L...

Page 736: ... Port ID 128 2 Designated Path Cost 0 CST Regional Root 80 00 00 1E C9 DE D4 47 CST Port Cost 0 BPDUs Sent 84 Received 2 Port Gi1 0 3 Enabled State Disabled Role Disabled Port ID 128 3 Port Cost 0 Root Protection No Designated Bridge Priority 32768 Address 001E C9DE D447 Designated Port ID 0 0 Designated Path Cost 0 CST Regional Root 80 00 00 1E C9 DE D4 47 CST Port Cost 0 BPDUs Sent 0 Received 0 ...

Page 737: ...ion No Designated Bridge Priority 32768 Address 001E C9DE D447 Designated Port ID 128 49 Designated Path Cost 0 CST Regional Root 80 00 00 1E C9 DE D4 47 CST Port Cost 0 BPDUs Sent 113 Received 1 console show spanning tree blockedports Spanning Tree Enabled BPDU Flooding Disabled Mode rstp CST Regional Root 80 00 00 1E C9 DE D4 47 Regional Root Path Cost 0 MST 0 Vlan Mapped 1 10 ROOT ID Priority 3...

Page 738: ...onse PDUs received all VLANs 0 RLQ request PDUs sent all VLANs 0 RLQ response PDUs sent all VLANs 0 This example shows spanning tree configured in mstp mode Output is shown for each VLAN that is a member of an MST domain console config mst show spanning tree active Spanning Tree Enabled BPDU Flooding Disabled Mode rstp Portfast BPDU Filtering Disabled CST Regional Root 80 00 00 1E C9 DE D4 47 Regi...

Page 739: ...led 128 2 20000 FWD Desg No MST 2 Vlan Mapped 3 5 ROOT ID Priority 4096 Address 001E C9DE D447 This Switch is the Root Hello Time 2s Max Age 20s Forward Delay 15s Interfaces Name State Prio Nbr Cost Sts Role RestrictedPort Gi1 0 1 Enabled 128 1 20000 FWD Desg No Gi1 0 2 Enabled 128 2 20000 FWD Desg No MST 3 Vlan Mapped 6 10 ROOT ID Priority 32768 Address 001E C9DE D447 This Switch is the Root Hell...

Page 740: ...d 128 3 0 DIS Disb No Gi1 0 4 Enabled 128 4 0 DIS Disb No Gi1 0 5 Enabled 128 5 0 DIS Disb No Gi1 0 6 Enabled 128 6 0 DIS Disb No Gi1 0 7 Enabled 128 7 0 DIS Disb No Gi1 0 8 Enabled 128 8 0 DIS Disb No This example shows spanning tree configured in rstp mode Output is shown for each interface console config show spanning tree active Spanning Tree Enabled BPDU Flooding Disabled Mode rstp Portfast B...

Page 741: ...Address 001E C9DE D447 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 sec Interface State Prio Nbr Cost Status Role Gi1 0 1 Enabled 128 1 20000 Forwarding Designated Gi1 0 2 Enabled 128 2 20000 Forwarding Root Te1 0 1 Enabled 128 49 2000 Forwarding Designated Te1 0 2 Enabled 128 50 2000 Discarding Backup VLAN 2 RootID Priority 32770 Address 001E C9DE D447 Cost 0 Port This swit...

Page 742: ...following fields are displayed Field Description Spanning Tree Admin Mode Enabled or disabled Spanning Tree Version Version of currently supported IEEE 802 1s IEEE 802 1w or IEEE 802 1d based upon the mode parameter BPDU Protection Mode Enabled or disabled BPDU Filter Mode Enabled or disabled BPDU Flooding Mode Enabled or disabled IndirectLink Rapid Convergence Backbone fast for RSTP PV is enabled...

Page 743: ...anning tree information per VLAN and also list out the port roles and states as well as port cost Syntax show spanning tree vlan vlan list all vlan list A list of VLANs or VLAN ranges separated by commas and with no embedded blank spaces VLAN ranges are of the form X Y where X and Y are valid VLAN identifiers and X Y all Show all VLANs Configuration Revision Level Identifier used to identify the c...

Page 744: ...the root Hello Time 2s Max Age 20s Forward Delay 15s BridgeID Priority 32770 priority 32768 sys id ext 2 Address 001E C9DE D447 Hello Time 2s Max Age 20s Forward Delay 15s Aging Time 300 sec Interface Role Sts Cost Prio Nbr Gi1 0 1 Designated Forwarding 20000 128 1 Gi1 0 2 Designated Forwarding 20000 128 2 spanning tree Use the spanning tree command in Global Configuration mode to enable spanning ...

Page 745: ...a portfast port if it does not see any BPDUs for 3 seconds after a link up event Use the no form of this command to disable auto portfast mode Syntax spanning tree auto portfast no spanning tree auto portfast Default Configuration Auto portfast mode is enabled by default Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines There are no user guidelines for this command Ex...

Page 746: ...nefast Default Configuration This command has no default configuration Command Modes Global Configuration Mode User Guidelines IRC can be configured even if the switch is configured for MST RSTP or RSTP PV mode It only has an effect when the switch is configured for STP PV mode If an IRC enabled switch receives an inferior BPDU from its designated switch on a root or blocked port it sets the maxim...

Page 747: ...guration This feature is disabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console spanning tree bpdu flooding spanning tree bpdu protection Use the spanning tree bpdu protection command in Global Configuration mode to enable BPDU guard on a switch Use the no form of this command to resume the default status of BPDU gua...

Page 748: ...isrupt the switch and cause network flapping Dell spanning tree provides a BPDU guard function against such attacks If an interface enabled for BPDU guard receives a BPDU packet the interface is diagnostically disabled and a message is written to the log The port may be re enabled using the no shutdown command after disconnecting the offending device from the interface Example The following exampl...

Page 749: ...ng values for spanning tree costs The range for path cost for a port is 0 200 000 000 The range for path cost for a VLAN is 1 200 000 000 Use the no form of the command to calculate the cost based on the interface speed A zero path cost causes the switch to calculate the path cost based upon the speed of the interface If the VLAN parameter is given the path cost is configured only for the selected...

Page 750: ...efault Configuration By default all ports are enabled for spanning tree Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet fortygigabitethernet mode User Guidelines This command has no user guidelines Example The following example disables spanning tree on Gi1 0 5 console config interface gigabitethernet 1 0 5 console config if Gi1 0 5 spanning tree disable spanni...

Page 751: ...orward Time the following relationship should be satisfied 2 Forward Time 1 Max Age Example The following example configures spanning tree bridge forward time to 25 seconds console config spanning tree forward time 25 spanning tree guard The spanning tree guard command selects whether loop guard or root guard is enabled on an interface If neither is enabled the port operates in accordance with the...

Page 752: ... spanning tree guard functionality on Gigabit ethernet interface 4 0 1 console config console config interface gigabitethernet 4 0 1 console config if 4 0 1 spanning tree guard none spanning tree loopguard Use the spanning tree loopguard command to enable loop guard on all ports Use the no form of this command to disable loop guard on all ports Syntax spanning tree loopguard default no spanning tr...

Page 753: ... spanning tree bridge maximum age To reset the default maximum age use the no form of this command Syntax spanning tree max age seconds no spanning tree max age seconds Time in seconds Range 6 40 Default Configuration The default max age for IEEE STP is 20 seconds Command Mode Global Configuration mode User Guidelines When configuring the Max Age the following relationships should be satisfied 2 F...

Page 754: ...o use Range 6 to 40 Default Configuration The maximum number of hops is 20 by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config spanning tree max hops 32 spanning tree mode Use the spanning tree mode command in Global Configuration mode to configure the spanning tree protocol To return to the default configuration us...

Page 755: ...ring the switch to MSTP mode be sure to configure the MST region name For multiple switches to become members of the same region the configuration name the configuration revision and mapping of VLANs to MSTIs must be identical In the STP PV or RSTP PV modes BPDUs contain per VLAN information instead of the common spanning tree information MST RSTP RSTP PV maintains independent spanning tree inform...

Page 756: ...e spanning tree protocol to MSTP console config spanning tree mode mst spanning tree mst configuration Use the spanning tree mst configuration command in Global Configuration mode to enable configuring an MST region by entering the multiple spanning tree MST mode Syntax spanning tree mst configuration Default Configuration This command has no default configuration Command Mode Global Configuration...

Page 757: ...spanning tree mst instance id cost instance ID ID of the spanning tree instance Range 1 4094 cost The port path cost Range 0 200 000 000 Default Configuration The default cost is 0 which signifies that the cost will be automatically calculated based on port speed The default configuration is Ethernet 10 Mbps 2 000 000 Fast Ethernet 100 Mbps 200 000 Gigabit Ethernet 1000 Mbps 20 000 Port Channel 20...

Page 758: ...priority no spanning tree mst instance id port priority instance id ID of the spanning tree instance Range 1 4094 priority The port priority Range 0 240 in multiples of 16 Default Configuration The default port priority for IEEE STP is 128 The default priority for a port channel is 96 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet fortygigabitethernet mode Use...

Page 759: ...switch A lower value increases the probability that the switch is selected as the root switch Range 0 61440 Default Configuration The default bridge priority for IEEE STP is 32768 Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096 The priority will be set to the nearest multiple of 4096 if not an exact multiple of 4096 Bridge priority configuration...

Page 760: ...terface Configuration gigabitethernet port channel tengigabitethernet fortygigabitethernet mode User Guidelines This command only applies to access ports The command is to be used only with interfaces connected to end stations Otherwise an accidental topology loop could cause a data packet loop and disrupt switch and network operations An interface with portfast mode enabled is moved directly to t...

Page 761: ...t enabled ports A port enabled for BPDU filtering does not receive or send any BPDUs It is possible that a network loop may result if BPDU filtering is enabled on a port connected to anything other than an end system BPDU filtering is appropriate for configuration on portfast enabled interfaces that are connected to end system hosts where it is desired to not send BPDUs to the host or receive BPDU...

Page 762: ... Default Configuration Portfast mode is disabled by default Command Mode Global Configuration mode User Guidelines This command only affects access ports NOTE This command should be used with care An interface with portfast mode enabled is moved directly to the spanning tree forwarding state when linkup occurs without waiting for the standard forward time delay Setting a port connected to another ...

Page 763: ...s when the port is configured as an edge port Range 1 4093 priority The priority of the edge port or point to point link in the forwarding port selection process Range is 0 to 240 in increments of 16 Default Configuration The default port priority for IEEE STP is 128 Command Mode Interface Configuration mode User Guidelines If the VLAN parameter is given the priority is configured only for the sel...

Page 764: ... uses the port priority value when the LAN port is configured as an edge port and uses the VLAN priority value when the interface is configured as a point to point link MSTP uses the port priority regardless of whether the port is an edge port or not Example The following example configures a port connected to a host to be least likely to be selected for forwarding to the root bridge even if the h...

Page 765: ...C configuration Example The following example configures spanning tree priority to 12288 console config spanning tree priority 12288 spanning tree tcnguard Use the spanning tree tcnguard command to prevent a port from propagating topology change notifications Use the no form of the command to enable TCN propagation Syntax spanning tree tcnguard no spanning tree tcnguard Default Configuration TCN p...

Page 766: ...ng tree transmit hold count value no spanning tree transmit value The maximum number of BPDUs to send Range 1 10 Default Configuration The default hold count is 6 BPDUs Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the maximum number of BPDUs sent to 6 console config spanning tree transmit hold count 6 spanni...

Page 767: ...he switch is configured for MST RSTP mode It only has an effect when the switch is configured for STP PV or RSTP PV modes Enabling DRC sets the switch priority to 49152 Path costs have an additional 3000 added when DRC is enabled This reduces the probability that the switch will become the root switch DRC immediately changes to an alternate root port on detecting a root port failure and change the...

Page 768: ...an Use the spanning tree vlan command to enable per VLAN spanning tree on a VLAN Use the no form of the command to remove the VLAN as a separate spanning tree instance Syntax spanning tree vlan vlan list no spanning tree vlan vlan list vlan list A single VLAN ID or a list of VLAN IDs in comma delineated or range format with no embedded blanks Range 1 4093 Default Configuration By default each conf...

Page 769: ... the command to return the forward time to its default value Syntax spanning tree vlan vlan list forward time 4 30 no spanning tree vlan vlan list forward time forward time The interval time spent in listening and learning states before transitioning a port to the forwarding state Range 4 30 seconds Default Configuration The default forward delay time is 15 Command Modes Global Configuration Mode ...

Page 770: ...ax spanning tree vlan vlan list hello time 1 10 no spanning tree vlan vlan list hello time Hello time The interval between sending successive BDPUs Default 2 seconds Default Configuration The default hello time is 2 seconds Command Modes Global Configuration Mode User Guidelines This command can be configured even if the switch is configured for MST RSTP mode It is only used when the switch is con...

Page 771: ...U propagation delay and message age overestimate for their specific topology when configuring this value The default setting of 20 seconds is suitable for a network of diameter 7 lost message value of 3 transit delay of 1 hello interval of 2 seconds overestimate per bridge of 1 second and a BPDU delay of 1 second For a network of diameter 4 a setting of 16 seconds is appropriate if all other timer...

Page 772: ...guration The default bridge priority value is 32768 Command Modes Global Configuration mode User Guidelines This command can be configured even if the switch is configured for MST RSTP mode It is only used when the switch is configured for STP PV or RSTP PV modes The logic sets the bridge priority to a value lower primary or next lower secondary than the lowest bridge priority for the specified VL...

Page 773: ...rtised when combined with the switch MAC address Range 0 61440 Default Configuration The default bridge priority is 32768 Valid values are 0 4096 8192 12288 16384 20480 24576 28672 32768 36864 40960 45056 49152 53248 57344 and 61440 The default value is 32768 If the value configured is not among the specified values it will be rounded off to the nearest valid value Command Modes Global Configurati...

Page 774: ...iguration which is given preference over the configuration of DirectLink Rapid Convergence Example This example configures a switch to be the spanning tree root bridge for VLANs 12 13 24 25 and 26 This presumes other switches in the network utilize the default bridge priority configuration console config spanning tree vlan 12 13 24 26 priority 8192 ...

Page 775: ...individual link but not the entire port channel This improves fault tolerance of port channel UDLD PDUs act as network control packets They are unaffected by Spanning Tree state Thus they are transmitted and received regardless of Spanning Tree state For the successful operation of UDLD it is required that its neighbors are UDLD capable and UDLD is enabled on the corresponding ports All ports shou...

Page 776: ...eive UDLD messages The state of undetermined has no effect on the operation of the port The port is not disabled and continues operating as it previously did When in normal mode a port is diagnostically disabled for the following cases a UDLD PDU is received from partner that does not have the port s own details echo b When there is a loopback information sent out on a port is received back as is ...

Page 777: ...in three times the message interval d In aggressive mode when the partner does not respond to an ECHO within 7 seconds Commands in this Section This section explains the following commands udld enable Global Configuration Use the udld enable command in Global Configuration mode to globally enable UDLD Use the no form of the command to globally disable UDLD Syntax udld enable no udld enable Default...

Page 778: ...x udld reset Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines The following commands will reset an interface disabled by UDLD Use udld reset to reset all interfaces disabled by UDLD The shutdown command followed by no shutdown interface configuration command The no udld enable global configuration command followed by the udld enable ...

Page 779: ...no udld message time message interval UDLD message transmit interval in seconds Range is 7 to 90 seconds Default Configuration The default message transmit interval is 15 seconds Command Mode Global Configuration mode User Guidelines Lower message time values will detect the unidirectional links more quickly at the cost of higher CPU utilization The message interval is also used to age out UDLD en...

Page 780: ...seconds Command Mode Global Configuration mode User Guidelines This command sets the time interval used to determine if the link has bidirectional or unidirectional connectivity If no ECHO replies are received within three times the message interval then the link is considered to have unidirectional connectivity Example This example sets the UDLD timeout interval to 15 seconds console config udld ...

Page 781: ...t channel Example This example enables UDLD on an interface UDLD must also be enabled globally console config if Te1 0 1 udld enable udld port Use the udld port command in Interface physical Configuration mode to select the UDLD operating mode on a specific interface Use the no form of the command to reset the operating mode to the default normal Syntax udld port aggressive no udld port aggressive...

Page 782: ...ve show udld Use the show udld command in User Exec or Privileged Exec mode to display the global settings for UDLD Syntax show udld interface id all Default Configuration This command has no default setting Command Mode Privileged Exec or User Exec mode Global Configuration mode and all Configuration submodes User Guidelines When no interface is specified the following fields are shown Field Desc...

Page 783: ...either Normal or Aggressive UDLD Status The status of the link as determined by UDLD The options are Undetermined UDLD has not collected enough information to determine the state of the port Not applicable UDLD is disabled either globally or on the port Shutdown UDLD has detected a unidirectional link and shutdown the port That is the port is in the D Disable state Bidirectional UDLD has detected ...

Page 784: ...tablish priority for the packet Dell EMC Networking switches supports 802 1Q VLANs As such ports may simultaneously belong to multiple VLANs VLANs allow a network to be logically segmented without regard to the physical locations of devices in the network Dell EMC Networking switches supports up to 4093 VLANs for forwarding Interfaces can be configured in trunk mode multiple VLAN support or access...

Page 785: ...ries switches when utilizing the AGGREGATION ROUTER image Independent VLAN Learning Independent VLAN Learning IVL allows unicast address to port mappings to be created based on a MAC Address in conjunction with a VLAN ID This arrangement associates the MAC Address only with the VLAN on which the frame was received Therefore frames are forwarded based on their unicast destination address as well as...

Page 786: ...ator to assign nonrouting protocols such as NetBIOS or DECnet to larger VLANs than routing protocols like IPX or IP This maximizes the efficiency gains that are possible with VLANs In port based VLAN classification the Port VLAN Identifier PVID is associated with the physical ports The VLAN ID VID for an untagged packet is equal to the PVID of the port In port and protocol based VLAN classificatio...

Page 787: ...ary VLAN Isolated VLAN Is a secondary VLAN It carries traffic from isolated ports to promiscuous ports Only one isolated VLAN can be configured per private VLAN Community VLAN Is a secondary VLAN It forwards traffic between ports which belong to the same community and to the promiscuous ports There can be multiple community VLANs per private VLAN Three types of port designations exist within a pri...

Page 788: ... endpoint connected over an isolated VLAN is allowed to communicate with endpoints connected to promiscuous ports only Endpoints connected to adjacent endpoints over an isolated VLAN cannot communicate with each other Community VLAN An endpoint connected over a community VLAN is allowed to communicate with the endpoints within the community and can also communicate with any configured promiscuous ...

Page 789: ... Similarly for broadcasts in regular VLANs ports in the same VLAN receive broadcast traffic However for private VLANs the ports to which the broadcast traffic is forwarded depend on the type of port on which the traffic was received If the received port is a host port the traffic is forwarded to all promiscuous and trunk ports If the received port is community port the broadcast traffic is forward...

Page 790: ...DHCP and Layer 3 are not enabled on VLAN 1 by default for the N3000 N3100 ON and N4000 Series switches DHCP is enabled on VLAN 1 by default for the N1100 ON N1500 N2000 N2100 ON switches The N1100 ON does not support routing Command Mode VLAN Configuration or Global Configuration modes protocol group show vlan association subnet switchport mode vlan makestatic protocol vlan group show vlan private...

Page 791: ...ceived over the configured VLAN which are addressed to the L3 address are processed by the switch CPU This includes SNMP HTTP Telnet SNMP and any other configured management protocols If a subsequent VLAN is configured with an IP address the prior VLAN configuration is removed Dell EMC N1100 ON switches do not support routing Examples console config vlan10 interface vlan 10 console config if vlan1...

Page 792: ...s entered in interface range mode dellswitch config vlan 2 5 dellswitch config vlan2 5 exit dellswitch config interface vlan 2 dellswitch config if vlan2 interface vlan 3 dellswitch config if vlan3 interface vlan 4 dellswitch config if vlan4 interface vlan 5 dellswitch config if vlan5 interface range vlan 2 5 dellswitch config if name VLAN Configuration Use the name command in VLAN Configuration m...

Page 793: ... 2 console config vlan2 name RDU NOC Management VLAN private vlan Use the private vlan command in VLAN Configuration mode to define a private VLAN association between the primary and secondary VLANs Use the no form of the command to remove the private VLAN association Syntax private vlan primary isolated community association add remove vlan list no private vlan association association Defines an ...

Page 794: ...scuous ports It does not carry traffic to other community ports or other isolated ports with the same primary VLAN The primary VLAN is the VLAN that carries traffic from a promiscuous port to the private ports VLAN 1 cannot be configured in a private VLAN configuration Examples console configure terminal console config vlan 10 console config vlan private vlan primary console config vlan exit conso...

Page 795: ...use the no form of this command Syntax protocol group group id vlan id no protocol group group id vlan id group id The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command To see the group ID associated with the name of a protocol group use the show port protocol all command vlan id A valid VLAN ID Default Co...

Page 796: ...pt when GVRP is expected to create the VLAN To remove the interface from this protocol based VLAN group that is identified by this groupid use the no form of this command If you select all all ports are removed from this protocol group Syntax protocol vlan group group id no protocol vlan group group id group id The protocol based VLAN group ID which is automatically generated when you create a pro...

Page 797: ...ol based group except when GVRP is expected to create the VLAN To remove all interfaces from this protocol based group that is identified by this groupid use the no form of the command Syntax protocol vlan group all group id no protocol vlan group all group id group id The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protoc...

Page 798: ...d It is not possible to configure an inner TPID value other than 0x8100 The primary TPID is shown in the EtherType column The primary TPID is placed in the outer tag for traffic egressing the interface The interface will process incoming traffic as double tagged if any of the configured TPIDs is present in the frames outer VLAN tag Traffic with a TPID other than the configured TPID is processed no...

Page 799: ... Mode Privileged Exec mode Interface Configuration mode and all Configuration submodes User Guidelines Each of the switchport modes can be configured independently for a port or port channel The configurations are retained even when the port is configured in a different mode It is recommended that the private VLAN host ports be configured as spanning tree portfast Examples The following example di...

Page 800: ...t show port protocol Use the show port protocol command to display the Protocol Based VLAN information for either the entire system or for the indicated group Syntax show port protocol group id all group id The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command all Enter all to show all interfaces Default C...

Page 801: ... Configuration There is no default configuration for this command Command Mode Privileged Exec mode and all Show modes User Guidelines Up to three additional TPIDs can be configured The 802 1Q TPID is pre configured in the system and may not be removed It is not possible to configure an inner VLAN TPID value other than 0x8100 The primary TPID is shown in the EtherType column The primary TPID is pl...

Page 802: ... all console config show switchport ethertype interface gi1 0 1 Interface EtherType Secondary TPIDs Gi1 0 1 802 1 Gi1 0 2 802 1 VMAN Gi1 0 3 802 1 Gi1 0 4 802 1 Gi1 0 5 802 1 show vlan Use the show vlan command to display detailed information including interface information and dynamic VLAN type for a specific VLAN or RSPAN VLAN The ID is a valid VLAN identification number Syntax show vlan id vlan...

Page 803: ...The type of VLAN default static dynamic Example This shows all VLANs and RSPAN VLANs console show vlan VLAN Name Ports Type 1 default Po1 128 Default Gi1 0 1 48 10 Static RSPAN Vlan 10 This example shows information for a specific VLAN ID console show vlan id 10 VLAN Name Ports Type 10 Te1 0 1 Static RSPAN Vlan Enabled This example shows information for a specific VLAN name console show vlan name ...

Page 804: ...vlan association mac mac address mac address Specifies the MAC address to be entered in the list Range Any valid MAC address Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines MAC Address The configured MAC address VLAN The associated VLAN identifier Example The following example...

Page 805: ...ress Specifies IP address to be shown ip mask Specifies IP mask to be shown Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines IP Address The configured IP address IP Mask The configured IP subnet mask VLAN ID The associated VLAN identifier Example The following example shows the...

Page 806: ... mode Global Configuration mode and all Configuration submodes User Guidelines Do not configure private VLANs on ports configured with any of these features Link Aggregation Control Protocol LACP Multicast VLAN Registration MVR Voice VLAN It is recommended that the private VLAN host ports be configured as spanning tree portfast The command displays the following information Parameter Description P...

Page 807: ...to VLAN 1 It is possible to configure the access mode VLAN identifier when the port is in general or trunk mode Doing so does not change the VLAN membership of the interface until the interface is configured into access mode If the VLAN identified in the command has not been previously created the system creates the VLAN issues a message and associates the VLAN with the interface Examples The foll...

Page 808: ... is the default Ethertype for both inner and outer VLAN TPIDs The 802 1Q TPID cannot be removed from the configuration By default QinQ processing of frames is disabled Command Mode Global Configuration User Guidelines This command globally defines additional TPIDs for use by the system for matching of ingress packets in the outer tag The switch uses the default primary TPID 0x8100 and any of the a...

Page 809: ...ovider port Te1 0 1 in general mode after creating the common SP CE VLAN The port is configured in general mode and to only allow tagged packets on ingress using the outer VLAN ID 10 Then the port is configured to accept the VMAN TPID in the outer VLAN on ingress and further configured to tag packets with the VMAN TPID and VLAN ID 10 in the outer VLAN tag on egress This example configures an SP po...

Page 810: ...vman Define the Ethertype as 0x88A8 custom Define the Ethertype as a 16 bit user defined value in decimal primary tpid Set the outer VLAN tag TPID to be inserted in frames transmitted on an SP port Also processes ingress frames with the configured Ethertype as double tagged Default Configuration 802 1Q is the default Ethertype for both inner and outer VLAN TPIDs By default QinQ processing of frame...

Page 811: ...rgument the command will fail If a TPID value is configured as the primary TPID and it is added again without the primary tpid optional argument the TPID will be treated as the primary TPID the primary TPID includes the behavior of secondary TPIDs It is not possible to configure an inner VLAN TPID value The inner VLAN TPID value is always 802 1Q 0x8100 Example This example defines the VMAN 0x88A8 ...

Page 812: ...t of valid VLAN IDs to remove from the forbidden list Separate nonconsecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs Default Configuration All VLANs allowed Command Mode Interface Configuration Ethernet and port channel mode User Guidelines This configuration only applies to ports configured in general mode It is possible to configure the general mode VLAN mem...

Page 813: ... mode User Guidelines It is possible to configure the general mode acceptable frame types of a port while the port is in access or trunk mode Doing so does not change the configuration of the port until it is configured to be in general mode Example The following example configures 1 0 8 to discard untagged frames at ingress console config interface gigabitethernet 1 0 8 console config if Gi1 0 8 ...

Page 814: ...t channel mode User Guidelines Use this command to change the egress rule for example from tagged to untagged without first removing the VLAN from the list It is possible to configure the general mode VLAN membership of a port while the port is in access or trunk mode Doing so does not change the VLAN membership of the port until it is configured to be in general mode Example The following example...

Page 815: ...ocessed by the switch Example The following example shows how to enables port ingress filtering on Gigabit Ethernet interface 1 0 8 console config interface gigabitethernet 1 0 8 console config if Gi1 0 8 switchport general ingress filtering enable switchport general pvid Use the switchport general pvid command in Interface Configuration mode to configure the Port VLAN ID PVID when the interface i...

Page 816: ...hport mode command in Interface Configuration mode to configure the VLAN membership mode of a port To reset the mode to the appropriate default for the switch use the no form of this command Syntax switchport mode access trunk general no switchport mode access An access port connects to a single end station belonging to a single VLAN An access port is configured with ingress filtering enabled and ...

Page 817: ...mode is access Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet fortygigabitethernet mode User Guidelines This command has no user guidelines Example The following example configures Gi1 0 5 to access mode console config interface gigabitethernet 1 0 5 console config if Gi1 0 5 switchport mode access switchport mode dot1q tunnel Use the switchport mode dot1q tun...

Page 818: ...he outer tag native VLAN ID for the associated service provider SP interface Configure the outer VLAN ID using the switchport access vlan command All MAC address learning and forwarding occurs on the outer VLAN tag The VLAN ID must be common to both the SP port and the CE ports The service provider interface must be configured for egress tagging trunk or general mode with a native VLAN identical t...

Page 819: ...nsole config if switchport access vlan 10 console config if switchport mode dot1q tunnel console config if exit switchport mode private vlan Use the switchport mode private vlan command in Interface Configuration mode to define a private VLAN association for an isolated or community interface or a mapping for a promiscuous interface Use the no form of the command to remove the private VLAN associa...

Page 820: ...hport private vlan command in Interface Configuration mode to define a private VLAN association for an isolated or community port or a mapping for a promiscuous port Use the no form of the command to remove the private VLAN association or mapping from the interface Syntax switchport private vlan host association primary vlan id secondary vlan id mapping primary vlan id add remove secondary vlan li...

Page 821: ...vlan10 20 exit console config interface gigabitethernet 1 0 8 console config if Gi1 0 8 switchport private vlan host association 10 20 switchport trunk Use the switchport trunk command in Interface Configuration mode to configure VLAN membership for a trunk port or to set the native VLAN for an interface in Trunk Mode Syntax switchport trunk allowed vlan vlan list native vlan vlan id no switchport...

Page 822: ...VLANs described by two VLAN numbers the lesser one first separated by a hyphen valid id A valid VLAN id in the range 1 4093 This is the native VLAN for the trunk port and will accept and send traffic on this VLAN in untagged format Default Configuration A trunk port is a member of all VLANs by default VLAN 1 is the default native VLAN on a trunk port The default allowed VLAN membership on a trunk ...

Page 823: ...1 0 1 switchport trunk allowed vlan except 1 2 3 5 7 11 13 switchport trunk encapsulation dot1q Use this command for compatibility This command performs no action Syntax switchport trunk encapsulation dot1q Default Configuration Dell EMC Networking switches use dot1q encapsulation on trunk ports by default Command Mode Interface config mode Interface range mode including port channels User Guideli...

Page 824: ... Configuration Config User Guidelines Deleting the VLAN assigned as the PVID on an access port will cause VLAN 1 to be assigned as the PVID for the access port Deleting the VLAN assigned as the native VLAN for a trunk port will cause the trunk port to discard untagged frames received on the port Creating a VLAN adds it to the allowed list for all trunk ports except those where it is specifically e...

Page 825: ...MAC address in the format xxxx xxxx xxxx or xx xx xx xx xx xx Default Configuration No assigned MAC address Command Mode VLAN Configuration mode User Guidelines This command has no user guidelines Example The following example associates MAC address with VLAN ID 1 console config vlan 1 console config vlan 1 vlan association mac 0001 0001 0001 vlan association subnet Use the vlan association subnet...

Page 826: ...ssociates the 192 168 0 xxx IP address with VLAN ID 1 console config vlan 1 console config vlan 1 vlan association subnet 192 168 0 0 255 255 255 0 vlan makestatic This command changes a dynamically created VLAN one that is created by GVRP registration to a static VLAN one that is permanently configured and defined The ID is a valid VLAN identification number VLAN range is 2 4093 Syntax vlan makes...

Page 827: ...protocol group is created it is assigned a unique group ID number The group ID is used to identify the group in subsequent commands Use the no form of the command to remove the specified VLAN protocol group name from the system Syntax vlan protocol group group id no vlan protocol group group id group id The protocol based VLAN group ID to create a protocol based VLAN group To see the created proto...

Page 828: ...n protocol group add protocol group id ethertype value no vlan protocol group add protocol group id ethertype value group id The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command To see the group ID associated with the name of a protocol group use the show port protocol all command ethertype value The prot...

Page 829: ...ame of a protocol group use the show port protocol all command groupName The group name you want to add The group name can be up to 16 characters length It can be any valid alpha numeric characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config vlan protocol group name...

Page 830: ...the group ID associated with the name of a protocol group use the show port protocol all command Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays the removal of the protocol based VLAN group identified as 2 console config vlan protocol group remove 2 ...

Page 831: ... VLAN ID information is passed onto the VoIP phone using LLDP MED Voice data coming from the VoIP phone is tagged by the phone with the transmitted VLAN ID regular data arriving on the switch is given the default PVID of the port When an IEEE 802 1p priority is associated with the voice VLAN port then the priority information is passed to the VoIP phone using LLDP MED It is expected that the voice...

Page 832: ...e voice VLAN capability on the switch Syntax voice vlan no voice vlan Command Mode Global Configuration User Guidelines Voice VLAN must be configured on access or general mode ports It is not supported on trunk mode ports Default Value This feature is disabled by default Example console config voice vlan console config no voice vlan voice vlan Interface This command is used to enable the voice VLA...

Page 833: ...th the assigned priority Set the port to trust the received data priority The valid priority range is 0 7 dscp Configure the DSCP value for voice traffic on the voice VLAN port Range 0 64 Data traffic is expected to use the default or native VLAN on the port none Allow the IP phone to use its own configuration to send untagged voice traffic untagged Configure the phone to send untagged voice traff...

Page 834: ... 0 1 voice vlan none console config if Gi1 0 1 voice vlan untagged Command History Description updated in 6 3 0 5 release voice vlan data priority This command is to either trust or not trust untrust the data traffic arriving on the voice VLAN port Syntax voice vlan data priority trust untrust trust Trust the IEEE 802 1p user priority contained in packets arriving on the voice VLAN port untrust Do...

Page 835: ...he interface parameter is not specified only the global mode of the voice VLAN is displayed When the interface parameter is specified the following is displayed When the all parameter is used for the interface all interfaces are displayed Output Description Interface The interface ID Voice VLAN Interface Mode The admin mode of the voice VLAN on the interface Voice VLAN ID The voice VLAN ID Voice V...

Page 836: ...e console show voice vlan interface gi1 0 1 Interface Gi1 0 1 Voice VLAN Interface Mode Enabled Voice VLAN Priority 2 Voice VLAN COS Override True Voice VLAN DSCP Value 46 Voice VLAN Port Status Disabled Voice VLAN Authentication Disabled ...

Page 837: ...itch management console or web interface as well as to configure restrictions of network access for network attached devices This section of the document contains the following security commands AAA Commands Captive Portal Commands Administrative Profiles Commands Denial of Service Commands E mail Alerting Commands Management ACL Commands RADIUS Commands Password Management Commands TACACS Command...

Page 838: ...d Administrative Authentication Switch administrators can be authenticated based on Login mode Switch access method Access to Privileged Exec mode Two levels of access 1 Read only 15 Read Write The supported authentication methods for switch management access are Local The user s locally stored ID and password are used for authentication RADIUS The user s ID and password are authenticated using th...

Page 839: ... associated component ID are stored together A single APL can be referenced by multiple methods The administrator can enable disable reorder authentication methods on a per method basis see above Administrative Accounting The administrator may choose to account administrative activity on the switch The following accounting types are supported User exec sessions User login and logout times are note...

Page 840: ... accounting methods TACACS accounts all accounting types exec and commands RADIUS only accounts exec sessions Access Line Modes AMLs can be applied to the following access line modes for accounting purposes Console This mode is used when user logs in to the switch using serial console Telnet This mode is used when user logs in through Telnet SSH This mode is used when user logs in through SSH By d...

Page 841: ...n server Refer to the RADIUS Commands section for information on configuring a RADIUS server for authentication of network devices See the 802 1x Commands section for information on configuring device access to network resources Dell EMC Networking switches support an internal authentication capability that allows configuration of authentication preference lists for network connected devices The a...

Page 842: ...s the 802 1x state machine to send a challenge to the supplicant Otherwise a failure is returned to the 802 1x state machine and the user is not granted access to the port If user s credentials are changed the existing user connection s are not disturbed and the changed user s credentials are only used when a new EAP request arises A CLI configuration mode is added in order to configure 802 1x use...

Page 843: ...that fail authentication This feature provides a mechanism to allow network devices to have network access to reach an external network while restricting their ability to access the internal LAN When a client that does not support 802 1x is connected to an unauthorized port that is 802 1x enabled the client does not respond to the 802 1x requests from the switch The port remains in the unauthorize...

Page 844: ...eletes the accounting method list aaa accounting authentication priority show aaa statistics aaa authentication dot1x default authentication restart show accounting methods aaa authentication enable clear IAS show authentication aaa authentication login clear authentication statistics show authentication authentication history aaa authorization clear authentication authentication history show auth...

Page 845: ... accounting for a User Exec terminal sessions commands Provides accounting for all user executed commands dot1x Provides accounting for DOT1X user commands Only the default method is available for dot1x default The default list of methods for accounting services list name Character string used to name the list of accounting methods start stop Sends a start accounting notice at the beginning of a p...

Page 846: ...ccounting type AAA Accounting for commands with RADIUS as the accounting method is not supported Start stop or None are the only supported record types for RADIUS accounting Start stop enables accounting and None disables accounting RADIUS is the only accounting method type supported for RADIUS accounting For the same set of accounting type and list name the administrator can change the record typ...

Page 847: ...onsole configure console config aaa accounting commands userCmdAudit stop only tacacs console config no aaa accounting commands userCmdAudit console config exit aaa authentication dot1x default Use the aaa authentication dot1x default command in Global Configuration mode to specify an authentication method for 802 1x clients to access network resources Use the no form of the command to return the ...

Page 848: ... server must be configured previously using the radius server host auth command for the radius method to succeed console config aaa authentication dot1x default radius aaa authentication enable Use the aaa authentication enable command in Global Configuration mode to set authentication for accessing higher administrator privilege levels when logged in to the switch console To return to the default...

Page 849: ...previous method returns an error not if it fails to authenticate the administrator Only the RADIUS or TACACS methods can return an error For example if none is specified as an authentication method after radius no authentication is used if the RADIUS server is down To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line No...

Page 850: ...ministrative access to the switch To return to the default configuration and optionally delete an authentication list use the no form of this command Syntax aaa authentication login default list name method1 method2 no aaa authentication login default list name default Uses the listed authentication methods that follow this argument as the default list of methods when an administrator logs in list...

Page 851: ...failure Only the RADIUS TACACS local and enable methods can return an error To ensure that authentication succeeds even if all methods return an error specify none as the final method in the command line For example if none is specified as an authentication method after radius no authentication is used if the RADIUS server is down If specified none must be the last method in the list NOTE Auth Typ...

Page 852: ...st is supported default The default list of methods for authorization services The list dfltCmdAuthList is the default list for command authorization and the list dfltExecAuthList is the default list for Exec authorization list name Character string used to name the list of authorization methods The list name can consist of any alphanumeric character up to 15 characters in length Use quotes around...

Page 853: ...he command is not executed and a message is displayed to the user Command authorization attempts authorization for all Exec mode commands associated with a privilege level including global configuration commands Exec authorization attempts authorization when a user attempts to enter Privileged Exec mode When exec authorization is configured for a line mode the use may not be required to use the en...

Page 854: ...or information on configured an authorization method for a particular type of line access Example Per command authorization example for telnet access using TACACS Configure the Authorization Method list console config aaa authorization commands telnet list tacacs Apply the AML to an access line mode telnet console config line telnet console config telnet authorization commands telnet list Exec aut...

Page 855: ... telnet list tacacs Line Exec Method Lists Command Method Lists Console dfltExecAuthList dfltCmdAuthList Telnet dfltExecAuthList telnet list SSH exec list dfltCmdAuthList Network Authorization Methods Dot1x none aaa authorization network default radius Use the aaa authorization network default radius command in Global Configuration mode to enable the switch to accept VLAN assignment by the RADIUS ...

Page 856: ...horization network default radius aaa ias user username Use the aaa ias user username command in Global Configuration mode to configure IAS users and their attributes Username and password attributes are supported The ias user name is composed of up to 64 alphanumeric characters This command also changes the mode to a user Configuration mode Use the no form of this command to remove the user from ...

Page 857: ...oses Dell EMC Networking switches only support the new model command set Syntax aaa new model Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the switch to use the new model command set config aaa new model aaa server radius dynamic author Us...

Page 858: ... e for MAB the ACL is removed when the session is terminated If a valid authenticated RFC 3575 Disconnect Request request is received from a configured server and the session cannot be found the switch returns a CoA NAK message with the 503 Session Context Not Found response code If it expected that more than one session will authenticate over a port use of MAC based authentication is recommended ...

Page 859: ...adius server host 3 3 3 3 console Config radius key That s your secret console Config radius exit console config radius server key Keep it Keep it console config aaa server radius dynamic author console config radius da client 4 4 4 4 server key 0 That s your secret console config radius da client 5 5 5 5 console config radius da server key 0 Keep it Keep it console config radius da port 3799 cons...

Page 860: ...rder of authentication methods used on a port The available authentication methods are Dot1x MAB and captive portal Ordering sets the order of methods that the switch attempts when trying to authenticate a new device connected to a port If one method is unsuccessful or timed out the next method is attempted Use the no form of this command to return the port to the default authentication order Synt...

Page 861: ...B and captive portal The authentication priority decides if a previously authenticated client is re authenticated with a higher priority method when the same is received Captive portal is always the last method in the list Use the no form of this command to return the port to the default order of priority for the authentication methods Syntax authentication priority dot1x mab captive portal mab do...

Page 862: ...he authentication restart timer to factory default value Syntax authentication restart time no authentication restart time The time in seconds after which reauthentication starts if all the authentication methods have failed Range 300 65535 Default Configuration The default timer value is 300 seconds Command Modes Interface Configuration Ethernet mode User Guidelines None Example console config if...

Page 863: ... clear authentication statistics Use this command to clear the authentication statistics Syntax clear authentication statistics interface id all Default Configuration There is no default configuration for this command Command Modes Privileged Exec mode User Guidelines There are no user guidelines for this command Example console config clear authentication statistics Gi1 0 1 Are you sure you want ...

Page 864: ...story Gi1 0 1 enable password Use the enable password command in Global Configuration mode to set a local password to control access to the privileged Exec mode To remove the password requirement use the no form of this command Syntax enable password password encrypted no enable password password Password for this level Range 8 64 characters The special characters allowed in the password include _...

Page 865: ...ble authentication method e g to enableList or set an enable password If the encrypted parameter is specified the password parameter is stored as entered in the running config No attempt is made to decode the encrypted password To use the character as part of the username or password string it should be enclosed within quotation marks For example username test xyz password test xyz Example The fol...

Page 866: ... authentication method after radius no authentication is used if the RADIUS server is down Example The following example configures the http authentication console config ip http authentication radius local ip https authentication Use the ip https authentication command in Global Configuration mode to specify authentication methods for users authenticating over HTTPS To return to the default confi...

Page 867: ...he command line If none is specified as an authentication method after radius no authentication is used if the RADIUS server is down When using a Cisco ACS with TACACS as the authentication method for HTTPS the Cisco ACS must be configured to allow the shell service In addition for admin privileges the privilege level attribute must be set to 15 Example The following example configures HTTPS authe...

Page 868: ...n Default Configuration This command has no default configuration Command Mode AAA IAS User Configuration User Guidelines IAS user accounts are distinct from user administrator accounts IAS accounts give access to network resources via 802 1X or MAB whereas user accounts give administrative access to the switch Example console configure console config aaa ias user username client 1 console config ...

Page 869: ...assword The special characters allowed in the password include _ User names can contain blanks if the name is surrounded by double quotes NOTE For commands that configure password properties see Password Management Commands Syntax password Default Configuration There is no default configuration for this command Command Mode User Exec mode User Guidelines This command configures the password for a ...

Page 870: ...fault configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines IAS users are distinct from switch administrative users IAS users are allowed access to network resources Example console show aaa ias users UserName Client 1 Client 2 show aaa statistics Use the show aaa statistics command to display accounting statistics Syntax show aaa stati...

Page 871: ...ifications sent at beginning of a command execution 0 Errors when sending Accounting Notifications at beginning of a command execution 0 Number of Accounting Notifications sent at end of a command execution 0 Errors when sending Accounting Notifications at end of a command execution 0 show accounting methods Use the show accounting methods command to display the configured accounting method lists ...

Page 872: ...list the authentication methods configured on the interface and display if the Tiered Authentication feature is enabled Syntax show authentication interface interface id all interface id The physical interface all All interfaces Default Configuration There is no default configuration for this command Command Modes Privileged Exec mode Global Configuration mode and all Configuration submodes User G...

Page 873: ...ethod dot1x Auth State success Auth Status Authenticated show authentication authentication history Use this command to display the authentication history on one or more interfaces Syntax show authentication authentication history interface id all interface id Any physical interface Default Configuration There is no default configuration for this command Command Modes Privileged Exec mode Global C...

Page 874: ...ation Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the authentication configuration console show authentication methods Login Authentication Method Lists defaultList none networkList local Enable Authentication Method Lists enableList enable none enableNetList en...

Page 875: ...nterface id The physical interface Default Configuration There is no default configuration for this command Command Modes Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example config show authentication statistics gi1 0 1 Port Gi1 0 1 802 1x attempts 1 802 1x failed attempts 0 Mab attempts 0 Mab failed attempts 0 C...

Page 876: ... mode and all Configuration submodes User Guidelines Command authorization is supported only for the line telnet and SSH access methods Example console show authorization methods Exec Authorization List Methods dfltExecAuthList none Command Authorization List Methods dfltCmdAuthList none Line Exec Method Lists Command Method Lists Console dfltExecAuthList dfltCmdAuthList Telnet dfltExecAuthList df...

Page 877: ...ss to network resources when authenticating via AAA User accounts are switch administrators allowed access to the switch administrator console The following fields are displayed by this command Example The following example displays information about the local user database Parameter Description UserName Local user account s user name Privilege User s access level read only 1 or read write 15 Use ...

Page 878: ... of user Range 1 64 characters long display only the user login name Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command displays switch administrative user information Example The following example shows user login history outputs console show users login history Log...

Page 879: ... name is surrounded by double quotes password The authentication password for the user Range 8 64 characters This value can be 0 zero if the no passwords min length command has been executed The special characters allowed in the password include _ Question marks are disallowed level The user s privilege level Level 0 can be assigned by a level 15 user to another user to restrict that user s access...

Page 880: ...rs may be created If the password strength feature is enabled it checks for password strength and returns an appropriate error if it fails to meet the password strength criteria If the encrypted keyword is entered no password strength checking is performed as the password is encrypted and the system does not have the capability of decrypting the password Privilege level 0 is restricted from using ...

Page 881: ...Syntax username username unlock Reason behind the failure 1 Exceeds Minimum Length of a Password Password should be in the range of 8 64 characters in length Set minimum password length to 0 by using the passwords min length 0 command 2 Password should contain Minimum number uppercase letters number lowercase letters number numeric numbers number specialcharactersand number characterclassesand Max...

Page 882: ...uration Command Mode Global Configuration mode User Guidelines This command applies to switch administrator accounts Privilege level 0 is restricted from using Privileged Exec or any Configuration level commands There is effectively no difference between privilege level 1 and 15 ...

Page 883: ...ommands which may be executed by a user These rules are collected in a profile A rule defines a set of commands to which a user is permitted or denied access Alternatively a rule may define a CLI command mode to which the user is permitted or denied access The rule numbers determine the order in which the rules are applied Rules are applied in descending numerical order until there is a match Rule...

Page 884: ...eB Commands in this Section This section explains the following commands admin profile Use the admin profile command in Global Configuration mode to create an administrative profile The system defined administrative profiles cannot be deleted When creating a profile the user is placed into Administrative Profile Configuration mode Use the no form of the command to delete an administrative profile ...

Page 885: ...de to add a description to an administrative profile Use the no form of this command to delete the description Syntax description text no description text A description of or comment about the administrative profile To include white space enclose the description in quotes Range 1 to 128 printable characters Default Configuration This command has no default configuration Command Mode Administrative...

Page 886: ...which commands to permit or deny The command string may contain spaces and regular expressions The command string is required to be enclosed in quotes if it contains embedded white space Range 1 to 128 characters Regular expressions should conform to Henry Spencer s implementation of the POSIX 1003 2 specification NOTE Note In this usage the beginning and end of line meta characters have no meanin...

Page 887: ...name The name of the administrative profile to display Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following admin profiles are predefined and may not be deleted or changed by the administrator Profile network admin Profile network security Profile router admin Profile...

Page 888: ...ministrative profiles defined on the switch Syntax show admin profiles brief Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show admin profiles brief Profile network admin Profile network security Profile router admin Profil...

Page 889: ...lt configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines These are the generic mode names to be used in the rule command above These are not the same as the prompt which is displayed in a particular mode Example console show cli modes user exec privileged exec global config ethernet config port channel config ...

Page 890: ...gent severity levels These levels are global and apply to all destination e mail addresses Log messages in the urgent group are sent immediately to SMTP server with each log message in a separate mail Log messages in the non urgent group are batched into a single e mail message and after a configurable delay Only the minimum part MUA functionality of RFC 4409 required by the switch or router to se...

Page 891: ...e specified by keyword or as an integer from 0 to 7 The accepted keywords and the numeric severity level each represents are as follows emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 debug 7 logging email show logging email statistics logging email urgent clear logging email statistics logging email message type to addr security logging email from addr mail server ip address host...

Page 892: ...ty level to the same value as the urgent severity level then no log messages are e mailed non urgently See the logging email urgent command to specify the urgent severity level The command no logging email disables all e mail alerting logging email urgent Use the logging email urgent command in Global Configuration mode to set the lowest severity level at which log messages are e mailed in an urge...

Page 893: ... are e mailed immediately one log message per e mail message and do not wait for the log time to expire Urgent log messages are not e mailed unless you enable e mail alerting with the logging email command logging email message type to addr Use the logging email message type to addr command in Global Configuration mode to configure the To address field of the e mail The message types supported are...

Page 894: ...mail is sent immediately Non urgent email is queued and sent periodically Example console config logging email message type urgent to addr admin123 dell com Command History Example added in the 6 4 release logging email from addr Use the logging email from addr command in Global Configuration mode to configure the From address of the e mail Use the no form of this command to remove the e mail sour...

Page 895: ...il message type subject Use the logging email message type subject command in Global Configuration mode to configures subject of the e mail Use the no form of this command to remove the existing subject and return to the default subject Syntax logging email message type message type subject subject no logging email message type message type subject Default Configuration This command has no default...

Page 896: ...ion mode to configure the value of how frequently the queued messages are sent Syntax logging email logtime time duration no logging email logtime time duration Time in minutes Range 30 1440 Default Configuration The default value is 30 minutes Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config logging email logtime 50 Command History Examp...

Page 897: ...tains any spaces Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config logging email test message type urgent message body urgentlog Command History Example added in the 6 4 release show logging email statistics Use the show logging email statistics command to show the statistics ...

Page 898: ...far 0 No of email sent so far 0 Time since last email Sent 00 days 00 hours 00 mins 00 secs clear logging email statistics Use the clear logging email statistics command to clear the e mail alerting statistics Syntax clear logging email statistics Default Configuration This command has no default configuration Command Mode Privileged Exec User Guidelines This command has no user guidelines Example...

Page 899: ... server Syntax security tlsv1 none Default Configuration The default value is disabled Command Mode Mail Server Configuration User Guidelines This command has no user guidelines Example console config mail server 10 131 1 11 console mail server security tlsv1 Command History Example added in the 6 4 release mail server ip address hostname Use the mail server ip address hostname command in Global C...

Page 900: ... be in the IPv4 IPv6 or DNS FQDN name format port Mail Server Configuration Mode Use the port command in Mail Server Configuration mode to configure the TCP port to use for communication with the SMTP server The default for no security is 25 SMTP The port for TLSv1 is port 465 The range is 1025 to 65535 Use the no form of the command to revert the SMTP port to the default port Syntax port port no ...

Page 901: ... 11 console mail server port 1024 Command History Example added in the 6 4 release Description updated in the 6 4 release username Mail Server Configuration Mode Use the username command in Mail Server Configuration mode to configure the username required by the authentication Use the no form of the command to revert the username to the default value Syntax username username no username Default Co...

Page 902: ...onfiguration mode to configure the password required to authenticate to the e mail server Use the no form of the command to revert the password to the default value Syntax password password no password Default Configuration The default value for password is admin Command Mode Mail Server Configuration User Guidelines This command has no user guidelines Example console config mail server 10 131 1 1...

Page 903: ...has no user guidelines Example console show mail server all Mail Servers Configuration No of mail servers configured 1 Email Alert Mail Server Address 10 131 1 11 Email Alert Mail Server Port 465 Email Alert SecurityProtocol tlsv1 Email Alert Username admin Email Alert Password password console show mail server all Mail Servers Configuration No of mail servers configured 1 Email Alert Mail Server ...

Page 904: ...04 Email Alert Mail Server Address 10 131 1 11 Email Alert Mail Server Port 465 Email Alert SecurityProtocol tlsv1 Email Alert Username admin Email Alert Password password Command History Example added in the 6 4 release ...

Page 905: ...ions using UDP as a transport protocol It is extremely flexible supporting a variety of methods to authenticate and statistically track users It is very extensible allowing for new methods of authentication to be added without disrupting existing network functionality Dell EMC Networking supports a RADIUS client in conformance with RFC 2865 and accounting functions in conformance with RFC2866 The ...

Page 906: ...ns the host MAC address The following messages from RFC 3575 are supported 40 Disconnect Request 41 Disconnect ACK 42 Disconnect NAK A CoA Disconnect Request terminates the session without disabling the switch port Instead CoA Disconnect Request termination causes re initialization of the authenticator state machine for the specified host MAC port control can be enabled for 802 1x sessions In this...

Page 907: ...age is sent only for the first three requests for a client After that all the packets from that client are dropped When there is a key mismatch the response authenticator sent with the CoA NAK message is calculated from a dummy key value The Dell EMC Networking switch starts listening to the client again based on re authentication timer Refer to the RADIUS Change of Authorization section in the Us...

Page 908: ...t Configuration The default value of the port number is 1813 Command Mode RADIUS Server Accounting mode User Guidelines There are no user guidelines for this command Example The following example sets port number 56 for accounting requests console config radius server host acct 3 2 3 2 console Config acct radius acct port 56 auth port radius server attribute 31 source ip deadtime radius server dea...

Page 909: ...ndatory parameter is enabled the Service Type attribute is required and validated in the Access Accept packet received from the RADIUS server Dell EMC Networking N Series switches accept the Login User 1 and Administrative User 6 values in the Access Accept message returned from the RADIUS server If the mandatory parameter is not configured the Service Type TLV received in an Access Accept packet ...

Page 910: ... The switch sends the IP address of the host attempting to authenticate in the Framed IP Address attribute in the Access Request sent to the authentication server Syntax attribute 8 include in access req no attribute 8 include in access req Default Configuration By default the Service Type is not included in the Access Request message sent to the authentication server Command Mode RADIUS Server Co...

Page 911: ...n User Guidelines The switch sends the value supplied by the RADIUS server in the Class attribute The Class attribute may be up to 16 octets in length Command History Introduced in version 6 3 0 1 firmware Example console conf console config radius server host 4 3 2 1 console config auth radius attribute 25 include in access req attribute 31 Use the attribute 31 command to alter the format of the ...

Page 912: ...ter set 0 9a f upper case Format hexadecimal characters using the character set 0 9A F Default Configuration There is no default configuration Command Mode RADIUS Server Configuration User Guidelines Use this command to override the formats of MAC addresses sent in authentication requests for ports configured for MAC based 802 1x authentication for a specific interface This command is only valid f...

Page 913: ...he command to return the number of maximum attempts to the default value Syntax authentication event fail retry max attempts no authentication event fail retry max attempts The number of times RADIUS authentication is allowed to fail before failing the authentication and moving to the next authentication method Default 1 Range 1 5 Default Configuration By default the number of failed authenticatio...

Page 914: ...lected method and if authentication returns an error as opposed to a failure the next authentication method is attempted regardless of this setting For example if one or multiple RADIUS servers are configured and no RADIUS server responds to the authentication message RADIUS returns an error and the next authentication method is attempted even when the retry parameter is configured to a value larg...

Page 915: ...entication requests console config radius server host 192 143 120 123 console config auth radius auth port 2412 deadtime Use the deadtime command in RADIUS Server Configuration mode to configure the minimum amount of time to wait before attempting to recontact an unresponsive RADIUS server If a RADIUS server is currently active and responsive that server will be used until it no longer responds RA...

Page 916: ... key Use the key command to specify the encryption key which is shared with the RADIUS server Use the no form of this command to remove the key Syntax key 0 7 key string no key 0 The key string that follows is the unencrypted shared secret The length is 1 128 characters 7 The key string that follows is the encrypted shared secret The length is exactly 256 characters key string The key string in en...

Page 917: ...ed passwords may be copied from one switch and pasted into another switch Command History Updated in version 6 3 0 1 firmware Example The following two examples globally configure the RADIUS server key for all configured servers The two examples are identical in effect console config radius server host 1 2 3 4 console config auth radius key This is a key string console config auth radius key 0 Thi...

Page 918: ...e name to the default Default RADIUS Server The no form of the command does not require the user to enter the configured name Syntax name servername no name servername The name for the RADIUS server Range 1 32 characters Default Configuration The default RADIUS server name is Default RADIUS Server Command Mode RADIUS Server Configuration mode User Guidelines Names may only be set for authenticatio...

Page 919: ...amed server list the server name would be based on lexicographic order For example if name9 name1 name6 are configured in this order name1 then name6 then name9 would be tried Example console config radius server host 44 44 44 44 console config auth radius name NAME console config auth radius no name primary Use the primary command to specify that a configured server should be the primary server i...

Page 920: ...e used with 0 being the highest priority Syntax priority priority priority Sets server priority level Range 0 65535 Default Configuration The default priority is 0 Command Mode RADIUS Server Configuration mode User Guidelines User must enter the mode corresponding to a specific RADIUS server before executing this command Example The following example specifies a priority of 10 for the designated s...

Page 921: ...ch the Access Request is sent Command Mode Global Configuration mode User Guidelines This command does not alter the address in the IP header in Access Requests transmitted to the RADIUS server It only configures the NAS IP Address attribute sent to the RADIUS server inside the RADIUS Access Request packet This capability is useful when configuring multiple RADIUS clients switches to simulate a si...

Page 922: ...onfigures the switch to send the RADIUS Service Type attribute in the Access Request message sent to all RADIUS authentication servers The switch sends the Service Type value Administrative 6 for administrators attempting to access the switch console and sends Service Type value Login 1 for users attempting to access the network mandatory This parameter enables processing and validation of the Ser...

Page 923: ...cation messages sent to the authentication server Syntax radius server attribute 8 include in access req no rradius server attribute 8 include in access req Default Configuration By default the switch does not send the Framed IP Address attribute to the authentication server Command Mode Global Configuration User Guidelines The switch sends the IP address of the host attempting to access the netwo...

Page 924: ...e to the accounting server Command Mode Global Configuration User Guidelines The switch sends the value supplied by the RADIUS server in the Class attribute The Class attribute may be up to 16 octets in length Command History Introduced in version 6 3 0 1 firmware Example console conf console config radius server attribute 25 include in access req radius server attribute 31 Use the radius server a...

Page 925: ... characters using the character set 0 9A F Default Configuration By default the switch sends the Calling Station Id MAC address in lower case legacy format and the User Name Attribute 1 is sent in legacy upper case format Command Mode Global Configuration User Guidelines Use this command to override the format of MAC addresses sent in the Calling Station Id attribute 31 and the User Name attribute...

Page 926: ...dot1x port control mac based console config if Gi1 0 1 dot1x mac auth bypass radius server deadtime Use the radius server deadtime command to configure the minimum amount of time to wait before attempting to recontact an unresponsive RADIUS server To set the deadtime to 0 use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime deadtime Length of time in min...

Page 927: ...10 radius server host Use the radius server host command to specify a RADIUS server host and enter RADIUS Server Configuration mode To delete the specified RADIUS host use the no form of this command Syntax radius server host acct auth ip address hostname no radius server host acct auth ip address hostname acct auth The type of server accounting or authentication ip address The RADIUS server host ...

Page 928: ...ADIUS communications between the switch and the RADIUS server Use the no form of the command to disable the key Syntax radius server key 0 7 key string no radius server key 0 The key string that follows is the unencrypted shared secret The length is 1 128 characters 7 The key string that follows is the encrypted shared secret The length is exactly 256 characters key string The key string in encryp...

Page 929: ... 0 1 firmware Example The following two examples globally configure the RADIUS server key for all configured servers The two examples are identical in effect console config radius server key This is a key string console config radius server key 0 This is a key string radius server retransmit Use the radius server retransmit command to specify the number of times the RADIUS client will retransmit r...

Page 930: ...erpreted as a request to use the IPv4 address of the outgoing IP interface Syntax radius server source ip source no radius server source ip source Specifies the source IPv4 address Default Configuration The default IPv4 address is the outgoing interface IPv4 address Command Mode Global Configuration mode User Guidelines The command configures the source IP address present in the IPv4 header It is ...

Page 931: ...face identifier vlan id A VLAN identifier Default Configuration By default the switch uses the assigned switch IP address as the source IP address for RADIUS packets This is either the IP address assigned to the VLAN from which the RADIUS packet originates or the out of band interface IP address Command Mode Global Configuration User Guidelines The source IP address of RADIUS packets sent to a ser...

Page 932: ...mmand Syntax radius server timeout timeout no radius server timeout timeout Specifies the timeout value in seconds Range 1 30 Default Configuration The default value is 15 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the interval for which a switch waits for a server to reply to 5 seconds console config radius...

Page 933: ...dius server host 192 143 120 123 console config auth radius retransmit 5 show aaa servers Use the show aaa servers command to display the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS servers Syntax show aaa servers accounting authentication name servername accounting This optional parameter will cause accounting servers to be displayed authent...

Page 934: ... Servers The number of RADIUS Accounting servers that have been configured Named Authentication Server Groups The number of configured named RADIUS server groups Named Accounting Server Groups The number of configured named RADIUS server groups Timeout The configured timeout value in seconds for request retransmissions Retransmit The configured value of the maximum number of times a request packet...

Page 935: ...er of Configured Authentication Servers 5 Number of Configured Accounting Servers 1 Number of Named Authentication Server Groups 2 Number of Named Accounting Server Groups 1 Number of Retransmits 3 Timeout Duration 15 Deadtime 0 Source IP Default RADIUS Accounting Mode Disable RADIUS Attribute 4 Mode Disable RADIUS Attribute 4 Value 0 0 0 0 console show aaa servers name Server Name Host Address Po...

Page 936: ...8 Number of CoA Session Context Not Found Requests 5 Number of CoA Invalid Attribute Value Requests 11 Number of Administratively Prohibited Requests 3 show radius statistics Use the show radius statistics command to show the statistics for an authentication or accounting server Syntax show radius statistics accounting authentication ipaddress hostname name servername accounting authentication The...

Page 937: ...uest packets sent to this server not including the retransmissions Retransmissions The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server Responses The number of RADIUS packets received on the accounting port from this server Malformed Responses The number of malformed RADIUS Accounting Response packets received from this server Malformed packets include pac...

Page 938: ... RADIUS Access Accept packets including both valid and invalid packets that were received from this server Access Rejects The number of RADIUS Access Reject packets including both valid and invalid packets that were received from this server Access Challenges The number of RADIUS Access Challenge packets including both valid and invalid packets that were received from this server Malformed Access ...

Page 939: ...Server Name Default_RADIUS_Server Server Host Address 192 168 37 200 Access Requests 0 00 Access Retransmissions 0 Access Accepts 0 Access Rejects 0 Access Challenges 0 Malformed Access Responses 0 Bad Authenticators 0 Pending Requests 0 Timeouts 0 Unknown Types 0 Packets Dropped 0 Timeouts The number of authentication timeouts to this server Unknown Types The number of packets unknown type which ...

Page 940: ... IP interface Command Mode RADIUS Server Configuration mode User Guidelines The administrator must enter the mode corresponding to a specific RADIUS server before executing this command Example The following example specifies 10 240 1 23 as the source IP address console config radius server host 192 143 120 123 console config auth radius source ip 10 240 1 23 timeout Use the timeout command in RAD...

Page 941: ...r the designated RADIUS Server console config radius server host 192 143 120 123 console config radius timeout 20 usage Use the usage command in RADIUS mode to specify the usage type of the server Syntax usage type type Variable can be one of the following values login dot1x or all Default Configuration The default variable setting is all Command Mode RADIUS mode User Guidelines User must enter th...

Page 942: ...Security Commands 942 Example The following example specifies usage type login console config radius server host 192 143 120 123 console config auth radius usage login ...

Page 943: ... user login type CLI HTTP HTTPS the NAS will prompt for the user login credentials and request services from the TACACS client the client will then use the configured list of servers for authentication and provide results back to the NAS The TACACS server list is configured with one or more hosts defined via their network IP address each can be assigned a priority to determine the order in which t...

Page 944: ...may be up to 128 characters in length in unencrypted format and 256 characters in length in encrypted format Default Configuration If left unspecified the key string parameter defaults to the global value Command Mode TACACS Configuration mode User Guidelines The key command accepts any printable characters for the key except a question mark Enclose the string in double quotes to include spaces wi...

Page 945: ... 6 3 0 1 firmware Example The following example sets the authentication encryption key console config tacacs key This is a key string console config tacacs key 0 This is a key string port Use the port command in TACACS Configuration mode to specify a port number on which a TACACS server listens for connections Syntax port port number port number The server port number If left unspecified the defau...

Page 946: ...rity priority Specifies the priority for servers 0 zero is the highest priority Range 0 65535 Default Configuration If left unspecified this parameter defaults to 0 zero Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example The following example shows how to specify a server priority of 10000 console config tacacs priority 10000 show tacacs Use the show...

Page 947: ...cs Global Timeout 5 Server Address Port Timeout Priority Source Interface 10 254 24 162 49 Global 0 Loopback 0 tacacs server host Use the tacacs server host command in Global Configuration mode to configure a TACACS server This command enters into the TACACS configuration mode To delete the specified hostname or IP address use the no form of this command Syntax tacacs server host ip address hostna...

Page 948: ...r key command in Global Configuration mode to set the authentication and encryption key for all TACACS communications between the switch and the TACACS daemon To disable the key use the no form of this command Syntax tacacs server key 0 7 key string no tacacs server key 0 The key string that follows is the unencrypted shared secret The length is 1 128 characters 7 The key string that follows is th...

Page 949: ...e always displayed in their encrypted form in the running configuration In an Access Request encrypted passwords are sent using the RSA Message Digest algorithm MD5 The encryption algorithm is the same across switches Encrypted passwords may be copied from one switch and pasted into another switch Command History Updated in version 6 3 0 1 firmware Example The following example sets the authentica...

Page 950: ...obal Configuration User Guidelines The source interface must have an assigned IP address either manually or via another method such as DHCP Loopback interfaces are not suppported on the Dell EMC N1100 ON Series switches Command History Introduced in version 6 3 0 1 firmware Example console conf console config interface vlan 1 console config if vlan1 ip address dhcp console config if vlan1 exit con...

Page 951: ...er guidelines Example The following example sets the timeout value as 30 console config tacacs server timeout 30 timeout Use the timeout command in TACACS Configuration mode to specify the timeout value in seconds If no timeout value is specified the global value is used Syntax timeout timeout timeout The timeout value in seconds Range 1 30 Default Configuration If left unspecified the timeout def...

Page 952: ...Security Commands 952 User Guidelines This command has no user guidelines Example This example shows how to specify the timeout value console config tacacs timeout 23 ...

Page 953: ...tication using remote RADIUS or TACACS servers Refer to AAA Commands on page 838 for information on configuring connectivity to a RADIUS or TACACS authentication server or to configure the local authentication service Dell EMC Networking switches also support 802 1X accounting to RADIUS or TACACS servers Refer to the AAA Commands section to configure 802 1X accounting MD5 or none is the supported ...

Page 954: ... can be configured globally on a switch If the switch fails to authenticate the user for any reason say RADIUS access reject from RADIUS server RADIUS time out or the client itself is 802 1x unaware the client is authenticated and is undisturbed by the failure condition s The reasons for failure are logged and buffered into the local logging database such that the operator can track the failure co...

Page 955: ...o dot1x dynamic vlan enable Default Configuration The default value is Disabled Command Mode Global Configuration User Guidelines This command has no user guidelines dot1x max users dot1x timeout tx period show dot1x interface statistics dot1x port control auth type show dot1x users dot1x re authenticate client clear dot1x authentication history dot1x reauthentication ignore dot1x guest vlan dot1x...

Page 956: ...rames must be disabled no dot1x system auth control for this capability to be enabled This capability is useful in situations where the authenticator device is placed one or more hops away from the authenticating host The intervening switch will flood all received IEEE 802 1x frames in the VLAN Flooding of IEEE 802 1x frames makes end stations vulnerable to a denial of service attack should anothe...

Page 957: ...n interface Use the no form of this command to disable MAB on an interface Syntax dot1x mac auth bypass no dot1x mac auth bypass Default Configuration MAC Authentication Bypass is disabled by default Command Mode Interface Configuration Ethernet mode User Guidelines Authentication of a user via mac auth bypass will not occur until the dot1x time out guest vlan period timer expires When using MAB c...

Page 958: ...ting use the no form of this command Syntax dot1x max req count no dot1x max req count Number of times that the switch sends an EAP request identity frame before restarting the authentication process Range 1 10 Default Configuration The default value for the count parameter is 2 Command Mode Interface Configuration Ethernet mode User Guidelines Change the default value of this command only to adju...

Page 959: ...authentication Range 1 64 Default Configuration The default number of clients supported on a port with MAC based 802 1x authentication is 64 The N1100 ON Series switches the range is 1 32 Command Mode Interface Configuration Ethernet mode User Guidelines The N1100 ON Series switches support up to 32 users per interface Example The following command limits the number of devices that can authenticat...

Page 960: ...d in this mode force unauthorized Denies all access through this interface by forcing the port to transition to the unauthorized state ignoring all attempts by the client to authenticate The switch cannot provide authentication services to the client through the interface VLAN assignment is not supported in this mode mac based Enables 802 1x authentication on the interface and allows multiple host...

Page 961: ...orts or the specified 802 1x enabled port Syntax dot1x re authenticate gigabitethernet unit slot port tengigabitethernet unit slot port fortygigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines Interfaces that are not running the 802 1x protocol e g MAB configured ports are not re authenticated Only ports t...

Page 962: ...n is disabled Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example enables periodic reauthentication of the client console config interface gigabitethernet 1 0 16 console config if Gi1 0 16 dot1x reauthentication dot1x system auth control Use the dot1x system auth control command in Global Configuration mode to enable ...

Page 963: ...ccur If 802 1x is used in combination with the authentication manager be sure to enable the authentication manager with the authentication enable command Example The following example enables 802 1x globally console config dot1x system auth control dot1x system auth control monitor Use the dot1x system auth control monitor command in Global Configuration mode to enable 802 1x monitor mode globally...

Page 964: ... the quiet state following a failed authentication exchange for example the client provided an invalid password To return to the default setting use the no form of this command Syntax dot1x timeout quiet period seconds no dot1x timeout quiet period seconds Time in seconds that the switch remains in the quiet state following a failed authentication exchange with the client Range 0 65535 seconds Def...

Page 965: ...x timeout re authperiod Use the dot1x timeout re authperiod command in Interface Configuration mode to set the number of seconds between reauthentication attempts To return to the default setting use the no form of this command Syntax dot1x timeout re authperiod seconds no dot1x timeout re authperiod seconds Number of seconds between re authentication attempts Range 300 4294967295 Default Configur...

Page 966: ...etting use the no form of this command Syntax dot1x timeout server timeout seconds no dot1x timeout server timeout seconds Time in seconds that the switch waits for a response from the authentication server Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The actual timeout is this parameter or the produc...

Page 967: ...request frame from the client before resending the request Range 1 65535 Default Configuration The default supplicant timeout is 30 seconds Command Mode Interface Configuration mode User Guidelines Change the value of the supplicant timeout only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers The default t...

Page 968: ... wait for a response to an EAP Request Identity frame from the client before resending the request Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines Change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain client...

Page 969: ... to succeed session key Indicates that the session key must match for authentication to succeed Default Configuration The default is to authenticate with all parameters Command Modes Dynamic Radius Configuration User Guidelines This command specifies the attributes to validate before acting on a CoA or disconnect request If session key is specified and the session ID is valid authentication succee...

Page 970: ...ed key is to be entered key string The key string in encrypted or unencrypted form In encrypted form it must be 256 characters in length In unencrypted form it may be up to 128 characters in length Enclose in key string in quotes to use special characters or embedded blanks Default Configuration By default no dynamic CoA clients are configured Command Modes Dynamic Radius Configuration User Guidel...

Page 971: ...h control console config interface range gi1 0 1 24 console config if dot1x port control mac based console config if exit console config radius server host 1 1 1 1 console config auth radius primary console config auth radius exit console config radius server host 2 2 2 2 console config auth radius exit console config radius server host 3 3 3 3 console config auth radius key That s your secret con...

Page 972: ... to authenticate using the parameters as specified by the configured auth type Command Modes Dynamic Radius Configuration User Guidelines This command specifies the attributes to validate before acting on a CoA or disconnect request If session key is specified and the session ID is valid authentication succeeds even if the session key does not match The ignore command refines the all parameter to ...

Page 973: ...nd it is used to all RADIUS clients Do not use a port number reserved for use by the switch UDP TCP and RAW Ports reserved by the switch and unavailable for use or configuration are Ports 1 17 58 255 546 547 2222 4567 6343 49160 Command History Introduced in version 6 2 0 1 firmware Example console config radius da port 1700 server key Use this command to configure a global shared secret that is u...

Page 974: ...ent command to configure a unique server key for each client Command History Introduced in version 6 2 0 1 firmware Example The following example configures RADIUS servers at 1 1 1 1 2 2 2 2 and 3 3 3 3 It sets the front panel ports to use 802 1x MAC based authentication CoA is configured for two RADIUS servers located at 1 1 1 1 and 2 2 2 2 using a global shared secret and a third server 3 3 3 3 ...

Page 975: ...le config radius da client 2 2 2 2 console config radius da server key 0 Keep it Keep it console config radius da port 3799 console config radius da auth type any console config radius da exit console config dot1x system auth control console config dot1x initialize show dot1x Use the show dot1x command to display A summary of the global dot1x configuration Summary information of the dot1x configur...

Page 976: ...ode Oper Mode Reauth Reauth Control Period Gi1 0 1 auto N A FALSE 3600 Gi1 0 2 auto N A FALSE 3600 Gi1 0 3 auto N A FALSE 3600 Field Description Administrative Mode Indicates whether authentication control on the switch is enabled or disabled VLAN Assignment Mode Indicates whether assignment of an authorized port to a RADIUS assigned VLAN is allowed enabled or not disabled Monitor Mode Indicates w...

Page 977: ... See Interface Naming Conventions for interface representation all All interfaces Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following table explains the output parameters Parameter Description Time Stamp Exact time at which the event occurs Interface Physical Port on...

Page 978: ... 00 01 02 03 04 05 111 Authorized Mar 22 2010 01 20 33 Gi1 0 7 00 00 0D 00 00 00 222 Authorized console show dot1x authentication history gi1 0 1 Time Stamp Interface MAC Address VLANID Auth Status Mar 22 2010 01 16 31 Gi1 0 1 00 01 02 03 04 05 111 Authorized Mar 22 2010 01 18 22 Gi1 0 1 00 00 00 03 04 05 0 Unauthorized console show dot1x authentication history gi1 0 1 failed auth only Time Stamp ...

Page 979: ...terface representation Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following fields are displayed by this command The following table describes the significant fields shown in the display Field Description Clients Authenticated using Monitor Mode Indicates the number o...

Page 980: ...esenting the identity of the Supplicant This field shows the username when the port control is auto or mac based If the port is Authorized it shows the username of the current user If the port is unauthorized it shows the last user that was authenticated successfully Supp MAC Address The MAC address of the supplicant Session Time The amount of time in seconds since the client was authenticated on ...

Page 981: ...console show dot1x interface gigabitethernet 1 0 10 Administrative Mode Disabled Dynamic VLAN Creation Mode Disabled Monitor Mode Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period Gi1 0 10 auto N A FALSE 3600 Quiet Period 60 Transmit Period 30 Maximum Requests 2 Max Users 16 VLAN Assigned Supplicant Timeout 30 Guest vlan Timeout 30 Server Timeout secs 30 MAB mode configured Disabled ...

Page 982: ...cription Port The interface for which counters are displayed EAPOL Frames Received The number of valid EAPOL frames of any type that have been received by this Authenticator EAPOL Frames Transmitted The number of EAPOL frames of any type that have been transmitted by this Authenticator EAPOL Start Frames Received The number of EAPOL Start frames that have been received by this Authenticator EAPOL ...

Page 983: ...splay 802 1x authenticated users for the switch EAP Request ID Frames Transmitted The number of EAP Req Id frames that have been transmitted by this Authenticator EAP Request Frames Transmitted The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator Invalid EAPOL Frames Received The number of EAPOL frames that have been received by this Authenticat...

Page 984: ...xample displays 802 1x users console show dot1x users Port Username Gi1 0 1 Bob Gi1 0 2 John Switch show dot1x users username Bob Port Username Gi1 0 1 Bob The following table describes the significant fields shown in the display clear dot1x authentication history Use the clear dot1x authentication history command to clear the authentication history table captured during successful and unsuccessfu...

Page 985: ...ars all entries from the authentication log console clear dot1x authentication history This example purges all entries for the specified interface from the authention log console clear dot1x authentication history gi1 0 1 802 1x Advanced Features dot1x guest vlan Use the dot1x guest vlan command in Interface Configuration mode to set the guest VLAN on a port The VLAN must be defined prior to use T...

Page 986: ...xample sets the guest VLAN on port 1 0 2 to VLAN 10 console config if Gi1 0 2 dot1x guest vlan 10 dot1x timeout guest vlan period Use the dot1x timeout guest vlan period command in Interface Configuration mode to set the number of seconds that the switch waits before authorizing the client if the client is an 802 1X unaware client Use the no form of the command to return the timeout to the default...

Page 987: ...frames Example The following example sets the 802 1X timeout guest vlan period to 100 seconds console config dot1x timeout guest vlan period 100 dot1x unauth vlan Use the dot1x unauth vlan command in Interface Configuration mode to specify the unauthenticated VLAN on a port The unauthenticated VLAN is the VLAN to which supplicants that fail 802 1x authentication are assigned Syntax dot1x unauth vl...

Page 988: ... updated in release 2 1 to remove the Multiple Hosts column and add an Unauthenticated VLAN column which indicates whether an unauthenticated VLAN is configured on a port The command has also been updated to show the Guest VLAN ID instead of the status since it is now configurable per port Syntax show dot1x advanced gigabitethernet unit slot port tengigabitethernet unit slot port fortygigabitether...

Page 989: ...thenticated VLAN Vlan Gi1 0 1 Disabled Disabled Gi1 0 2 10 20 Gi1 0 3 Disabled Disabled Gi1 0 4 Disabled Disabled Gi1 0 5 Disabled Disabled Gi1 0 6 Disabled Disabled console show dot1x advanced gigabitethernet 1 0 2 Port Guest Unauthenticated VLAN Vlan Gi1 0 2 10 20 ...

Page 990: ...dition Captive Portal can be configured to use an optional HTTP port in support of HTTP Proxy networks or an optional HTTPS port If configured this additional port or ports are then used exclusively by Captive Portal NOTE This optional HTTP port is in addition to the standard HTTP port 80 which is currently being used for all other web traffic and the optional HTTPS port is in addition to the stan...

Page 991: ...ient status show captive portal client status show captive portal interface configuration status show captive portal configuration client status clear captive portal users user logout no user user name show captive portal user user password user group user session timeout show captive portal configuration show captive portal configuration locales show captive portal configuration interface show ca...

Page 992: ... reset the authentication timeout to the default Syntax authentication timeout timeout no authentication timeout timeout The authentication timeout Range 60 600 seconds Default Configuration The default authentication timeout is 300 seconds Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config cp authentication timeout 6...

Page 993: ... console config captive portal console config cp enable Use the enable command to globally enable captive portal Use the no form of this command to globally disable captive portal Syntax enable no enable Default Configuration Captive Portal is disabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config cp e...

Page 994: ...35 Default Configuration Captive portal only monitors port 80 by default Command Mode Captive Portal Configuration mode User Guidelines The port number should not be set to a value that might conflict with other well known protocol port numbers used on this switch Example console config cp http port 32768 console config cp no http port https port Use the https port command to configure an addition...

Page 995: ...nflict with other well known protocol port numbers used on this switch Example console config cp https port 1443 console config cp no https port show captive portal Use the show captive portal command to display the status of the captive portal feature Syntax show captive portal Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Config...

Page 996: ...tatus Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show captive portal status Additional HTTP Port 81 Additional HTTP Secure Port 1443 Authentication Timeout 300 Supported Captive Portals 10 Configured C...

Page 997: ...cked by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config cp 2 block configuration Use the configuration command to enter the captive portal instance mode The captive portal configuration identified by CP ID 1 is the default CP configuration The system supports a total of ten CP configurations Use the no form of t...

Page 998: ...mand Example console config cp configuration 2 console config cp 2 enable Use the enable command to enable a captive portal configuration Use the no form of this command to disable a configuration Syntax enable no enable Default Configuration Configurations are enabled by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console...

Page 999: ...x group group number no group group number The number of the group to associate with this configuration Range 1 10 Default Configuration The default group number is 1 Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config cp 2 group 2 interface Use the interface command to associate an interface with a captive portal configura...

Page 1000: ...ntended to be a user command The administrator must use the Web UI to create and customize captive portal web content This command is primarily used by the show running config command and process as it provides the ability to save and restore configurations using a text based format Syntax locale web id web id The locale number Range 1 3 Default Configuration Locale 1 is configured by default Comm...

Page 1001: ... characters Default Configuration Configuration 1 has the name Default by default All other configurations have no name by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config cp 2 name cp2 protocol Use the protocol command to configure the protocol mode for a captive portal configuration Syntax protocol http https D...

Page 1002: ...ive portal configuration Use the no form of this command to disable redirect mode Syntax redirect no redirect Default Configuration Redirect mode is disabled by default Command Mode Captive Portal Instance mode User Guidelines Enabling redirect mode will configure the redirect url with an empty URL Example console config cp 2 redirect redirect url Use the redirect url command to configure the redi...

Page 1003: ...his command Example console config cp 2 redirect url www dell com session timeout Use the session timeout command to configure the session timeout for a captive portal configuration Use the no form of this command to reset the session timeout to the default Syntax session timeout timeout no session timeout timeout Session timeout 0 indicates timeout not enforced Range 0 86400 seconds Default Confi...

Page 1004: ...guration Syntax verification guest local radius guest Allows access for unauthenticated users users that do not have assigned user names and passwords local Authenticates users against a local user database radius Authenticates users against a remote RADIUS database Default Configuration The default verification mode is guest Command Mode Captive Portal Instance mode User Guidelines There are no u...

Page 1005: ...lt configuration for this command Command Mode Privileged Exec mode User Guidelines There are no user guidelines for this command Example console captive portal client deauthenticate 0002 BC00 1290 show captive portal client status Use the show captive portal client status command to display client connection details or a connection summary for connected captive portal users Syntax show captive po...

Page 1006: ...w captive portal client 0002 BC00 1290 status Client MAC Address 0002 BC00 1290 Client IP Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface Gi1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User Name user123 Session Time 0d 00 00 13 show captive portal configuration client status Use the show captive portal configuration client status com...

Page 1007: ...ive portal configuration 1 client status CP ID 1 CP Name cp1 Client Client MAC Address IP Address Interface Interface Description 0002 BC00 1290 10 254 96 47 Gi1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 Gi1 0 2 Unit 1 Slot 0 Port 2 Gigabit show captive portal interface client status Use the show captive portal interface client status command to display information about clients...

Page 1008: ...bit 0002 BC00 1293 10 254 96 50 console show captive portal interface gi1 0 1 client status Interface Gi1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Client Client MAC Address IP Address CP ID CP Name Protocol Verification 0002 BC00 1290 10 254 96 47 1 cp1 http local 0002 BC00 1291 10 254 96 48 2 cp2 http local Captive Portal Interface Commands show captive portal interface configuratio...

Page 1009: ...ID CP Name Interface Interface Description Type 1 Default Gi1 0 1 Unit 1 Slot 0 Port 1 Gigabit Physical console show captive portal interface configuration 1 status CP ID 1 CP Name cp1 Interface Interface Description Type Gi1 0 1 Unit 1 Slot 0 Port 1 Gigabit Physical Captive Portal Local User Commands clear captive portal users Use the clear captive portal users command to delete all captive porta...

Page 1010: ...xisting session it is disconnected Syntax no user user id user id User ID Range 1 128 Default Configuration There is no default configuration for this command Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config cp no user 1 show captive portal user Use the show captive portal user command to display all configured user...

Page 1011: ...nsole show captive portal user Session User ID User Name Timeout Group ID Group Name 1 user123 14400 1 Default 2 user234 0 1 Default 2 group2 console show captive portal user 1 User ID 1 User Name user123 Password Configured Yes Session Timeout 0 Group ID Group Name 1 Default 2 group2 user group Use the user group command to associate a group with a captive portal user Use the no form of this comm...

Page 1012: ...o user guidelines for this command Example console config cp user 1 group 3 user logout Use the user logout command in Captive Portal Instance mode to enable captive portal users to log out of the portal versus having the session time out Use the no form of the command to return the user logout configuration to the default Syntax user logout no user logout Default Configuration User logout is disa...

Page 1013: ...ation 1 console config cp 1 user logout console config cp 1 no user logout user name Use the user name command to modify the user name for a local captive portal user Syntax user user id name name user id User ID Range 1 128 name user name Range 1 32 characters Default Configuration There is no name for a user by default Command Mode Captive Portal Configuration mode User Guidelines There are no u...

Page 1014: ...ere are no users configured by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config cp user 1 password Enter password 8 to 64 characters Re enter password user session timeout Use the user session timeout command to set the session timeout value for a captive portal user Use the no form of this command to reset ...

Page 1015: ...onfig cp user 1 session timeout 86400 console config cp no user 1 session timeout Captive Portal Status Commands show captive portal configuration Use the show captive portal configuration command to display the operational status of each captive portal configuration Syntax show captive portal configuration cp id cp id Captive Portal ID Default Configuration There is no default configuration for t...

Page 1016: ...ion about all interfaces assigned to a captive portal configuration or about a specific interface assigned to a captive portal configuration Syntax show captive portal configuration cp id interface gigabitethernet unit slot port tengigabitethernet unit slot port fortygigabitethernet unit slot port cp id Captive Portal ID Default Configuration There is no default configuration for this command Comm...

Page 1017: ...locked Authenticated Users 0 show captive portal configuration locales Use the show captive portal configuration locales command to display locales associated with a specific captive portal configuration Syntax show captive portal configuration cp id locales cp id Captive Portal Configuration ID Default Configuration There is no default configuration for this command Command Mode Privileged Exec m...

Page 1018: ...ation for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show captive portal configuration status CP ID CP Name Mode Protocol Verification 1 cp1 Enable https Guest 2 cp2 Enable http Local 3 cp3 Disable https Guest console show captive portal configuration 1 status ...

Page 1019: ...Range 1 10 Default Configuration User group 1 is created by default and cannot be deleted Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config cp user group 2 console config cp no user group 2 user group moveusers Use the user group moveusers command to move a group s users to a different group Syntax user group group i...

Page 1020: ...group 2 console config cp user group 2 moveusers 3 user group name Use the user group name command to configure a group name Syntax user group group id name name group id Group ID Range 1 10 name Group name Range 1 32 alphanumeric characters Default Configuration User groups have no names by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for thi...

Page 1021: ...ts SIP DIP Source IP address Destination IP address First Fragment TCP Header size smaller then configured value TCP Fragment IP Fragment Offset 1 TCP Flag TCP Flag SYN set and Source Port 1024 or TCP Control Flags 0 and TCP Sequence Number 0 or TCP Flags FIN URG and PSH set and TCP Sequence Number 0 or TCP Flags SYN and FIN set L4 Port Source TCP UDP Port Destination TCP UDP Port ICMP Limiting th...

Page 1022: ...IN set TCP FIN URG PSH TCP Flags FIN and URG and PSH set and TCP Sequence Number 0 ICMP V6 Limiting the size of ICMPv6 Ping packets ICMP Fragment Checks for fragmented ICMP packets Commands in this Section This section explains the following commands dos control firstfrag rate limit cpu dos control icmp show dos control dos control l4port show system internal pktmgr dos control sipdip storm contro...

Page 1023: ... is 20 ICMP packet size is 512 Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a minimum TCP header size of 20 Packets entering with a smaller header size are dropped console config dos control firstfrag 20 dos control icmp Use the dos control icmp command in Global ...

Page 1024: ...um ICMP Packet Denial of Service protection with a maximum packet size of 1023 console config dos control icmp 1023 dos control l4port Use the dos control l4port command in Global Configuration mode to enable L4 Port Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress having Source TCP UDP Port Number equal to Destin...

Page 1025: ...dress Destination IP Address SIP DIP Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets is dropped if the mode is enabled Syntax dos control sipdip no dos control sipdip Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command ha...

Page 1026: ...and FIN both set the packets are dropped Syntax dos control tcpflag no dos control tcpflag Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example activates TCP Flag Denial of Service protections console config dos control tcpflag dos control tcpfrag Use the dos control tcpfrag comm...

Page 1027: ... CoS queues 0 and 1 This command also configures the rate in packets per second for the number of IPv4 and IPv6 data packets trapped to CPU when the packet fails to be forwarded in the hardware due to unresolved MAC address of the destination IPv6 node Packets exceeding the rate limit are silently discarded Use the no form of the command to return the rate limit to the default value Syntax rate li...

Page 1028: ...igh levels at no benefit For Ipv6 it also results in delayed processing of the NUD packets NS NA for the existing neighbor entries leading to NUD anomalies and deletions of existing neighbor entries To avoid such an unnecessary CPU load leading to NUD anomalies when the ARP or IPV6 neighbor table is close to full crossing 95 of table size or other failures the switch automatically reduces the rate...

Page 1029: ... 02 0 02 1243 ipMapForwardingTask 27 30 24 19 29 06 1257 tRtrDiscProcessingT 0 09 0 01 0 00 1291 RMONTask 0 00 0 02 0 03 1293 boxs Req 0 00 0 01 0 01 Total CPU Utilization 55 91 45 40 48 02 show dos control Use the show dos control command to display Denial of Service configuration information Syntax show dos control Default Configuration This command has no default configuration Command Mode Priv...

Page 1030: ...em internal pktmgr Use the show system internal pktmgr command to display the configured CPU rate limit for unknown packets in packets per second Syntax show system internal pktmgr internal control sw rate limit Default Configuration This command has no default configuration Command Modes Privileged Exec mode User Guidelines See the rate limit cpu command for further information on the output of t...

Page 1031: ... message and issue a trap if the threshold is exceeded Default Configuration By default broadcast storm control is disabled on all physical interfaces The default threshold for broadcast traffic is 5 of link bandwidth The default behavior is to rate limit drop traffic exceeding the configured threshold There is no default action Command Mode Interface Configuration Ethernet mode Interface Range mo...

Page 1032: ...oadcast traffic exceeds 10 of link bandwidth console config interface range gi1 0 1 24 console config if storm control broadcast level 10 console config if storm control broadcast action trap console config if exit storm control multicast Use the storm control multicast command in Interface Configuration mode to enable multicast storm storm control for an interface Use the no form of the command t...

Page 1033: ...trol can only be enabled on physical interfaces It cannot be configured on port channels Setting the level rate or action does not enable multicast storm control Issue the storm control multicast command separately to enable multicast storm control Either the level or the rate threshold may be configured but not both Either the trap action or the shutdown action may be specified but not both The t...

Page 1034: ...ured rate as a percentage of link bandwidth Range 0 100 rate The configured rate in packets per second Range 0 14880000 action The configured action shutdown or trap Default Configuration By default unicast storm control is not enabled on any interfaces The default threshold for unicast traffic is 5 of link bandwidth Command Mode Interface Configuration Ethernet mode Interface Range mode User Guid...

Page 1035: ...rap to configured SNMP agents Unicast storm control can only be enabled on physical interfaces It cannot be configured on port channels Either the level or the rate threshold may be configured but not both Use the show storm control action and show storm control all commands to display the storm control settings Example The following example configures any port to rate limit DLF traffic rate to 5 ...

Page 1036: ... filtering supplied by the management ACL capability When a Management ACAL is enabled incoming TCP packets initiating a connection TCP SYN and UDP packets will be filtered based on their source IP address and destination port Additionally other attributes such as incoming port or port channel and VLAN ID can be used to determine if the traffic should be allowed access to the management interface ...

Page 1037: ...slot port service service priority priority gigabitethernet unit slot port A valid 1 Gigabit Ethernet routed port number vlan vlan id A valid VLAN number port channel port channel number A valid routed port channel number tengigabitethernet unit slot port A valid 10 Gigabit Ethernet routed port number fortygigabitethernet unit slot port A valid 40 Gigabit Ethernet routed port number ip address Sou...

Page 1038: ...ort channel parameters are valid only if an IP address is defined on the appropriate interface Ensure that each rule has a unique priority Example The following example shows how all ports are denied in the access list called mlist console config management access list mlist console config macal deny management access class Use the management access class command in Global Configuration mode to re...

Page 1039: ...l to mitigate smurf style attacks on these ports Only a single management access list can be active at a time However it can have multiple permit deny conditions Example The following example configures an access list called mlist as the management access list console config management access class mlist management access list Use the management access list command in Global Configuration mode to ...

Page 1040: ...list names can consist of any printable character including blanks Enclose the name in quotes to embed blanks in the name Question marks are disallowed Examples The following example shows how to permit access to switch management via two physical interfaces Gigabit Ethernet 1 0 1 and Gigabit Ethernet 1 0 9 console config management access list mlist console config macal permit gigabitethernet 1 0...

Page 1041: ...iority priority value permit service service priority priority value permit priority priority value gigabitethernet unit slot port A valid Gigabit Ethernet routed port number vlan vlan id A valid VLAN number port channel port channel number A valid port channel number tengigabitethernet unit slot port A valid 10 Gigabit Ethernet routed port number fortygigabitethernet unit slot port A valid 40 Gig...

Page 1042: ...g macal permit gigabitethernet 1 0 1 priority 1 console config macal permit gigabitethernet 1 0 9 priority 1 console config macal exit console config management access class mlist The following example shows how to configure all the interfaces to be management interfaces except for two interfaces Gigabit Ethernet 1 0 1 and 1 0 9 console config management access list mlist console config macal deny...

Page 1043: ...ion console show management access class Management access class is enabled using access list mlist show management access list Use the show management access list command to display management access lists Syntax show management access list name name A valid access list name Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged Exec mode Glo...

Page 1044: ...le The following example displays the active management access list console show management access list mlist permit priority 1 gigabitethernet 1 0 1 permit priority 2 gigabitethernet 2 0 1 Note all other access implicitly denied ...

Page 1045: ...e a minimum length between 8 and 64 characters The default minimum length is 8 although there is no default password zero length string Password History Keeping a history of previous passwords ensures that users cannot reuse passwords often The administrator can configure the switch to store up to 10 of the last passwords for each user The default operation is that no history is stored Password Ag...

Page 1046: ...strong passwords lowers overall risk of a security breach The scope of this feature is to enforce a baseline Password Strength for all locally administered users The feature doesn t affect users with an existing password until their password ages out Password Strength is only enforced when a user is configuring a new password or changing their existing password The default action is Disabled in FP...

Page 1047: ... Password strength feature applies to all login passwords user line and enable Commands in this Section This section explains the following commands for viewing and configuring properties of passwords NOTE To change a password use the passwords command which is described in AAA Commands passwords aging passwords strength minimum special characters passwords history passwords strength max limit con...

Page 1048: ...ng Password aging uses the time of day clock therefore having an accurate clock source is required The use on SNTP is strongly recommended Example The following example sets the password age limit to 100 days console config passwords aging 100 passwords history As administrator use the passwords history command in Global Configuration mode to set the number of previous passwords that are stored fo...

Page 1049: ...strengthen the security of the switch by locking user accounts that have failed login due to wrong passwords When a lockout count is configured a user who is logging in must enter the correct password within that count Otherwise that user is locked out from further switch access Only a user with read write access can reactivate a locked user account Password lockout does not apply to logins from t...

Page 1050: ...s min length Use the passwords min length command in Global Configuration mode to enforce a minimum length password length for local users The value also applies to the enable password The valid range is 8 64 The default is 8 Use the no version of this command to set the minimum password length to 8 Syntax passwords min length length no passwords min length length The minimum length of the passwor...

Page 1051: ...on User Guidelines This command enables disables enforcement of password strength checking policy as configured by the following commands passwords strength minimum uppercase letters passwords strength minimum lowercase letters passwords strength minimum special characters passwords strength minimum numeric characters passwords strength max limit consecutive characters passwords strength max limit...

Page 1052: ...r class it must meet the specific minimum strength check limit for the matching character class If the password only contains characters that are in non configured 0 limit minimum strength check character class the password is considered valid If the maximum consecutive characters or maximum repeated characters limits or other validation checks are configured passwords must pass these tests regard...

Page 1053: ...sword must contain The valid range is 0 16 The default is 1 A setting of 0 means no restriction Use the no form of this command to reset the minimum lowercase letters to the default value Syntax passwords strength minimum lowercase letters 0 16 no passwords strength minimum lowercase letters Default Configuration The default value is 1 Command Mode Global Configuration User Guidelines This limit i...

Page 1054: ... Configuration User Guidelines This limit is not enforced unless the passwords strength minimum numeric characters command is configured with a value greater than 0 In other words a configuration of 0 allows a password consisting entirely of numeric characters to pass strength check validation Example console config passwords strength minimum numeric characters 6 passwords strength minimum special...

Page 1055: ...gth minimum special characters 6 passwords strength max limit consecutive characters Use this command to enforce a maximum number of consecutive characters that a password can contain If a user enters a password that has more consecutive characters than the configured limit the system rejects the password The valid range of consecutive characters is 0 15 The default is 0 A maximum of 0 means there...

Page 1056: ...sword should contain If password has repetition of characters more than the configured max limit it fails to configure The valid range is 0 15 The default is 0 A maximum of 0 means again disabling the restriction Use the no form of this command to reset the maximum repeated characters to the default value Syntax passwords strength max limit repeated characters 0 15 no passwords strength max limit ...

Page 1057: ...l performed for each individual character class if configured Use the no form of this command to reset the minimum character classes to the default value Syntax passwords strength minimum character classes 0 4 no passwords strength minimum character classes Default Configuration The default value is 0 This character class limit is not enforced unless the passwords strength minimum character classe...

Page 1058: ...ns characters from non configured character classes the password is considered valid If the maximum consecutive characters or maximum repeated characters limits are configured passwords must pass these tests regardless of the minimum character class checking setting Example console config passwords strength minimum character classes 4 passwords strength exclude keyword Use this command to exclude ...

Page 1059: ...o know the password Syntax enable password password encrypted Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines The password parameter must be exactly 128 hexadecimal characters show passwords configuration Use the show passwords configuration command to display the configured password management settings Syntax show passwords configu...

Page 1060: ...rcase Letters Minimum number of uppercase characters required when configuring passwords Minimum Password Lowercase Letters Minimum number of uppercase characters required when configuring passwords Minimum Password Numeric Characters Minimum number of numeric characters required when configuring passwords Minimum Password Special Characters Minimum number of special characters required when confi...

Page 1061: ...aracters 3 Maximum Password Repeated Characters 3 Minimum Password Character Classes 4 Password Exclude Keywords dell dell1 dell2 show passwords result Use the show passwords result command to display the last password set result information Syntax show passwords result Default Configuration This command has no default configuration Minimum Password Character Classes Minimum number of character cl...

Page 1062: ...delines This command has no user guidelines Example The following example displays the command output console show passwords result Last User whose password is set dell Password strength check Enable Last Password Set Result Reason for failure Could not set user password Password should contain at least 4 uppercase letters ...

Page 1063: ...following commands crypto key generate dsa Use the crypto key generate dsa command in Global Configuration mode to generate DSA key pairs for the SSH server A key pair is one public DSA key and one private DSA key Use the crypto key zeroize command to remove the generated private key from the local file system The public and private keys will be overwritten if the command is subsequently executed ...

Page 1064: ...are distributed to all units in a stack on a configuration save Use the crypto key zeroize dsa command to remove the DSA key pair from the system Private keys should never be shared with unauthorized users This command generates the following private public key pair in the ssh_host_dsa_key and ssh_host_dsa_key pub files Both the RSA and DSA keys must be generated to enable the SSH server Example T...

Page 1065: ...crypto key zeroize rsa command to remove RSA key pair from the system Private keys should never be shared with unauthorized users This command generates the private public key pairs in the following files ssh_host_rsa_key and ssh_host_rsa_key pub ssh_host_key and ssh_host_key pub files Both the RSA and DSA keys must be generated to enable the SSH server Example The following example generates RSA ...

Page 1066: ... key bob rsa Key string row AAAAB3NzaC1yc2EAAAABIwAAAQEAu7WHtjQDUygjSQXHVgyqdUby Key string row dxUXEAiDHXcWHVr0R ak1HDQitBzeEv1vVEToEn5ddLmRhtIgRdKUJHgBHJV Key string row R2VaSN WC0IK53j9re4B11AE O3qAxwJs0KD7cTkvF9I YdiXeOM8VE4skkw Key string row AiyLDNVWXgNQ6iat8 8Mjth PIo5t3HykYUCkD8B1v93nzi sr4hHHJCdx7w Key string row wRW3QtgXaGwYt2rdlr3x8ViAF6B7AKYd8xGVVjyJTD6TjrCRRwQHgB BHsFr Key string row ...

Page 1067: ...hain ssh user key bob crypto key zeroize rsa dsa Use the crypto key zeroize rsa dsa command in Global Configuration mode to delete the RSA or DSA public and private keys from the switch Syntax crypto key zeroize rsa dsa Default Configuration There is no default configuration for this command Command Mode Global Configuration mode User Guidelines The crypto key zeroize rsa command removes the follo...

Page 1068: ...ort use the no form of this command Syntax ip ssh port port number no ip ssh port port number Port number for use by the SSH server Range 1025 65535 Default Configuration The default value is 22 Command Mode Global Configuration mode User Guidelines The SSH TCP port should not be set to a value that might conflict with other well known protocol port numbers used on this switch The following non ex...

Page 1069: ...h pubkey auth no ip ssh pubkey auth Default Configuration The function is disabled Command Mode Global Configuration mode User Guidelines Public key authentication allow administrators with an SSH client access to the switch without requiring a password Use the crypto key pubkey chain ssh user key command to configure the administrators public key for use by the SSH server AAA authentication is in...

Page 1070: ... are required to allow the SSH server to operate Dell EMC Networking N Series switches support the SSH service over IPv4 or IPv6 SSH is configured to require a password on accounts that attempt to log into the switch Example The following example enables the switch to be configured using SSH console config crypto key generate rsa Do you want to overwrite the existing RSA keys y n y RSA key generat...

Page 1071: ...rated by the administrator The administrator will need access to both the public and private key on the host to log in without authenticating via password Enclose the key string in quotes DSA is considered less secure than RSA Use of RSA is recommended Use the key string row command to enter the key string one row at a time The row may be enclosed in quotes This command may be used to enter the ke...

Page 1072: ...key Use the show crypto key mypubkey command to display the SSH public keys of the switch Syntax show crypto key mypubkey rsa dsa rsa RSA key dsa DSA key Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays ...

Page 1073: ...ble hex username Specifies the remote SSH client username Range 1 48 characters bubble babble Fingerprints in Bubble Babble format hex Fingerprint in Hex format If fingerprint is unspecified it defaults to Hex format Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command...

Page 1074: ... e8 df 7a 11 show ip ssh Use the show ip ssh command to display the SSH server configuration Syntax show ip ssh Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the SSH server configuration console show ...

Page 1075: ...C Networking N4000 Series Switches This section of the document contains the following audio visual bridging commands Multiple MAC Registration Protocol Commands Multiple Stream Reservation Protocol Commands Multiple VLAN Registration Protocol Commands 802 1AS Timesync Commands ...

Page 1076: ...udio Visual Bridging Commands in this Section This section explains the following commands clear mmrp statistics This command clears the MMRP statistics for an interface or all interfaces Syntax clear mmrp statistics interface id all All Clear MMRP statistics for all interfaces interface id Clear statistics for the specified interface Default Configuration This command has no defaults Command Mode...

Page 1077: ...atistics po1 mmrp This command enables MMRP on a specific interface Use the no form of the command to disable MMRP on an interface Syntax mmrp no mmrp Default Configuration By default MMRP is disabled globally and on all interfaces Command Mode Interface Configuration physical and port channel and Interface Range physical and port channel User Guidelines MMRP is not compatible with GVRP GMRP Do no...

Page 1078: ...e Example This example enables MMRP on port channel 1 console config interface po1 console config if Po1 mmrp mmrp global Use the mmrp global command to globally enable MMRP Use the no form of the command to globally disable MMRP Syntax mmrp global no mmrp global Default Configuration By default MMRP is disabled globally and on all interfaces Command Mode Global Configuration User Guidelines MMRP ...

Page 1079: ...port configuration of default group filtering behavior MMRP does not support the optional Registrar Administrative Control for MAC addresses Command History Introduced in version 6 2 0 1 firmware Example This example enables MMRP globally console config mmrp global mmrp periodic state machine Use this command to globally enable the MMRP periodic state machine Use the no form of the command to glob...

Page 1080: ...ne show mmrp Use this command to display the MMRP configuration for an interface or globally Syntax show mmrp summary interface interface id summary summary Show the global MMRP configuration interface id Show the MMRP configuration for the specified interface interface summary Show the per interface MMRP configuration for all interfaces Default Configuration This command has no defaults Command M...

Page 1081: ...ode Gi1 0 1 Disabled Gi1 0 2 Disabled Gi1 0 3 Disabled Gi1 0 4 Disabled show mmrp statistics Use this command to display the MMRP statistics for an interface or globally Syntax show mmrp statistics interface id interface id Displays the MMRP statistics for the specified interface Default Configuration By default the global statistics are displayed Command Mode Privileged Exec Global Configuration ...

Page 1082: ...ed in version 6 2 0 1 firmware Example console show mmrp statistics gi1 0 12 Port Gi1 0 12 MMRP messages received 21 MMRP messages received with bad header 0 MMRP messages received with bad format 0 MMRP messages transmitted 8 MMRP messages failed to transmit 0 ...

Page 1083: ...ation and propagation of VLAN membership information Commands in this Section This section explains the following commands clear mvrp statistics This command clears the MVRP statistics for an interface or all interfaces Syntax clear mvrp statistics interface id all All Clear MVRP statistics for all interfaces interface id Clear statistics for the specified interface Default Configuration This comm...

Page 1084: ... mmrp statistics po1 mvrp This command enables MVRP on a specific interface Use the no form of the command to disable MVRP on an interface Syntax mvrp no mvrp Default Configuration By default MVRP is disabled globally and on all interfaces Command Mode Interface Configuration physical and port channel and Interface Range physical and port channel User Guidelines MVRP is not compatible with GVRP GM...

Page 1085: ... Command History Introduced in version 6 2 0 1 firmware Example This example enables MVRP on port channel 1 console config interface po1 console config if Po1 mvrp mvrp global Use the mvrp global command to globally enable MVRP Use the no form of the command to globally disable MVRP Syntax mvrp global no mvrp global Default Configuration By default MVRP is disabled globally and on all interfaces C...

Page 1086: ... the VLAN it is deleted and added back as a tagged static VLAN If subsequently deleted by the operator the VLAN is dynamically created If a VLAN is configured as forbidden on an interface and MVRP requests registration dynamic creation of the same VLAN MVRP does not configure the port association MVRP is only supported on trunk or general mode ports This command is only available on the N4000 Seri...

Page 1087: ...ry Introduced in version 6 2 0 1 firmware Example This example enables the MVRP periodic state machine console config mvrp periodic state machine show mvrp Use this command to display the MVRP configuration for an interface or globally Syntax show mvrp summary interface interface id summary summary Show the global MMRP configuration interface id Show the MMRP configuration for the specified interf...

Page 1088: ...c State Machine state Disabled VLANs created via MVRP 20 45 3001 3050 The following shows example CLI display output for the command Switching show mvrp interface 0 12 MVRP interface state Enabled VLANs declared 20 45 3001 3050 VLANs registered none show mvrp statistics Use this command to display the MVRP statistics for an interface or globally Syntax show mvrp statistics interface id interface i...

Page 1089: ...messages received 45 MVRP messages received with bad header 0 MVRP messages received with bad format 0 MVRP messages transmitted 16 MVRP messages failed to transmit 0 MVRP Message Queue Failures 0 The following shows example CLI display output for the command Switching show mvrp statistics 0 12 Port 0 12 MVRP messages received 21 MVRP messages received with bad header 0 MVRP messages received with...

Page 1090: ...4000 Series switches Commands in this Section This section explains the following commands clear msrp statistics Use this command to clear the MSRP statistics for an interface or all interfaces Syntax clear msrp statistics interface id all all Clear MSRP statistics for all interfaces interface id Clear statistics for the specified interface Argument must be a physical interface identifier clear ms...

Page 1091: ...clears the MSRP counters on interface Gi1 0 4 console clear msrp statistics gi1 0 4 msrp Interface Use this command to enable MSRP on a specific interface Use the no form of the command to disable MSRP on an interface Syntax msrp no msrp Default Configuration By default MSRP is disabled globally and on all interfaces Command Mode Interface Configuration and Interface Range modes User Guidelines En...

Page 1092: ...IEEE 802 1Qav boundary propagation Use the no form of the command set the class configuration to the default Syntax msrp boundary propagate no msrp boundary propagate Default Configuration Talkers on a boundary port are ignored by default Command Mode Global Configuration mode User Guidelines Use the boundary propagation configuration to administratively define the edge of the IEEE 802 1Qav domain...

Page 1093: ... 3 QAV class B remap priority 1 msrp delta bw Use this command to configure the MSRP VLAN ID for the SR traffic class on the interface Syntax msrp delta bw a b bandwidth no msrp delta bw a b bandwidth The maximum percentage of bandwidth which may be reserved for a traffic class on an interface The range is 0 75 Default Configuration By default up to 75 of the interface bandwidth may be reserved fo...

Page 1094: ... of the command to globally disable MSRP Syntax msrp global no msrp global Default Configuration By default MSRP is disabled globally and on all interfaces Command Mode Global Configuration mode User Guidelines MSRP is not compatible with GMRP GVRP Do not enable GMRP GVRP on MMRP MVRP MSRP enabled switches MSRP must also be enabled on individual interfaces to become operational MSRP propagates str...

Page 1095: ...aranteed in such cases This command is only available on the N4000 Series switches Command History Introduced in version 6 2 0 1 firmware Example This example enables MSRP globally console config msrp global msrp max fan in ports Use this command to configure the fan in value used in calculating available bandwidth Use the no form of the command to return the fan in to the default Syntax msrp max ...

Page 1096: ...Example This example configures the fan in to 14 interfaces console config msrp max fan in ports 14 console config show msrp summary MSRP Global Admin Mode Enabled MSRP Talker Pruning Enabled MSRP Maximum Fan in Ports 14 MSRP Boundary Propagation Enabled QAV class A priority 4 QAV class A remap priority 1 QAV class B priority 3 QAV class B remap priority 1 msrp srclass pvid Use this command to con...

Page 1097: ...ss pvid 12 msrp srclassqav Use this command to configure the IEEE Qav class priority map Use the no form of the command set the class configuration to the default Syntax msrp srclassqav class a b pcp remap 0 7 no msrp srclassqav class a b class a b Specifies the class to be configured Dell EMC Networking switches support class A and class B priorities pcp Specifies the priority of the selected MSR...

Page 1098: ...rs a stream it identifies whether the stream is class A or B and specifies the bandwidth required Class A traffic has a higher transmission priority than class B traffic The bandwidth that may be reserved is limited to 75 of the total bandwidth The priorities received in a frame are mapped onto traffic classes for trusted ports See the output of the show classofservice dot1pmapping command for the...

Page 1099: ...command to enable source pruning Use the no form of the command to disable source pruning Syntax msrp talker pruning no msrp talker pruning Default Configuration By default talkers are not pruned Command Mode Global Configuration User Guidelines Source pruning allows service users such as a bridge that are sources of frames destined for a number of groups such as server stations or routers to avoi...

Page 1100: ...iority 4 QAV class A remap priority 1 QAV class B priority 3 QAV class B remap priority 1 show msrp Use this command to display the MSRP configuration for an interface or globally Syntax show msrp summary interface interface id summary summary Show global MSRP configuration information interface id Show the MSRP configuration for the specified interface The interface id must be a physical interfac...

Page 1101: ...riority for traffic class mapping QAV class B priority The class B priority for traffic class mapping QAV class B remap priority The class B remap priority for traffic class mapping Field Description MSRP Interface Admin Mode If MSRP admin mode is enabled or disabled on the interface SRclass PVID The MSRP VLAN ID configured for the SR traffic class on the interface MSRP class A Boundary port statu...

Page 1102: ...to MSRP QAV class A priority The class A priority for traffic class mapping QAV class A remap priority The class A remap priority for traffic class mapping QAV class B priority The class B priority for traffic class mapping QAV class B remap priority The class B remap priority for traffic class mapping Field Description Intf The interface for which information is displayed Mode The current mode of...

Page 1103: ...QAV class B remap priority 1 console show msrp interface summary Intf Mode SrPVID A Prio A Remap B Prio B Remap Boundary A B Gi1 0 1 Enabled 2 3 1 2 1 True True Gi1 0 2 Enabled 2 3 1 2 1 True True Gi1 0 3 Enabled 2 3 1 2 1 True True Gi1 0 4 Enabled 2 3 1 2 1 True True Gi1 0 5 Enabled 2 3 1 2 1 True True Gi1 0 6 Enabled 2 3 1 2 1 True True show msrp reservations Use this command to display the MSRP...

Page 1104: ...gi1 0 10 summary Stream Stream Talker Listener Fail Information Stream ID MAC Address Type Type Code Interface Age 41543 12 22 e1 65 a3 f8 R Adv D Ready 0 0 0 console show msrp reservations gi1 0 10 detail Stream Stream Failure Information Acc ID MAC Address Code Intf MAC Address Latency 41543 12 22 e1 65 a3 f8 0 0 00 00 00 00 00 00 647 show msrp statistics Use this command to display the MSRP sta...

Page 1105: ... a bad format MSRP messages transmitted The number of MSRP messages that have been transmitted MSRP messages failed to transmit The number of MSRP messages that failed to transmit MSRP messages Queue Failures The number of MSRP message queue failures Field Description Port The interface port number MSRP messages received The number of MSRP messages that have been received MSRP messages received wi...

Page 1106: ...RP messages received 741 MSRP messages received with bad header 0 MSRP messages received with bad format 0 MSRP messages transmitted 674 MSRP messages failed to transmit 0 MSRP failed registrations 0 show msrp stream Use this command to display MSRP stream information Syntax show msrp stream detail summary detail Show detailed information on the streams summary Show summary information on the stre...

Page 1107: ... f8 A 128 1 0 0 00 00 00 00 00 00 Gi1 0 10 Field Description Stream Talker ID The MSRP stream talker ID Stream MAC Address The MSRP stream MAC address Traff Class The MSRP traffic class Stream TSpec The MSRP stream TSpec Failure Code The MSRP failure code Failure Intf The MSRP interface Failure MAC Address The MSRP MAC address Port The port interface Field Description Stream Talker ID The MSRP str...

Page 1108: ...o Visual Bridging Commands 1108 console show msrp stream summary Stream Stream Destination Acc VLAN Stream ID MAC Address MAC Address Latency ID Rank 41543 12 22 e1 65 a3 f8 01 00 00 80 42 01 647 2 Regular ...

Page 1109: ...ter clock time source must be supplied for a precise measurement of propagation delay Commands in this Section This section explains the following commands clear dot1as statistics Use this command to clear the IEEE 802 1AS statistics for an interface or all interfaces Syntax clear dot1as statistics interface id all All Clear 802 1AS statistics for all interfaces interface id Clear 802 1AS statisti...

Page 1110: ...unters Command History Introduced in version 6 2 0 1 firmware Example This example clears the 802 1AS counters on port channel 1 console clear dot1as statistics po1 dot1as Global Configuration Use this command to globally enable IEEE 802 1AS Use the no form of the command to globally disable IEEE 802 1AS Syntax dot1as no dot1as Default Configuration By default IEEE 802 1AS is disabled globally and...

Page 1111: ...This command is only available on the N4000 Series switches Command History Introduced in version 6 2 0 1 firmware Example console config dot1as dot1as Interface Configuration Use this command to enable IEEE 802 1AS on an interface Use the no form of the command to disable IEEE 802 1AS on an interface Syntax dot1as no dot1as Default Configuration By default IEEE 802 1AS is disabled globally and on...

Page 1112: ... the command to return the priority value to the default Syntax dot1as priority 1 2 priority value no dot1as priority 1 2 priority 1 2 Selects the priority value to configure Priority 1 and 2 are used in the selection of the grand master clock Default Configuration By default priority 1 is 246 and priority 2 is 248 Command Mode Global Configuration User Guidelines The best master clock algorithm c...

Page 1113: ... console config show dot1as summary 802 1AS Global Admin Mode Enabled Grandmaster Capable Yes Best Clock Identity 00 1E C9 FF FE DE B1 37 Best Clock Priority1 255 Best Clock Priority2 248 Steps to Best Clock 0 Local Clock Identity 00 1E C9 FF FE DE B1 37 Local Clock Priority1 255 Local Clock Priority2 248 Grandmaster Change Count 0 Last Grandmaster Change Timestamp 0 dot1as interval announce Use t...

Page 1114: ...02 1AS must also be enabled globally as well as on an interface to become operational IEEE 802 1AS propagates time information from master clocks and synchronizes internally with the clock in support of delivering streams to the destination device with the same relative timing as sampled at the source While disabled IEEE 802 1AS configuration is retained and can be changed but is not operationally...

Page 1115: ...ure the sync interval for an interface Use the no form of the command to return the sync interval to the default Syntax dot1as interval sync int val no dot1as interval sync int val The time sync interval in log base 2 format The range is 5 to 5 Default Configuration By default the initial sync interval is 3 Command Mode Interface Configuration User Guidelines This value is the logarithm to the bas...

Page 1116: ...ost responses allowed 3 Neighbor Rate Ratio 0 Initial Sync Interval 3 Current Sync Interval 3 Initial Pdelay Interval 0 Current Pdelay Interval 0 Initial Announce Interval 3 Current Announce Interval 0 Sync Receipt Timeout 3 Announce Receipt Timeout 3 dot1as interval pdelay Use this command to configure the pdelay interval for an interface Use the no form of the command to return the pdelay interv...

Page 1117: ...e config if Gi1 0 1 show dot1as interface gi1 0 1 AS Interface Admin Mode Enabled AS Capable No Is Measuring Delay No Propagation Delay 0 Port Role Disabled PDELAY Threshold 2500 PDELAY lost responses allowed 3 Neighbor Rate Ratio 0 Initial Sync Interval 3 Current Sync Interval 3 Initial Pdelay Interval 3 Current Pdelay Interval 0 Initial Announce Interval 3 Current Announce Interval 0 Sync Receip...

Page 1118: ...s well as on an interface to become operational Command History Introduced in version 6 2 0 1 firmware Example This example configures interface Gi1 0 4 to delay expiring the master clock if found for up to 5 announce intervals console config if Gi1 0 4 dot1as timeout announce 5 console config if Gi1 0 4 show dot1as interface gi1 0 4 AS Interface Admin Mode Enabled AS Capable No Is Measuring Delay...

Page 1119: ...lt Syntax dot1as timeout sync expiries no dot1as timeout announce Default Configuration By default the number of expiries is set to 3 Command Mode Interface Configuration User Guidelines IEEE 802 1AS must also be enabled globally as well as on an interface to become operational Command History Introduced in version 6 2 0 1 firmware Example This example configures interface Gi1 0 4 to delay expirin...

Page 1120: ...hold Use this command to configure the propagation delay threshold in nanoseconds above which an interface is not considered capable of participating in the AS protocol Use the no form of the command to return the threshold to the default Syntax dot1as pdelay threshold thresh val no dot1as pdelay threshold Default Configuration By default the number of expiries is set to 2500 nanoseconds for coppe...

Page 1121: ...nterval 3 Initial Pdelay Interval 3 Current Pdelay Interval 0 Initial Announce Interval 3 Current Announce Interval 0 Sync Receipt Timeout 5 Announce Receipt Timeout 3 dot1as interval pdelay loss Use this command to configure the number of Pdelay_Req messages for which a valid response has not been received above which a port is considered to not be exchanging peer delay messages with its neighbor...

Page 1122: ...d in version 6 2 0 1 firmware Example This example configures interface Gi1 0 4 to delay retiring the interface for 10 ms console config if Gi1 0 4 dot1as interval pdelay loss 5 console config if Gi1 0 4 show dot1as interface gi1 0 4 AS Interface Admin Mode Enabled AS Capable No Is Measuring Delay No Propagation Delay 0 Port Role Disabled PDELAY Threshold 10000 PDELAY lost responses allowed 5 Neig...

Page 1123: ...uidelines The following information is displayed for the summary command Field Description AS Global Admin Mode Configured value of AS global admin mode Grandmaster Present Indicates where a AS grandmaster is present or not Best Clock Identity Specifies the clock identity of the AS grandmaster Best Clock Priority1 Specifies the priority1 value of AS grandmaster Best Clock Priority2 Specifies the p...

Page 1124: ...delay threshold in nanoseconds above which an interface is not considered capable of participating in the AS protocol Pdelay lost responses allowed Specifies the number of Pdelay_Req messages for which a valid response is not received above which a port is considered to not be exchanging peer delay messages with its neighbor Neighbor Rate Ratio Specifies an estimate of the ratio of the frequency o...

Page 1125: ... in logarithm to base 2 format Current Pdelay interval Specifies the current mean time interval between successive PDELAY_REQ messages sent over a link in logarithm to base 2 format Current Announce Interval Specifies the current mean time interval between successive ANNOUNCE messages in logarithm to base 2 format Current Sync Interval Specifies the current mean time interval between successive SY...

Page 1126: ...resent TRUE Best Clock Identity 02 10 18 FF FE 57 80 10 Best Clock Priority1 127 Best Clock Priority2 255 Steps to Best Clock 1 Local Clock Identity 00 10 18 FF FE 82 11 DB Local Clock Priority1 246 Local Clock Priority2 248 Grandmaster Change Count 5 Last Grandmaster Change Timestamp 2819202563 show dot1as statistics Use this command to show the IEEE 802 1AS statistics for an interface Syntax sho...

Page 1127: ...es transmitted 0 Announce messages received 0 Pdelay_Req messages transmitted 0 Pdelay_Req messages received 0 Pdelay_Resp messages transmitted 0 Pdelay_Resp messages received 0 Pdelay_Resp_Followup messages transmitted 0 Pdelay_Resp_Followup messages received 0 Signaling messages transmitted 0 Signaling messages received 0 Sync receipt timeouts 0 Sync messages discarded 0 Announce receipt timeout...

Page 1128: ...Audio Visual Bridging Commands 1128 ...

Page 1129: ...ecified by the FC BB 5 working group of ANSI T11 This capability allows operators to deploy networks at a lower cost while still maintaining the same SAN network management operations that exists today NOTE Data Center Technologies such as ETS DCBX and PFC are only available on Dell EMC Networking N4000 series switches This section of the document contains the following data center bridging comman...

Page 1130: ...king implementation of the DCBX protocol supports the propagation of configuration information for the following features 1 Enhanced Transmission Selection ETS 2 Priority based Flow Control PFC 3 Application Priorities The features listed above use DCBX to send and receive device configuration and capability information and configuration details to peer DCBX devices The PFC and ETS information exc...

Page 1131: ...ions the queue depth can be managed using tail dropping or a weighted random early discard or a weighted random early discard WRED technique These methods often use customizable threshold parameters that are specified on a per drop precedence basis The Dell EMC Networking QoS implementation contains Differentiated Services DiffServ support that allows traffic to be classified into streams and give...

Page 1132: ...r the egress ports 2 Configure weight percentage bandwidth allocation for each TCG 3 Enable appropriate scheduling algorithm for each TCG CoS information is exchanged with peer DCBX devices using ETS TLVs As part of the transmitted ETS TLVs by default DCBX advertises the following parameters and these parameters are populated in the switch hardware on a per port basis 1 Mapping between ingress por...

Page 1133: ...atabase and are accessible using show commands The Application Priority TLV is accepted from auto upstream devices and propagated to auto downstream devices In addition if iSCSI CoS is enabled an additional entry in the Application Priority TLV is added as discussed in the iSCSI section Data Center Bridging Exchange Protocol Main Objective The DCBX protocol implementation conforms to the IEEE 802 ...

Page 1134: ...sed on the OUI of the organization TLV then the switch changes its DCBX mode on that port to support the version detected There is no time out mechanism to move back to IEEE mode Once the DCBX peer times out multiple peers are detected the link is reset link down up or as commanded by the operator DCBX resets its operational mode to IEEE The interaction between DCBX component and other components ...

Page 1135: ...tify the operator of incompatible configurations if client configuration exchange over DCBX is enabled Manually configured ports are always operationally enabled for DCBX clients regardless of whether DCBX is enabled Auto Upstream Advertises a configuration but is also willing to accept a configuration from the link partner and propagate it internally to the auto downstream ports as well as receiv...

Page 1136: ...ts have the recommendation TLV parameter enabled Auto downstream ports that receive internally propagated information ignore their local configuration and utilize the internally propagated operational information Configuration Source In this role the port has been manually selected to be the configuration source Configuration received over this port is propagated to the other auto configuration po...

Page 1137: ...of eligible ports A port is eligible to become the configuration source if No other port is the configuration source The port role is auto upstream The port is enabled with link up and DCBX enabled The port has negotiated a DCBX relationship with the partner The switch is capable of supporting the received configuration values either directly or by translating the values into an equivalent configu...

Page 1138: ...rts and each port may begin configuration negotiation with their peer again if any information has changed Commands in this Section This section explains the following commands Data Center Bridging Capability Exchange Commands datacenter bridging Use the datacenter bridging command for an Ethernet interface in order to enter the DataCenterBridging mode Priority Flow Control is configurable from wi...

Page 1139: ...f dcb priority flow control mode on console config if dcb priority flow control priority 1 no drop lldp dcbx version Use the lldp dcbx version command in Global Configuration mode to configure the administrative version for the Data Center Bridging Capability Exchange DCBX protocol This command enables the switch to support a specific version of the DCBX protocol or to detect the peer version and ...

Page 1140: ...a CEE frame followed by a CIN frame The switch will parse the received response and immediately switch to the peer version Because LLDP is a link local protocol it cannot be configured on a port channel or VLAN interface It is recommended that all ports configured in a port channel utilize the same LLDP configuration Example The following example configures the switch to use CEE DCBX s1 config lld...

Page 1141: ...ecommendation TLV Pfc Transmit the PFC configuration TLV Application priority Transmit the application priority TLV Congestion notification Transmit the congestion notification TLV Default Configuration The default value is to transmit all DCBX TLVs as received from the auto configuration configuration source port In manual mode the default is to transmit all DCBX TLVs per the switch global or int...

Page 1142: ... link partner and propagate it internally to the auto downstream ports as well as receive configuration propagated internally by other auto upstream ports These ports have the willing bit enabled These ports should be connected to FCFs Auto down Advertises a configuration but is not willing to accept one from the link partner However the port will accept a configuration propagated internally by th...

Page 1143: ... source port becomes operationally disabled Examples This example configures an FCF facing port console config if Te1 1 1 lldp dcbx port role auto up This example configures an FCoE host facing port console config if Te1 1 1 lldp dcbx port role auto down show lldp tlv select Use the lldp tlv select command to display the Traffic Class to Traffic Class Group mapping Syntax show lldp tlv select inte...

Page 1144: ... Recommend PFC App Priority QCN te1 0 1 Yes No Yes No Yes te1 0 2 No No Yes No Yes show lldp dcbx Use the show lldp dcbx command to display the Traffic Class to Traffic Class Group mapping Syntax show lldp dcbx interface all interface id detail status interface id A valid physical interface specifier all All interfaces detail Display detailed DCBX information status Display a status summary Defaul...

Page 1145: ...xample 2 DCBX not enabled console show lldp dcbx interface te1 0 1 Interface te1 0 1 DCBX Admin Status Disabled Configured DCBX Version Auto detect Peer DCBX Version Peer MAC Peer Description Auto configuration Port Role Manual Peer Is Configuration Source False Error Counters ETS Incompatible Configuration 0 PFC Incompatible Configuration 0 Disappearing Neighbor 0 Multiple Neighbors Detected 0 Ex...

Page 1146: ...0 5 0 6 0 7 0 Peer Configuration Operation version 00 Max version 00 Seq no 23 Ack no 22 Max Oper Type Subtype Version En Will Err PFC 3 000 000 000 Y N N PG 2 000 000 000 Y N N APP 4 000 000 000 Y N N Number of TCs Supported 3 Priority Group Id 0 00 1 01 2 02 3 03 4 04 5 05 6 06 7 07 PG Percentage 0 0 1 10 2 12 3 00 4 00 5 78 6 00 7 00 PFC Enable Vector 0 0 1 1 2 0 3 0 4 0 5 1 6 0 7 0 Application...

Page 1147: ...il Interface te1 0 1 DCBX Admin Status Enabled Configured Version Auto detect Auto configuration Port Role Configuration Source Peer Is Configuration Source True PFC Capability TX Enabled Willing True MBC False Max PFC classes supported 3 PFC Enable Vector 0 0 1 1 2 0 3 0 4 0 5 1 6 0 7 0 ETS Configuration TX Enabled Willing True Credit Shaper True Traffic Classes Supported 8 Priority Assignment 0 ...

Page 1148: ...ands NOTE Enhanced Transmission Selection commands are only supported on N4000 series switches CLI commands and Dell OpenManage Switch Administrator pages are not available for other switch models classofservice traffic class group This command maps the internal Traffic Class to an internal Traffic Class Group TCG The Traffic Class can range from 0 6 although the actual number of available traffic...

Page 1149: ...rts configured as DCBX manual role utilize the configured ETS settings It is recommended that all strict priority traffic classes be mapped to a single TCG Internally frames are selected for transmission from the strict priority TCGs first then once the constraints of the TCGs are satisfied frames from the WRR TCGs are selected for transmission For example grouping strict priority assignments into...

Page 1150: ... NOTE This command is only available on N40xx series switches This command specified in Interface Configuration mode only affects a single interface whereas the Global Configuration mode setting is applied to all interfaces Interface configuration overrides the global configuration on the designated interface The Interface Configuration mode command is only available on platforms that support inde...

Page 1151: ...0 Example The following example demonstrates how to limit the maximum bandwidth percentage for TCG 1 and 2 to 25 each console config traffic class group max bandwidth 50 25 25 traffic class group min bandwidth Use this command in Global Config or Interface Configuration mode to specify the minimum transmission bandwidth guaranteed for each TCG before processing frames from other TCGs on an interfa...

Page 1152: ...ied as greater than the current maximum bandwidth value for the corresponding TCG then its corresponding maximum bandwidth automatically increases the maximum to the same value Min bandwidth may be configured manually by the operator on manual and auto configuration ports If the port is an auto configuration port the weights received via ETS TLVs are taken into account by the scheduler along with ...

Page 1153: ...ues are specified with this command Duplicate tcg id values are ignored Each tcg id value ranges from 0 to n 1 where n is the total number of TCG supported per interface The number n is platform dependent and corresponds to the number of supported Traffic Class Groups When strict priority scheduling is used for a TCG the minimum bandwidth setting for the TCG is ignored and packets are scheduled fo...

Page 1154: ...hts Use the no form of the command to return the TCGs to the default weighted scheduler mode Syntax traffic class group weight wp 0 wp 1 wp 2 no traffic class group strict wp n The weight percentage Range 0 to 100 Default Configuration The default weight is in the ratio of 1 2 3 for TCG0 TCG1 TCG2 100 0 0 Command Mode Global Configuration mode Interface Configuration mode User Guidelines NOTE This...

Page 1155: ...sing the ETS TLVs Example The following example demonstrates how to set TCG 0 to 50 weight and TCG 1 to 50 console config traffic class group weight 50 5 0 show classofservice traffic class group Use the show classofservice traffic class group command to display the Traffic Class to Traffic Class Group mapping Syntax show classofservice traffic class group interface id interface id The ID for the ...

Page 1156: ...ic class to group mappings s1 show classofservice traffic class group Traffic Class Traffic Class Group 0 0 1 1 2 1 3 1 4 2 5 1 6 1 show interfaces traffic Use the show interfaces traffic command to display traffic information Syntax show interfaces traffic interface id interface id A valid physical interface specifier Port channels are not allowed with this command as the queuing and drops occur ...

Page 1157: ...cription Congestion drops Packets dropped due to congestion This includes packets that exceeded an upper WRED threshold and packet dropped by WRED ECN marked packets are not counted as dropped Tx Queue The instantaneous number of cells queued for egress on the interface Cells are 208 bytes Rx Queue The instantaneous number of cells queued for ingress on the switch Cells are 208 bytes If a port is ...

Page 1158: ...available on N40xx series switches The interface id parameter is optional If specified the TCG mapping table of the interface is displayed If omitted the global configuration settings are displayed these may have been subsequently overridden by per port configuration The following information is displayed Field Description Interface Displays the slot port of the interface If displaying the global ...

Page 1159: ...ntage A value of 0 means no upper limit is enforced so the queue may use any or all of the available bandwidth of the interface This is a configured value Scheduler Type Indicates whether this queue is scheduled for transmission using a strict priority or a weighted scheme Strict priority scheduler is to provide lower latency to the higher CoS classes of traffic Weighted scheduling is a round robi...

Page 1160: ...llowing commands controller Use the controller command to configure a connection to an OpenFlow controller Use the no form of the command to remove an OpenFlow controller connection Syntax controller ipv4 ipv4 address port port number security none ssl no controller ipv4 ipv4 address port port number all ipv4 address The IPv4 address of the controller port number The TCP port number used for the c...

Page 1161: ...troller entries for the IP address are deleted If SSL is used an SSL certificate should be downloaded using the copy command prior to configuring the controller OpenFlow operates on the stack master only Flows may not be configured on stack members Failover to the stack standby unit is not supported OpenFlow should only be enabled on stand alone switches and should not be enabled on stacks of swit...

Page 1162: ...Flow 1 0 mode Default Configuration By default layer2 matching is performed Command Mode Global Configuration User Guidelines This command configures the switch when operating in OpenFlow 1 0 mode It has no effect when operating in OpenFlow 1 3 mode If the administrator changes the default hardware table for OpenFlow 1 0 and if the switch is currently operating in OpenFlow 1 0 variant then the Ope...

Page 1163: ...lone switches only console config of switch controller ipv4 1 2 3 4 port 3435 security ssl console config of switch protocol version 1 0 console config of switch mode auto console config of switch exit ipv4 address Use the ipv4 address command to assign the IPv4 source address utilized for controller connections Use the no form of the command to return the setting to the default Syntax ipv4 addres...

Page 1164: ...h IPv4 address 1 2 3 1 configures a connection to the controller at IPv4 address 1 2 3 4 TCP port 3435 using SSL security and initiates the connection over the switch front panel interface The local switch is configured with a static IP address after being configured into static address mode console config vlan 10 console config vlan10 interface vlan 10 console config if vlan10 ip address 1 2 3 1 ...

Page 1165: ...ally auto mode Command Mode OpenFlow Configuration User Guidelines This command configures the switch to select an IP address from a particular type of interface The selected IP address is used as the local end point of the IP connections to the OpenFlow controllers The administrator can allow the switch to automatically assign an IP address to the OpenFlow feature or to specifically select which ...

Page 1166: ...he service port If the OOB interface is used to connect to the OpenFlow controllers the controllers should be on the same subnet as the OOB interface OpenFlow operates on the stack master only Flows may not be configured on stack members Failover to the stack standby unit is not supported OpenFlow should only be enabled on stand alone switches and should not be enabled on stacks of switches This r...

Page 1167: ...y is disabled by default No controllers are configured by default OpenFlow 1 3 mode is selected by default when OpenFlow is enabled The OpenFlow protocol operates over the OOB interface by default Command Mode Global Configuration User Guidelines When the OpenFlow feature is administratively disabled the switch drops connections with the OpenFlow Controllers The switch also purges all flows progra...

Page 1168: ...s example enables OpenFlow 1 3 on a switch and configures a connection the controller at IPv4 address 1 2 3 4 TCP port 3435 using SSL security console config openflow WARNING OpenFlow does not operate on stack members Enable OpenFlow on stand alone switches only console config of switch controller ipv4 1 2 3 4 port 3435 security ssl passive Use the passive command to set the switch to accept conne...

Page 1169: ...and alone switches and should not be enabled on stacks of switches This restriction is not enforced Command History Introduced in version 6 3 0 1 firmware Example This example configures a connection to the controller at IPv4 address 1 2 3 4 TCP port 3435 using SSL security and also configures the controller to accept TCP connections to the switch on port 6633 console config openflow WARNING OpenF...

Page 1170: ...ers to be dropped OpenFlow operates on the stack master only Flows may not be configured on stack members Failover to the stack standby unit is not supported OpenFlow should only be enabled on stand alone switches and should not be enabled on stacks of switches This restriction is not enforced Command History Introduced in version 6 3 0 1 firmware Example This example enables OpenFlow 1 3 on a swi...

Page 1171: ...ters the show openflow command shows summary information regarding OpenFlow Command Mode Privileged Exec and Global Configuration User Guidelines OpenFlow operates on the stack master only Flows may not be configured on stack members Failover to the stack standby unit is not supported OpenFlow should only be enabled on stand alone switches and should not be enabled on stacks of switches This restr...

Page 1172: ...1 3 Default Table The Hardware Table used as the target for flows installed by an OpenFlow 1 0 controller which is not enhanced to handle multiple hardware tables Passive Mode The OpenFlow passive mode set by the passive command Parameter Description Flow Table OpenFlow Table Identifier 0 255 Flow Table Name The name of this table Flow Table Description A detailed description for this table Maximu...

Page 1173: ...e switch powered up Parameter Description Group Type Type of Group Indirect All Select etc Group Id Unique ID for the Group Reference Count This count indicates how many Select groups are referring to the current Indirect group Reference Count is used only for Indirect groups Duration The time since the group was created Bucket Count Number of Buckets in the group Reference Group Id References the...

Page 1174: ...t Table layer 2 match Passive Mode Enable This output shows an operationally enabled switch console show openflow Administrative Mode Enable Administrative Status Enabled Disable Reason None IP Address 10 27 65 64 IP Mode Auto Static IP Address 10 1 1 1 Network MTU 1518 OpenFlow Variant OpenFlow 1 3 Default Table full match Passive Mode Enable Action The action specified by the flow Duration The t...

Page 1175: ... the output for OpenFlow 1 3 using the switch tables parameter console show openflow switch tables Flow Table 60 Flow Table Name Openflow 1 3 Maximum Size 1920 Number of Entries 0 Hardware Entries 0 Software Only Entries 0 Waiting for Space Entries 0 Flow Insertion Count 0 Flow Deletion Count 0 Insertion Failure Count 0 Flow Table Description The Openflow 1 3 table matches on the packet layer 2 he...

Page 1176: ...ies in database 123 Group Id 12345678 type Indirect Ref Count 1 Duration 8 Bucket Count 1 Bucket Entry List Bucket Index 25 Output Port 1 Src MAC 00 00 00 00 00 AB Dst MAC 00 00 00 00 00 CD VLAN 101 Reference Group Id NA Group Id 23456789 type All Ref Count NA Duration 10 Bucket Count 2 Bucket Entry List Bucket Index 26 Output Port 2 Src MAC NA Dst MAC NA VLAN 102 Reference Group Id NA Bucket Inde...

Page 1177: ...pe Untagged MAC Match Criteria Ingress port Gi1 0 1 Egress Port VLAN ID VLAN PCP EtherType 0x0800 Src MAC Src IP Src IP Port Dst MAC Dst IP Dst IP Port IP Protocol TOS DSCP Action Drop Duration secs 55 Idle secs 45 In HW Yes Packet Count 12321 HW Priority 2131 This example shows the output for OpenFlow 1 3 flows console show openflow switch flows Flow 000000E1 Type 1DOT3 Match Criteria Flow Table ...

Page 1178: ...riteria Flow Table 60 Priority 10 Ingress port Gi1 0 1 Egress Port Gi1 0 1 VLAN ID 1 VLAN PCP 1 EtherType 0x0800 Src MAC 00 00 02 37 38 01 Src IP 100 0 1 249 Src IP Port 1 Dst MAC 00 00 18 37 22 01 Dst IP 192 0 1 249 Dst IP Port 1 IP Protocol 17 TOS 32 DSCP 8 Action Duration secs 2 Idle secs 0 In HW Yes Packet Count 9879 HW Priority 786743 ...

Page 1179: ...op or no drop If a priority that is designated as no drop is congested the priority is paused Drop priorities do not participate in pause By default there are no priority classifications configured and PFC is not enabled While several no drop priorities may be configured on a supporting system the actual number of lossless priorities supported on a given system is a function of the switch chips pa...

Page 1180: ...apped into their own flow control group where lossless groups have additional buffer to handle the round trip delay for flow control In order to minimize the impact the link will only be dropped when changing between 802 3 and Qbb Commands in this Section This section explains the following commands priority flow control mode Use the priority flow control mode on command in Datacenter Bridging Con...

Page 1181: ...red as DCBX manual role utilize the configured PFC settings When PFC is enabled on an interface the normal PAUSE control mechanism is operationally disabled Because PFC is a link local protocol it must be configured on all the interfaces aggregated in a port channel Only configuring some of the ports in a port channel to use PFC will cause unexpected results and is not supported Example The follow...

Page 1182: ... series switches The administrator must configure the same no drop priorities across the network in order to ensure end to end lossless behavior Ports that are configured to use the DCBX auto configuration roles auto up or auto down have their PFC settings overridden Only ports configured as DCBX manual role utilize the configured PFC settings Example The following example sets priority 3 to no dr...

Page 1183: ...ntrol Use the show interfaces priority flow control command to display the global or interface priority flow control status and statistics Syntax show interfaces interface id priority flow control interface id A valid Ethernet port identifier Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines NOTE This command is only available on N40xx series swi...

Page 1184: ...Priority Received PFC Frames Transmitted PFC Frames 00 0 10 0 20 0 30 0 40 0 50 0 60 0 70 0 console show interfaces priority flow control Port Drop No Drop Operational Priorities Priorities Status Te1 0 1 0 2 4 7 3 Active Te1 0 2 0 2 4 7 3 Active Te1 0 3 0 7 Inactive Te1 0 4 0 7 Inactive Te1 0 5 0 7 Inactive Te1 0 6 0 7 Inactive Te1 0 7 0 7 Inactive Te1 0 8 0 7 Inactive Te1 0 9 0 7 Inactive Te1 0 ...

Page 1185: ...Data Center Technology Commands 1185 Te1 0 19 0 7 Inactive Te1 0 20 0 7 Inactive Te1 0 21 0 7 Inactive Te1 0 22 0 7 Inactive Te1 0 23 0 2 4 7 3 Active Te1 0 24 0 7 Inactive ...

Page 1186: ...Data Center Technology Commands 1186 ...

Page 1187: ... switches do not support routing This section of the document contains the following Layer 3 topics ARP Commands Loopback Interface Commands Bidirectional Forwarding Detection Commands IP Multicast Commands Border Gateway Protocol Commands IPv6 Multicast Commands BGP Routing Policy OSPF Commands DVMRP Commands OSPFv3 Commands IGMP Commands Router Discovery Protocol Commands IGMP Commands Routing I...

Page 1188: ... with a default gateway or may dynamically learn a default gateway The router discovery protocol is one method that enables hosts to learn a default gateway If a host does not know a default gateway it can learn the first hop to the destination through proxy ARP Proxy ARP RFC 1027 is a technique used to make a machine physically located on one network appear to be logically part of a different phy...

Page 1189: ... is reset to 0 By enabling the dynamic renew option the system administrator can configure ARP to attempt to renew aged ARP entries regardless of their use for forwarding If the system learns a new ARP entry but the hardware does not have space to add the new ARP entry the system attempts to remove entries that have not been used for forwarding recently This action may create space for new entries...

Page 1190: ...e parameter must have been previously created or an error is returned Only IPv4 addresses are supported with the vrf parameter The vrf parameter is only available on the N3000 N3100 N4000 switches The interface identifier is the identifier of the unnumbered interface not the loopback interface from which the IP address is borrowed When adding a static ARP entry with an unnumbered interface the ip ...

Page 1191: ...integer Maximum number of ARP entries in the cache Use the show sdm prefer command to display the supported ARP cache size Default Configuration The switch defaults to using the maximum allowed cache size Command Mode Global Configuration mode User Guidelines The ARP cache size is dependent on the switching hardware used The allowed range of values may be different from the example given below for...

Page 1192: ...try from the hardware Traffic to the host continues to be forwarded in hardware without interruption If the entry is not being used to forward data packets the system sends an ARP request to renew the entry When an entry is not renewed it is removed from the hardware and subsequent data packets to the host trigger an ARP request Traffic to the host is lost until the router receives an ARP reply fr...

Page 1193: ...RP entry in the selected VRF Syntax arp purge vrf vrf name ip address interface interface id vrf name The name of the VRF associated with the ARP entry which is to be removed If no VRF is specified the ARP entry is associated with the global ARP table is removed ip address The IP address to be removed from ARP cache interface id An optional IP unnumbered VLAN interface identifier Default Configura...

Page 1194: ...s from arp cache console arp purge 192 168 1 10 arp resptime Use the arp resptime command in Global Configuration mode to configure the ARP request response time out To return the response time out to the default value use the no form of this command Syntax arp resptime integer no arp resptime integer IP ARP entry response time out Range 1 10 seconds Default Configuration The default value is 1 se...

Page 1195: ...Default Configuration The default value is 4 retries Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines 6 as the maximum number of retries console config arp retries 6 arp timeout Use the arp timeout command in Global Configuration mode to configure the ARP entry age out time Use the no form of the command to set the age...

Page 1196: ...remove all ARP entries of type dynamic from the ARP cache Syntax clear arp cache vrf vrf name gateway vrf name The name of the VRF instance on which the command operates If no VRF parameter is given counters for the default global router instance is cleared gateway Removes the dynamic entries of type gateway as well Default Configuration This command has no default configuration Command Mode Privi...

Page 1197: ...t configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines Example In the example below out of band management entries are shown for example those from the out of band interface console show arp Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 6144 Dynamic Renew Mode Disable Total Entry Count Current Peak 0 0 Static Entry Count Configure...

Page 1198: ...P requests on VLAN 10 console config if Gi1 0 1 interface vlan 10 console config if vlan10 ip local proxy arp ip proxy arp Use the ip proxy arp command in Interface Configuration mode to enable proxy ARP on a router interface Without proxy ARP a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived With proxy ARP the...

Page 1199: ...terface vlan 15 console config if vlan15 ip proxy arp show arp Use the show arp command to display all entries in the Address Resolution Protocol ARP cache The displayed results are not the total ARP entries To view the total ARP entries the operator should view the show ARP results Syntax show arp vrf vrf name brief vrf name The name of the VRF instance on which the command operates If no VRF par...

Page 1200: ...viously created or an error is returned The VRF parameter is only available on the N3000 N3100 N4000 series switches Example The following example shows show arp command output console show arp Static ARP entries are only active when the IP address is reachable on a local subnet Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 6144 Dynamic Renew Mode Disable Total Entry Count Cur...

Page 1201: ...ially in scenarios where fast failure detection is required in data plane level for multiple concurrent sessions Use the following commands to configure Bidirectional Forwarding Detection commands BFD Commands in this Section This section explains the following commands feature bfd Use this command to enable BFD on the router Use the no form of the command to disable BFD and clear any dynamic stat...

Page 1202: ...nly BFD should be configured on routed interfaces only BFD should not be configured on mirrored ports or on interfaces enabled for IEEE 802 1x BFD is supported across link aggregation groups but does not detect individual LAG member link failure BFD does not operate on the out of band interface The no feature bfd command does not remove administrator supplied configuration A BFD session is created...

Page 1203: ...l plane packets when BFD echo mode is enabled Command History Introduced in version 6 2 0 1 firmware Example console configure console config interface vlan 10 console config if vlan10 bfd echo bfd interval This command configures BFD session parameters for a VLAN routing interface It overwrites any BFD configuration present on the interface Use the no form of the command to return the parameters ...

Page 1204: ...iplier Specifies the number of BFD control packets which if missed consecutively will cause a session to be declared down Its range is 3 to 50 with a default value of 3 Default Configuration The default transmit interval is 100ms The default minimum receive interval is 100ms The default detection time multiplier is 3 Command Mode Interface VLAN mode User Guidelines There are no user guidelines for...

Page 1205: ...eive interval no bfd slow timer receive interval The slow transmission interval Range 1000 30000 milliseconds Default Configuration The default receive interval is 2000 ms Command Mode Global Configuration mode User Guidelines The argument receive interval refers to the slow transmission interval for BFD Control packets This timer is only used when the BFD echo function is enabled When the BFD ech...

Page 1206: ...ifies OSPF of L3 connectivity issues with the peer The interface must be a VLAN interface enabled for routing BFD must also be enabled in OSPF router configuration mode in order to BFD processing to occur Command History Introduced in version 6 3 0 1 firmware Example The following example console configure console config ip routing console config interface vlan 3 console config if vlan3 ip address...

Page 1207: ...g notifies OSPFv3 of level 3 connectivity issues with the peer The interface must be a VLAN interfaced enabled for routing BFD must also be enabled in OSPFv3 router configuration mode for BFD processing to occur Command History Introduced in version 6 3 0 1 firmware Example console configure console config ipv6 unicast routing console config interface vlan 3 console config if vlan3 ipv6 address fe...

Page 1208: ...ng interface expressed in dotted quad notation ipv6 address The IPv6 address of a configured neighbor reachable over an IPv6 VLAN routing interface vlan id If specified the VLAN on which the IPv6 address is configured Default Configuration No BFD neighbors are configured by default Command Mode Router BGP Configuration mode User Guidelines There are no user guidelines for this command Command Hist...

Page 1209: ...w modes User Guidelines The local address displayed in the output is the IP address of the interface through which the neighbor is connected Update is displayed in the format dd hh mm ss where dd is days hh is hours mm is minutes ss is seconds The operational intervals are the intervals used as a result of negotiation with the BFD link partner The following information is displayed Parameters Desc...

Page 1210: ...es to use Demand mode Note Demand mode is not supported in Dell 6 0 8 0 Minimum transmit interval The minimum interval to use when transmitting BFD control packets Actual TX Interval The transmitting interval being used for control packets Actual TX Echo interval The transmitting interval being used for echo packets Minimum receive interval The minimum interval at which the system can receive BFD ...

Page 1211: ...00 01 54 Registered Protocol BGP Local Diag 0 Demand mode FALSE Minimum transmit interval 100 ms Minimum receive interval 100 ms Operational transmit interval 100 ms Operational transmit echo interval 0 ms Detection interval multiplier 3 Local discriminator 1 Remote discriminator 1 Tx Count 105 Rx Count 107 Drop Count 0 ...

Page 1212: ...how commands display switch settings statistics and other information Configuration commands configure features and options of the switch For every configuration command there is a show command that displays the configuration setting Clear commands reset part of the protocol state Commands in this Section This section explains the following commands router bgp maximum paths IPv6 Address Family Con...

Page 1213: ... to client reflection IPv6 Address Family Configuration neighbor description show bgp ipv6 neighbors bgp cluster id neighbor ebgp multihop show bgp ipv6 neighbors advertised routes bgp default local preference neighbor filter list BGP Router Configuration show bgp ipv6 neighbors policy bgp fast external fallover neighbor filter list IPv6 Address Family Configuration show bgp ipv6 neighbors receive...

Page 1214: ...distance neighbor rfc5549 support show ip bgp neighbors advertised routes distance bgp BGP Router Configuration neighbor route map BGP Router Configuration show ip bgp neighbors received routes distance bgp IPv6 Address Family Configuration neighbor route map IPv6 Address Family Configuration show ip bgp neighbors policy distribute list prefix in neighbor route reflector client BGP Router Configur...

Page 1215: ...and Mode Global Configuration mode User Guidelines The no router bgp command disables BGP and all BGP configurations revert to default values Alternatively the administrator can use the no enable command in BGP router configuration mode to disable BGP globally without clearing the BGP configuration ip bgp community new format neighbor timers show ip bgp update group ip bgp fast external fallover n...

Page 1216: ...lete all policy commands for an address family in a peer template use the no form of this command Syntax address family ipv4 ipv6 no address family ipv4 ipv6 ipv4 Configure policy parameters to be applied to IPv4 routes ipv6 Configure policy parameters to be applied to IPv6 routes Default Configuration No peer templates are configured by default Command Mode Peer Template Configuration mode User G...

Page 1217: ... to be sent for both IPv4 and IPv6 routes and configures different inbound and outbound route maps for IPv4 and IPv6 Two neighbors 172 20 1 2 and 172 20 2 2 inherit these parameters from the template console config router bgp 65000 console config router neighbor 172 20 1 2 remote as 65001 console config router neighbor 172 20 2 2 remote as 65001 console config router template peer AGGR console con...

Page 1218: ...VRF instance to configure the BGP VRF parameters Use the no form of this command to delete the IPv4 VRF configuration Syntax address family ipv4 vrf vrf name no address family ipv4 vrf vrf name vrf name The VRF instance name Default Configuration There is no default configuration Command Mode BGP Router Configuration mode User Guidelines Commands entered in this mode enable peering with BGP neighb...

Page 1219: ...nfiguration mode Commands entered in this mode can be used to enable exchange of IPv6 routes over IPv6 or IPv4 peering sessions specify IPv6 prefixes to be originated and configure inbound and outbound policies to be applied to IPv6 routes The no version of this command clears all IPv6 address family configuration ASNs 0 56320 64511 and 65535 are reserved cannot be used Command History Introduced ...

Page 1220: ...e All neighbor commands available in IPv4 Address Family configuration mode are applicable to this mode as well Two additional options to the neighbor command are available in VPN IPv4 address family configuration mode See the bold keywords in the commands below for the additions neighbor ip address activate neighbor ip address send community extended Command History Introduced in version 6 3 0 1 ...

Page 1221: ...bit values between 0x00 and 0xff and separated by colons Counters are cleared only for the matching prefixes prefix length The length of the IPv6 prefix given as part of the ipv6 prefix This is required if a prefix is specified A decimal value in the range 0 to 128 that indicates how many of the high order contiguous bits of the address comprise the prefix the network portion of the address in len...

Page 1222: ...h than the aggregate address A prefix whose prefix length equals the length of the aggregate address is not considered a match When BGP originates a summary address it installs a reject route in the common routing table for the summary prefix Any received packets that match the summary prefix but not a more specific route match the reject route and are dropped BGP accepts up to 128 summary address...

Page 1223: ... is not used if multiple routes match an aggregate address but have different MEDs the aggregate takes the MED of the first matching route and any other matching prefix with the same MED is included in the aggregate Matching prefixes with different MEDs are not considered part of the aggregate and continue to be advertised as individual routes Command History Introduced in version 6 2 0 1 firmware...

Page 1224: ...he aggregate takes the MED of the first matching route and any other matching prefix with the same MED is included in the aggregate Matching prefixes with different MEDs are not considered part of the aggregate and continue to be advertised as individual routes Command History Introduced in version 6 2 0 1 firmware Example console config router af bgp aggregate different meds bgp always compare me...

Page 1225: ...ng the MED the decision process normally does not compare MED values in paths received from peers in different autonomous systems This command allows you to force BGP to compare MEDs regardless of if paths are received from a common AS Command History Introduced in version 6 2 0 1 firmware Example console config router bgp always compare med bgp client to client reflection BGP Router Configuration...

Page 1226: ...ts are fully meshed there is no need for the cluster s route reflectors to reflect client routes to other clients within the cluster When client to client reflection is disabled a route reflector continues to reflect routes from non clients to clients and from clients to non clients In BGP Router Configuration mode this command only affects advertisement of IPv4 routes The same command is availabl...

Page 1227: ...ay not re advertise a route a client would have selected as best in the absence of route reflection One way to avoid this effect is to fully mesh the clients within a cluster When clients are fully meshed there is no need for the cluster s route reflectors to reflect client routes to other clients within the cluster When client to client reflection is disabled a route reflector continues to reflec...

Page 1228: ...configured with multiple route reflectors To avoid sending multiple copies of a route to a client each route reflector in a cluster should be configured with the same cluster ID Route reflectors with the same cluster ID must have the same set of clients otherwise some routes may not be reflected to some clients The same cluster ID is used for both IPv4 and IPv6 route reflection Command History Int...

Page 1229: ... the LOCAL_PREF on paths received from internal peers BGP also assigns the default local preference to locally originated paths If you change the default local preference the local preference on paths previously received is not changed it is only applied to paths received after the change To apply the new local preference to paths previously received use clear ip bgp to force a soft inbound reset ...

Page 1230: ...an be overridden for specific interfaces using ip bgp fast external fallover Command History Introduced in version 6 2 0 1 firmware Example console config router bgp fast external fallover bgp fast internal fallover Use the bgp fast internal fallover command to configure BGP to immediately reset the adjacency with an internal peer when there is a loss of reachability to an internal peer Syntax bgp...

Page 1231: ...Syntax bgp listen limit max number range network length inherit peer peer template name no bgp listen limit range network length inherit peer peer template name limit max number Sets a maximum limit number of IPv4 BGP dynamic subnet range neighbors The number is from 1 to 100 Default is 20 range network length Specifies a listen subnet range that is to be created The IP prefix representing a subne...

Page 1232: ... for a BGP peer group and a TCP session is initiated by the neighbor for an IP address in the subnet range a new BGP neighbor is dynamically configured on the local switch Dynamically created neighbors are not displayed in the running config It is acceptable that the template peer name is not specified In this case all dynamic neighbors are created with the default parameters The template peer nam...

Page 1233: ... changes are logged Forward state changes except for transitions to the Established state are logged at the Informational severity level Backward state changes and forward changes to Established are logged at the Notice severity level Command History Introduced in version 6 2 0 1 firmware Example console config router bgp log neighbor changes bgp maxas limit Use this command to specify a limit on ...

Page 1234: ...hose AS PATH attribute is longer than the configured limit BGP sends a NOTIFICATION and resets the adjacency Command History Introduced in version 6 2 0 1 firmware Example console config router bgp maxas limit 1 bgp router id Use the bgp router id command to set the BGP router ID Syntax bgp router id router id no bgp router id router id An IPv4 address in dotted quad notation This is the address f...

Page 1235: ...ministrative state as set by the enable command has no operational effect until a router id is assigned to the BGP router Command History Introduced in version 6 2 0 1 firmware Example console config router bgp router id 10 27 21 142 clear ip bgp Use the clear ip bgp command to reset peering sessions with all of a subnet of BGP peers The command arguments specify which peering sessions are reset a...

Page 1236: ...he neighbor are reprocessed If the out keyword is given updates are resent to the neighbor If neither keyword is given updates are reprocessed in both directions Default Configuration There is no default configuration Command Mode Privileged Exec mode User Guidelines Soft inbound reset causes BGP to send a Route Refresh request to each neighbor being reset If a neighbor does not support the Route ...

Page 1237: ...ifies the VRF for which to clear counters If not given the default VRF counters are cleared Default Configuration There is no default configuration Command Mode Privileged Exec mode User Guidelines There are no user guidelines Command History Introduced in version 6 3 0 1 firmware Example console config router clear ip bgp counters default information originate BGP Router Configuration Use the def...

Page 1238: ...ommand Mode BGP Router Configuration mode User Guidelines Origination of the default route is not subject to a prefix filter configured with the distribute list out command Command History Introduced in version 6 2 0 1 firmware Example console config router default information originate default information originate IPv6 Address Family Configuration Use this command in IPv6 Address Family Config m...

Page 1239: ...t to a prefix filter configured with the distribute list out command Command History Introduced in version 6 2 0 1 firmware Example console config router af default information originate default metric BGP Router Configuration This command sets the value of the Multi Exit Discriminator MED attribute on routes redistributed into BGP when no metric has been specified in the redistribute command Synt...

Page 1240: ... Family Configuration This command sets the metric of redistributed IPv6 routes when a metric is not configured in the redistribute command Syntax default metric value no default metric value The value to as the MED The range is 1 to 4 294 967 295 Default Configuration By default no default metric is set and no MED is included in redistributed routes Command Mode IPv6 Address Family Configuration ...

Page 1241: ...e value The wildcard mask is an inverted network mask whose 1 bits indicate the don t care portion of the prefix prefix list A prefix list can optionally be specified to limit the distance value to a specific set of destination prefixes learned from matching neighbors Default Configuration BGP assigns preference values according to the distance bgp command unless overridden for specific neighbors ...

Page 1242: ...reference value of the BGP route to 100 0 0 0 8 from neighbor 10 1 1 1 use the following distance command R1 Config ip prefix list pfx list1 permit 100 0 0 0 8 R1 Config router bgp 1 R1 Config router distance 25 10 1 1 1 0 0 0 0 pfx list1 To set the preference value to 12 for all BGP routes from neighbor 10 1 1 1 use the following distance command R1 Config router distance 12 10 1 1 1 0 0 0 0 To s...

Page 1243: ...ers and BGP routes locally originated A route with a lower preference value is preferred to a route with a higher preference value to the same destination Routes with a preference of 255 may not be selected as best routes and used for forwarding The change to the default BGP distances does not affect existing routes To apply a distance change to existing routes you must force the routes to be dele...

Page 1244: ... Different distance values can be configured for routes learned from external peers routes learned from internal peers and BGP routes locally originated A route with a lower preference value is preferred to a route with a higher preference value to the same destination Routes with a preference of 255 may not be selected as best routes and used for forwarding The change to the default BGP distances...

Page 1245: ... default Command Mode BGP Router Configuration mode IPv6 Address Family Configuration mode User Guidelines The distribute list is applied to all routes received from all neighbors Only routes permitted by the prefix list are accepted If the command refers to a prefix list that does not exist the command is accepted and all routes are permitted Command History Introduced in version 6 2 0 1 firmware...

Page 1246: ...fault Command Mode BGP Router Configuration mode User Guidelines Only one instance of this command may be defined for each route source RIP OSPF static connected One instance of this command may also be configured as a global filter for outbound prefixes If the command refers to a prefix list that does not exist the command is accepted and all routes are permitted When a distribute list is added c...

Page 1247: ...ute lists are defined by default Command Mode IPv6 Address Family Configuration mode User Guidelines Only one instance of this command may be defined for each route source RIP OSPF static connected One instance of this command may also be configured as a global filter for outbound prefixes If the command refers to a prefix list that does not exist the command is accepted and all routes are permitt...

Page 1248: ...stratively disabled BGP sends a NOTIFICATION message to each peer with a Cease error code The no enable command persists in the running config and startup config only when a router id has assigned using the bgp router id command If no router id has been assigned the administrative state will not appear in the running config or in the startup config Command History Introduced in version 6 2 0 1 fir...

Page 1249: ...tes on the AS path attribute of a BGP route The AS path attribute is a list of the autonomous system numbers along the path to the destination An AS path access list is an ordered sequence of statements Each statement specifies a regular expression and a permit or deny action If the regular expression matches the AS path of the route expressed as an ASCII string the route is considered a match and...

Page 1250: ... as path access list 1 deny _100_ console config ip as path access list 1 deny 100 console config router bgp 1 Special Character Symbol Behavior asterisk Matches zero or more sequences of the pattern brackets Designates a range of single character patterns caret Matches the beginning of the input string dollar sign Matches the end of the input string hyphen Separates the end points of a range peri...

Page 1251: ...andard communities are displayed in AA NN format Command Mode Global Configuration mode User Guidelines RFC 1997 specifies that the first two bytes of a community number are considered to be an autonomous system number The new format displays a community number as the ASN followed by a 16 bit AS specific number Command History Introduced in version 6 2 0 1 firmware Example console config ip bgp co...

Page 1252: ...nabled on the interface regardless of the global configuration If deny is specify the feature is disabled on the interface regardless of the global configuration The command no ip bgp fast external fallover clears the interface settings and indicates that the global settings should be used Example console config if vlan1 ip bgp fast external fallover permit ip community list Use this command to cr...

Page 1253: ...tes the routes are not to be advertised to external BGP peers Default Configuration No community lists are configured by default Command Mode Global Configuration mode User Guidelines A community list statement with no community values is considered a match for all routes regardless of their community membership So the statement ip community list bullseye permit is a permit all statement A communi...

Page 1254: ... of extended communities permit deny Permits or denies access for a matching condition Once a permit value has been configured to match a given set of extended communities the extended community list defaults to an implicit deny for all other values rt value Specifies the route target RT extended community value The route target can be configured only with standard extended community lists This va...

Page 1255: ...ties attribute is configured with the rt keyword This attribute is used to identify a set of sites and VRFs that may receive routes that are tagged with the configured route target Configuring the route target extended attribute with a route allows that route to be placed in the per site forwarding tables that are used for routing traffic that is received from corresponding sites Site of Origin Ex...

Page 1256: ...nfig route map SEND_OUT permit 10 R1 config route map match extcommunity 10 R1 config route map set extcommunity rt 10 10 additive R1 config route map exit The following example shows the usage of extended communities attribute in BGP configuration mode and sending of the extended communities attribute to external peer at 1 1 1 1 R1 Config router bgp 1 R1 Config router neighbor 1 1 1 1 remote as 2...

Page 1257: ...f match and set clauses apply to the configuration of extended community attributes Command History Introduced in version 6 3 0 1 firmware Example The following example shows that the routes that match extended community list 10 will set the additional route target attribute to 10 10 R1 config ip extcommunity list 10 permit rt 1 1 R1 config route map SEND_OUT permit 10 R1 config route map match ex...

Page 1258: ...erence AS path origin MED peer type and IGP distance When BGP uses multiple paths in an ECMP route BGP still selects one path as the best path and advertises only that path to its peers Refer to Appendix A 1 in the Users Configuration Guide for the default per platform ECMP ranges using the entry Number of ECMP next hops per route The number of ECMP next hops is dependent on the chosen STM templat...

Page 1259: ...he range Default Configuration BGP advertises a single next hop by default Command Mode IPv6 Address Family Configuration User Guidelines Paths are considered for ECMP when their attributes are the same local preference AS path origin MED peer type and IGP distance When BGP uses multiple paths in an ECMP route BGP still selects one path as the best path and advertises only that path to its peers T...

Page 1260: ...icts the range Default Configuration BGP uses a single next hop by default Command Mode BGP Router Configuration mode User Guidelines Paths are considered for ECMP when their attributes are the same local preference AS path origin MED and IGP distance and the paths are received from different routers When BGP uses multiple paths in an ECMP route BGP still selects one path as the best path and adve...

Page 1261: ...tricts the range Default Configuration BGP uses a single next hop by default Command Mode IPv6 Address Family Configuration mode User Guidelines Paths are considered for ECMP when their attributes are the same local preference AS path origin MED and IGP distance and the paths are received from different routers When BGP uses multiple paths in an ECMP route BGP still selects one path as the best pa...

Page 1262: ...address of a peer ipv6 address The IPv6 address of a peer interface id If the neighbor s IPv6 address is a link local address the local interface must also be specified This must be a VLAN routing interface and is specified using the VLAN keyword autodetect interface interface id Optional The routing interface on which the neighbor s link local IPv6 address is auto detected The interface id must b...

Page 1263: ...ss family ipv6 console Config router af neighbor 172 20 1 2 activate console Config router af neighbor 172 20 1 2 route map SET V6 NH out console Config router af exit console config router exit console config route map SET V6 NH permit 10 console route map set ipv6 next hop 2001 1 200 1 neighbor advertisement interval BGP Router Configuration Use this command to configure the minimum time that mu...

Page 1264: ...inal result is advertised to the neighbor Dell EMC Networking BGP enforces the advertisement interval by limiting how often phase 3 of the decision process can run for each update group The interval applies to withdrawals as well as active advertisements Command History Introduced in version 6 2 0 1 firmware Example console config router neighbor 10 27 9 99 advertisement interval 100 neighbor adve...

Page 1265: ...e advertisement If BGP changes the route to a destination multiple times while waiting for the advertisement interval to expire only the final result is advertised to the neighbor Dell EMC Networking BGP enforces the advertisement interval by limiting how often phase 3 of the decision process can run for each update group The interval applies to withdrawals as well as active advertisements The VLA...

Page 1266: ...LAN routing interface on which the neighbor s link local IPv6 address is auto detected Use the vlan keyword and a VLAN identifier allowas in count The maximum number of occurrences of the local ASN allowed in the AS_PATH attribute received in the prefix updates The allowed range is 1 10 Default Configuration The router does not accept prefixes with the local ASN is part of the AS_PATH attribute Co...

Page 1267: ...ess the local interface must also be specified The interface must be a VLAN routed interface interface interface id A routing interface identifier VLAN identifier autodetect interface interface id The routing interface on which the neighbor s link local IPv6 address is auto detected The interface must be a VLAN routed interface retry time The number of seconds to wait before attempting to establis...

Page 1268: ...router neighbor FE80 0202 B3FF FE1E 8329 interface vlan 10 connect retry interval 10 neighbor default originate BGP Router Configuration To configure BGP to originate a default route to a specific neighbor use the neighbor default originate command in BGP Router Configuration mode Syntax neighbor ip address ipv6 address interface interface id default originate route map map name interface id A rou...

Page 1269: ... the show ip bgp neighbors advertised routes command Origination of the default route is not subject to a prefix filter configured with the command distribute list prefix out BGP Router Configuration A route map may be configured to set attributes on the default route sent to the neighbor If the route map includes a match ip address term that term is ignored If the route map includes match communi...

Page 1270: ...sed if the Adj RIB Out does not include a default learned by other means either from the default information originate BGP Router Configuration command or a default learned from a peer This type of default origination is not conditioned on the presence of a default route in the routing table This form of default origination does not install a default route in the BGP routing table it will not appe...

Page 1271: ...rface id autodetect interface interface id description text no neighbor ip address ipv6 address interface interface id autodetect interface interface id description interface id A routing interface identifier VLAN interface ip address The neighbor s IP address ipv6 address interface interface id The neighbor s IPv6 address If the neighbor s IPv6 address is a link local address the local interface ...

Page 1272: ... that are not directly connected Syntax neighbor ip address ipv6 address interface interface id autodetect interface interface id ebgp multihop hop count no neighbor ip address ipv6 address interface interface id autodetect interface interface id ebgp multihop hop count ip address The neighbor s IPv4 address This is the IP address of the neighbor on the connected link ipv6 address The neighbor s I...

Page 1273: ...detect Interface When BGP is deployed in an IPv6 data center network it is desirable to use IPv6 link local addresses as BGP neighbors Using link local addresses avoids the need to assign and manage global IPv6 addresses on interconnect links Dell EMC Networking already supports BGP neighbors with link local IPv6 addresses but it requires that the link local IPv6 address of the neighbor be configu...

Page 1274: ...is is considered to be an error and the address auto detection fails 5 The feature is supported only on platforms that also support the RFC 5549 6 The feature is applicable only for directly connected neighbors 7 Multiple access VLANs are not supported Command History Introduced in version 6 3 0 1 firmware Example console config router bgp 65000 console config router neighbor 172 20 1 2 remote as ...

Page 1275: ... to advertisements to be sent to the neighbor Default Configuration No neighbor filter lists are configured by default Command Mode BGP Router Configuration mode User Guidelines Only a single AS path list can be configured in each direction for each neighbor If you invoke the command a second time for a given neighbor the new AS path list number replaces the previous AS path list number If you ass...

Page 1276: ... id filter list as path list number in out ip address The neighbor s IPv4 address ipv6 address interface interface id The neighbor s IPv6 address If the neighbor s IPv6 address is a link local address the local interface must also be specified as path list number Identifies an AS path list in The AS Path list is applied to advertisements received from the neighbor out The AS Path list is applied t...

Page 1277: ...eighbor ip address ipv6 address interface interface id autodetect interface interface id inherit peer template name ip address The neighbor s IPv4 address ipv6 address interface interface id The neighbor s IPv6 address If the neighbor s IPv6 address is a link local address the local interface must also be specified autodetect interface interface id The VLAN routing interface on which the neighbor ...

Page 1278: ...e config rtr tmp timers 3 9 console config rtr tmp address family ipv4 console config rtr tmp af send community console config rtr tmp af route map RM4 IN in console config rtr tmp af route map RM4 OUT out console config rtr tmp af exit console config rtr tmp exit console config router neighbor 172 20 1 2 inherit peer AGGR console config router neighbor 172 20 2 2 inherit peer AGGR neighbor local ...

Page 1279: ...de User Guidelines In typical data center deployments using CLOS networks the peering is all external BGP between the BGP devices requiring an unique ASN for each router Normally the private BGP networks are expected to use private AS numbers But there are only 1024 private AS numbers in the standard 2 byte ASN Due to this limitation data center deployments are forced to use public ASNs in their p...

Page 1280: ... Router Configuration Use the neighbor maximum prefix command to configure the maximum number of IPv4 prefixes that BGP will accept from a specified neighbor Syntax neighbor ip address ipv6 address interface interface id maximum prefix maximum threshold warning only unlimited no neighbor ip address ipv6 address interface interface id maximum prefix ip address The neighbor s IP address ipv6 address...

Page 1281: ...e warning only option is configured warning only Optional If BGP receives more than the maximum number of prefixes BGP writes a log message rather than shutting down the adjacency Default Configuration There is no prefix limit by default The default warning threshold is 75 A neighbor that exceeds the limit is shut down by removing the adjacency unless the warning only option is configured Command ...

Page 1282: ...imum The maximum number of prefixes BGP will accept from this neighbor Range 0 4294967295 Values greater than the free space in the route table are not enforced threshold The percentage of the maximum number of prefixes BGP configured for this neighbor When the number of prefixes received from the neighbor exceeds this percentage of the maximum BGP writes a log message The range is 1 to 100 percen...

Page 1283: ...v4 or an IPv6 address The VLAN interface must also be specified if a link local address is specified Command History Introduced in version 6 2 0 1 firmware Example console config router af neighbor FE80 0202 B3FF FE1E 8329 interface vlan 10 maximum prefix unlimited neighbor next hop self BGP Router Configuration The neighbor next hop self command configures BGP to set the next hop attribute to a l...

Page 1284: ...r DMZ subnet The next hop self option eliminates the need to advertise the external subnet in the IGP The neighbor next hop self command sets the next hop for all routes sent to a neighbor The VLAN interface must also be specified if a link local address is specified Command History Introduced in version 6 2 0 1 firmware Example console config router neighbor FE80 0202 B3FF FE1E 8329 interface vla...

Page 1285: ...ly done by configuring the IGP on the border router to advertise the external or DMZ subnet The next hop self option eliminates the need to advertise the external subnet in the IGP In IPv6 Address Family Configuration mode the command accepts either an IPv4 or an IPv6 address For IPv6 BGP uses an IPv6 address from the local interface that terminates the peering session The VLAN interface must also...

Page 1286: ...cted The interface id must be a VLAN routing interface string Case sensitive password from 1 to 25 characters in length Default Configuration MD5 authentication is disabled by default Command Mode BGP Router Configuration mode IPv4 Address Family Configuration mode User Guidelines MD5 must either be enabled or disabled on both peers The same password must be configured on both peers After a TCP co...

Page 1287: ... list ipv6 address The neighbor s IPv6 address If the neighbor s IPv6 address is a link local address the local interface must also be specified This command is available in IPv6 address family mode interface vlan vlan id The local interface VLAN ID over which the IPv6 neighbor can be reached Range 1 4093 in Apply the prefix list to advertisements received from this neighbor out Apply the prefix l...

Page 1288: ...or ip address ipv6 address interface vlan vlan id prefix list prefix list name in out ip address The neighbor s IPv4 address prefix list name The name of an IP prefix list ipv6 address The neighbor s IPv6 address If the neighbor s IPv6 address is a link local address the local interface must also be specified This command is available in IPv6 address family mode interface vlan vlan id The local in...

Page 1289: ...o neighbor ip address ipv6 address interface vlan vlan id autodetect interface interface id remote as ip address The neighbor s IPv4 address For external peers this address must be an IPv4 address on the link that connects the two peers For internal peers the neighbor address can be any address such as the IPv4 address of a loopback interface ipv6 address The neighbor s IPv6 address If the neighbo...

Page 1290: ...nes Up to 100 neighbors can be configured Command History Introduced in version 6 2 0 1 firmware Updated in version 6 3 0 1 firmware Example console config router neighbor 10 130 14 55 remote as 10 neighbor remove private as Use the neighbor remove private as command to remove private AS numbers when advertising IPv4 routes to an external peer To stop removing private AS numbers use the no form of...

Page 1291: ... original AS path includes any non private AS numbers The AS path advertised to the external peer always includes at least one instance of the local AS number therefore removing private AS numbers never results in advertisement of an empty AS_PATH attribute AS numbers from 64512 to 65535 inclusive are considered private Although 65535 is a reserved ASN and not technically part of the private range...

Page 1292: ... can only be applied to external BGP peers via a single hop The Next Hop Address advertised for the IPv4 prefixes consists of the link local IPv6 address and the global IPv6 address if configured on the interface When the Extended Next Hop Encoding capability is not received from a neighbor Dell EMC Networking does not advertise the RFC 5549 routes to the neighbor The Dell EMC Networking solution ...

Page 1293: ... redistribute connected console config router neighbor 2001 2 remote as 200 console config router neighbor 2001 2 rfc5549 support console config router neighbor 2002 2 remote as 300 neighbor route map BGP Router Configuration Use the neighbor route map command to apply a route map to incoming or outgoing routes for a specific neighbor To remove the route map use the no form of this command Syntax ...

Page 1294: ...0 14 55 route map test in neighbor route map IPv6 Address Family Configuration In IPv6 address family configuration mode the neighbor route map command specifies a route map to be applied to inbound or outbound IPv6 routes To remove the route map use the no form of this command Syntax neighbor ip address ipv6 address interface vlan vlan id route map map name in out no neighbor ip address ipv6 addr...

Page 1295: ...ist or a prefix list If a neighbor route map statement refers to a non existent route map all routes are denied Neighbor route maps configured with this command in router configuration mode are only applied to IPv4 routes In IPv6 address family mode the command accepts either an IPv4 or an IPv6 address Command History Introduced in version 6 2 0 1 firmware Example console config router af neighbor...

Page 1296: ...flector If you configure multiple route reflectors within a cluster you must configure each route reflector in the cluster with the same cluster ID Use the bgp cluster id command to configure a cluster ID An external peer may not be configured as a route reflector client When reflecting a route BGP ignores the set statements in an outbound route map to avoid causing the receiver to compute routes ...

Page 1297: ...ot re advertise BGP routes received from an internal peer to other internal peers If you configure a peer as a route reflector client this router will re advertise such routes A router is a route reflector if it has one or more route reflector clients Configuring the first route reflector client automatically makes the router a route reflector If you configure multiple route reflectors within a cl...

Page 1298: ...ibute in UPDATE messages to a specific neighbor Syntax neighbor ip address send community no neighbor ip address send community ip address The neighbor s IPv4 address Default Configuration The communities attribute is not sent to neighbors by default Command Mode BGP Router Configuration mode User Guidelines There are no user guidelines Command History Introduced in version 6 2 0 1 firmware Exampl...

Page 1299: ...rface interface id send community ip address The neighbor s IPv4 address ipv6 address interface interface id The neighbor s IPv6 address If the neighbor s IPv6 address is a link local address the local interface must also be specified Default Configuration The communities attribute is not sent to neighbors by default Command Mode IPv6 Address Family Configuration mode User Guidelines The command a...

Page 1300: ...The neighbor s IPv4 address This is the IP address of the neighbor on the connected link ipv6 address The neighbor s IPv6 address If the neighbor s IPv6 address is a link local address the local interface must also be specified Valid in IPv6 address family configuration mode interface id The local VLAN routing interface over which the IPv6 neighbor can be reached Use the vlan keyword and a VLAN ID...

Page 1301: ...ecific neighbor Syntax neighbor ip address ipv6 address interface vlan vlan id autodetect interface interface id timers keepalive holdtime no neighbor ip address ipv6 address interface vlan vlan id autodetect interface interface id timers ip address The neighbor s IPv4 address This is the IP address of the neighbor on the connected link ipv6 address The neighbor s IPv6 address If the neighbor s IP...

Page 1302: ...es The range is 0 3 to 65 535 seconds Default Configuration The keepalive and hold timers default to the globally configured values set with the timers bgp command Command Mode BGP Router Configuration mode IPv4 Address Family Configuration mode User Guidelines The new values are not applied to adjacencies already in the ESTABLISHED state Updated keepalive or hold time values are only applied when...

Page 1303: ...e routing interface on which the neighbor s link local IPv6 address is auto detected The interface id must be a VLAN routing interface Range is 1 4093 update source interface Use the primary IPv4 address on the specified interface as the source IP address for the TCP connection with the neighbor Default Configuration When no update source is configured the BGP TCP connections use the primary IPv4 ...

Page 1304: ...efix The prefix is only advertised if the common routing table includes a non BGP route with the same prefix The route may be a connected route a static route or a dynamic route from another routing protocol Syntax network prefix mask network mask route map rm name no network prefix mask network mask route map rm name network ipv6 prefix prefix length route map rm name no network ipv6 prefix prefi...

Page 1305: ... map does not exist the network prefix is not advertised all routes are denied Default Configuration No networks are advertised by default Command Mode BGP Router Configuration User Guidelines BGP supports up to 64 networks The network command may also be used specify a default route network 0 0 0 0 mask 0 0 0 0 If a route map is configured to set attributes on the advertised routes match as path ...

Page 1306: ...n the form documented in RFC 2373 where the address is specified in hexadecimal using 16 bit values between 0x00 and 0xff and separated by colons prefix length The length of the IPv6 prefix given as part of the ipv6 prefix Required if a prefix is specified A decimal value in the range 1 to 128 that indicates how many of the high order contiguous bits of the address comprise the prefix the network ...

Page 1307: ...ork 10 130 14 55 255 255 0 0 Default Configuration The default tag value is 0 There is no default metric or route map configured Command Mode Router BGP Configuration mode User Guidelines The configured metric value is specific to the routes distributed Use the default metric command to configure a default metric for all redistributed routes The RIP metric is a hop count The metric for a redistrib...

Page 1308: ...a 32 bit value Ex 100 11 32 bit IPv4 address a 16 bit value Ex 10 1 1 1 22 Default Configuration VRF configuration Command Mode Privileged Exec mode User Guidelines An RD creates routing and forwarding table instance and specifies the default route distinguisher for a VPN The RD is prepended to IPv4 prefixes to change them into globally unique VPN IPv4 prefixes An RD is either ASN related Composed...

Page 1309: ...s outside of BGP BGP can redistribute local connected static OSPF and RIP routes Syntax redistribute ospf match internal external 1 external 2 nssa external 1 nssa external 2 rip connected static metric metric value route map map tag no redistribute ospf match internal external 1 external 2 nssa external 1 nssa external 2 rip connected static metric metric value route map map tag ospf rip connecte...

Page 1310: ...n also be used to filter redistributed routes by prefix Either a redistribute route map or a distribute list may be configured but not both Successive invocations of the redistribute command are additive The redistribute command does not overwrite previous redistribute command configuration or the default configuration Use the no redistribute command to remove the redistribution of internal or ext...

Page 1311: ...tric metric value route map map tag ospf rip connected static A source of routes to redistribute metric metric value Optional When this option is specified BGP advertises the prefix with the Multi Exit Discriminator path attribute set to the configured value If this option is not specified but a default metric is configured for BGP default metric command the MED is set to the default metric If bot...

Page 1312: ...r a redistribute route map or a distribute list may be configured but not both Successive invocations of the redistribute command are additive The redistribute command does not overwrite previous redistribute command configuration or the default configuration Use the no redistribute command to remove the redistribution of internal or external routes A default route cannot be redistributed unless t...

Page 1313: ...on from the target VPN extended community both Exports and imports the routing information to from the target VPN extended community rt ext comm The route target extended community attributes to be added to the list of import export or both import and export route target extended communities The route target specifies a target VPN extended community Like a route distinguisher the route target exte...

Page 1314: ...ware Example The following example shows how to configure route target extended community attributes for a VRF instance in IPv4 The result of this command sequence is that VRF named Customer_A has two export extended communities 100 10 and 300 10 and two import extended communities 300 10 and 192 168 10 1 10 console config ip vrf Customer_A console config vrf Customer_A route target export 100 10 ...

Page 1315: ...Configuring the route target extended attribute with a route allows that route to be placed in the per site forwarding tables that are used for routing traffic that is received from corresponding sites Only one route target can be specified in a single set extcommunity rt command To specify more than one route target issue the command again with the additive keyword By default specifying route tar...

Page 1316: ...owing formats 16 bit AS number your 32 bit value Ex 100 11 32 bit IPv4 address your 16 bit value Ex 10 1 1 1 22 additive Adds a route target to the existing route target list without replacing any existing route targets Default Configuration No site of origin extended community attributes are set Command Mode Route Map Configuration mode User Guidelines The site of origin SOO extended communities ...

Page 1317: ...nity list in the inward direction show bgp ipv6 Use this command to display IPv6 routes in the BGP routing table This command deprecates and replaces the show ipv6 bgp command Syntax show bgp ipv6 ipv6 prefix prefix length longer prefixes shorter prefixes length filter list as path list ipv6 prefix An IPv6 network prefix This argument must be in the form where the address is specified in hexadecim...

Page 1318: ...e is no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all sub modes User Guidelines The following fields are displayed Field Description BGP table version Each time phase 2 of the BGP decision process runs to select new BGP routes this number is incremented Status codes s The route is aggregated into an aggregate address configured with the su...

Page 1319: ...64 3FFE 100 1 10 100 20 10 show bgp ipv6 aggregate address Use this command to display the configured IPv6 aggregate addresses and indicates if each address is currently active This command replaces and deprecates the show ipv6 bgp aggregate address command Syntax show bgp ipv6 aggregate address group Default Configuration There is no default configuration Command Mode Privileged Exec mode Global ...

Page 1320: ...or more community values which may be in either format and may contain the well known community keywords no advertise and no export The output displays routes that belong to every community specified in the command exact match Only displays routes that are members of those and only those communities specified in the command Field Description Prefix Len Destination prefix and prefix length AS Set I...

Page 1321: ...ion Each time phase 2 of the BGP decision process runs to select new BGP routes this number is incremented Status codes s The route is aggregated into an aggregate address configured with the summary only option Dell EMC Networking BGP never displays invalid routes so this code is always displayed to maintain consistency with the industry standard Indicates that BGP has selected this path as the b...

Page 1322: ...ity list name exact match name A standard community list name exact match Displays only routes that are an exact match for the set of communities in the matching community list statement Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration sub modes User Guidelines The following fields are display...

Page 1323: ...ork length network length Displays information about the specified listen range vrf name The name of a previously configured VRF Status codes s The route is aggregated into an aggregate address configured with the summary only option Dell EMC Networking BGP never displays invalid routes so this code is always displayed to maintain consistency with the industry standard Indicates that BGP has selec...

Page 1324: ...ited Template template_2001 Member ASN State 2001 10 65001 OPENCONFIRM 2001 20 0 ACTIVE Listen Range 2002 1 64 Inherited Template template_2002 Member ASN State show bgp ipv6 neighbors Use this command to display neighbors with IPv4 or IPv6 peer addresses that are enabled for the exchange of IPv6 prefixes This command deprecates and replaces the show ipv6 bgp neighbors command Syntax show bgp ipv6...

Page 1325: ...bal Configuration mode and all Configuration sub modes User Guidelines RFC 5549 Support is displayed only if the BGP neighbor is peered over IPv6 network If the peer is configured as autodetect the Remote Address shows detected IPv6 address or Unresolved in case if the peer is not detected by the autodetect feature Autodetect status is displayed only if the peer is configured as autodetect The fie...

Page 1326: ...es can be exchanged with this peer Both indicates that IPv4 is active locally and the neighbor indicated support for IPv4 unicast in its OPEN message Sent indicates that IPv4 unicast is active locally but the neighbor did not include this AFI SAFI pair in its OPEN message IPv4 unicast is always enabled locally and cannot be disabled IPv6 Unicast Support Indicates whether IPv6 unicast routes can be...

Page 1327: ... only shown if the adjacency state is OPEN CONFIRM or greater Prefix Limit The maximum number of prefixes this router is willing to accept from this neighbor Prefix Warning Threshold Percentage of the prefix limit that causes a warning message to be logged Warning Only on Prefix Limit Whether to shutdown a neighbor that exceeds the prefix limit TRUE if the event is logged without shutting down the...

Page 1328: ...or received from this neighbor Prefixes Withdrawn A running count of the number of prefixes included in the Withdrawn Routes portion of UPDATE messages to and from this neighbor Prefixes Current The number of prefixes currently advertised to or received from this neighbor For inbound prefixes this count only includes prefixes that passed inbound policy Prefixes Accepted The number of prefixes from...

Page 1329: ...ep Alive Time 30 sec Negotiated Hold Time 30 sec Keep Alive Time 10 sec MD5 Password password Last Error Sent Hold Timer Expired Last SubError None Time Since Last Error 0 day 0 hr 4 min 27 sec Established Transitions 1 Established Time 0 day 0 hr 4 min 25 sec Time Since Last Update 0 day 0 hr 4 min 24 sec IPv6 Outbound Update Group 7 Open Update Keepalive Notification Refresh Total Msgs Sent 1 0 ...

Page 1330: ...ce interface id The IPv6 address of a BGP peer If the peer address is an IPv6 link local address the interface that defines the scope of the link local address must be given autodetect interface interface id Optional The routing interface on which the neighbor s link local IPv6 address is auto detected The interface ID must be a VLAN routing interface Default Configuration There is no default conf...

Page 1331: ...atus Codes p The route has been updated in Adj RIB Out since the last UPDATE message was sent Transmission of an UPDATE message is pending Network The Destination prefix Next Hop The BGP Next Hop as advertised to the peer Metric The value of the Multi Exit Discriminator MED if the MED is advertised to the peer LocPref The local preference Local preference is never advertised to external peers Path...

Page 1332: ...ly be specified to limit the output to a single neighbor ipv6 address interface interface id The IPv6 address of a neighbor If specified the output shows only this neighbor If the neighbor s address is a link local address the interface must be specified Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Conf...

Page 1333: ...d routes except that they list IPv6 routes Also the command displays a list of IPv4 routes received from a specific neighbor with RFC5549 This command deprecates and replaces the show ipv6 bgp neighbors received routes command Syntax show bgp ipv6 neighbors ipv4 address ipv6 address interface interface id autodetect interface interface id received routes routes rejected routes ipv4 address The IPv...

Page 1334: ...n codes i IGP e EGP incomplete Network Next Hop Metric LocPref Path Origin 1010 10 64 1010 10 103 0 65001 i 2020 20 64 1010 10 103 0 65001 i console show bgp ipv6 neighbors fe80 21e c9ff fede b51a interface vlan 10 received routes Local router ID is 0 0 0 101 Field Description Network The destination prefix Next Hop The BGP Next Hop as advertised by the peer Metric The value of the MED if a MED is...

Page 1335: ...rivileged Exec mode Global Configuration mode and all Configuration sub modes User Guidelines The following fields are displayed Field Description Delta T How long since the decision process was run hours minutes seconds if the elapsed time is less than 24 hours Otherwise days hours Phase The phase of the decision process that was run Upd Grp Outbound update group ID Only applies when phase 3 is r...

Page 1336: ...isplay a summary of BGP configuration and status This command deprecates and replaces the show ipv6 bgp summary command Syntax show bgp ipv6 summary Peer Phase 1 of the decision process can be triggered for a specific peer when a peer s inbound routing policy changes or the peer is reset When phase 1 is run for a single peer the peer s IP address is given Duration How long the decision process too...

Page 1337: ... an internal BGP route Default Keep Alive Time The configured keepalive time used by all peers that have not been configured with a peer specific keepalive time Default Hold Time The configured hold time used by all peers that have not been configured with a peer specific hold time Number of Network Entries The number of distinct IPv6 prefixes in the local RIB Number of AS Paths The number of IPv6...

Page 1338: ... routes being redistributed Distribute List The name of the prefix list used to filter redistributed routes if one is configured with the distribute list out command Route Map The name of the route map used to filter redistributed routes Neighbor The IP address of a neighbor ASN The neighbor s ASN MsgRcvd The number of BGP messages received from this neighbor MsgSent The number of BGP messages sen...

Page 1339: ...oup index ipv4 address ipv6 address interface interface id autodetect interface interface id group index If specified this option restricts the output to a single update group ipv4 address The IPv4 address of a peer enabled for exchange of IPv6 prefixes If specified this option restricts the output to the update group containing the peer with the given address ipv6 address interface interface id T...

Page 1340: ...psed since the update send process executed hours minutes seconds Duration How long the update send process took in milliseconds UPD Built The number of UPDATE messages built UPD Sent The number of UPDATE messages successfully transmitted to group members Normally a copy of each UPDATE message built is sent to each group member Paths Sent The number of paths advertised Pfxs Adv The number of prefi...

Page 1341: ...process has run for this group to determine which routes should be advertised to the group Number of UPDATEs Sent The number of UPDATE messages that have been sent to this group Incremented once for each UPDATE regardless of the number of group members Time Since Last UPDATE Time since an UPDATE message was last sent to the group If no UPDATE has been sent to the group the status is Never Current ...

Page 1342: ...lient is configured with an outbound route map the output warns that set statements in the route map are ignored when reflecting routes to this client The following information is displayed Field Description Cluster ID The cluster ID used by this router The value is tagged as configured when the value is configured with the bgp cluster id command When no cluster ID is configured the local router I...

Page 1343: ...s destination prefix longer prefixes Optional Used with the network pfx len option to show routes whose prefix length is equal to or longer than pfx len This option may not be given if the shorter prefixes option is given shorter prefixes length Optional Used with the network pfx len option to show routes whose prefix length is shorter than pfx len and optionally longer than a specified length Thi...

Page 1344: ...phase 2 of the BGP decision process runs to select new BGP routes this number is incremented Status codes s The route is aggregated into an aggregate address configured with the summary only option Dell EMC Networking BGP never displays invalid routes so this code is always displayed to maintain consistency with the industry standard Indicates that BGP has selected this path as the best path to th...

Page 1345: ... command to list the aggregate addresses that have been configured and indicates whether each is currently active Syntax show ip bgp vrf vrf name aggregate address vrf vrf name Displays the aggregate address information associated with the named VRF Default Configuration By default information about the global VRF is shown Command Mode Privileged Exec mode Global Configuration mode and all sub mod...

Page 1346: ...ated with the named VRF communities A string of zero or more community values which may be in either format and may contain the community keywords no advertise and no export The output displays routes that belong to every community specified in the command exact match Only displays routes that are members of the communities specified in the command AS Set Indicates whether an empty AS path is adve...

Page 1347: ...al router ID is 65 1 1 1 Status Codes s suppressed valid best i internal Origin Codes i IGP e EGP incomplete Network Next Hop Metric LocPref Path Origin show ip bgp community list The show ip bgp community list command lists the routes that are allowed by the specified community list Syntax show ip bgp vrf vrf name community list name exact match vrf vrf name Displays the route information associa...

Page 1348: ...rsion is 0 local router ID is 65 1 1 1 Status Codes s suppressed valid best i internal Origin Codes i IGP e EGP incomplete Network Next Hop Metric LocPref Path Origin show ip bgp extcommunity list Use the show ip bgp extcommunity list command to display all the permit and deny attributes of the given extended community list If the list number is specified the output is displayed that matches the g...

Page 1349: ...splay information about IPv4 BGP listen ranges Syntax show ip bgp vrf vrf name listen range network length network length Displays information about the specified listen range vrf name The name of a previously configured VRF Field Description Standard extended community list The standard named extended community list permit Permits access for a matching condition Once a permit value has been confi...

Page 1350: ...isten range Listen Range 10 27 0 0 16 Inherited Template template_10_27 Member ASN State 10 27 8 189 65001 OPENCONFIRM 10 27 128 235 0 ACTIVE Listen Range 15 15 0 0 24 Inherited Template template_15_15 Member ASN State show ip bgp neighbors The show ip bgp neighbors command shows details about BGP neighbor configuration and status Syntax show ip bgp vrf vrf name neighbors neighbor address neighbor...

Page 1351: ...single neighbor If no neighbor address is specified the command shows all neighbors enabled for IPv4 prefix exchange If the vrf name argument is specified information pertaining to that VRF is displayed The following fields are displayed Field Description Remote Address The neighbor s IP address Remote AS The neighbor s autonomous system number Peer ID The neighbor s BGP router ID Peer Admin Statu...

Page 1352: ...dress used as the source IP address in packets sent to this neighbor Configured Hold Time The time in seconds that this router proposes to this neighbor as the hold time Configured Keep Alive Time The configured KEEPALIVE interval for this neighbor Negotiated Hold Time The minimum configured hold time and the hold time in the OPEN message received from this neighbor If the local router does not re...

Page 1353: ...berror reported with the last error Established Transitions The number of times the adjacency has transitioned into the Established state Established Time How long since the connection last transitioned to or from the Established state Time Elapsed Since Last Update How long since an UPDATE message has been received from this neighbor Message Table The number of BGP messages sent to and received f...

Page 1354: ... path attribute has a length value that exceeds the remaining length of the path attributes field Invalid ORIGIN code A received UPDATE message included an invalid ORIGIN code Unexpected first ASN in AS path The AS Path attribute from an external peer did not include the peer s AS number as the first AS Invalid AS path segment type The AS Path includes a segment with an invalid segment type Invali...

Page 1355: ...d Time None Configured Keep Alive Time None Prefix Limit 8160 Prefix Warning Threshold 75 Warning Only On Prefix Limit False MD5 Password None Originate Default False Last Error Sent OPEN Message Error Last SubError Bad Peer AS Time Since Last Error 0 days 00 hrs 00 mins 02 secs Established Transitions 0 Established Time 0 days 01 hrs 45 mins 20 secs Time Since Last Update No UPDATE received IPv4 ...

Page 1356: ...Update Source Local Interface Address 172 20 1 2 Configured Hold Time 90 sec Configured Keep Alive Time 30 sec Negotiated Hold Time 30 sec Keep Alive Time 10 sec Prefix Limit None Prefix Warning Threshold 75 Warning Only On Prefix Limit TRUE Minimum Advertisement Interval 30 sec MD5 Password password Originate Default TRUE Last Error Sent Hold Timer Expired Last SubError None Time Since Last Error...

Page 1357: ...expected first ASN in AS path 1 Established Transitions 1 Established Time 0 days 00 hrs 00 mins 10 secs show ip bgp neighbors advertised routes The show ip bgp neighbors advertised routes command displays the list of routes advertised to a specific neighbor These are the routes in the adjacent RIB out for the neighbor s outbound update group Syntax show ip bgp vrf vrf name neighbors ip address ad...

Page 1358: ...rsion 6 3 0 1 firmware Example console show ip bgp neighbors 10 10 10 10 advertised routes Counters Description BGP table version Each time phase 2 of the BGP decision process runs to select new BGP routes this number is incremented Status codes p The route has been updated in Adj RIB Out since the last UPDATE message was sent Transmission of an UPDATE message is pending Network Destination prefix...

Page 1359: ... ip address received routes routes rejected routes vrf vrf name Displays the aggregate address information associated with the named VRF ip address The IPv4 address of a BGP neighbor Received routes Display the routes received by a particular neighbor prior to filtering Routes Display both the received and advertised routes Rejected routes Display the routes rejected from the specified neighbor De...

Page 1360: ...10 10 10 3 routes Local router ID is 0 0 0 101 Origin codes i IGP e EGP incomplete Network Next Hop Metric LocPref Path Origin 1 1 1 0 24 10 10 10 3 1 65001 i 1 2 0 0 16 10 10 10 3 0 65001 i 1 2 3 0 24 10 10 10 3 0 65001 i Fields Description Network Destination prefix Next Hop The BGP NEXT HOP as advertised by the peer Metric The value of the Multi Exit Discriminator if a MED is received from the ...

Page 1361: ...s of a neighbor can optionally be specified to limit the output to a single neighbor Default Configuration By default information about the global VRF is shown Command Mode Privileged Exec mode Global Configuration mode and all sub modes User Guidelines If the vrf name argument is specified information pertaining to that VRF is displayed The following fields are displayed Command History Introduce...

Page 1362: ...plays all global configuration related to IPv4 route reflection including the cluster ID and whether client to client route reflection is enabled and lists all the neighbors that are configured as route reflector clients Syntax show ip bgp vrf vrf name route reflection vrf vrf name Displays the aggregate address information associated with the named VRF Default Configuration By default information...

Page 1363: ... to UPDATE messages received from peers determining what new routes are accepted and deleting withdrawn routes from the Adj RIB In Phase 2 determines the best path for each destination Fields Description Cluster ID The cluster ID used by this router The value is tagged as configured when the value is configured with the bgp cluster id command When no cluster ID is configured the local router ID is...

Page 1364: ... default information about the global VRF is shown Command Mode User Exec mode Privileged Exec mode Global Config mode and all sub modes User Guidelines If the vrf name argument is specified information pertaining to that VRF is displayed The following information is displayed Fields Description Delta T How long since the decision process was run hours minutes seconds if the elapsed time is less t...

Page 1365: ...rf vrf name summary Reason The event that triggered the decision process to run Peer Phase 1 of the decision process can be triggered for a specific peer when a peer s inbound routing policy changes or the peer is reset When phase 1 is run for a single peer the peer s IP address is given Duration How long the decision process took in milliseconds Adds The number of routes added For phase 1 this is...

Page 1366: ...bally enabled BGP Router ID The configured router ID Local AS Number The router s AS number Traps Whether BGP traps are enabled Maximum Paths The maximum number of next hops in an external BGP route Maximum Paths iBGP The maximum number of next hops in an internal BGP route Default Keep Alive Time The configured keepalive time used by all peers that have not been configured with a peer specific ke...

Page 1367: ...and Match Value For routes redistributed from OSPF the types of OSPF routes being redistributed Distribute List The name of the prefix list used to filter redistributed routes if one is configured with the distribute list out command Route Map The name of the route map used to filter redistributed routes Neighbor The IP address of a neighbor ASN The neighbor s ASN MsgRcvd The number of BGP message...

Page 1368: ...0 Default Metric Not Configured Default Route Advertise No Redistributing Source Metric Dist List Route Map static ospf 300 ospf match int Neighbor ASN MsgRcvd MsgSent State Up Down Time Pfx Rcvd 10 10 10 10 65000 2269 4666 ESTABLISHED 0 00 17 15 0 show ip bgp template The show ip bgp template command lists the routes that are allowed by the specified community list Syntax show ip bgp template tem...

Page 1369: ...Pv4 maximum prefix 100 IPv6 prefix list gandolf in IPv6 maximum prefix 200 peer grp3 IPv6 send community peer grp4 update source loopback 0 IPv4 next hop self show ip bgp traffic The show ip bgp traffic command list the routes that are allowed by the specified community list Fields Description Template Name The name of a BGP peer template AF The address family to which the configuration command ap...

Page 1370: ... number of BGP messages of each type that this router has sent and received Following the table is a maximum send and receive UPDATE message rate These rates report the busiest one second interval The queue statistics table reports information for BGP work queues Items placed on each of these work queues are as follows The Events queue includes most timer events and configuration changes The Keepa...

Page 1371: ... Data 0 3 0 500 RTO Notifications 0 4 0 1222 MIB Queries 0 0 0 5 show ip bgp update group This command reports the status of IPv4 outbound update groups and their members Syntax show ip bgp vrf vrf name update group group index peer address vrf vrf name Displays the aggregate address information associated with the named VRF group index Optional If specified this option restricts the output to a s...

Page 1372: ...s seconds Duration How long the update send process took in milliseconds UPD Built The number of UPDATE messages built UPD Sent The number of UPDATE messages successfully transmitted to group members Normally a copy of each UPDATE message built is sent to each group member Paths Sent The number of paths advertised Pfxs Adv The number of prefixes advertised Pfxs Wd The number of prefixes withdrawn ...

Page 1373: ...ermine which routes should be advertised to the group Number of UPDATEs Sent The number of UPDATE messages that have been sent to this group Incremented once for each UPDATE regardless of the number of group members Time Since Last UPDATE Time since an UPDATE message was last sent to the group If no UPDATE has been sent to the group the status is Never Current Prefixes The number of prefixes curre...

Page 1374: ...Version Delta T Duration UPD Built UPD Sent Paths Sent Pfxs Adv Pfxs Wd 10 00 33 49 100 6 288 5 1250 750 11 00 33 49 0 4 192 3 750 250 12 00 33 49 0 2 96 1 250 1000 13 00 33 49 0 2 96 1 250 1018 14 00 33 49 0 1 48 0 0 482 15 00 33 49 100 8 384 7 1750 750 16 00 33 49 0 3 144 2 500 250 17 00 31 49 0 4 192 3 750 750 18 00 23 49 100 4 192 3 750 1000 19 00 03 49 100 6 288 5 1250 500 Update Group ID 1 P...

Page 1375: ...plays the complete VPNv4 database rd route distinguisher Displays the NLRI prefixes that match the named route distinguisher vrf vrf name Displays the NLRI prefixes associated with the named VRF instance ip prefix length IP address of a network in the routing table and the length of the mask 0 to 32 The slash mark must be included statistics Displays BGP VPNv4 statistics Default Configuration Ther...

Page 1376: ...are detected The command output provides the following information Term Description BGP table version Each time phase 2 of the BGP decision process runs to select new BGP routes this number is incremented Status codes One of the following s The route is aggregated into an aggregate address configured with the summary only option BGP never displays invalid routes so this code is always displayed to...

Page 1377: ...tribute if included Type Whether the path is received from an internal or external peer IGP Cost The interior gateway cost e g OSPF cost to the BGP NEXT HOP Peer Peer ID The IP address of the peer that sent this route and its router ID BGP Next Hop The BGP NEXT HOP attribute Atomic Aggregate If the ATOMIC AGGEGATE attribute is attached to the path Aggregator The AS number and router ID of the spea...

Page 1378: ...er 3 30 for VRF yellow 174 20 1 0 24 130 10 1 1 10 100 20 10 i 26 95 16 0 24 130 10 1 1 10 100 20 10 i 26 14 8 0 24 130 10 1 1 10 100 20 10 i The following example shows VPNv4 routing entries for VRF named red R1 show ip bgp vpnv4 vrf red BGP table version is 5 local router ID is 20 1 1 1 Status codes s suppressed valid best i internal Origin codes i IGP e EGP incomplete Network Next Hop Metric Lo...

Page 1379: ... Type External IGP Cost 10 Peer Peer ID 200 1 1 1 18 24 1 3 BGP Next Hop 200 1 1 1 Extended Community RT 3 300 show router capability Use this command to display the router capabilities of the loaded firmware image Syntax show router capability Default Configuration For the N3000_N2000v6 3 x x builds ACCESS ROUTER capabilities are supplied MP BGP capability is not available with this firmware For ...

Page 1380: ...vailable This example displays the capabilities of an N3000BGPv6 3 x x firmware build console show router capability Switch is capable of operating as an AGGREGATION ROUTER utilizing MP BGP OSPF and RIP iSCSI MLAG DVLAN MVR GARP Auto VoIP and Web capabilities are unavailable template peer Use the template peer command in router configuration mode to create a BGP peer template and enter peer templa...

Page 1381: ...er policies are configured within an address family configuration mode and apply only to that address family You can configure up to 32 peer templates When changing a template the change is immediately applied to all neighbors that inherit from the template though policy changes are subject to a three minute delay The following commands can be issued in peer template configuration mode and thus ad...

Page 1382: ...f send community console config rtr tmplt af route map RM4 IN in console config rtr tmplt af route map RM4 OUT out console config rtr tmplt af exit console config rtr tmplt address family ipv6 console config rtr tmplt af send community console config rtr tmplt af route map RM6 IN in console config rtr tmplt af route map RM6 OUT out console config rtr tmplt af exit console config rtr tmplt exit con...

Page 1383: ... BGP does not enforce a hold time and BGP does not send periodic KEEPALIVE messages The range is 0 3 to 65 535 seconds Default Configuration The default keepalive time is 30 seconds The default hold time is 90 seconds Command Mode BGP Router Configuration mode User Guidelines When BGP establishes an adjacency the neighbors agree to use the minimum hold time configured on either neighbor BGP sends ...

Page 1384: ...ath Setting the local preference Setting the route metric Setting an IPv6 next hop Setting or matching on a BGP community Commands in this Section This section explains the following commands ip as path access list show ip prefix list ip bgp community new format show ipv6 prefix list ip community list clear ip prefix list ip prefix list clear ipv6 prefix list ip prefix list description clear ip co...

Page 1385: ...te matches the regular expression deny Optional Deny routes whose AS Path attribute matches the regular expression regexp A regular expression used to match the AS path attribute of a BGP path where the AS path is treated as an ASCII string Default Configuration No AS path lists are configured by default There are no default values for any of the parameters of this command Command Mode Global Conf...

Page 1386: ...configuration of up to 128 AS path access lists with up to 64 statements each To enter the question mark within a regular expression you must first enter CTRL V to prevent the CLI from interpreting the question mark as a request for help Special Character Symbol Behavior asterisk Matches zero or more sequences of the pattern brackets Designates a range of single character patterns caret Matches th...

Page 1387: ...n ip bgp community new format To display BGP standard communities in AA NN format use the ip bgp community new format command To display BGP standard communities as 32 bit integers use the no form of this command Syntax ip bgp community new format no ip bgp community new format Default Configuration Standard communities are displayed in AA NN format Command Mode Global Configuration User Guideline...

Page 1388: ...number From zero to sixteen community numbers formatted as a 32 bit integers or in AA NN format where AA is a 2 byte autonomous system number and NN is a 16 bit integer The range is 1 to 4 294 967 295 any 32 bit integer other than 0 Communities are separated by spaces no advertise The well known standard community NO_ADVERTISE 0xFFFFFF02 which indicates the community is not to be advertised no exp...

Page 1389: ...use the ip prefix list command in global configuration mode To delete a prefix list or a statement in a prefix list use the no form of this command Syntax ip prefix list list name seq number permit deny network mask ge length le length renumber renumber interval first statement number no ip prefix list list name seq number permit deny network mask ge length le length list name The text name of the...

Page 1390: ...n neither the ge nor the le option is configured the destination prefix must match the network length exactly If the ge option is configured without the le option any prefix with a network mask greater than or equal to the ge value is considered a match Similarly if the le option is configured without the ge option a prefix with a network mask less than or equal to the le value is considered a mat...

Page 1391: ...prefix list apple seq 10 permit 172 20 0 0 16 console config ip prefix list apple seq 20 permit 192 168 10 0 0 0 255 The following example disallows only the default route console config ip prefix list orange deny 0 0 0 0 0 console config ip prefix list orange permit 0 0 0 0 0 ge 1 ip prefix list description To apply a text description to a prefix list use the ip prefix list description command in...

Page 1392: ...refix length ge ge value le le value description text renumber renumber interval first statement number no ipv6 prefix list list name list name The text name of the prefix list Up to 32 characters seq number Optional The sequence number for this prefix list statement Prefix list statements are ordered from lowest sequence number to highest and applied in that order If you do not specify a sequence...

Page 1393: ...ifies a prefix length less than or equal to the ipv6 prefix prefix length arguments It is the highest value of a range of the length the to portion of the length range description text A description of the prefix list that can be up to 80 characters in length renumber interval Option to renumber the sequence numbers of the IPv6 prefix list statements with a given interval The sequence is renumbere...

Page 1394: ...g the match ipv6 address command A route map may contain both IPv4 and IPv4 prefix lists If the route being matched is an IPv6 route only the IPv6 prefix lists are matched When neither the ge nor the le option is configured the destination prefix must match the ipv6 prefix prefix length exactly If the ge option is configured without the le option any prefix with a ipv6 prefix greater than or equal...

Page 1395: ...e map Use the no form of the command to remove the matching criteria from the route map Syntax match as path as path list number no match as path as path list number as path as path list number An integer from 1 to 500 identifying the AS path access list to use as match criteria Default Configuration No as path match criteria are configured by default Command Mode Route Map Configuration User Guid...

Page 1396: ... may be included in a single match term exact match Optional When this option is given a route is only considered a match if the set of communities on the route is an exact match for the set of communities in one of the statements in the community list Default Configuration No community match criteria are configured by default Command Mode Route Map Configuration User Guidelines If the community l...

Page 1397: ...me prefix list prefix list name The name of a prefix list used to identify the set of matching routes Up to eight prefix lists may be specified Default Configuration No match criteria are configured by default Command Mode Route Map Configuration User Guidelines If multiple prefix lists are specified in one statement a match occurs if a prefix matches any one of the prefix lists If a match ip addr...

Page 1398: ...name of an IPv6 prefix list used to identify the set of matching routes Up to eight prefix lists may be specified Default Configuration No match criteria are configured by default Command Mode Route Map Configuration User Guidelines If multiple prefix lists are specified in one statement a match occurs if a prefix matches any one of the prefix lists If a match ipv6 address statement is configured ...

Page 1399: ... access lists Syntax show ip as path access list as path list number as path list number Optional When an AS path list number is specified the output is limited to the single AS path list specified Integer from 1 to 500 Default Configuration No match criteria are configured by default Command Mode Privileged Exec mode Global Configuration mode and all sub modes User Guidelines There are no user gu...

Page 1400: ...put to a single community detail Display detailed community list information Default Configuration No match criteria are configured by default Command Mode Privileged Exec mode Global Configuration mode and all sub modes User Guidelines There are no user guidelines for this command Command History Introduced in version 6 2 0 1 firmware Example console show ip community list Standard community list...

Page 1401: ...quad notation In dotted quad notation the 1 bits must be contiguous and left justified seq sequence number Optional Applies the sequence number to the prefix list entry The sequence number of the prefix list entry longer Optional Displays all entries of a prefix list that are more specific than the given network length first match Optional Displays the entry of a prefix list that matches the given...

Page 1402: ...quences 5 15 refcount 0 seq 5 permit 10 10 1 1 20 ge 22 seq 10 permit 10 10 1 2 20 le 30 seq 15 permit 10 10 1 2 20 ge 29 le 30 console show ip prefix list summary fred ip prefix list fred count 3 range entries 3 sequences 5 15 refcount 0 console show ip prefix list detail fred Fields Description count Number of entries in the prefix list range entries Number of entries that match the input range ...

Page 1403: ...rk assigned to the specified prefix list This argument must be in the form documented in RFC 2373 where the address is specified in hexadecimal using 16 bit values between 0x00 and 0xff and separated by colons prefix length The length of the IPv6 prefix given as part of the ipv6 prefix Required if a prefix is specified A decimal value in the range 0 to 128 that indicates how many of the high order...

Page 1404: ...0 deny 0 seq 15 deny 1 seq 20 deny 2 seq 25 deny 3 ge 4 seq 30 permit 0 le 128 console show ipv6 prefix list summary apple ipv6 prefix list apple count 6 range entries 3 sequences 5 30 refcount 31 console show ipv6 prefix list detail apple Fields Description count Number of entries in the prefix list range entries Number of entries that match the input range ref count Number of entries referencing...

Page 1405: ...ist from which the hit count is to be cleared network Optional Network number If this option is specified hit counters are cleared only for the matching prefixes mask Required if a network is specified The network mask in dotted quad notation In dotted quad notation the 1 bits must be contiguous and left justified Default Configuration No prefix lists are configured by default Command Mode Privile...

Page 1406: ... matching prefixes prefix length The length of the IPv6 prefix given as part of the ipv6 prefix Required if a prefix is specified A decimal value in the range 0 to 128 that indicates how many of the high order contiguous bits of the address comprise the prefix the network portion of the address in length format A slash mark must precede the decimal value in length format Default Configuration No p...

Page 1407: ...ommunity list for which the hit count is to be cleared Default Configuration No community lists are configured by default Command Mode Privileged Exec mode User Guidelines This command is used to clear the community list hit counters The hit count is a value indicating the number of matches to a specific list entry The counters are also cleared by the global clear counters command Command History ...

Page 1408: ...is command is normally used to insert one or more instances of the local AS number at the beginning of the AS_PATH attribute of a BGP route Doing so increases the AS path length of the route The AS path length has a strong influence on BGP route selection Changing the AS path length can influence route selection on the local router or on routers to which the route is advertised When prepending an ...

Page 1409: ...e no set comm list community list name A standard community list name Default Configuration No communities are removed from UPDATE messages by default Command Mode Route Map Configuration User Guidelines A route map with this set command can be used to remove selected communities from inbound and outbound routes When a community list is applied to a route for this purpose each of the route s commu...

Page 1410: ...m of this command Syntax set community community number no export no advertise no set community community number One to sixteen community numbers either as a 32 bit integers or in AA NN format Communities are separated by spaces The well known communities no advertise and no export are also accepted no advertise The well known standard community NO_ADVERTISE 0xFFFFFF02 which indicates the communit...

Page 1411: ...d in version 6 2 0 1 firmware Example console route map set community no advertise set ipv6 next hop BGP To set the IPv6 next hop of a route use the set ipv6 next hop command in route map configuration mode To remove a set command from a route map use the no form of this command Syntax set ipv6 next hop ipv6 address no set ipv6 next hop ipv6 address The IPv6 address set as the Network Address of N...

Page 1412: ...ved If the command specifies a global IPv6 address the address is not required to be on a local subnet Command History Introduced in version 6 2 0 1 firmware Example console route map set ipv6 next hop FE80 0202 B3FF FE1E 8329 set local preference To set the local preference of specific BGP routes use the set local preference command in route map configuration mode To remove a set command from a r...

Page 1413: ...ole route map set local preference 6432 set metric To set the metric of a route use the set metric command To remove a set command from a route map use the no form of this command Syntax set metric value no set metric value value A local preference value from 0 to 4 294 967 295 any 32 bit integer Default Configuration There is no default configuration for this command Command Mode Route Map Config...

Page 1414: ...Layer 3 Routing Commands 1414 Command History Introduced in version 6 2 0 1 firmware Example console route map set metric 6432 ...

Page 1415: ...routing algorithm to build per source group multicast trees It is also called Broadcast and Prune Multicasting protocol It dynamically generates per source group multicast trees using Reverse Path Multicasting Trees are calculated and updated dynamically to track membership of individual groups Commands in this Section This section explains the following commands ip dvmrp Use the ip dvmrp command ...

Page 1416: ...le The following example sets VLAN 15 s administrative mode of DVMRP to active console config interface vlan 15 console config if vlan15 ip dvmrp ip dvmrp metric Use the ip dvmrp metric command in Interface Configuration mode to configure the metric for an interface This value is used in the DVMRP messages as the cost to reach this network Syntax ip dvmrp metric metric no ip dvmrp metric metric Co...

Page 1417: ...wide information for DVMRP Syntax show ip dvmrp Default Configuration This command has no default condition Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays system wide information for DVMRP console config show ip dvmrp Admin Mode Enabled Version 3 Total Number of Ro...

Page 1418: ...ileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays interface information for VLAN 11 DVMRP console config show ip dvmrp interface vlan 11 Interface Mode Enabled Interface Metric 5 Local Address 10 1 0 2 Received Bad Packets 0 Received Bad Routes 0 Sent Routes 0 show ip dvmrp neighbor U...

Page 1419: ...e neighbor information for DVMRP console config show ip dvmrp neighbor No neighbors available show ip dvmrp nexthop Use the show ip dvmrp nexthop command to display the next hop information on outgoing interfaces for routing multicast datagrams Syntax show ip dvmrp nexthop Default Configuration This command has no default condition Command Mode Privileged Exec mode Global Configuration mode and al...

Page 1420: ...table that lists the router s upstream prune information Syntax show ip dvmrp prune Default Configuration This command has no default condition Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the table that lists the router s upstream prune information console confi...

Page 1421: ...This command has no default Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the multicast routing information for DVMRP console show ip dvmrp route console config show ip dvmrp route Upstream Expiry Source Address Source Mask Neighbor Intf Metric Time UpTime ...

Page 1422: ... a result can respond to its own IGMP messages The Dell EMC Networking implementation of IGMPv3 supports the multicast router portion of the protocol that is not the host portion It is backward compatible with IGMPv1 and IGMPv2 One router periodically broadcasts IGMP Query messages onto the network Hosts respond to the Query messages by sending IGMP Report messages indicating their group membershi...

Page 1423: ...s for packets sent to any particular multicast address This information gathered by IGMP is provided to the multicast routing protocol that is DVMRP PIM DM and PIM SM that is currently active on the router in order to ensure multicast packets are delivered to all networks where there are interested receivers IGMP mode is automatically enabled when PIM DVMRP or IGMP Proxy is enabled Commands in thi...

Page 1424: ...ies console configure console config interface vlan 2 console config if vlan2 ip igmp last member query count 10 console config if vlan2 no ip igmp last member query count ip igmp last member query interval Use the ip igmp last member query interval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group Specific Queries which are sent in response to Leave ...

Page 1425: ...th multicast hosts Use this command to enable the proxying of IGMP messages received on the local interface to the multicast router connected interface enabled with the ip igmp proxy service command PIM and DVMRP are not compatible with IGMP proxy Disable PIM DVMRP before enabling IGMP proxy Multicast routing must be enabled for the IGMP proxy service to become operationally enabled IGMP is enable...

Page 1426: ...example globally enables IGMP the IGMP proxy service on VLAN 1 console config ip multicast routing console config interface vlan 1 console config if vlan1 ip igmp mroute proxy ip igmp query interval Use the ip igmp query interval command in Interface Configuration mode to configure the query interval for the specified interface The query interval determines how fast IGMP Host Query packets are tra...

Page 1427: ...o configure the maximum response time interval for the specified interface It is the maximum query response time advertised in IGMPv2 queries on this interface The time interval is specified in seconds Syntax ip igmp query max response time seconds no ip igmp query max response time seconds Maximum response time Range 0 25 seconds Default Configuration The default maximum response time value is 10...

Page 1428: ...e Syntax ip igmp robustness robustness no ip igmp robustness robustness Robustness variable Range 1 255 Default Configuration The default robustness value is 2 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures a robustness value of 10 for VLAN 15 console config interface vlan 15 console config if vlan15 ip ig...

Page 1429: ...ts for VLAN 15 the number of queries sent out on startup at 10 console config interface vlan 15 console config if vlan15 ip igmp startup query count 10 ip igmp startup query interval Use the ip igmp startup query interval command in Interface Configuration mode to set the interval between general queries sent at startup on the interface Syntax ip igmp startup query interval seconds no ip igmp star...

Page 1430: ...gmp startup query interval 10 ip igmp version Use the ip igmp version command in Interface Configuration mode to configure the version of IGMP for an interface Syntax ip igmp version version version IGMP version Range 1 3 Default Configuration The default version is 3 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example co...

Page 1431: ...ollowing example displays system wide IGMP information console show ip igmp IGMP Admin Mode Enabled IGMP Router Alert check Disabled IGMP INTERFACE STATUS Interface Interface Mode Operational Status vlan 3 Enabled Non Operational show ip igmp groups Use the show ip igmp groups command in User Exec or Privileged Exec modes to display the registered multicast groups on the interface If detail is spe...

Page 1432: ... show ip igmp groups vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2 Group Multicast Last Up Expiry Host Host Compat IP Address Reporter Time Time Timer Timer Mode 225 0 0 5 1 1 1 5 00 00 05 00 04 15 00 04 15 v2 show ip igmp interface Use the show ip igmp interface command to display the IGMP information for the specified interface Syntax show ip igmp interface stats interface t...

Page 1433: ...econd 100 Robustness 2 Startup Query Interval secs 31 Startup Query Count 2 Last Member Query Interval 1 10 of a second 10 Last Member Query Count 2 show ip igmp membership Use the show ip igmp membership command to display the list of interfaces that have registered in the multicast group If detail is specified this command displays detailed information about the listed interfaces Syntax show ip ...

Page 1434: ...the IGMP statistical information for the interface The statistics are only displayed when the interface is enabled for IGMP Syntax show ip igmp interface stats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Exa...

Page 1435: ...Layer 3 Routing Commands 1435 Number of Joins 7 Number of Groups 1 ...

Page 1436: ...ion 1 Commands in this Section This section explains the following commands ip igmp proxy service Use the ip igmp proxy service command in Interface Configuration mode to enable the IGMP Proxy on the VLAN interface Use this command to enable the sending of IGMP messages received on interfaces configured with the ip igmp mroute proxy command to an attached multicast router IGMP is enabled with IGMP...

Page 1437: ...t routing must be enabled for the IGMP proxy service to become operationally enabled This command enables IGMP MLD Disabling IGMP Proxy may operationally disable multicast routing Example The following example enables the IGMP Proxy on the VLAN 15 router console config interface vlan 15 console config if vlan15 ip igmp proxy ip igmp proxy service reset status Use the ip igmp proxy service reset st...

Page 1438: ...it rprt interval command in Interface Configuration mode to set the unsolicited report interval for the IGMP Proxy router This command is valid only if IGMP Proxy on the interface is enabled Syntax ip igmp proxy service unsolicit rprt interval seconds seconds Unsolicited report interval Range 1 260 seconds Default Configuration The default configuration is 1 second Command Mode Interface Configura...

Page 1439: ...o default configuration Command Mode User Exec Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays a summary of the host interface status parameters console show ip igmp proxy service Interface Index vlan13 Admin Mode Enable Operational Mode Enable Version 3 Number of Multicast Grou...

Page 1440: ...tion mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example fails to display status parameters because IGMP Proxy is not enabled console show ip igmp proxy service interface Interface Index vlan13 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent 1 0 0 0 2 0 0 0 0 0 3 0 0 0 show ip igmp proxy groups Use the show ip igmp prox...

Page 1441: ... service groups Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 7 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 48 DELAY MEMBER Exclude 0 show ip igmp proxy service groups detail Use the show ip igmp proxy service groups detail command to display complete information about multicast groups that IGMP Proxy has reported Syntax show ip ig...

Page 1442: ...isplays complete information about multicast groups that IGMP Proxy has reported console show ip igmp proxy service groups detail Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 26 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 67 DELAY MEMBER Exclude 0 ...

Page 1443: ... may be configured for the same interface and UDP port in which case the relay agent unicasts matching packets to each server address Interface configuration takes priority over global configuration If the destination UDP port for a packet matches any entry on the ingress interface the packet is handled according to the interface configuration If the packet does not match any entry on the ingress ...

Page 1444: ...ast directly to the client Because there is no relay in the return direction for protocols other than DHCP the relay agent retains the source IP address from the original client packet The relay agent uses a local IP address as the source IP address of relayed DHCP client packets When a switch receives a broadcast UDP packet on a routing interface the relay agent verifies that the interface is con...

Page 1445: ...col field in the IP header must be UDP 17 The destination UDP port must match a configured relay entry or an entry in Table 7 1 DHCP relay cannot be independently enabled or disabled globally Only IP helper can be enabled or disabled globally Enabling IP helper enables DHCP relay Commands in this Section This section explains the following commands bootpdhcprelay maxhopcount ip helper address glob...

Page 1446: ...P Relay on the system Range 1 16 Default Configuration The default integer configuration is 4 Command Mode Global Configuration mode Virtual Router Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command When in Virtual Router Configuration mode this command operates within the context of the virtual router instance When in Global Configuration mode the command oper...

Page 1447: ...eger no bootpdhcprelay minwaittime integer Minimum wait time for BootP DHCP Relay on the system Range 0 100 seconds Default Configuration 0 is the default integer configuration Command Mode Global Configuration mode Virtual Router Configuration mode User Guidelines Enable DHCP Relay using the ip helper enable command When in Virtual Router Configuration mode this command operates within the contex...

Page 1448: ...and Command Mode Privileged Exec mode User Guidelines The VRF identified in the parameter must have been previously created or an error is returned Example console clear ip helper statistics ip dhcp relay information check Use the ip dhcp relay information check command to enable DHCP Relay to check that the relay agent information option in forwarded BOOTREPLY messages is valid If an invalid mess...

Page 1449: ... operates within the context of the virtual router instance When in Global Configuration mode the command operates on the global router instance Virtual Router Configuration mode is only available on the N3000 N3100 N4000 switches Example The following example enables relay information check globally console config ip dhcp relay information check ip dhcp relay information check reply Use the ip dh...

Page 1450: ... following example enables relay information check on the interface console config interface vlan 10 console config if vlan10 ip dhcp relay information check reply ip dhcp relay information option Use the ip dhcp relay information option command in Global Configuration mode to globally enable insertion of the circuit ID option and remote agent ID mode for BootP DHCP Relay on the system also called...

Page 1451: ...3100 N4000 switches Example The following example enables the circuit ID and remote agent ID options console config ip dhcp relay information option ip dhcp relay information option insert Use the ip dhcp relay information option insert command in Interface Configuration mode to enable the circuit ID option and remote agent ID mode for BootP DHCP Relay on the interface also called option 82 Use th...

Page 1452: ...per entry use the no form of this command Syntax ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time no ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time server address The IPv4 unicast or directed broadcast ...

Page 1453: ... port numbers by examining the DHCP message so configuration of a UDP destination port is not required for unicast forwarding of DHCP The command no ip helper address with no arguments clears all global IP helper addresses When in Virtual Router Configuration mode this command operates within the context of the virtual router instance When in Global Configuration mode the command operates on the g...

Page 1454: ...cted broadcast address to which relayed UDP broadcast packets are sent The server address cannot be an IP address configured on any interface of the local router discard Matching packets should be discarded rather than relayed even if a global ip helper address configuration matches the packet dest udp port A destination UDP port number from 1 to 65535 port name The destination UDP port may be opt...

Page 1455: ...nfig if vlan5 ip helper address 192 168 20 1 dhcp To relay both DHCP and DNS packets to 192 168 30 1 use the following commands console config console config interface vlan 5 console config if vlan5 ip helper address 192 168 30 1 dhcp console config if vlan5 ip helper address 192 168 30 1 domain This command takes precedence over an ip helper address command given in global configuration mode With...

Page 1456: ... can be used to temporarily disable IP helper without deleting all IP helper addresses This command replaces the bootpdhcprelay enable command but affects not only relay of DHCP packets but also relay of any other protocols for which an IP helper address has been configured When in Virtual Router Configuration mode this command operates within the context of the virtual router instance When in Glo...

Page 1457: ... This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The VRF identified in the parameter must have been previously created or an error is returned The VRF parameter is only available on the N3000 N3100 N4000 series switches The following output is shown Field Description Interface The relay configurati...

Page 1458: ... parameter is given information for the default global router instance is shown vlan id A valid VLAN identifier Default Configuration The command has no default configuration Command Mode User Exec and Privileged Exec modes Global Configuration mode and all Configuration submodes Discard If Yes packets arriving on the given interface with the given destination UDP port are discarded rather than re...

Page 1459: ...how ip helper statistics Use the show ip helper statistics command to display the number of DHCP and other UDP packets processed and relayed by the UDP relay agent Syntax show ip helper statistics vrf vrf name vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown Default Configuration This comman...

Page 1460: ...number of DHCP server messages relayed to a client UDP client messages received The number of valid UDP packets received This count includes DHCP messages and all other protocols relayed Conditions are similar to those for the first statistic in this table UDP client messages relayed The number of UDP packets relayed This count includes DHCP messages relayed as well as all other protocols The coun...

Page 1461: ... a discard entry 0 DHCP message with giaddr set to local address The number of DHCP client messages received whose gateway address giaddr is already set to an IP address configured on one of the relay agent s own IP addresses In this case another device is attempting to spoof the relay agent s address The relay agent does not relay such packets A log message gives details for each occurrence Packe...

Page 1462: ...ECMP Static Routes The operator is able to configure static and default routes with multiple next hops to any given destination Permitting the additional routes creates several options for the Dell EMC Networking switch operator 1 The operator configures multiple next hops to a given destination intending for the router to load share across the next hops 2 The operator configures multiple next hop...

Page 1463: ...ck to the source Static reject routes are typically used to prevent routing loops Default Routes Dell EMC Networking routing provides a preference option for the configuration of default routes A configured default route is treated exactly like a static route Therefore default routes and static routes have the same default preference 1 Commands in this Section This section explains the following c...

Page 1464: ...capsulation is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example applies SNAP encapsulation for VLAN 15 console config interface vlan 15 console config if vlan15 encapsulation snap ip icmp echo reply Use the ip icmp echo reply command to enable or disable the generation of ICMP Echo Reply messa...

Page 1465: ...N4000 switches Example console config ip icmp echo reply ip icmp error interval Use the ip icmp error interval command to limit the rate at which IPv4 ICMP error messages are sent The rate limit is configured as a token bucket with two configurable parameters Burst size and burst interval To disable ICMP rate limiting set burst interval to zero Use the no form of this command to return burst inter...

Page 1466: ...bal Configuration mode the command operates on the global router instance Virtual Router Configuration mode is only available on the N3000 N3100 N4000 switches Example console config ip icmp error interval 1000 20 ip netdirbcast Use the ip netdirbcast command in Interface Configuration mode to enable the forwarding of network directed broadcasts When enabled network directed broadcasts are forward...

Page 1467: ...r policy based routing It must match a map tag specified by the route map command Default Configuration No route maps are configured by default Command Mode Interface Configuration VLAN mode User Guidelines Policy based routing must be configured on the VLAN interface that receives the packets not on the VLAN interface from which the packets are sent Packets matching a deny route map are routed us...

Page 1468: ...e in order it to be eligible to be applied to hardware If not the route map is not applied to hardware An ACL referenced in a route map may not be edited Instead create a new ACL with the desired changes and update the route map with the edited ACL Route maps and DiffServ cannot operate on the same interface due to allocation of conflicting resources An error is thrown to user if when configuring ...

Page 1469: ...tual Router Configuration mode Interface Configuration VLAN mode User Guidelines When in virtual router configuration mode this command operates within the context of the virtual router instance When in global config mode the command operates on the global router instance Virtual Router Configuration mode is only available on the N3000 N3100 N4000 switches Example console config if vlan10 ip redir...

Page 1470: ...estination route are forwarded to the next hop IP address vlan id A configured VLAN routing interface identifier If a VLAN routing interface is specified it imports the associated subnet into the default routing instance from the VRF associated with the VLAN Null0 The optional Null0 keyword indicates that packets matching the route are dropped This capability allows the administrator to purposeful...

Page 1471: ...ult routing domain they routes are identified as leaked routes in the virtual router table The VRF identified in the parameter must have been previously created or an error is returned Route leaking in VRFs is only supported to or from the default routing instance and only for static routes Configuring a leaked route from a non default VRF to another non default VRF results in undefined behavior O...

Page 1472: ...0 exit interface vlan 10 ip vrf forwarding red 1 ip address 192 168 0 1 255 255 255 0 ip ospf area 0 exit router ospf vrf red 1 router id 1 1 1 1 network 192 168 0 0 0 0 0 255 area 0 exit interface Gi1 0 1 switchport mode trunk switchport access vlan 10 exit interface loopback 0 ip vrf forwarding red 1 ip address 1 1 1 1 255 255 255 255 exit Route Leaking Example 2 Subnetwork 9 0 0 0 24 is a direc...

Page 1473: ...5 255 255 0 exit interface vlan 30 ip vrf forwarding Red ip address 8 0 0 1 255 255 255 0 exit ip route 66 6 6 0 255 255 255 0 Vl30 ip route 0 0 0 0 0 0 0 0 9 0 0 2 253 ip route vrf Red 9 0 0 0 255 255 255 0 Vl10 ip route vrf Red 66 6 6 0 255 255 255 0 8 0 0 2 interface Gi1 0 1 switchport access vlan 10 exit interface Gi1 0 3 switchport access vlan 30 exit console config show ip route Route Codes ...

Page 1474: ...6 6 0 24 1 0 via 8 0 0 2 Vl30 ip route default Use the ip route default command in Global Configuration mode to configure the next hop address of the default route Use the no form of the command to delete the default route Use of the optional VRF parameter executes the command within the context of the VRF specific routing table Syntax ip route default vrf vrf name next hop ip preference no ip rou...

Page 1475: ...red default gateway with a preference of 253 making it more preferred than the default gateways learned via DHCP but less preferred than a static default route The preference of these routes is not configurable The switch installs a default route for the default gateway whether or not routing is globally enabled When the user displays the routing table e g show ip route the display identifies the ...

Page 1476: ...g the ip route distance command Use of the optional vrf parameter executes the command within the context of the VRF specific routing table Syntax ip route distance vrf vrf name integer no ip route distance integer vrf name The name of the VRF associated with the routing table context used by the command If no vrf is specified the global routing table context is used integer Specifies the distance...

Page 1477: ...rief command to determine if routing is enabled or disabled When in virtual router configuration mode this command operates within the context of the virtual router instance When in global config mode the command operates on the global router instance Enable IPv4 routing on a VLAN by entering interface vlan mode for the desired VLAN and assigning an IP address to the VLAN Use the no interface vlan...

Page 1478: ...default Command Mode Interface VLAN Configuration User Guidelines IP unnumbered interfaces are supported in the default VRF only The interface should be configured as able to borrow an IP address i e a routing interface with no IP address The loopback interface is the numbered interface providing the borrowed address The providing loopback interface cannot be unnumbered The loopback interface is i...

Page 1479: ...Ethernet and all are configured to treat the Ethernet as a point to point link adjacencies may not form The OSPF database description packets intended for a specific neighbor will be processed by all neighbors causing errors that reset adjacencies Command History Introduced in version 6 2 0 1 firmware Example console config if vlan1 ip unnumbered 10 130 14 55 ip unnumbered gratuitous arp accept Th...

Page 1480: ...mbered peers can be installed in the ARP table Command History Introduced in version 6 2 0 1 firmware Example console config if vlan1 ip unnumbered gratuitous arp accept ip unreachables Use the ip unreachables command to enable the generation of ICMP Destination Unreachable messages Use the no form of this command to prevent the generation of ICMP Destination Unreachable messages Syntax ip unreach...

Page 1481: ...configuration are applied along with other actions present in route map When IP ACL referenced by a route map is removed or rules are added or deleted from that ACL the configuration is rejected Actions in the IP ACL configuration are applied with other actions present in the route map If an IP ACL referenced by a route map is removed or rules are added or deleted from the ACL the configuration is...

Page 1482: ...r the packet s destination it is sent to next hop address 172 16 7 7 All other packets are forwarded as per normal L3 destination based routing console config if vlan3 ip policy route map equal access console config ip access list R1 console config ip acl permit ip 10 1 0 0 0 0 255 255 any console config ip acl exit console config ip access list R2 console config ip acl permit ip 10 2 0 0 0 0 255 ...

Page 1483: ...ximum number of ACLs 100 ACL ID Name Rules Interface s Direction Count 1 1 2 1 3 1 4 1 5 1 madan 1 console show mac access lists Current number of all ACLs 9 Maximum number of all ACLs 100 MAC ACL Name Rules Interface s Direction Count madan 1 mohan 1 goud 1 console configure console config route map madan console route map match ip address 1 2 3 4 5 madan console route map match mac list madan mo...

Page 1484: ...elete a match statement from a route map Syntax match length min max no match length min Specifies the minimum Layer 3 length for the packet inclusive allowing for a match max Specifies the maximum Layer 3 length for the packet inclusive allowing for a match Default Configuration There is no default configuration for this command Command Mode Route Map mode User Guidelines The match criteria speci...

Page 1485: ...d Command Mode Route Map mode User Guidelines The MAC ACL must be configured before it is linked to a route map Trying to link to an unconfigured MAC ACL causes an error Actions in the MAC ACL configuration are applied with other actions configured in the route map When a MAC ACL referenced by a route map is removed the route map rule is also removed Example console config route map match mac list...

Page 1486: ...nce number is specified the system assigns a value ten greater than the last statement in the route map The range is 0 to 65 535 Default Configuration No route maps are configured by default If no permit or deny tag is specified permit is the default Command Mode Global Configuration mode User Guidelines Apply an ACL rule on the VLAN interface to perform policy based routing based on the VLAN ID a...

Page 1487: ... entered console config route map equal access permit 0 In the following example BGP is configured to redistribute all prefixes within 172 20 0 0 and reject all others console config ip prefix list redist pl permit 172 20 0 0 16 le 32 console config route map redist rm permit console config route map match ip address prefix list redist pl console config route map exit console config router bgp 1 c...

Page 1488: ... criteria a set clause routing the packets to interface null0 may be configured as the last highest numbered route map Example console config route map set interface null0 set ip default next hop Use this route map clause to override default entries in the routing table Packets that can routed by an active explicit route in the routing table are not affected by this clause Use this command to set ...

Page 1489: ...ault next hop 192 0 2 2 set ip next hop Use this command to specify an adjacent next hop router in the path toward the destination to which the packets should be forwarded If more than one IP address is specified the first IP address associated with a link up interface is used to route the packets Use the no form of this command to remove a set command from a route map Syntax set ip next hop ip ad...

Page 1490: ...erface null0 may be specified in a route map Example console config route map set ip next hop 192 0 2 1 set ip precedence Use this command to set the three IP precedence bits in the IP packet header on ingress Values 0 through 7 are supported This precedence value may be used by other QoS services in the switch such as weighted fair queuing WFQ or weighted random early detection WRED Use the no fo...

Page 1491: ... 5 show ip brief Use the show ip brief command to display all the summary information of the IP Syntax show ip brief vrf vrf name vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configur...

Page 1492: ...ne or more IP interfaces The output shows how each IP address was assigned Syntax show ip interface vrf vrf name type number vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown type Interface type loopback out of band or VLAN number Interface number Valid only for loopback and VLAN types Defaul...

Page 1493: ... 2 N A console console show ip interface vlan 1 Routing interface status Up Unnumbered numbered interface Loopback 1 Unnumbered gratuitous ARP accept Enable Method None Routing Mode Enable Administrative Mode Enable Forward Net Directed Broadcasts Disable Proxy ARP Enable Local Proxy ARP Disable Active State Inactive MAC Address 001E C9DE B546 Encapsulation Type Ethernet IP MTU 1500 Bandwidth 1000...

Page 1494: ...on submodes User Guidelines This command has no user guidelines Example console show ip policy Interface Route map Vl10 pbr map show ip protocols Use the show ip protocols command to display a summary of the configuration and status for each unicast routing protocol The command lists all supported routing protocols regardless of whether they are currently configured or enabled Syntax show ip proto...

Page 1495: ...uter is in BGP Admin Mode Whether BGP is globally enabled or disabled Maximum Paths The maximum number of next hops in an internal or external BGP route Distance The default administrative distance or route preference for external internal and locally originated BGP routes The table that follows lists ranges of neighbor addresses that have been configured to override the default distance with a ne...

Page 1496: ...figured to originate a default route Always Whether default advertisement depends on having a default route in the common routing table Metric The metric configured to be advertised with the default route Metric Type The metric type to advertise for redistributed routes of this type Redist Source The type of routes OSPF is redistributing Metric The metric to advertise for redistributed routes of t...

Page 1497: ...e number of OSPF areas with at least one interface running on this router Also broken down by area type ASBR Status Whether the router is an autonomous system boundary router The router is an ASBR if it is redistributing any routes or originating a default route RIP Section RIP Admin Mode Whether RIP is globally enabled Split Horizon Mode Whether RIP advertises routes on the interface where they w...

Page 1498: ...nal Type 2 Redist Source Metric Metric Type Subnets Dist List static default 2 Yes None connected 10 2 Yes 1 Number of Active Areas 3 3 normal 0 stub 0 nssa ABR Status Yes ASBR Status Yes Routing Protocol RIP RIP Admin Mode Enable Split Horizon Mode Simple Default Metric Not configured Default Route Advertise Disable Distance 120 Interface Send Recv 0 25 RIPv2 RIPv2 show ip route Use the show ip r...

Page 1499: ...f the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown static Display statically configured routes Default Configuration This command has no default configuration Command Mode User Exec Privileged Exec modes Global Configuration mode and all Configuration submodes User Guidelines The VRF identified in the parameter ...

Page 1500: ...Derived C Connected S Static B BGP Derived E Externally Derived IA OSPF Inter Area E1 OSPF External Type 1 E2 OSPF External Type 2 N1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 S U Unnumbered Peer L Leaked Route T Truncated ECMP Route Indicates the best lowest metric route for the subnet C 3 0 0 0 24 0 0 directly connected Vl10 S U 6 1 0 6 32 0 0 via Vl20 S U 6 2 0 6 32 0 0 via Vl20 Th...

Page 1501: ... Truncated ECMP Routes 34 ECMP Retries 26400 Routes with 1 Next Hop 34 Routes with 2 Next Hops 285 Routes with 3 Next Hops 5 show ip route static Use the show ip route static command to display the statically configured routes whether they are reachable or not Syntax show ip route static name Default Configuration This command has no default configuration Command Mode User Exec Privileged Exec mod...

Page 1502: ...preferences command to display the default route preference value for each origin Syntax show ip route preferences Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines Route preferences are used in determining the best route Lower router preference values are preferred over higher ...

Page 1503: ...er of best routes To include the count of all routes do not use this optional parameter Default Configuration This command has no default configuration Command Mode User Exec Privileged Exec modes Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the IP route summary console show ip route summary Conn...

Page 1504: ...d Route Adds 0 Reserved Locals 0 Unique Next Hops High 68 132 Next Hop Groups High 299 599 ECMP Groups High 290 585 ECMP Routes 256 Truncated ECMP Routes 34 ECMP Retries 26400 Routes with 1 Next Hop 34 Routes with 2 Next Hops 285 Routes with 3 Next Hops 5 show ip traffic Use the show ip traffic command to display IP statistical information of the software IP stack Refer to RFC 1213 for more inform...

Page 1505: ...an error is returned The VRF parameter is only available on the N3000 N3100 N4000 series switches Example The following example displays IP route preferences console show ip traffic IpInReceives 24002 IpInHdrErrors 1 IpInAddrErrors 925 IpForwDatagrams 0 IpInUnknownProtos 0 IpInDiscards 0 IpInDelivers 18467 IpOutRequests 295 IpOutDiscards 0 IpOutNoRoutes 0 IpReasmTimeout 0 IpReasmReqds 0 IpReasmOKs...

Page 1506: ...estamps 0 IcmpOutTimestampReps 0 IcmpOutAddrMasks 0 show ip vlan Use the show ip vlan command to display the VLAN routing information for all VLANs with routing enabled Syntax show ip vlan Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Exam...

Page 1507: ...nes Example For each route map the match count is shown in terms of number of packets and number of bytes This counter displays the match count in packets and bytes when a route map is applied When a route map is created removed from interface this count is shown as zero The following is an example of the behavior of counters as well as how they are displayed when a route map is applied and remove...

Page 1508: ... 0 2 ip policy simplest console config if Te1 0 2 show route map simplest route map simplest permit 10 Match clauses ip address access lists 1 Set clauses ip next hop 3 3 3 3 ip precedence 3 Policy routing matches 5387983 packets 344831232 bytes route map simplest permit 20 Match clauses ip address access lists 1 Set clauses ip default next hop 4 4 4 4 ip precedence 4 Policy routing matches 0 pack...

Page 1509: ... a1 as path 1 community s1 exact match Set clauses metric 23 local preference 34 as path prepend 2 3 4 5 6 comm list d1 delete community no export ipv6 next hop aa bb Policy routed 0 packets 0 bytes The following example shows a route map test1 that is configured with extended community attributes console show route map test route map test1 permit sequence 10 Match clauses extended community list1...

Page 1510: ...598 bytes 0 Memory on Free List 78721 bytes 0 Memory Available in Heap 92365249 bytes 99 In Use High Water Mark 210788 bytes 0 Parameter Description Heap Size The amount of memory in bytes allocated at startup for the routing heap Memory In Use The number of bytes currently allocated Memory on Free List The number of bytes currently on the free list When a chunk of memory from the routing heap is ...

Page 1511: ...ltiple routes to the same destination sorted by preference IPv6 routing only operates over VLAN interfaces IPv6 Limitations Restrictions The following limitations apply IPSec support is not available The DHCPv6 server does not support stateful address configuration Automated router renumbering is not supported Commands in this Section This section explains the following commands arp ipv6 nd dad at...

Page 1512: ...how ipv6 protocols ipv6 mld last member query count ipv6 nd other config flag show ipv6 brief show ipv6 route ipv6 mld last member query interval ipv6 nd prefix show ipv6 interface show ipv6 route preferences ipv6 mld host proxy ipv6 nd raguard attach policy show ipv6 route summary ipv6 mld host proxy reset status ipv6 nd ra interval show ipv6 mld groups show ipv6 snooping counters ipv6 mld host p...

Page 1513: ...ace including loopback and tunnel interfaces IPv6 statistics display in the output of the show ipv6 traffic command Syntax clear ipv6 statistics vlan vlan id tunnel tunnel id loopback loopback id vlan id Valid VLAN ID tunnel id Tunnel identifier Range 0 7 loopback id Loopback identifier Range 0 7 Default Configuration This command has no default configuration Command Mode Privileged Exec mode User...

Page 1514: ... no longer a unique representation Dropping zeros 3ffe ffff 100 f101 0 0 0 1 becomes 3ffe ffff 100 f101 1 Local host 0000 0000 0000 0000 0000 0000 0000 0001 becomes 1 Any host 0000 0000 0000 0000 0000 0000 0000 0000 becomes The hexadecimal letters in the IPv6 addresses are not case sensitive An example of an IPv6 prefix and prefix length is 3ffe 1 1234 64 Syntax ipv6 address prefix prefix length e...

Page 1515: ... that has not been configured with an explicit IPv6 address Command execution automatically configures the interface with a link local address The command is not required if an IPv6 global address is configured on the interface Syntax ipv6 enable no ipv6 enable Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines...

Page 1516: ...efore the PDU expires Range 1 255 Default Configuration The default count is not configured Command Mode Global Configuration User Guidelines The default not configured sends a value of 0 in router advertisements and a value of 64 in packets originated by the router This is not the same as configuring a hop limit of 64 ipv6 host The ipv6 host command is used to define static host name to ipv6 addr...

Page 1517: ... and burst interval Use the no form of this command to return burst interval and burst size to their default values To disable ICMP rate limiting set burst interval to zero Syntax ipv6 icmp error interval burst interval burst size no ipv6 icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can b...

Page 1518: ...here are no local members on the interface Use the no form of this command to set the last member query count to the default Syntax ipv6 mld last member query count last member query count no ipv6 mld last member query count last member query count Query count Range 1 20 Default Configuration The default last member query count is 2 Command Mode Interface Configuration VLAN mode User Guidelines Th...

Page 1519: ...e 0 65535 milliseconds Default Configuration The default last member query interval is 1 second Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld last member query interval 5000 ipv6 mld host proxy This command enables MLD and MLD Proxy on the specified interface PIM and DVMRP are not compatible wit...

Page 1520: ... console config if vlan3 ipv6 mld host proxy ipv6 mld host proxy reset status Use the ipv6 mld host proxy reset status command to reset the host interface status parameters of the MLD Proxy router This command is only valid when MLD Proxy is enabled on the interface Syntax ipv6 mld host proxy reset status Command Mode Interface Configuration VLAN mode Default Configuration There is no default conf...

Page 1521: ...rval interval no ipv6 mld host proxy unsolicited report interval interval The interval between unsolicited reports Range 1 260 seconds Default Configuration The unsolicited report interval is 1 second by default Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example console config if vlan3 ipv6 mld host proxy unsolicit rprt interval 10 ipv6 mld q...

Page 1522: ...v6 mld query max response time The ipv6 mld query max response time command sets MLD query maximum response time for the interface This value is used in assigning the maximum response time in the query messages that are sent on that interface Use the no form of this command to set the maximum query response time to the default Syntax ipv6 mld query max response time query max response time no ipv6...

Page 1523: ...ighbor discovery Duplicate address detection verifies that an IPv6 address on an interface is unique Syntax ipv6 nd dad attempts value no ipv6 nd dad attempts value Probes transmitted Range 0 600 Default Configuration The default value for attempts is 1 Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example s...

Page 1524: ... User Guidelines The TTL sent in router advertisements and neighbor discovery packets may be configured using the Global Configuration command ipv6 hop limit Command History Introduced in version 6 2 0 1 firmware Example console config interface vlan 15 console config if vlan15 ipv6 nd ra hop limit unspecified ipv6 nd managed config flag Use the ipv6 nd managed config flag command in Interface Con...

Page 1525: ...erface vlan 15 console config if vlan15 ipv6 nd managed config flag ipv6 nd ns interval Use the ipv6 nd ns interval command in Interface Configuration mode to set the interval between router advertisements for advertised neighbor solicitations An advertised value of 0 means the interval is unspecified Syntax ipv6 nd ns interval milliseconds no ipv6 nd ns interval milliseconds Interval duration Ran...

Page 1526: ...chability detection Use the no form of the command to reset the value to the default Syntax ipv6 nd nud max multicast solicits num solicits no ipv6 nd nud max multicast solicits num solicits The maximum number of multicast Neighbor Solicitations sent during neighbor resolution or during NUD neighbor unreachability detection The value ranges from 3 to 255 The default value is 3 Default Configuratio...

Page 1527: ...s num solicits no ipv6 nd nud max unicast solicits num solicits The maximum number of unicast Neighbor Solicitations sent during neighbor resolution or during NUD neighbor unreachability detection The value ranges from 3 to 10 The default value is 3 Default Configuration The default number of solicits is 3 Command Mode Global Configuration User Guidelines Increase this value when neighbors are not...

Page 1528: ...r is resolved and added in the hardware traffic is continuously forwarded by the router using neighbor entry The neighbor entry in the cache transitions to the STALE state after the effective STALE timeout value a random value between 15 and 45 seconds per RFC 2461 To bridge the gap between the neighbor discovery state and the neighbor cache state the application periodically iterates through the ...

Page 1529: ...licit_attempt_num RETRANS_TIMER jittered value The exponential backoff algorithm complies with draft ietf 6man impatient nud 02 Increase this value when large numbers of neighbors are present or when neighbors are not being discovered due to network events like spanning tree re convergence Command History Introduced in version 6 2 0 1 firmware Example console config ipv6 nd nud retry 5 ipv6 nd oth...

Page 1530: ...ertisements Syntax ipv6 nd prefix ipv6 prefix prefix length valid lifetime infinite preferred lifetime infinite no autoconfig off link no ipv6 nd prefix ipv6 prefix prefix length ipv6 prefix IPv6 prefix prefix length IPv6 prefix length valid lifetime Valid lifetime of the router in seconds Range 0 4294967295 seconds infinite Indicates lifetime value is infinite preferred lifetime Preferred lifetim...

Page 1531: ...allow you to preconfigure RA prefix values before you configure the associated interface address In order for the prefix to be included in RAs you must configure an address that matches the prefix using the ipv6 address command Prefixes specified using ipv6 nd prefix without an associated interface address will not be included in RAs and will not be committed to the device configuration Example Th...

Page 1532: ...config vlan10 exit console config interface vlan 10 console config if vlan10 ipv6 enable console config if vlan10 exit console config ipv6 unicast routing console config interface gi1 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 exit console config interface gi1 0 1 console config if Gi1 0 1 ipv6 nd raguard attach policy ipv6 nd ra interval Use the ipv6 nd ra i...

Page 1533: ... ipv6 nd ra lifetime Use the ipv6 nd ra lifetime command in Interface Configuration mode to set the value that is placed in the Router Lifetime field of the router advertisements sent from the interface Syntax ipv6 nd ra lifetime seconds no ipv6 nd ra lifetime seconds Lifetime duration The value must be zero or it must be an integer between the value of the router advertisement transmission interv...

Page 1534: ...hbor reachable after neighbor discovery confirmation Syntax ipv6 nd reachable time milliseconds no ipv6 nd reachable time milliseconds Reachable time duration A value of zero means the time is unspecified by the router Range 0 3600000 milliseconds Default Configuration The default value for neighbor discovery reachable times is 0 milliseconds Command Mode Interface Configuration VLAN Tunnel Loopba...

Page 1535: ...ation VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example suppresses router advertisement transmission console config interface vlan 15 console config if vlan15 ipv6 nd suppress ra ipv6 route Use the ipv6 route command in Global Configuration mode to configure an IPv6 static route Use the no form of the command to remove a preference an indiv...

Page 1536: ...ise the prefix the network portion of the address A slash mark must separate the prefix from the prefix length with no spaces on either side of the slash mark interface type Distinguishes direct static routes from point to point and broadcast interfaces and must be specified when using a link local address as the next hop Interface type can be Null 0 or vlan plus vlan id or tunnel plus tunnel id i...

Page 1537: ...ands Changing the default distance does not update the distance of existing static routes even if they were assigned the original default distance The new default distance is applied to static routes created after invoking the ipv6 route distance command Syntax ipv6 route distance integer no ipv6 route distance integer integer Specifies the distance preference of an individual static route Range 1...

Page 1538: ...command has no user guidelines Example The following example globally enables Ipv6 unicast datagram forwarding console config ipv6 unicast routing console config no ipv6 unicast routing ipv6 unreachables Use the ipv6 unreachables command to enable the generation of ICMPv6 Destination Unreachable messages Use the no form of this command to prevent the generation of ICMPv6 Destination Unreachable me...

Page 1539: ... mode Syntax show ipv6 brief Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the IPv6 status of forwarding mode and IPv6 unicast routing mode console show ipv6 brief IPv6 Unicast Routing Mode Enable IPv...

Page 1540: ...lan vlan id prefix loopback id Valid loopback interface ID tunnel id Valid tunnel interface ID vlan id Valid VLAN ID prefix Display IPv6 Interface Prefix Information Default Configuration Displays all IPv6 interfaces Command Mode User Exec Privileged Exec modes Global Configuration mode and all Configuration submodes User Guidelines The Method field contains one of the following values Field Descr...

Page 1541: ...d FE80 211 88FF FE2A 3E3C 128 TENT The Method column shows one of the following values Auto The IPv6 address was automatically generated using IPv6 auto address configuration RFC 2462 Config The IPv6 address was manually configured DHCP The IPv6 address was leased from a DHCP server TENT Tentative address The following example displays the long form of the command and indicates whether address aut...

Page 1542: ...ommand is used to display information about multicast groups that MLD reported The information is displayed only when MLD is enabled on at least one interface If MLD was not enabled on any interfaces there is no group information to be displayed Syntax show ipv6 mld groups group address vlan vlan id group address The group address to display vlan id A valid VLAN id Default Configuration There is n...

Page 1543: ...nterface Interface through which the multicast group is reachable Uptime Time elapsed in seconds since the multicast group has been known Expiry Time Time left in seconds before the entry is removed from the MLD membership table of this interface Last Reporter The IP Address of the source of the last membership report received for this multicast group address on that interface Filter Mode The filt...

Page 1544: ...ipv6 mld groups vlan 6 Group Address FF1E 1 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 2 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 3 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 4 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss show ipv6 mld interface The show ipv6...

Page 1545: ...ministrative status of MLD MLD Operational Mode The operational status of MLD on the interface MLD Version This field indicates the version of MLD configured on the interface Query Interval This field indicates the configured query interval for the interface Query Max Response Time This field indicates the configured maximum query response time in seconds advertised in MLD queries on this interfac...

Page 1546: ...before the router assumes that there are no local members Field Description Querier Status This value indicates whether the interface is a MLD querier or non querier on the subnet with which it is associated Querier Address The IP address of the MLD querier on the subnet the interface with which it is associated Querier Up Time Time elapsed in seconds since the querier state has been updated Queri...

Page 1547: ...he command displays the following parameters only when you enable MLD Proxy Field Description Interface Index The interface number of the MLD Proxy interface Admin Mode Indicates whether MLD Proxy is enabled or disabled This is a configured value Operational Mode Indicates whether MLD Proxy is operationally enabled or disabled This is a status parameter Version The present MLD host version that is...

Page 1548: ...D Proxy reported Syntax show ipv6 mld host proxy groups Default Configuration There is no default configuration for this command Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines The following parameters are displayed by this command Querier IP Address on Proxy Interface The IP address of the Querier if any in the network attached to the upstream...

Page 1549: ...ipv6 mld host proxy groups detail Default Configuration There is no default configuration for this command Group Address The IP address of the multicast group Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member Sta...

Page 1550: ...rter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the latest group membership query for this group Delay_Member The interface is going to send a group m...

Page 1551: ...6 mld host proxy interface Use the show ipv6 mld proxy interface command to display a detailed list of the host interface status parameters Syntax show ipv6 mld host proxy interface Default Configuration There is no default configuration for this command Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines The following parameters are displayed only...

Page 1552: ...fault Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following fields are displayed Parameter Description Ver The MLD version Query Rcvd Number of MLD queries received Report Rcvd Number of MLD reports received Report Sent Number of MLD reports sent Leaves Rcvd Number of...

Page 1553: ...s received by the router Valid MLD Packets Sent The number of valid MLD packets sent by the router Queries Received The number of valid MLD queries received by the router Queries Sent The number of valid MLD queries sent by the router Reports Received The number of valid MLD reports received by the router Reports Sent The number of valid MLD reports sent by the router Leaves Received The number of...

Page 1554: ... and router redirect messages on interface Gi1 0 1 VLAN 10 The configured interfaces are shown console config vlan 10 console config vlan101 exit console config interface vlan 10 console config if vlan10 ipv6 enable console config if vlan10 exit console config ipv6 unicast routing console config interface gi1 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 exit co...

Page 1555: ... mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays information about the IPv6 neighbors console config show ipv6 neighbors Neighbor Last IPv6 Address MAC Address isRtr State Updated Interface show ipv6 protocols Use the show ipv6 protocols command to display information about the configured IPv6 routing protocols Syntax s...

Page 1556: ...e MED TRUE Maximum AS Path Length 100 Fast Internal Failover Disable Fast External Failover Disable Distance Ext 126 Int 127 Local 126 Prefix List In none Prefix List Out none Redistributing Source Metric Dist List Route Map connected Networks Originated Neighbors 2001 1 Filter List In 1 Filter List Out 1 Routing Protocol OSPFv3 Router ID 0 0 0 0 OSPF Admin Mode Disable Maximum Paths 4 Routing for...

Page 1557: ...routes Is one of the following keywords connected ospf static ipv6 prefix prefix length Specifies an IPv6 network for which the matching route would be displayed interface type interface number Valid IPv6 interface Specifies that the routes with next hops on the selected interface be displayed Supported interface types are VLAN Tunnel and Loopback best Specifies that only the best routes are displ...

Page 1558: ... 0 24 0 1 directly connected vlan2 C 20 1 20 0 24 0 1 directly connected vlan4 show ipv6 route preferences Use the show ipv6 route preferences command to show the preference value associated with the type of route Lower numbers have a greater preference Syntax show ipv6 route preferences Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Config...

Page 1559: ...summary for only best routes Syntax show ipv6 route summary best best Displays the count summary for only best routes Default Configuration This command has no default configuration Command Mode User Exec Privileged Exec modes Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Command History Updated in version 6 3 0 1 firmware Example The ...

Page 1560: ...ace interface id interface id An interface identifier physical or port channel Default Configuration By default no RA guard policies are applied to any interface Command Mode Privileged Exec Global Configuration and all submodes User Guideline There are no user guidelines for this command Command History Introduced in version 6 2 0 1 firmware Example console config if vlan10 show ipv6 snooping cou...

Page 1561: ...ge 0 7 Default Configuration This command has no default configuration Command Mode User Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Examples The following examples show traffic and statistics for IPv6 and ICMPv6 first for all interfaces and an individual VLAN console show ipv6 traffic IPv6 STATISTICS Total Datagrams Receiv...

Page 1562: ...red 0 Received Datagrams Discarded Due To Header Errors 0 Received Datagrams Discarded Due To MTU 0 Red Datagrams Discarded Due To No Route 0 Received Datagrams With Unknown Protocol 0 Received Datagrams Discarded Due To Invalid Address 0 Received Datagrams Discarded Due To Truncated Data 0 Received Datagrams Discarded Other 0 Received Datagrams Reassembly Required 0 Datagrams Successfully Reassem...

Page 1563: ...nd to determine the path and measure the transit delay to another device in the network The transit delays are measured for each hop in the network Syntax traceroute ipv6 ipv6 address hostname count 1 10 init ttl 1 255 interval 1 60 max fail 0 255 max ttl 1 255 port 1 65535 size 0 39936 source ipv6 address loopback loopback id vlan vlan id ipv6 address hostname The target IP address or host to pin...

Page 1564: ...guration There is no default configuration for this command Command Mode Privileged Exec and User Exec modes User Guidelines Traceroute operates by sending a sequence of Internet Control Message Protocol ICMP echo request packets The time to live TTL value is used in determining the intermediate routers through which the packet flows toward the destination address Routers decrement a packet s TTL ...

Page 1565: ...interface never transmits data but may receive data It is typically expected to be used by routing protocols Loopback interfaces will respond to pings Loopback interfaces are not supported on the N1100 ON Series switches Commands in this Section This section explains the following commands interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loo...

Page 1566: ... time 10 msec Reply From 192 168 22 1 icmp_seq 1 time 10 msec Reply From 192 168 22 1 icmp_seq 2 time 10 msec Reply From 192 168 22 1 icmp_seq 3 time 10 msec show interfaces loopback Use the show interfaces loopback command to display information about one or all configured loopback interfaces Syntax show interfaces loopback loopback id loopback id Loopback identifier Range 0 7 Default Configurati...

Page 1567: ...formation about configured loopback interfaces console show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets 1 loopback 1 0 0 0 0 0 0 console show interfaces loopback 1 Interface Link Status Up IP Address 0 0 0 0 0 0 0 0 MTU size 1500 bytes ...

Page 1568: ...ability as regular unicast IP messages The message is not guaranteed to arrive intact at all members of the destination group or in the same order relative to other messages The advantages of multicasting are explained below Network Load Decrease A number of applications are required to transmit packets to hundreds of stations The packets transmitted to these stations share a group of links on the...

Page 1569: ...cipating stations are free to join or leave an audio cast or a video cast as needed The variable membership maintenance is managed efficiently through multicasting Commands in this Section This section explains the following commands clear ip mroute Use this command to selectively clear IPv4 multicast entries from the cache clear ip mroute ip pim dense mode show ip mfc show ip mroute static arp ip...

Page 1570: ...ough this command it cannot be formed again until it is expired in IGMP and started again via the host The default mcache time out is 210 seconds Example The following example deletes all entries from the IP multicast routing table console clear ip mroute The following example deletes from the IP multicast routing table all entries that match the given multicast group address 239 1 2 1 irrespectiv...

Page 1571: ...to 239 255 255 255 mask The group address mask in dotted quad notation Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines The administratively scoped multicast address range is 239 0 0 0 to 239 255 255 255 Example The following example adds an administrative scope multicast boundary console config interface vlan 15 console...

Page 1572: ...ts corresponding the 0 s in the netmask Multicast source data is flooded forwarded by default in the VLAN on which it is received For this reason multi access VLANs are not recommended for multicast routing interfaces Example console config ip mroute 1 1 0 0 255 255 0 0 192 168 20 1 34 ip multicast routing Use the ip multicast routing command in Global Configuration mode to set the administrative ...

Page 1573: ...a continues to be forwarded to that port If a host in the VLAN subsequently joins or leaves the group the list of mrouter ports is updated for the multicast source and the forwarding of the multicast source is adjusted The workaround to this limitation is to statically configure mrouter ports when enabling IGMP MLD snooping in L3 multicast enabled VLANs Multicast routing requires IGMP to be enable...

Page 1574: ...figuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example applies a ttlvalue of 5 to the VLAN 15 routing interface console config interface vlan 15 console config if vlan15 ip multicast ttl threshold 5 ip pim Use the ip pim command in Interface VLAN Configuration mode to admi...

Page 1575: ...ole config ip routing console config ip multicast console config interface vlan 10 console if vlan 10 ip pim Command History User Guidelines updated in release 6 3 5 ip pim bsr border The ip pim bsr border command is used in Interface VLAN Configuration mode to administratively disable bootstrap router BSR messages on the interface Use the no form of this command to return the configuration to the...

Page 1576: ... and ip pimsm cbsrpreference commands Syntax ip pim bsr candidate vlan vlan id hash mask length bsr priority interval interval no ip pim bsr candidate vlan vlan id vlan id A valid VLAN identifier with multicast routing enabled hash mask length Length of the BSR hash to be ANDed with the multicast group address Range 0 32 bits Default 0 bsr priority The advertised priority of the BSR candidate Rang...

Page 1577: ...uting Use the no form of this command to disable PIM Syntax ip pim dense mode no ip pim Default Configuration PIM is not enabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router IGMP is automatically enabled if PIM is enabled and disabled when PIM is disabled ip multicast routing may be operationally enabled or disable...

Page 1578: ...2147483647 Default Configuration The default election priority is 1 Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower values are preferred Example console if vlan10 ip pim dr priority 32768 ip pim hello interval The ip pim hello interval command in Interface VLAN Configuration mode to administratively configure the freque...

Page 1579: ...p pim join prune interval The ip pim join prune interval command in Interface VLAN Configuration mode to administratively configure the frequency of join prune messages on the specified interface Use the no form of this command to return the configuration to the default Syntax ip pim join prune interval interval no ip pim join prune interval interval The number of seconds between successive join p...

Page 1580: ...group mask override no ip pim rp address rp address group address group mask rp address The valid IPv4 address for the rendezvous point group address A valid multicast group address to be sourced from the rendezvous point group mask A mask indicating the range of multicast groups sourced from the RP override A flag indicating that the static entry should override dynamically learned entries for th...

Page 1581: ...g enabled group address A valid multicast group address group mask A mask indicating the range of multicast groups for which the router should advertise itself as an RP candidate interval Optional Indicates the RP candidate advertisement interval The range is from 1 to 16383 seconds The default value is 60 seconds Default Configuration None the router does not advertise itself as an RP candidate b...

Page 1582: ...t is recommended that IGMP snooping be disabled if IP multicast is enabled unless specifically required PIM is not compatible with DVMRP DVMRP must be disabled before enabling PIM Example console config ip pim sparse mode ip pim ssm Use the ip pim ssm command in Global Configuration mode to administratively configure PIM source specific multicast range of addresses for IP multicast routing Use the...

Page 1583: ...Guidelines There are no user guidelines for this command Example console config ip pim ssm 239 0 10 0 255 255 255 0 show ip mfc Use the show ip mfc command to display the multicast forwarding cache Syntax show ip mfc Default Configuration This command does not have a default configuration Command Mode Privileged Exec mode Global Config mode all sub modes User Guidelines This command display both t...

Page 1584: ... ip multicast Default Configuration This command has no default configuration Field Description MFC IPv4 Mode Enabled when IPv4 Multicast routing is operational MFC IPv6 Mode Enabled when IPv6 Multicast routing is operational MFC Entry Count The number of entries present in MFC Total Pkts Forwarded in SW Total Number of multicast packets forwarded in software Source Address Source address of the m...

Page 1585: ...tocol State Non Operational Table Max Size 768 Protocol PIMDM Multicast forwarding cache entry count 0 show ip pim boundary Use the show ip pim boundary command to display all the configured administrative scoped multicast boundaries Syntax show ip pim boundary vlan vlan id all vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged Exec mode G...

Page 1586: ...e Syntax show ip multicast interface type number type number Interface type and number for which to display IP multicast information VLAN Vlan ID is the only supported type and number Default Configuration Show information for all multicast interfaces Command Mode User Exec Privileged Exec modes Global Configuration mode and all Configuration submodes User Guidelines This command has no user guide...

Page 1587: ... Example console show ip mroute Multicast route table Expiry Up Time Source IP Group IP mm ss hh mm ss RPF Neighbor Flags 192 168 0 11 239 0 5 7 3 03 15 54 12 192 168 0 10 show ip mroute group Use the show ip mroute group command to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entr...

Page 1588: ...ummary console show ip mroute group 239 5 5 5 show ip mroute source Use the show ip mroute source command to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mroute table containing the sourceipaddr or sourceipaddr groupipaddr pair value s Syntax show ip mroute...

Page 1589: ...e static mcast table if it is specified or display the static route associated with the particular sourceipaddr Syntax show ip mroute static sourceipaddr sourceipaddr IP address of source Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Examp...

Page 1590: ... Global Configuration mode and all Configuration submodes User Guidelines The following information is displayed Example console show ip pim PIM Mode None If no routers are enabled for PIM the following message is displayed None of the routing interfaces are enabled for PIM show ip pim bsr router The show ip pim bsr router command displays information about a bootstrap router BSR Syntax show ip pi...

Page 1591: ...er BSR Address 192 168 10 1 BSR Priority 0 BSR Hash Mask Length 30 C BSR Advertisement Interval secs 60 Next Bootstrap message hh mm ss NA If no configured elected BSRs exist on the router the following message is displayed No BSR s exist learned on this router Field Description BSR address IP address of the BSR BSR Priority The configured BSR priority BSR Hash Mask Length The configured hash mask...

Page 1592: ...ation for this command Command Mode User Exec and Privileged Exec modes Global Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show ip pim interface Field Description Mode Active PIM Protocol Interface Interface number Hello Interval Hello interval value Join prune Interval Join prune interval value DR Priority DR Prio...

Page 1593: ...s displayed None of the routing interfaces are enabled for PIM show ip pim neighbor Use the show ip pim neighbor command in User Exec or Privileged Exec modes to display PIM neighbors discovered by PIMv2 Hello messages If the interface number is not specified this command displays the neighbors discovered on all the PIM enabled interfaces Syntax show ip pim neighbor vlan vlan id vlan id A valid VL...

Page 1594: ...o neighbors are learned on any of the interfaces the following message is displayed No neighbors are learned on any interface show ip pim rp hash The show ip pim rp hash command displays the rendezvous point RP selected for the specified group address Syntax show ip pim rp hash group address group address A valid multicast address supported by RP Default Configuration There is no default configura...

Page 1595: ...rned for the specified group address show ip pim rp mapping The show ip pim rp mapping command is used in User Exec and Privileged Exec modes to display the mappings for the PIM group to the active rendezvous points Syntax show ip pim rp mapping rp address candidate static rp address An RP address Default configuration There is no default configuration for this command Command Mode User Exec Privi...

Page 1596: ...tic RP Group mapping exists on the router the following message is displayed No Static RP Group mappings exist on this router show ip pim statistics Use the show ip pim statistics command to display the count of PIM sparse mode received control packets per VLAN Syntax show ip pim statistics vlan vlan id vlan id The VLAN for which PIM sparse mode statistics are displayed Default configuration There...

Page 1597: ...s Received 0 Vl20 Rx 0 0 0 5 0 0 0 Tx 8 7 0 0 0 0 0 Invalid Packets Received 0 console show ip pim statistics vlan 10 Interface Stat Hello Register Reg Stop Join Pru BSR Assert CRP Field Description Stat Rx Packets received Tx Packets transmitted Interface The PIM enabled routing interface Hello Number of PIM Hello messages Register Number of PIM Register messages Reg Stop Number of PIM Register S...

Page 1598: ...Layer 3 Routing Commands 1598 Vl10 Rx 0 0 0 0 0 0 0 Tx 2 0 0 0 0 0 0 Invalid Packets Received 0 ...

Page 1599: ...urce address Deletes all IPv6 entries from the IP multicast routing table group address IPv6 address of the multicast group source address IPv6 address of a multicast source that is sending multicast traffic to the group clear ipv6 mroute ipv6 pim sparse mode ipv6 pim VLAN Interface config ipv6 pim ssm ipv6 pim bsr border show ip mroute group ipv6 pim bsr candidate show ip mroute source ipv6 pim d...

Page 1600: ...able console clear ipv6 mroute The following example deletes from the IPv6 multicast routing table all entries that match the given multicast group address FF4E 1 irrespective of which source is sending for this group console clear ipv6 mroute FF4E 1 The following example deletes from the IPv6 multicast routing table all entries that match the given multicast group address FF4E 1 and the multicast...

Page 1601: ...nds for further information Example console config if vlan3 ipv6 pim ipv6 pim bsr border Use the ipv6 pim bsr border command to prevent bootstrap router BSR messages from being sent or received through an interface Use the no form of this command to disable the interface from being the BSR border Syntax ipv6 pim bsr border no ipv6 pim bsr border Default Configuration BSR border is disabled by defa...

Page 1602: ...fore the hash function is called All groups with the same seed hash correspond to the same RP For example if this value is 24 only the first 24 bits of the group addresses matter This allows you to get one RP for multiple groups Range 0 128 bits priority The priority of the candidate BSR The BSR with the higher priority is preferred If the priority values are the same the router with the higher IP...

Page 1603: ...isable PIM and MLD This command does not affect ip multicast routing Syntax ipv6 pim dense mode no ipv6 pim Default Configuration PIM dense mode is disabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router DVMRP must be disabled before enabling PIM Example console config ipv6 pim dense ipv6 pim dr priority Use the ipv6...

Page 1604: ...is command Example console config if vlan3 ipv6 pim dr priority 10 ipv6 pim hello interval Use the ipv6 pim hello interval command to configure the PIM SM Hello Interval for the specified interface Use the no form of this command to set the hello interval to the default Syntax ipv6 pim hello interval interval no ipv6 pim hello interval interval The hello interval Range 0 18000 seconds Default Conf...

Page 1605: ...im join prune interval interval no ipv6 pim join prune interval interval The join prune interval Range 0 18000 seconds Default Configuration The default join prune interval is 60 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 pim join prune interval 90 ipv6 pim register threshold Use the ipv6...

Page 1606: ...and to statically configure the RP address for one or more multicast groups The optional keyword override indicates that if there is a conflict the RP configured with this command prevails over the RP learned by BSR Use the no form of this command to remove the RP address for one or more multicast groups Syntax ipv6 pim rp address rp address group address prefixlength override no ipv6 pim rp addre...

Page 1607: ...o form of this command to disable the router from advertising itself as a PIM candidate rendezvous point RP to the bootstrap router BSR Syntax ipv6 pim rp candidate vlan vlan id group address prefixlength interval c_rp_interval no ipv6 pim rp candidate vlan vlan id vlan id A valid VLAN ID value group address The group address to display prefixlength This parameter specifies the prefix length of th...

Page 1608: ...e Use the ipv6 pim sparse mode command to administratively configure PIM sparse mode for multicast routing This command also enables MLD Use the no form of this command to disable PIM and MLD Syntax ipv6 pim sparse mode no ipv6 pim Default Configuration IPv6 PIM sparse mode is disabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configu...

Page 1609: ...xlength This parameter specifies the prefix length of the IP address for the media gateway Range 1 128 Default Configuration The default range is FF3x 32 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 pim ssm ff1e 64 show ipv6 pim Use the show ipv6 pim command to display global status of IPv6 PIMSM and its IPv6 routi...

Page 1610: ...sr router Use the show ipv6 pim bsr router command to display the bootstrap router BSR information Syntax show ipv6 pim bsr router candidate elected candidate Show the IPv6 PIM candidate bootstrap router information elected Show the IPv6 elected PIM bootstrap router information Default Configuration There is no default configuration for this command Command Mode User Exec Privileged Exec modes Glo...

Page 1611: ... ss 00 00 32 If no configured elected BSR s exist on the router the following message is displayed No BSR s exist learned on this router Field Description BSR Address Address of the BSR BSR Priority Configured BSR priority BSR Hash Mask Length Configured hash mask length Next Bootstrap Message Remaining time until a BSR message is sent Next Candidate RP Advertisement Time remaining until the next ...

Page 1612: ... specified multicast source static Show the multicast route information for the specified static multicast group summary Summarize the information Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show ipv6 mroute summary Multi...

Page 1613: ...eighbor Flags 2001 5 FF43 5 03 08 00 00 21 2001 5 SPT console show ipv6 mroute source 2001 5 summary Multicast Route Table Summary Source IP Group IP Protocol IIF OIF Expiry 2001 5 FF43 5 PIMSM Vl12 Vl11 Vl13 console show ipv6 mroute group FF43 5 cr Press enter to execute the command Output filter options summary Display the IPV6 multicast routing table summary console show ipv6 mroute group FF43 ...

Page 1614: ... groupipaddr value Syntax show ipv6 mroute group groupipaddr summary groupipaddr IP address of the multicast group Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show ipv6 mroute group FF43 5 cr Press enter to execute the co...

Page 1615: ...mer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mroute table containing the sourceipaddr or sourceipaddr groupipaddr pair value s Syntax show ipv6 mroute source sourceipaddr summary groupipaddr sourceipaddr IP address of source groupipaddr IP address of multicast group Default Configuration This command has no default c...

Page 1616: ...lticast Route Table Summary Source IP Group IP Protocol IIF OIF Expiry 2001 5 FF43 5 PIMSM Vl12 Vl11 Vl13 show ipv6 pim interface Use the show ipv6 pim interface command to display interface config parameters If no interface is specified all interfaces are displayed Syntax show ipv6 pim interface vlan vlan id vlan id A valid VLAN ID value Default Configuration There is no default configuration for...

Page 1617: ...y IPv6 PIMSM neighbors learned on the routing interfaces Syntax show ipv6 pim neighbor interface vlan vlan id vlan id A valid VLAN ID value Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines If a VLAN interface is not specified all neighbors are shown Example console sho...

Page 1618: ...bal Configuration mode and all Configuration submodes User Guidelines There are no user guidelines for this command Example console show ipv6 pim rp hash ff1e 64 RP Type Address 3001 1 BSR show ipv6 pim rp mapping Use the show ipv6 pim rp mapping command to display all group to RP mappings of which the router is aware either configured or learned from the bootstrap router BSR If no RP is specified...

Page 1619: ... console show ipv6 pim rp mapping Group Address FF1E 64 RP Address 2001 1 origin Static Group Address FF1E 64 RP Address 3001 1 origin BSR show ipv6 pim statistics Use the show ipv6 pim statistics command to display the count of IPv6 PIM sparse mode received control packets Syntax show ipv6 pim statistics vlan vlan id vlan vlan id The VLAN for which to display spare mode statistics Default Configu...

Page 1620: ...Received 0 Gi1 0 5 Rx 0 0 6 5 0 0 0 Tx 10 9 0 0 0 0 0 Invalid Packets Received 0 console show ipv6 pim statistics vlan 10 Interface Stat Hello Register Reg Stop Join Pru BSR Assert CRP Field Description Stat Rx Packets received Tx Packets transmitted Interface The PIM enabled routing interface Hello Number of PIM Hello messages Register Number of PIM Register messages Reg Stop Number of PIM Regist...

Page 1621: ...Layer 3 Routing Commands 1621 Vl10 Rx 0 0 0 0 0 0 0 Tx 2 0 0 0 0 0 0 Invalid Packets Received 0 ...

Page 1622: ...s not visible to routers outside the area Two different types of OSPF routing occur as a result of area partitioning Intra area and Inter area Intra area routing occurs if a source and destination are in the same area Inter area routing occurs when a source and destination are in different areas An OSPF backbone distributes information between areas For IPv4 networks Dell EMC Networking routing su...

Page 1623: ...of 255 shall never be used for forwarding The RIP preference is not used in IPv6 routing OSPF Equal Cost Multipath ECMP A device running the IP routing protocol OSPF maintains multiple equal cost routes to all destinations The multiple routes are of the same type intra area inter area type 1 external or type 2 external cost and have the same associated area However each route is defined by a separ...

Page 1624: ...ic route into a single route to 20 0 0 0 8 with two next hops All next hops within an ECMP route must be provided by the same source On Dell EMC Networking N3000 N3100 and N4000 platforms the ECMP hashing support utilizes Enhanced hashing mode which provides improved load balancing performance ECMP hashing on these platforms has the following features MODULO N operation based on the number N of ne...

Page 1625: ...PF runs Helpful neighbors continue to forward packets through the restarting router The restarting router relearns the network topology from its helpful neighbors Dell EMC Networking implements both the restarting router and helpful neighbor features described in RFC 3623 Commands in this Section This section explains the following commands area default cost Router OSPF capability opaque ip ospf n...

Page 1626: ...erflow interval nsf helper show ip ospf neighbor area virtual link external lsdb limit nsf helper strict lsa checking show ip ospf range area virtual link authentication ip ospf area nsf restart interval show ip ospf statistics area virtual link dead interval ip ospf authentication passive interface default show ip ospf stub table area virtual link hello interval ip ospf cost passive interface sho...

Page 1627: ... Router OSPF Configuration mode to configure the specified area ID to function as an NSSA If the area has not been previously created this command creates the area and then applies the NSSA distinction If the area already exists the NSSA distinction is added or modified Use the no form of the command to remove the NSSA distinction from the specified area ID Syntax area area id nssa no redistributi...

Page 1628: ...ter it determines that its translator status has been deposed by another router Range 0 3600 Default Configuration If no metric is defined 10 is the default configuration The default role is candidate The default metric is type 2 Command Mode Router OSPF Configuration mode User Guidelines Specifying a metric with no metric type is equivalent to specifying a metric with a metric type of 2 Example T...

Page 1629: ... comparable no area area id nssa default info originate area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 integer Specifies the metric of the default route advertised to the NSSA Range 1 16777214 comparable A metric type of nssa external 1 non comparable A metric type of nssa external 2 Default Configuration If no metric is defined 10 is the default config...

Page 1630: ...ecimal from 0 4294967295 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the NSSA ABR console config router area 20 nssa no redistribute area nssa no summary Use the area nssa no summary command in Router OSPF Configuration mode to configure the N...

Page 1631: ...ssa translator role command in Router OSPF Configuration mode to configure the translator role of the NSSA Syntax area area id nssa translator role always candidate no area area id nssa translator role area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 always The router assumes the role of the translator when it becomes a border router candidate The router ...

Page 1632: ...eger no area area id nssa translator stab intv area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 integer The period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router Range 0 3600 Default Configuration This command has no default configuration Command Mode Rou...

Page 1633: ...ary prefix to be advertised when the ABR computes a route to one or more networks within this prefix in this area summarylink When this keyword is given the area range is used when summarizing prefixes advertised in type 3 summary LSAs nssaexternallink When this keyword is given the area range is used when translating type 7 LSAs to type 5 LSAs advertise Optional When this keyword is given the sum...

Page 1634: ...10 0 0 0 255 0 0 0 summarylink The no form may be used to revert the advertise not advertise option to its default without deleting the area range Deleting and recreating the area range would cause OSPF to temporarily advertise the prefixes contained within the range Note that using either the advertise or not advertise keyword reverts the configuration to the default For example Create area range...

Page 1635: ... 0 0 0 255 0 0 0 is an invalid prefix for an area range If the maximum number of ranges is already configured console config router area 3 range 90 0 0 0 255 0 0 0 summarylink cost 50 The maximum number of area ranges 60 is already configured If the user tries to delete an area range that does not exist console config router no area 4 range 40 0 0 0 255 0 0 0 summarylink Delete failed No matching ...

Page 1636: ... no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Examples The following examples define area 3 for the stub and then removes the stub area console config router area 3 stub console config router no area 3 stub area stub no summary Use the area stub no summary command in Router OSPF Configuration mode to prevent Summary LSAs f...

Page 1637: ...d area id and neighbor router To remove the link use the no form of the command Use the optional parameters to configure authentication dead interval hello interval retransmit interval and transmit delay If the area has not been previously created it is created by this command If the area already exists the virtual link information is added or modified Syntax area area id virtual link router id au...

Page 1638: ... is assumed to be dead Range 1 65535 retransmit interval seconds The number of seconds to wait between retransmitting LSAs if no acknowledgment is received Range 0 3600 transmit delay seconds Number of seconds to increment the age of the LSA before sending based on the estimated time it takes to transmit from the interface Range 0 3600 md5 Use MD5 Encryption for an OSPF Virtual Link key Authentica...

Page 1639: ...t delay 40 The following example establishes a virtual link with MD5 authentication router ospf network 10 50 50 0 0 0 0 255 area 10 area 10 0 0 0 virtual link 10 3 4 5 message digest key 100 md5 test123 area virtual link authentication Use the area virtual link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface iden...

Page 1640: ...ess if the type is encrypt key id Authentication key identifier for the authentication type encrypt Range 0 255 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines Unauthenticated interfaces cannot be configured with an authentication key If no parameters are specified after the authentication keyword then plain text password ...

Page 1641: ...d interval area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router ID of the neighbor seconds Number of seconds to wait before the OSPF virtual interface on the virtual interface is assumed to be dead Range 1 2147483647 Default Configuration 40 seconds is the default configuration Command Mode Router OSPF Configuration mode User...

Page 1642: ...al seconds no area area id virtual link neighbor id hello interval area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router ID of the neighbor seconds Number of seconds to wait before sending hello packets to the OSPF virtual interface Range 1 65535 Default Configuration 10 seconds is the default configuration Command Mode Router...

Page 1643: ...l seconds no area area id virtual link neighbor id retransmit interval area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router ID of the neighbor seconds The number of seconds to wait between retransmitting LSAs if no acknowledgment is received Range 0 3600 Default Configuration The default configuration is 5 seconds Command Mod...

Page 1644: ...295 neighbor id Identifies the Router ID of the neighbor seconds Number of seconds to increment the age of the LSA before sending based on the estimated time it takes to transmit from the interface Range 0 3600 Default Configuration 1 second is the default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example con...

Page 1645: ...OSPFv2 or OSPFv3 Router Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures a reference bandwidth of 500 Mbps console config router auto cost reference bandwidth 500 bandwidth By default OSPF computes the link cost of an interface as the ratio of the reference bandwidth to the interface bandwidth Reference bandwidth is specified...

Page 1646: ... this command Example The following example configures the interface bandwidth to 500000 Kbps console config if vlan1 bandwidth 500000 bfd Use the bfd command to enable processing of BFD events by OSPF on all interfaces enabled for BFD Use the no form of the command to ignore BFD events Syntax bfd no bfd Default Configuration The processing of BFD events is not enabled by default Command Mode Rout...

Page 1647: ...nsole configure console config ip routing console config interface vlan 3 console config if vlan3 ip address 192 168 0 1 24 console config if vlan3 ip ospf area 0 console config if vlan3 ip ospf bfd onsole config if vlan3 exit console config router ospf console config router bfd capability opaque Use the capability opaque command to enable Opaque Capability on the router Use the no form of this co...

Page 1648: ... external LSAs Reapply the redistribution configuration and re originate prefixes as necessary counters Reset global and interface statistics neighbor Drop the adjacency with all OSPF neighbors On each neighbor s interface send a one way hello Adjacencies may then be reestablished interface vlan vlan id Drop adjacency with all neighbors on a specific interface neighbor id Drop adjacency with a spe...

Page 1649: ... router mode when it has automatically entered stub router mode because of a resource limitation Syntax clear ip ospf stub router vrf vrf name vrf name The name of the VRF instance on which the command operates If no VRF parameter is given counters for the default global router instance is cleared Default Configuration There is no default configuration for this command Command Mode Privileged Exec...

Page 1650: ...Router OSPF Configuration mode User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328 OSPF 1583 compatibility mode should be disabled Example The following example enables 1583 compatibility console config router compatible rfc1583 default information originate Router OSPF Configuration Use the default information originate command in Router OSPF C...

Page 1651: ...and the default type is 2 Command Mode Router OSPF Configuration mode User Guidelines The only routers that actually have Internet connectivity should advertise a default route All other routers in the network should learn the default route from the routers that have connections to the Internet The edge router should also have a static default route configured with an upstream ISP router as the de...

Page 1652: ...e value of the default route Range 1 16777214 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example sets a value of 50 for the default metric console config router default metric 50 distance ospf The distance ospf command sets the preference values of OSPF route t...

Page 1653: ...arned by redistribution when there are two or more routes to the same destination from two different routing protocols Range 1 255 Default Configuration The default preference value is 110 for dist1 dist2 and dist3 Command Mode Router OSPF Configuration mode Router OSPFv3 Configuration mode User Guidelines There are no user guidelines for this command Examples The following examples set route pref...

Page 1654: ...e specified access list when packets come from a directly connected route Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example specifies the access list to filter routes received from the RIP source protocol console config router distribute list ACL40 out rip ena...

Page 1655: ...he router ID Example The following example enables OSPF router mode console config router enable exit overflow interval Use the exit overflow interval command in Router OSPF Configuration mode to configure the exit overflow interval for OSPF When a router leaves the overflow state it can originate non default AS external LSAs When set to 0 the router will not leave Overflow State until restarted U...

Page 1656: ...t for OSPF If the value is 1 then there is no limit When the number of non default AS external LSAs in a router s link state database reaches the external LSDB limit the router enters overflow state The router never holds more than the external LSDB limit non default AS external LSAs in it database Use the no form of the command to return the limit to the default value Syntax external lsdb limit i...

Page 1657: ...the effects of network area command It can also configure the advertisability of the secondary addresses on this interface into OSPFv2 domain Use the no form of this command to disable OSPFv2 on an interface Syntax ip ospf area area id secondaries none no ip ospf area secondaries none area id The ID of the area Range IP address or decimal from 0 4294967295 Default Configuration OSPFv2 is disabled ...

Page 1658: ...tion key key Authentication key for the specified interface Range 8 bytes or less if the authentication type is simple and 16 bytes or less if the type is encrypt key id Authentication key identifier for the authentication type encrypt Range 0 25 Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines Unauthenticated interfaces...

Page 1659: ...ion 10 is the default link state metric configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures the cost on the OSPF interface at 5 console config if vlan1 ip ospf cost 5 ip ospf database filter all out Use the ip ospf database filter all out command in Interface Configuration mode to prevent flooding...

Page 1660: ...command to return the interval to the default value Syntax ip ospf dead interval seconds no ip ospf dead interval seconds Number of seconds that a router s Hello packets have not been seen before its neighbor routers declare that the router is down Range 1 65535 Default Configuration 40 is the default number of seconds Command Mode Interface Configuration VLAN mode User Guidelines The value for th...

Page 1661: ...nds Command Mode Interface Configuration VLAN mode User Guidelines The value for the length of time must be the same for all routers attached to a network Example The following example sets the OSPF hello interval at 30 seconds console config if vlan1 ip ospf hello interval 30 ip ospf mtu ignore Use the ip ospf mtu ignore command in Interface Configuration mode to disable OSPF maximum transmission...

Page 1662: ...LAN mode User Guidelines This command has no user guidelines Example The following example disables OSPF MTU mismatch detection on VLAN interface 15 console config if vlan1 ip ospf mtu ignore ip ospf network Use the ip ospf network command to configure OSPF to treat an interface as a point to point rather than broadcast interface To return to the default value use the no form of this command Synta...

Page 1663: ...dvertisement LSA Both endpoints of the link must be configured to operate in point to point mode Example The following example shows the options for the ip ospf network command console config if vlan1 ip ospf network broadcast Set the OSPF network type to Broadcast point to point Set the OSPF network type to Point to Point ip ospf priority Use the ip ospf priority command in Interface Configuratio...

Page 1664: ...it Interval for the specified interface Use the no form of the command to return the interval to the default value Syntax ip ospf retransmit interval seconds no ip ospf retransmit interval seconds Number of seconds between link state advertisement retransmissions for adjacencies belonging to this router interface This value is also used when retransmitting database description and link state reque...

Page 1665: ...ansmit delay seconds no ip ospf transmit delay seconds Sets the estimated number of seconds it takes to transmit a link state update packet over this interface Range 1 3600 seconds Default Configuration 1 is the default number of seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets the OSPF Transit Delay for V...

Page 1666: ...ONAL severity max metric router lsa Use the max metric router lsa command in router OSPF Global Configuration mode to configure OSPF to enable stub router mode To disable stub router mode use the no max metric router lsa command in OSPFv2 Global Router Configuration mode Syntax max metric router lsa on startup seconds summary lsa metric no max metric router lsa on startup summary lsa on startup Op...

Page 1667: ...outer mode until OSPF is taken out of stub router mode Alternatively one can configure OSPF to start in stub router mode for a specific period of time after the router boots up If the summary LSA metric is set to 16 777 215 other routers will skip the summary LSA when they compute routes If the router is configured to enter stub router mode on startup max metric router lsa on startup and one then ...

Page 1668: ... 4 is the integer default value Command Mode Router OSPF Configuration mode User Guidelines OSPF is only enabled on an interface if the primary IPv4 address on the interface matches a network area range Any individual interface can only be attached to a single area If an interface address matches multiple network area ranges the interface is assigned to the area for the first matching range If the...

Page 1669: ...a wildcard mask The network mask indicating the wildcard bit A 1 bit in the mask indicates a don t care condition for the corresponding bit in the address area id The ID of the area Range IPv4 address or 32 bit decimal in the range 0 4294967295 Default Configuration OSPFv2 is disabled Command Mode Router OSPF Configuration mode User Guidelines OSPF is only enabled on an interface if the primary IP...

Page 1670: ...able graceful restart Syntax nsf ietf planned only no nsf ietf ietf This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations Since the IETF implementation is the only one supported this keyword is optional planned only This keyword indicates that OSPF should only perform a graceful restart when the restart is planned i e when the restart i...

Page 1671: ... single unit router nsf helper Use the nsf helper to allow OSPF to act as a helpful neighbor for a restarting router Use the no form of this command to prevent OSPF from acting as a helpful neighbor Syntax nsf ietf helper planned only no nsf ietf helper planned only This keyword indicates that OSPF should only help a restarting router performing a planned restart Default Configuration OSPF may act...

Page 1672: ...ology change occurs Command Mode Router OSPF Configuration mode User Guidelines The restarting router is unable to react to topology changes In particular the restarting router will not immediately update its forwarding table therefore a topology change may introduce forwarding loops or black holes that persist until the graceful restart completes By exiting the graceful restart on a topology chan...

Page 1673: ... The default restart interval is 120 seconds Command Mode Router OSPF User Guidelines The grace period must be set long enough to allow the restarting router to reestablish all of its adjacencies and complete a full database exchange with each of those neighbors Example console config router nsf restart interval 180 passive interface default The passive interface default command enables the global...

Page 1674: ... set the interface as passive It overrides the global passive mode that is currently effective on the interface Use the no form of this command to set the interface as non passive Syntax passive interface vlan vlan id no passive interface vlan vlan id vlan id The VLAN number Default Configuration Passive interface mode is disabled by default Command Mode Router OSPF Configuration mode User Guideli...

Page 1675: ...outes are to be redistributed connected Specifies that connected routes are to be redistributed bgp Specifies BGP originated routes are to be redistributed rip Specifies RIP originated routes are to be redistributed static Specifies that static routes are to be redistributed connected Specifies the connected routes are to be redistributed metric value Specifies the metric to use when redistributin...

Page 1676: ...ributed for a type 2 route is always the external cost irrespective of the interior cost to reach that route Redistribution of BFG originated routes is only available on BGP capable routers Example The following example configures OSPF protocol to allow redistribution of RIP originated routes with a metric of 5 and a route tag of 555 console config router redistribute rip metric 3 metric type 1 ta...

Page 1677: ...router ospf command in Global Configuration mode to enter Router OSPF mode and globally enable OSPF Using the no form of the command disables OSPF and removes the OSPF interface and global configuration Syntax router ospf vrf vrf name no router ospf vrf name The name of the VRF if which OSPF is to be enabled If no VRF is specified OSPF is enabled for the global routing instance Default Configurati...

Page 1678: ...play information relevant to the OSPF router This command has been modified to show additional fields Syntax show ip ospf vrf vrf name vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown Syntax Description This command has no arguments or keywords Default Configuration There is no default confi...

Page 1679: ...e rules prevent routing loops when external LSAs for the same destination have been originated from different areas External LSDB Limit Shows the maximum number of non default external LSAs entries that can be stored in the link state database Exit Overflow Interval Shows the number of seconds that after entering OverflowState as defined by RFC 1765 a router will attempt to leave OverflowState Spf...

Page 1680: ...When enabled OSPF originates a type 5 LSA advertising a default route Always When this option is configured OSPF only originates a default route when the router has learned a default route from another source Metric Shows the metric for the advertised default routes If the metric is not configured this field is not configured Metric Type Shows whether the metric for the default route is advertised...

Page 1681: ...ed Shows the number of link state advertisements received determined to be new instantiations LSA Count The number of LSAs in the link state database MaximumNumber of LSAs The limit on the number of LSAs that the router can store in its link state database LSA High Water Mark The maximum number of LSAs that have been in the link state database since OSPF began operation AS Scope LSA Flood List Len...

Page 1682: ...revious graceful restart ended Possible values are Not attempted In progress Completed Timed out Topology change and Manual clear NSF Helper Support Whether this router is configured to act as a graceful restart helpful neighbor Possible values are Helper Support Always Disabled or Planned NSF Helper Strict LSA Checking As a graceful restart helpful neighbor whether to terminate the helper relatio...

Page 1683: ...LSA Checksum 0 AS_OPAQUE LSA Count 0 AS_OPAQUE LSA Checksum 0 New LSAs Originated 25 LSAs Received 7 LSA Count 4 Maximum Number of LSAs 18200 LSA High Water Mark 4 Retransmit List Entries 0 Maximum Number of Retransmit Entries 72800 Retransmit Entries High Water Mark 2 NSF Support Disabled NSF Restart Interval 120 NSF Restart Status Not Restarting NSF Restart Age 0 seconds NSF Restart Exit Reason ...

Page 1684: ...rtise Disabled Always FALSE Metric Not configured Metric Type External Type 2 Number of Active Areas 2 2 normal 0 stub 0 nssa ABR Status Enable ASBR Status Disable Stub Router Status Inactive Stub Router Reason reason Stub Router Time Remaining duration seconds External LSDB Overflow FALSE External LSA Count 0 External LSA Checksum 0 AS_OPAQUE LSA Count 0 AS_OPAQUE LSA Checksum 0 New LSAs Originat...

Page 1685: ...ion This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The VRF identified in the parameter must have been previously created or an error is returned The VRF parameter is only available on the N3000 N3100 N4000 series switches Example console show ip ospf abr Type Router Id Cost Area ID Next Hop Next H...

Page 1686: ...onfiguration mode and all Configuration submodes User Guidelines The VRF identified in the parameter must have been previously created or an error is returned The VRF parameter is only available on the N3000 N3100 N4000 series switches Example 1 The following example displays OSPF router information console show ip ospf area 10 AreaID 0 0 0 10 External Routing Import External LSAs Spf Runs 0 Area ...

Page 1687: ...nsole show ip ospf area 1 AreaID 0 0 0 1 External Routing Import External LSAs Spf Runs 10 Area Border Router Count 0 Area LSA Count 3004 Area LSA Checksum 0x5e0abed Flood List Length 0 Import Summary LSAs Enable show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes ASBR This command takes no options Syntax show ip osp...

Page 1688: ...n about the link state database when OSPF is enabled If parameters are entered the command displays the LSA headers Use the optional parameters to specify the type of link state advertisements to display Syntax show ip ospf vrf vrf name area id database asbr summary external network nssa external router summary ls id adv router ip address self originate opaque area opaque as opaque link vrf name T...

Page 1689: ...ted opaque area Display the area opaque LSAs opaque as Display AS opaque LSAs opaque link Display link opaque LSAs Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines Information is only displayed if OSPF is enabled The VRF identified in the parameter must have been previously cre...

Page 1690: ...0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1360 80000007 242e Summary ASBR States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1361 80000006 183a Link Opaque States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1361 80000005 ef59 Area Opaque States Area 0 0 0 0 Link Id Adv Router Age Sequence ...

Page 1691: ...e summary vrf vrf name vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The VRF identified in the parameter must...

Page 1692: ...ue Area 0 Subtotal 0 Router database summary Network Shows Total number of network LSAs in the OSPF link state database Summary Net Shows Total number of summary network LSAs in the database Summary ASBR Shows Number of summary ASBR LSAs in the database Type 7 Ext Shows Total number of Type 7 external LSAs in the database Self Originated Type 7 Shows Total number of self originated AS external LSA...

Page 1693: ...ocking Syntax show ip ospf interface vrf vrf name vlan vlan id loopback loopback id loopback id A configured loopback interface identifier Range 0 7 vlan id A configured VLAN identifier Range 0 4093 vrf name The name of the VRF instance on which the command operates If no vrf parameter is given information for the default global router instance is shown Default Configuration This command has no de...

Page 1694: ...mputed Passive Status Non passive interface OSPF Mtu ignore Disable State designated router Designated Router 1 1 1 1 Backup Designated Router 0 0 0 0 Number of Link Events 2 Example 2 The following example shows the configuration of flood blocking console show ip ospf interface gi2 0 11 IP Address 172 20 11 2 Subnet Mask 255 255 255 0 Secondary IP Address es OSPF Admin Mode Enable OSPF Area ID 0 ...

Page 1695: ... no VRF parameter is given information for the default global router instance is shown Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The VRF identified in the parameter must have been previously created or an error is returned The VRF parameter is only available on the N3000...

Page 1696: ...ation is only displayed if OSPF is enabled Syntax show ip ospf interface stats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the ospf statistics for V...

Page 1697: ...ed in version 6 2 0 1 firmware Field Description Total self originated LSAs The number of LSAs the router is currently originating Average LSAs per group The number of self originated LSAs divided by the number of LSA groups The number of LSA groups is the refresh interval 1800 seconds divided by the pacing interval configured with timers pacing lsa group plus two Pacing group limit The maximum nu...

Page 1698: ... 779 106 780 839 122 840 899 110 900 959 99 960 1019 135 1020 1079 101 1080 1139 94 1140 1199 115 1200 1259 110 1260 1319 111 show ip ospf neighbor Use the show ip ospf neighbor command to display locally derived information about OSPF neighbors The information below only displays if OSPF is enabled and the interface has a neighbor Syntax show ip ospf neighbor vrf vrf name interface type interface...

Page 1699: ...only available on the N3000 N3100 N4000 series switches The following information is output Field Description Interface The name of the interface on which the adjacency is formed Neighbor IP Address The IPv4 address on the neighbor s interface used to form the adjacency Interface Index The SNMP interface index Area Id The OSPF area in which the adjacency is formed Options The options advertised by...

Page 1700: ...neighbor s retransmit queue waiting for the neighbor to acknowledge Restart Helper Status One of two values Helping This router is acting as a helpful neighbor to this neighbor A helpful neighbor does not report an adjacency change during graceful restart but continues to advertise the restarting router as a FULL adjacency A helpful neighbor continues to forward data packets to the restarting rout...

Page 1701: ...grace LSA it sets the Restart Reason to Software Restart on a planned warm restart when the initiate failover command is invoked and to Unknown on an unplanned warm restart Remaining Grace Time The number of seconds remaining in the current graceful restart interval This row is only included if the router is currently acting as a restart helper for the neighbor Restart Exit Reason One of the follo...

Page 1702: ...o display information about the area ranges for the specified area id Syntax show ip ospf range vrf vrf name area id vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown area id Identifies the OSPF area whose ranges are being displayed Range IP address or decimal from 0 4294967295 Default Config...

Page 1703: ...s the SPF has run for each OSPF area A table follows this information For each of the 15 most recent SPF runs the table lists how long ago the SPF ran how long the SPF took and the reasons why the SPF was scheduled Syntax show ip ospf statistics vrf vrf name vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router in...

Page 1704: ...s and seconds hh mm ss Intra The time taken to compute intra area routes in milliseconds Summ The time taken to compute inter area routes in milliseconds Ext The time taken to compute external routes in milliseconds SPF Total The total time to compute routes in milliseconds The total may exceed the sum of the Intra Summ and Ext times RIB Update The time from the completion of the routing table cal...

Page 1705: ...0 X 00 01 25 0 30 50 110 310 SN 00 01 22 0 0 40 50 260 SN 00 01 19 0 0 20 20 190 X 00 01 16 0 0 0 0 110 R X show ip ospf stub table Use the show ip ospf stub table command to display the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch Syntax show ip ospf stub table vrf vrf name vrf name The name of the VRF instance on which the command operates If ...

Page 1706: ...to display OSPFv2 packet and LSA statistics and OSPFv2 message queue statistics Packet statistics count packets and LSAs since OSPFv2 counters were last cleared using the clear ip ospf counters command NOTE Note that the clear ip ospf counters command does not clear the message queue high water marks Syntax show ip ospf traffic vrf vrf name vrf name The name of the VRF instance on which the comman...

Page 1707: ...ived since OSPF counters were last cleared LSAs Retransmitted The number of LSAs retransmitted by this router since OSPF counters were last cleared LS Update Max Receive Rate The maximum rate of LS Update packets received during any 5 second interval since OSPF counters were last cleared The rate is in packets per second LS Update Max Send Rate The maximum rate of LS Update packets transmitted dur...

Page 1708: ...al links Use the show ip ospf virtual links command to display the OSPF Virtual Interface information for a specific area and neighbor or for all neighbors Syntax show ip ospf virtual links vrf vrf name area id neighbor id vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the default global router instance is shown area id Identifies t...

Page 1709: ...OSPF Virtual Interface information for area 10 and its neighbor console show ip ospf virtual links 10 192 168 2 2 Area ID 10 Neighbor Router ID 192 168 2 2 Hello Interval 10 Dead Interval 655555 Iftransit Delay Interval 1 Retransmit Interval 5 State down Metric 0 Neighbor State down Authentication Type MD5 Authentication Key test123 Authentication Key ID 100 show ip ospf virtual links brief Use th...

Page 1710: ...t Transit Area ID Neighbor Interval Interval Interval Delay 0 0 0 2 5 5 5 5 10 40 5 1 timers pacing flood Use the timers pacing flood command to adjust the rate at which OSPFv2 sends LS Update packets Use the no form of the command to return the timer pacing to the default value Syntax timers pacing flood milliseconds no timers pacing flood milliseconds The average time between transmission of LS ...

Page 1711: ...shed The range for the pacing group window is from 10 to 1800 seconds Default Configuration The default timer pacing is 60 seconds Command Mode OSPFv2 Global Configuration mode User Guidelines OSPF refreshes self originated LSAs approximately once every 30 minutes When OSPF refreshes LSAs it considers all self originated LSAs whose age is from 1800 to 1800 plus the pacing group size Grouping LSAs ...

Page 1712: ...d time no timers spf delay time SPF delay time Range 0 65535 seconds hold time SPF hold time Range 0 65535 seconds Default Configuration The default value for delay time is 5 The default value for hold time is 10 Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the SPF delay and hold time console config router ...

Page 1713: ...rea nssa default info originate Router OSPFv3 Config default metric ipv6 ospf transmit delay show ipv6 ospf asbr area nssa no redistribute distance ospf ipv6 router ospf show ipv6 ospf border routers area nssa no summary enable maximum paths show ipv6 ospf database area nssa translator role exit overflow interval nsf show ipv6 ospf database database summary area nssa translator stab intv external ...

Page 1714: ...the default cost Syntax area area id default cost cost no area area id default cost areaid Valid area identifier cost Default cost Range 1 16777215 Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines area virtual link dead interval ipv6 ospf hello interval redistribute OSPFv3 show ipv6 osp...

Page 1715: ...formation originate metric metric value metric type metric type value no summary translator role role translator stab intv interval no area area id nssa no redistribution default information originate no summary translator role translator stab intv area id Identifies the OSPFv3 stub area to configure Range IP address or decimal from 0 4294967295 metric value Specifies the metric of the default rou...

Page 1716: ...10 nssa The following example configures the metric value and type for the default route advertised into the NSSA and configures the NSSA so that summary LSAs are not advertised into the NSSA console config router area 20 nssa default info originate metric 250 metric type 2 no summary area nssa default info originate Router OSPFv3 Config Use the area nssa default info originate command in Router O...

Page 1717: ...Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the default metric value for the default route advertised into the NSSA console config ipv6 router ospf console config rtr area 1 nssa default info originate area nssa no redistribute Use the area nssa no redistribute command in Router OSPFv3 Configuration mode to configure...

Page 1718: ...ributed to the NSSA console config ipv6 router ospf console config rtr area 1 nssa no redistribute area nssa no summary Use the area nssa no summary command in Router OSPFv3 Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA Use the no form of the command to remove the configuration Syntax area areaid nssa no summary no area area id nssa no summary areai...

Page 1719: ...ranslator role of the NSSA Use the no form of the command to remove the configuration Syntax area areaid nssa translator role always candidate no area areaid nssa translator role areaid Valid OSPF area identifier always Causes the router to assume the role of the translator the instant it becomes a border router candidate Causes the router to participate in the translator election process when it ...

Page 1720: ...to perform its duties after it determines that its translator status has been deposed by another router Syntax area areaid nssa translator stab intv seconds no area areaid nssa translator stab intv areaid Valid OSPF area identifier seconds Translator stability interval of the NSSA Range 0 3600 seconds Default Configuration This command has no default configuration Command Mode Router OSPFv3 Config...

Page 1721: ...d as a type 5 external LSA Use the no form of the command to remove the summary prefix configuration for routes learned in the specified area Syntax area area id range ipv6 prefix prefix length summarylink nssaexternallink advertise not advertise no area area id range ipv6 prefix prefix length summarylink nssaexternallink areaid Valid OSPFv3 area identifier ipv6 prefix prefix length Valid route pr...

Page 1722: ...hat AS External LSAs are not propagated into the area Removing AS External LSAs and Summary LSAs can significantly reduce the size of the link state database of routers within the stub area Syntax area area id stub no summary no area area id stub no summary area id Valid OSPFv3 area identifier no summary Disable the import of Summary LSAs for the stub area identified by area id Default Configurati...

Page 1723: ...figuration mode User Guidelines This command has no user guidelines Example The following example prevents Summary LSAs from being advertised into the area 1 NSSA console config ipv6 router ospf console config rtr area 1 stub no summary area virtual link Use the area virtual link command in Router OSPFv3 Configuration mode to create the OSPF virtual interface for the specified area id and neighbor...

Page 1724: ...irtual interface Range 1 65535 dead interval seconds Number of seconds to wait before the OSPF virtual interface on the virtual interface is assumed to be dead Range 1 65535 retransmit interval seconds The number of seconds to wait between retransmitting LSAs if no acknowledgment is received Range 0 3600 transmit delay seconds Number of seconds to increment the age of the LSA before sending based ...

Page 1725: ...nterface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 dead interval 20 hello interval 20 retransmit interval 20 transmit delay 20 area virtual link dead interval Use the area virtual link dead interval command in Router OSPFv3 Configuration mode to configure the dead interval for the OSPF virtual interface on the virtual interface i...

Page 1726: ... hello interval Use the area virtual link hello interval command in Router OSPFv3 Configuration mode to configure the hello interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor hello interval seconds no area areaid virtual link neighbor hello interval areaid Valid OSPFv3 area identifier neighbor Router ID of nei...

Page 1727: ...irtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor retransmit interval seconds no area areaid virtual link neighbor retransmit interval areaid Valid OSPFv3 area identifier neighbor Router ID of neighbor seconds Retransmit interval Range 0 3600 Default Configuration 5 is the default value for seconds Command Mode Router OSPFv3 Configuration mode User Guideli...

Page 1728: ... Default Configuration 1 is the default value for seconds Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures a 20 second transmit delay for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 transmit ...

Page 1729: ... default metric is none and the default type is 2 Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example controls the advertisement of default routes by defining a metric value of 100 and metric type 2 console config ipv6 router ospf console config rtr default information originate metric 100 metric type 2 default metric Use ...

Page 1730: ...fig rtr default metric 100 distance ospf The distance ospf command sets the preference values of OSPF route types in the router Lower route preference values are preferred when determining the best route The type of OSPF route can be intra inter external All the external type routes are given the same preference value Use the no form of this command to reset the preference values to the default Sy...

Page 1731: ...g example sets a route preference value of 100 for intra OSPF in the router console config ipv6 router ospf console config rtr distance ospf intra 100 enable Use the enable command in Router OSPFv3 Configuration mode to enable administrative mode of OSPF in the router active Syntax enable no enable Default Configuration Enabled is the default state Command Mode Router OSPFv3 Configuration mode Use...

Page 1732: ...mpting to leave the Overflow State This allows the router to originate non default AS external LSAs again When set to 0 the router will not leave Overflow State until restarted Syntax exit overflow interval seconds no exit overflow interval seconds Exit overflow interval for OSPF Range 0 2147483647 Default Configuration 0 is the default value for seconds Command Mode Router OSPFv3 Configuration mo...

Page 1733: ...he external LSDB limit MUST be set identically in all routers attached to the OSPF backbone and or any regular OSPF area Syntax external lsdb limit limit no external lsdb limit limit External LSDB limit for OSPF Range 1 2147483647 Default Configuration 1 is the default value for limit Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The foll...

Page 1734: ...pf ipv6 ospf area Use the ipv6 ospf area areaid command in Interface Configuration mode to set the OSPF area to which the specified router interface belongs Syntax ipv6 ospf area areaid no ipv6 ospf area areaid areaid Is a 32 bit integer formatted as a 4 digit dotted decimal number or a decimal value It uniquely identifies the area to which the interface connects Assigning an area id which does no...

Page 1735: ...in Interface Configuration mode to configure the cost on an OSPF interface Use the no form of the command to return the cost to the default value Syntax ipv6 ospf cost interface cost no ipv6 ospf cost interface cost Specifies the cost link state metric of the OSPF interface Range 1 65535 Default Configuration 10 is the default link state metric configuration Command Mode Interface Configuration VL...

Page 1736: ... is down The value for the length of time must be the same for all routers attached to a common network This value should be some multiple of the Hello Interval i e 4 Range 1 65535 Default Configuration 40 seconds is the default value of seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the ...

Page 1737: ...tion VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF hello interval at 15 seconds console config interface vlan 15 console config if vlan15 ipv6 ospf hello interval 15 ipv6 ospf mtu ignore Use the ipv6 ospf mtu ignore command in Interface Configuration mode to disable OSPF maximum transmission unit MTU mismatch detection Use...

Page 1738: ...shed Example The following example disables OSPF maximum transmission unit MTU mismatch detection console config interface vlan 15 console config if vlan15 ipv6 ospf mtu ignore ipv6 ospf network Use the ipv6 ospf network command in Interface Configuration mode to change the default OSPF network type for the interface Use the no form of the command to return the network setting to the default value...

Page 1739: ... The following example changes the default OSPF network type to point to point console config interface vlan 15 console config if vlan15 ipv6 ospf network point to point ipv6 ospf priority Use the ipv6 ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface Use the no form of the command to return the priority to the default value Syntax ip...

Page 1740: ...terval seconds no ipv6 ospf retransmit interval seconds The number of seconds between link state advertisement retransmissions for adjacencies belonging to this router interface This value is also used when retransmitting database description and link state request packets Range 0 to 3600 seconds Default Configuration 5 seconds is the default value Command Mode Interface Configuration VLAN Tunnel ...

Page 1741: ...erface Range 1 to 3600 seconds Default Configuration No default value Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF Transmit Delay at 100 seconds for VLAN 15 console config interface vlan 15 console config if vlan15 ipv6 ospf transmit delay 100 ipv6 router ospf Use the ipv6 router ospf ...

Page 1742: ... OSPFv3 console config ipv6 router ospf maximum paths Use the maximum paths command in Router OSPFv3 Configuration mode to set the number of paths that OSPF can report for a given destination Syntax maximum paths maxpaths no maximum paths maxpaths Number of paths that can be reported Range 1 2 Default Configuration 2 is the default value for maxpaths Command Mode Router OSPFv3 Configuration mode U...

Page 1743: ...icates that OSPF should only perform a graceful restart when the restart is planned i e when the restart is a result of the initiate failover command Default Configuration Graceful restart is disabled by default Command Mode Router OSPFv3 Configuration mode User Guidelines Graceful restart works in concert with nonstop forwarding to enable the hardware to continue forwarding IPv6 packets using OSP...

Page 1744: ...nd to prevent OSPF from acting as a helpful neighbor Syntax nsf helper planned only no nsf helper planned only This keyword indicates that OSPF should only help a restarting router performing a planned restart Default Configuration OSPF may act as a helpful neighbor for both planned and unplanned restarts Command Mode Router OSPFv3 Configuration mode User Guidelines The grace LSA announcing the gr...

Page 1745: ...logy change occurs Command Mode Router OSPFv3 Configuration mode User Guidelines The restarting router is unable to react to topology changes In particular the restarting router will not immediately update its forwarding table therefore a topology change may introduce forwarding loops or black holes that persist until the graceful restart completes By exiting the graceful restart on a topology cha...

Page 1746: ...ration The default restart interval is 120 seconds Command Mode Router OSPFv3 Configuration mode User Guidelines The grace period must be set long enough to allow the restarting router to reestablish all of its adjacencies and complete a full database exchange with each of those neighbors passive interface Use the passive interface command to set the interface or tunnel as passive It overrides the...

Page 1747: ...sive mode by default for all interfaces It overrides any interface level passive mode Use the no form of this command to disable the global passive mode by default for all interfaces Any interface previously configured to be passive reverts to non passive mode Syntax passive interface default no passive interface default Default Configuration Global passive mode is disabled by default Command Mode...

Page 1748: ...inated routes are to be redistributed metric value Metric value used for default routes Range 0 16777214 tag value Insert the specified tag value into redistributed routes route tag Filter redistributed routes using the specified route map Default Configuration The default tag value is 0 There is no default metric or route map configured Command Mode Router OSPFv3 Configuration mode User Guideline...

Page 1749: ...entifying the Router OSPF ID Syntax router id router id router id Router OSPF identifier Range 0 4294967295 Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example sets a 4 digit dotted decimal number identifying the Router OSPF ID as 2 3 4 5 console config ipv6 r...

Page 1750: ...OSPF Admin Mode Shows whether OSPF is administratively enabled or disabled External LSDB Limit Shows the maximum number of non default external LSAs entries that can be stored in the link state database Exit Overflow Interval Shows the number of seconds that after entering OverflowState as defined by RFC 1765 a router will attempt to leave OverflowState AutoCost Ref BW The configured autocost refe...

Page 1751: ... redistribute routes learned by other protocols or disabled if the router is not configured for the same Stub Router OSPF enters stub router mode as described in RFC 3137 when it encounters a resource limitation that prevents it from computing a complete routing table In this state OSPF sets the link metrics of non stub links in its own router LSAs to the largest possible value discouraging other ...

Page 1752: ...lists at one time NSF Support Whether graceful restart is administratively enabled Possible values are Support Always Disabled or Planned NSF Restart Interval The number of seconds a helpful neighbor allows a restarting router to complete its graceful restart NSF Restart Status Whether the router is currently performing a graceful restart NSF Restart Age The number of seconds until a graceful rest...

Page 1753: ...isabled NSF Restart Interval 120 seconds NSF Helper Support Always NSF Helper Strict LSA Checking Enabled show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers ABR This command takes no options Syntax show ipv6 ospf abr Default Configuration This command has no default configuration Source Shows source protocol routes that are being redistributed Possible...

Page 1754: ...4 10 0 0 0 1 FE80 210 18FF FE82 8E1 vlan12 show ipv6 ospf area Use the show ipv6 ospf area command to display information about the area Syntax show ipv6 ospf area areaid areaid Identifier for the OSPF area being displayed Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This c...

Page 1755: ...ult Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show ipv6 ospf asbr Type Router Id Cost Area ID Next Hop Next Hop Intf INTRA 1 1 1 1 10 0 0 0 1 FE80 213 C4FF FEDB 6C41 vlan10 INTRA 4 4 4 4 10 0 0 0 1 FE80 210 18FF FE82 8E1 vlan12...

Page 1756: ...ea as link link state id adv router router id self originate area id Identifies a specific OSPF area for which link state database information will be displayed external Displays the external LSAs inter area Displays the inter area LSAs link Displays the link LSAs network Displays the network LSAs nssa external Displays NSSA external LSAs prefix Displays intra area Prefix LSA router Displays route...

Page 1757: ...sole show ipv6 ospf database Router Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 4 80000034 54BD V6E R B 2 2 2 2 0 2 80000044 95A5 V6E R B Network Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 2 2 2 2 636 636 80000001 8B0D V6E R Inter Network States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 1...

Page 1758: ...tr Opt 1 1 1 1 16 4 80000001 CA7C 2 2 2 2 18 3 80000001 B28D Link States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 634 441 80000003 B877 V6E R 2 2 2 2 634 433 80000003 FE6E V6E R Intra Prefix States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 6 8000003A 37C4 2 2 2 2 0 1 8000004F 439A 1 1 1 1 10634 434 80000002 440A show ipv6 ospf data...

Page 1759: ...twork 0 Inter area Prefix 0 Inter area Router 0 Type 7 Ext 0 Link 0 Intra area Prefix 0 Link Unknown 0 Area Unknown 0 AS Unknown 0 Type 5 Ext 0 Self Originated Type 5 Ext 0 Total 0 show ipv6 ospf interface Use the show ipv6 ospf interface command to display the information for the IFO object or virtual interface tables Syntax show ipv6 ospf interface interface type interface number interface type ...

Page 1760: ... 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 10 computed OSPF Mtu ignore Disable OSPF cannot be initialized on this interface show ipv6 ospf interface brief Use the show ipv6 ospf interface brief command to display brief information for the IFO object or virtual interface tables Sy...

Page 1761: ... stats command to display the statistics for a specific interface The command only displays information if OSPF is enabled Syntax show ipv6 ospf interface stats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has n...

Page 1762: ...r at Source Address 0 Invalid OSPF Packet Type 0 Packet Type Sent Received Hello 295 219 Database Description 10 14 LS Request 4 4 LS Update 521 398 LS Acknowledgment 209 282 show ipv6 ospf interface vlan Use the show ipv6 ospf interface vlan command to display OSPFv3 configuration and status information for a specific VLAN Syntax show ipv6 ospf interface vlan vlan id brief vlan id Valid VLAN ID R...

Page 1763: ...Router 1 1 1 1 Backup Designated Router 2 2 2 2 Number of Link Events 46 show ipv6 ospf neighbor Use the show ipv6 ospf neighbor command to display information about OSPF neighbors If a neighbor IP address is not specified the output displays summary information in a table If an interface or tunnel is specified only the information for that interface or tunnel displays The information below only d...

Page 1764: ...e show ipv6 ospf neighbor Router ID Priority Intf Interface State Dead ID Time console show ipv6 ospf neighbor interface tunnel 1 IP Address 2 4 6 8 ifIndex 619 OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 1 computed OSPF Mtu ignore Disable OS...

Page 1765: ...ation about the area ranges for area 1 console show ipv6 ospf range 1 Area ID IPv6 Prefix Prefix Length Lsdb Type Advertisement show ipv6 ospf stub table Use the show ipv6 ospf stub table command to display the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch Syntax show ipv6 ospf stub table Default Configuration This command has no default configur...

Page 1766: ...spf virtual link area id neighbor id brief area id Identifies the OSPF area whose virtual interface information is being displayed neighbor id Router ID of neighbor Default Configuration This command has no default configuration Command Mode User Exec Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The follow...

Page 1767: ...n for all areas in the system Syntax show ipv6 ospf virtual link brief Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the OSPF stub table console config show ipv6 ospf virtual link brief Hello Dead Ret...

Page 1768: ...t have to wait for the next periodic message Router discovery enables hosts to select from among multiple default gateways and switch to a different default gateway if an initially designated gateway goes down Commands in this Section This section explains the following commands ip irdp Use the ip irdp command in Interface Configuration mode to enable Router Discovery on an interface Use the no fo...

Page 1769: ...econds allowed between sending router advertisements from the interface Range 3 to value of maximum advertisement interval in seconds preference number Preference of the address as a default router address relative to other router addresses on the same subnet Range 2147483648 to 2147483647 address address IP address for router discovery advertisements Range 224 0 0 1 all hosts IP multicast address...

Page 1770: ...ger Integer value in seconds of the holdtime field of the router advertisement sent from this interface The holdtime must be no less than the maximum advertisement interval and cannot be greater than 9000 seconds Default Configuration The holdtime defaults to 3 times the maximum advertisement interval Command Mode Interface Configuration VLAN mode User Guidelines The holdtime is the length of time...

Page 1771: ...guration VLAN mode User Guidelines The default values of the minimum advertisement interval and the holdtime depend on the value of the maximum advertisement interval Setting the maximum advertisement interval changes the minimum advertisement interval and holdtime if those values are at their defaults so the maximum advertisement interval should always be set first If the minimum advertisement in...

Page 1772: ...advertinterval integer no ip irdp minadvertinterval integer Minimum time in seconds allowed between sending router advertisements from the interface Range 3 to value of maximum advertisement interval in seconds Default Configuration The default value is 0 75 times the maximum advertisement interval Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines E...

Page 1773: ...d Mode Interface Configuration VLAN mode User Guidelines If a subnet includes any hosts that do not accept IP multicast packets send router advertisements to the limited broadcast address Example The following example configures router discovery to send to the limited broadcast address console config interface vlan 15 console config if vlan15 ip irdp multicast ip irdp preference Use the ip irdp pr...

Page 1774: ...erface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets the ip irdp preference to 1000 for VLAN 15 console config interface vlan 15 console config if vlan15 ip irdp preference 1000 show ip irdp Use the show ip irdp command to display the router discovery information for all interfaces or for a specified interface Syntax show ip irdp vla...

Page 1775: ... and all Configuration submodes User Guidelines This command has no user guidelines Example The following example shows router discovery information for VLAN 15 console show ip irdp vlan 15 Interface Ad Mode Advertise Address Max Int Min Int Hold Time Preference vlan15 Enable 224 0 0 1 600 450 1800 0 ...

Page 1776: ...ts usefulness is limited to moderately sized networks whose physical interconnections are of similar type and speed Dell EMC Networking routing supports RIPv2 as specified in RFC 2453 Commands in this Section This section explains the following commands auto summary Use the auto summary command in Router RIP Configuration mode to enable the RIP auto summarization mode Use the no form of the comman...

Page 1777: ... Example console config router auto summary default information originate Router RIP Configuration Use the default information originate command in Router RIP Configuration mode to control the advertisement of default routes Syntax default information originate no default information originate Default Configuration The default configuration is no default information originate Command Mode Router R...

Page 1778: ...in Router RIP Configuration mode to set a default for the metric of distributed routes Use the no form of the command to return the metric to the default value Syntax default metric number value no default metric number value Metric for the distributed routes Range 1 15 Default Configuration Default metric is not configured by default Command Mode Router RIP Configuration mode User Guidelines This...

Page 1779: ...fault Configuration 15 is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example sets the route preference value of RIP in the router at 100 console config router distance rip 100 distribute list out Use the distribute list out command in Router RIP Configuration mode to specify the access list to filte...

Page 1780: ...Default Configuration This command has no default configuration Command Mode Router RIP Configuration mode User Guidelines The access list has an implicit deny all so it is advisable to have a permit statement somewhere on the access list The BGP parameter is only available in firmware versions enabled for BGP Example The following example elects access list ACL40 to filter routes received from th...

Page 1781: ...troutesaccept Use the hostroutesaccept command in Router RIP Configuration mode to enable the RIP hostroutesaccept mode Use the no form of the command to disable the RIP hostroutesaccept mode Syntax hostroutesaccept no hostroutesaccept Default Configuration Enabled is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example co...

Page 1782: ...elines Example console config if vlan2 ip rip console config if vlan2 no ip rip ip rip authentication Use the ip rip authentication command in Interface Configuration Mode to set the RIP Version 2 Authentication Type and Key for the specified VLAN Use the no form of the command to return the authentication to the default value Syntax ip rip authentication none simple key encrypt key key id no ip r...

Page 1783: ...LAN 11 console config if vlan11 ip rip authentication encrypt pass123 35 ip rip receive version Use the ip rip receive version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version s to be received Use the no form of the command to return the version to the default value Syntax ip rip receive version rip1 rip2 both none no ip rip r...

Page 1784: ...n command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version to be sent Use the no form of the command to return the version to the default value Syntax ip rip send version rip1 rip1c rip2 none no ip rip send version rip1 Send RIP version 1 formatted packets rip1c Send RIP version 1 compatibility mode which sends RIP version 2 formatted...

Page 1785: ...ic connected redistribute bgp connected static metric integer metric integer Specifies the metric to use when redistributing the route Range 0 15 match internal Adds internal matches to any match types presently being redistributed match external 1 Adds routes imported into OSPF as Type 1 external routes into any match types presently being redistributed match external 2 Adds routes imported into ...

Page 1786: ...tEthernet is 1 108 108 1 The RIP metric is a hop count with a maximum value of 15 Dell EMC Networking RIP does not support sending a tag value Redistribution of BGP originated routes is only available on BGP enabled routers Redistribution of BGP originated routes into RIP is not recommended Example console config router redistribute ospf metric 10 match nssa external 1 console config router redist...

Page 1787: ...w ip rip Use the show ip rip command to display information relevant to the RIP router Syntax show ip rip Default Configuration The command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays information relevant to the RIP router console sh...

Page 1788: ...nterface Use the show ip rip interface command to display information related to a particular RIP interface Syntax show ip rip interface vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following...

Page 1789: ...display successful results routing must be enabled per interface i e ip rip Syntax show ip rip interface brief Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays general information for each RIP interface ...

Page 1790: ...it horizon none RIP does not use split horizon to avoid routing loops simple RIP uses split horizon to avoid routing loops poison RIP uses split horizon with poison reverse increases routing packet update size Default Configuration Simple is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example does no...

Page 1791: ...o the entire system To support IPv4 to IPv6 transition Dell EMC Networking supports configured tunnels RFC 4213 and automatic 6to4 tunnels RFC 3056 6to4 tunnels are automatically formed for IPv4 tunnels carrying IPv6 traffic The automatic tunnels IPv4 destination address is derived from the 6to4 IPv6 address of the tunnel s next hop Dell EMC Networking can act as a 6to4 border router that connects...

Page 1792: ...bles the interface configuration mode for tunnel 1 console config interface tunnel 1 console config if tunnel1 show interfaces tunnel Use the show interfaces tunnel command to display the parameters related to tunnel such as tunnel mode tunnel source address and tunnel destination address Syntax show interfaces tunnel tunnel id tunnel id Tunnel identifier Range 0 7 Default Configuration This comma...

Page 1793: ...ss 1 tunnel 1 IPv6OVER4 10 254 25 14 10 254 25 10 2 tunnel 2 IPv6OVER4 10 254 20 10 tunnel destination Use the tunnel destination command in Interface Configuration mode to specify the destination transport address of the tunnel Syntax tunnel destination ip address no tunnel destination ip address Valid IPv4 address Default Configuration This command has no default configuration Command Mode Inter...

Page 1794: ...no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guidelines Example The following example specifies ipv6ip mode for tunnel 1 console config interface tunnel 1 console config if tunnel1 tunnel mode ipv6ip console config if tunnel1 tunnel mode ipv6ip 6to4 tunnel source Use the tunnel source command in Interface Configuration mode to s...

Page 1795: ...Valid interface number Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guidelines Example The following example specifies VLAN 11 as the source transport address of the tunnel console config interface tunnel 1 console config if tunnel1 tunnel source vlan 11 ...

Page 1796: ...outing including route leaking OSPF IPv4 only ARP Ping VRRP Trace route DHCP relay IP helper ICMP echo reply configuration ICMP error interval configuration VRF configuration follows the same configuration steps as the default routing instance with two additional steps creating the VRF instance and associating VLANs to the instance Existing commands that have been enabled for VRF accept an additio...

Page 1797: ...VRF console config if vlan100 ip vrf forwarding red console config if vlan100 exit 7 Routing interface moved from Default router instance to red router instance 8 Enable OSPF on the VRF assign a network and enable OSPF for the VRF console config router ospf vrf red console Config router vrf red network 192 168 0 0 0 0 0 255 area 0 console Config router vrf red router id 192 168 0 253 console Confi...

Page 1798: ...d bootpdhcprelay maxhopcount ip dhcp snooping limit bootpdhcprelay minwaittime ip dhcp snooping log invalid ip dhcp snooping trust ip dhcp snooping verify mac address ip dhcp relay information check ip helper address global configuration ip dhcp relay information check reply ip helper address interface configuration ip dhcp relay information option ip icmp echo reply ip dhcp relay information opti...

Page 1799: ...ided there is enough free space in the router s total routing table Syntax ip vrf vrf name no ip vrf vrf name vrf name The name of a VRF The name must consist of printable ASCII characters other than a question mark and may not have leading or trailing spaces Spaces may be included if the name is enclosed in quotes The maximum length of a VRF name is 32 characters Default Configuration A single gl...

Page 1800: ...onsole Config vrf Blue ip routing Console Config vrf Blue exit ip vrf forwarding This command associates an interface with a VRF instance Use the no form of the command to associate the interface with the global routing table Syntax ip vrf forwarding vrf name no ip vrf forwarding vrf name The name of the VRF with which to associate the interface Default Configuration All interfaces are members of ...

Page 1801: ... 200 exit console config interface range te1 0 1 2 console config if switchport mode trunk console config if exit console config interface vlan 100 console config if vlan100 ip vrf forwarding Red console config if vlan100 exit console config interface vlan 200 console config if vlan100 ip vrf forwarding Blue console config if vlan100 exit maximum routes This command reserves the number of routes a...

Page 1802: ...epends on the platform and the selected SDM template Refer to the Platforms Constants table in the Users Configuration Guide for the maximum routes available for the selected combination of platform and SDM template If a size larger than the total routing table size is given the size is silently truncated to the maximum routing table size Example The following example reserves 100 routes for VRF R...

Page 1803: ...s User Guidelines The VRF identified in the parameter must have been previously created or an error is returned If no VRF name is given the global routing instances and all other VRF instances are shown This command is only available on the N3000 N3100 N4000 switches Example console config show ip vrf Number of VRs 3 Name Identifier Route Distinguisher Red 2 2 200 Blue 4 4 400 Green 3 3 300 consol...

Page 1804: ...4 Export VPN route target communities None Import VPN route target communities None console Config show ip vrf Red VRF Identifier 2 Description India office bangalore Route Distinguisher 2 200 Maximum Routes 512 Warning only TRUE ...

Page 1805: ...is elected in its place and starts handling traffic sent to the address This change is transparent to end stations VRRP increases the availability of the default path without requiring configuration of dynamic routing or router discovery protocols on every end station Multiple virtual routers can be defined on a single router interface Pingable VRRP Interface RFC 3768 specifies that a router may o...

Page 1806: ... to ICMP Echo Requests When Echo Replies are disabled using that option the VRRP master does not respond to Echo Requests even if this new option is enabled VRRP Route Interface Tracking The VRRP Route Interface Tracking feature extends the capability of the Virtual Router Redundancy Protocol VRRP to allow tracking of specific route interface IP states within the router that can alter the priority...

Page 1807: ...A tracked route is considered up when a routing table entry exists for the route and the route is accessible For route tracking make VRRP a best route client of RTO When a tracked route is added or deleted change the priority For simplicity routes are not distinguished with the next hop interface that has VRRP enabled So VRRP Route Tracking can ignore route modifications Commands in this Section T...

Page 1808: ... is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables VRRP protocol on the router console config ip vrrp vrrp accept mode Use the vrrp accept mode command in Interface VLAN Configuration mode to enable the VRRP Master to accept ping packets sent to one of the virtual router s IP addresses from an ext...

Page 1809: ...alue for the virtual router configured on a specified interface Use the no form of the command to return the authentication type to the default value Syntax vrrp group authentication none simple key no vrrp group authentication group The virtual router identifier Range 1 255 none Indicates authentication type is none simple Authentication type is a simple text password key The key for simple authe...

Page 1810: ...rrp group description text no vrrp group description group The virtual router identifier Range 1 255 text Description for the virtual router group up to 80 characters Default Configuration No description is present Command Mode Interface Configuration VLAN mode User Guidelines This command accepts any printable characters for the name other than a question mark Descriptions containing spaces must ...

Page 1811: ...ondary IP address on an interface Default Configuration VRRP is not configured on the interface Command Mode Interface Configuration VLAN mode User Guidelines The virtual router IP addresses must be a valid host address on the local subnet based on the IP address and subnet mask configured on the VLAN interface The VRRP IP address cannot be either the broadcast address or a network address To conf...

Page 1812: ...e the vrrp mode command in Interface Configuration mode to enable the virtual router configured on an interface Enabling the status field starts a virtual router Use the no form of the command to disable the virtual router Syntax vrrp vr id mode no vrrp vr id mode vr id The virtual router identifier Range 1 255 Default Configuration Disabled is the default configuration Command Mode Interface Conf...

Page 1813: ... the default configuration Delay defaults to 0 seconds Command Mode Interface Configuration VLAN mode User Guidelines As per the VRRP RFC when preemption is enabled the backup router discards the advertisements until the masterdowntimer starts This feature requires immediate sending of advertisements when the preemption case occurs and the delay is 0 This is a violation according to the RFC 3768 D...

Page 1814: ...RRP router with the highest numerical value for priority will become the VR master When the VRRP priorities are equal the router with the numerically highest IP address will win the election and become master If the VRRP router is the owner of the VR IP address its priority will be 255 and this value cannot be changed Example The following example sets the priority value for the virtual router 5 o...

Page 1815: ...ollowing example sets the frequency at which the VLAN 15 virtual router 5 sends a virtual router advertisement console config if vlan15 vrrp 5 timers advertise 10 vrrp timers learn Use the vrrp timers learn command in Interface Configuration mode to configure the router when it is acting as backup virtual router for a Virtual Router Redundancy Protocol VRRP group to learn the advertisement interva...

Page 1816: ...nterface is up if routing on that interface is up Otherwise the tracked interface is down When the tracked interface is down or the interface has been removed from the router the priority of the VRRP router will be decremented by the value specified in the priority argument When the interface is up for the IP protocol the priority will be incremented by the priority value A VRRP configured interfa...

Page 1817: ...racked The default decrement priority is 10 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example adds VLAN 2 to the virtual router tracked list with a priority decrement value of 20 config if vlan10 vrrp 1 track interface vlan 2 decrement 20 vrrp track ip route Use the vrrp track ip route command to track the route reachab...

Page 1818: ...x length group The virtual router identifier Range 1 255 ip address prefix length Specifies the route to be tracked priority Priority decrement value for the tracked route Range 1 254 Default Configuration There are no routes tracked by default The default decrement priority is 10 Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example T...

Page 1819: ...e The following example displays detailed VRRP status console show vrrp Admin Mode Enable Router Checksum Errors 0 Router Version Errors 0 Router VRID Errors 0 Vlan 7 Group 1 Primary IP Address 192 168 5 55 VMAC Address 0000 5E00 0101 Authentication Type None Priority 60 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Enable Pre empt Mode Enable Pre empt Delay Enable Administrat...

Page 1820: ...rack Route DecrementPriority 20 console show vrrp brief Interface Grp Prio IP Address Mode State V1 1 2 60 0 0 0 0 Disable Initialize V1 2 5 70 192 168 5 55 Enable Initialize show vrrp interface Use the show vrrp interface command in User Exec or Privileged Exec mode to display all configuration information and VRRP router statistics of a virtual router configured on a specific interface Syntax sh...

Page 1821: ...ation Type None Priority 100 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Disable Pre empt Mode Enable Pre empt Delay 0 Administrative Mode Enable State Initialized Timers Learn Mode Disable Description GoodStuff The following example displays all configuration information about the virtual router on the selected interface console show vrrp interface brief Interface VRID IP A...

Page 1822: ...eived 0 Advertisement Interval Errors 0 Authentication Failure 0 IP TTL Errors 0 Zero Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 ...

Page 1823: ...rviceability Commands Time Ranges Commands CLI Macro Commands HiveAgent Commands Sflow Commands USB Flash Drive Commands Clock Commands IP Addressing Commands SNMP Commands User Interface Commands Command Line Configuration Scripting Commands Line Commands SupportAssist Commands Web Server Commands Configuration and Image File Commands PHY Diagnostics Commands SYSLOG Commands DHCP Client Commands ...

Page 1824: ... is started as a Linux process for the application start on boot Start the application every time the switch boots up Takes affect on the subsequent reboot after set Omit this keyword from the command to disable starting application at boot time auto restart Automatically restart the application s process es if they stop running Omit this keyword from the command to disable automatic restart of th...

Page 1825: ...length The name specified in the application name parameter must match the filename output of the show application command exactly Application names are case sensitive Command History Introduced in version 6 3 0 1 firmware Example console config no application install support assist This action will terminate the support assist agent and remove it permanently from the switch Are you sure you wish ...

Page 1826: ...ilename output of the show application command exactly Application names are case sensitive Example console application start support assist Command History Introduced in version 6 3 0 1 firmware Example added in the 6 4 release application stop Use the application stop command to stop an application if the application is executing on the stack master Syntax application stop application name appli...

Page 1827: ...t This action will terminate the support assist agent Are you sure you wish to continue Y N show application Use the show application command to display installed applications and optionally display application files Syntax show application files files Displays the files present in the application directory of the switch s file system These applications may or may not be installed Default Configur...

Page 1828: ...he application start on boot Yes or No stating if the application is configured to start on boot auto restart Yes or No stating if the application is configured to restart when the application process ends Max CPU Util Configured application CPU utilization limit expressed as a percentage None if unlimited Max memory Configured application memory limit in megabytes None if unlimited Parameter Defi...

Page 1829: ...mage from TFTP server using DHCP option 125 The image update can result in a downgrade or upgrade of the firmware on the switch or stack of switches 2 Support for automatic download of a configuration file from a TFTP server when the device is booted with no saved configuration file located in designated storage This release extends the designated storage to USB flash drives In previous releases t...

Page 1830: ...py sw no boot auto copy sw Default Configuration Stack firmware synchronization is disabled by default Command Mode Global Config User Guidelines The configuration on the master switch controls the stack as if it is a single switch No configuration steps need to be taken on the member switches to synchronize the firmware boot auto copy sw boot host retry count boot auto copy sw allow downgrade boo...

Page 1831: ...tch controls the stack as if it is a single switch No configuration steps need to be taken on the member switches to downgrade the firmware Configuration migration during a downgrade is not assured The operator should ensure that the configuration can be downgraded before allowing the downgrade to occur or otherwise take steps to reconfigure the switches During a downgrade meta data regarding the ...

Page 1832: ...alue is enabled Command Mode Global Configuration mode User Guidelines The configuration on the master switch controls the stack as if it is a single switch No configuration steps need to be taken on the member switches to enable rebooting the member switches after auto image download Example console console configure console config boot host auto reboot console config no boot host auto reboot boo...

Page 1833: ...ode to enable Auto Install and Auto Configuration on the switch When a switch boots with a saved startup configuration that includes this command the Auto Install process is triggered Use the no form of this command to disable Auto Install on the next reboot if the reboot occurs with a saved startup configuration If you give this command while the Auto Install process is running the Auto Install p...

Page 1834: ...download a configuration Use the no form of this command to reset the number of attempts to download a configuration to the default Syntax boot host retry count count no boot host retry count count The number of attempts to download a configuration Range 1 6 Default Configuration The default number of configuration download attempts is 6 Command Mode Global Configuration mode User Guidelines This ...

Page 1835: ...efault configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The show switch command also displays the switch firmware synchronization status Example console show auto copy sw Stack Firmware Synchronization Synchronization Enabled SNMP Trap status Enabled Allow Downgrade Enabled show boot Use the show boot command to display the au...

Page 1836: ...lobal Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show boot Auto Install Mode Enabled AutoInstall Operational Mode Disabled Auto Install State AutoInstall is completed The host retry count value is 6 Auto Save mode is Disabled Auto Reboot mode is Enabled ...

Page 1837: ...ed Macros or Custom Macros the macros which allow the operator to bundle some prerequisites or global configurations as a macro and then apply them to one or more interfaces at a time which can then be copied or used by other switches Up to 50 user defined macros are supported The software includes 6 built in macros profile global the global configuration used to enable RSTP and loop guard profile...

Page 1838: ...name The name of the macro A macro name can consist of any printable characters including blanks and excluding question marks A macro name may be up to 31 characters in length Embed the name in quotes if a blank is desired in the name Use the no form of the command to delete a macro Default Configuration The following macros are defined by default and may not be deleted or altered macro name macro...

Page 1839: ...ext strings that begin with a dollar sign Parameters are substituted by specifying the parameter on the command line when the macro is applied Macros may be applied to a specific interface a range of interfaces or to the global configuration Up to 50 user defined macros may be configured interface profile desktop Configure port security and spanning tree portfast for a desktop user interface profi...

Page 1840: ...e specified parameter name Default Configuration No parameters are substituted unless supplied on the command line Command Mode Global Configuration mode User Guidelines Commands applied are additive in nature That is they do not remove existing configuration information by default macro global trace Use the macro global trace command in Global Configuration mode to apply and trace a macro The tra...

Page 1841: ... encountered is printed The script is aborted after the first error Commands applied are additive in nature That is they do not remove existing configuration information by default macro global description Use the macro global description command in Global Configuration mode to append a line to the global macro description Use the no form of the command to clear the description Syntax macro global...

Page 1842: ...of the macro parameter The name of the parameter recognized by the macro The parameter must begin with a dollar sign value The string to be substituted within the macro for the specified parameter name Default Configuration No parameters are substituted unless supplied on the command line Command Mode Interface Configuration mode User Guidelines Commands applied are additive in nature That is they...

Page 1843: ...nless supplied on the command line Command Mode Interface Configuration mode User Guidelines The line number of the first error encountered is printed The script is aborted after the first error Commands applied are additive in nature That is they do not remove existing configuration information by default macro description Use the macro description command in Interface Configuration mode to appen...

Page 1844: ...command to display information about defined macros Syntax show parser macro brief description interface interface id name macro brief Shows the list of defined macros and their type description Shows the macro descriptions name Shows an individual macro including its contents macro The name of the macro to display interface id The interface for which to show the macro description Default Configur...

Page 1845: ...e indistinguishable Likewise to an NTP or SNTP client NTP and SNTP servers are indistinguishable Furthermore any version of NTP is compatible with any other version of NTP Dell EMC Networking SNTP implements the client side of SNTP Support for IPv6 address configuration is provided to the existing SNTP client The end user can configure either an IPv4 or IPv6 address or a host name for an SNTP serv...

Page 1846: ...Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines Loopback interfaces are not supported on the N1100 ON Series switches show sntp configuration sntp trusted key show sntp server sntp unicast client enable show sntp status clock set sntp authenticate clock timezone hours offset sntp authentication key no clock timezone sntp broadcast client enable cl...

Page 1847: ...rver Key Polling Priority Source Interface 10 27 128 21 Disabled Enabled 1 Loopback 1 show sntp server Use the show sntp server command to display the preconfigured SNTP servers The configured servers can be either IPv4 or IPv6 format Syntax show sntp server Default Configuration This command has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration ...

Page 1848: ...ate Status Success Total Unicast Requests 955 Failed Unicast Requests 1 Host Address 3 north america pool ntp org Address Type DNS Priority 1 Version 4 Port 123 Last Update Time Dec 22 07 30 31 2009 Last Attempt Time Dec 22 07 32 41 2009 Last Update Status Server Unsynchronized Total Unicast Requests 157 Failed Unicast Requests 2 show sntp status Use the show sntp status command to show the status...

Page 1849: ...ervers Server Status Last response pool ntp org Success 18 43 56 Mar 8 2017 23 101 187 68 Other 00 00 00 Jan 1 1970 sntp authenticate Use the sntp authenticate command in Global Configuration mode to require server authentication for received Network Time Protocol NTP traffic To disable the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration ...

Page 1850: ...le Network Time Protocol SNTP To remove the authentication key for SNTP use the no form of this command Syntax sntp authentication key key number md5 value no sntp authentication key number key number number Range 1 4294967295 value value Range 1 8 characters Default value No authentication is defined Command Mode Global Configuration mode User Guidelines This command has no user guidelines Exampl...

Page 1851: ...d Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables a Simple Network Time Protocol SNTP Broadcast client console config sntp broadcast client enable sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time for the Simple Network Time Protocol SNTP client To return to the...

Page 1852: ... command in Global Configuration mode to configure an SNTP server address or a host name The server address can be either an IPv4 address or an IPv6 address Use the no form of this command to unconfigure an SNTP server address or a host name Syntax sntp server ip address ipv6 address hostname priority priority key key_id poll no sntp server ip address ipv6 address hostname ip address IP address of...

Page 1853: ...onsole config sntp server 192 1 1 1 sntp source interface Use the sntp source interface command to select the interface from which to use the IP address in the source IP address field of transmitted SNTP packets Use the no form of the command to revert to the default IP address Syntax sntp source interface loopback loopback id vlan vlan id no sntp source interface loopback id A loopback interface ...

Page 1854: ...duced in version 6 3 0 1 firmware Example console conf console config interface vlan 1 console config if vlan1 ip address dhcp console config if vlan1 exit console config sntp source interface vlan 1 sntp trusted key Use the sntp trusted key command in Global Configuration mode to authenticate the identity of a system to which Simple Network Time Protocol SNTP will synchronize To disable authentic...

Page 1855: ...lient enable command in Global Configuration mode to enable a client to use Simple Network Time Protocol SNTP predefined Unicast clients To disable an SNTP Unicast client use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP Unicast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp server ...

Page 1856: ...ck set 19 20 31 console config clock set 04 01 2019 clock timezone hours offset Use the clock timezone hours offset minutes minutes offset zone acronym command to set the offset to Coordinated Universal Time UTC If the optional parameters are not specified they will be read as either 0 or 0 as appropriate Syntax clock timezone hours offset minutes minutes offset zone acronym hours offset Hours dif...

Page 1857: ...e config clock timezone 5 minutes 30 zone IST no clock timezone Use the no clock timezone command to reset the time zone settings Syntax no clock timezone Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines This command has no specific user guidelines Example console config no clock timezone ...

Page 1858: ... week Week of the month Range 1 5 first last day Day of the week Range The first three letters by name sun for example month Month Range The first three letters by name jan for example hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm 0 59 offset Number of minutes to add during the summertime Range 1 1440 acronym The acronym for the time zone to be displayed when summertime is in ...

Page 1859: ... Day of the month Range 1 31 month Month Range The first three letters by name jan for example year Year Range 2000 2097 hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm 0 59 offset Number of minutes to add during the summertime Range 1 1440 acronym The acronym for the time zone to be displayed when summertime is in effect Range Up to four upper or lower case alphabetic character...

Page 1860: ...me Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config no clock summer time show clock Use the show clock command to display the time and date from the system clock Use the show clock detail command to show the time zone and summertime configuration Syntax show clock detail Default Configura...

Page 1861: ...me source is SNTP The following example shows the time date timezone and summertime configuration console show clock detail 15 29 03 PDT UTC 7 Jun 17 2014 Time source is SNTP Time zone Acronym is PST Offset is UTC 7 Summertime Acronym is PDT Recurring every year Begins at first Sunday of April at 2 00 Ends at last Sunday of October at 2 00 Offset is 60 minutes The following example displays the ti...

Page 1862: ...Commands applied from a script are additive in nature That is they modify but do not automatically replace the current configuration Any valid command can be placed in a script including show commands Scripts execute in Privileged Exec mode The script author must add a command configure in order to enter Global Configuration mode Commands in this Section This section explains the following command...

Page 1863: ...h console script apply config scr script delete Use the script delete command to delete a specified script Syntax script delete scriptname all scriptname Script name of the file being deleted Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines Example The following example delete...

Page 1864: ...er Guidelines This command has no user guidelines Example The following example displays all scripts present on the switch console script list Configuration Script Name Size Bytes 0 configuration script s found 2048 Kbytes free script show Use the script show command to display the contents of a script file Syntax script show scriptname scriptname Name of the script file to be displayed Range 1 31...

Page 1865: ...Use the script validate command to validate a script file by parsing each line in the script file The validate option is intended for use as a tool in script development Validation identifies potential problems though it may not identify all problems with a given script Syntax script validate scriptname scriptname Name of the script file being validated Range 1 31 characters Default Configuration ...

Page 1866: ...Switch Management Commands 1866 Example The following example validates the contents of the script file config scr console script validate config scr ...

Page 1867: ...scripting feature allows the user to save the current Dell EMC Networking configuration in text format To modify the configuration script file follow these procedures 1 Upload the file to a personal computer 2 Edit the file 3 Download the file to a Dell EMC Networking switch 4 Apply it to the Dell EMC Networking system With this feature in place the Dell EMC Networking administrator has the flexib...

Page 1868: ... Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines Use the show bootvar command to find out which image is the active image Example console boot system unit Unit to be used for this operation If absent command executes on this node active Marks the given image as active for subsequent re boots backup Marks the given image as active for subseq...

Page 1869: ...0 6 0 0 1 6 0 0 1 clear config Use the clear config command to restore the switch to the default configuration Syntax clear config Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines Example The following example restores the switch to its default configuration console clear config copy Use the copy c...

Page 1870: ...ds system config file script filename Uploads Configuration Script file startup config Uploads Startup Config file startup log Uploads Startup Log file application filename Uploads a PYTHON application core dump filename Uploads a Core Dump file crashlog crashlog kernel crashlog data crashlog unit unit A crash log file on the stack master or a stack member Valid source URLs for downloading to the ...

Page 1871: ...nts of the source URL are copied into the clientindex key file on the switch The optional index can range from 1 8 If no index is specified the private key is placed into the client key file client ssl crt index A client certificate file The contents of the source URL are copied into the clientindex pem file on the switch The optional index can range from 1 8 If no index parameter is specified the...

Page 1872: ...ilename parameter is required for the tftp ftp scp sftp flash and usb destination URLs For an application if the optional filename parameter is given for an archive in the destination url it must have a tar or tgz extension If the destination filename is not given the destination url cont openflow ssl cert An OpenFlow client certificate file The contents of the source URL are copied into the of ce...

Page 1873: ...e kernel crash log data Only copies the crash summary data The following table lists and describes reserved keywords Reserved Keyword Description application Represents an application running config Represents the current running configuration file startup config Represents the startup configuration file startup log Represents the startup syslog file This can only be the source of a copy operation...

Page 1874: ...e bypasses adding of the script header ensuring that when a script is applied on the switch which was previously copied to the switch using the flash filename syntax a syntax error will result Script download performs syntax checking of downloaded scripts If a syntax error is detected the user is prompted to save the file If no error is detected the file is saved using the target file name tftp So...

Page 1875: ...single application to the switch use the copy source url application syntax where the source url identifies a single file The switch will extract the application file name from the source url To copy a package of related application files to the switch tar the files into an archive compressed or uncompressed The switch will unpack the tarball in the user apps directory and remove the downloaded ar...

Page 1876: ...h unit active backup current active next active 1 6 0 0 8 6 0 1 3 6 0 0 8 6 0 0 8 After the file transfer completes use the boot system command to select the new image to run Example Downloading and applying ias users file console copy tftp 10 131 17 104 aaa_users txt ias users Transfer Mode TFTP Server IP Address 10 131 17 104 File Path File Name aaa_users txt Data Type IAS Users Management acces...

Page 1877: ...to subdirectory jcm and is named crashlog txt console copy core dump 0 unit 5 tftp 10 27 9 99 jcm crashlog txt Example Application Install Install a single application file named hiveagent_pr_s into the user apps directory console copy tftp 172 25 122 22 hiveagent_pr_s application Install an application package On the source device a Linux workstation is shown here perform the following steps aggr...

Page 1878: ...2016 13 44 01 saSubmitTop pyc rw 2544 Jul 19 2016 13 44 01 saCommitUpl pyc rw 16358 Jul 19 2016 13 44 01 saUtil pyc rw 10517 Jul 19 2016 13 44 00 sa main pyc rw 12464 Jul 19 2016 13 44 01 saSendChunk pyc rw 4465 Jul 19 2016 13 44 01 saGlobal pyc rwx 74062 May 05 2016 12 17 12 hiveagent rw 3729 Jul 19 2016 13 44 01 saStartUpl pyc rwx 1143002 May 05 2016 12 17 12 hiveagent_pr_s rwx 62 Jul 19 2016 13...

Page 1879: ...p configuration startup config Deletes the startup configuration core dump file file name Delete the specified core dump file core dump file all Delete all core dump files Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines The file name may optionally include the path to the file e g delete crashlogs crash 0 Example console delete file...

Page 1880: ...rw 156 Jan 01 1970 00 03 14 dh512 pem rw 14363703 Jan 22 2022 03 36 08 image1 rw 18335232 Dec 31 2021 01 03 06 image2 rw 64 Oct 03 2029 01 46 00 logNvmSave bin rw 37549 Jan 01 1970 00 03 02 xacl1 scr rw 245 Jan 01 1970 00 03 14 dh1024 pem drwx 160 Dec 30 2021 03 24 26 user apps rw 0 Jan 28 2022 23 05 12 olog0 txt rw 2497 Jan 21 2022 22 37 38 fastpath cfg Total Size 1001914368 Bytes Used 128319488 ...

Page 1881: ...is command has no default configuration Command Mode Privileged Exec mode User Guidelines This command is not supported on USB drives filedescr Use the filedescr command to add a description to a switch image Use the no version of this command to remove the description from the filename Syntax filedescr active backup description no filedescr active backup active backup Image file description Block...

Page 1882: ...ept entries up to the first illegal character or reject the entry entirely Command History Updated in version 6 3 0 1 firmware Example The following example attaches a file description to the active image console filedescr active backedup on 03 22 05 rename Use the rename command to rename a file present in flash Syntax rename source dest source Source file name dest Destination file name Default ...

Page 1883: ... mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example shows backup config data console show backup config Current Configuration System Description Dell Networking N4032 6 0 0 0 Linux 2 6 32 9 System Software Version 6 0 0 0 Cut through mode is configured as disabled configure slot 1 0 1 Dell Networking N4032...

Page 1884: ...as no default configuration Command Mode User Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the active system image file that the device loads at startup console config show bootvar Image Descriptions active backup Images currently available on Flash unit active backup current active nex...

Page 1885: ...Display or capture the complete configuration including settings equal to the defaults interface id An interface identifier logical or physical Limits the display to the specified interface scriptname If the optional scriptname is provided the output is redirected to a script file NOTE If you issue the show running config command from a serial connection access to the switch through remote connect...

Page 1886: ...t storm control unicast level 5 no storm control unicast lacp port priority 1 lacp timeout long no classofservice trust cos queue min bandwidth 0 0 0 0 0 0 0 traffic shape 0 Kbps no switchport voice detect auto no ip dhcp snooping trust no ip dhcp snooping log invalid no dhcp l2relay no dhcp l2relay trust no ip dhcp snooping limit no ipv6 dhcp snooping trust no ipv6 dhcp snooping log invalid no ip...

Page 1887: ...tup config file console config show startup config Current Configuration System Description Dell Networking N4064F 6 1 0 1 Linux 2 6 32 9 System Software Version 6 1 0 1 Cut through mode is configured as disabled configure slot 1 0 5 Dell Networking N4064F slot 1 1 8 Dell 10GBase T Card stack member 1 4 N4064F exit interface vlan 1 exit snmp server engineid local 800002a203000277994433 exit write ...

Page 1888: ...888 Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command is equivalent to the copy running config startup config command functionally Example console write ...

Page 1889: ...igure IPv6 addresses on the same interface Only a single in band interface can be configured as a DHCPv6 client DHCP is disabled by default on all in band interfaces The DHCP client retains an IP address even if the IP interface goes down The client does not attempt to renew its IP address until the lease expires regardless of changes in link state The operator may renew or release an IP address a...

Page 1890: ...method does not change and will still be DHCP even after issuing this command To lease an IP address again issue either the renew dhcp interface id command below or ip address dhcp Interface Configuration command in interface mode If the IPv4 address on the interface was not assigned by DHCP then the command fails and displays the following error message Error Interface does not have a DHCP origin...

Page 1891: ...at it wants to continue using the IP address If DHCP is enabled on the interface but the interface does not currently have an IPv4 address for example if the address was previously released then the DHCP client sends a DISCOVER to acquire a new address If DHCP is not enabled on the interface then the command fails and displays the following error message DHCP is not enabled on this interface The r...

Page 1892: ...ce This command only applies to IP interfaces To see the IPv4 address leased on the out of band interface use the command Maximum Next Hops 16 out of band This command output provides the following information Term Description IP address Subnet mask The IP address and network mask leased from the DHCP server DHCP Lease server The IPv4 address of the DHCP server that leased the address State State ...

Page 1893: ... address 10 27 22 186 on interface Vl1 Subnet mask 255 255 252 0 DHCP lease server 10 27 192 22 State 5 Bound DHCP transaction id 0xc9e6803a Lease 2 days 23 hrs 47 mins 24 secs Renewal 1 days 11 hrs 47 mins 24 secs Rebind 2 days 14 hrs 47 mins 24 secs Retry count 0 Retry count Number of times the DHCPv4 client sent a DHCP REQUEST message to which the server did not respond Term Description ...

Page 1894: ...res and benefits It supports the definition of pools of IP addresses that can be allocated to clients by the server Many implementations use the term scope instead of pool Configuration settings like the subnet mask default router DNS server that are required to make TCP IP work correctly can be passed to the client using DHCP DHCP is supported by most TCP IP routers this allows it to allocate an ...

Page 1895: ...n successful completion this command puts the user into DHCP Pool Configuration mode Use the no form of the command to remove an address pool definition Syntax ip dhcp pool pool name ip dhcp pool dns server IP DHCP Pool Config ip dhcp ping packets service dhcp bootfile domain name IP DHCP Pool Config lease sntp clear ip dhcp binding hardware address netbios name server show ip dhcp binding clear i...

Page 1896: ... a limited period of time Automatic assignment assigns a permanent address to a client Manual static assignment simply conveys an address assigned by the administrator to the client In DHCP Pool Configuration mode the administrator can configure the address space and other parameters to be supplied to DHCP clients By default the DHCP server assumes that all addresses specified are available for as...

Page 1897: ...before specifying the host address DHCP client identifier client identifier BOOTP client MAC address hardware address Host address host Client name optional client name Examples Example 1 Manual Address Pool console config service dhcp console config ip dhcp pool Printer LP32 R1 101 console config dhcp pool client identifier 00 23 12 43 23 54 console config dhcp pool host 10 1 1 1 255 255 255 255 ...

Page 1898: ...ax bootfile filename no bootfile filename The name of the file for the DHCP client to load Default Configuration There is no default bootfile filename Command Mode DHCP Pool Configuration mode User Guidelines This command has no user guidelines Example console config dhcp pool bootfile ntldr clear ip dhcp binding Use the clear ip dhcp binding command to remove automatic DHCP server bindings Syntax...

Page 1899: ...p dhcp conflict command to remove DHCP server address conflicts Use the show ip dhcp conflict command to display address conflicts detected by the DHCP server Syntax clear ip dhcp conflict ip address Clear all automatic dhcp bindings ip address Clear a specific address conflict Default Configuration The command has no default configuration Command Mode Privileged Exec mode User Guidelines This com...

Page 1900: ... is a hexadecimal digit Default Configuration This command has no default configuration Command Mode DHCP Pool Configuration mode User Guidelines For Microsoft DHCP clients the identifier consists of the media type followed by the MAC address of the client The media type 01 indicates Ethernet media Use the show ip dhcp pool command to display pool configuration parameters Example console config dh...

Page 1901: ...nded to use embedded blanks in client names Question marks are not allowed in the client name Enclose the client name in quotes if a blank appears in the name Example console config dhcp pool client identifier 01 03 13 18 22 33 11 console config dhcp pool host 192 168 21 34 32 console config dhcp pool client name Line_Printer_Hallway default router Use the default router command in DHCP Pool Confi...

Page 1902: ...o user guidelines Example console config dhcp pool default router 192 168 22 1 192 168 23 1 dns server IP DHCP Pool Config Use the dns server command in IP DHCP Pool Configuration mode to set the IP DNS server address which is provided to a DHCP client by the DHCP server DNS server address is configured for stateless server support Syntax dns server ip address1 no dns server ip address1 A valid IP...

Page 1903: ...no domain name domain domain DHCP domain name Range 1 255 characters Default Configuration This command has no default configuration Command Mode IP DHCP Pool Configuration mode hardware address Use the hardware address command in DHCP Pool Configuration mode to specify the MAC address of a client to be manually assigned an address Use the no form of the command to remove the MAC address assignmen...

Page 1904: ...console config dhcp pool host 192 168 21 131 32 host Use the host command in DHCP Pool Configuration mode to specify a manual binding for a DHCP client host Use the no form of the command to remove the manual binding Syntax host ip address netmask prefix length no host ip address IPv4 address to be manually assigned to the host identified by the client identifier netmask An IPv4 address indicating...

Page 1905: ... mode to enable automatic BOOTP address assignment By default BOOTP clients are not automatically assigned addresses although they may be assigned a static address Use the no form of the command to disable automatic BOOTP client address assignment Use the show ip dhcp global configuration command to display the automatic address assignment configuration Syntax ip dhcp bootp automatic no ip dhcp bo...

Page 1906: ...mode User Guidelines This command has no user guidelines Example console ip dhcp conflict logging ip dhcp excluded address Use the ip dhcp excluded address command in Global Configuration mode to exclude one or more DHCP addresses from automatic assignment Use the no form of the command to allow automatic address assignment for the specified address or address range Syntax ip dhcp excluded address...

Page 1907: ...192 168 20 3 ip dhcp ping packets Use the ip dhcp ping packets command in Global Configuration mode to configure the number of pings sent to detect if an address is in use prior to assigning an address from the DHCP pool If neither ping is answered the DHCP server presumes the address is not in use and assigns the selected IP address Syntax ip dhcp ping packets 0 2 10 no ip dhcp ping packets count...

Page 1908: ...n the lease configuration to the default Use the show ip dhcp pool command to display pool configuration parameters Use the show ip dhcp binding command to display the expiration time of the leased IP address Syntax lease days hours minutes infinite no lease days The number of days for the lease duration Range 0 59 Default is 1 hours The number of hours for the lease duration Range 0 23 There is n...

Page 1909: ...le config dhcp pool exit console config show ip dhcp pool asd Pool asd Pool Type Network Network 10 0 0 0 255 0 0 0 Lease Time 1 days 12 hrs 59 mins netbios name server Use the netbios name server command in DHCP Pool Configuration mode to configure the IPv4 address of the Windows Internet Naming Service WINS for a Microsoft DHCP client Use the no form of the command to remove the NetBIOS name ser...

Page 1910: ... to set the NetBIOS node type for a Microsoft DHCP client Use the no form of the command to remove the netbios node configuration Syntax netbios node type type no netbios node type type The NetBIOS node type can be b node h node m node or p node Default Configuration There is no default NetBIOS node type configured Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool...

Page 1911: ...bits prefix length An integer indicating the number of leftmost bits in the network number to use as a prefix for allocating cells Default Configuration This command has no default configuration Command Mode IP DHCP Pool Configuration mode next server Use the next server command in DHCP Pool Configuration mode to set the IPv4 address of the TFTP server to be used during auto install Use the no for...

Page 1912: ...ary configuration information to a DHCP client Use the no form of the command to remove the option configuration Use the show ip dhcp pool command to display pool configuration parameters Syntax option code ascii string1 hex string1 string8 ip ip address1 ip address8 no option code code The DHCP TLV option code ascii string1 An ASCII character string Strings with embedded blanks must be wholly con...

Page 1913: ...yte enterprise number the data length and the sub option values For example option 125 might be written on the command line as option 125 hex 0000 02a2 1205 1061 7574 6f69 6e73 7461 6c6c 5f64 6863 70 which translates to 0x0000 Two byte pad filled in by switch option code 125 and option len 0x02A2 Dell Vendor code 674 0x12 TLV length 18 bytes 0x05 Sub option code 5 0x10 Sub option length 16 bytes 0...

Page 1914: ...elow Table 8 1 Option Codes and Lengths Option Code Fixed Length Minimum Length Multiple Of 2 Time Offset 4 4 Time Server 4 4 7 Log Server 4 4 8 Cookie Server 4 4 9 LPR Server 4 4 10 Impress Server 4 4 11 Resource Location Server 4 4 12 Host Name 1 13 Boot File Size 2 14 Merit File Dump 1 16 Swap Server 4 17 Root Path 1 18 Extensions Path 1 19 IP Forwarding Enable 1 20 Non local Source Routing 1 2...

Page 1915: ...8 8 34 Trailer Encapsulation 1 35 ARP Cache Timeout 4 36 Ethernet Encapsulation 1 37 TCP TTL 1 38 TCP Keepalive Interval 4 39 TCP Keepalive Garbage 1 40 Network Information Service 1 41 Network Information Servers 4 4 42 NTP Servers 4 4 43 Vendor Specific Information 1 45 NetBIOS Datagram Distribution 4 4 47 Netbois Scope 1 Table 8 1 Option Codes and Lengths continued Option Code Fixed Length Mini...

Page 1916: ...10 01 console config dhcp pool option 25 hex 01 ff 48 X Windows Font Server 4 4 49 X Windows Display Manager 4 4 58 Renewal Time T1 4 59 Rebinding Time T2 4 60 Vendor Class 1 64 NIS Domain 1 65 NIS Servers 4 4 66 TFTP Server 1 68 Mobile IP Home Agent 0 4 69 SMTP Server 4 4 70 POP3 Server 4 4 71 NNTP Server 4 4 72 WWW Server 4 4 73 Finger Server 4 4 74 IRC Server 4 4 75 Streettalk Server 4 4 76 STD...

Page 1917: ... Mode Global Configuration mode User Guidelines This command has no user guidelines sntp Use the sntp command in DHCP Pool Configuration mode to set the IPv4 address of the NTP server to be used for time synchronization of the client Use the no form of the command to remove the NTP server configuration Syntax sntp ip address no sntp ip address The IPv4 address of the NTP server to use for time ser...

Page 1918: ...ng Use the show ip dhcp binding command to display the configured DHCP bindings Syntax show ip dhcp binding address address A valid IPv4 address Default Configuration The command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console config show ip dhcp binding IP ad...

Page 1919: ... address for which the conflict information is desired Default Configuration The command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines show ip dhcp global configuration Use the show ip dhcp global configuration command to display the DHCP global configuration Syntax show ip...

Page 1920: ...yntax show ip dhcp pool all poolname poolname Name of the pool Range 1 32 characters Default Configuration This command has no default configuration Command Mode User Exec Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines show ip dhcp server statistics Use the show ip dhcp server statistics command to display the DHCP ...

Page 1921: ...odes User Guidelines This command has no user guidelines Example console show ip dhcp server statistics Automatic Bindings 100 Expired Bindings 32 Malformed Bindings 0 Messages Received DHCP DISCOVER 132 DHCP REQUEST 132 DHCP DECLINE 0 DHCP RELEASE 32 DHCP INFORM 0 Messages Sent DHCP OFFER 132 DHCP ACK 132 DHCP NACK 0 ...

Page 1922: ...s vlan id Valid VLAN ID statistics Indicates statistics display if VLAN is specified Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines clear ipv6 dhcp service dhcp dns server IPv6 DHCP Pool Config show ipv6 dhcp domain name IPv6 DHCP Pool Config show ipv6 dhcp binding ipv6 dhcp pool show ipv6 dhcp i...

Page 1923: ...support Syntax dns server ipv6 address no dns server ipv6 address ipv6 address Valid IPv6 address Default Configuration This command has no default configuration Command Mode IPv6 DHCP Pool Configuration mode User Guidelines This command has no user guidelines domain name IPv6 DHCP Pool Config Use the domain name command in IPv6 DHCP Pool Configuration mode to set the DNS domain name which is prov...

Page 1924: ...ig dhcp6s pool no domain name test ipv6 dhcp pool This capability requires the IPv6 DHCP service to be enabled Use the service dhcpv6 command to enable the DHCPv6 service Use the ipv6 dhcp pool command in Global Configuration mode to enter IPv6 DHCP Pool Configuration mode DHCPv6 pools are used to specify information for DHCPv6 server to distribute to DHCPv6 clients These pools are shared between ...

Page 1925: ...vlan id interface vlan vlan id remote id duid ifid user defined string destination Keyword that sets the relay server IPv6 address relay address An IPv6 address of a DHCPv6 relay server interface Sets the relay server interface vlan id A valid VLAN ID remote id duid ifid user defined string The Relay Agent Information Option remote ID suboption to be added to relayed messages This can either be th...

Page 1926: ...versa An IP interface configured in relay mode cannot be configured as a DHCP client ip address dhcp Example The following example configures VLAN 15 for DHCPv6 relay functionality console config service dhcpv6 console config interface vlan 15 console config if vlan15 ipv6 dhcp relay destination 2020 1 1 ipv6 dhcp server Use the ipv6 dhcp server command in Interface Configuration mode to configure...

Page 1927: ...her than 0 the server adds a preference option to carry the preference value for the advertise messages This action affects the selection of a server by the client Any advertise message that does not include a preference option is considered to have a preference value of 0 If the client receives an advertise message that includes a preference option with a preference value of 255 the client immedi...

Page 1928: ...g and tracing Range 0 31 characters The command allows spaces in the host name when specified in double quotes For example console config snmp server host host name is allowed valid lifetime Valid lifetime for delegated prefix Range 0 4294967295 seconds or use the keyword infinite Using the value 0 for the valid lifetime sets the value to the default preferred lifetime Preferred lifetime for deleg...

Page 1929: ... 5 days console config dhcp6s pool prefix delegation fc00 7 00 1D BA FF FE 06 37 64 preferred lifetime 43200 service dhcpv6 Use the service dhcpv6 command in Global Configuration mode to enable local IPv6 DHCP server on the switch Use the no form of the command to disable the DHCPv6 service Syntax service dhcpv6 no service dhcpv6 Default Configuration The service dhcpv6 is disabled by default Comm...

Page 1930: ...onfiguration submodes User Guidelines The DUID value of the server will only appear in the output when a DHCPv6 lease is active Example The following example displays the DHCPv6 server name and status console show ipv6 dhcp DHCPv6 is disabled Server DUID show ipv6 dhcp binding Use the show ipv6 dhcp binding command to display the configured DHCP pool Syntax show ipv6 dhcp binding ipv6 address ipv6...

Page 1931: ...levant interfaces or for the specified interface If an interface is specified the optional statistics parameter is available to view statistics for the specified interface Syntax show ipv6 dhcp interface interface id statistics interface id A tunnel or VLAN interface identifier See Interface Naming Conventions for interface representation statistics Enables statistics display if interface is speci...

Page 1932: ...kets Received 0 DHCPv6 Inform Packets Received 0 DHCPv6 Relay forward Packets Received 0 DHCPv6 Relay reply Packets Received 0 DHCPv6 Malformed Packets Received 0 Received DHCPv6 Packets Discarded 0 Total DHCPv6 Packets Received 0 DHCPv6 Advertisement Packets Transmitted 0 DHCPv6 Reply Packets Transmitted 0 DHCPv6 Reconfig Packets Transmitted 0 DHCPv6 Relay reply Packets Transmitted 0 DHCPv6 Relay...

Page 1933: ...face The valid values are INACTIVE SOLICIT REQUEST ACTIVE RENEW REBIND RELEASE Server DUID DHCPv6UniqueIdentifieroftheDHCPv6Serveronthis interface T1 Time The T1 in seconds time as indicated by the DHCPv6 Server T1 value indicates the time interval after which the address is requested for renewal T2 Time The T2 in seconds time as indicated by the DHCPv6 Server T2 value indicates the time interval ...

Page 1934: ...ime 1 days 0 hrs 0 mins 0 secs Valid Lifetime 2 days 0 hrs 0 mins 0 secs Renew Time 0 days 11 hrs 55 mins 28 secs Expiry Time 1 days 23 hrs 55 mins 28 secs console show ipv6 dhcp interface vlan 10 IPv6 Interface Vl10 Mode Relay Relay Address 3030 3 Relay Interface Number Relay Relay Remote ID Option Flags console show ipv6 dhcp interface vlan 10 IPv6 Interface Vl10 Mode Server Pool Name asd Server...

Page 1935: ...d 0 DHCPv6 Reply Packets Transmitted 0 DHCPv6 Reconfig Packets Transmitted 0 DHCPv6 Relay reply Packets Transmitted 0 DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 console show ipv6 dhcp interface vlan 10 statistics DHCPv6 Client Interface Vl10 Statistics DHCPv6 Advertisement Packets Received 0 DHCPv6 Reply Packets Received 0 Received DHCPv6 Advertisement Packets Di...

Page 1936: ...r Guidelines This command has no user guidelines Example The following example displays the configured DHCP pool console show ipv6 dhcp pool test DHCPv6 Pool test show ipv6 dhcp statistics Use the show ipv6 dhcp statistics command in User Exec mode to display the global DHCPv6 server and relay statistics Syntax show ipv6 dhcp statistics Default Configuration This command has no default configurati...

Page 1937: ...ved 0 DHCPv6 Rebind Packets Received 0 DHCPv6 Release Packets Received 0 DHCPv6 Decline Packets Received 0 DHCPv6 Inform Packets Received 0 DHCPv6 Relay forward Packets Received 0 DHCPv6 Relay reply Packets Received 0 DHCPv6 Malformed Packets Received 0 Received DHCPv6 Packets Discarded 0 Total DHCPv6 Packets Received 0 DHCPv6 Advertisement Packets Transmitted 0 DHCPv6 Reply Packets Transmitted 0 ...

Page 1938: ...est version of the HiveAgent starts If declined all Hive Agent applications are stopped Syntax eula consent hiveagent accept reject hiveagent Enter the keyword hiveagent to either accept or reject the EULA for the HiveAgent accept Accepts the EULA for the specified service reject Rejects the EULA for the specified service Default Configuration The default is eula consent hiveagent accept Command M...

Page 1939: ... in version 6 3 0 1 firmware Example console config eula consent hiveagent accept This switch includes a feature that enables it to work with HiveManager an optional management suite by sending the switch s service tag number to HiveManager to authenticate your entitlement to use HiveManager If you wish to disable this feature you should run command eula consent hiveagent reject immediately upon p...

Page 1940: ...ormation into the startup config Command History Introduced in version 6 3 0 1 firmware Example In this example the HiveAgent EULA has been accepted console config hiveagent console conf hiveagent In this example the HiveAgent EULA has been rejected console config hiveagent HiveAgent EULA has not been accepted The HiveAgent cannot be configured until the HiveAgent EULA is accepted console config s...

Page 1941: ...ommand Mode HiveAgent Configuration User Guidelines The server name is used as a reference only and is not required to be used as part of a URL definition The server name can consist of any alphanumeric character plus dashes or underscores Use the exit command to exit HiveAgent Server configuration mode Command History Introduced in version 6 3 0 1 firmware Example console config hiveagent console...

Page 1942: ...HiveManagerNG enable proxy ip address Use the proxy ip address command to configure a proxy server to be used to contact the HiveManager NG Use the no form of the command to remove the proxy server information Syntax proxy ip address ipv4 address ipv6 address port port number username userid password encryption type password no proxy ip address ipv4 address The IPv4 address of the proxy server in ...

Page 1943: ...isplayed and stored encrypted Command Mode HiveAgent Server Configuration User Guidelines Passwords are always stored and displayed as encrypted even if entered in unencrypted format Example console config support assist console conf support assist server 10 0 0 1 console conf support assist 10 0 0 1 proxy ip address 10 0 0 2 port 1025 username admin password 0 password Command History Introduced ...

Page 1944: ... a DNS hostname If using the DNS hostname the DNS resolver feature will need to be configured enabled and operational Command History Introduced in version 6 3 0 1 firmware Example console config hiveagent console conf hiveagent server HiveManagerNG console conf hiveagent HiveManagerNG url cloud rd aerohive com show hiveagent status Use the show hiveagent status command to display information on t...

Page 1945: ...bled HiveAgent Version 1 0 1 HiveAgent Status CONTACTING REDIRECTOR HiveAgent AssociationUrl HiveAgent AssociationMethod REDIRECTOR HiveAgent PollUrl HiveAgent RedirectorFQDN cloud rd aerohive com HiveAgent RedirectorResponse CURL code 28 HTTP code 0 Curl string Timeout was reached show eula consent hiveagent Use the show eula consent command to review the EULA details Displaying the EULA details ...

Page 1946: ...le console show eula consent hiveagent HiveAgent EULA has been Accepted This switch includes a feature that enables it to work with HiveManager an optional management suite by sending the switch s service tag number to HiveManager to authenticate your entitlement to use HiveManager If you wish to disable this feature you should run command eula consent hiveagent reject immediately upon powering up...

Page 1947: ...ching routing interfaces Out of band management is always through the dedicated out of band interface The serial port on the stack master provides a direct console interface supporting a CLI In band management interfaces can employ a variety of protection mechanisms including VLAN assignment and Management ACLs The out of band port does not support such protection mechanisms and therefore it is re...

Page 1948: ...s command has no default configuration Command Mode Privileged Exec mode User Guidelines This command has no user guidelines Example The following example deletes all entries from the host name to address cache console clear host clear ip address conflict detect Use the clear ip address conflict detect command to clear the address conflict detection status in the switch ip domain lookup show ip he...

Page 1949: ...rivileged Exec mode User Guidelines The VRF identified in the parameter must have been previously created or an error is returned Virtual Router Configuration mode is only available on the Dell EMC Networking N3000 N3100 ON N4000 switches Example console clear ip address conflict detect interface out of band Use the interface out of band command to enter into OOB interface configuration mode Synta...

Page 1950: ...no ip address command clears the currently assigned IPv4 address sets the IP address configuration method to the default whatever the default is Use the show ip interface command to display the configured IP addresses Syntax ip address ip address subnet mask prefix length secondary no ip address ip address subnet mask prefix length secondary ip address IP address of the interface subnet mask Subne...

Page 1951: ...support a full 32 bit subnet mask Example The following example defines the IP address and subnet mask for VLAN 15 and enables the VLAN for routing console config interface vlan 15 console config if vlan15 ip address 192 168 10 10 255 255 255 0 ip address Out of Band Use the ip address command in Interface Configuration mode to set an IP address for the out of band interface Use the no form of thi...

Page 1952: ...ed that the out of band interface be isolated on a physically separate network from the in band ports This command is only valid for switches equipped with an out of band interface Example The following examples configure the out of band interface with an IP address 131 108 1 27 and subnet mask 255 255 255 0 and the same IP address with prefix length of 24 bits console config interface out of band...

Page 1953: ...d operates on the global router instance Virtual Router Configuration mode is only available on the Dell EMC Networking N3000 N3100 ON N4000 switches Example console configure console config ip address conflict detect run ip address dhcp Interface Configuration Use the ip address dhcp command in Interface VLAN Configuration mode to enable the DHCPv4 client on an interface Syntax ip address dhcp no...

Page 1954: ...HCP client may learn the following parameters from a DHCP server The IPv4 address of a default gateway If the device learns different default gateways on different interfaces the system uses the first default gateway learned The system installs a default route in the routing table with the default gateway s address as the next hop address This default route has a preference of 254 The IPv4 address...

Page 1955: ...e show ip route command to display the active default gateway Only one default gateway can be configured If you invoke this command multiple times each command replaces the previous value When in Virtual Router Configuration mode this command operates within the context of the virtual router instance When in Global Configuration mode the command operates on the global router instance Virtual Route...

Page 1956: ...olution is enabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the IP Domain Naming System DNS based host name to address translation console config ip domain lookup ip domain name Use the ip domain name command in Global Configuration mode to define a default domain name used to complete unqualified ho...

Page 1957: ...er Guidelines This command has no user guidelines Example The following example defines a default domain name of dell com console config ip domain name dell com ip host Use the ip host command in Global Configuration mode to define static host name to address mapping in the host cache To delete the name to address mapping use the no form of this command Syntax ip host name address no ip host name ...

Page 1958: ...ax ip name server server address1 server address2 server address8 no ip name server server address1 server address8 server address Valid IPv4 or IPv6 addresses of the name server Range 1 255 characters Default Configuration No name server IP addresses are specified Command Mode Global Configuration mode User Guidelines Server preference is determined by entry order Up to eight servers can be defin...

Page 1959: ...tion By default the switch uses the assigned switch IP address as the source IP address for DNS packets This address is either the IP address assigned to the VLAN from which the DNS packet originates or the out of band interface IP address Command Mode Global Configuration mode User Guidelines The source interface must have an assigned IP address assigned either manually or via another method such...

Page 1960: ... ip name server source interface vlan 1 This example configures a source interface for a loopback interface Using a loopback address is the recommended method for assigning a source interface console configure console config interface loopback 0 console config if vlan1 ip address 129 168 0 13 32 console config if vlan1 exit console config ip name server source interface vlan 1 ipv6 address Interfa...

Page 1961: ... to an interface Creation of a link local address is automatically performed by this command IPv6 addresses may be expressed in up to eight blocks For simplification the leading zeros of each 16 bit block may be omitted One sequence of 16 bit blocks containing only zeros may be replaced by a double colon but not more than one at a time Dropping zeros 3ffe ffff 100 f101 0 0 0 1 becomes 3ffe ffff 10...

Page 1962: ...4 format may also be assigned The autoconfig parameter specifies that a link local address in the EUI 64 format is assigned to the interface The DHCP parameter indicates that the port should obtain its address via DHCP Use the no form of the command to remove a specific address or to return the address assignment to its default value Using the no form of the command with no parameters removes all ...

Page 1963: ...IPv6 auto configuration or DHCPv6 is not enabled on any of the in band management interfaces The optional eui64 parameter indicates that the IPv6 address is configured to use the EUI 64 interface ID in the low order 64 bits of the address In this parameter is specified the prefix length must be 64 This command is only valid for switches equipped with an out of band interface ipv6 address dhcp Use ...

Page 1964: ...fail if DHCPv6 server has been configured on the interface Examples In the following example DHCPv6 is enabled on interface vlan2 console config console config interface vlan 2 console config if vlan2 ipv6 address dhcp ipv6 enable Interface Configuration Use the ipv6 enable command in Interface Configuration mode to enable IPv6 on a routing interface Use the no form of this command to reset the IP...

Page 1965: ... of band port Command Mode Interface out of band Configuration mode User Guidelines This command is not necessary if an IPv6 address has been assigned to the interface This command is only valid for switches equipped with an out of band interface ipv6 gateway OOB Configuration Use the ipv6 gateway command in Interface out of band Configuration mode to configure the address of the IPv6 gateway The ...

Page 1966: ... in User Exec mode to display the default domain name a list of name server hosts and the static and cached list of host names and addresses Syntax shows hosts hostname hostname Range 1 255 characters The command allows spaces in the host name when specified in double quotes For example console config show hosts host name Default Configuration This command has no default configuration Command Mode...

Page 1967: ... Addresses www stanford edu 72 3 IP 171 64 14 203 show ip address conflict Use the show ip address conflict command in User Exec or Privileged Exec mode to display the status information corresponding to the last detected address conflict Syntax show ip address conflict vrf vrf name vrf name The name of the VRF instance on which the command operates If no VRF parameter is given information for the...

Page 1968: ...flict Address Conflict Detection Status No Conflict Detected show ip helper address Use the show ip helper address command to display IP helper addresses configuration Syntax show ip helper address vrf vrf name intf address Term Description Address Conflict Detection Status Whether the switch has detected an address conflict on any IP address Set to Conflict Detected if detected No Conflict Detect...

Page 1969: ...he VRF identified in the parameter must have been previously created or an error is returned The VRF parameter is only available on the N3000 N3100 ON N4000 series switches This command is not available on the N1100 ON Series switches Example console show ip helper address IP helper is enabled Interface UDP Port Discard Hit Count Server Address vlan 25 domain No 0 192 168 40 2 vlan 25 dhcp No 0 19...

Page 1970: ...ics DHCPv6 Advertisement Packets Received 0 DHCPv6 Reply Packets Received 0 Received DHCPv6 Advertisement Packets Discard 0 Received DHCPv6 Reply Packets Discarded 0 DHCPv6 Malformed Packets Received 0 Total DHCPv6 Packets Received 0 DHCPv6 Solicit Packets Transmitted 8 DHCPv6 Request Packets Transmitted 0 DHCPv6 Renew Packets Transmitted 0 DHCPv6 Rebind Packets Transmitted 0 DHCPv6 Release Packet...

Page 1971: ... User Guidelines This command is only available on switches equipped with an out of band interface Example console config if show ipv6 interface out of band IPv6 Administrative Mode Enabled IPv6 Prefix is FE80 21E C9FF FEAA AD79 64 128 IPv6 Default Router FE80 A912 FEC2 A145 FEAD Configured IPv6 Protocol None IPv6 AutoConfiguration mode Enabled Burned In MAC Address 001E C9AA AD79 ...

Page 1972: ...exec Provides accounting for a user Exec terminal session commands Provides accounting for all user executed commands default The default list of methods for accounting services list name Character string of not more than 15 characters used to name the list of accounting methods The list name can consist of any printable character other than a question mark Use quotes around the list name if embed...

Page 1973: ...horization method to a line config Use the no form of the command to return the authorization for the line mode to the default Syntax authorization commands exec default list name no authorization commands exec commands Perform authorization for each command entered by the user exec Perform Exec authorization for the user authorization required to enter privileged Exec mode default The default lis...

Page 1974: ... fails then the next method in the list is attempted Examples Use the following command to enable TACACS command authorization for telnet console config line telnet console config telnet authorization commands mycmdAuthList enable authentication Use the enable authentication command in Line Configuration mode to specify the authentication method list when accessing a higher privilege level from a ...

Page 1975: ...uthentication default Example The following example specifies the default authentication method when accessing a higher privilege level console console config line console console config line enable authentication default exec banner Use the exec banner command to enable exec banner on the console telnet or SSH connection To disable use the no form of the command Syntax exec banner no exec banner ...

Page 1976: ... command Syntax exec timeout minutes seconds no exec timeout minutes Integer that specifies the number of minutes Range 0 65535 seconds Additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line telnet console ssh Configuration mode User Guidelines To specify no timeout enter the exec timeout 0 command Example The following examp...

Page 1977: ...nd has no user guidelines Example The following example disables the command history function for the current terminal session console config line no history history size Use the history size command in Line Configuration mode to change the command history buffer size for a particular line To reset the command history buffer size to the default setting use the no form of this command Syntax histor...

Page 1978: ...current terminal session console config line history size 20 line Use the line command in Global Configuration mode to identify a specific line for configuration and enter the line configuration command mode Syntax line console telnet ssh console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configu...

Page 1979: ...y to be invoked due to SSH timing out and dropping the connection attempt Examples The following example sets the telnet authentication list to enableList console config line telnet console config telnet enable authentication enableList The following example enters Line Configuration mode to configure Telnet console config line telnet console config line login authentication Use the login authenti...

Page 1980: ...thentication method for a console console config line console console config line login authentication default login banner Use the login banner command to enable login banner on the console telnet or SSH connection To disable use the no form of the command Syntax login banner no login banner MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Line Conf...

Page 1981: ...onfiguration This command has no default configuration Command Mode Line Configuration User Guidelines This command has no user guidelines Example console config telnet motd banner password Line Configuration Use the password command in Line Configuration mode to specify a password on a line To remove the password use the no form of this command NOTE For commands that configure password properties...

Page 1982: ...password is specified Command Mode Line Configuration mode User Guidelines This command has no user guidelines Example The following example specifies a password mcmxxyyy on a line console config line password mcmxxyyy show line Use the show line command to display line parameters Syntax show line console telnet ssh console Console terminal line telnet Virtual terminal for remote console access Te...

Page 1983: ... Character Size bits 8 Flow Control Disable Stop Bits 1 Parity none History 10 Telnet configuration Remote Connection Login Timeout mins secs 10 minutes 0 seconds History 10 SSH configuration Remote Connection Login Timeout mins secs 10 minutes 0 seconds History 10 speed Use the speed command in Line Configuration mode to set the line BAUD rate Use the no form of the command to restore the default...

Page 1984: ...configuration applies only to the current session Example The following example configures the console BAUD rate to 9600 console config line speed 9600 terminal length Use the terminal length command to set the terminal length Use the no form of the command to reset the terminal length to the default Syntax terminal length value no terminal length value The length in number of lines Range 0 512 De...

Page 1985: ...han 4 as terminal lengths in the range of 1 to 4 may give odd output due to prompting The terminal length command is specific to the current session Logging out rebooting or otherwise ending the current session will require that the command be reentered Likewise because the terminal length setting is specific to a session it is never saved in the config Example console terminal length 50 ...

Page 1986: ...nfiguration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The copper related commands do not apply to the stacking or 10GBaseT ports The maximum length of the cable for the Time Domain Reflectometry TDR test is 120 meters Disable green mode on the port in order to obtain accurate results Example The following example displays the last TD...

Page 1987: ...lt Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The show fiber ports command is applicable to all fiber ports including SFP SFP and XFP ports It will display an error if executed against a copper port or passive or active direct attach cables Examples The following examples display...

Page 1988: ...ct attach SFP SFP cables are not based on 1000BaseT technology and do not support TDR testing Use the show copper ports tdr command to view the test results The maximum distance the Virtual Cable Tester VCT can measure is 120 meters Examples The following example results in a report on the cable attached to port 1 0 3 console test copper port tdr te1 0 1 This command takes the port offline to meas...

Page 1989: ...Switch Management Commands 1989 Use the show copper port tdr command to view the results Do you wish to continue and take the port offline y n y Error Invalid interface 2 0 3 ...

Page 1990: ...on provides power management which supports power reservation power prioritization and power limiting The operator can assign a priority to each PoE port When the power budget of the PoE switch has been exhausted the higher priority ports are given preference over the lower priority ports Lower priority ports are forcibly stopped to supply power in order to provide power to higher priority ports T...

Page 1991: ...the ability of the port to deliver power Syntax power inline auto never no power inline auto Enables device discovery and if a device is found using the method specified by the power inline detection setting supplies power to the device never Disables the device discovery protocol and stops supplying power to the device Command Mode Interface Configuration Ethernet power inline power inline priori...

Page 1992: ...Default Value The default value is auto that is device discovery is enabled and the port is capable of delivering power Examples console config interface gigabitethernet 1 0 1 console config if Gi1 0 1 power inline auto power inline detection Use the power inline detection command to configure the detection type that tells which types of PD s will be detected and powered by the switch Use the no f...

Page 1993: ...r inline four pair forced Use this command to force 4 pair power feed on an interface Use the no form of the command to use the default 2 pair power feed Syntax power inline four pair forced no power inline four pair forced Default Configuration The default power feed is 2 pair power Command Mode Interface Config User Guidelines This command is only operational on N2100PX ON N3000P N3100PX ON seri...

Page 1994: ...e four pair forced power inline limit Use the power inline limit command to configure the type of power limit Use the no form of this command to set the power limit type to the default Syntax power inline limit user defined limit class none no power inline limit user defined limit Allows the port to draw up to user defined value The range is 3000 32000 milliwatts mW in two pair mode In four pair m...

Page 1995: ...y 59850 milliwatts 60W Four pair power is available in any of the power management modes In class mode twice the detected class power is delivered 64W In dynamic mode up to 62W may be delivered The Dell EMC Networking 3024P N3048P switches implement 4 pair PoE 60W on the first 12 lowest numbered 1G ports The N3132PX ON switches implement PoE 60W on the copper 1G and 5G ports The N2128PX ON switche...

Page 1996: ...ig interface gi1 0 2 console config if Gi1 0 2 power inline four pair forced console config if Gi1 0 2 power inline limit user defined 50000 This example displays an interface configured in four pair power mode console show power inline gigabitethernet 1 0 1 detailed Port Powered Device State Priority Status Class Power mW Gi1 0 1 auto Low Searching Unknown Limit Power High Power Port Type Limit M...

Page 1997: ...dynamic Command Mode Global Configuration User Guidelines If no unit is specified all members of the stack are configured Static dynamic and class based modes differ in how the available power is calculated and how much power may be delivered to the Powered Device Refer to the PoE section in the User s Configuration Guide for information on Powered Device detection power allocation methods and the...

Page 1998: ... 0 2 auto Low Searching Unknown Gi1 0 3 auto Low Searching Unknown Gi1 0 4 auto Low Searching Unknown Command History Description revised in version 6 3 1 5 release Description revised in version 6 3 1 6 release Example revised in 6 4 release power inline powered device The power inline powered device command adds a comment or description of the powered device type to enable the user to remember w...

Page 1999: ...which ports will supply power if adequate power capacity is not available for all enabled ports For ports that have the same priority level the lower numbered port has higher priority For a system delivering peak power to a certain number of devices if a new device is attached to a high priority port power to a low priority port is shut down and the new device is powered up Syntax power inline pri...

Page 2000: ...Error state Power to the powered devices may be interrupted as the port is reset power inline usage threshold The power inline usage threshold command configures the system power usage threshold level at which lower priority ports are disconnected The threshold is configured as a percentage of the total available power Use the no form of the command to set the threshold to the default value Syntax...

Page 2001: ...d compares it against the unit power maximum multiplied by the threshold 100 If unit power consumption exceeds the threshold and the power bank is active ports are disconnected with an over power condition The disconnection is priority based When ports are disconnected due to actual consumed power exceeding the threshold a trap is generated Examples console config power inline usage threshold 90 C...

Page 2002: ...capable physical interface See Interface Naming Conventions for interface representation Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines If a port supplying power detects PSE equipment the power to the port is shut off If a powered port shows input power detected status 0x24 and no device is attached the port should not be used as a possib...

Page 2003: ...he single port The detected class and power is shown followed by the power limit configuration Then port counters voltage current and temperate are displayed console show power inline gi1 0 1 detailed Port Powered Device State Priority Status Class Power mW Gi1 0 13 auto Low Searching Unknown Limit Power High Power Port Type Limit Mode Gi1 0 13 None 32000 Enabled Overload Counter 0 Short Counter 0...

Page 2004: ...r firmware present on the switch file system Syntax show power inline firmware version Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command displays the PoE firmware version for each stack member individually Example console config show power inline firmware version Unit Firmware Version 1 265_1 ...

Page 2005: ...n RMON probe or RMON Agent An RMON probe provides RMON data to an RMON Manager for analysis and presentation to the user An RMON probe may be embedded in an existing network device or stand alone Commands in this Section This section explains the following commands rmon alarm Use the rmon alarm command in Global Configuration mode to configure alarm conditions To remove an alarm use the no form of...

Page 2006: ... from the current value and the difference compared with the thresholds absolute The sampling method for the selected variable and calculating the value to be compared against the thresholds If the method is absolute the value of the selected variable is compared directly with the thresholds at the end of the sampling interval startup direction The alarm that may be sent when this entry is first s...

Page 2007: ...ON MIB history statistics group on an interface To remove a specified RMON history statistics group use the no form of this command Also see the show rmon collection history command Syntax rmon collection history index owner ownername buckets bucket number interval seconds no rmon collection history index index The requested statistics index group Range 1 65535 owner ownername Records the RMON sta...

Page 2008: ... config interface gigabitethernet 1 0 8 console config if Gi1 0 8 rmon collection history 1 interval 2400 rmon event Use the rmon event command in Global Configuration mode to configure an event To remove an event use the no form of this command See also the show rmon events command Syntax rmon event number log trap community description string owner string no rmon event number number The event in...

Page 2009: ...move the alarm Syntax rmon hcalarm alarmnumber variable interval absolute delta rising threshold value 64 rising event index falling threshold value 64 falling event index startup rising falling rising falling owner string alarmnumber An alarm number that uniquely identifies the alarm entry Range 1 65536 Each entry defines a diagnostic sampler at a particular interval for an object on the device v...

Page 2010: ... active If the first sample after this entry is configured is greater than or equal to the rising threshold and startup rising or startup rising falling is configured a single rising event is generated If the first sample after this entry is configured is less than or equal to the falling threshold and startup falling or startup rising falling is configured then a single falling event is generated...

Page 2011: ... Command Mode User Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays RMON 1 alarms console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 10 1 Last sample Value 878128 Interval 30 Sample Type delta Startup Alarm rising Rising Threshold 8700000 Falling Threshold 78 Rising Event 1 Falling Eve...

Page 2012: ...ompared with the thresholds Startup Alarm The alarm that may be sent when this entry is first set If the first sample is greater than or equal to the rising threshold and startup alarm is equal to rising or rising and falling then a single rising alarm is generated If the first sample is less than or equal to the falling threshold and startup alarm is equal falling or rising and falling then a sin...

Page 2013: ...de and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the alarms summary table console show rmon alarms Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3 6 1 2 1 2 2 1 10 1 Manager 3 1 3 6 1 2 1 2 2 1 10 9 CLI The following table describes the significant fields shown in the display Field Description Index An index that unique...

Page 2014: ... Mode User Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following table describes the significant fields shown in the display Example The following example displays all RMON group statistics console show rmon collection history Index Interface Interval Requested Granted Owner Samples Samples Field Description Index An index that uniquely identifies the ent...

Page 2015: ...in the display Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the case of trap an SNMP trap is sent to one or more management stations Com...

Page 2016: ...arm command to display high capacity 64 bit alarms configured with the rmon hcalarm command Syntax show rmon hcalarms hcalarm number number The alarm index Range 1 65535 Default Configuration This command has no default configuration Command Modes Privileged Exec all show modes User Guidelines This command has no user guidelines Example console show rmon hcalarm 2 Alarm 2 OID ifInOctets 1 Last Sam...

Page 2017: ...ry Also see the rmon collection history command Syntax show rmon history index throughput errors other period seconds index The requested set of samples Range 1 65535 throughput Displays throughput counters errors Displays error counters other Displays drop and collision counters period seconds Specifies the requested period time to display Range 0 2147483647 Default Configuration This command has...

Page 2018: ...excluding framing bits but including FCS octets between 64 and 1518 octets inclusive but had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Undersize The number of packets received during this sampling interval that were less than 64 octets long excluding framing bits but including FCS octets and w...

Page 2019: ... Time CRC UndersizeOversizeFragmentsJabbers Align 09 Mar 2005110490 18 29 32 09 Mar 2005110270 18 29 42 The following example displays RMON Ethernet Statistics history for other on index number 1 Jabbers The number of packets received during this sampling interval that were longer than 1518 octets excluding framing bits but including FCS octets and had either a bad Frame Check Sequence FCS with an...

Page 2020: ...the RMON logging table Syntax show rmon log event event Event index Range 1 65535 Default Configuration This command has no default configuration Command Mode User Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following table describes the significant fields shown in the display Example The following examples display the RMON logging table Field Description...

Page 2021: ...h Broadcast Jan 18 2005 23 59 48 show rmon statistics Use the show rmon statistics command in User Exec mode to display the RMON Ethernet Statistics Syntax show rmon statistics gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port fortygigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User Exec mo...

Page 2022: ...ing framing bits but including FCS octets of between 64 and 1518 octets inclusive but with either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Undersize Pkts The total number of packets received less than 64 octets long excluding framing bits but including FCS octets and otherwise well formed Oversize P...

Page 2023: ...ncluding FCS octets 65 to 127 Octets The total number of packets including bad packets received that are between 65 and 127 octets in length inclusive excluding framing bits but including FCS octets 128 to 255 Octets The total number of packets including bad packets received that are between 128 and 255 octets in length inclusive excluding framing bits but including FCS octets 256 to 511 Octets Th...

Page 2024: ... HC Pkts 65 127 Octets 0 HC Overflow Pkts 128 255 Octets 0 HC Pkts 128 255 Octets 0 HC Overflow Pkts 256 511 Octets 0 HC Pkts 256 511 Octets 0 HC Overflow Pkts 512 1023 Octets 0 HC Pkts 512 1023 Octets 0 HC Overflow Pkts 1024 1518 Octets 0 HC Pkts 1024 1518 Octets 0 ...

Page 2025: ...tput of debug traces Debug commands are provided in the normal CLI tree Debug settings are not persistent and are not visible in the running configuration To view the current debug settings use the show debugging command The output of debug commands can be large and may adversely affect system performance Enabling debug for all IP packets can cause a serious impact on the system performance theref...

Page 2026: ...sabled by default Command Mode Privileged Exec mode debug bfd debug ip igmp debug ospfv3 show debugging debug cfm debug ip mcache debug ping show supported mibs debug clear debug ip pimdm packet debug rip show supported mibs debug console debug ip pimsm packet debug sflow snapshot bgp debug crashlog debug ipv6 dhcp debug spanning tree write core debug dhcp packet debug ipv6 mcache debug udld debug...

Page 2027: ... executes the command within the context of the VRF specific routing table Syntax debug arp vrf vrf name no debug arp vrf name The name of the VRF associated with the routing table context used by the command If no vrf is specified the global routing table context is used Default Configuration ARP packet tracing is disabled by default Command Mode Privileged Exec mode User Guidelines The VRF ident...

Page 2028: ...y default value Syntax debug authentication event all interface id no debug authentication event all interface id event Traces Authentication Manager debug events all Enables all Authentication Manager debugs interface id The interface to trace Default Configuration Default value is disabled Command Modes Privileged Exec mode User Guidelines Debug output should be enabled with caution Switch behav...

Page 2029: ... H323 SCCP SIP Default Configuration Auto VOIP tracing is disabled by default Command Mode Privileged Exec mode User Guidelines Debug output should be enabled with caution Switch behavior may be adversely affected by the additional processing load incurred from enabling debug Example console debug auto voip debug bfd Use this command to enable the display of BFD events or packets Syntax debug bfd ...

Page 2030: ...le console configure console config vlan 100 console config vlan100 exit console config interface vlan 100 console config if vlan100 bfd interval 100 min_rx 100 multiplier 5 debug cfm Use the debug cfm command to enable CFM debugging Use the no form of the command to disable debugging Syntax debug cfm event pdu all ccm ltm lbm tx rx event CFM events pdu CFM PDUs ccm Continuity check messages ltm L...

Page 2031: ...ional processing load incurred by enabling debug output Example The following examples enables display of CFM events on the console console debug cfm event debug clear Use the debug clear command to disable all debug traces Syntax debug clear Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode User Guidelines There are no user guidelines for t...

Page 2032: ...Syntax debug console Default Configuration Display of debug traces is disabled by default Command Mode Privileged Exec mode User Guidelines Debug output should be enabled with caution Switch behavior may be adversely affected by the additional processing load incurred from enabling debug Example console debug console debug crashlog Use this command to display the crash log contents on the console ...

Page 2033: ...ration By default this command displays all crash logs for the specified index Command Modes Privileged Exec mode User Config mode all show modes User Guidelines There are no user guidelines for this command Command History Introduced in version 6 2 0 1 firmware Example This example displays the most recent crash log for the stack master console debug crashlog 0 Displaying Crash Dump 0 For kernel ...

Page 2034: ...30 00000000 r31 00000000 0x083da883 0x083c9955 0x0804b8f6 0x0012e40c 0x083c73c3 0x083c7211 0x082b05e3 0x081ed66c 0x0839db78 0x083a0c22 0x0839b295 0x0839a928 0x083a7b73 0x08387592 0x08372fbc 0x08395caf 0x083996de 0x083d6f71 0x00134e99 0x0021873e End Stack Information CALL STACK INFO VERBOSE Stack pointer before signal 0x00000000 Offending instruction at address 0x00000000 tried to access address 0x...

Page 2035: ...73 ewsTelnetParse 0x2b9 08387592 ewsParse 0x162a 08372fbc ewsRun 0x149 08395caf ewmain 0x17c 083996de emweb_main 0x1a3 083d6f71 osapi_task_wrapper 0xa6 00134e99 0021873e debug dhcp packet Use the debug dhcp packet command to display debug information about DHCPv4 client activities and to trace DHCPv4 packets to and from the local DHCPv4 client To disable debugging use the no form of this command S...

Page 2036: ...e debug dhcp packet The second example is for transmit flow console debug dhcp packet transmit The third example is for receive flow console debug dhcp packet receive debug dhcp server packet Use this command to trace DHCPv4 packets to and from the local DHCPv4 server To disable debugging use the no form of this command Syntax debug dhcp server packet no debug dhcp server packet Default Configurat...

Page 2037: ...ing of CFM components for events and CFM PDUs based on the type of packet for reception and transmission Syntax debug dot1ag all ccm events lbm lbr ltm ltr pdu no debug dot1ag all ccm events lbm lbr ltm ltr pdu all Traces CCM LBM LBR LTM LTRs ccm Traces CCMs events Traces CFM events lbm Traces LBMs lbr Traces LBRs ltm Traces LTMs ltr Traces LTRs pdu Traces specific PDUs Default Configuration Traci...

Page 2038: ...1ag events Dot1ag events tracing enabled console console debug dot1ag ccm Dot1ag CCM tracing enabled console console no debug dot1ag ccm Dot1ag CCM tracing disabled debug dot1x Use the debug dot1x command to enable dot1x packet tracing Use the no form of this command to disable dot1x packet tracing Syntax debug dot1x packet receive transmit no debug dot1x packet receive transmit Default Configurat...

Page 2039: ...d by the switch IGMP Snooping should be enabled on the device and the interface in order to monitor packets for a particular interface Syntax debug igmpsnooping packet receive transmit no debug igmpsnooping packet receive transmit Default Configuration Display of IGMP Snooping traces is disabled by default Command Mode Privileged Exec mode User Guidelines Debug output should be enabled with cautio...

Page 2040: ... be enabled with caution Switch behavior may be adversely affected by the additional processing load incurred from enabling debug Example console debug ip acl 1 debug ip bgp To enable debug tracing of BGP events use the debug ip bgp command To disable debug tracing use the no form of this command Syntax debug ip bgp vrf vrf name ipv4 address ipv6 address interface interface id events keepalives no...

Page 2041: ...nd receive of KEEPALIVE packets notification Optional Trace transmit and receive of NOTIFICATION packets open Optional Trace transmit and receive of OPEN packets refresh Optional Traces transmit and receive of ROUTE REFRESH packets updates Optional Traces transmit and receive of UPDATE packets in Optional Trace received packets out Optional Trace sent packets Default Configuration Debug tracing is...

Page 2042: ... bgp 10 27 21 142 events debug ip dvmrp Use the debug ip dvmrp to trace DVMRP packet reception and transmission The receive option traces only received DVMRP packets and the transmit option traces only transmitted DVMRP packets When neither keyword is used in the command all DVMRP packet traces are dumped Vital information such as source address destination address control packet type packet lengt...

Page 2043: ...command then all IGMP packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable IGMP traces Syntax debug ip igmp packet receive transmit no debug ip igmp packet receive transmit Default Configuration Di...

Page 2044: ...ket receive transmit Default Configuration Display of MDATA traces is disabled by default Command Mode Privileged Exec mode User Guidelines Debug output should be enabled with caution Switch behavior may be adversely affected by the additional processing load incurred from enabling debug Example console debug ip mcache packet debug ip pimdm packet Use the debug ip pimdm packet command to trace PIM...

Page 2045: ...le debug ip pimdm packet debug ip pimsm packet Use the debug ip pimsm command to trace PIMSM packet reception and transmission The receive option traces only received PIMSM packets and the transmit option traces only transmitted PIMSM packets When neither keyword is used in the command then all PIMSM packet traces are dumped Vital information such as source address destination address control pack...

Page 2046: ...the debug ipv6 dhcp command to display debug information about DHCPv6 client activities and to trace DHCPv6 packets to and from the local DHCPv6 client To disable debugging use the no form of the command Syntax debug ipv6 dhcp no debug ipv6 dhcp Default Configuration Debugging for the DHCP for IPv6 is disabled by default Command Mode Privileged Exec User Guidelines This command enabled DHCPv6 pack...

Page 2047: ...ayed on the console Syntax debug ipv6 mcache packet receive transmit no debug ipv6 mcache packet receive transmit Default Configuration Display of MDATA traces is disabled by default Command Mode Privileged Exec mode User Guidelines Debug output should be enabled with caution Switch behavior may be adversely affected by the additional processing load incurred from enabling debug Example console de...

Page 2048: ...ior may be adversely affected by the additional processing load incurred from enabling debug Example console debug ipv6 mld packet debug ipv6 pimdm Use the debug ipv6 pimdm command to trace PIMDMv6 packet reception and transmission The receive option traces only received PIMDMv6 packets and the transmit option traces only transmitted PIMDMv6 packets When neither keyword is used in the command then...

Page 2049: ...on and transmission The receive option traces only received PIMSMv6 packets and the transmit option traces only transmitted PIMSMv6 packets When neither keyword is used in the command then all PIMSMv6 packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed o...

Page 2050: ...e command then all ISDP packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable ISDP tracing Syntax debug isdp packet receive transmit no debug isdp packet receive transmit Default Configuration Displ...

Page 2051: ...onal processing load incurred from enabling debug Example console debug lacp packet debug mldsnooping Use the debug mldsnooping command to trace MLD snooping packet reception and transmission The receive option traces only received MLD snooping packets and the transmit option traces only transmitted MLD snooping packets When neither keyword is used in the command then all MLD snooping packet trace...

Page 2052: ... Example console debug mldsnooping debug ospf Use the debug ospf command to enable tracing of OSPF packets received and transmitted by the switch Use the no form of this command to disable tracing of OSPF packets Use of the optional VRF parameter executes the command within the context of the VRF specific routing table Syntax debug ospf packet vrf vrf name no debug ospf packet vrf name The name of...

Page 2053: ...dditional processing load incurred from enabling debug Example console debug ospf packet debug ospfv3 Use the debug ospfv3 command to enable tracing of OSPFv3 packets received and transmitted by the switch Use the no form of this command to disable tracing of OSPFv3 packets Syntax debug ospfv3 packet no debug ospfv3 packet Default Configuration Display of OSPFv3 traces is disabled by default Comma...

Page 2054: ...ame no debug ping packet vrf name The name of the VRF associated with the routing table context used by the command If no vrf is specified the global routing table context is used Default Configuration Display of ICMP echo traces is disabled by default Command Mode Privileged Exec mode User Guidelines The VRF identified in the parameter must have been previously created or an error is returned Onl...

Page 2055: ...rip packet Default Configuration Display of RIP traces is disabled by default Command Mode Privileged Exec mode User Guidelines Debug output should be enabled with caution Switch behavior may be adversely affected by the additional processing load incurred from enabling debug Example console debug rip packet debug sflow Use the debug sflow command to enable sFlow debug packet trace Use the no form...

Page 2056: ...ive option traces only received spanning tree BPDUs and the transmit option traces only transmitted BPDUs When neither keyword is used in the command all spanning tree BPDU traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of th...

Page 2057: ...e command to disable debugging Syntax debug udld packet receive transmit events no debug udld packet receive transmit events Packet Display transmitted and received UDLD packets Receive Debug packets received by the switch Transmit Debug packets transmitted by the switch Events Display UDLD events Default Configuration By default debugging is disabled Command Mode Privileged Exec mode User Guideli...

Page 2058: ...palive packets exchanged between the MLAG peer devices on the peer link peer link In error cases enables the debug traces for the control messages or data messages exchanged between the MLAG devices on the peer link peer detection Enables the debug traces dual control plane detection protocol Traces are seen when DCPDP state changes occur enable disable peer detected core Displays the MLAG core me...

Page 2059: ...s Debug output should be enabled with caution Switch behavior may be adversely affected by the additional processing load incurred from enabling debug exception core file Use the exception core file command to configure the core dump file name Use the no form of the command the reset the core file name to the default Syntax exception core file file name hostname time stamp time stamp hostname no e...

Page 2060: ...y to succeed An average core file is around 450 KB Example copy times are as follows TFTP 13mins different subnet USB 3 mins Administrators should ensure that a cleanly formatted USB flash drive of at least 1G is used for collection of a the full core dump Example This example enables core dumps to a TFTP server 10 27 9 1 reachable over the out of band port The core file is written to the dumps di...

Page 2061: ...The user id configured on the FTP server requires a password file path The directory to prepend to the core file name protocol dhcp Obtain the out of band port address via DHCP for core dump transfer protocol static Use a statically assigned address for core dump transfer Default Configuration Debug core dumps are disabled by default The out of band port attempts to retrieve an IP address via DHCP...

Page 2062: ...uring crash dump transfer In addition for the purposes of transferring the core file to the server a unique MAC address is assigned to the stack unit As crash dump retrieval is not reliable on the front panel ports the TFTP and FTP parameters are not available on the N1100 ON N2100 ON N1500 N2000 Series switches Use the USB crash dump capability instead Example This example enables core dumps to a...

Page 2063: ...Core dumps are disabled Stack ip address parameters ipv4 address The address used by the of the out of band port of the switch during crash dump transfer netmask The netmask for use with the ip address for core dump transfer gateway The default gateway to use on the out of band port for core dump transfer protocol dhcp Obtain the out of band port address via DHCP for core dump transfer protocol st...

Page 2064: ... 27 9 1 reachable over the out of band port The core file is written to the dumps directory and the name includes the host name of the switch and the switch TOD console config exception dump tftp server 10 27 9 1 file path dumps console config exception core file Core hostname time stamp console config exception protocol tftp This example enables core dumps to a USB flash drive The core file is wr...

Page 2065: ... registers Syntax exception switch chip register no exception switch chip register Default Configuration By default switch register dumps are disabled Command Modes Global Configuration mode User Guidelines This option should only be used under the direction of Dell support personnel Switch registers are captured to the local file system ip http timeout policy Use the ip http timeout policy comman...

Page 2066: ...rs may close existing sessions The idle timeout closes sessions in which no activity is detected e g no commands are entered The life timeout specifies the maximum number of seconds a session will be kept open from the time the session was established Times are approximate Use this command to establish an access policy which maximizes throughput or minimizes response time for new connections For m...

Page 2067: ...on This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines Enabled packet tracing configurations are displayed Example console show debugging Authentication manager all debug traces enabled on Gi1 0 1 ...

Page 2068: ...Modes Privileged Exec mode all show modes User Guidelines An exception log or core dump file is generated in the rare event that the switch firmware fails Dell support personnel may ask administrators to provide the exception log information to assist in issue resolution Parameter Description Coredump file name Core dump file name Coredump filename uses hostname Core file name includes host name T...

Page 2069: ...ister False Compression mode TRUE Stack IP Address Protocol dhcp Stack IP Address IP Address Net Mask Gateway Assigned Unit show supported mibs Use the show supported mibs command to display the implemented SNMP MIBs Syntax show supported mibs File path File path for TFTP or FTP server Protocol Exception protocol TFTP USB Core default none Switch chip register Include register dump True or False C...

Page 2070: ... RFC3273 HC ALARM MIB Initial version of the High Capacity Alarm MIB module This version published as RFC 3434 HCNUM TC A MIB module containing textual conventions for high capacity data types DELL REF MIB DELL Reference SNMP COMMUNITY MIB This MIB module defines objects to help support coexistence between SNMPv1 SNMPv2 and SNMPv3 SNMP FRAMEWORK MIB The SNMP Management Architecture MIB SNMP MPD MI...

Page 2071: ...prise OID pertaining to DNS Client control configuration DELL DENIALOFSERVICE PRIVATE MIB The DELL Private MIB for DELL Denial of Service DELL GREENETHERNET PRIVATE MIB The MIB definitions for DELL Green Ethernet Feature DELL DEVICE FILESYSTEM MIB The DELL Private MIB for DELL DeviceFileSystem DELL KEYING PRIVATE MIB The DELL Private MIB for DELL Keying Utility LLDP MIB Management Information Base...

Page 2072: ...ule for managing Priority and Multicast Filtering defined by IEEE 802 1D 1998 RFC 2674 Q BRIDGE MIB The VLAN Bridge MIB module for managing Virtual Bridged Local Area Networks RFC 2737 ENTITY MIB Entity MIB Version 2 RFC 2863 IF MIB The Interfaces Group MIB using SMIv2 RFC 3635 Etherlike MIB Definitions of Managed Objects for the Ethernet like Interface Types DELL SWITCHING MIB DELL Switching Laye...

Page 2073: ...he OSPF Version 2 Protocol RFC 2787 VRRP MIB Definitions of Managed Objects for the Virtual Router Redundancy Protocol DELL ROUTING MIB DELL Routing Layer 3 IP FORWARD MIB The MIB module for the management of CIDR multipath IP Routes IP MIB The MIB module for managing IP and ICMP implementations but excluding their management of IP routes DELL LOOPBACK MIB The DELL Private MIB for DELL Loopback RF...

Page 2074: ... ICMP MIB Management Information Base for IP Version 6 ICMPv6 Group RFC 3419 TRANSPORT ADDRESS MIB Textual Conventions for Transport Addresses DELL ROUTING6 MIB The DELL Private MIB for DELL IPv6 Routing DELL DHCP6SERVER PRIVATE MIB The DELL Private MIB for DELL DHCPv6 Server Relay DELL IPV6 LOOPBACK MIB The DELL Private MIB for DELL Loopback IPV6 address configuration DELL IPV6 TUNNEL MIB The DEL...

Page 2075: ...the core file configuration Syntax write core test dest file name dest file name The file name used if a tftp server is configured with the exception dump tftp server command The dest file name parameter overrides the file name parameters configured with the exception core file command Default Configuration This command has no default configuration Command Modes Privileged Exec mode User Guideline...

Page 2076: ...strator regarding the status Example console write core The system has unsaved changes Would you like to save them now y n n Configuration Not Saved This operation will reboot the device Are you sure you want to create coredump y n y Thu Jan 1 00 17 35 1970 pgid 577 pid 577 name syncdb signal 11 Call Trace depth 3 0xb6faf7dc 0xb6fafc60 0xb6ef742c 188 Jan 1 00 17 36 10 27 22 174 1 General 80499188 ...

Page 2077: ...r analysis The traffic samples sent to the Collector contain the source ifIndex and for switched packets the destination ifIndex The sFlow Agent supports two forms of sampling statistical packet based sampling of switched or routed Packet Flows and time based sampling of counters Commands in this Section This section explains the following commands sflow destination Use the sflow destination comma...

Page 2078: ...ntity string must be set before assigning a receiver to a sampler or poller Range 1 127 characters rcvr_timeout The time in seconds remaining before the sampler or poller is released and stops sending samples to the receiver Setting a value of 0 for the timeout value permanently configures the sflow receiver Use the no form of the command to remove permanently configured receivers A management ent...

Page 2079: ...on 30 30 30 1 560 sflow polling Use the sflow polling command to enable a new sflow poller instance for this data source if rcvr_idx is valid An sflow poller sends counter samples to the receiver Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling gigabitethernet tengigabitethernet fortygigabitethernet interface list poll interval no sflow rcv...

Page 2080: ...low poller sends counter samples to the receiver Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling poll interval no sflow rcvr index polling rcvr index The sFlow Receiver associated with the poller Range 1 8 poll interval The sFlow instance polling interval A poll interval of 0 disables counter sampling A value of n means once in n seconds a...

Page 2081: ...ex The sFlow Receiver for this sFlow sampler to which flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver times out then all samplers associated with the receiver will also expire Range 1 8 interface list The list of interfaces to poll in unit slot port format sampling rate The statistical sampling rate for packet ...

Page 2082: ...f rcvr_idx is valid Use the no form of this command to reset sampler parameters to the default Syntax sflow rcvr index sampling sampling rate size no sflow rcvr index sampling rcvr index The sFlow Receiver for this sFlow sampler to which flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver expires then all samplers ...

Page 2083: ...flow source interface command to select the interface from which to use the IP address inserted in the source IP address field of transmitted sFlow packets Use the no form of the command to revert to the default IP address Syntax sflow source interface loopback loopback id vlan vlan id out of band tunnel tunnel id no sflow source interface loopback id A loopback interface identifier vlan id A VLAN...

Page 2084: ...tion mode That IP address is used as the source interface address for this function The out of band parameter is only available on switches so equipped Example console conf console config interface vlan 1 console config if vlan1 ip address dhcp console config if vlan1 exit console config sflow source interface vlan 1 show sflow agent Use the show sflow agent command to display the sflow agent info...

Page 2085: ...lt Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following fields are displayed sFlow Version Uniquely identifies the version and implementation of this MIB The version string must have the following structure MIB Version Organization Software Revision where MIB Version 1 3 the ...

Page 2086: ...Receiver associated with the poller Range 1 8 interface list The list of interfaces to poll in unit slot port format Owner String The identity string for receiver the entity making use of this sFlowRcvrTable entry Time Out The time in seconds remaining before the receiver is released and stops sending samples to sFlow receiver IP Address The destination IP address the sFlow receiver host Address T...

Page 2087: ...ay the sFlow sampling instances created on the switch Syntax show sflow rcvr index sampling gigabitethernet tengigabitethernet fortygigabitethernet interface list rcvr index The sFlow Receiver associated with the poller Range 1 8 interface list The list of interfaces on which data is sampled Poller Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physic...

Page 2088: ...urce interface Use the show sflow source interface command to display the assigned sFlow source interface Syntax show sflow source interface Default Configuration This command has no defaults Sampler Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver configured for this sFlow sampler Packet Sampling Rat...

Page 2089: ...port configuration of a single IP address in interface vlan configuration mode That IP address is used as the source interface address for this function Example console conf console config interface out of band console config if vlan1 ip address dhcp console config if vlan1 exit console config sflow source interface out of band console config show sflow source interface sFlow Client Source Interfa...

Page 2090: ...k control station to retrieve reports from the networked device These reports are based upon the defined objects in the MIB The agent queries reports and sets MIB variables based upon directions from the network control station or upon preset conditions Dell EMC Networking supports IPv4 SNMP access Only IPv4 SNMP hosts and users may be configured Commands in this Section This section explains the ...

Page 2091: ...ty String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su Default Super 172 17 1 1 Community String Group nameIP address publicuser groupAll Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Community Version UDP Filter TO Retries Port name Sec 192 122 173 42 Trap public2 162 filt1 15...

Page 2092: ...Syntax show snmp engineid Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the SNMP engine ID console show snmp engineID Local SNMP engineID 08009009020C0B099C075878 show snmp filters Use the show snmp f...

Page 2093: ...The following examples display the configuration of filters with and without a filter name specification console show snmp filters Name OID Tree Type user filter1 1 3 6 1 2 1 1 Included user filter1 1 3 6 1 2 1 1 7 Excluded user filter2 1 3 6 1 2 1 2 2 1 1 Included console show snmp filters user filter1 Name OID Tree Type user filter1 1 3 6 1 2 1 1 Included user filter1 1 3 6 1 2 1 1 7 Excluded sh...

Page 2094: ...s Example The following examples display the configuration of views console show snmp group Field Description Name Name of the group Security Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet with encryption Applicable only to SNMP Version 3 security model Views Read A string that is the name of the view that enables you only to view the contents of the agent If unspeci...

Page 2095: ... NoAuth NoPriv Default Default Default DefaultWrite V3 NoAuth NoPriv Default Default Default DefaultWrite V3 Auth NoPriv Default Default Default DefaultWrite V3 Auth Priv Default Default Default Command History The example was updated in release 6 4 show snmp user Use the show snmp user command to display the configuration of users Syntax show snmp user username username Specifies the name of the ...

Page 2096: ... the user name specified Console show snmp user Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106 john user group SHA DES 800002a20300fce3900106 Console show snmp users bob Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106 show snmp views Use the show snmp views command to display the configuration of...

Page 2097: ... portal vrf name The name of an existing VRF instance ospf Display OSPFv2 specific trap settings ospfv3 Display OSPFv3 specific trap settings captive portal Display captive portal specific trap settings Default Configuration There is no default configuration for this command Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes console show snmp views Name OID ...

Page 2098: ...s Enable VRRP trap Enable ACL Traps Enable BGP Traps Disable DVMRP Traps Disable OSPFv2 Traps Disable PIM Traps Disable OSPFv3 traps Disable CP Traps Disable Example 2 console show trapflags ospf OSPFv2 traps Disabled errors all Disabled lsa all Disabled overflow all Disabled retransmit all Disabled state change all Disabled snmp server community Use the snmp server community command in Global Con...

Page 2099: ...ormation on views see the User Guidelines below Range 1 30 characters Default Configuration No community is defined Default to read only access if not specified Command Mode Global Configuration mode User Guidelines You can not specify viewname for su which has an access to the whole MIB You can use the view name to restrict the access rights of a community string When it is specified An internal ...

Page 2100: ... 20 snmp server community group Use the snmp server community group command in Global Configuration mode to map the internal security name for SNMP v1 and SNMP v2 security models to the group name To remove the specified community string use the no form of this command Syntax snmp server community group community string group name ipaddress ip address community string Community string that acts li...

Page 2101: ...up console config snmp server community group dell_community dell_group ipaddress 192 168 29 1 snmp server contact Use the snmp server contact command in Global Configuration mode to set up a system contact sysContact string To remove the system contact information use the no form of the command Syntax snmp server contact text no snmp server contact text Character string 1 to 255 characters descri...

Page 2102: ...aptive portal cp type cpu dot1q dvrmp link port security trap rate multiple users vrf vrf name ospf ospftype ospfv3 ospfv3type pim poe snmp authentication spanning tree vrrp cp type all client auth failure client connect client db full client disconnect vrf name The name of a VRF instance for OSPF traps ospftype all errors all authentication failure bad packet config error virt authentication fail...

Page 2103: ...econds buffers Enables sending of a trap on the internal message buffer count exceeding the rising threshold cpu threshold Enables sending of a trap on the CPU occupancy exceeding the rising threshold multiple users Enable sending a trap when multiple logins are active link Enable sending a trap when a link interface transitions to the active state or the inactive state violation Enable sending a ...

Page 2104: ...the description of the Global Configuration mode process cpu command for setting the rising and falling thresholds for the sending of the CPU occupancy trap Command History Introduced in version 6 2 0 1 firmware Example The following example displays the options for the snmp server enable traps command console config snmp server enable traps cr Press enter to execute the command acl Enable Disable...

Page 2105: ...local command in Global Configuration mode to specify the Simple Network Management Protocol SNMP engine ID on the local device To remove the configured engine ID use the no form of this command Syntax snmp server engineID local engineid string default no snmp server engineID local engineid string The character string that identifies the engine ID The engine ID is a concatenated hexadecimal string...

Page 2106: ... to an MD5 or SHA security digest This digest is based on both the password and the local engine ID The command line password is then deleted and is not stored on the switch as required by RFC 2274 Because of this deletion if the local value of engineID changes the security digests of SNMPv3 users will be invalid and the users will have to be reconfigured Example The following example configures t...

Page 2107: ...r lines take precedence when an object identifier is included in two or more lines The filter name may include any printable characters except a question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the e...

Page 2108: ...sion 3 security model noauth Indicates no authentication of a packet Applicable only to the SNMP Version 3 security model auth Indicates authentication of a packet without encrypting it Applicable only to the SNMP Version 3 security model priv Indicates authentication of a packet with encryption Applicable only to the SNMP Version 3 security model contextname Provides different views of the system...

Page 2109: ...hen the argument specified in this command points to first view name in the table Example The following example attaches a group called user group to SNMPv3 and assigns to the group the privacy security level and read access rights to a view called user view console config snmp server view user view iso included console config snmp server group user group v3 priv read user view snmp server host Us...

Page 2110: ... an inform request The default is 3 attempts Range 1 255 port UDP port of the host to use The default is 162 Range 1 65535 filtername A string that is the name of the filter that defines the filter for this host If unspecified does not filter anything Range 1 30 characters Default Configuration The default configuration is 3 retries and 15 seconds timeout This command is disabled by default No not...

Page 2111: ...server location text Character string describing the system location Range 1 to 255 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The location string may contain embedded blanks if enclosed in quotes Any printable character is allowed in the string Example The following example sets the device location as New_York ...

Page 2112: ...the remote management station and should be defined to enable the device to receive acknowledgments to informs Range 5 32 characters auth md5 HMAC MD5 96 authentication mode auth sha HMAC SHA 96 authentication mode password A password Range 1 to 32 characters auth md5 key HMAC MD5 96 authentication message digest key Enter a pre generated MD5 key auth sha key HMAC SHA 96 authentication message dig...

Page 2113: ...in length Default Configuration No user entry exists Command Mode Global Configuration mode User Guidelines If the SNMP local engine ID is changed configured users will no longer be able to connect and will need to be re configured deleted from the configuration and added back Use of MD5 authentication in conjunction with AES privacy is discouraged as it results in a weak cypher Utilize SHA authen...

Page 2114: ...tree Specifies the object identifier of the ASN 1 subtree to be included or excluded from the view To identify the subtree specify a text string consisting of numbers such as 1 3 6 2 4 or a word such as system Replace a single subidentifier with the asterisk wild card to specify a subtree family for example 1 3 4 included Indicates that the view type is included excluded Indicates that the view ty...

Page 2115: ... user view system 7 excluded console config snmp server view user view ifEntry 1 included console config snmp server view A beautiful view 1 1 2 1 included snmp server v3 host Use the snmp server v3 host command in Global Configuration mode to specify the recipient of Simple Network Management Protocol Version 3 SNMPv3 notifications To remove the specified host use the no form of this command Synt...

Page 2116: ...red to send traps The default is 3 attempts Range 0 255 retries port UDP port of the host to use The default is 162 Range 1 65535 filtername A string that is the name of the filter that define the filter for this host If unspecified does not filter anything Range 1 30 characters Default Configuration The default configuration is 3 retries and 15 seconds timeout Command Mode Global Configuration mo...

Page 2117: ...e interface from which to use the IP address in the source IP address field of transmitted SNMP traps and informs Use the no form of the command to revert to the default IP address Syntax snmp server source interface loopback loopback id vlan vlan id no snmp server source interface loopback id A loopback interface identifier vlan id A VLAN identifier Default Configuration By default the switch use...

Page 2118: ...s Dell EMC N1100 ON switches support configuration of a single IP address in interface vlan configuration mode That IP address is used as the source interface address for this function Command History Introduced in version 6 3 0 1 firmware Example console conf console config interface vlan 1 console config if vlan1 ip address dhcp console config if vlan1 exit console config snmp server source inte...

Page 2119: ...la consent support assist accept reject support assist Enter the keyword support assist to either accept or reject the EULA for the SupportAssist service accept Accepts the EULA for the specified service reject Rejects the EULA for the specified service Default Configuration The default is eula consent support assist accept Command Mode Global Configuration eula consent proxy ip address contact co...

Page 2120: ...portAssist also collects and stores machine diagnostic information which may include but is not limited to configuration information user supplied contact information names of data volumes IP addresses access control lists diagnostics performance information network configuration information host server configuration performance information and related data Collected Data and transmits this inform...

Page 2121: ...any Use the contact company command to configure the contact information to be sent to the SupportAssist server Use the no form of the command to remove the contact information Syntax contact company name company street address streetaddress address city city country country postcode postcode company The company for the technical contact person Maximum of 256 printable characters streetaddress The...

Page 2122: ...act company name Dell Inc street address 5 Round Rock Way city Round Rock TX country USA postcode 78665 contact person Use the contact person command to configure the contact information to be sent to the SupportAssist server Use the no form of the command to remove the contact information Syntax contact person first firstname last lastname email address primary emailaddress phone phone number pre...

Page 2123: ...transmitted to Dell if the SupportAssist service is enabled This command can be executed multiple times It overwrites the previous information each time The collected information is stored in the running config The administrator must write the configuration in order to persist it across reboots Command History Introduced in version 6 3 0 1 firmware Example The following example console config supp...

Page 2124: ...ain Command History Introduced in version 6 3 0 1 firmware Example console config support assist console conf support assist server New Server console conf support assist NewServer enable proxy ip address Use the proxy ip address command to configure a proxy server to be used to contact the SupportAssist servers Use the no form of the command to remove the proxy server information Syntax proxy ip ...

Page 2125: ...crypted passwords must be 128 characters in length Default Configuration By default no proxy is configured By default passwords are entered as unencrypted and are always displayed and stored encrypted Command Mode Support Assist Configuration User Guidelines Passwords are always stored and displayed as encrypted even if entered in unencrypted format Command History Introduced in version 6 3 0 1 fi...

Page 2126: ...uration User Guidelines The server name is used as a reference only and is not required to be used as part of a URL definition Up to four additional servers may be configured Use the exit command to exit from Support Assist Server configuration mode Command History Introduced in version 6 3 0 1 firmware Example console config support assist console conf support assist server default console conf s...

Page 2127: ...ver configuration performance information and related data Collected Data and transmits this information to Dell By downloading SupportAssist and agreeing to be bound by these terms and the Dell end user license agreement available at http www dell com aeula you agree to allow Dell to provide remote monitoring services of your IT environment and you give Dell the right to collect the Collected Dat...

Page 2128: ...support assist status Default Configuration This command has no defaults Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines There are no guidelines for this command Command History Introduced in version 6 3 0 1 firmware Example console show support assist status SupportAssist Enabled SupportAssist Server https stor g3 ph dell com resolved EUL...

Page 2129: ...ator Command Mode Global Configuration User Guidelines This command enters support assist conf mode It allows the administrator to configure SupportAssist information The configured information is stored in the running config Use the write command to save the information into the startup config Command History Introduced in version 6 3 0 1 firmware Examples Example 1 In this example the SupportAss...

Page 2130: ...ing for the URL using one of the following formats http username password hostip portNum filepath https username password hostip portNum filepath Default Configuration By default no URL is configured Command Mode Support Assist Configuration User Guidelines The hostip for the server may be specified as an IPv4 address an IPv6 address or as a DNS hostname If using the DNS hostname the DNS resolver ...

Page 2131: ...Switch Management Commands 2131 console config support assist console conf support assist server new console conf support assist new url https stor g3 ph dell com ...

Page 2132: ...ommand line interface commands issued on the system The command log messages are stored with the other system logs and provide the system operators with a detailed log of the commands executed CLI command logging is configured through any of the Dell EMC Networking management interfaces When the feature is enabled all CLI commands are logged using the existing logging service By default CLI comman...

Page 2133: ...I command log subsystem also logs all user log out instances The format of the log message is 190 JAN 10 19 01 04 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 382 CLI admin 10 27 21 22 User has logged out Commands in this Section This section explains the following commands clear logging Use the clear logging command to clear messages from the internal logging buffer clear logging logging ...

Page 2134: ...ple The following example clears messages from the internal syslog message logging buffer console clear logging Clear logging buffer y n clear logging file Use the clear logging file command to clear messages from the logging file Syntax clear logging file Default Configuration There is no default configuration for the command Command Mode Privileged Exec User Guidelines This command has no user g...

Page 2135: ...the syslog server Range 1 64 characters Default Configuration This command has no default value Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the description of the server Example The following example sets the syslog server description console config logging description syslog server 1 level Use the l...

Page 2136: ...l for SYSLOG messages Debug level messages are intended for use by support personnel The output is voluminous cryptic and because of the large number of messages generated can adversely affect switch operations Only set the logging level to debug under the direction of support personnel Example The following example sets the SYSLOG message severity level to alert console config logging level alert...

Page 2137: ... 10 18 59 09 10 27 21 22 2 CMDLOGGER 209809328 cmd_logger_api c 83 367 CLI EIA 232 configure 190 JAN 10 18 59 17 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 369 CLI EIA 232 Access level of user admin has been set to 15 189 JAN 10 18 59 19 10 27 21 22 2 CMDLOGGER 209809328 cmd_logger_api c 83 370 CLI EIA 232 exit 189 JAN 10 18 59 22 10 27 21 22 2 CMDLOGGER 209809328 cmd_logger_api c 83 371...

Page 2138: ... host name when specified in double quotes For example snmp server v3 host host name anon Use anonymous authentication that is anonymous mode with no authentication x509 Use mutual authentication both client and server side An optional certificate index can be used to identify a specific server and client certificate pair Default Configuration When enabling x509 authentication a default non indexe...

Page 2139: ...to the severity See below for more information on severity Timestamp The system up time For systems that use SNTP this is UTC When time zones are enabled local time will be used Host IP Address The IP address of the local system Stack ID The assigned stack ID 1 is used for systems without stacking capability The top of stack is used to collect messages for the entire stack Component Name Component...

Page 2140: ...mmand Mode Global Configuration Example console config logging audit logging buffered Use the logging buffered command in Global Configuration mode to limit syslog messages displayed from an internal buffer based on severity To cancel the buffer use use the no form of this command Line Number The line number which contains the invoking macro Sequence Number The message sequence number for this sta...

Page 2141: ...er Guidelines All the syslog messages are logged to the internal buffer This command limits the commands displayed to the user Debug level messages are intended for use by support personnel The output is voluminous cryptic and because of the large number of messages generated can adversely affect switch operations Only set the logging level to debug under the direction of support personnel Example...

Page 2142: ...0 emergencies 1 alerts 2 critical 3 errors 4 warnings 5 notifications 6 informational 7 debugging Default Configuration The default console logging severity is emergencies Command Mode Global Configuration mode User Guidelines Messages at the selected level and above numerically lower are displayed on the console Debug level messages are intended for use by support personnel The output is volumino...

Page 2143: ...acility that will be indicated in the message Range local0 local1 local2 local3 local4 local5 local6 local7 Default Configuration The default logging facility is local7 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the logging facility as local3 console config logging facility local3 logging file Use the logging file c...

Page 2144: ...ty level is emergencies Command Mode Global Configuration mode User Guidelines Debug level messages are intended for use by support personnel The output is voluminous cryptic and because of the large number of messages generated can adversely affect switch operations Only set the logging level to debug under the direction of support personnel Example The following example limits SYSLOG messages st...

Page 2145: ...nge 0 emergencies 1 alerts 2 critical 3 errors 4 warnings 5 notifications 6 informational 7 debugging Default Configuration The default logging monitor severity level is warnings By default logging messages are not displayed on SSH or telnet sessions no logging monitor warnings Logging messages are displayed by default on console sessions serial and out of band ports Command Mode Global Configurat...

Page 2146: ...ages to the various destinations such as the logging buffer logging file or syslog server Logging on and off for these destinations can be individually configured using the logging buffered logging file and logging server global configuration commands However if the logging on command is disabled no messages are sent to these destinations In this case only the console will continue to receive logg...

Page 2147: ... time zone must be configured for the system to generate RFC5424 log messages with the time zone included Example This example set the logging message format to RFC5424 DTLS is used for X509 configured SYSLOG servers if a certificate is available console config logging protocol 1 This example sets the logging message format to RFC3164 console config no logging protocol The following example shows ...

Page 2148: ... with timezone configured on the switch console config clock timezone 5 minutes 30 zone IST console config show clock 02 17 44 IST UTC 5 30 Dec 21 2014 Time source is Local console config 190 1 DEC 21 02 18 15 110 5 30 10 130 182 151 1 USER_MGR 249300304 user_mgr c 1789 13 User xyzt Failed to login because of authentication failures 189 1 DEC 21 02 18 15 110 5 30 10 130 182 151 1 TRAPMGR 249300304...

Page 2149: ...OG packets Use the no form of the command to revert to the default IP address Syntax logging source interface loopback loopback id tunnel tunnel id vlan vlan id out of band no logging source interface loopback id The name of a loopback interface tunnel id The name of a tunnel id vlan id A VLAN identifier out of band The out of band interface identifier Default Configuration By default the switch u...

Page 2150: ...if vlan1 exit console config logging source interface vlan 1 logging traps Use the logging traps command in Global Configuration mode to set the lowest severity level at which SNMP traps are logged To revert the urgent severity level to its default value use the no form of this command Syntax logging traps severity no logging traps severity If you specify a severity level log messages at or above ...

Page 2151: ...the severity level at which SNMP traps are logged and thus control whether traps appear in the buffered log or are e mailed and if they are e mailed whether traps are considered urgent or non urgent logging web session Use the logging web session command in Global Configuration mode to enable web session logging To disable use the no form of this command Syntax logging web session no logging web s...

Page 2152: ...e no form of the command Syntax port port no port port The port number to which SYSLOG messages are sent Range 1 65535 Default Configuration The default port number for UDP messages is 514 When DTLS is configured logging protocol 1 the default port number is 6514 Command Mode SYSLOG server configuration mode User Guidelines After entering the view corresponding to a specific SYSLOG server the comm...

Page 2153: ...ration submodes User Guidelines This command has no user guidelines Example The following example displays the state of logging and the SYSLOG messages stored in the internal buffer console show logging Logging is enabled Logging protocol version 1 Console Logging Level warnings Messages 1 logged 706 ignored Monitor Logging disabled Buffer Logging Level informational Messages 73 logged 634 ignored...

Page 2154: ...de Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the state of logging messages sorted in the logging file console show logging file Persistent Logging enabled Persistent Log Count 1 186 JAN 01 00 00 05 0 0 0 0 1 UNKN 268434928 bootos c 382 3 Event 0xaaaaaaaa show syslog servers Use the show syslog...

Page 2155: ...de Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays the SYSLOG server settings console show syslog servers IP address Port Severity Description 192 180 2 275 14 Info 7 192 180 2 285 14 Warning 7 Transport Type Authentication Certificate Index UDP TLS X509 5 TLS Anonymous terminal...

Page 2156: ...ystem messages to be displayed in a Telnet or SSH session Use the no terminal monitor command to disable the display of system messages on the terminal for Telnet and SSH sessions Use the logging monitor command to display logging messages in a Telnet or SSH session Terminal monitor and logging monitor are enabled on console sessions by default Example This example enables the display of system me...

Page 2157: ...e buffers process cpu threshold show nsf show tech support clear checkpoint statistics quit show power usage history show users clear counters stack ports reload show process app list show version connect service unsupported transceiver show process app resource list stack cut through mode set description show process cpu stack port disconnect slot show process proc list stack port shutdown exit s...

Page 2158: ...ines The asset tag command accepts any printable characters for a tag name except a question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following example specifies the swi...

Page 2159: ... of multiple lines Enter a quote to complete the message and return to configuration mode Up to 2000 characters may be entered into a banner Each line entered will consume an extra two characters to account for the carriage return and line feed Example console config banner exec banner text banner login Use the banner login command to set the message that is displayed just before the login prompt ...

Page 2160: ...s to account for the carriage return and line feed Different terminal emulators will exhibit different behaviors when logging in over SSH See the user guidelines for banner motd acknowledge for some examples Example console config banner login banner text banner motd Use the banner motd command to set the message that is displayed prior to logging into the switch Use no banner motd command to remo...

Page 2161: ...RTANT There is a power shutdown at 23 00hrs today duration 1 hr 30 minutes When the MOTD banner is executed the following displays IMPORTANT There is a power shutdown at 23 00hrs today duration 1 hr 30 minutes banner motd acknowledge The banner displayed on the console must be acknowledged if banner motd acknowledge is executed Enter y or n to continue to the login prompt If n is entered the sessi...

Page 2162: ...ocated in A2 and is currently under test SSH putty login as dellradius If you need to utilize this device or otherwise make changes to the configuration you may contact Kevin at x911 Please be advised this unit is under test by Kevin dellradius 192 168 12 84 s password Press y to continue within 30 seconds y n Welcome to the N3024 in the Bottom Chassis 192 168 12 190 This unit is located in A2 and...

Page 2163: ...s y n y Please be advised this unit is under test by Kevin User root Password Welcome to the N3024 in the Bottom Chassis 192 168 12 190 This unit is located in A2 and is currently under test N3024 C1 Example console config banner motd There is a power shutdown at 23 00hrs today duration 1 hr 30 minutes console config banner motd acknowledge When the MOTD banner is executed the following displays I...

Page 2164: ... rising threshold val is 80 The default falling threshold val is 50 The default severity level is NOTICE Command Mode Global Configuration User Guidelines Message buffers are used internally by the switch firmware to pass network PDUs This includes PDUs such as spanning tree BPDUs or multicast or unicast packets forwarded in software On rare occasions a packet storm may cause the switch to become ...

Page 2165: ...is command has no default configuration Command Mode Privileged Exec mode User Guidelines When nonstop forwarding is enabled on a stack the stack s management unit checkpoints operational data to the backup unit If the backup unit takes over as the management unit the control plane on the new management unit uses the checkpoint data when initializing its state Checkpoint statistics track the amoun...

Page 2166: ...console of a different stack member to the local unit The connect command allows administrations that deploy terminal servers to connect a single serial line to any stack member for administration of the stack via the console The network administrator can use the connect command to access the master unit console session when presented with a CLI unavailable message due to a master switchover Synta...

Page 2167: ...result of being connected to the local unit All security mechanisms applicable to the serial port remain in place Example Example 1 To connect to a remote stack member from master Stack Master connect 2 Remote session started Type exit to exit the session Unit 2 CLI unavailable please connect to master on Unit 1 Example 2 To connect to the stack master unit 1 below over a stack member serial port ...

Page 2168: ...console config cut through mode The mode enable is effective from the next reload of Switch Stack disconnect Use the disconnect command to detach a UI session Syntax disconnect session id all Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines This command forcibly logs out and disconnects a Telnet SSH HTTP or HTTPs session Use the show...

Page 2169: ...nd is available in User Exec mode on the master unit serial port and from the Unit prompt on member unit serial ports The user need not be currently connected over the serial port to connect to another unit The stack member being connected to must be up and running and connected as part of the stack Example Example 1 To disconnect a remote session to a stack member established from the stack manag...

Page 2170: ...re a 40G port in 4x10G mode or 1x40G mode Use the no form of the command to return the port to the default mode 1x40G Syntax hardware profile portmode 1x40g 4x10g no hardware profile portmode 1x40g Configure the port as a single 40G port using 4 lanes 4x10g Configure the port as four 10G ports each on a separate lane This mode requires the use of a suitable 4x10G to 1x40g pigtail cable Default Con...

Page 2171: ...mple snmp server v3 host host name Default Configuration No host name is configured Command Mode Global Configuration mode User Guidelines The hostname if configured is advertised in the LLDP system name TLV The hostname may include any printable characters except a question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of th...

Page 2172: ...he stack The backup unit takes over as the new management unit without clearing the hardware state on any of the stack members The original management unit reboots If the system is not ready for a warm restart for example because no backup unit has been elected or one or more members of the stack do not support nonstop forwarding the command fails with a warning message Use the standby command to ...

Page 2173: ...oaded Are you sure you want to failover to the backup unit y n load interval Use this command to load the interface utilization measurement interval Use the no form of this command to reset the duration to the factory default value Syntax load interval time no load interval time The number of seconds after which interface utilization is measured periodically The time has to be a multiple of 30 Ran...

Page 2174: ...n in seconds Range 1 3600 seconds Default Configuration Default value is 20 seconds Command Mode Privileged Exec User Guidelines When this command is executed on N1100 ON N1500 N2000 N2100 ON N3000 N3100 ON switches the front panel power supply 1 LED blinks On N4000 switches the back panel green Locator LED blinks The LED blinks until it times out The user may select a new time value while the LED...

Page 2175: ... be currently connected over the serial port to connect to another unit The stack member being connected to must be up and running and connected as part of the stack This command is an alias for the exit command Example Example 1 To disconnect a remote session to stack master established from a stack member Unit 2 CLI unavailable please connect to master on Unit 1 connect 1 Stack Master Stack Mast...

Page 2176: ...ed from the stack Range 1 12 switchindex The index into the database of the supported switch types indicating the type of the switch being preconfigured The switch index is obtained from the show supported switchtype command Default configuration This command has no defaults Command Mode Stack Configuration User Guidelines The switch index SID can be obtained by executing the show supported switch...

Page 2177: ...ration The default low memory notification is 0 MB The SYSLOG notification message is issued with severity NOTICE Command Mode Global Configuration User Guidelines Use the show memory cpu command to display the allocated and free memory Setting the threshold to 0 disables low memory notifications The traps and SYSLOG messages are suppressed if they occur more frequently than once a minute Command ...

Page 2178: ... Nonstop forwarding allows the forwarding plane of stack units to continue to forward packets while the control and management planes restart as a result of a power failure hardware failure or software fault on the stack management unit Example console config nsf ping Use the ping command to check the accessibility of the specified station on the network Use of the optional VRF parameter executes ...

Page 2179: ...e can be pinged If a source parameter is specified in conjunction with a VRF parameter it must be a member of the VRF The ipv6 parameter cannot be used with the vrf parameter interface id The interface over which a link local IPv6 address may be reached Only available when used with the IPv6 keyword repeat The number of ping packets to send Range 1 100 packets interval The time between Echo Reques...

Page 2180: ...versa The ipv6 parameter must be specified if an IPv6 address is entered Otherwise the command will interpret the IPv6 address as a hostname parameter The switch can be pinged from a remote IPv4 IPv6 host with which the switch is connected through the default VLAN VLAN 1 or another VLAN if configured as long as there is a physical path between the switch and the host Use the optional interface key...

Page 2181: ...ho request from VLAN 3 to 10 1 1 3 console ping 10 1 1 3 source vlan 3 The following example determines whether the loopback interface is reachable on the network at the IPv6 address specified console config ping ipv6 interface loopback 1 FE80 202 BCFF FE00 3068 Pinging fe80 21e c9ff fede b137 with 0 bytes of data Reply From fe80 21e c9ff fede b137 icmp_seq 0 time 10 msec Reply From fe80 21e c9ff ...

Page 2182: ...entage of CPU utilized over the period and ranges from 1 to 100 falling percentage The falling threshold value under which a trap will be issued and message logged This is a percentage of CPU utilized and ranges from 1 to 100 interval seconds The number of seconds in the exponential weighted moving average period multiple of 5 seconds Default Configuration The default rising threshold val is 0 The...

Page 2183: ...zation thresholds are not configured then the utilization for last 5 secs 1 minute and 5 minutes is displayed as before The CPU utilization for any given period is displayed in only after the first average has been calculated over the time period For instance the 5 minute average is shown only after the switch has been up for more than 5 minutes Additionally whenever a time period is configured fo...

Page 2184: ...o the stack master established from a stack member Unit 2 CLI unavailable please connect to master on Unit 1 connect 1 Stack Master Stack Master quit Unit 2 CLI unavailable please connect to master on Unit 1 Example 2 To disconnect a remote session to the stack master established from stack member Unit 2 CLI unavailable please connect to master on Unit 1 connect 1 Stack Master exit Stack Master qu...

Page 2185: ...ike to save them now y n n Configuration Not Saved Are you sure you want to reload the switch y n y Reloading management switch 1 Example Stack Port Errors The following example shows stack port errors detected by the command console reload Management switch has unsaved changes Are you sure you want to continue y n Warning Stack port errors detected on the following interfaces Interface Error Coun...

Page 2186: ...he SNMP trap generation on insertion or removal of an optic that is not qualified by Dell Command Mode Global Configuration mode User Guidelines The switch logs a message and generates a trap on inserting or removing an optics not qualified by Dell This command suppresses the above mentioned behavior Example The following example bypasses logging of a message and trap generation on inserting or re...

Page 2187: ...o configure a slot in the system The unit slot is the slot identifier of the slot located in the specified unit The cardindex is the index to the database of the supported card types see the command show supported cardtype indicating the type of card being preconfigured in the specified slot The card index is a 32 bit integer If a card is currently present in the slot that is unconfigured the conf...

Page 2188: ...cardindex no slot unit slot unit slot The slot identifier of the slot cardindex The index into the database of the supported card types see show supported cardtype indicating the type of card being preconfigured in the specified slot The card index is a 32 bit integer Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines The card index CI...

Page 2189: ...d has no default configuration Command Mode Privileged Exec Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show banner Banner Exec Line Console Enable Line SSH Disable Line Telnet Enable exec Banner Login Line Console Enable Line SSH Enable Line Telnet Disable login Banner MOTD Line Console Enable Line SSH Enable Line Te...

Page 2190: ...ive receive priority groups The receive priority groups are processed in strict priority order starting with the High group and proceeding down through the Mid0 Mid1 and Mid2 groups down to the Normal group Small numbers of buffer failures in the low priority groups Norm Mid2 Mid1 may occur without affecting system operation for example loss of an LLDP packet is not likely to cause any noticeable ...

Page 2191: ...on This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines When nonstop forwarding is enabled on a stack the stack s management unit checkpoints operational data to the backup unit If the backup unit takes over as the management unit the control plane on the new management unit uses the checkpointed data w...

Page 2192: ...Command Mode Privileged Exec Global Configuration mode and all Configuration submodes Default Configuration This command has no default configuration User Guidelines This command is not available on N1100 ON N1500 N2000 N2100 ON N3000 N3100 ON switches Example Console show cut through mode Current mode Enable Configured mode Disable This mode is effective on next reload show hardware profile Use t...

Page 2193: ... ON N3000 N3100 ON switches Examples console show hardware profile portmode Configured Running 40G Interface 10G Interfaces Mode Mode Fo1 0 1 Te1 0 25 28 1x40G 4x10G Fo1 0 2 Te1 0 29 32 1x40G 1x40G console show hardware profile portmode fo1 0 1 Configured Running 40G Interface 10G Interfaces Mode Mode Fo1 0 1 Te1 0 25 28 1x40G 4x10G show idprom interface Use this command to display the optics EEPR...

Page 2194: ...er ANF0L5J Dell Qualified Yes The following example shows the optic parameters but not the IDPROM content as the entered activation code in incorrect console show idprom interface tengigabitethernet 1 0 9 debug abc Type SFP Media 10GBASE LRM Serial Number ANF0L5J Dell Qualified Yes show interfaces Use the show interfaces command to display the traffic statistics for one or multiple interfaces If n...

Page 2195: ...k Status Up Keepalive Enabled True Err disable Cause None VLAN Membership Mode Trunk Mode VLAN Membership 1 2 3 101 113 813 3232 MTU Size 1518 Port Mode Duplex Full Port Speed 1000 Link Debounce Flaps 0 Auto Negotation Status Auto Burned MAC Address 001E C9DE B110 L3 MAC Address 001E C9DE B112 Sample load interval 300 Received Input Rate Bits Sec 784 Received Input Rate Packets Sec 1 Transmitted I...

Page 2196: ... Prf Po1 Active Gi1 0 1 Dynamic 7 1 Disabled Hash Algorithm Type 1 Source MAC VLAN EtherType source module and port Id 2 Destination MAC VLAN EtherType source module and port Id 3 Source IP and source TCP UDP port 4 Destination IP and destination TCP UDP port 5 Source Destination MAC VLAN EtherType source MODID port 6 Source Destination IP and source destination TCP UDP port show interfaces advanc...

Page 2197: ...sole show interfaces advanced firmware Port Revision Part number Te1 0 1 0x411 BCM8727 Te1 0 2 0x411 BCM8727 Te1 0 3 0x411 BCM8727 Te1 0 4 0x411 BCM8727 Te1 0 5 0x411 BCM8727 show interfaces utilization Use this command to display interface utilization Syntax show interfaces utilization interface id interface id A physical or port channel interface identifier Default Configuration There is no defa...

Page 2198: ...packets queued for transmission For the N1100 ON N2000 N2100 ON N3000 N3100 ON and N4000 switches the cell size is 208 bytes for the N1500 the cell size is 128 bytes If jumbo frames are enabled MTU 9200 the expected size of a single maximum length packet is 45 cells 9200 208 44 2 Allowing for a frame and a half to be buffered on average a value of 75 is perhaps more appropriate to consider as the ...

Page 2199: ...nal speed range 0 100 The utilization is derived by dividing the link speed by the number of bytes received averaged over the last sampling interval Rx PPS The received packets per second This value is the average number of packets received over the last sampling interval Tx PPS The transmitted packets per second This value is the average number of packets transmitted over the last sampling interv...

Page 2200: ...ation Port Load Oper Rx Tx Rx Tx Buffer Drop Interval Speed Util Util PPS PPS Size Count Gi1 0 1 300 10M 1 0 296 0 0 0 Gi1 0 2 300 1G 0 99 0 674500 938098 1102 Gi1 0 3 300 1G 0 15 0 112428 7 0 Gi1 0 4 300 0 0 0 0 1 0 0 Gi1 0 5 300 1G 37 0 249565 1 0 1 Gi1 0 6 300 1G 88 1 593560 3 0 0 Gi1 0 7 300 0 0 0 0 0 0 0 Gi1 0 8 300 0 0 0 0 1 0 0 show memory cpu Use the show memory cpu command to check the to...

Page 2201: ...ommand has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The Global Status Parameters for NSF are explained as follows Parameter Description Range Default NSF Administrative Status Whether nonstop forwarding is administratively enabled or disabled Enabled Disabled Enabled NSF Operational Status Indicates whether ...

Page 2202: ...ager to the backup manager and was unable to maintain user data traffic This is usually caused by multiple failures occurring close together Power On Administrative Move Warm Auto Restart Cold Auto Restart None Time Since Last Restart Time since the current management card became the active management card For the backup manager the value is set to 0d 00 00 00 Time Stamp 0d 00 00 00 Restart in pro...

Page 2203: ...l Next Copy 28 seconds Unit NSF Support 1 Yes 2 Yes 3 Yes show power usage history Use the show power usage history command to display the history of unit power consumption for the unit specified in the command and total stack power consumption Historical samples are not saved across switch reboots reloads Time Since Last Copy When the running configuration was last copied from the management unit...

Page 2204: ...plies Power draw is not measured at the interfaces This command is not available on the Dell EMC Networking N1100 ON Series switches Example console show power usage history 1 Sampling Interval sec 30 Total No of Samples to Keep 168 Current Power Consumption Watts 56 2 Sample Time Since Power Power No The Sample Consumption Consumption Was Recorded On This Unit Per Stack Watts Watts 3 00 00 00 13 ...

Page 2205: ...firmware Example console show process app list Admin Auto Running ID Name PID Status Restart Status 1 switchdrvr 280 Enabled Enabled Running Fields Description ID Application ID assigned by the Process Manager Name Application Name PID Application Linux Process ID Admin Status Flag indicating if the application is administratively enabled Auto Restart Flag indicating if the Process Manager should ...

Page 2206: ...mmand Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The following fields are displayed Fields Description ID Application ID assigned by the Process Manager Name Application Name PID Application Linux Process ID Memory limit Configured memory limit for the application in Megabytes CPU Share Configured CPU share in terms of percentage Memory Usage...

Page 2207: ...10MB 20 0MB 0MB show process cpu Use the show process cpu command to check the CPU utilization for each process currently running on the switch Syntax show process cpu Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines No specific guidelines Example console show process cpu Memor...

Page 2208: ... 0 00 0 06 0 05 4ed00e0 hapiRxTask 0 00 0 06 0 03 562e810 DHCP snoop 0 00 0 00 0 06 58e9bc0 Dynamic ARP Inspection 0 00 0 06 0 03 62038a0 dot1s_timer_task 0 00 0 00 0 03 687f360 dot1xTimerTask 0 00 0 06 0 07 6e23370 radius_task 0 00 0 00 0 01 6e2c870 radius_rx_task 0 00 0 06 0 03 7bc9030 spmTask 0 00 0 09 0 01 7c58730 ipMapForwardingTask 0 00 0 06 0 03 7f6eee0 tRtrDiscProcessingTask 0 00 0 00 0 01...

Page 2209: ...that started the process and the application ID assigned by the Process Manager The VRID is the virtual router with which this application is associated The VRID is 0 for processes associated with the default router and on platforms which do not support the virtual routing feature Child Flag indicating if this process is started directly by the Process Manager or if it is a child process started b...

Page 2210: ...ow sessions Use the show sessions command to display a list of the open sessions from remote hosts Syntax show sessions Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays a list of open sessions from remot...

Page 2211: ...obal Configuration mode and all Configuration submodes User Guidelines Switch slots are populated with cards see the show supported cardtype command below However not all slots are available to be externally populated Slots which may be populated in the field are marked as pluggable Field Description Session ID The session identifier Use with the disconnect command User Name The login ID associate...

Page 2212: ...d an error Admin State The slot administrative mode is enabled or disabled Power State The slot power mode is enabled or disabled Configured Card Model Identifier The model identifier of the card preconfigured in the slot Model identifier is a 32 character field used to identify a card Pluggable Cards are pluggable or non pluggable in the slot Parameter Description Inserted Card Model Identifier T...

Page 2213: ... into the database of the supported card types This index is used when preconfiguring a slot Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines If a card index is entered then the command displays information about specific card types supported in the system Card index values are...

Page 2214: ...orking N4064 5 Dell Networking N4064F 6 Dell QSFP Card 7 Dell SFP Card 8 Dell 10GBase T Card Command History Description updated in the 6 4 release Parameter Description Card Index CID The index into the database of the supported card types This index is used when preconfiguring a slot Card Model Identifier The model identifier for the supported card type Parameter Description Card Type The 32 bit...

Page 2215: ... Configuration mode and all Configuration submodes User Guidelines The switch SID is used when preconfiguring switches in a stack using the member command in config stack mode The following table describes the fields in the first example Field Description Switch Index SID This field displays the index into the database of supported switch types This index is used when preconfiguring a member to be...

Page 2216: ...witchtype 1 Switch Type 0xd8420001 Model Identifier N4032 Switch Description Dell Networking N4032 Supported Cards Slot 0 Card Index CID 1 Model Identifier Dell Networking N4032 Slot 1 Card Index CID 5 Model Identifier Dell QSFP Card Slot 1 Card Index CID 6 Model Identifier Dell SFP Card Slot 1 Field Description Switch Type This field displays the 32 bit numeric switch type for the supported switc...

Page 2217: ...nel stacking diagnostics for each port stack path Display the active path from one stacking unit to another From unit The unit from which the packets originate All Displays all unit paths To unit The unit to which the packets are sent stack standby Display the configured or automatically selected standby unit number Default Configuration This command has no default configuration Command Mode User ...

Page 2218: ...how supported switchtype command to display switch SIDs Use the show switch stack ports command to display details regarding stacking links Use the show switch stack ports stack path command to display the active path from one stacking unit to another Use the show slot command to display details regarding slot configuration Use the show sdm prefer command to display the SDM template configuration ...

Page 2219: ...witch Description This field displays the switch description Detected Code Version This field displays the version of code running on this switch If the switch is not present and the data is from preconfiguration the code version is None Detected Code in Flash This field displays the version of code that is currently stored in FLASH memory on the switch This code will execute after the switch is r...

Page 2220: ...ifier This field displays the model identifier of a preconfigured switch ready to join the stack The Model Identifier is a 32 character field assigned by Dell to identify the switch Plugged In Model Identifier This field displays the model identifier of the switch physically present in the stack The Model Identifier is a 32 character field assigned by Dell to identify the switch Switch Status This...

Page 2221: ...Stack Stack Link Up 21 Enabled Example All Units in the Stack This example displays information about all units in the stack console show switch Management Standby Preconfig Plugged in Switch Code SW Status Status Model ID Model ID Status Version 1 Mgmt Sw N3048 N3048 OK 6 0 0 0 Example Stacking Links Path This command tracks the path a packet may take when traversing stacking links The command sh...

Page 2222: ...ption Dell Networking N3048P Detected Code Version 6 0 0 0 Detected Code in Flash 6 0 0 0 SFS Last Attempt Status None Serial Number 13820M0230LF Up Time 0 days 3 hrs 1 mins 13 secs Example SDM Templates This example shows the SDM Mismatch value in the Switch Status field console config show switch Management Standby Preconfig Plugged in Switch Code SW Status Status Model ID Model ID Status Versio...

Page 2223: ...e show system System Description Dell Networking Switch System Up Time 0 days 03h 02m 30s System Contact System Name System Location Burned In MAC Address 001E C9DE B41B System Object ID 1 3 6 1 4 1 674 10895 3060 System Model ID N3048P Machine Type Dell Networking N3048P System Thermal Conditions Unit Temperature State Celsius 1 34 Good Temperature Sensors Unit Description Temperature Celsius 1 M...

Page 2224: ...esent show system fan Use the show system fan command to explicitly display the fan status Syntax show system fan Default Configuration This command has no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show system fan Fans Unit Description Status 1 F...

Page 2225: ...nfiguration mode and all Configuration submodes User Guidelines The tag information is on a switch by switch basis Example The following example displays the system service tag information console show system id Service Tag 13820M0230LF Serial Number 13820M0230LF Asset Tag none Unit Service tag Serial number Asset tag 1 13820M0230LF 13820M0230LF none show system power Use the show system power com...

Page 2226: ...ot available on the Dell EMC Networking N1100 ON Series switches Examples console show system power Power Supplies Unit Description Status Average Current Since Power Power Date Time Watts Watts 1 System OK 39 8 39 8 1 PS 1 Failure 1 PS 2 No Power N A N A 01 01 1970 00 00 00 show system temperature Use the show system temperature command to display information about the system temperature and fan ...

Page 2227: ...singly higher speeds for increasingly higher temperatures Above the High status upper limit the system is shut down Typically the shutoff temperature for the switch is 90 105 Variable C To avoid fan speed oscillation around a temperature limit a small hysteresis is added to the limit such that the temperature for increasing the fan speed is higher than the temperature for lowering the fan speed Th...

Page 2228: ...w lldp remote device all show interfaces counters errors show fiber ports optical transceiver show process cpu show iscsi sessions show ethernet cfm errors N4000 series only show power inline firmware version show version show interfaces transceiver properties Syntax show tech support bgp bgp ipv6 ospf ospfv3 bfd file usb bgp Show detailed information specific to BGP bgp ipv6 Show detailed informa...

Page 2229: ...ed firmware show lldp remote device all show interfaces counters errors show fiber ports optical transceiver show process cpu show iscsi sessions show ethernet cfm errors N4000 series only show power inline firmware version show version show interfaces transceiver properties Tech support files are named tech supportXXX txt where XXX is the date and time stamp of the form YYMMDDHHMMSS YY is the las...

Page 2230: ...working Switch System Model ID N4032 Machine Type Dell Networking N4032 Serial Number 0000 Manufacturer 0xbc00 Operating System Linux 2 6 32 9 Burned In MAC Address 0011 2233 4455 System Object ID 1 3 6 1 4 1 674 10895 3042 CPU Version XLP308H B2 SOC Version BCM56842_A1 HW Version 3 CPLD Version 17 unit active backup current active next active 1 6 0 0 0 none 6 0 0 0 6 0 0 0 Operating System Linux ...

Page 2231: ...ick console show tech support usb Command History Description updated in the 6 4 release show users Use the show users command to display information about the active users Syntax show users long Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines The command also shows which admi...

Page 2232: ...ow version Use the show version command in User Exec mode to displays the system version information Syntax show version unit unit The unit number Default Configuration This command has no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example console show version Ma...

Page 2233: ...backup current active next active 1 6 0 0 1 5 1 0 1 6 0 0 1 5 1 0 1 console show version 2 SOC Version BCM56842_B1 HW Version 1 CPLD Version 14 Unit Image 1 Image 2 Current Active Next Active 2 6 0 0 1 5 1 0 1 6 0 0 1 6 0 0 1 stack Use the stack command in Global Configuration mode to enter Stack Configuration mode Syntax stack Default Configuration This command has no default mode Command Mode Gl...

Page 2234: ...e config stack console config stack stack port Use the stack port command in Stack Configuration mode to configure ports as either Stacking ports or as Ethernet ports NOTE This command is only valid on the N1100 ON N1500 and N4000 switches It issues an error response if used on the N2000 N2100 ON N3000 ON or N3100 switches Syntax stack port fortygigabitethernet tengigabitethernet unit slot port et...

Page 2235: ...tches in a stack Fortygigabitethernet ports are only supported on the N4000 series switches Redundant stacking links between any two units must operate at the same speed A 40G port configured in 4x10G mode is considered to be operating at 10G speed Up to eight stack ports can be configured per stacking unit four in each direction The N4000 Series switches support up to twelve units configured in a...

Page 2236: ... stack is in an active ring topology in order to avoid a stack split Check the stack ports for errors and also verify that NSF is synced before shutting down any stacking links Application messages will appear in the logs during stack convergence This command persists across reboots therefore administrators should use this command with caution during stack upgrade procedures Example console config...

Page 2237: ... Range 1 6 maximum The range is limited to the number of units available on the stack Default Configuration The default configuration is to allow the software to automatically select a standby unit Command Mode Stack Configuration mode User Guidelines This unit comes up as the master when the stack failover occurs Use the no form of this command to reset to default in which case a standby is autom...

Page 2238: ... interfaces status output and no switch type will show for the Plugged in Model Id in the output of the show switch command This command may be executed on the stack master or a standalone unit This command reboots the renumbered switch After renumbering a switch it is important to let the master switch synchronize the NSF state before proceeding with additional stack management operations Use the...

Page 2239: ...tination host hostname Hostname of the destination host Range 1 158 characters port A decimal TCP port number keyword One or more keywords from the keywords table in the user guidelines see Keywords Table below Keywords Table Default Configuration port Telnet TCP port decimal 23 on the host Command Mode User Exec Privileged Exec mode Options Description debug Enable telnet debugging mode line Enab...

Page 2240: ...ze size source src ip address vlan vlan id loopback loopback id vrf name The name of the VRF associated with the routing table context used by the command If no vrf is specified the global routing table context is used ipaddress Valid IP address of the destination host hostname Hostname of the destination host Range 1 158 characters The command allows spaces in the host name when specified in doub...

Page 2241: ...ytes src ip address The IPv4 source address to use in the ICMP echo request packets vlan id A valid VLAN interface loopback id A configured loopback ID Default Configuration The default count is 3 probes The default interval is 3 seconds The default size is 0 data bytes The default port is 33434 The default initTtl is 1 hop The default maxTtl is 30 hops The default maxFail is 5 probes Command Mode...

Page 2242: ... 240 10 115 init ttl 1 max ttl 4 max fail 0 interval 1 count 3 port 33434 size 43 Traceroute to 10 240 10 115 4 hops max 43 byte packets 1 10 240 4 1 708 msec 41 msec 11 msec 2 10 240 10 115 0 msec 0 msec 0 msec Hop Count 1 Last TTL 2 Test attempt 6 Test Success 6 Command History Syntax updated in 6 4 release traceroute ipv6 Use the traceroute command to discover the routers that packets traverse ...

Page 2243: ...es receive a response to a probe then it sends the next probe immediately Range 1 60 seconds The default is 3 count The number of probes to be sent at each TTL level Range 1 10 port The destination UDP port of the probe This should be an unused port on the remote destination system Range 1 65535 size The size in bytes of the payload of the Echo Requests sent Range 0 39936 bytes The default is 0 sr...

Page 2244: ...pported on the N1100 ON Series switches Examples The following example discovers the routes that packets will actually take when traveling to the destination specified in the command console traceroute ipv6 2001 2 init ttl 1 max ttl 4 max fail 0 interval 1 count 3 port 33434 size 43 Traceroute to 2001 2 4 hops max 43 byte packets 1 2001 2 708 msec 41 msec 11 msec 2 2001 2 12 msec 13 msec 12 msec 3...

Page 2245: ...ng switches utilize a universal boot loader and do not contain version specific dependencies in the boot loader If unit is not specified all units in the stack are updated This command does not reboot the stack members after the update completes Do not reload or power off stack members during the update process as it may cause a switch to fail on a subsequent boot Example The following example upd...

Page 2246: ...nnection is assumed to originate and terminate at a Network Virtual Terminal or NVT Therefore the server and user hosts do not maintain information about the characteristics of each other s terminals and terminal handling conventions Telnet Client Behaviors Different telnet clients operate differently with respect to the display of the login banner the MOTD banner and acknowledgments The following...

Page 2247: ...ocated in A2 and is currently under test console 3 SSH xterm root ssh 192 168 12 84 l dellradius If you need to utilize this device or otherwise make changes to the configuration you may contact the owner at x38525 Please be advised this unit is under test dellradius 192 168 12 84 s password Press y to continue within 30 seconds y n Welcome to the N3024 in the Bottom Chassis 192 168 12 190 This un...

Page 2248: ...service on the switch Syntax ip telnet server disable no ip telnet server disable Command Mode Global Configuration User Guidelines No specific guidelines Default Value This feature is enabled by default Dell EMC Networking N Series switches support the Telnet service over IPv4 and IPv6 Example console configure console config ip telnet server disable console config no ip telnet server disable ip ...

Page 2249: ...er Guidelines The Telnet server TCP port should not be set to a value that might conflict with other well known protocol port numbers used on this switch UDP TCP and RAW ports reserved by the switch and unavailable for use or configuration are Ports 1 17 58 255 546 547 2222 4567 6343 49160 Example console config ip telnet port 1045 console config no ip telnet port show ip telnet The show ip telnet...

Page 2250: ...Switch Management Commands 2250 Command Mode Privileged Exec Global Configuration mode and all Configuration submodes Example console show ip telnet Telnet Server is Enabled Port 23 ...

Page 2251: ...me entries If a time range by this name already exists this command enters Time Range Configuration mode to allow updating the time range entries Use the no form of the command to disable the event notification service Use the no form of this command with the optional name parameter to delete a time range identified by name Syntax time range name no time range name name A case sensitive alphanumer...

Page 2252: ...at which the configuration that referenced the time range is in effect The time is expressed in a 24 hour clock in the form of hours minutes For example 8 00 is 8 00 am and 20 00 is 8 00 pm The date is expressed in the format day month year If no start time and date are specified the configuration statement is in effect immediately end time date Time and date at which the configuration that refere...

Page 2253: ...ays of the week time to days of the week time no periodic days of the week The first occurrence of this argument is the starting day or days from which the configuration that referenced the time range starts going into effect The second occurrence is the ending day or days from which the configuration that referenced the time range is no longer in effect If the end days of the week are the same as...

Page 2254: ...ly those times specified within the periodic time range and bounded by the absolute time range In this case the absolute time entry specifies the absolute start and end dates times and the periodic entries specify the start stop times within the limits of the absolute time entry dates and times If a periodic time entry is added to an active time range with an existing absolute time entry the absol...

Page 2255: ...d all the time ranges defined in the system are displayed Syntax show time range name name A specific time range to display Default Configuration This command has no default configuration Command Mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command outputs the following Parameter Description Number of Time Ranges Number of time ranges conf...

Page 2256: ... Current number of all Time Ranges 1 Maximum number of all Time Ranges 100 Periodic Time Range Name Status Entry count Absolute Entry t1 Active 0 Does not exist Periodic start Start time and day for periodic entry Periodic end End time and day for periodic entry Parameter Description ...

Page 2257: ...image files from one switch to other Files from the switch can be copied to a USB flash device and can be used to deploy on other switches in the network Validation of Files Downloaded Uploaded from USB Device Image files are validated before downloading from the USB flash drive to the switch Files other than image files and scripts are copied with no validation Downloaded image files will be vali...

Page 2258: ...sh drive The status of file download upload is shown on the console Detailed messages are logged in the system log for further reference Commands in this Section This section explains the following commands unmount usb Use the unmount usb command to make the USB flash device inactive Syntax unmount usb Default Configuration This command has no default configuration Command Mode Privileged Exec Use...

Page 2259: ...ser Guidelines The following table explains the output parameters Parameter Description Device Status This field specifies the current status of device Active if device is plugged in and the device is recognized by the switch Inactive if device is not mounted Invalid if device is not present or invalid device is plugged in Manufacturer Manufacturer details Serial Number Serial number of the device...

Page 2260: ...he following example is the output if the device is not plugged into the USB slot console show usb device USB flash device is not plugged in dir usb Use the dir usb command to display the USB device contents and memory statistics Syntax dir usb subdir A subdirectory that exists on the USB flash drive Multiple levels of sub directories may be specified in a single string using the forward slash pat...

Page 2261: ...14363703 Jan 22 2022 03 36 08 image1 stk drwx 1024 Jan 22 2022 03 36 08 examples Total Size 1001914368 Bytes Used 128319488 Bytes Free 873594880 console dir usb examples Attr Size bytes Creation Time Name drwx 1024 Feb 02 2022 00 26 43 drwx 0 Feb 19 2014 15 22 53 rw 96 Jan 28 2022 23 05 45 examples example txt Total Size 1001914368 Bytes Used 128319488 Bytes Free 873594880 console dir usb examples...

Page 2262: ...Switch Management Commands 2262 drwx 1024 Jan 22 2022 03 36 08 examples examples Total Size 1001914368 Bytes Used 128319488 Bytes Free 873594880 ...

Page 2263: ...mmand with no terminal argument Syntax configure terminal Default Configuration This command has no default configuration Command Mode Privileged Exec mode Example console conf t console config console configure terminal console config do Use the do command to execute commands available in Privileged Exec mode from Global Configuration or any Configuration submode with command line completion conf...

Page 2264: ...on using the space bar is available when using this command Example 1 console en console configure console config interface gi1 0 1 console config if Gi1 0 1 d description dhcp do dot1x duplex console config if Gi1 0 1 do Help from privileged Exec level console config if Gi1 0 1 do application Start or stop an application arp Purge a dynamic or gateway ARP entry boot Select a boot image for use on...

Page 2265: ... Release an in band DHCP assigned address reload Reload stack or a switch in the stack rename Rename a file renew Renew an in band DHCP assigned address script Manage and execute configuration scripts show Show configured settings and operational status telnet Open a telnet connection to another system terminal Configure console session parameters test Test a copper port Disable EEE modes first tr...

Page 2266: ...e enable console end Use the end command to return the CLI command mode back to the privileged execution mode or user execution mode Syntax end Default Configuration This command has no default configuration Command Mode All command modes User Guidelines The first invocation of end from Global Configuration mode or any configuration submode returns the command mode to Privileged Exec mode This com...

Page 2267: ...mand modes In User Exec mode this command behaves identically to the quit command User Guidelines There are no user guidelines for this command Example The following example changes the configuration mode from Interface Configuration mode to User Exec mode to the login prompt console config if Gi1 0 1 exit console config exit console exit console exit User quit Use the quit command in User Exec mo...

Page 2268: ...fault Configuration This command has no default configuration Command Mode User Exec command mode User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session console quit ...

Page 2269: ...directive is sent only once at initiation of the session With the introduction of Web Sessions the client connections can be monitored and controlled Web Sessions put the authentication control in the Dell EMC Networking switch instead of the client browser resulting in a more efficient implementation that allows web access while using Radius or TACACS for authentication The exec timeout command i...

Page 2270: ... this parameter defaults to the lowest IP address of the switch when the certificate is generated Range 1 64 Default Configuration This command has no default configuration Command Mode Crypto Certification mode common name ip http secure server crypto certificate generate key generate crypto certificate import location crypto certificate request no crypto certificate duration organization unit ip...

Page 2271: ...ficate Request mode to specify the country Syntax country country country Specifies the country name Range 2 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command The user can ente...

Page 2272: ... command are saved in the private configuration If the RSA keys do not exist the generate parameter must be used The generate sub command regenerates the RSA key pair To save the generated certificate and keys on the local switch and distribute the certificate across a stack save the configuration Otherwise the certificate and keys will not be available after the next reboot This command generates...

Page 2273: ... console config crypto cert key generate console config crypto cert exit console config crypto certificate 1 request console config crypto cert common name DELL console config crypto cert country US console config crypto cert email no replay dell com console config crypto cert location Round Rock console config crypto cert organization unit Dell Networking console config crypto cert organization n...

Page 2274: ...certificate must be based on a certificate request created by the crypto certificate request Privileged Exec command If the public key found in the certificate does not match the switch s SSL RSA key the command fails Regenerating the RSA key will render existing certificates invalid Certificates are validated on input The system log will show any encountered certificate errors such as invalid for...

Page 2275: ...1OoeDuAnn4E9Pcv76nPVzUarlc8T67V5WGZRWTZ9XY48r BYY2a2YOtjoGcY7sBiEPJQbji U9W7xCjz1q Un8YRshdW 7dNmTwFTh55S2QmXV RN UVjShWRmMn0vbiyyzHaKAON 9fBt3rMQCYiRyEuWISb31 3SlWY9iQJezwoOh ZX9DEgnxvzUjLMoYVRhqCE0 LoBWikhy6ROS b4cubJpzTdv2n zY8dbM9jSwiky 6rFhVznvamGap8Aw0rUnEvU5kM9MM0hsVU95H QzWJwychy9Fhh1zhYzNTpr VQs c4psyXEd8GE END CERTIFICATE Certificate imported successfully console config show crypto certi...

Page 2276: ...icate request for HTTPS This command takes you to Crypto Certificate Request mode Syntax crypto certificate number request number Specifies the certificate number Range 1 2 Default Configuration This command has no default configuration Command Mode Privileged Exec mode User Guidelines Use this command to generate a certificate request to send to a Certification Authority The certificate request i...

Page 2277: ...ing console config crypto cert state TX console config crypto cert exit BEGIN CERTIFICATE REQUEST MIIBujCCASMCAQIwejENMAsGA1UEAwwEREVMTDEYMBYGA1UECwwPRGVsbCBOZXR3 b3JraW5nMRMwEQYDVQQHDApSb3VuZCBSb2NrMQswCQYDVQQIDAJUWDELMAkGA1UE BhMCVVMxIDAeBgkqhkiG9w0BCQEWEW5vLXJlcGx5QGRlbGwuY29tMIGfMA0GCSqG SIb3DQEBAQUAA4GNADCBiQKBgQCb7gWKpCLsG32fSX1sWwRygJrU m5IOYdJhtss 7Qg37uWlkQCBu8lWY6UFORcEP9yCVY j0OMjEjAueE...

Page 2278: ...ication is valid for a duration of 50 days console config crypto cert duration 50 ip http port Use the ip http port command to specify the TCP port on which the switch listens for HTTP connections To use the default TCP port use the no form of this command Syntax ip http port port number no ip http port port number Port number on which the switch HTTP server listens for connections Range 1025 6553...

Page 2279: ...ss to the switch To disable this function use the no form of this command Syntax ip http server no ip http server Default Configuration The default mode is enabled Command Mode Global Configuration mode User Guidelines This command enables HTTP access to the switch Use the ip http secure server command to enable HTTPS access It is recommended that administrators enable HTTPS access in preference t...

Page 2280: ...lt value of the certificate number is 1 Command Mode Global Configuration mode User Guidelines The HTTPS certificate is imported using the crypto certificate import command in Global Configuration mode Example The following example configures the active certificate for HTTPS console config ip http secure certificate 1 ip http secure port Use the ip http secure port command to configure a TCP port ...

Page 2281: ...or to directly configure the port number to 443 as 443 is out of range Use the no form of the command to set the port number to the default value of 443 Example The following example configures the HTTPS port number to 4545 console config ip http secure port 4545 ip http secure server Use the ip http secure server command to enable the switch to be accessed via HTTPS clients To disable HTTPS acces...

Page 2282: ...he certificate key The certificate generated by a crypto certificate generate command is not a signed certificate and is used to generate a certificate signing request Once a signed certificate is received download the certificate to the switch Syntax key generate length length Specifies the length of the SSL RSA key If left unspecified this parameter defaults to 1024 Range 512 2048 Default Config...

Page 2283: ...tificate Request mode to specify the location or city name Syntax location location location Specifies the location or city name Range 1 64 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate gen...

Page 2284: ...llers from the switch Issuing this command automatically disables and re enables the OpenFlow feature New SSL certificates may be reloaded from the OpenFlow Controller or may be manually loaded with the copy command Example The following example removes the OpenFlow certificates from the switch and resets the OpenFlow feature console config no crypto certificate openflow organization unit Use the ...

Page 2285: ...nsole config crypto cert organization unit Dell EMC Networking show crypto certificate mycertificate Use the show crypto certificate mycertificate command to view the SSL certificates of your switch Syntax show crypto certificate mycertificate number number Specifies the certificate number Range 1 2 digits Default configuration This command has no default configuration Command Mode Privileged Exec...

Page 2286: ...b y6YPAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAOXMcQZBLMCP lgf0Jnpv74buMNEGsNi1OoeDuAnn4E9Pcv76nPVzUarlc8T67V5WGZRWTZ9XY48r BYY2a2YOtjoGcY7sBiEPJQbji U9W7xCjz1q Un8YRshdW 7dNmTwFTh55S2QmXV RN UVjShWRmMn0vbiyyzHaKAON 9fBt3rMQCYiRyEuWISb31 3SlWY9iQJezwoOh ZX9DEgnxvzUjLMoYVRhqCE0 LoBWikhy6ROS b4cubJpzTdv2n zY8dbM9jSwiky 6rFhVznvamGap8Aw0rUnEvU5kM9MM0hsVU95H QzWJwychy9Fhh1zhYzNTpr VQs c4psyXEd8GE END CERTIFIC...

Page 2287: ... Default Configuration This command has no default configuration Command Mode User Exec mode Privileged Exec mode Global Configuration mode and all Configuration submodes User Guidelines This command has no user guidelines Example The following example displays an HTTPS server configuration with DH Key exchange enabled console show ip http server secure status HTTPS server enabled Port 443 DH Key ...

Page 2288: ...LL OU Dell Networking L Round Rock ST TX C US emailAddress no reply dell com Fingerprint FA06E0DD138FA22A4D696A80171FF3D8 state Use the state command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the state or province name Syntax state state state Specifies the state or province name Range 1 64 characters Default Configuration This command has no default configurat...

Page 2289: ...ess family ipv6 1219 address family vpnv4 unicast 1219 admin profile 884 aggregate address 1221 application install 1824 application start 1825 application stop 1826 area default cost Router OSPF 1626 area default cost Router OSPFv3 1714 area nssa Router OSPF 1627 area nssa Router OSPFv3 1715 area nssa default info originate Router OSPF Config 1629 area nssa default info originate Router OSPFv3 Co...

Page 2290: ...arp cachesize 1191 arp dynamicrenew 1192 arp purge 1193 arp resptime 1194 arp retries 1195 arp timeout 1195 asset tag 2158 assign queue 661 attribute 25 911 attribute 31 911 attribute 6 909 attribute 8 910 authentication enable 859 authentication event fail retry 913 authentication order 860 authentication priority 861 authentication restart 862 authentication timeout 992 authorization 1973 auth p...

Page 2291: ...fault local preference 1228 bgp fast external fallover 1229 bgp fast internal fallover 1230 bgp listen 1231 bgp log neighbor changes 1233 bgp maxas limit 1233 bgp router id 1234 block 997 boot auto copy sw 1830 boot auto copy sw allow downgrade 1831 boot host auto reboot 1832 boot host auto save 1832 boot host dhcp 1833 boot host retry count 1834 boot system 1868 bootfile 1898 bootpdhcprelay maxho...

Page 2292: ...tatistics 1109 clear dot1x authentication history 984 clear gmrp statistics 455 clear green mode statistics 444 clear gvrp statistics 457 clear host 1948 clear ip address conflict detect 1948 clear ip arp inspection statistics 372 clear ip bgp 1235 clear ip bgp counters 1237 clear ip community list 1407 clear ip dhcp binding 1898 clear ip dhcp conflict 1899 clear ip dhcp snooping binding 338 clear...

Page 2293: ...ar priority flow control statistics 1182 clear spanning tree detected protocols 729 clear vpc statistics 580 client 970 client identifier 1900 client name 1900 clock set 1856 clock summer time date 1859 clock summer time recurring 1858 clock timezone hours offset 1856 common name 2270 compatible rfc1583 1650 configuration 997 conform color 670 connect 2166 contact company 2121 contact person 2122 ...

Page 2294: ...uthentication interface 2028 debug auto voip 2029 debug bfd 2029 debug cfm 2030 debug clear 2031 debug console 2032 debug crashlog 2032 debug dhcp packet 2035 debug dhcp server packet 2036 debug dot1ag 2037 debug dot1x 2038 debug igmpsnooping 2039 debug ip acl 2040 debug ip dvmrp 2042 debug ip igmp 2043 debug ip mcache 2044 debug ip pimdm packet 2044 debug ip pimsm packet 2045 debug ipv6 dhcp 2046...

Page 2295: ...0 default information originate Router OSPFv3 Configuration 1728 default information originate Router RIP Configuration 1777 default metric 1652 1729 1778 default router 1901 delete 1879 delete backup config 1879 deny management 1037 deny permit IP ACL 264 deny permit IPv6 ACL 498 deny permit Mac Access List Configuration 270 depends on 546 description 384 1802 description Administrative Profile C...

Page 2296: ...Pv6 DHCP Pool Config 1923 dos control firstfrag 1023 dos control icmp 1023 dos control l4port 1024 dos control sipdip 1025 dos control tcpflag 1026 dos control tcpfrag 1026 dot1as Global Configuration 1110 dot1as Interface Configuration 1111 dot1as interval announce 1113 dot1as interval pdelay 1116 dot1as interval pdelay loss 1121 dot1as interval sync 1115 dot1as pdelay threshold 1120 dot1as prior...

Page 2297: ...assword 864 enable password encrypted 1059 encapsulation 1464 end 2266 erase 1880 errdisable recovery cause 489 errdisable recovery interval 491 ethernet cfm cc level 426 ethernet cfm domain 425 ethernet cfm mep active 429 ethernet cfm mep archive hold time 429 ethernet cfm mep enable 428 ethernet cfm mep level 427 ethernet cfm mip level 430 eula consent 1938 2119 exception core file 2059 exceptio...

Page 2298: ... enable interface 460 gvrp registration forbid 461 gvrp vlan creation forbid 462 H hardware profile openflow 1162 hardware profile portmode 2170 hardware address 1903 hashing mode 625 history 1977 history size 1977 hiveagent 1939 host 1904 hostname 2171 hostroutesaccept 1781 http port 994 https port 994 I ignore 972 initiate failover 2172 instance mst 730 interface 387 999 interface loopback 1565 ...

Page 2299: ...gp community new format 1251 1387 ip community list 1252 1388 ip default gateway 1954 ip dhcp bootp automatic 1905 ip dhcp conflict logging 1906 ip dhcp excluded address 1906 ip dhcp ping packets 1907 ip dhcp pool 1895 ip dhcp relay information check 1448 ip dhcp relay information check reply 1449 ip dhcp relay information option 1450 ip dhcp relay information option insert 1451 ip dhcp snooping 3...

Page 2300: ... 1425 ip igmp proxy service 1436 ip igmp proxy service reset status 1437 ip igmp proxy service unsolicited report interval 1438 ip igmp query interval 1426 ip igmp query max response time 1427 ip igmp robustness 1428 ip igmp snooping global 468 ip igmp snooping VLAN 470 ip igmp snooping querier 480 ip igmp snooping querier election participate 482 ip igmp snooping querier query interval 483 ip igm...

Page 2301: ... ip name server 1958 ip name server source interface 1959 ip netdirbcast 1466 ip ospf area 1657 ip ospf authentication 1658 ip ospf bfd 1206 ip ospf cost 1659 ip ospf database filter all out 1659 ip ospf dead interval 1660 ip ospf hello interval 1661 ip ospf mtu ignore 1661 ip ospf network 1662 ip ospf priority 1663 ip ospf retransmit interval 1664 ip ospf transmit delay 1665 ip pim 1574 ip pim bs...

Page 2302: ...69 ip ssh server 1070 ip telnet port 2249 ip telnet server disable 2248 ip unnumbered 1478 ip unreachables 1480 ip verify binding 530 ip verify source 528 ip vrf forwarding 1800 ip vrrp 1808 ipv4 address 1163 ipv6 access list 504 ipv6 access list rename 505 ipv6 address 1514 ipv6 address Interface Config 1960 ipv6 address OOB Port 1962 ipv6 address dhcp 1963 ipv6 dhcp pool 1924 ipv6 dhcp relay 192...

Page 2303: ...ipv6 mld snooping querier VLAN mode 522 ipv6 mld snooping querier address 523 ipv6 mld snooping querier election participate 523 ipv6 mld snooping querier query interval 524 ipv6 mld snooping querier timer expiry 525 ipv6 mld snooping vlan groupmembership interval 511 ipv6 mld snooping vlan immediate leave 511 ipv6 mld snooping vlan last listener query interval 513 ipv6 mld snooping vlan mcrtexpir...

Page 2304: ... ipv6 pim bsr border 1601 ipv6 pim bsr candidate 1602 ipv6 pim dense mode 1603 ipv6 pim dr priority 1603 ipv6 pim hello interval 1604 ipv6 pim join prune interval 1605 ipv6 pim register threshold 1605 ipv6 pim rp address 1606 ipv6 pim rp candidate 1607 ipv6 pim sparse mode 1608 ipv6 pim ssm 1609 ipv6 prefix list 1392 ipv6 route 1535 ipv6 route distance 1537 ipv6 router ospf 1741 ipv6 traffic filte...

Page 2305: ... lease 1908 level 2135 line 1978 link debounce time 390 link dependency group 545 lldp dcbx port role 1142 lldp dcbx version 1139 lldp med 552 lldp med confignotification 553 lldp med faststartrepeatcount 553 lldp med transmit tlv 554 lldp notification 555 lldp notification interval 556 lldp receive 556 lldp timers 557 lldp tlv select dcbxp 1140 lldp transmit 558 lldp transmit mgmt 559 lldp transm...

Page 2306: ...3 logging file 2143 logging monitor 2145 logging on 2146 logging protocol 2146 logging snmp 2148 logging source interface 2149 logging traps 893 logging web session 2151 login authentication 1979 login banner 1980 logout 2175 M mac access group 275 mac access list extended 277 mac access list extended rename 277 mac address table aging time 289 mac address table multicast forbidden address 290 mac...

Page 2307: ...extcommunity 1256 match ip address 1481 match ip address prefix list 1397 match ip dscp 688 match ip precedence 689 match ip tos 690 match ip6flowlbl 687 match ipv6 addrss prefix list 1398 match length 1484 match mac list 1485 match protocol 691 match source address mac 692 match srcip 693 match srcip6 693 match srcl4port 694 match vlan 695 maximum routes 1801 maximum paths 1257 1668 1742 maximum ...

Page 2308: ...srclassqav 1097 msrp talker pruning 1099 mvr 605 mvr group 605 mvr immediate 609 mvr mode 606 mvr querytime 607 mvr type 610 mvr vlan 608 mvr vlan group 611 mvrp 1084 mvrp global 1085 mvrp periodic state machine 1086 N name Captive Portal 1001 name mst 732 name RADIUS server 918 name VLAN Configuration 792 neighbor activate 1262 neighbor advertisement interval BGP Router Configuration 1263 neighbo...

Page 2309: ...7 neighbor prefix list IPv6 Address Family Configuration 1288 neighbor remote as 1289 neighbor remove private as 1290 neighbor rfc5549 support 1291 neighbor route map BGP Router Configuration 1293 neighbor route map IPv6 Address Family Configuration 1294 neighbor route reflector client BGP Router Configuration 1295 neighbor route reflector client IPv6 Address Family Configuration 1296 neighbor sen...

Page 2310: ...min length 1050 passwords strength exclude keyword 1058 passwords strength max limit consecutive characters 1055 passwords strength max limit repeated characters 1056 passwords strength minimum character classes 1057 passwords strength minimum lowercase letters 1053 passwords strength minimum numeric characters 1054 passwords strength minimum special characters 1054 passwords strength minimum uppe...

Page 2311: ...7 power inline powered device 1998 power inline priority 1999 power inline reset 2000 power inline usage threshold 2000 prefix delegation 1928 primary 919 priority 920 946 priority flow control mode 1180 priority flow control priority 1181 private vlan 793 process cpu threshold 2182 protocol 1001 protocol group 795 protocol vlan group 796 protocol vlan group all 797 protocol version 1169 proxy ip ...

Page 2312: ...queue parms 702 rate limit cpu 1027 rd 1308 redirect 708 1002 redirect url 1002 redistribute BGP IPv6 1311 redistribute BGP 1309 redistribute OSPF 1675 redistribute OSPFv3 1748 redistribute RIP 1785 release dhcp 1890 reload 2184 remark 278 remote span 650 rename 1882 renew dhcp 1890 retransmit 932 revision mst 733 rmon alarm 2005 rmon collection history 2007 rmon event 2008 rmon hcalarm 2009 role ...

Page 2313: ... as path 1408 set comm list delete 1409 set community 1410 set description 2186 set extcommunity rt 1314 set extcommunity soo 1316 set interface null0 1487 set ip default next hop 1488 set ip next hop 1489 set ip precedence 1490 set local preference 1412 set metric 1413 sflow destination 2077 sflow polling 2079 sflow polling Interface Mode 2080 sflow sampling 2081 sflow sampling Interface Mode 208...

Page 2314: ...isten range 1323 show bgp ipv6 neighbors 1324 show bgp ipv6 neighbors advertised routes 1330 show bgp ipv6 neighbors policy 1332 show bgp ipv6 neighbors received routes 1333 show bgp ipv6 route reflection 1342 show bgp ipv6 statistics 1335 show bgp ipv6 summary 1336 show bgp ipv6 update group 1339 show boot 1835 show bootvar 1884 show captive portal 995 show captive portal client status 1005 show ...

Page 2315: ...ow debugging 2066 show dhcp l2relay agent option vlan 332 show dhcp l2relay all 330 show dhcp l2relay circuit id vlan 334 show dhcp l2relay interface 331 show dhcp l2relay remote id vlan 335 show dhcp l2relay stats interface 331 show dhcp l2relay vlan 333 show dhcp lease 1892 show diffserv 715 show diffserv service brief 717 show diffserv service interface 716 show dos control 1029 show dot1as 112...

Page 2316: ... show hiveagent status 1944 show hosts 1966 show idprom interface 2193 show idprom interface interface id 396 show interfaces 393 2194 show interfaces advanced firmware 2196 show interfaces advertise 396 show interfaces configuration 398 show interfaces cos queue 718 show interfaces counters 399 show interfaces debounce 403 show interfaces description 403 show interfaces detail 404 show interfaces...

Page 2317: ...w ip bgp route reflection 1362 show ip bgp statistics 1363 show ip bgp summary 1365 show ip bgp update group 1371 show ip bgp vpn4 1375 show ip brief 1491 show ip community list 1400 show ip dhcp binding 1918 show ip dhcp conflict 1919 show ip dhcp global configuration 1919 show ip dhcp pool 1920 show ip dhcp relay 1458 show ip dhcp server statistics 1920 show ip dhcp snooping 346 show ip dhcp sno...

Page 2318: ...ing groups 471 show ip igmp snooping mrouter 472 show ip igmp snooping querier 485 show ip interface 1492 show ip irdp 1774 show ip mcast mroute static 1589 show ip mroute 1587 show ip mroute group 1587 show ip mroute source 1588 show ip multicast 1584 show ip multicast interface 1586 show ip ospf 1678 show ip ospf abr 1685 show ip ospf area 1685 show ip ospf asbr 1687 show ip ospf database 1688 s...

Page 2319: ...ute preferences 1502 show ip route static 1501 show ip route summary 1503 show ip source binding 532 show ip ssh 1074 show ip telnet 2249 show ip traffic 1504 show ip verify source 531 show ip vlan 1506 show ip vrf 1802 show ipv6 access lists 507 show ipv6 brief 1539 show ipv6 dhcp 1930 show ipv6 dhcp binding 1930 show ipv6 dhcp interface Privileged EXEC 1932 show ipv6 dhcp interface User EXEC 193...

Page 2320: ...route 1612 show ipv6 mroute group 1614 show ipv6 mroute source 1615 show ipv6 neighbors 1555 show ipv6 ospf 1749 show ipv6 ospf abr 1753 show ipv6 ospf area 1754 show ipv6 ospf asbr 1755 show ipv6 ospf border routers 1755 show ipv6 ospf database 1756 show ipv6 ospf database database summary 1758 show ipv6 ospf interface 1759 show ipv6 ospf interface brief 1760 show ipv6 ospf interface stats 1761 s...

Page 2321: ...40 show iscsi sessions 541 show isdp 319 show isdp entry 320 show isdp interface 321 show isdp neighbors 322 show isdp traffic 323 show keepalive 577 show keepalive statistics 578 show lacp 632 show line 1982 show link dependency 547 show lldp 561 show lldp dcbx 1144 show lldp interface 561 show lldp local device 562 show lldp med 564 show lldp med interface 564 show lldp med local device detail 5...

Page 2322: ...tatistics 1081 show monitor capture 651 show monitor session 653 show msrp 1100 show msrp reservations 1103 show msrp statistics 1104 show msrp stream 1106 show mvr 612 show mvr interface 614 show mvr members 613 show mvr traffic 616 show mvrp 1087 show mvrp statistics 1088 show nsf 2201 show openflow 1171 show parser macro 1844 show passwords configuration 1059 show passwords result 1061 show pol...

Page 2323: ...how service acl interface 281 show service policy 724 show sessions 2210 show sflow agent 2084 show sflow destination 2085 show sflow polling 2086 show sflow sampling 2087 show slot 2211 show snmp 2090 show snmp engineid 2092 show snmp filters 2092 show snmp group 2093 show snmp user 2095 show snmp views 2096 show sntp configuration 1846 show sntp server 1847 show sntp status 1848 show spanning tr...

Page 2324: ... system power 2225 show system temperature 2226 show tacacs 946 show tech support 2228 show time range 2255 show trapflags 2097 show udld 782 show usb 2259 show users 2231 show users accounts 877 show users login history 878 show version 2232 show vlan 802 show vlan association mac 804 show vlan association subnet 805 show vlan private vlan 806 show vlan remote span 655 show voice vlan 835 show vp...

Page 2325: ...face 2117 snmp server user 2111 snmp server v3 host 2115 snmp server view 2114 sntp 1917 sntp authenticate 1849 sntp authentication key 1850 sntp broadcast client enable 1851 sntp client poll timer 1851 sntp server 1852 sntp source interface 1853 sntp trusted key 1854 sntp unicast client enable 1855 source ip 940 spanning tree 744 spanning tree auto portfast 745 spanning tree backbonefast 746 span...

Page 2326: ...ld count 766 spanning tree uplinkfast 766 spanning tree vlan 768 spanning tree vlan forward time 769 spanning tree vlan hello time 770 spanning tree vlan max age 771 spanning tree vlan priority 773 spanning tree vlan root 772 speed 416 1983 split horizon 1790 stack 2233 stack port 2234 stack port shutdown 2236 standby 2237 state 2288 storm control broadcast 1031 storm control multicast 1032 storm ...

Page 2327: ...tchport trunk encapsulation dot1q 821 switchport voice detect auto 314 system jumbo mtu 422 system mac 598 system priority 599 T tacacs server host 947 tacacs server key 948 tacacs server source interface 949 tacacs server timeout 950 telnet 2239 template peer 1380 terminal monitor 2155 test copper port tdr 1988 timeout 940 951 time range 2251 timers bgp 1382 timers pacing flood 1710 timers pacing...

Page 2328: ...rl 1943 2130 usage 941 user group 1011 1019 user group moveusers 1019 user group name 1020 user name 1013 user password 1014 user session timeout 1014 user logout 1012 username 879 username Mail Server Configuration Mode 901 username unlock 881 V verification 1004 vlan 824 vlan association mac 825 vlan association subnet 825 vlan makestatic 826 vlan priority 726 vlan protocol group 827 vlan protoc...

Page 2329: ...pc peer link 602 vrrp accept mode 1808 vrrp authentication 1809 vrrp description 1810 vrrp ip 1811 vrrp mode 1812 vrrp preempt 1813 vrrp priority 1814 vrrp timers advertise 1814 vrrp timers learn 1815 vrrp track interface 1816 vrrp track ip route 1817 W write 1887 write core 2075 ...

Page 2330: ......

Page 2331: ...www dell com support dell com Printed in the U S A ...

Page 2332: ......

Search results

Summary of Contents for N1100-ON

Reviews:

Related manuals for N1100-ON

Brands by name

Popular brands

Dell N1100-ON, Reference Manual

Search results

Summary of Contents for N1100-ON

Reviews:

Related manuals for N1100-ON

Brands by name

Popular brands