manualshive.com logo in svg

Dell Networking 7048, Reference Manual

The Dell Networking 7048 is a high-performance Ethernet switch, delivering exceptional speed and reliability. Unlock the full potential of this product with the comprehensive Configuration Manual, available for download free of charge at our website. Explore advanced features and optimize your network effortlessly, only with Dell.

Share
Download
background image

858

802.1x Commands

Whenever an operator configures a port in Dot1x authentication mode and 

selects the authentication method as internal, then the user credentials 

received from the Dot1x supplicant is validated against the IDAS by Dot1x 

component. The Dot1x application accesses the Dot1x user database to 

check whether the user credentials present in the authentication message 

corresponds to a valid user or not. If so then an event is generated which 

triggers the Dot1x state machine to send a challenge to the supplicant. 

Otherwise a failure is returned to the Dot1x state machine and the user is not 

granted access to the port.
If user(s) credentials are changed, the existing user connection(s) are not 

disturbed and the changed user(s) credentials are only used when a new EAP 

request arises.
A CLI configuration mode is added in order to configure dot1x users and 

their attributes. The Dot1x maintained user database can be exported 

(uploaded) or imported (downloaded) to/from a central location using a 

TFTP server. 

MAC Authentication Bypass

Today, 802.1x has become the recommended port-based authentication 

method at the access layer in enterprise networks. However, there may be 

802.1x unaware devices such as printers, fax-machines etc that would require 

access to the network without 802.1x authentication. MAC Authentication 

Bypass (MAB) is a supplemental authentication mechanism to allow 802.1x 

unaware clients to authenticate to the network. It uses the 802,1x 

infrastructure and MAB cannot be supported independent of the Dot1x 

component.
MAC Authentication Bypass (MAB) provides 802.1x unaware clients 

controlled access to the network using the devices’ MAC address as an 

identifier. This requires that the known and allowable MAC address and 

corresponding access rights be pre-populated in the authentication server. 

MAB only works when the port control mode of the port is MAC-based. 
Port access by MAB clients is allowed if the Dot1x user database has 

corresponding entries added for the MAB clients with user name and 

password attributes set to the MAC address of MAB clients.

2CSPC4.X7000-SWUM204.book  Page 858  Friday, March 15, 2013  8:22 AM

Summary of Contents for Networking 7048

Page 1: ...Dell PowerConnect 7000 Series Systems CLI Reference Guide Regulatory Model PC7024 PC7024F PC7024P PC7048 PC7048P PC7048R and PC7048R RA ...

Page 2: ...nect are trademarks of Dell Inc StrataXGS is a registered trademark of Broadcom Corp sFlow is a registered trademark of InMon Corporation Cisco is a registered trademark of Cisco Systems Inc and or its affiliates in the United States and certain other countries Microsoft and Windows are registered trademarks of Microsoft Corporation in the United States and or other countries Other trademarks and ...

Page 3: ...on 77 Command Groups 77 Mode Types 81 Layer 2 Commands 83 Layer 3 Commands 118 Utility Commands 145 2 Using the CLI 169 Introduction 169 Entering and Editing CLI Commands 169 CLI Command Modes 180 Starting the CLI 193 Using CLI Functions and Tools 201 ...

Page 4: ...le 249 aaa authentication login 251 aaa authorization 252 aaa authorization network default radius 255 aaa ias user username 255 aaa new model 256 clear IAS 257 authorization 258 enable authentication 259 enable password 260 ip http authentication 261 ip https authentication 262 login authentication 263 password aaa IAS User Configuration 264 password Line Configuration 265 ...

Page 5: ...how users accounts 272 show users login history 273 username 274 username unlock 277 5 Administrative Profiles Commands 279 Overview 279 Commands in this Chapter 280 admin profile 281 description Administrative Profile Config 282 rule 283 show admin profiles 284 show admin profiles brief 285 show cli modes 286 6 ACL Commands 289 ACL Logging 289 ...

Page 6: ...list extended rename 301 service acl input 302 show service acl interface 303 show ip access lists 304 show mac access list 305 7 Address Table Commands 307 Commands in this Chapter 308 clear mac address table 308 mac address table aging time 309 mac address table multicast forbidden address 310 mac address table static vlan 311 port security 312 port security max 313 show mac address table multic...

Page 7: ...dress table static 321 show mac address table vlan 322 show ports security 323 show ports security addresses 325 8 Auto VoIP Commands 327 Commands in this Chapter 327 show switchport voice 328 switchport voice detect auto 330 9 CDP Interoperability Commands 333 Commands in this Chapter 333 clear isdp counters 333 clear isdp table 334 isdp advertise v2 334 isdp enable 335 isdp holdtime 336 ...

Page 8: ...lobal Configuration 345 dhcp l2relay Interface Configuration 346 dhcp l2relay circuit id 347 dhcp l2relay remote id 348 dhcp l2relay trust 348 dhcp l2relay vlan 349 show dhcp l2relay all 350 show dhcp l2relay interface 351 show dhcp l2relay stats interface 352 show dhcp l2relay subscription interface 353 show dhcp l2relay agent option vlan 353 show dhcp l2relay vlan 355 show dhcp l2relay circuit i...

Page 9: ...cket 362 show dhcp lease 363 12 DHCP Snooping Commands 367 Commands in this Chapter 368 clear ip dhcp snooping binding 368 clear ip dhcp snooping statistics 369 ip dhcp snooping 369 ip dhcp snooping binding 370 ip dhcp snooping database 371 ip dhcp snooping database write delay 372 ip dhcp snooping limit 373 ip dhcp snooping log invalid 374 ip dhcp snooping trust 375 ip dhcp snooping verify mac ad...

Page 10: ...ands 383 Commands in this Chapter 383 arp access list 383 clear ip arp inspection statistics 384 ip arp inspection filter 385 ip arp inspection limit 385 ip arp inspection trust 386 ip arp inspection validate 387 ip arp inspection vlan 388 permit ip host mac host 389 show arp access list 390 show ip arp inspection 390 show ip arp inspection vlan 393 14 E mail Alerting Commands 395 Commands in this...

Page 11: ...ng email test message type 403 show logging email statistics 404 clear logging email statistics 404 security 405 mail server ip address hostname 406 port Mail Server Configuration Mode 407 username Mail Server Configuration Mode 407 password Mail Server Configuration Mode 408 show mail server 409 15 Ethernet Configuration Commands 411 Commands in this Chapter 412 clear counters 412 description 413...

Page 12: ...ers 423 show interfaces description 426 show interfaces detail 427 show interfaces status 429 show statistics 430 show statistics switchport 434 show storm control 436 shutdown 437 speed 437 storm control broadcast 439 storm control multicast 440 storm control unicast 441 switchport protected 442 switchport protected name 443 show switchport protected 444 ...

Page 13: ...rnet cfm mep active 451 ethernet cfm mep archive hold time 452 ethernet cfm mip level 452 ping ethernet cfm 453 traceroute ethernet cfm 454 show ethernet cfm errors 456 show ethernet cfm domain 456 show ethernet cfm maintenance points local 457 show ethernet cfm maintenance points remote 459 show ethernet cfm statistics 460 debug cfm 461 17 Green Ethernet Commands 465 Energy Detect Mode 465 ...

Page 14: ... show green mode interface id 470 show green mode 474 show green mode eee lpi history interface 475 18 GVRP Commands 479 Commands in this Chapter 479 clear gvrp statistics 479 garp timer 480 gvrp enable global 481 gvrp enable interface 482 gvrp registration forbid 483 gvrp vlan creation forbid 484 show gvrp configuration 484 show gvrp error statistics 486 show gvrp statistics 487 ...

Page 15: ...ip igmp snooping vlan last member query interval 497 ip igmp snooping vlan mcrtrexpiretime 498 ip igmp snooping report suppression 499 ip igmp snooping unregistered floodall 500 ip igmp snooping vlan mrouter 500 20 IGMP Snooping Querier Commands 503 Commands in this Chapter 503 ip igmp snooping querier 503 ip igmp snooping querier election participate 505 ip igmp snooping querier query interval 50...

Page 16: ...513 ip address Out of Band 514 ip address conflict detect run 515 ip address dhcp Interface Config 516 ip default gateway 517 ip domain lookup 518 ip domain name 519 ip host 520 ip name server 520 ipv6 address Interface Config 521 ipv6 address OOB Port 523 ipv6 address dhcp 524 ipv6 enable Interface Config 525 ipv6 enable OOB Config 526 ipv6 gateway OOB Config 526 show hosts 527 ...

Page 17: ...ist 536 ipv6 access list rename 537 ipv6 traffic filter 538 show ipv6 access lists 539 23 IPv6 MLD Snooping Commands 543 Commands in this Chapter 543 ipv6 mld snooping vlan groupmembership interval 544 ipv6 mld snooping vlan immediate leave 544 ipv6 mld snooping listener message suppression 545 ipv6 mld snooping vlan last listener query interval 546 ipv6 mld snooping vlan mcrtexpiretime 547 ipv6 m...

Page 18: ...556 ipv6 mld snooping querier address 557 ipv6 mld snooping querier election participate 558 ipv6 mld snooping querier query interval 559 ipv6 mld snooping querier timer expiry 559 show ipv6 mld snooping querier 560 25 IP Source Guard Commands 563 Commands in this Chapter 563 ip verify source 563 ip verify source port security 564 ip verify binding 565 show ip verify interface 565 show ip verify s...

Page 19: ...get port 574 show iscsi 576 show iscsi sessions 577 27 Link Dependency Commands 581 Commands in this Chapter 581 action 581 link dependency group 582 add gigabitethernet 583 add tengigabitethernet 583 add port channel 584 depends on 585 show link dependency 586 28 LLDP Commands 589 Commands in this Chapter 590 clear lldp remote data 590 ...

Page 20: ... lldp notification 595 lldp notification interval 596 lldp receive 597 lldp timers 597 lldp transmit 599 lldp transmit mgmt 599 lldp transmit tlv 600 show lldp 601 show lldp interface 602 show lldp local device 603 show lldp med 604 show lldp med interface 605 show lldp med local device detail 606 show lldp med remote device 609 show lldp remote device 612 ...

Page 21: ...pter 618 mvr 618 mvr group 619 mvr mode 620 mvr querytime 620 mvr vlan 622 mvr immediate 622 mvr type 623 mvr vlan group 625 show mvr 626 show mvr members 627 show mvr interface 629 show mvr traffic 630 30 Port Channel Commands 633 Static LAGS 633 VLANs and LAGs 634 LAG Thresholds 634 Port Channels 635 ...

Page 22: ...637 channel group 637 interface port channel 638 interface range port channel 639 hashing mode 640 lacp port priority 641 lacp system priority 642 lacp timeout 642 port channel local preference 643 port channel min links 644 show interfaces port channel 645 show lacp 646 show statistics port channel 648 31 Port Monitor Commands 653 Commands in this Chapter 653 monitor session 654 ...

Page 23: ...Service CoS 658 Queue Mapping 659 Commands in this Chapter 660 assign queue 661 class 661 class map 662 class map rename 663 classofservice dot1p mapping 664 classofservice ip dscp mapping 665 classofservice trust 668 conform color 669 cos queue min bandwidth 671 cos queue random detect 672 cos queue strict 674 diffserv 675 drop 676 ...

Page 24: ...destination address mac 681 match dstip 682 match dstip6 682 match dstl4port 683 match ethertype 684 match ip6flowlbl 685 match ip dscp 685 match ip precedence 686 match ip tos 687 match protocol 688 match source address mac 689 match srcip 690 match srcip6 690 match srcl4port 691 match vlan 692 mirror 693 ...

Page 25: ...how classofservice dot1p mapping 704 show classofservice ip dscp mapping 705 show classofservice trust 708 show diffserv 709 show diffserv service interface 710 show diffserv service interface port channel 711 show diffserv service brief 712 show interfaces cos queue 713 show interfaces random detect 715 show policy map 716 show policy map interface 717 show service policy 718 traffic shape 719 ...

Page 26: ... port 728 auth port 729 deadtime 729 debug aaa accounting 730 key 731 msgauth 732 name RADIUS server 732 primary 734 priority 734 radius server attribute 4 735 radius server deadtime 736 radius server host 737 radius server key 738 radius server retransmit 739 radius server source ip 740 radius server timeout 740 retransmit 741 ...

Page 27: ...53 Commands in this Chapter 754 clear spanning tree detected protocols 755 exit mst 756 instance mst 756 name mst 758 revision mst 759 show spanning tree 759 show spanning tree summary 763 spanning tree 764 spanning tree auto portfast 765 spanning tree bpdu flooding 766 spanning tree bpdu protection 766 spanning tree cost 767 spanning tree disable 769 ...

Page 28: ...on 774 spanning tree mst cost 775 spanning tree mst port priority 776 spanning tree mst priority 777 spanning tree portfast 778 spanning tree portfast bpdufilter default 779 spanning tree portfast default 780 spanning tree port priority 781 spanning tree priority 781 spanning tree tcnguard 782 spanning tree transmit hold count 783 35 TACACS Commands 785 Commands in this Chapter 785 key 786 port 78...

Page 29: ... Detecting Unidirectional Links on a Device Port 793 Processing UDLD Traffic from Neighbors 794 UDLD in Normal mode 794 UDLD in Aggressive mode 794 Commands in this Chapter 795 udld enable Global Config 795 udld reset 796 udld message time 797 udld timeout interval 797 udld enable Interface Config 798 udld port 799 show udld 800 debug udld 801 ...

Page 30: ...e VLAN Commands 805 Commands in this Chapter 808 dvlan tunnel ethertype 809 interface vlan 810 interface range vlan 811 mode dvlan tunnel 812 name VLAN Configuration 813 protocol group 814 protocol vlan group 815 protocol vlan group all 816 show dvlan tunnel 817 show dvlan tunnel interface 818 show interfaces switchport 819 show port protocol 823 show vlan 824 ...

Page 31: ...neral allowed vlan 830 switchport general ingress filtering disable 831 switchport general pvid 832 switchport mode 833 switchport trunk 834 vlan 836 vlan Global Config 837 vlan association mac 838 vlan association subnet 839 vlan database 839 vlan makestatic 840 vlan protocol group 841 vlan protocol group add protocol 842 vlan protocol group name 843 vlan protocol group remove 843 switchport priv...

Page 32: ...e vlan Interface 852 voice vlan data priority 854 show voice vlan 854 39 802 1x Commands 857 Local 802 1X Authentication Server 857 MAC Authentication Bypass 858 Guest VLAN 859 802 1x Monitor Mode 859 RADIUS based Dynamic VLAN Assignment 860 Commands in this Chapter 860 dot1x dynamic vlan enable 861 dot1x initialize 862 dot1x mac auth bypass 862 dot1x max req 863 ...

Page 33: ...eriod 869 dot1x timeout quiet period 870 dot1x timeout re authperiod 871 dot1x timeout server timeout 871 dot1x timeout supp timeout 872 dot1x timeout tx period 873 show dot1x 874 show dot1x authentication history 875 show dot1x clients 877 show dot1x interface 880 show dot1x interface statistics 881 show dot1x users 883 clear dot1x authentication history 884 dot1x guest vlan 885 dot1x unauth vlan...

Page 34: ...n this Chapter 892 arp 892 arp cachesize 893 arp dynamicrenew 894 arp purge 895 arp resptime 896 arp retries 897 arp timeout 897 clear arp cache 898 clear arp cache management 899 ip local proxy arp 900 ip proxy arp 900 show arp 901 42 DHCP Server and Relay Agent Commands 903 Commands in this Chapter 904 ...

Page 35: ... 910 default router 911 dns server IP DHCP Pool Config 912 domain name IP DHCP Pool Config 913 hardware address 913 host 914 ip dhcp bootp automatic 915 ip dhcp conflict logging 916 ip dhcp excluded address 917 ip dhcp ping packets 918 lease 919 netbios name server 920 netbios node type 921 network 922 next server 922 option 923 ...

Page 36: ...cs 932 43 DHCPv6 Commands 935 clear ipv6 dhcp 935 dns server IPv6 DHCP Pool Config 936 domain name IPv6 DHCP Pool Config 936 ipv6 dhcp pool 937 ipv6 dhcp relay 938 ipv6 dhcp server 939 prefix delegation 940 service dhcpv6 942 show ipv6 dhcp 943 show ipv6 dhcp binding 943 show ipv6 dhcp interface User EXEC 944 show ipv6 dhcp interface Privileged EXEC 946 show ipv6 dhcp pool 950 ...

Page 37: ...ip dvmrp 955 show ip dvmrp interface 956 show ip dvmrp neighbor 956 show ip dvmrp nexthop 957 show ip dvmrp prune 958 show ip dvmrp route 959 45 GMRP Commands 961 Commands in this Chapter 962 gmrp enable 962 show gmrp configuration 963 46 IGMP Commands 965 Commands in this Chapter 966 ip igmp 966 ip igmp last member query count 967 ...

Page 38: ...igmp version 973 show ip igmp 973 show ip igmp groups 974 show ip igmp interface 975 show ip igmp membership 977 show ip igmp interface stats 977 ip igmp router alert check 978 47 IGMP Proxy Commands 981 Commands in this Chapter 981 ip igmp proxy 981 ip igmp proxy reset status 982 ip igmp proxy unsolicit rprt interval 983 show ip igmp proxy 984 show ip igmp proxy interface 985 show ip igmp proxy g...

Page 39: ...heck 993 ip dhcp relay information check reply 994 ip dhcp relay information option 995 ip dhcp relay information option insert 996 ip helper address global configuration 997 ip helper address interface configuration 999 ip helper enable 1001 show ip helper address 1001 show ip dhcp relay 1003 show ip helper statistics 1004 49 IP Routing Commands 1007 Static Routes ECMP Static Routes 1007 Static R...

Page 40: ...route default 1014 ip route distance 1015 ip routing 1016 show ip brief 1017 show ip interface 1017 show ip protocols 1020 show ip route 1024 show ip route configured 1026 show ip route connected 1027 show ip route preferences 1028 show ip route summary 1029 show ip traffic 1030 show ip vlan 1033 show routing heap summary 1033 ...

Page 41: ... priority 1041 ipv6 pim hello interval 1042 ipv6 pim join prune interval 1042 ipv6 pim register rate limit 1043 ipv6 pim rp address 1044 ipv6 pim rp candidate 1045 ipv6 pim spt threshold 1046 ipv6 pim ssm 1047 show ipv6 pim 1048 show ipv6 pim bsr router 1049 show ipv6 pim interface 1050 show ipv6 pim neighbor 1052 show ipv6 pim rp hash 1054 show ipv6 pim rp mapping 1055 ...

Page 42: ...ipv6 hop limit 1062 ipv6 host 1062 ipv6 mld last member query count 1063 ipv6 mld last member query interval 1064 ipv6 mld proxy 1064 ipv6 mld proxy reset status 1065 ipv6 mld proxy unsolicit rprt interval 1066 ipv6 mld query interval 1066 ipv6 mld query max response time 1067 ipv6 mld router 1068 ipv6 mtu 1069 ipv6 nd dad attempts 1070 ipv6 nd managed config flag 1071 ipv6 nd ns interval 1071 ...

Page 43: ...oute distance 1079 ipv6 unicast routing 1080 ping ipv6 1081 ping ipv6 interface 1082 show ipv6 brief 1083 show ipv6 interface 1084 show ipv6 interface management statistics 1086 show ipv6 mld groups 1087 show ipv6 mld interface 1090 show ipv6 mld proxy 1093 show ipv6 mld proxy groups 1094 show ipv6 mld proxy groups detail 1096 show ipv6 mld proxy interface 1097 show ipv6 mld traffic 1099 ...

Page 44: ...lan 1107 traceroute ipv6 1108 52 Loopback Interface Commands 1111 Commands in this Chapter 1111 interface loopback 1111 show interfaces loopback 1112 53 Multicast Commands 1115 Commands in this Chapter 1116 ip mcast boundary 1116 ip mroute 1117 ip multicast 1118 ip multicast ttl threshold 1119 ip pim 1120 ip pim bsr border 1121 ip pim bsr candidate 1122 ...

Page 45: ...128 ip pim ssm 1129 show ip multicast 1129 show ip mcast boundary 1130 show ip multicast interface 1131 show ip mcast mroute 1132 show ip mcast mroute group 1133 show ip mcast mroute source 1134 show ip mcast mroute static 1134 show ip pim 1135 show ip pim bsr router 1136 show ip pim interface 1137 show ip pim neighbor 1139 show ip pim rp hash 1141 show ip pim rp mapping 1142 ...

Page 46: ...t cost Router OSPF 1149 area nssa Router OSPF 1150 area nssa default info originate Router OSPF Config 1152 area nssa no redistribute 1153 area nssa no summary 1154 area nssa translator role 1154 area nssa translator stab intv 1155 area range Router OSPF 1156 area stub 1160 area stub no summary 1161 area virtual link 1161 area virtual link authentication 1164 area virtual link dead interval 1165 a...

Page 47: ...b router 1172 compatible rfc1583 1173 default information originate Router OSPF Configuration 1174 default metric 1175 distance ospf 1176 distribute list out 1177 enable 1178 exit overflow interval 1179 external lsdb limit 1179 ip ospf area 1180 ip ospf authentication 1181 ip ospf cost 1182 ip ospf database filter all out 1183 ip ospf dead interval 1183 ip ospf hello interval 1184 ...

Page 48: ...og adjacency changes 1189 max metric router lsa 1190 maximum paths 1191 network area 1192 nsf 1193 nsf helper 1195 nsf helper strict lsa checking 1195 nsf restart interval 1196 passive interface default 1197 passive interface 1198 redistribute 1199 router id 1200 router ospf 1201 show ip ospf 1201 show ip ospf abr 1208 show ip ospf area 1209 ...

Page 49: ...2 show ip ospf range 1225 show ip ospf statistics 1227 show ip ospf stub table 1228 show ip ospf traffic 1229 show ip ospf virtual link 1232 show ip ospf virtual links brief 1233 timers pacing flood 1234 timers pacing lsa group 1234 timers spf 1235 55 OSPFv3 Commands 1237 area default cost Router OSPFv3 1238 area nssa Router OSPFv3 1239 area nssa default info originate Router OSPFv3 Config 1240 ar...

Page 50: ...a virtual link dead interval 1250 area virtual link hello interval 1250 area virtual link retransmit interval 1251 area virtual link transmit delay 1252 default information originate Router OSPFv3 Configuration 1253 default metric 1254 distance ospf 1255 enable 1256 exit overflow interval 1256 external lsdb limit 1257 ipv6 ospf 1258 ipv6 ospf area 1259 ipv6 ospf cost 1260 ipv6 ospf dead interval 1...

Page 51: ...ransmit delay 1265 ipv6 router ospf 1266 maximum paths 1267 nsf 1267 nsf helper 1268 nsf helper strict lsa checking 1269 nsf restart interval 1270 passive interface 1271 passive interface default 1272 redistribute 1272 router id 1273 show ipv6 ospf 1274 show ipv6 ospf abr 1278 show ipv6 ospf area 1279 show ipv6 ospf asbr 1280 show ipv6 ospf border routers 1280 ...

Page 52: ... 1289 show ipv6 ospf neighbor 1290 show ipv6 ospf range 1292 show ipv6 ospf stub table 1293 show ipv6 ospf virtual links 1293 show ipv6 ospf virtual link brief 1294 56 Router Discovery Protocol Commands 1297 Commands in this Chapter 1297 ip irdp 1297 ip irdp address 1299 ip irdp holdtime 1300 ip irdp maxadvertinterval 1301 ip irdp minadvertinterval 1302 ip irdp multicast 1303 ip irdp preference 13...

Page 53: ...r RIP Configuration 1308 default metric 1309 distance rip 1310 distribute list out 1310 enable 1311 hostroutesaccept 1312 ip rip 1313 ip rip authentication 1313 ip rip receive version 1314 ip rip send version 1315 redistribute 1316 router rip 1317 show ip rip 1318 show ip rip interface 1319 show ip rip interface brief 1320 split horizon 1321 ...

Page 54: ...el mode ipv6ip 1326 tunnel source 1327 59 Virtual Router Redundancy Protocol Commands 1329 Pingable VRRP Interface 1329 VRRP Route Interface Tracking 1330 Interface Tracking 1331 Route Tracking 1331 Commands in this Chapter 1331 ip vrrp 1332 vrrp accept mode 1332 vrrp authentication 1333 vrrp description 1334 vrrp ip 1335 vrrp mode 1336 vrrp preempt 1337 ...

Page 55: ...ce 1346 show vrrp interface brief 1348 show vrrp interface stats 1349 ip vrrp accept mode 1350 show ip vrrp interface 1351 60 Utility Commands 1353 61 Auto Install Commands 1355 Commands in this Chapter 1356 boot auto copy sw 1356 boot auto copy sw allow downgrade 1357 boot host autoreboot 1358 boot host autosave 1359 boot host dhcp 1359 boot host retrycount 1360 ...

Page 56: ...er 1365 authentication timeout 1367 captive portal 1367 enable 1368 http port 1369 https port 1369 show captive portal 1370 show captive portal status 1371 block 1372 configuration 1373 enable 1373 group 1374 interface 1375 locale 1375 name Captive Portal 1376 protocol 1377 redirect 1377 redirect url 1378 ...

Page 57: ...captive portal interface configuration status 1384 clear captive portal users 1385 no user 1385 show captive portal user 1386 user group 1387 user logout 1388 user name 1389 user password 1389 user session timeout 1390 show captive portal configuration 1391 show captive portal configuration interface 1392 show captive portal configuration locales 1393 show captive portal configuration status 1393 ...

Page 58: ...e 1400 macro global description 1401 macro apply 1402 macro trace 1403 macro description 1404 show parser macro 1404 64 Clock Commands 1407 Real time Clock 1407 Simple Network Time Protocol 1407 Commands in this Chapter 1408 show sntp configuration 1408 show sntp server 1409 show sntp status 1411 sntp authenticate 1412 sntp authentication key 1413 ...

Page 59: ... 1417 clock timezone hours offset 1418 no clock timezone 1418 clock summer time recurring 1419 clock summer time date 1420 no clock summer time 1421 show clock 1422 65 Command Line Configuration Scripting Commands 1425 Commands in this Chapter 1425 script apply 1425 script delete 1426 script list 1427 script show 1427 script validate 1428 ...

Page 60: ...ds in this Chapter 1431 boot system 1432 clear config 1433 copy 1433 delete 1439 delete backup config 1440 delete backup image 1440 delete startup config 1441 dir 1441 erase 1442 filedescr 1443 rename 1444 show backup config 1445 show bootvar 1446 show running config 1447 show startup config 1448 update bootcode 1449 write 1450 ...

Page 61: ...rol l4port 1456 dos control sipdip 1457 dos control tcpflag 1458 dos control tcpfrag 1458 ip icmp echo reply 1459 ip icmp error interval 1460 ip unreachables 1461 ip redirects 1461 ipv6 icmp error interval 1462 ipv6 unreachables 1463 show dos control 1463 68 Line Commands 1465 exec timeout 1465 history 1466 history size 1467 line 1467 ...

Page 62: ...ass 1473 management access list 1474 permit management 1475 show management access class 1477 show management access list 1478 70 Mode Commands 1479 configure terminal 1479 do 1479 71 Password Management Commands 1483 Configurable Minimum Password Length 1483 Password History 1483 Password Aging 1483 User Lockout 1483 Password Strength 1484 ...

Page 63: ...numeric characters 1492 passwords strength minimum special characters 1493 passwords strength max limit consecutive characters 1493 passwords strength max limit repeated characters 1494 passwords strength minimum character classes 1495 passwords strength exclude keyword 1496 enable password encrypted 1497 show passwords configuration 1498 show passwords result 1500 72 PHY Diagnostics Commands 1501...

Page 64: ...inline limit 1508 power inline management 1509 power inline powered device 1510 power inline priority 1511 power inline priority enable 1512 power inline reset 1512 power inline usage threshold 1513 clear power inline statistics 1514 show power inline 1514 show power inline firmware version 1516 74 RMON Commands 1519 Commands in this Chapter 1519 rmon alarm 1519 rmon collection history 1522 ...

Page 65: ...tory 1529 show rmon log 1533 show rmon statistics 1534 75 SDM Templates Commands 1537 Commands in this Chapter 1537 sdm prefer 1537 show sdm prefer 1539 76 Serviceability Tracing Packet Commands 1543 Commands in this Chapter 1543 debug arp 1544 debug auto voip 1545 debug clear 1545 debug console 1546 debug dot1x 1546 debug igmpsnooping 1547 ...

Page 66: ...1 debug ip pimsm packet 1552 debug ip vrrp 1552 debug ipv6 dhcp 1553 debug ipv6 mcache 1554 debug ipv6 mld 1554 debug ipv6 pimdm 1555 debug ipv6 pimsm 1556 debug isdp 1557 debug lacp 1558 debug mldsnooping 1558 debug ospf 1559 debug ospfv3 1560 debug ping 1560 debug rip 1561 debug sflow 1562 debug spanning tree 1562 ...

Page 67: ... sflow polling Interface Mode 1568 sflow sampling 1569 sflow sampling Interface Mode 1570 show sflow agent 1571 show sflow destination 1572 show sflow polling 1573 show sflow sampling 1574 78 SNMP Commands 1577 Commands in this Chapter 1577 show snmp 1577 show snmp engineID 1579 show snmp filters 1579 show snmp group 1581 show snmp user 1582 ...

Page 68: ...ID local 1592 snmp server filter 1593 snmp server group 1595 snmp server host 1596 snmp server location 1598 snmp server user 1599 snmp server view 1600 snmp server v3 host 1602 79 SSH Commands 1605 Commands in this Chapter 1605 crypto key generate dsa 1605 crypto key generate rsa 1606 crypto key pubkey chain ssh 1607 crypto key zeroize pubkey chain 1608 crypto key zeroize rsa dsa 1609 ...

Page 69: ...how crypto key pubkey chain ssh 1615 show ip ssh 1616 user key 1617 80 Syslog Commands 1619 CLI Logged to Local File and Syslog Server 1619 Commands in this Chapter 1620 clear logging 1621 clear logging file 1621 description Logging 1622 level 1623 logging cli command 1623 logging 1625 logging audit 1627 logging buffered 1628 logging console 1629 ...

Page 70: ... port 1635 show logging 1636 show logging file 1637 show syslog servers 1638 terminal monitor 1639 81 System Management Commands 1641 asset tag 1641 banner exec 1642 banner login 1643 banner motd 1644 banner motd acknowledge 1645 clear checkpoint statistics 1648 clear counters stack ports 1648 cut through mode 1649 exec banner 1650 ...

Page 71: ...type 1655 member 1656 motd banner 1657 nsf 1657 ping 1658 reload 1660 set description 1661 slot 1662 show banner 1663 show boot version 1664 show checkpoint statistics 1665 show cut through mode 1666 show hardware profile 1667 show interfaces advanced firmware 1668 show interfaces media type 1669 show memory cpu 1670 ...

Page 72: ...how supported cardtype 1677 show supported switchtype 1679 show switch 1681 show system 1689 show system fan 1691 show system id 1692 show system power 1693 show system temperature 1694 show tech support 1695 show users 1697 show version 1699 stack 1699 stack port 1700 standby 1701 switch renumber 1702 telnet 1703 ...

Page 73: ... show ip telnet 1713 83 Terminal Length Commands 1715 terminal length 1715 84 Time Ranges Commands 1717 time range 1717 absolute 1718 periodic 1719 show time range 1721 85 USB Flash Drive Commands 1725 Validation of Files Downloaded Uploaded from USB Device 1725 Validation for Files Uploaded from Switch to USB Flash Drive 1726 Downloading and Uploading of Files 1726 ...

Page 74: ...ommands 1731 enable 1731 end 1732 exit 1732 quit 1733 87 Web Server Commands 1735 Web Sessions 1735 Commands in this Chapter 1736 common name 1736 country 1737 crypto certificate generate 1738 crypto certificate import 1739 crypto certificate request 1740 duration 1741 ip http port 1742 ip http server 1743 ...

Page 75: ...cure port 1744 ip http secure server 1745 key generate 1746 location 1746 organization unit 1747 show crypto certificate mycertificate 1748 show ip http server status 1749 show ip http server secure status 1749 state 1751 A Appendix A List of Commands 1753 ...

Page 76: ...Contents 76 ...

Page 77: ...rom a console terminal connected to an EIA TIA 232 port or through a Telnet SSH session This guide describes how the CLI is structured describes the command syntax and describes the command functionality This guide also provides information for configuring the PowerConnect switch details the procedures and provides configuration examples Basic installation configuration is described in the User s ...

Page 78: ...ooping Configures IGMP snooping and displays IGMP configuration and IGMP information IGMP Snooping Querier Configures IGMP Snooping Querier and displays IGMP Snooping Querier information IP Addressing Configures and manages IP addresses on the switch IPv6 ACL Configures and displays ACL information for IPv6 IPv6 MLD Snooping Configures IPv6 MLD Snooping IPv6 MLD Snooping Querier Configures IPv6 Sn...

Page 79: ... DHCP functions DVMRP Mcast Configures DVMRP operations IGMP Mcast Configures IGMP operations IGMP Proxy Mcast Manages IGMP Proxy on the system IP Helper DHCP Relay Configures relay of UDP packets IP Routing IPv4 Configures IP routing and addressing IPv6 Multicast Manages IPv6 Multicasting on the system IPv6 Routing Configures IPv6 routing and addressing Loopback Interface IPv6 Manages Loopback co...

Page 80: ...ce Provides several Denial of Service options Line Configures the console SSH and remote Telnet connection Management ACL Configures and displays management access list information Password Management Provides password management PHY Diagnostics Diagnoses and displays the interface status Power Over Ethernet PoE Configures PoE and displays PoE information RMON Can be configured through the CLI and...

Page 81: ...nterface Configuration reached via interface vlan xxx command IP IP Access List Configuration IR Interface Range KC Key Chain KE Key L Logging LC Line Configuration LD Link Dependency Syslog Manages and displays syslog messages System Management Configures the switch clock name and authorized users Telnet Server Configures Telnet service on the switch and displays Telnet information User Interface...

Page 82: ...n PCMC Policy Class Map Configuration R Radius RIP Router RIP Configuration RC Router Configuration ROSPF Router Open Shortest Path First ROSV3 Router Open Shortest Path First Version 3 SG Stack Global Configuration SP SSH Public Key SK SSH Public Key chain TC TACACS Configuration TRC Time Range Configuration UE User EXEC VC VLAN Configuration reached via vlan database command v6ACL IPv6 Access Li...

Page 83: ...nable authentication Specifies the authentication method list when accessing a higher privilege level from a remote telnet or console LC enable password Sets a local password to control access to the normal level GC ip http authentication Specifies authentication methods for http GC ip https authentication Specifies authentication methods for https GC login authentication Specifies the login authe...

Page 84: ...e 81 admin profile Creates an administrative profile GC description Administrative Profile Config Adds a description to an administrative profile APC rule Adds a rule to an administrative profile APC show admin profiles Displays the administrative profiles PE show admin profiles brief Lists the names of the administrative profiles defined on the switch PE show cli modes Lists the names of all the ...

Page 85: ...List ACL name GC service acl input Blocks Link Local Protocol Filtering LLPF protocol s on a given port IC show service acl interface Displays the status of LLPF rules configured on a particular port or on all the ports PE show ip access lists Displays an Access Control List ACL and all of the rules that are defined for the ACL PE show mac access list Displays a MAC access list and all of the rule...

Page 86: ...ddress UE or PE show mac address table count Displays the number of addresses present in the Forwarding Database PE show mac address table dynamic Displays all entries in the bridge forwarding database UE or PE show mac address table interface Displays the mac forwarding table entries for a specific interface UE or PE show mac address table multicast Displays Multicast MAC address table informatio...

Page 87: ...p counters Clears the ISDP counters PE clear isdp table Clears entries in the ISDP table PE isdp advertise v2 Enables the sending of ISDP version 2 packets from the device GC isdp enable Enables ISDP on the switch GC or IC isdp holdtime Configures the hold time for ISDP packets that the switch transmits GC isdp timer Sets period of time between sending new ISDP packets GC show isdp Displays global...

Page 88: ...s the L2 DHCP Relay agent for a set of VLANs GC dhcp l2relay trust Configures an interface to trust a received DHCP Option 82 IC Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 81 release dhcp Forces the DHCPv4 client to release a leased address PE renew dhcp Forces the DHCP client to immediately renew an IPv4 address lane PE debug dhcp packet Displays ...

Page 89: ...ages filtered by the DHCP Snooping application IC ip dhcp snooping trust Configure a port as trusted for DHCP snooping IC ip dhcp snooping verify mac address Enables the verification of the source MAC address with the client MAC address in the received DHCP message GC show ip dhcp snooping Displays the DHCP snooping global and per port configuration PE show ip dhcp snooping binding Displays the DH...

Page 90: ...p inspection validate Enables additional validation checks like source MAC address validation destination MAC address validation or IP address validation on the received ARP packets GC ip arp inspection vlan Enables Dynamic ARP Inspection on a single VLAN or a range of VLANs GC permit ip host mac host Configures a rule for a valid IP address and MAC address combination used in ARP packet validatio...

Page 91: ...e Tests whether or not an e mail is being sent to an SMTP server GC show logging email statistics Displays information on how many e mails are sent how many e mails failed when the last e mail was sent how long it has been since the last e mail was sent how long it has been since the e mail changed to disabled mode PE clear logging email statistics Clears the e mail alerting statistics GC security...

Page 92: ...face configuration mode to execute a command on multiple ports at the same time GC IC IR show interfaces advertise Displays information about auto negotiation advertisement PE show interfaces configuration Displays the configuration for all configured interfaces UE show interfaces counters Displays traffic seen by the physical interface UE show interfaces description Displays the description for a...

Page 93: ... ethernet cfm domain Enters into maintenance domain config mode for an existing domain Use the optional level parameter to create a domain and enter into maintenance domain config mode GC service Associates a VLAN with a maintenance domain MDC ethernet cfm cc level Initiates sending continuity checks CCMs at the specified interval and level on a VLAN monitored by an existing domain GC ethernet cfm...

Page 94: ...istics PE debug cfm Enables CFM debugging PE a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea green mode energy detect Enables a Dell proprietary mode of power reduction on ports that are not connected to another interface IC green mode eee Enables EEE low power idle mode on an interface or all the interfaces IC clear green mode statistics Clears The ...

Page 95: ...e abbreviation see Mode Types on page 81 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 81 clear gvrp statistics Clears all the GVRP statistics information PE garp timer Adjusts the GARP application join leave and leaveall GARP timer values IC gvrp enable global Enables GVRP globally GC gvrp enable interface Enables GVRP on an interface IC gvrp registr...

Page 96: ...GMP Snooping fast leave mode on a selected VLAN VC ip igmp snooping vlan groupmembership interval Sets the IGMP Group Membership Interval time on a VLAN VC ip igmp snooping vlan last member query interval Sets the IGMP Maximum Response time on a particular VLAN VC ip igmp snooping vlan mcrtrexpiretime Sets the Multicast Router Present Expiration time VC ip igmp snooping report suppression Enables ...

Page 97: ...ypes on page 81 Command Description Modea clear host Deletes entries from the host name to address cache PE clear ip address conflict detect Clears the address conflict detection status in the switch PE ip address Out of Band Sets an IP address for the out of band interface IC ip address conflict detect run Triggers the switch to run active address conflict detection by sending gratuitous ARP pack...

Page 98: ... of host names and addresses UE show ip address conflict Displays the status information corresponding to the last detected address conflict UE or PE show ip helper address Displays the ip helper addresses configuration PE show ipv6 dhcp interface out of band statistics Displays IPv6 DHCP statistics for the out of band interface PE show ipv6 interface out of band Displays the IPv6 out of band port...

Page 99: ...rship interval Sets the MLD Group Membership Interval time on a VLAN or interface VC ipv6 mld snooping vlan last listener query interval Sets the MLD Maximum Response time for an interface or VLAN IC or VC ipv6 mld snooping listener message suppression Enables MLD listener message suppression on a specific VLAN GC ipv6 mld snooping vlan mrouter Statically configures a port as connected to a multic...

Page 100: ... Querier information PE a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 81 ip verify source Enables filtering of IP packets matching the source IP address IC ip verify source port security Enables filtering of IP packets matching the source IP address and the source MAC address IC ip ...

Page 101: ...dea a For the meaning of each Mode abbreviation see Mode Types on page 81 action Indicates if the link dependency group should mirror or invert the status of the depended on interfaces LD link dependency group Enters the link dependency mode to configure a link dependency group GC add gigabitethernet Adds member gigabit Ethernet port s to the dependency list LD add tengigabitethernet Adds member t...

Page 102: ...ons are sent GC lldp receive Enables the LLDP receive capability IC lldp timers Sets the timing parameters for local data transmission on ports enabled for LLDP GC lldp transmit Enables the LLDP advertise capability IC lldp transmit mgmt Specifies that transmission of the local system management address information in the LLDPDUs is included IC lldp transmit tlv Specifies which optional TLVs in th...

Page 103: ...ing of each Mode abbreviation see Mode Types on page 81 mvr Enables MVR GC or IC mvr group Adds an MVR membership group GC mvr mode Changes the MVR mode type GC mvr querytime Sets the MVR query response time GC mvr vlan Sets the MVR multicast VLAN GC mvr immediate Enables MVR Immediate Leave mode IC mvr type Sets the MVR port type IC mvr vlan group Use to participate in the specific MVR group IC s...

Page 104: ...onfigures the priority value for physical ports IC lacp system priority Configures the system LACP priority GC lacp timeout Assigns an administrative LACP timeout IC port channel min links Sets the minimum number of links that must be up in order for the port channel interface to be declared up IC show interfaces port channel Displays port channel information PE show lacp Displays LACP information...

Page 105: ...ce ip dscp mapping Maps an IP DSCP value to an internal traffic class GC classofservice trust Sets the class of service trust mode of an interface GC or IC conform color Specifies the precoloring of packets conforming to or exceeding the specified rate s The possible actions are drop setdscp transmit set prec transmit or transmit PCMC cos queue min bandwidth Specifies the minimum transmission band...

Page 106: ...et CMC match dstip Adds to the specified class definition a match condition based on the destination IP address of a packet CMC match dstip6 Adds to the specified class definition a match condition based on the destination IPv6 address of a packet v6CMC match dstl4port Adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword ...

Page 107: ... v6CMC match srcl4port Adds to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword a numeric notation or a numeric range notation CMC match vlan Adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field CMC mirror Mirrors all the data that matches the class defined to the destina...

Page 108: ...sses for a specific interface PE show classofservice trust Displays the current trust mode setting for a specific interface PE show diffserv Displays the DiffServ General Status information PE show diffserv service interface Displays policy service information for the specified interface and direction PE show diffserv service interface port channel Displays policy service information for the speci...

Page 109: ...n requests of the designated radius server R deadtime Improves Radius response times when a server is unavailable by causing the unavailable server to be skipped R debug aaa accounting Enables debugging for accounting PE key Sets the authentication and encryption key for all RADIUS communications between the switch and the RADIUS daemon R msgauth Enables the message authenticator attribute to be u...

Page 110: ... radius server timeout Sets the interval for which a switch waits for a server host to reply GC retransmit Specifies the number of times the software searches the list of RADIUS server hosts before stopping the search R show aaa servers Displays the list of configured RADIUS servers and the values configured for the global parameters of the RADIUS client UE or PE show accounting methods Displays t...

Page 111: ...C spanning tree auto portfast Sets the port to auto portfast mode IC spanning tree bpdu flooding Allows flooding of BPDUs received on nonspanning tree ports to all other non spanning tree ports GC spanning tree bpdu protection Enables BPDU protection on a switch GC spanning tree cost Configures the spanning tree path cost for a port IC spanning tree disable Disables spanning tree on a specific por...

Page 112: ...e ports in portfast mode GC spanning tree portfast default Enables Portfast mode on all ports GC spanning tree port priority Configures port priority IC spanning tree priority Configures the spanning tree priority GC spanning tree tcnguard Prevents a port from propagating topology change notifications IC spanning tree transmit hold count Set the maximum number of BPDUs that a bridge is allowed to ...

Page 113: ...e vlan Enters the VLAN interface configuration mode GC interface range vlan Enters the interface configuration mode to configure multiple VLANs GC mode dvlan tunnel Enables Double VLAN tunneling on the specified interface IC name VLAN Configuration Configures a name to a VLAN IC private vlan Defines a private VLAN association between the primary and secondary VLANs VC protocol group Attaches a vla...

Page 114: ...ed with a specific configured IP subnet PE show vlan private vlan switchport access vlan Configures the VLAN ID when the interface is in access mode IC switchportgeneralforbidden vlan Forbids adding specific VLANs to a port IC switchport general acceptable frame type tagged only Discards untagged frames at ingress IC switchport general allowed vlan Adds or removes VLANs from a port in General mode...

Page 115: ...o the system GC vlan protocol group add protocol Adds a protocol to the protocol based VLAN identified by groupid GC vlan protocol group name Adds a group name to the protocol based VLAN identified by groupid GC vlan protocol group remove Removes the protocol base VLAN group identified by groupid GC a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea a F...

Page 116: ...rol of the authorization state of the port IC dot1x re authenticate Manually initiates a re authentication of all 802 1x enabled ports or a specified 802 1X enabled port PE dot1x reauthentication Enables periodic re authentication of the client IC dot1x system auth control monitor Enables 802 1X globally GC dot1x timeout guest vlan period Sets the number of seconds that the switch waits before aut...

Page 117: ... Displays detailed information about the users who have successfully authenticated on the system or on a specified port PE show dot1x interface Shows the status of MAC Authentication Bypass PE show dot1x interface statistics Displays 802 1X statistics for the specified interface PE show dot1x users Displays active 802 1X authenticated users for the switch PE clear dot1x authentication history Clea...

Page 118: ...the ARP cache PE arp resptime Configures the ARP request response timeout GC arp retries Configures the ARP count of maximum request for retries GC arp timeout Configures the ARP entry age out time GC clear arp cache Removes all ARP entries of type dynamic from the ARP cache PE clear arp cache management Removes all entries from the ARP cache learned from the management port PE ip local proxy arp ...

Page 119: ... DHCP client to use DP dns server IP DHCP Pool Config Sets the IPv4 DNS server address which is provided to a DHCP client by the DHCP server DP domain name IP DHCP Pool Config Sets the DNS domain name which is provided to a DHCP client by the DHCP server DP hardware address Specifies the MAC address of a client to be manually assigned an address DP host Specifies a manual binding for a DHCP client...

Page 120: ...e synchronization of the client DP show ip dhcp binding Displays the configured DHCP bindings PE show ip dhcp conflict Displays DHCP address conflicts for all relevant interfaces or a specified interface PE show ip dhcp global configuration Displays the DHCP global configuration PE show ip dhcp pool Displays the configured DHCP pool or pools UE or PE show ip dhcp server statistics Displays the DHC...

Page 121: ... PE show ipv6 dhcp binding Displays the configured DHCP pool PE show ipv6 dhcp interface User EXEC Displays DHCPv6 information for all relevant interfaces or a specified interface UE PE show ipv6 dhcp pool Displays the configured DHCP pool PE show ipv6 dhcp statistics Displays the DHCPv6 server name and status UE a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Descrip...

Page 122: ...lly or on a port GC or IC show gmrp configuration Displays GMRP configuration GC or IC Command Description Modea ip igmp Sets the administrative mode of IGMP in the system to active GC ip igmp last member query count Sets the number of Group Specific Queries sent before the router assumes that there are no local members on the interface IC ip igmp last member query interval Configures the Maximum ...

Page 123: ...mp groups Displays the registered multicast groups on the interface PE show ip igmp interface Displays the IGMP information for the specified interface PE show ip igmp membership Displays the list of interfaces that have registered in the multicast group PE show ip igmp interface stats Displays the IGMP statistical information for the interface PE a For the meaning of each Mode abbreviation see Mo...

Page 124: ...r statistics Resets to 0 the statistics displayed in show ip helper statistics PE ip dhcp relay information check Enables DHCP Relay to check that the relay agent information option in forwarded BOOTREPLY messages is valid GC ip dhcp relay information check reply Enables DHCP Relay to check that the relay agent information option in forwarded BOOTREPLY messages is valid IC ip dhcp relay informatio...

Page 125: ...ulation Configures the link layer encapsulation type for the packet IC ip address Configures an IP address on an interface IC ip mtu Sets the IP Maximum Transmission Unit MTU on a routing interface IC ip netdirbcast Enables the forwarding of network directed broadcasts IC ip route Configures a static route Use the no form of the command to delete the static route GC ip route default Configures the...

Page 126: ...eap PE a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea clear ipv6 neighbors Clears all entries in the IPv6 neighbor table or an entry on a specific interface PE clear ipv6 statistics Clears IPv6 statistics for all interfaces or for a specific interface including loopback and tunnel interfaces PE ipv6 address Configures an IPv6 address on an interface...

Page 127: ...rval Sets the MLD router s query interval for the interface IC ipv6 mld query max response time Sets MLD querier s maximum response time for the interface IC ipv6 mld router Enables MLD in the router in global configuration mode and for a specific interface in interface configuration mode GC or IC ipv6 mtu Sets the maximum transmission unit MTU size in bytes of IPv6 packets on an interface IC ipv6...

Page 128: ...lt distance preference for static routes GC ipv6 unicast routing Enables forwarding of IPv6 unicast datagrams GC ping ipv6 Determines whether another computer is on the network PE ping ipv6 interface Determines whether another computer is on the network using Interface keyword PE show ipv6 brief Displays the IPv6 status of forwarding mode and IPv6 unicast routing mode PE show ipv6 interface Shows ...

Page 129: ...ype of route PE show ipv6 route summary Displays a summary of the routing table PE show ipv6 traffic Shows traffic and statistics for IPv6 and ICMPv6 UE show ipv6 vlan Displays IPv6 VLAN routing interface addresses PE traceroute ipv6 Discovers the routes that packets actually take when traveling to their destination through the network on a hop by hop basis PE a For the meaning of each Mode abbrev...

Page 130: ...he router to advertise itself as a bootstrap router BSR GC ip pim dense Administratively configures PIM dense mode for IP multicast routing GC ip pim dr priority Administratively configures the advertised designated router DR priority value IC ip pim hello interval Administratively configures the PIM Hello messages on the specified interface IC ip pim join prune interval Administratively configure...

Page 131: ...multicast mroute table PE show ip mcast mroute static Displays all the static routes configured in the static mcast table PE show ip pim bsr router Displays the bootstrap router BSR information PE show ip pim interface Displays PIM interface status parameters If no interface is specified the command displays the status parameters of all PIM enabled interfaces UE or PE show ip pim neighbor Displays...

Page 132: ...ministratively configures the PIM SM Hello Interval for the specified interface IC ipv6 pim join prune interval Administratively configures the interface join prune interval for the PIM SM router IC ipv6 pim register rate limit Sets a limit on the maximum number of PIM register messages sent per second for each S G entry GC ipv6 pim register threshold Configures the Register Threshold rate for the...

Page 133: ... being selected for a specified group PE or GC show ipv6 pim rp mapping Displays all group to RP mappings of which the router is aware either configured or learned from the bootstrap router BSR PE or GC a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea area default cost Router OSPF Configures the advertised default cost for the stub area ROSPF area nss...

Page 134: ...F area virtual link dead interval Configures the dead interval for the OSPF virtual interface on the virtual interface identified by area id and neighbor router ROSPF area virtual link hello interval Configures the hello interval for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID ROSPF area virtual link retransmit interval Configures the retransmit in...

Page 135: ...F ip ospf area Enables OSPFv2 and sets the area ID of an interface IC ip ospf authentication Sets the OSPF Authentication Type and Key for the specified interface IC ip ospf cost Configures the cost on an OSPF interface IC ip ospf dead intervall Sets the OSPF dead interval for the specified interface IC ip ospf hello interval Sets the OSPF hello interval for the specified interface IC ip ospf mtu ...

Page 136: ...default Enables the global passive mode by default for all interfaces ROSPF passive interface Sets the interface or tunnel as passive ROSPF redistribute Configures OSPF protocol to allow redistribution of routes from the specified source protocol routers ROSPF router id Sets a 4 digit dotted decimal number uniquely identifying the router OSPF ID ROSPF router ospf Enters Router OSPF mode GC show ip...

Page 137: ...on about recent Shortest Path First SPF calculations PE show ip ospf stub table Displays the OSPF stub table PE show ip ospf virtual link Displays the OSPF Virtual Interface information for a specific area and neighbor PE show ip ospf virtual links brief Displays the OSPF Virtual Interface information for all areas in the system PE timers pacing flood Adjusts the rate at which OSPFv2 sends LS Upda...

Page 138: ...entified by areaid ROSV3 area virtual link Creates the OSPF virtual interface for the specified areaid and neighbor ROSV3 area virtual link dead interval Configures the dead interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor ROSV3 area virtual link hello interval Configures the hello interval for the OSPF virtual interface on the virtual interface id...

Page 139: ...ce IC ipv6 ospf hello interval Sets the OSPF hello interval for the specified interface IC ipv6 ospf mtu ignore Disables OSPF maximum transmission unit MTU mismatch detection IC ipv6 ospf network Changes the default OSPF network type for the interface IC ipv6 ospf priority Sets the OSPF priority for the specified router interface IC ipv6 ospf retransmit interval Sets the OSPF retransmit interval f...

Page 140: ...SPFv3 routes to reach Area Border Routers ABR PE show ipv6 ospf area Displays information about the area PE show ipv6 ospf asbr Displays the internal OSPFv3 routes to reach Autonomous System Boundary Routes ASBR PE show ipv6 ospf border routers Displays internal OSPFv3 routers to reach Area Border Routers ABR and Autonomous System Boundary Routers ASBR UE or PE show ipv6 ospf database Displays inf...

Page 141: ... see Mode Types on page 81 Command Description Modea ip irdp Enables Router Discovery on an interface IC ip irdp address Configures the address that the interface uses to send the router discovery advertisements IC ip irdp holdtime Configures the value in seconds of the holdtime field of the router advertisement sent from this interface IC ip irdp maxadvertinterval Configures the maximum time in s...

Page 142: ...routes received from the source protocol RIP enable Resets the default administrative mode of RIP in the router active RIP hostroutesaccept Enables the RIP hostroutesaccept mode RIP ip rip Enables RIP on a router interface IC ip rip authentication Sets the RIP Version 2 Authentication Type and Key for the specified interface IC ip rip receive version Configures the interface to allow RIP control p...

Page 143: ...ration mode for a tunnel GC show interfaces tunnel Displays the parameters related to tunnel such as tunnel mode tunnel source address and tunnel destination address PE tunnel destination Specifies the destination transport address of the tunnel IC tunnel mode ipv6ip Specifies the mode of the tunnel IC tunnel source Specifies the source transport address of the tunnel either explicitly or by refer...

Page 144: ...al router advertisement IC vrrp timers learn Configures the router when it is acting as backup virtual router for a VRRR group to learn the advertisement interval used by the master virtual router IC vrrp track interface Alters the priority of the VRRP router based on the availability of its interfaces IC vrrp track ip route Tracks route reachability IC show vrrp Displays the global VRRP configura...

Page 145: ...owngrade Enables downgrading the firmware version on the stack member if the firmware version on the manager is older than the firmware version on the member GC boot host autoreboot Enables rebooting the device no administrative intervention when the auto image is successfully downloaded GC boot host autosave Enables disables automatically saving the downloaded configuration on the switch GC boot ...

Page 146: ...affic for a captive portal configuration CPI configuration Enables the captive portal instance mode CP enable Enables a captive portal configuration CPI group Configures the group number for a captive portal configuration CPI interface Associates an interface with a captive portal configuration CPI locale Associates an interface with a captive portal configuration CPI name Captive Portal Configure...

Page 147: ...ration status Displays the clients authenticated to all captive portal configurations or a to specific configuration PE clear captive portal users Deletes all captive portal user entries PE no user Deletes a user from the local user database CP show captive portal user Displays all configured users or a specific user in the captive portal local user database PE user group Associates a group with a...

Page 148: ...rent group CP user group name Configures a group name CP a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 81 macro name Creates a user defined macro GC macro global apply Use to apply a macro GC macro global trace Applies and traces a macro GC macro global description Appends a line to...

Page 149: ...chronize GC sntp unicast client enable Enables clients to use Simple Network Time Protocol SNTP predefined Unicast clients GC clock timezone hours offset Sets the offset to Coordinated Universal Time GC clock summer time recurring Sets the summertime offset to UTC recursively every year GC clock summer time date Sets the summertime offset to UTC GC show clock Displays the time and date from the sy...

Page 150: ...le PE dir Prints the contents of the flash file system PE erase Erases the startup configuration the backup configuration or the backup image PE filedescr Adds a description to a file PE rename Renames the file present in flash PE show backup config Displays contents of a backup configuration file PE show bootvar Displays the active system image file that the switch loads at startup UE show runnin...

Page 151: ...ions GC dos control tcpfrag Enables TCP Fragment Denial of Service protection GC ip icmp echo reply Enables or disables the generation of ICMP Echo Reply messages GC ip icmp error interval Limits the rate at which IPv4 ICMP error messages are sent GC ip unreachables Enables the generation of ICMP Destination Unreachable messages IC ip redirects Enables the generation of ICMP Redirect messages IC i...

Page 152: ...e Types on page 81 deny management Defines a deny rule MA management access class Defines which management access list is used GC management access list Defines a management access list and enters the access list for configuration GC permit management Defines a permit rule MA show management access class Displays the active management access list PE show management access list Displays management ...

Page 153: ... administrator to enforce a minimum length required for a password GC passwords strength check Enables the Password Strength feature GC passwords strength minimum uppercase letters Enforces a minimum number of uppercase letters that a password should contain GC passwords strength minimum lowercase letters Enforces a minimum number of lowercase letters that a password must contain GC passwords stre...

Page 154: ...configuration parameters for password configuration PE show passwords result Displays the last password set result information PE a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 81 show copper ports tdr Displays the last TDR Time Domain Reflectometry tests on specified ports PE show f...

Page 155: ...power inline management command for power management GC power inline reset Use to reset the port IC power inline usage threshold Configures the system power usage threshold level at which lower priority ports are disconnected GC clear power inline statistics Clears the PoE statistics PE show power inline Reports current PoE configuration and status PE show power inline firmware version Displays th...

Page 156: ...eaning of each Mode abbreviation see Mode Types on page 81 sdm prefer Changes the template that will be active after the next reboot GC show sdm prefer Views the currently active SDM template and its scaling parameters or views the scaling parameters for an inactive template PE Command Description Modea debug arp Enables tracing of ARP packets PE debug auto voip Enables Auto VOIP debug messages PE...

Page 157: ...tivities and to trace DHCPv6 packets to and from the local DHCPv6 client PE debug ipv6 mcache Traces MDATAv6 packet reception and transmission PE debug ipv6 mld Traces MLD packet reception and transmission PE debug ipv6 pimdm Traces PIMDMv6 packet reception and transmission PE debug ipv6 pimsm Traces PIMSMv6 packet reception and transmission PE debug isdp Traces ISDP packet reception and transmiss...

Page 158: ... owner string receiver timeout ip address and port GC sflow polling Enables a new sflow poller instance for the data source if rcvr_idx is valid GC sflow polling Interface Mode Enable a new sflow poller instance for this data source if rcvr_idx is valid IC sflow sampling Enables a new sflow sampler instance for this data source if rcvr_idx is valid GC sflow sampling Interface Mode Enables a new sf...

Page 159: ...urity models to the group name GC snmp server contact Sets up a system contact sysContact string GC snmp server enable traps Enables SNMP traps globally or enables specific SNMP traps GC snmp server engineID local Specifies the Simple Network Management Protocol SNMP engine ID on the local switch GC snmp server filter Creates or updates an SNMP server filter entry GC snmp server group Configures a...

Page 160: ...itch GC ip ssh port Specifies the port to be used by the SSH server GC ip ssh pubkey auth Enables public key authentication for incoming SSH sessions GC ip ssh server Enables the switch to be configured from a SSH server connection GC key string Manually specifies a SSH public key SK no crypto certificate Removes the SSH public keys from the switch GC show crypto key mypubkey Displays its own SSH ...

Page 161: ...severity GC logging console Limits messages logged to the console based on severity GC logging facility Configures the facility to be used in log messages GC logging file Limits syslog messages sent to the logging file based on severity GC logging on Controls error messages logging GC logging snmp Enables SNMP Set command logging GC logging web session Enables web session logging GC port Specifies...

Page 162: ...ack ports PE cut through mode Enables the cut through mode on the switch GC exec banner Enables exec banner on the console telnet or SSH connection LC hostname Specifies or modifies the switch host name GC initiate failover Forces failover of management unit GC locate Locates a switch by LED blinking PE login banner Enables login banner on the console telnet or SSH connection LC media type Selects...

Page 163: ...ge history Shows the history of unit power consumption for the unit specified in the command and total stack power consumption PE show process cpu Checks the CPU utilization for each process currently running on the switch PE show sessions Displays a list of the open telnet sessions to remote hosts PE show slot Displays information about all the slots in the system or for a specific slot UE show s...

Page 164: ... Global Configuration mode GC stack port Sets the mode to Stack Global Configuration mode to configure Stack ports as either Stacking ports or as Ethernet ports GC standby Configures the standby in the stack SG switch renumber Changes the identifier for a switch in the stack GC telnet Logs into a host that supports Telnet PE traceroute Discovers the IP routes that packets actually take when travel...

Page 165: ... consisting of one absolute time entry and or one or more periodic time entries GC absolute Adds an absolute time entry to a time range TRC periodic Adds a periodic time entry to a time range TRC show time range Displays a time range and all the absolute periodic time entries that are defined for the time range PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types...

Page 166: ...rtificate GC crypto certificate import Imports a certificate signed by the Certification Authority for HTTPS GC crypto certificate request Generates and displays a certificate request for HTTPS PE duration Specifies the duration in days CC ip http port Specifies the TCP port for use by a web browser to configure the switch GC ip http server Enables the switch to be configured from a browser GC ip ...

Page 167: ...SSL certificates of your switch PE show ip http server status Displays the HTTP server status information PE show ip http server secure status Displays the HTTP secure server status information UE or PE state Specifies the state or province name CC a For the meaning of each Mode abbreviation see Mode Types on page 81 Command Description Modea ...

Page 168: ...Command Groups 168 ...

Page 169: ...gle command is limited to 1536 characters Keywords identify a command and arguments specify configuration parameters For example in the command show interfaces status gigabitethernet 1 0 5 show interfaces and status are keywords gigabitethernet is an argument that specifies the interface type and 1 0 5 specifies the unit slot port When working with the CLI the command options are not displayed The...

Page 170: ...entions are applicable to CLI command entry and editing History Buffer Negating Commands Show Command Command Completion Short Form Commands Keyboard Shortcuts Operating on Multiple Objects Range Command Scripting CLI Command Notation Conventions Interface Naming Conventions History Buffer Every time a command is entered in the CLI it is recorded in an internally managed Command History buffer Com...

Page 171: ... describes the negation effect for all commands to which it applies Show Command The show command executes in the User Executive EXEC Privileged Executive EXEC config mode interface config mode and all config submodes such as VLAN database config mode and interface config mode with command completion Example console en console configure console config interface gi1 0 1 console config if Gi1 0 1 sh...

Page 172: ...sing the tab key an incomplete command is changed into a complete command If the characters already entered are not enough for the system to identify a single matching command the key displays the available commands matching the characters already entered Short Form Commands The CLI supports the short forms of all commands As long as it is possible to recognize the entered command unambiguously th...

Page 173: ... F Go forward one character Ctrl B Go backward one character Ctrl D Delete current character Ctrl U X Delete to beginning of line Ctrl K Delete to the end of the line Ctrl W Delete previous word Ctrl T Transpose previous character Ctrl P Go to previous line history buffer Ctrl R Rewrites or pastes the line Ctrl N Go to next line in history buffer Ctrl Y Print last deleted character Ctrl Q Enables ...

Page 174: ...0 1 1 0 3 5 1 0 7 indicates that the operation applies to the gigabit Ethernet ports 1 3 4 5 and 7 on unit 1 NOTE Each port must be a fully qualified port identifier in the format unit slot port See Interface Naming Conventions on page 176 To specify a range of LAGs use the following command interface range port channel 1 48 No spaces are allowed anywhere in a range parameter e g gi1 0 1 2 is not ...

Page 175: ...ons as they are used in syntax definitions Table 2 3 CLI Command Notation Conventions Convention Description In a command line square brackets indicate an optional entry In a command line inclusive brackets indicate a selection of compulsory parameters separated by the character One option must be selected For example flowcontrol auto on off means that for the flowcontrol command either auto on or...

Page 176: ... where a number of switches are stacked to form a virtual switch In this case the Unit indicates the logical position of the switch in a stack The range is 1 12 The unit value is 1 for standalone switches Slot The slot number is an integer number assigned to a particular slot Front panel ports have a slot number of 0 Rear panel ports are numbered from 1 and can be identified by the lexan on the re...

Page 177: ...ack Interfaces Loopback interfaces are represented in the CLI by the variable loopback id which can assume values from 0 7 VLAN Interfaces VLAN interfaces are represented in the CLI by the variable vlan id which can can assume values from 1 4093 Tunnel Interfaces Tunnel interfaces are represented in the CLI by the variable tunnel id which can assume values from 0 7 Interface Type Long Form Short F...

Page 178: ...ere is no space port channel 1 vl 5 Example 2 console show vlan VLAN Name Ports Type 1 default Po1 48 Default Gi1 0 1 24 Example 3 console show slot 1 0 Slot 1 0 Slot Status Full Admin State Enable Power State Enable Inserted Card Model Identifier PowerConnect 7024F Card Description Dell 24 Port Fiber Configured Card ...

Page 179: ...9 Model Identifier PowerConnect 7024F Card Description Dell 24 Port Fiber Pluggable No Power Down No console show slot 1 2 Slot 1 2 Slot Status Empty Admin State Disable Power State Disable Pluggable Yes Power Down No ...

Page 180: ...e routing protocols necessary to enable the distribution of routes Utility describes commands used to manage the switch Commands that cause specific actions to be taken immediately by the system and do not directly affect the system configurations are defined at the top of the command tree For example commands for rebooting the system or for downloading or backing up the system configuration files...

Page 181: ...nd other specific configuration modes User EXEC Mode After logging into the switch the user is automatically in the User EXEC command mode unless the user is defined as a privileged user In general the User EXEC commands allow the user to perform basic tests and list system information The user level prompt consists of the switch host name followed by the angle bracket console The default host nam...

Page 182: ...quired hardware is present or both For example a port can be preconfigured with both trunk and access mode information The trunk mode information is applied only when the port is placed into trunk mode and the access mode information is only applied when the port is placed into access mode Likewise OSPF routing can be configured in the switch without being enabled on any port Interface and Other S...

Page 183: ...anagement Access List configuration mode Policy map Use the policy map command to access the QoS policy map configuration mode to configure the QoS policy map Policy Class Use the class command to access the QoS Policy class mode to attach or remove a diffserv class from a policy and to configure the QoS policy class Class Map This mode consists of class creation deletion and matching commands The...

Page 184: ...pecify the SSH Public key of a remote SSH Client The SSH Public Key Chain Configuration mode command user key command is used to enter the SSH Public Key Configuration mode MAC Access List Configures conditions required to allow traffic based on MAC addresses The Global Configuration mode command mac access list is used to enter the MAC Access List configuration mode TACACS Configures the paramete...

Page 185: ...r example 1 0 1 The sign is used to indicate that the system is in the Privileged EXEC mode The symbol indicates that the system is in the User EXEC mode which is a read only mode in which the system does not allow configuration Navigating CLI Command Modes Table 2 5 describes how to navigate through the CLI Command Mode hierarchy Table 2 5 Navigating CLI Command Modes Command Mode Access Method C...

Page 186: ...eged EXEC mode Management Access List From Global Configuration mode use the management access list command console config macal To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Policy Class Map From Global Configuration mode use the policy map class command console config policy map To exit to Global Configuration mode use the exit command or press...

Page 187: ...o Privileged EXEC mode SSH Public Key Chain From Global Configuration mode use the crypto key pubkey chain ssh command console config pubkey chain To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SSH Public Key String From the SSH Public Key Chain mode use the user key user name rsa dsa command console config pubkey key To return to the SSH Public k...

Page 188: ...ress Ctrl Z to Privileged EXEC mode SNMP Host Configuration From Global Configuration mode use the snmp server command console config snmp To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SNMP v3 Host Configuration From Global Configuration mode use the snmp server v3 host command console config snmp To exit to Global Configuration mode use the exit...

Page 189: ...o Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Crypto Certificate Request From Privileged EXEC mode use the crypto certificate number request command console config crypto cert To exit to PrivilegedEXEC mode use the exit command or press Ctrl Z Stack From Global Configuration mode use the stack command console config stack To exit to Global Configuration m...

Page 190: ... command or press Ctrl Z to Privileged EXEC mode VLAN Config From Global Configuration mode use the vlan database command console config vlan To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Router OSPF Conf From Global Configuration mode use the router ospf command console config router To exit to Global Configuration mode use the exit command or p...

Page 191: ... IPv6 DHCP Pool Mode From Global Configuration mode use the ipv6 dhcp pool command console config dhcp6s pool To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Interface Configuration Modes Gigabit Ethernet From Global Configuration mode use the interface gigabitethernet command Or use the abbreviation interface gi console config if Giunit slot port ...

Page 192: ... To exit to Global Configuration mode use the exit command or Ctrl Z to Privileged EXEC mode VLAN From Global Configuration mode use the interface vlan command console config if vlanvlan id To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Tunnel From Global Configuration mode use the interface tunnel command Or use the abbreviation interface tu cons...

Page 193: ...If access is through a Telnet connection the switch must have a defined IP address corresponding management access granted and a connection to the network Easy Setup Wizard The Easy Setup Wizard guides the user in the basic initial configuration of a newly installed switch so that it can be immediately deployed and functional in its basic operation and be completely manageable through the Web CLI ...

Page 194: ...skip this step if SNMP management is not used If it is configured the default access level is set to the highest available access for the SNMP management interface The user may return later to add to the community string or reconfigure the access level of the community string Initially only SNMPv1 2c will be activated SNMPv3 is disabled until the user returns to configure security access for SNMPv...

Page 195: ...ng all the data Since a switch may be powered on in the field without a serial connection the switch waits 60 seconds for the user to respond to the setup wizard question in instances where no configuration files exist If there is no response the switch continues normal operation using the default factory configuration While waiting for the response from the user normal switch operation will conti...

Page 196: ...the user want to use setup wizard No Transfer to CLI mode No Did the user previously save a startup configuration Yes Transfer to CLI mode Yes Is SNMP Management Required Yes Yes Save Setup Discard Changes and Restart Wizard Request IP Address Network Mask Default Gateway IP Request SNMP Community String Server IP Address No No ...

Page 197: ...the community string is set up as defined above SNMPv3 is disabled The admin user account is set up as defined The address of the network management station is configured From this management station the user can access the SNMP HTTP and CLI interfaces The user may also choose to allow all IP addresses to access switch management by choosing the 0 0 0 0 IP address An IP address is configured for t...

Page 198: ...h normal operation using the default system configuration Note You can exit the setup wizard at any point by entering ctrl z Would you like to run the setup wizard you must answer this question within 60 seconds Y N y Step 1 The system is not setup for SNMP management by default To manage the switch using SNMP required for Dell Network Manager you can o Set up the initial SNMP version 2 account no...

Page 199: ... Step 2 Now we need to setup your initial privilege Level 15 user account This account is used to login to the CLI and Web interface You may setup other accounts and change privilege levels later For more information on setting up user accounts and changing privilege levels see the user documentation To setup a user account Please enter the user name admin Enter Please enter the user password Ente...

Page 200: ... IP subnet mask A B C D or nn 255 255 255 0 Enter Step 4 Finally set up the gateway Please enter the IP address of the gateway from which this network is reachable 192 168 1 1 Enter This is the configuration information that has been collected SNMP Interface public 192 168 2 1 User Account setup admin Password Management IP address 192 168 2 1 255 255 255 0 Gateway 0 0 0 0 Step 5 If the informatio...

Page 201: ...iguration images which store the configuration parameters for the switch The system has three configuration images One image is a memory only image and is the current configuration image for the switch The second image is the one that is loaded by the system when it reboots There is one backup configuration image The system also provides methods to back up these images to a remote system File Syst...

Page 202: ... Referencing External Internal File systems Configuration or software images are copied to or retrieved from remote file systems using the TFTP protocol tftp server name path filename identifies a file on a remote file system accessible through the server name Trivial file transfer protocol is a simplified FTP and uses a UDP port instead of TCP and does not have password protection Special System ...

Page 203: ...management user access control and remote network host access controls CLI through Telnet SSH Serial Interfaces The CLI is accessible through a local serial interface the service port out of band interface or in band interfaces Since the serial interface requires a physical connection for access it is used if all else fails The serial interface is the only interface from which the user may access ...

Page 204: ... server fails to respond within a configurable period the CLI automatically tries the secondary authentication server The user can specify whether the CLI should revert to using local user accounts when the remote authentication servers do not respond or if the CLI simply fails the login attempt because the authentication servers are down This requirement applies only when the user is logged in th...

Page 205: ...econdary server the user is not required to specify a secondary server If the primary server fails to respond in a configurable time period the CLI automatically attempts to authenticate the user with the secondary server The user is able to specify what happens when both primary and secondary servers fail to respond In this case the user is able to indicate that the CLI should either use the loca...

Page 206: ...e user is connecting or the IP address of the remote management system A description of the security event A timestamp of the event If syslog is available the CLI sends the security log records to the syslog server If syslog is not available the CLI records the last 1000 security log records in a log separate from the system log records itemized above Also in this case the CLI suppresses repeated ...

Page 207: ... respectively The length setting is used to control the number of lines the CLI will display before it pauses For example the CLI pauses at 24 lines and prompts the user with the more prompt on the 25th line The CLI waits for the user to press either q or any other key If the user presses any key except q the CLI shows the next page A q key stops the display and returns to the CLI prompt Boot Mess...

Page 208: ...e copyback DOS_WRITE volume options max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0xbb total number of sectors 124 408 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors ...

Page 209: ... Start Boot Menu Select 1 2 Operational Code Date Mon Feb 28 16 43 14 2011 Uncompressing Bulk Class Driver Successfully Initialized Adding 0 symbols for standalone CFI Probe Found 2x16 devices in x16 mode volume descriptor ptr pVolDesc 0x5157150 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE volume options max of simu...

Page 210: ...cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 122 of FAT table copies 2 of hidden sectors 8 first cluster is in sector 260 Update last access date for open read close FALSE PCI unit 0 Dev 0xb634 Rev 0x11 Chip BCM56634_B0 Driver BCM56634_B0 SOC unit 0 attached to PCI device BCM56634_B0 soc_reset_bcm56634_a0 TCAM PLL not locked Adding BCM transport pointers Configuring...

Page 211: ...e wait Applying Interface configuration please wait console Boot Utility Menu If a user is connected through the serial interface during the boot sequence pressing the esc key interrupts the boot process and displays a Boot Utility Menu Selecting item 2 displays the menu and may be typed only during the initial boot up sequence When the system boot up is complete typing the escape sequence does no...

Page 212: ... factory defaults delete config files 11 Activate Backup Image 12 Password Recovery Procedure 13 Reformat and restore file system Boot Menu 2 Select baud rate 1 1200 2 2400 3 4800 4 9600 5 19200 6 38400 7 57600 8 115200 0 no change Baud rate is not changed Boot Menu 3 Sending event log start XMODEM receive ...

Page 213: ...several Control X characters to cancel before transfer starts Boot Menu 4 Ready to receive the file with XMODEM CRC Ready to RECEIVE File xcode bin in binary mode Send several Control X characters to cancel before transfer starts CKCK Boot Menu 5 The following image is in the Flash File System File Name image2 CRC 0x3431 13361 Target Device 0x00508548 ...

Page 214: ...Operational Code FLASH flag 1 Operational Code CRC 0x20E7 Operational Compression flag 2 lzma Boot Code Version 1 Boot Code Size 0x100000 1048576 Boot Code Offset 0xa73b68 10959720 Boot Code FLASH flag 0 Boot Code CRC 0x578 VPD rel 4 ver 1 maint_lvl 0 build_num 6 Timestamp Mon Feb 28 16 43 14 2011 File PC7000_M6348v4 1 0 6 opr Boot Menu 6 ...

Page 215: ...Flash Done Wrote 0x10000 bytes Wrote 0x20000 bytes Wrote 0x30000 bytes Wrote 0x40000 bytes Wrote 0x50000 bytes Wrote 0x60000 bytes Wrote 0x70000 bytes Wrote 0x80000 bytes Wrote 0x90000 bytes Wrote 0xa0000 bytes Wrote 0xb0000 bytes Wrote 0xc0000 bytes Wrote 0xd0000 bytes Wrote 0xe0000 bytes Wrote 0xf0000 bytes Wrote 0x100000 bytes Validating Flash Passed ...

Page 216: ...olDesc 0x814cf10 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE volume options max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0x79 total nu...

Page 217: ...le copies 2 of hidden sectors 8 first cluster is in sector 260 Update last access date for open read close FALSE Boot Menu 4 1 0 6 Select an option If no selection in 10 seconds then operational code will start 1 Start operational code 2 Start Boot Menu Select 1 2 2 Boot Menu 4 1 0 6 Options available 1 Start operational code 2 Change baud rate ...

Page 218: ...e 8 Delete backup image 9 Reset the system 10 Restore configuration to factory defaults delete config files 11 Activate Backup Image 12 Password Recovery Procedure 13 Reformat and restore file system Boot Menu 8 Are you SURE you want to delete image1 y n y image1 deleted Boot Menu 10 Are you SURE you want to delete the configuration y n y Boot Menu 11 Backup image image1 activated ...

Page 219: ... Probe Found 2x16 devices in x16 mode volume descriptor ptr pVolDesc 0x5157150 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE volume options max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 ...

Page 220: ...pies 2 of hidden sectors 8 first cluster is in sector 260 Update last access date for open read close FALSE PCI unit 0 Dev 0xb634 Rev 0x11 Chip BCM56634_B0 Driver BCM56634_B0 SOC unit 0 attached to PCI device BCM56634_B0 soc_reset_bcm56634_a0 TCAM PLL not locked Adding BCM transport pointers Configuring CPUTRANS TX Configuring CPUTRANS RX Instantiating download as rawFs device 0x20001 Formatting d...

Page 221: ...t 0xaaaaaaaa Instantiating RamCP as rawFs device 0x30001 Formatting RamCP for DOSFS Instantiating RamCP as rawFs device 0x30001 Formatting OK Unit 1 Waiting to select management unit USB Auto Configuration process is completed Applying Global configuration please wait Welcome to Dell Easy Setup Wizard ...

Page 222: ... continue with normal operation using the default system configuration Note You can exit the setup wizard at any point by entering ctrl z Would you like to run the setup wizard you must answer this question within 60 seconds Y N n Thank you for using the Dell Easy Setup Wizard You will now enter CLI mode Applying Interface configuration please wait console en console reload Management switch has u...

Page 223: ...ol files image2 DskVol files boot dim DskVol files crashdump ctl DskVol files dh512 pem DskVol files dh1024 pem DskVol files sslt_cert1 pem DskVol files sslt_key1 pem DskVol files ssh_host_key DskVol files ssh_host_dsa_key DskVol files ssh_host_rsa_key DskVol files log2 bin DskVol files hpc_broad cfg DskVol files slog0 txt DskVol files olog0 txt DskVol files sslt rnd ...

Page 224: ... max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0x79 total number of sectors 124 408 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 122 of FAT table copie...

Page 225: ...art operational code 2 Start Boot Menu Select 1 2 2 Boot Menu 4 1 0 6 Options available 1 Start operational code 2 Change baud rate 3 Retrieve event log using XMODEM 4 Load new operational code using XMODEM 5 Display operational code vital product data 6 Abort boot code update 7 Update boot code 8 Delete backup image 9 Reset the system 10 Restore configuration to factory defaults delete config fil...

Page 226: ...s image1 RamDisk image1 copying file DskVol files image2 RamDisk image2 copying file DskVol files startup config RamDisk startup config copying file DskVol files vpd bin RamDisk vpd bin copying file DskVol files hpc_broad cfg RamDisk hpc_broad cfg copying file DskVol files boot dim RamDisk boot dim copying file DskVol files dh512 pem RamDisk dh512 pem copying file DskVol files dh1024 pem RamDisk d...

Page 227: ..._key image2 12679504 11 15 113 9 30 36 hpc_broad cfg 148 11 15 113 10 04 30 boot dim 77 4 22 105 8 00 02 dh512 pem 156 5 30 113 0 20 24 dh1024 pem 245 5 30 113 0 20 24 sslt_cert1 pem 863 6 2 113 5 09 30 sslt_key1 pem 887 6 2 113 5 09 30 ssh_host_key 517 5 30 113 0 20 24 ssh_host_dsa_key 672 5 30 113 0 20 24 ssh_host_rsa_key 887 5 30 113 0 20 24 Filesystem size 25484288 Bytes used 12683956 Bytes fr...

Page 228: ...rmatted 9 of 251 units 3 5 Formatted 10 of 251 units 3 9 Formatted 11 of 251 units 4 3 Formatted 12 of 251 units 4 7 Formatted 13 of 251 units 5 1 Formatted 14 of 251 units 5 5 Formatted 15 of 251 units 5 9 Formatted 16 of 251 units 6 3 Formatted 17 of 251 units 6 7 Formatted 18 of 251 units 7 1 Formatted 19 of 251 units 7 5 Formatted 20 of 251 units 7 9 Formatted 21 of 251 units 8 3 Formatted 22 ...

Page 229: ...f 251 units 13 9 Formatted 36 of 251 units 14 3 Formatted 37 of 251 units 14 7 Formatted 38 of 251 units 15 1 Formatted 39 of 251 units 15 5 Formatted 40 of 251 units 15 9 Formatted 41 of 251 units 16 3 Formatted 42 of 251 units 16 7 Formatted 43 of 251 units 17 1 Formatted 44 of 251 units 17 5 Formatted 45 of 251 units 17 9 Formatted 46 of 251 units 18 3 Formatted 47 of 251 units 18 7 Formatted 4...

Page 230: ...f 251 units 24 3 Formatted 62 of 251 units 24 7 Formatted 63 of 251 units 25 0 Formatted 64 of 251 units 25 4 Formatted 65 of 251 units 25 8 Formatted 66 of 251 units 26 2 Formatted 67 of 251 units 26 6 Formatted 68 of 251 units 27 0 Formatted 69 of 251 units 27 4 Formatted 70 of 251 units 27 8 Formatted 71 of 251 units 28 2 Formatted 72 of 251 units 28 6 Formatted 73 of 251 units 29 0 Formatted 7...

Page 231: ...251 units 34 6 Formatted 88 of 251 units 35 0 Formatted 89 of 251 units 35 4 Formatted 90 of 251 units 35 8 Formatted 91 of 251 units 36 2 Formatted 92 of 251 units 36 6 Formatted 93 of 251 units 37 0 Formatted 94 of 251 units 37 4 Formatted 95 of 251 units 37 8 Formatted 96 of 251 units 38 2 Formatted 97 of 251 units 38 6 Formatted 98 of 251 units 39 0 Formatted 99 of 251 units 39 4 Formatted 100...

Page 232: ...51 units 45 0 Formatted 114 of 251 units 45 4 Formatted 115 of 251 units 45 8 Formatted 116 of 251 units 46 2 Formatted 117 of 251 units 46 6 Formatted 118 of 251 units 47 0 Formatted 119 of 251 units 47 4 Formatted 120 of 251 units 47 8 Formatted 121 of 251 units 48 2 Formatted 122 of 251 units 48 6 Formatted 123 of 251 units 49 0 Formatted 124 of 251 units 49 4 Formatted 125 of 251 units 49 8 Fo...

Page 233: ...51 units 55 3 Formatted 140 of 251 units 55 7 Formatted 141 of 251 units 56 1 Formatted 142 of 251 units 56 5 Formatted 143 of 251 units 56 9 Formatted 144 of 251 units 57 3 Formatted 145 of 251 units 57 7 Formatted 146 of 251 units 58 1 Formatted 147 of 251 units 58 5 Formatted 148 of 251 units 58 9 Formatted 149 of 251 units 59 3 Formatted 150 of 251 units 59 7 Formatted 151 of 251 units 60 1 Fo...

Page 234: ...51 units 65 7 Formatted 166 of 251 units 66 1 Formatted 167 of 251 units 66 5 Formatted 168 of 251 units 66 9 Formatted 169 of 251 units 67 3 Formatted 170 of 251 units 67 7 Formatted 171 of 251 units 68 1 Formatted 172 of 251 units 68 5 Formatted 173 of 251 units 68 9 Formatted 174 of 251 units 69 3 Formatted 175 of 251 units 69 7 Formatted 176 of 251 units 70 1 Formatted 177 of 251 units 70 5 Fo...

Page 235: ...51 units 76 0 Formatted 192 of 251 units 76 4 Formatted 193 of 251 units 76 8 Formatted 194 of 251 units 77 2 Formatted 195 of 251 units 77 6 Formatted 196 of 251 units 78 0 Formatted 197 of 251 units 78 4 Formatted 198 of 251 units 78 8 Formatted 199 of 251 units 79 2 Formatted 200 of 251 units 79 6 Formatted 201 of 251 units 80 0 Formatted 202 of 251 units 80 4 Formatted 203 of 251 units 80 8 Fo...

Page 236: ...51 units 86 4 Formatted 218 of 251 units 86 8 Formatted 219 of 251 units 87 2 Formatted 220 of 251 units 87 6 Formatted 221 of 251 units 88 0 Formatted 222 of 251 units 88 4 Formatted 223 of 251 units 88 8 Formatted 224 of 251 units 89 2 Formatted 225 of 251 units 89 6 Formatted 226 of 251 units 90 0 Formatted 227 of 251 units 90 4 Formatted 228 of 251 units 90 8 Formatted 229 of 251 units 91 2 Fo...

Page 237: ... 251 units 96 4 Formatted 243 of 251 units 96 8 Formatted 244 of 251 units 97 2 Formatted 245 of 251 units 97 6 Formatted 246 of 251 units 98 0 Formatted 247 of 251 units 98 4 Formatted 248 of 251 units 98 8 Formatted 249 of 251 units 99 2 Formatted 250 of 251 units 99 6 Formatted 251 of 251 units 100 0 CFI Probe Found 2x16 devices in x16 mode Recreating FFS CFI Probe Found 2x16 devices in x16 mod...

Page 238: ...rent files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0x0 total number of sectors 124 408 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 122 of FAT table copies 2 of hidden sectors 8 first cluster is in sector 260 Update last acces...

Page 239: ...file RamDisk vpd bin DskVol files vpd bin copying file RamDisk hpc_broad cfg DskVol files hpc_broad cfg copying file RamDisk boot dim DskVol files boot dim copying file RamDisk dh512 pem DskVol files dh512 pem copying file RamDisk dh1024 pem DskVol files dh1024 pem copying file RamDisk sslt_cert1 pem DskVol files sslt_cert1 pem copying file RamDisk sslt_key1 pem DskVol files sslt_key1 pem copying ...

Page 240: ... 9 30 36 hpc_broad cfg 148 11 15 113 10 04 30 boot dim 77 4 22 105 8 00 02 dh512 pem 156 5 30 113 0 20 24 dh1024 pem 245 5 30 113 0 20 24 sslt_cert1 pem 863 6 2 113 5 09 30 sslt_key1 pem 887 6 2 113 5 09 30 ssh_host_key 517 5 30 113 0 20 24 ssh_host_dsa_key 672 5 30 113 0 20 24 ssh_host_rsa_key 887 5 30 113 0 20 24 Filesystem size 63567872 Bytes used 12683956 Bytes free 50883916 ...

Page 241: ...equivalent to the alarm monitoring window in a typical network management system The user enables events or monitor traps from the CLI by entering the command logging console Traps generated by the system are dumped to all CLI sessions that have requested monitoring mode to be enabled The no logging console command disables trap monitoring for the session By default console logging is enabled ...

Page 242: ...Using the CLI 242 ...

Page 243: ...L Commands Ethernet Configuration Commands IPv6 MLD Snooping Querier Commands QoS Commands Address Table Commands Ethernet CFM Commands IP Source Guard Commands RADIUS Commands Auto VoIP Commands Green Ethernet Commands iSCSI Optimization Commands Spanning Tree Commands CDP Interoperability Commands GVRP Commands Link Dependency Commands TACACS Commands DHCP Layer 2 Relay Commands IGMP Snooping Co...

Page 244: ...244 Layer 2 Switching Commands ...

Page 245: ... The user s ID and password are authenticated using the RADIUS server TACACS The user s ID and password are authenticated using the TACACS server None No authentication is used Enable Uses the enable password for authentication Line Uses the line password for authentication Authentication Preference Lists APLs An Authentication Preference List is an ordered list of authentication methods To authen...

Page 246: ...er login and logout times are noted and conveyed to an external AAA server User executed commands Commands executed by the user and the time of execution are accounted and conveyed to an external AAA server User activity can be accounted for at the end and or at the beginning of the activity For this purpose the following record types are defined Start stop Accounting notifications are sent when t...

Page 247: ...ng serial console Telnet This mode is used when user logs in through Telnet SSH This mode is used when user logs in through SSH By default no accounting is enabled for any line config modes The following default Accounting Methods List are available The default lists are not applied to any line configuration modes by default Commands in this Chapter This chapter explains the following commands Def...

Page 248: ...ntication method is defined Command Mode Global Configuration mode aaa authorization ip http authentication show authentication methods aaa authorization network default radius ip https authentication show users accounts aaa ias user username login authentication show users login history aaa new model password aaa IAS User Configuration username Parameter Description radius Uses the list of all au...

Page 249: ... use a RADIUS server A RADIUS server must be configured using the radius server host auth command for the radius method to succeed console config aaa authentication dot1x default radius aaa authentication enable Use the aaa authentication enable command in Global Configuration mode to set authentication for accessing higher privilege levels To return to the default configuration use the no form of...

Page 250: ...an error To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Note that enable will not succeed for a level one user if no authentication method is defined A level one user must authenticate to get to privileged EXEC mode For example if none is specified as an authentication method after radius no authentication is used...

Page 251: ...ult list of methods when a user logs in list name Character string used to name the list of authentication methods activated when a user logs in Range 1 15 characters method1 method2 Specify at least one from the following table Default Configuration The default login lists are defaultList and networkList defaultList is used by the console and only contains the method none networkList is used by t...

Page 252: ...e as the final method in the command line For example if none is specified as an authentication method after radius no authentication is used if the RADIUS server is down If specified none must be the last method in the list NOTE Auth Type Local doesn t work for recent versions of FreeRadius FreeRadius ignores the configuration if Local is used Administrators should remove Auth Type Local and use ...

Page 253: ... of commands Only the default list is supported default The default list of methods for authorization services dfltCmdAuthList and dfltExecAuthList Only the radius method is supported list name Character string used to name the list of accounting methods The list name can consist of any alphanumeric character up to 15 characters in length Use quotes around the list name if embedded blanks are cont...

Page 254: ... and no further attempts at authorization are made for the user request The various utility commands like tftp ping outbound telnet also must pass command authorization Applying a script is treated as a single command apply script which also must pass authorization Startup config commands applied on device boot up are not subject to the authorization process Default List Name Description Authoriza...

Page 255: ... RADIUS server can place a port in a particular VLAN based on the result of the authentication VLAN assignment must be configured on the external RADIUS server Example The following example enables RADIUS assigned VLANs console config aaa authorization network default radius aaa ias user username Use the aaa ias user username command in Global Configuration mode to configure IAS users and their at...

Page 256: ...s command has no user guidelines Examples console configure console config aaa ias user username client 1 console Config IAS User exit console config no aaa ias user username client 1 aaa new model The aaa new model command in Global Configuration mode is a no op command It is present only for compatibility purposes PowerConnect switches only support the new model command set Syntax aaa new model ...

Page 257: ...s the switch to use the new model command set config aaa new model clear IAS Use the clear aaa ias users command in Privileged EXEC mode to delete all IAS users Syntax clear aaa ias users Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guid...

Page 258: ...Authorization is not enabled on any line method by default Command Mode Line console line telnet line SSH Parameter Description commands Perform authorization for each command entered by the user exec Perform EXEC authorization for the user authorization required to enter privileged EXEC mode default The default list of methods for command authorization cmdAuthList list_name Character string used ...

Page 259: ...uthorization for telnet console config line telnet console config telnet authorization commands mycmdAuthList enable authentication Use the enable authentication command in Line Configuration mode to specify the authentication method list when accessing a higher privilege level from a remote telnet or console To return to the default specified by the enable authentication command use the no form o...

Page 260: ...line console console config line enable authentication default enable password Use the enable password command in Global Configuration mode to set a local password to control access to the privileged EXEC mode To remove the password requirement use the no form of this command Syntax enable password password encrypted no enable password password Password for this level Range 8 64 characters encrypt...

Page 261: ...config No attempt is made to decode the encrypted password Example The following example defines password xxxyyyzzz to control access to user and privilege levels console config enable password xxxyyyzzz ip http authentication Use the ip http authentication command in Global Configuration mode to specify authentication methods for http server users To return to the default use the no form of this ...

Page 262: ...tication method after radius no authentication is used if the RADIUS server is down Example The following example configures the http authentication console config ip http authentication radius local ip https authentication Use the ip https authentication command in Global Configuration mode to specify authentication methods for https server users To return to the default configuration use the no ...

Page 263: ... the authentication method for HTTP HTTPS the Cisco ACS must be configured to allow the shell service In addition for admin privileges the privilege level attribute must be set to 15 Example The following example configures https authentication console config ip https authentication radius local login authentication Use the login authentication command in Line Configuration mode to specify the log...

Page 264: ...authentication method for a console console config line console console config line login authentication default password aaa IAS User Configuration Use the password command in aaa IAS User Configuration mode to configure a password for a user The password is composed of up to 64 alphanumeric characters An optional parameter encrypted is provided to indicate that the password given to the command ...

Page 265: ...ord Example of a adding a MAB Client to the Internal user database console configure console config aaa ias user username 1f3ccb1157 console Config IAS User password 1f3ccb1157 console Config IAS User exit console config password Line Configuration Use the password command in Line Configuration mode to specify a password on a line To remove the password use the no form of this command NOTE For com...

Page 266: ...a password mcmxxyyy on a line console config line password mcmxxyyy password User EXEC Use the password command in User EXEC mode to allow a currently logged in user to change the password for only that user without having read write privileges This command should be used after the password has aged The user is prompted to enter the old password and the new password NOTE For commands that configur...

Page 267: ...ord command console password Enter old password Enter new password Confirm new password show aaa ias users Use the show aaa ias users command in Privileged EXEC mode to display configured IAS users and their attributes Passwords configured are not shown in the show command output Syntax show aaa ias users username Parameter Description This command does not require a parameter description Default ...

Page 268: ...mmands shown in the output of the show running config command Passwords shown in the command output are always encrypted aaa ias user username client 1 password a45c74fdf50a558a2b5cf05573cd633bac2c6c598d54497ad4c46 104918f2c encrypted exit show aaa statistics Use the show aaa statistics command in Privileged EXEC mode to display accounting statistics Syntax show aaa statistics Default Configuratio...

Page 269: ...of Accounting Notifications sent at beginning of a command execution 0 Errors when sending Accounting Notifications at beginning of a command execution 0 Number of Accounting Notifications sent at end of a command execution 0 Errors when sending Accounting Notifications at end of a command execution 0 show authentication methods Use the show authentication methods command in Privileged EXEC mode t...

Page 270: ...al Enable Authentication Method Lists enableList enable none enableNetList enable Line Login Method List Enable Method List Console defaultList enableList Telnet networkList enableNetList SSH networkList enableNetList HTTPS local HTTP local DOT1X show authorization methods Use the show authorization methods command in Privileged EXEC mode to display the configured authorization method lists ...

Page 271: ...nd SSH access methods Example console show authorization methods Command Authorization List Method dfltCmdAuthList tacacs none list2 none undefined list4 tacacs undefined Line Command Method List Console dfltCmdAuthList Telnet dfltCmdAuthList SSH dfltCmdAuthList Exec Authorization List Method dfltExecAuthList tacacs none list2 none undefined list4 tacacs undefined Line Exec Method List Console dfl...

Page 272: ... Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays information about the local user database console show users accounts Parameter Description User Name Local user account s user name Privilege User s access level read only or read write Lockout Status Indicates whether the user account ...

Page 273: ...ow users login history Use the show users login history command in Global Configuration mode to display information about the login history of users Syntax show users login history long name name of user Range 1 20 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no use...

Page 274: ...user to the local user database The default privilege level is 1 The command optionally allows the specification of an Administrative Profile for a local user Use the no form of this command to remove the username from the local user database Syntax username name nopassword password password privilege level admin profile profile encrypted no username name Parameter Description Parameter Descriptio...

Page 275: ...pted and the system does not have the capability of decrypting the password The following table lists the completion messages password The authentication password for the user Range 8 64 characters This value can be 0 zero if the no passwords min length command has been executed The special characters allowed in the password include _ level The user s privilege level Level 0 can be assigned by a l...

Page 276: ... password Reason behind the failure 1 Exceeds Minimum Length of a Password Password should be in the range of 8 64 characters in length Set minimum password length to 0 by using the passwords min length 0 command 2 Password should contain Minimum number uppercase letters number lowercase letters number numeric numbers number specialcharactersand number characterclassesand Maximum limit of number c...

Page 277: ... a user with read write access can re activate a locked user account Syntax username username unlock Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines ...

Page 278: ...278 AAA Commands ...

Page 279: ... the network administrator to define a list of rules which control the commands which may be executed by a user These rules are collected in a profile A rule defines a set of commands to which a user is permitted or denied access Alternatively a rule may define a CLI command mode to which the user is permitted or denied access The rule numbers determine the order in which the rules are applied Rul...

Page 280: ...ACS The network administrator may configure a custom attribute to be provided by the server during authentication The RADIUS and TACACS applications process this custom attribute and provide this data to the User Manager for configuring the user profile The custom attribute is defined as cisco av pair shell roles roleA roleB NOTE If an is used instead of an the attribute is considered optional and...

Page 281: ...e command to delete an administrative profile and all its rules Syntax admin profile profile name no admin profile profile name Parameter Description Default Configuration The administrative profiles are defined by default Command Mode Global Config mode User Guidelines This command has no user guidelines Example console config admin profile qos console admin profile Parameter Description profile ...

Page 282: ... Description Default Configuration This command has no default configuration Command Mode Administrative Profile Configuration mode User Guidelines The description string is required to be enclosed in quotes if it contains embedded white space Example console admin profile description This profile allows access to QoS commands Parameter Description text A description of or comment about the admini...

Page 283: ...mple console admin profile rule 1 permit command access list console admin profile Parameter Description number The sequence number of the rule Rules are applied from the highest sequence number to the lowest Range 1 to 256 command string Specifies which commands to permit or deny The command string may contain spaces and regular expressions Range 1 to 128 characters Regular expressions should con...

Page 284: ...me Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following admin profiles are pre defined and may not be deleted or changed by the administrator Profile network admin Profile network security Profile router admin Profile multicast admin Profile dhcp admin Profile CP admin Profile network operator Paramete...

Page 285: ...p show admin profiles brief Use the show admin profiles brief command in Privileged EXEC mode to list the names of the administrative profiles defined on the switch Syntax show admin profiles brief Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description profile ...

Page 286: ...i modes Use the show cli modes command in Privileged EXEC mode to list the names of all the CLI modes Syntax show cli modes Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines These are the generic mode names to be used in the rule command above These are not the same as the prompt which is displayed in a particular mode Example console...

Page 287: ...Administrative Profiles Commands 287 global config ethernet config port channel config ...

Page 288: ...288 Administrative Profiles Commands ...

Page 289: ...en the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of the internal network The PowerConnect ACL feature allows classification of packets based upon Layer 2 through Layer 4 header information An Ethernet IPv6 packet is distinguished from an IPv4 ...

Page 290: ...alse matches Administrators are cautioned to specify ACL access list permit and deny rule criteria as fully as is possible in order to avoid false matches This is especially true in networks with protocols such as FCoE that have newly introduced Ether type values As an example rules that specify a TCP or UDP port value should also specify the TCP or UDP protocol and the IPv4 or IPv6 Ether type Rul...

Page 291: ...d frame IEEE 802 1Q 0x86DD Internet Protocol version 6 IPv6 0x8808 MAC Control 0x8809 Slow Protocols IEEE 802 3 0x8870 Jumbo frames 0x888E EAP over LAN EAPOL 802 1x 0x88CC Link Layer Discovery Protocol 0x8906 Fibre Channel over Ethernet 0x8914 FCoE Initialization Protocol 0x9100 Q in Q Table 6 2 Common IP Protocol Numbers IP Protocol Numbers Protocol 0x00 IPv6 Hop by hop option 0x01 ICMP 0x02 IGMP...

Page 292: ...an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with specified name exists and the ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied when the time range with specified name becomes active The ACL rule is removed when the time range with specified name becomes inactive access list list name deny permit ev...

Page 293: ...on IP address dstmask Destination IP mask portvalue The source layer 4 port match condition for the ACL rule is specified by the port value parameter Range 0 65535 portkey Or you can specify the portkey which can be one of the following keywords domain echo ftp ftpdata http smtp snmp telnet tftp and www log Specifies that this rule is to be logged time range name Displays the name of the time rang...

Page 294: ...s for the list The command is enhanced to accept the optional time range parameter The time range parameter allows imposing a time limitation on the IP ACL rule as defined by the parameter time range name If a time range with the specified name does not exist and the IP ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time ran...

Page 295: ...at specify a port value should also specify the protocol and ethertype Rules that specify a protocol should also specify the ethertype value for the frame In general any rule that specifies matching on an upper layer protocol field should also include matching constraints for lower layer protocol fields For example a rule to match packets directed to the well known UDP port number 22 SSH should al...

Page 296: ...time range with the specified name does not exist and the MAC ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with the specified name exists and the MAC ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied when the time range with a specified name becomes active Th...

Page 297: ...mcast mplsucast Netbios novell pppoe rarp 0x0600 0xFFFF Specify custom ethertype value hexadecimal range 0x0600 0xFFFF vlan eq VLAN number Range 0 4095 cos Class of service Range 0 7 log Specifies that this rule is to be logged time range name Use the time range parameter to impose a time limitation on the MAC ACL rule as defined by the parameter time range name assign queue Specifies particular h...

Page 298: ...sole config mac access list extended DELL123 console config mac access list deny 0806 c200 0000 ffff ffff ffff any ip access group Use the ip access group command in Global and Interface Configuration modes to apply an IP based ACL on an Ethernet interface or a group of interfaces An IP based ACL should have been created by the access list name command with the same name specified in this command ...

Page 299: ... for the interface Examples console config ip access group aclname in console config no ip access group aclname in console config ip access group aclname1 out console config interface te1 0 1 console config if Te1 0 1 ip access group aclname out 2 console config if Te1 0 1 no ip access group aclname out mac access group Use the mac access group command in Global Configuration or Interface Configur...

Page 300: ...this interface and direction the specified access list replaces the currently attached access list using that sequence number If the sequence number is not specified for this command a sequence number is selected that is one greater than the highest sequence number currently in use for this interface and direction This command specified in Interface Configuration mode only affects a single interfa...

Page 301: ...uted Example The following example creates MAC ACL and enters MAC Access List Configuration mode console config mac access list extended LVL7DELL console config mac access list mac access list extended rename Use the mac access list extended rename command in Global Configuration mode to rename the existing MAC Access Control List ACL Syntax mac access list extended rename name newname name Existi...

Page 302: ...the no form of this command to unblock link local protocol s on a given port Syntax service acl input blockcdp blockvtp blockdtp blockudld blockpagp blocksstp blockall no service acl input Parameter Description Parameter Description blockcdp To block CDP PDU s from being forwarded blockvtp To block VTP PDU s from being forwarded blockdtp To block DTP PDU s from being forwarded blockudld To block U...

Page 303: ...l input command has been entered show service acl interface This command displays the status of LLPF rules configured on a particular port or on all the ports Syntax show service acl interface interface id all Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has ...

Page 304: ...cess lists command in Privileged EXEC mode to display an IP ACL and time range parameters Syntax show ip access lists accesslistnumber Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Parameter Description accesslistnumber The num...

Page 305: ... EXEC mode to display a MAC access list and all of the rules that are defined for the MAC ACL Use the name parameter to identify a specific MAC ACL to display Syntax show mac access list name Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines...

Page 306: ... provides the following information Fields Description MAC ACL Name The name of the MAC access list Rules The number of user configured rules defined for the MAC ACL The implicit deny all rule defined at the end of every MAC ACL is not included Interfaces Displays the list of interfaces unit slot port to which the MAC ACL is attached in a given direction ...

Page 307: ... the packet is flooded to all other ports in the VLAN If the address is in the table then it is checked to see if it has been defined as a filter If the MAC address is not defined as a filter then the packet is forwarded If the specific destination MAC address is defined as a filter then the ingress port number is compared to the set of source ports listed for the address If the port of ingress is...

Page 308: ...ce mac address table aging time show mac address table show mac address table static mac address table multicast forbidden address show mac address table address show mac address table vlan mac address table static vlan show mac address table count show ports security port security show mac address table count show ports security addresses port security max show mac address table dynamic Variable ...

Page 309: ...ss table aging time Use the mac address table aging time command in Global Configuration mode to set the aging time of the address To restore the default use the no form of the mac address table aging time command Syntax mac address table aging time 0 10 1000000 no mac address table aging time Parameter Description Default Configuration 300 seconds Parameter Description 0 Disable aging time for th...

Page 310: ...ist on the VLAN do not change the unregistered multicast addresses state to drop on the routers ports Syntax mac address table multicast forbidden address vlan vlan id mac multicast address ip multicast address add remove interface gigabitethernet port channel tengigabitethernet interface list no mac address table multicast forbidden address vlan vlan id mac multicast address ip multicast address ...

Page 311: ...ac address table static vlan command in Global Configuration mode to add a static MAC layer station source address to the bridge table To delete the MAC address use the no form of the mac address table static command Syntax mac address table static mac addr vlan vlan id interface gigabitethernet port channel tengigabitethernet interface id no mac address table static mac addr vlan vlan id gigabite...

Page 312: ...ynamically adding the multicast router to a different port Example The following example adds a permanent static MAC layer station source address c2f3 220a 12f4 to the MAC address table console config mac address table static c2f3 220a 12f4 vlan 4 interface gigabitethernet6 0 1 port security Use the port security command in Interface Configuration mode to disable the learning of new addresses on a...

Page 313: ... can be learned only to the limit set by the port security max command The default limit is 100 dynamic MAC addresses Example In this example frame forwarding is enabled without learning and with traps sent every 100 seconds on port gi1 0 1 console config interface gigabitethernet te1 0 1 console config if Te1 0 1 port security trap 100 port security max Use the port security max command in Interf...

Page 314: ...d in Ethernet Interface Configuration mode console config if Te1 0 3 port security max 80 show mac address table multicast Use the show mac address table multicast command in Privileged EXEC mode to display Multicast MAC address table information Syntax show mac address table multicast vlan vlan id address mac multicast address ip multicast address format ip mac vlan_id A valid VLAN ID value mac m...

Page 315: ...ddress table information is displayed console show mac address table multicast Vlan MAC Address Type Ports 1 0100 5E05 0505 Static Forbidden ports for multicast addresses Vlan MAC Address Ports 1 0100 5E05 0505 NOTE A multicast MAC address maps to multiple IP addresses as shown above show mac address table Use the show mac address table command in User EXEC or Privileged EXEC mode to display all e...

Page 316: ...modes User Guidelines This command has no user guidelines Example In this example all classes of entries in the mac address table are displayed console show mac address table Aging time is 300 Sec Vlan Mac Address Type Port 0 001E C9AA AE19 Management CPU Interface 0 5 1 001E C9AA AC19 Dynamic Gi1 0 21 1 001E C9AA AE1B Management Vl1 10 001E C9AA AE1B Management Vl10 90 001E C9AA AE1B Management V...

Page 317: ...ult configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example In this example the mac address table entry for 0000 E26D 2C2A is displayed console show mac address table address 0000 E26D 2C2A Vlan Mac Address Type Port Parameter Description mac address A MAC address with the format xxxx xxxx xxxx inter...

Page 318: ...ion Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the addresses in the Forwarding Database console show mac address table count Capacity 8192 Used 109 Static addresses 2 Parameter Description interface id Speci...

Page 319: ...lt Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example In this example all dynamic entries in the mac address table are displayed console show mac address table dynamic Parameter Description mac address A MAC address with the format xxxx xxxx xxxx interfa...

Page 320: ...or Privileged EXEC mode to display all entries in the mac address table Syntax show mac address table interface interface id vlan vlan id Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Parameter Description interface id Specify ...

Page 321: ...0 E89A 596E Dynamic gi1 0 1 1 0001 02F1 0B33 Dynamic gi1 0 1 show mac address table static Use the show mac address table static command in User EXEC or Privileged EXEC mode to display static entries in the bridge forwarding database Syntax show mac address table static address mac address interface interface id vlan vlan id Parameter Description Parameter Description mac address A MAC address wit...

Page 322: ... the bridge forwarding database are displayed console show mac address table static Vlan Mac Address Type Port 1 0001 0001 0001 Static gi1 0 1 show mac address table vlan Use the show mac address table vlan command in User EXEC or Privileged EXEC mode to display all entries in the bridge forwarding database for the specified VLAN Syntax show mac address table vlan vlan id Parameter Description Par...

Page 323: ... of entries in the bridge forwarding database are displayed console show mac address table vlan 1 Mac Address Table Vlan Mac Address Type Ports 1 0000 0001 0000 Dynamic gi1 0 1 1 0000 8420 5010 Dynamic gi1 0 1 1 0000 E26D 2C2A Dynamic gi1 0 1 1 0000 E89A 596E Dynamic gi1 0 1 1 0001 02F1 0B33 Dynamic gi1 0 1 Total Mac Addresses for this criterion 5 show ports security Use the show ports security co...

Page 324: ...b modes User Guidelines This command has no user guidelines Example In this example all classes of entries in the port lock status are displayed console show ports security Port Status Action Maximum Trap Frequency 1 0 1 Locked Discard 3 Enable 100 1 0 2 Unlocked 28 1 0 3 Locked Discard Shutdown 8 Disable The following table describes the fields in this example Field Description Port The port numb...

Page 325: ...as no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples The following example displays dynamic addresses for port channel number 1 0 1 console show ports security addresses Te1 0 1 Dynamic addresses 83 Maximum The maximum addresses that can be associated on this port in Static Learning mode or i...

Page 326: ...326 Address Table Commands Maximum addresses 100 Learned addresses ...

Page 327: ...IP module provides the capability to assign the highest priority for the following VoIP packets Session Initiation Protocol SIP H 323 Skinny Client Control Protocol SCCP Auto VoIP borrows ACL lists from the global system pool ACL lists allocated by Auto VoIP reduce the total number of ACLs available for use by the network operator Enabling Auto VoIP uses one ACL list to monitor for VoIP sessions E...

Page 328: ...lt Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Examples The following example shows command output when a port is not specified console show switchport voice Interface Auto VoIP Mode Traffic Class Gi1 0 1 Disabled 6 Gi1 0 2 Disabled 6 Gi1 0 3 Dis...

Page 329: ...14 Disabled 6 Gi1 0 15 Disabled 6 Gi1 0 16 Disabled 6 Gi1 0 17 Disabled 6 Gi1 0 18 Disabled 6 Gi1 0 19 Disabled 6 Gi1 0 20 Disabled 6 Gi1 0 21 Disabled 6 Gi1 0 22 Disabled 6 Gi1 0 23 Disabled 6 Gi1 0 24 Disabled 6 Po1 Disabled 6 Po2 Disabled 6 Po3 Disabled 6 Po4 Disabled 6 Po5 Disabled 6 Po6 Disabled 6 Po7 Disabled 6 Po8 Disabled 6 Po9 Disabled 6 ...

Page 330: ...he following information AutoVoIP Mode The Auto VoIP mode on the interface Traffic Class The Cos Queue or Traffic Class to which all VoIP traffic is mapped This is not configurable and defaults to the highest COS queue available in the system for data traffic switchport voice detect auto The switchport voice detect auto command is used to enable the VoIP Profile on all the interfaces of the switch...

Page 331: ...abled by default Command Mode Global Configuration mode Config mode and all Config sub modes Interface gigabitethernet port channel tengigabitethernet Configuration mode User Guidelines This command has no user guidelines Example console config interface tengigabitethernet 1 0 1 console config if Te1 0 1 switchport voice detect auto ...

Page 332: ...332 Auto VoIP Commands ...

Page 333: ... by devices that support the Cisco Discovery Protocol CDP ISDP is based on CDP which is a precursor to LLDP Commands in this Chapter This chapter explains the following commands clear isdp counters The clear isdp counters command clears the ISDP counters Syntax clear isdp counters Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode clear isdp ...

Page 334: ...isdp table Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear isdp table isdp advertise v2 The isdp advertise v2 command enables the sending of ISDP version 2 packets from the device Use the no form of this command to send version 1 packets Syntax isdp adverti...

Page 335: ...mmand enables ISDP on the switch User the no form of this command to disable ISDP Use this command in global configuration mode to enable the ISDP function on the switch Use this command in interface mode to enable sending ISDP packets on a specific interface Syntax isdp enable no isdp enable Default Configuration ISDP is enabled Command Mode Global Configuration mode Interface Ethernet configurat...

Page 336: ... store information sent in the ISDP packet before discarding it The range is given in seconds Use the no form of this command to reset the holdtime to the default Syntax isdp holdtime time no isdp holdtime Parameter Description Default Configuration The default holdtime is 180 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The f...

Page 337: ...me no isdp timer Parameter Description Default Configuration The default timer is 30 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the isdp timer value to 40 seconds console config isdp timer 40 show isdp The show isdp command displays global ISDP settings Syntax show isdp Parameter Description time T...

Page 338: ...Version 2 Advertisements Enabled Neighbors table last time changed 0 days 00 06 01 Device ID QTFMPW82400020 Device ID format capability Serial Number Device ID format Serial Number show isdp entry The show isdp entry command displays ISDP entries If a device id specified then only the entry about that device is displayed Syntax show isdp entry all deviceid Parameter Description Parameter Descripti...

Page 339: ...ntry Switch Device ID PC7000 Switch Address es IP Address 172 20 1 18 IP Address 172 20 1 18 Capability Router IGMP Platform cisco WS C4948 Interface 1 0 1 Port ID GigabitEthernet1 1 Holdtime 64 Advertisement Version 2 Entry last changed time 0 days 00 13 50 Version Cisco IOS Software Catalyst 4000 L3 Switch Software cat4000 I9K91S M Version 12 2 25 EWA9 RELEASE SOFTWARE fc3 Technical Support http...

Page 340: ...tethernet unit slot port tengigabitethernet unit slot port Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show isdp interface all Interface Mode 1 0 1 Enabled 1 0 2 Enabled 1 0 3 Enabled 1 0 4 Enabled 1 0 5 Enabled 1 0 6 Enab...

Page 341: ... Enabled 1 0 15 Enabled 1 0 16 Enabled 1 0 17 Enabled 1 0 18 Enabled 1 0 19 Enabled 1 0 20 Enabled 1 0 21 Enabled 1 0 22 Enabled 1 0 23 Enabled 1 0 24 Enabled console show isdp interface gigabitethernet 1 0 1 Interface Mode 1 0 1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices ...

Page 342: ...r Guidelines The information displayed varies based upon the information received from the ISDP neighbor Example console show isdp neighbors Capability Codes R Router T Trans Bridge B Source Route S Switch H Host I IGMP r Repeater Device ID Intf Hold Cap Platform Port ID Switch 1 0 1 165 RI cisco WS C4948 GigabitEthernet1 1 console show isdp neighbors detail Device ID Switch Address es IP Address ...

Page 343: ...upport http www cisco com techsupport Copyright c 1986 2007 by Cisco Systems Inc Compiled Wed 21 Mar 07 12 20 by tinhuang show isdp traffic The show isdp traffic command displays ISDP statistics Syntax show isdp traffic Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user gu...

Page 344: ...127 ISDPv1 Packets Received 0 ISDPv1 Packets Transmitted 0 ISDPv2 Packets Received 4253 ISDPv2 Packets Transmitted 4351 ISDP Bad Header 0 ISDP Checksum Error 0 ISDP Transmission Failure 0 ISDP Invalid Format 0 ISDP Table Full 392 ISDP Ip Address Table Full 737 ...

Page 345: ...esult The PowerConnect DHCP Relay supports DHCP Relay Option 82 circuit id and remote id for a VLAN Commands in this Chapter This chapter explains the following commands dhcp l2relay Global Configuration Use the dhcp l2relay command to enable Layer 2 DHCP Relay functionality The subsequent commands mentioned in this section can only be used when the L2 DHCP Relay is enabled Use the no form of this...

Page 346: ...ole config dhcp l2relay dhcp l2relay Interface Configuration Use the dhcp l2relay command to enable DHCP L2 Relay for an interface Use the no form of this command to disable DHCP L2 Relay for an interface Syntax dhcp l2relay no dhcp l2relay Default Configuration DHCP L2Relay is disabled on all interfaces by default Command Mode Interface Configuration Ethernet Port channel User Guidelines There ar...

Page 347: ...se the no form of this command to disable setting the DHCP Option 82 Circuit ID Syntax dhcp l2relay circuit id vlan vlan range no dhcp l2relay circuit id vlan vlan range Parameter Description Default Configuration Setting the DHCP Option 82 Circuit ID is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l...

Page 348: ...ange no dhcp l2relay remote id remoteId vlan vlan range Parameter Description Default Configuration Setting the DHCP Option 82 Remote ID is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l2relay remote id dslforum vlan 10 20 30 dhcp l2relay trust Use the dhcp l2relay trust command to configure an inter...

Page 349: ...relay trust dhcp l2relay vlan Use the dhcp l2relay vlan command to enable the L2 DHCP Relay agent for a set of VLANs All DHCP packets which arrive on interfaces in the configured VLAN are subject to L2 Relay processing Use the no form of this command to disable L2 DHCP Relay for a set of VLANs Syntax dhcp l2relay vlan vlan range no dhcp l2relay vlan vlan range Parameter Description Default Configu...

Page 350: ...n Privileged EXEC mode to display the summary of DHCP L2 Relay configuration Syntax show dhcp l2relay all Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay all DHCP L2 Relay is Enabled Interface L2RelayMode TrustMode Gi...

Page 351: ...e show dhcp l2relay interface command in Privileged EXEC mode to display DHCP L2 Relay configuration specific to interfaces Syntax show dhcp l2relay interface all interface id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Param...

Page 352: ...EXEC mode to display DHCP L2 Relay statistics specific to interfaces Syntax show dhcp l2relay stats interface all interface id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay stats interface all ...

Page 353: ...tion 82 configuration specific to interfaces Syntax show dhcp l2relay subscription interface all interface id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command show dhcp l2relay agent option vlan Use the show dhcp l2relay agent opt...

Page 354: ...ser guidelines for this command Example console show dhcp l2relay agent option vlan 5 10 DHCP L2 Relay is Enabled VLAN Id L2 Relay CircuitId RemoteId 5 Enabled Enabled NULL 6 Enabled Enabled broadcom 7 Enabled Disabled NULL 8 Enabled Disabled NULL 9 Enabled Disabled NULL 10 Enabled Disabled NULL Parameter Description vlan range Show information for the specified VLAN range A range may be a single ...

Page 355: ...figuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay vlan 100 DHCP L2 Relay is Enabled DHCP L2 Relay is enabled on the following VLANs 100 Parameter Description vlan range Show information for the specified VLAN range A range may be ...

Page 356: ...rameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay circuit id vlan 300 DHCP L2 Relay is Enabled DHCP Circuit Id option is enabled on the following VLANs 300 Parameter Description vlan range Show infor...

Page 357: ...ange Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show dhcp l2relay remote id vlan 200 DHCP L2 Relay is Enabled VLAN ID Remote Id 200remote_22 Parameter Description vlan range Show information for the specified...

Page 358: ...use the all keyword to clear the counters on all ports Syntax clear dhcp l2relay statistics interface all interface id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear dhcp l2relay statistics interface gi1 0 1 Parameter Description all Show all ...

Page 359: ...CPv6 and configure IPv6 addresses on the same interface Only a single in band interface can be configured as a DHCPv6 client DHCP is disabled by default on all in band interfaces The DHCP client retains an IP address even if the IP interface goes down The client does not attempt to renew its IP address until the lease expires regardless of changes in link state The operator may renew or release an...

Page 360: ...will still be DHCP even after issuing this command To lease an IP address again issue either the renew dhcp interface id command below or ip address dhcp Interface Config command on page 516 in interface mode If the IPv4 address on the interface was not assigned by DHCP then the command fails and displays the following error message Interface does not have a DHCP originated address The release dhc...

Page 361: ...REQUEST message telling the DHCP server that it wants to continue using the IP address If DHCP is enabled on the interface but the interface does not currently have an IPv4 address for example if the address was previously released then the DHCP client sends a DISCOVER to acquire a new address If DHCP is not enabled on the interface then the command fails and displays the following error message D...

Page 362: ...o and from the local DHCPv4 client To disable debugging use the no form of this command Syntax debug dhcp packet transmit receive no debug dhcp packet transmit receive Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines DHCP client already has packet tracing This com...

Page 363: ... Mode Privileged EXEC Config mode and all Config sub modes User Guidelines This command lists all IPv4 addresses currently leased from a DHCP server on a routing interface This command only applies to routing interfaces To see the IPv4 address leased on the out of band interface use the command show ip interface out of band This command output provides the following information Parameter Descripti...

Page 364: ... Lease 86400 secs Renewal 43200 secs Rebind 75600 secs Retry count 0 console show dhcp lease interface vl10 IP address 10 1 20 1 on interface VLAN10 Subnet mask 255 255 255 0 DHCP Lease server The IPv4 address of the DHCP server that leased the address State State of the DHCPv4 Client on this interface DHCP transaction id The transaction ID of the DHCPv4 Client Lease The time in seconds that the I...

Page 365: ...DHCP Management Interface Commands 365 DHCP Lease server 10 1 20 3 state 5 Bound DHCP transaction id 0x7AD Lease 86400 secs Renewal 43200 secs Rebind 75600 secs Retry count 0 ...

Page 366: ...366 DHCP Management Interface Commands ...

Page 367: ...rs within the VLAN If DHCP Relay and or DHCP Server coexist with DHCP Snooping the DHCP client message is sent to the DHCP Relay or and DHCP Server for further processing The DHCP Snooping application uses DHCP messages to build and maintain the binding s database The binding s database only includes data for clients on untrusted ports DHCP Snooping creates a tentative binding from DHCP DISCOVER a...

Page 368: ...this command Command Mode Privileged EXEC clear ip dhcp snooping binding ip dhcp snooping trust clear ip dhcp snooping statistics ip dhcp snooping verify mac address ip dhcp snooping show ip dhcp snooping ip dhcp snooping binding show ip dhcp snooping binding ip dhcp snooping database show ip dhcp snooping database ip dhcp snooping database write delay show ip dhcp snooping interfaces ip dhcp snoo...

Page 369: ...nd Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console clear ip dhcp snooping statistics ip dhcp snooping Use the ip dhcp snooping command to enable DHCP snooping globally Use the no form of this command to disable DHCP snooping NOTE Effective with the March 2013 A04 release the ip dhcp snooping command in Interface Configuration VLAN mode is ...

Page 370: ...n VLAN 1 for a switch connected to a DHCP server over interface gi1 0 4 console config ip dhcp snooping console config if vlan1 ip dhcp snooping console config if vlan1 exit console config interface gi1 0 4 console config if Gi1 0 4 ip dhcp snooping trust ip dhcp snooping binding Use the ip dhcp snooping binding command to configure a static DHCP Snooping binding Use the no form of this command to...

Page 371: ...terface 1 0 1 ip dhcp snooping database Use the ip dhcp snooping database command to configure the persistent storage location of the DHCP snooping database This can be local to the switch or on a remote machine Syntax ip dhcp snooping database local tftp hostIP filename Parameter Description mac address The client s MAC address vlan id The number of the VLAN the client is authorized to use ip add...

Page 372: ...abase as remote console config ip dhcp snooping database tftp 10 131 11 1 db txt ip dhcp snooping database write delay Use the ip dhcp snooping database write delay command to configure the interval in seconds at which the DHCP Snooping database will be stored in persistent storage Use the no form of this command to reset the write delay to the default Syntax ip dhcp snooping database write delay ...

Page 373: ... snooping limit Use the ip dhcp snooping limit command to control the maximum rate of DHCP messages Use the no form of this command to reset the limit to the default Syntax ip dhcp snooping limit none rate rate burst interval seconds no ip dhcp snooping limit rate The maximum number of packets per second allowed Range 0 300 pps seconds The time allowed for a burst Range 1 15 seconds Default Config...

Page 374: ...ervice Examples console config if Gi1 0 1 ip dhcp snooping limit none console config if Gi1 0 1 ip dhcp snooping limit rate 100 burst interval 1 ip dhcp snooping log invalid Use the ip dhcp snooping log invalid command to enable logging of DHCP messages filtered by the DHCP Snooping application Use the no form of this command to disable logging Syntax ip dhcp snooping log invalid no ip dhcp snoopi...

Page 375: ...efault Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines Interfaces connected to the DHCP server must be configured as trusted in order for DHCP snooping to operate Example console config if 1 0 1 ip dhcp snooping trust console config if 1 0 1 no ip dhcp snooping trust ip dhcp snooping verify mac address Use the ip dhcp snooping verify mac ad...

Page 376: ...e no user guidelines for this command Example console config ip dhcp snooping verify mac address show ip dhcp snooping Use the show ip dhcp snooping command to display the DHCP snooping global configuration Syntax show ip dhcp snooping Syntax Description This command has no arguments or keywords Default Configuration There is no default configuration for this command Command Mode User EXEC Privile...

Page 377: ...ANs 11 30 40 Interface Trusted Log Invalid Pkts 1 0 1 Yes No 1 0 2 No Yes 1 0 3 No Yes 1 0 4 No No 1 0 6 No No show ip dhcp snooping binding Use the show ip dhcp snooping binding command to display the DHCP snooping binding entries Syntax show ip dhcp snooping binding static dynamic interface interface id vlan vlan id static dynamic Use these keywords to filter by static or dynamic bindings interf...

Page 378: ...w ip dhcp snooping binding Total number of bindings 2 MAC Address IP Address VLAN Interface Lease time Secs 00 02 B3 06 60 80 210 1 1 3 10 1 0 1 86400 00 0F FE 00 13 04 210 1 1 4 10 1 0 1 86400 show ip dhcp snooping database Use the show ip dhcp snooping database command to display the DHCP snooping configuration related to the database persistence Syntax show ip dhcp snooping database Syntax Desc...

Page 379: ...w ip dhcp snooping interfaces Use the show ip dhcp snooping interfaces command to show the DHCP Snooping status of the interfaces Syntax show ip dhcp snooping interfaces interface interface A valid physical interface Default Configuration There is no default configuration for this command Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines There are no user guidelines...

Page 380: ... Burst Interval pps seconds 1 0 15 Yes 15 1 show ip dhcp snooping statistics Use the show ip dhcp snooping statistics command to display the DHCP snooping filtration statistics Syntax show ip dhcp snooping statistics Syntax Description This command has no arguments or keywords Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC Config mod...

Page 381: ...0 1 0 6 0 0 0 1 0 7 0 0 0 1 0 8 0 0 0 1 0 9 0 0 0 1 0 10 0 0 0 1 0 11 0 0 0 1 0 12 0 0 0 Fields Description MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch Client Ifc Mismatch The number of DHCP release and Deny messages received on the different ports than previously learned DHCP Server Msgs...

Page 382: ...382 DHCP Snooping Commands 1 0 13 0 0 0 1 0 14 0 0 0 1 0 15 0 0 0 1 0 16 0 0 0 1 0 17 0 0 0 1 0 18 0 0 0 1 0 19 0 0 0 1 0 20 0 0 0 ...

Page 383: ... IP address do not match an entry in the DHCP Snooping bindings database Commands in this Chapter This chapter explains the following commands arp access list Use the arp access list command to create an ARP ACL It will place the user in ARP ACL Configuration mode Use the no form of this command to delete an ARP ACL Syntax arp access list acl name no arp access list acl name acl name A valid ARP A...

Page 384: ...pection statistics Use the clear ip arp inspection statistics command in Privileged EXEC mode to reset the statistics for Dynamic Address Resolution Protocol ARP inspection on all VLANs Syntax clear ip arp inspection statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mod...

Page 385: ...e the ARP ACL Syntax ip arp inspection filter acl name vlan vlan range static no ip arp inspection filter acl name vlan vlan range static acl name The name of a valid ARP ACL Range 1 31 characters vlan range A valid VLAN range Default Configuration No ARP ACL is configured Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip...

Page 386: ...annel tengigabitethernet mode User Guidelines If Dynamic ARP Inspection packets are received on a port at a rate that exceeds the threshold for a specified time that port will be diagnostically disabled The threshold is configurable up to 300 pps and the burst is configurable up to 15s long The default is 15 pps and 1s burst Use the no shut command to bring the port back in to service Example cons...

Page 387: ...n destination MAC address validation or IP address validation on the received ARP packets Each command overrides the configuration of the previous command For example if a command enables source MAC address and destination MAC address validations and a second command enables IP address validation only the source MAC address and destination MAC address validations are disabled as a result of the se...

Page 388: ...spection validate dst mac ip console config ip arp inspection validate ip ip arp inspection vlan Use the ip arp inspection vlan command to enable Dynamic ARP Inspection on a single VLAN or a range of VLANs Use the no form of this command to disable Dynamic ARP Inspection on a single VLAN or a range of VLANs Syntax ip arp inspection vlan vlan range logging no ip arp inspection vlan vlan range loggi...

Page 389: ...validation Use the no form of this command to delete an ARP ACL rule Syntax permit ip host sender ip mac host sender mac no permit ip host sender ip mac host sender mac sender ip Valid IP address used by a host sender mac Valid MAC address in combination with the above sender ip used by a host Default Configuration There are no ARP ACL rules created by default Command Mode ARP Access list Configur...

Page 390: ... no default configuration for this command Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show arp access list ARP access list H2 permit ip host 1 1 1 1 mac host 00 01 02 03 04 05 permit ip host 1 1 1 2 mac host 00 03 04 05 06 07 ARP access list H3 ARP access list H4 permit ip host 2 1 1 2 mac host 00 ...

Page 391: ...t displays the values for that interface statistics vlan vlan range Display the statistics of the ARP packets processed by Dynamic ARP Inspection Given vlan range argument it displays the statistics on all DAI enabled VLANs in that range In the case of no argument it lists the summary of the forwarded and dropped ARP packets vlan vlan range Display the Dynamic ARP Inspection configuration on all t...

Page 392: ...ed 15 1 1 0 2 Untrusted 10 10 Following is an example of the show ip arp inspection statistics command console show ip arp inspection statistics DHCP Drops The number of packets dropped due to DHCP Snooping binding database match failure ACL Drops The number of packets dropped due to ARP ACL rule match failure DHCP Permits The number of packets permitted due to DHCP snooping binding database match...

Page 393: ... the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range It also displays the global configuration values for source MAC validation destination MAC validation and invalid IP validation Syntax show ip arp inspection vlan vlan range Parameter Description Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode an...

Page 394: ...sabled Parameter Description Source Mac Validation If Source Mac validation of ARP frame is enabled Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled IP Address Validation If IP address validation of ARP frame is enabled Field Description VLAN The VLAN ID for each displayed row Configuration Whether DAI is enabled on the VLAN Log Invalid Whether logging of i...

Page 395: ...re sent immediately to SMTP server with each log message in a separate mail Log messages in the non urgent group are batched into a single e mail message and after a configurable delay Only the minimum part MUA functionality of RFC 4409 required by the switch or router to send the messages to the SMTP server is supported Some SMTP servers insist on authentication before the messages may be receive...

Page 396: ...ging email severity no logging email logging email show logging email statistics logging email urgent clear logging email statistics logging traps security logging email message type to addr mail server ip address hostname logging email from addr port Mail Server Configuration Mode logging email message type subject username Mail Server Configuration Mode logging email logtime password Mail Server...

Page 397: ...g time expires the time specified in the logging email logtime command and then e mailed in a single e mail message If you set the non urgent severity level to the same value as the urgent severity level then no log messages are e mailed non urgently See the logging email urgent command to specify the urgent severity level The command no logging email disables all e mail alerting Parameter Descrip...

Page 398: ...Default Configuration The default severity level is alert Parameter Description severity Log messages at or above this severity level are e mailed immediately The severity level may either be specified by keyword or as an integer from 0 to 7 The accepted keywords and the numeric severity level each represents are as follows emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 debug 7 n...

Page 399: ...email command logging traps Use the logging traps command in Global Configuration mode to set the lowest severity level at which SNMP traps are logged To revert the urgent severity level to its default value use the no form of this command Syntax logging traps severity no logging traps Parameter Description Parameter Description severity The severity level at which SNMP traps are logged The severi...

Page 400: ...ogging email message type to addr Use the logging email message type to addr command in Global Configuration mode to configure the To address field of the e mail The message types supported now are urgent non urgent and both For each supported severity level multiple e mail addresses can be configured For example for urgent type of messages there could be multiple addresses configured Syntax loggi...

Page 401: ... logging email from addr from email addr no logging email from addr Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines There are no user guidelines for this command logging email message type subject Use the logging email message type subject command in Global ...

Page 402: ...uration User Guidelines The user must enter the message type parameter manually as tab and space bar completion do not work for this parameter logging email logtime Use the logging email logtime command in Global Configuration mode to configure the value of how frequently the queued messages are sent Syntax logging email logtime time duration no logging email logtime Parameter Description Default ...

Page 403: ... an e mail is being sent to an SMTP server Syntax logging email test message type message type message body message body Parameter Description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines This command has no user guidelines Parameter Description message type Urgent non urgent or both message body The message to log Enclose the me...

Page 404: ...en since the e mail changed to disabled mode Syntax show logging email statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines clear logging email statistics Use the clear logging email statistics command in Privileged EXEC ...

Page 405: ...security protocol This enables and disables the switch to use TLS authentication with the SMTP Server If the administrator sets the TLS mode and if the SMTP sever does not support TLS mode then no e mail goes to the SMTP server Syntax security tls none Parameter Description This command does not require a parameter description Default Configuration The default value is disabled Command Mode Mail S...

Page 406: ...ed SMTP server address Syntax mail server ip address ip address hostname hostname no mail server ip address hostname Parameter Description Default Configuration The default configuration for a mail server is shown in the table below Command Mode Global Configuration User Guidelines This command has no user guidelines Parameter Description ip address An IPv4 or IPv6 address hostname The DNS name of...

Page 407: ...ot require a parameter description Default Configuration The default value is 25 Command Mode Mail Server Configuration User Guidelines Port 25 is the standard SMTP port for cleartext messages Port 465 is the standard port for messages sent using TLSv1 Messages are always sent in plain text mode username Mail Server Configuration Mode Use the username command in Mail Server Configuration mode to c...

Page 408: ...guration Mode Use the password command in Mail Server Configuration mode to configure the password required to authenticate to the e mail server Use the no form of the command to revert the password to the default value Syntax password password no password Parameter Description This command does not require a parameter description Default Configuration The default value for password is admin Comma...

Page 409: ...n This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show mail server all Mail Servers configuration No of mail servers configured 2 Mail Serqy ver1 configuration SMTP server IP Address 10 131 1 11 S...

Page 410: ...r IP Address 10 131 1 31 SMTP server Port 465 SMTP server security protocol tls SMTP server authentication details Username admin console show mail server ip address 10 131 1 11 SMTP server IP Address 10 131 1 11 SMTP server Port 465 SMTP server security protocol tls SMTP server authentication details Username admin ...

Page 411: ...ure extends the standard ethernet MTU Max Frame Size from 1518 1522 with VLAN header bytes to 9216 bytes However any device connecting to the same broadcast domain should support the same or larger MTU Flow control is a mechanism or protocol used to temporarily suspend transmission of data to a device to avoid overloading the device receive path PowerConnect switching implements the flow control m...

Page 412: ...lex over half duplex Commands in this Chapter This chapter explains the following commands clear counters Use the clear counters command in Privileged EXEC mode to clear statistics on an interface Syntax clear counters gigabitethernet unit slot port port channel port channel number switchport tengigabitethernet unit slot port Default Configuration This command has no default configuration clear co...

Page 413: ...1 0 1 description Use the description command in Interface Configuration mode to add a description to an interface To remove the description use the no form of this command Syntax description string no description string Comment or a description of the port attached to this interface Range 1 to 64 characters Default Configuration By default the interface does not have a description Command Mode In...

Page 414: ...of this command Syntax duplex auto half full no duplex Parameter Description Default Configuration Auto negotiation is enabled by default on copper ports Command Mode Interface Configuration Ethernet mode User Guidelines When both speed and duplex are configured to auto auto negotiation is enabled for the port To disable auto negotiation on a port it is necessary to enter both the speed and duplex...

Page 415: ... on all copper ports Example The following example configures the duplex operation of gigabit Ethernet port 1 0 5 to force full duplex operation console config interface gigabitethernet 1 0 5 console config if duplex full flowcontrol Use the flowcontrol command in Global Configuration mode to configure the flow control To disable flow control use the no form of this command Syntax flowcontrol no f...

Page 416: ...ace the out of band interface and ranges of interfaces See interface vlan interface tunnel interface loopback and interface range Syntax interface gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Global Configuration Interface Configuration User Guidelines It is possible to...

Page 417: ...face in the range If the command returns an error on one of the active interfaces it does not stop executing commands on other active interfaces Example The following example shows how gigabitethernet ports 5 0 18 to 5 0 20 and 3 0 1 to 3 0 24 are ranged to receive the same command console config interface range gigabitethernet 5 0 18 20 3 0 1 24 Parameter Description port range A list of valid po...

Page 418: ...e range gi2 0 1 10 gi1 0 30 console config interface range gi1 0 1 10 gi1 0 30 48 console config interface range gi1 0 1 te1 1 1 console config interface range gigabitEthernet 1 0 10 tengigabitEthernet 1 1 2 mtu Use the mtu command in Interface Configuration mode to set the maximum transmission unit on an interface by adjusting the maximum size of received Ethernet frames To return to the default ...

Page 419: ...TU of an interface when the interface is a member of a LAG The operational MTU is reset back to the interface MTU setting when the interface leaves the LAG Use the show interfaces mtu command to show the interface MTU Example The following example of the mtu command increases maximum packet size to 9216 bytes console config if 1 0 5 mtu 9216 show interfaces advertise Use the show interfaces advert...

Page 420: ...lution fields will show dashes Examples The following examples display information about auto negotiation advertisement Example 1 console show interfaces advertise Port Type Neg Operational Link Advertisement 1 0 2 1G Copper Enable 1000f 100f 100h 10f 10h 1 0 2 1G Copper Enable 1000f Example 2 console show interfaces advertise gigabitethernet 1 0 1 Port Gigabitethernet 1 0 1 Type 1G Copper Link st...

Page 421: ...es yes yes yes Priority Resolution yes show interfaces configuration Use the show interfaces configuration command in User EXEC mode to display the configuration for all configured interfaces Syntax show interfaces configuration gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command M...

Page 422: ...Gigabit Level N A Unknown Auto Up 1 0 8 Gigabit Level N A Unknown Auto Up 1 0 9 Gigabit Level N A Unknown Auto Up 1 0 10 Gigabit Level N A Unknown Auto Up 1 0 11 Gigabit Level N A Unknown Auto Up 1 0 12 Gigabit Level N A Unknown Auto Up 1 0 13 Gigabit Level N A Unknown Auto Up 1 0 14 Gigabit Level N A Unknown Auto Up 1 0 15 Gigabit Level N A Unknown Auto Up 1 0 16 Gigabit Level N A Unknown Auto Up...

Page 423: ...fig mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays traffic seen by the physical interface console show interfaces counters Port InOctets InUcastPkts 1 0 1 183892 1289 Port Type The port designated IEEE shorthand identifier For example 1000Base T refers to 1000 Mbps baseband signaling including both Tx and Rx transmissions Du...

Page 424: ...8 Ch OutOctets OutUcastPkts 1 23739 882 The following example displays counters for Ethernet port 1 0 1 console config if Te1 0 1 show interfaces counters te1 0 1 Port InOctets InUcastPkts InMcastPkts InBcastPkts Te1 0 1 0 0 0 0 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts Te1 0 1 0 0 0 0 FCS Errors 0 Single Collision Frames 0 Late Collisions 0 ...

Page 425: ... Broadcast packets Alignment Errors A count of frames received that are not an integral number of octets in length and do not pass the FCS check FCS Errors Counted frames received that are an integral number of octets in length but do not pass the FCS check Single Collision Frames Counted frames that are involved in a single collision and are subsequently transmitted successfully Multiple Collisio...

Page 426: ...es User Guidelines This command has no user guidelines Oversize Packets Counted frames received that exceed the maximum permitted frame size Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error Received Pause Frames A count of MAC Control frames received with an opcode indicating the PAUSE operation Transmitted Pause Frames Counted MAC Co...

Page 427: ...scription 1 Output show interfaces detail Use the show interfaces detail command in Privileged EXEC mode to display detailed status and configuration of the specified interface Syntax show interfaces detail interface id Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes Field Description interface id A physical int...

Page 428: ...0 1Gigabit Level N A Unknown Auto Up Down Port Description Gi1 0 1 Flow Control Enabled Port Gi1 0 1 VLAN Membership mode Access Mode Operating parameters PVID 1 Ingress Filtering Enabled Acceptable Frame Type Untagged Default Priority 0 GVRP status Disabled Protected Disabled Port Gi1 0 1 is member in VLAN Name Egress rule Type 1 default Untagged Default Static configuration PVID 1 Ingress Filter...

Page 429: ...erfaces status Use the show interfaces status command in Privileged EXEC mode to display the status for all configured interfaces Syntax show interfaces status The displayed port status information includes the following Field Description Port The port or port channel number Oob means Out of Band Management Interface Description Description of the port Duplex Displays the port Duplex status Speed ...

Page 430: ... show interfaces status command Example The following example displays the status for all configured interfaces console show interfaces status Port Description Duplex Speed Neg Link Flow Control State Status Tel 0 1 N A Unknown Auto Down Inactive Tel 0 2 N A Unknown Auto Down Inactive Tel 0 3 phone port N A Unknown Auto Down Inactive show statistics Use the show statistics command in Privileged EX...

Page 431: ...l Packets Received Octets 0 Packets Received 64 Octets 0 Packets Received 65 127 Octets 0 Packets Received 128 255 Octets 0 Packets Received 256 511 Octets 0 Packets Received 512 1023 Octets 0 Packets Received 1024 1518 Octets 0 Packets Received 1518 Octets 0 Packets RX and TX 64 Octets 0 Packets RX and TX 65 127 Octets 0 Packets RX and TX 128 255 Octets 0 Packets RX and TX 256 511 Octets 0 Parame...

Page 432: ... 0 Broadcast Packets Received 0 Total Packets Received with MAC Errors 0 Jabbers Received 0 Fragments Undersize Received 0 Alignment Errors 0 FCS Errors 0 Overruns 0 Total Received Packets Not Forwarded 0 802 3x Pause Frames Received 0 Unacceptable Frame Type 0 Total Packets Transmitted Octets 0 Packets Transmitted 64 Octets 0 Packets Transmitted 65 127 Octets 0 Packets Transmitted 128 255 Octets ...

Page 433: ...ckets Transmitted 0 Total Transmit Errors 0 Total Transmit Packets Discarded 0 Single Collision Frames 0 Multiple Collision Frames 0 Excessive Collision Frames 0 802 3x Pause Frames Transmitted 0 GVRP PDUs received 0 GVRP PDUs Transmitted 0 GVRP Failed Registrations 0 BPDU sent 0 received 0 EAPOL Frames Transmitted 0 EAPOL Start Frames Received 0 Time Since Counters Last Cleared 0 day 13 hr 20 min...

Page 434: ... Config mode and all Config sub modes User Guidelines It is possible to enter interface configuration mode from global configuration mode or from interface configuration mode Example The following example shows statistics for the entire switch console show statistics switchport Total Packets Received Octets 0 Packets Received Without Error 0 Unicast Packets Received 0 Multicast Packets Received 0 ...

Page 435: ...t Packets Transmitted 0 Multicast Packets Transmitted 0 Broadcast Packets Transmitted 0 Transmit Packets Discarded 0 Most Address Entries Ever Used 3 Address Entries Currently in Use 3 Maximum VLAN Entries 1024 Most VLAN Entries Ever Used 2 Static VLAN Entries 2 Dynamic VLAN Entries 0 VLAN Deletes 0 Time Since Counters Last Cleared 0 day 18 hr 1 min 59 sec ...

Page 436: ... mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples The following example shows storm control configurations for all valid Ethernet ports The second example shows flow control mode status console show storm control all Bcast Bcast Mcast Mcast Ucast Ucast Intf Mode Level Mode Level Mode Level 1 0 1 Disable 5 Disable 5 Disable 5 1 0 2 Disable 5 Dis...

Page 437: ...nel Loopback mode User Guidelines This command has no user guidelines Examples The following example disables gigabit Ethernet port 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 shutdown The following example re enables gigabit ethernet port 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 no shutdown speed Use the speed command in Interfa...

Page 438: ...as not been arbitrated by the auto negotiation process Auto negotiation is required on 10G 40G copper ports and is always recommended for copper ports When the auto parameter is used with a set of speeds only those speeds are advertised during auto negotiation Alternatively if no speed arguments are configured then all the speeds which the port is capable of supporting are advertised Not all ports...

Page 439: ...cast Use the storm control broadcast command in Interface Configuration mode to enable broadcast storm recovery mode for a specific interface If the mode is enabled broadcast storm recovery is active and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of broadcast traffic will be limited to the ...

Page 440: ...ulticast traffic will be limited to the configured threshold When you use the no storm control multicast command to disable storm control after having set the level or rate to a non default value that value is still set but is not active until you re enable storm control Syntax storm control multicast level rate no storm control multicast level The configured rate as a percentage of link speed rat...

Page 441: ...fic will be limited to the configured threshold When you use the no storm control multicast command to disable storm control after having set the level or rate to a non default value that value is still set but is not active until you re enable storm control Syntax storm control unicast level rate no storm control unicast level The configured rate as a percentage of link speed rate The configured ...

Page 442: ... not affect traffic between ports on two different switches No traffic forwarding is possible between two protected ports Ports in a protected group will not forward traffic to other ports in the group Syntax switchport protected groupid no switchport protected groupid Identifies which group this port will be protected in Range 0 2 Default Configuration No protected switchports are defined Command...

Page 443: ...id name name no switchport protected groupid name groupid Identifies which group the port is to be protected in Range 0 2 name Name of the group Range 0 32 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example assigns the name protected to group 1 console co...

Page 444: ...es Syntax show switchport protected groupid groupid Identifies which group the port is to be protected in Range 0 2 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example identifies test as the protected group console show switchport prot...

Page 445: ...ith the fault diagnosis at service layer across networks comprising multiple LANs including LANs other than 802 3 media PowerConnect CFM supports the following functionality Path discovery linktrace message Fault detection continuity check message Fault verification and isolation loopback and linktrace messages Fault notification alarm indication signal or SNMP trap Commands in this Chapter This c...

Page 446: ...can be configured Use the no form of the command to delete a maintenance domain Syntax ethernet cfm domain domain name level 0 7 Parameter Description Default Configuration No CFM domains are pre configured Command Mode Global Configuration mode ethernet cfm mep archive hold time show ethernet cfm statistics ethernet cfm mip level debug cfm Parameter Description Range Default Access Maintenance do...

Page 447: ...onsole config cfm mdomain service Use the service command in maintenance domain config mode to associate a VLAN with a maintenance domain Use the no form of the command to remove the association Syntax service service name vlan vlanid Parameter Description Default Configuration No VLANs are associated with a maintenance domain by default Parameter Description Range Default Access service Unique se...

Page 448: ...Ms at the specified interval and level on a VLAN monitored by an existing domain Use the no form of the command to cease send CCMs Syntax ethernet cfm cc level 0 7 vlan vlan list interval secs Parameter Description Parameter Description Range Default Access Maintenance association VLAN ID VLAN ID representing a serviceinstance that is monitored by this maintenance association 1 4093 0 Read write C...

Page 449: ...EP on an interface at the specified level and direction MEPs are configured per Maintenance Association per Maintenance Domain Use the no form of the command to delete a MEP Syntax ethernet cfm mep level 0 7 direction up down mpid 1 8191 vlan 1 4093 Parameter Description Default Configuration No MEPs are preconfigured Parameter Description level Maintenance association level direction Up indicates...

Page 450: ...thernet cfm mep enable Use the ethernet cfm mep enable command in Interface Configuration mode to enable a MEP at the specified level and direction Use the no form of the command to disable the MEP Syntax ethernet cfm mep enable level 0 7 vlan 1 4093 mpid 1 8191 Parameter Description Default Configuration No MEPs are preconfigured Command Mode Interface Configuration Parameter Description level Ma...

Page 451: ...fm mep active command in Interface Configuration mode to activate a MEP at the specified level and direction Use the no form of the command to deactivate the MEP Syntax ethernet cfm mep active level 0 7 vlan 1 4093 mpid 1 8191 Parameter Description Default Configuration No MEPs are preconfigured Command Mode Interface Configuration User Guidelines This command has no user guidelines Parameter Desc...

Page 452: ...hold time should generally be less than the CCM message interval Example The following example sets the hold time for maintaining internal information regarding a missing MEP console config ethernet cfm mep archive hold time 1200 ethernet cfm mip level Use the ethernet cfm mip level command in Interface Configuration mode to create a Maintenance Intermediate Point MIP at the specified level The ME...

Page 453: ...onfig if gi1 0 1 ethernet cfm mip level 7 ping ethernet cfm Use the ping ethernet cfm command in Privileged EXEC mode to generate a loopback message LBM from the configured MEP Syntax ping ethernet cfm mac mac addr remote mpid 1 8191 domain domain name level 0 7 vlan vlan id mpid 1 8191 count 1 255 Parameter Description Parameter Description level Maintenance association level Parameter Descriptio...

Page 454: ...ate a link trace message LTM from the configured MEP mac addr The destination MAC address for which the connectivity needs to be verified Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity is to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VLAN associated...

Page 455: ...ep 400 ttl 64 Parameter Description level Maintenance association level mac addr The destination MAC address for which the route needs to be traced Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity needs to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VL...

Page 456: ...EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ethernet cfm errors Level SVID MPID DefRDICcm DefMACStatus DefRemoteCCM DefErrorCCM DefXconCCM show ethernet cfm domain Use the show ethernet cfm domain command in Privileged EXEC mode to display the configured parameters in a maintenance domain Parameter Description domain Name of th...

Page 457: ... has no user guidelines Example console show Ethernet cfm domain domain1 Domain Name domain1 Level 1 Total Services 1 VLAN ServiceName CC Interval secs 10 serv1 1 show ethernet cfm maintenance points local Use the show ethernet cfm maintenance points local command in Privileged EXEC mode to display the configured local maintenance points Parameter Description domain Name of the maintenance domain ...

Page 458: ...odes User Guidelines This command has no user guidelines Example show ethernet cfm maintenance points local level 1 MPID Level Type VLAN Port Dire CC MEP Operational MAC ction Transmit Active Status 1 1 MEP 10 1 0 1 UP Enabled True 00 02 bc 02 02 02 Level Type Port MAC Parameter Description domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length level Maintena...

Page 459: ...ation This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ethernet cfm maintenance points remove level 1 Parameter Description domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length level Maintenance association level mac address Th...

Page 460: ...l 0 7 Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example show Ethernet cfm statistics domain domain name level 0 7 Console show ethernet cfm statistics Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 1 Parameter Description domain nam...

Page 461: ...back Replies received 5 Out of order Loopback Replies received 5 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 0 Unexpected LTR s received 0 Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 3 Out of sequence CCM s received 0 CCM s transmitted 1 In order Loopback Replies received 0 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies...

Page 462: ...o user guidelines Example Console show ethernet cfm statistics Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 1 Out of sequence CCM s received 0 CCM s transmitted 259 In order Loopback Replies received 5 Out of order Loopback Replies received 0 Parameter Description event CFM events pdu CFM PDUs ccm Continuity check messages ltm Link trace messages lbm Loopback messages tx Transmit only rx R...

Page 463: ...pback Replies received 5 Out of order Loopback Replies received 5 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 0 Unexpected LTR s received 0 Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 3 Out of sequence CCM s received 0 CCM s transmitted 1 In order Loopback Replies received 0 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replie...

Page 464: ...464 Ethernet CFM Commands ...

Page 465: ...on GE copper ports Energy Efficient Ethernet Energy Efficient Ethernet EEE combines the MAC with a family of PHYs that support operation in a Low Power Mode as defined by the IEEE 802 3az Energy Efficient Ethernet Task Force Lower Power Mode enables both the send and receive sides of the link to disable some functionality for power savings when lightly loaded Transition to Low Power Mode does not ...

Page 466: ...ort On combo ports it is possible to configure energy detect mode even if the fiber port is enabled If enabled energy detect mode will become active when the copper port is used Use the no form of the command to disable energy detect mode on the interface s Energy detect mode cannot be disabled on 10G copper interfaces Syntax green mode energy detect no green mode energy detect Parameter Descripti...

Page 467: ...ange the link status Frames in transit are not dropped or corrupted in transition to and from Low Power Mode On combo ports eee mode can be enabled even if the port is using the fiber interface If enabled eee mode is only active when the copper interface is active Use the no form of the command to disable the feature Syntax green mode eee no green mode eee Parameter Description This command does n...

Page 468: ...s no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines green mode eee lpi history Use the green mode eee lpi history command in Global Configuration mode to configure the Global EEE LPI history collection interval and buffer size This value is applied globally on all interfaces on the stack LPI history is only collected on combo ports when the c...

Page 469: ...idelines This command has no user guidelines Examples Use the command below to set the EEE LPI History sampling interval to the default console config no green mode eee lpi history sampling interval Use the command below to set the EEE LPI History max samples to the default console config no green mode eee lpi history max samples Parameter Description sampling interval The interval in seconds at w...

Page 470: ...rface id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command output provides the following information Parameter Description interface id Any valid interface See Interface Naming Conventions for interface representation Term Description Energy Detect Energy detect admin mode Energy detect mode is enabled or...

Page 471: ...ield is incremented each time MAC TX enters LP IDLE state Shows the total number of Tx LPI Events since EEE counters are last cleared Rx Low Power Idle Duration μSec This field indicates duration of Tx LPI state in 10us increments Shows the total duration of Tx LPI since the EEE counters are last cleared Tw_sys_tx μSec Integer that indicates the value of Tw_sys that the local system can support Th...

Page 472: ...ute Remote Tw_sys_rx Echo μSec Integer that indicates the value of Receive Tw_sys echoed back by the remote system This value maps from the aLldpXdot3RemRxTwSysEcho attribute Remote Fallback Tw_sys μSec Integer that indicates the value of fallback Tw_sys that the remote system is advertising This attribute maps to the variable RemFbSystemValue as defined in 78 4 2 3 Tx_dll_enabled Initialization s...

Page 473: ...ve Reason Forced EEE Admin Mode Enabled Rx Low Power Idle Event Count 0 Rx Low Power Idle Duration uSec 0 Tx Low Power Idle Event Count 0 Tx Low Power Idle Duration uSec 0 Tw_sys_tx usec XX Tw_sys_tx Echo usec XX Tw_sys_rx usec XX Tw_sys_tx Echo usec XX Fallback Tw_sys usec XX Remote Tw_sys_tx usec XX Time Since Counters Last Cleared Time Since Counters Last Cleared since the time of power up or a...

Page 474: ...1 day 20 hr 47 min 34 sec show green mode Use the show green mode command in Privileged EXEC mode to display the green mode configuration for the whole system The status is shown only for the modes supported on the corresponding hardware platform whether enabled or disabled Syntax show green mode Parameter Description This command does not require a parameter description Default Configuration This...

Page 475: ...Enabled Active Enabled Disabled In Active Enabled gi1 0 7 Enabled Active Enabled Disabled In Active Enabled gi1 0 8 Enabled Active Enabled Disabled In Active Enabled show green mode eee lpi history interface Use the show green mode eee lpi history interface command in Privileged EXEC mode to display the interface green mode EEE LPI history Syntax show green mode eee lpi history interface interface...

Page 476: ...on Term Description Sampling Interval Interval at which EEE LPI statistics is collected Total No of Samples to Keep Maximum number of samples to keep Percentage LPI Time per Stack Percentage of total time spent in LPI mode by all ports in the stack when compared to total time since reset Sample No Sample index Sample Time Time since last reset Time Spent in LPI Mode Since Last Sample Percentage of...

Page 477: ...ge of Percentage of SampleTime Since Time Spent in Time Spent in No the SampleLPI Mode SinceLPI Mode Since Was Recorded Last SampleLast Reset 10 0d 00 00 13 3 2 9 0d 00 00 44 3 2 8 0d 00 01 15 3 2 7 0d 00 01 46 3 2 6 0d 00 02 18 3 2 5 0d 00 02 49 3 2 4 0d 00 03 20 3 2 3 0d 00 03 51 3 1 2 0d 00 04 22 3 1 1 0d 00 04 53 3 1 ...

Page 478: ...478 Green Ethernet Commands ...

Page 479: ...ocol and enable GVRP then process the GPDUs The VLAN registration is made in the context of the port that receives the GPDU The networking device propagates this VLAN membership on all of its other ports in the active topology Thus the end station VLAN ID is propagated throughout the network GVRP is an application defined in the IEEE 802 1p standard that allows for the control of 802 1Q VLANs Comm...

Page 480: ...e garp timer command in Interface Configuration mode to adjust the GARP application join leave and leaveall GARP timer values To reset the timer to default values use the no form of this command Syntax garp timer join leave leaveall timer_value no garp timer join Indicates the time in centiseconds that PDUs are transmitted leave Indicates the time in centiseconds that the device waits before leavi...

Page 481: ...han the leave time Set the same GARP timer values on all Layer 2 connected devices If the GARP timers are set differently on Layer 2 connected devices the GARP application will not operate successfully The timer_value setting must be a multiple of 10 Example The following example sets the leave timer for port 1 0 8 to 90 centiseconds console config interface gigabitethernet 1 0 8 console config if...

Page 482: ...terface Use the gvrp enable command in Interface Configuration mode to enable GVRP on an interface To disable GVRP on an interface use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is disabled on all interfaces by default Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines An Access port cannot join dy...

Page 483: ...de to deregister all VLANs on a port and prevent any dynamic registration on the port To allow dynamic registering for VLANs on a port use the no form of this command Syntax gvrp registration forbid no gvrp registration forbid Default Configuration Dynamic registering and deregistering for each VLAN on the port is not forbidden Command Mode Interface Configuration gigabitethernet port channel teng...

Page 484: ...VLAN creation is enabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The following example disables dynamic VLAN creation on port 1 0 8 console config interface gigabitethernet 1 0 8 console config if 1 0 8 gvrp vlan creation forbid show gvrp configuration Use the show gvrp configuration comma...

Page 485: ... GVRP configuration information console show gvrp configuration Global GVRP Mode Disabled Join Leave LeaveAll Port VLAN Interface Timer Timer Timer GVRP Mode Create Register centisecs centisecs centisecs Forbid Forbid 1 0 1 20 60 1000 Disabled 1 0 2 20 60 1000 Disabled 1 0 3 20 60 1000 Disabled 1 0 4 20 60 1000 Disabled 1 0 5 20 60 1000 Disabled 1 0 6 20 60 1000 Disabled 1 0 7 20 60 1000 Disabled ...

Page 486: ...on This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays GVRP error statistics information console show gvrp error statistics GVRP error statistics Legend INVPROT Invalid Protocol Id INVATYP Invalid Attribute Type INVALEN Invalid Attribute Length INVAVAL I...

Page 487: ...er tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example This example shows output of the show gvrp statistics command console show gvrp statistics GVRP statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Rec...

Page 488: ...A Leave All Sent Port rJE rJIn rEmp rLIn rLE rLA sJE sJIn sEmp sLIn sLE sLA 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 2 0 0 0 0 0 0 0 0 0 0 0 0 1 0 3 0 0 0 0 0 0 0 0 0 0 0 0 1 0 4 0 0 0 0 0 0 0 0 0 0 0 0 1 0 5 0 0 0 0 0 0 0 0 0 0 0 0 1 0 6 0 0 0 0 0 0 0 0 0 0 0 0 1 0 7 0 0 0 0 0 0 0 0 0 0 0 0 1 0 8 0 0 0 0 0 0 0 0 0 0 0 0 ...

Page 489: ...e Multicast Forwarding Database MFDB manages the forwarding address table for Layer 2 multicast protocols such as IGMP Snooping The IGMP Snooping code in the CPU ages out IGMP entries in the MFDB If a report for a particular group on a particular interface is not received within a certain time interval query interval the IGMP Snooping code deletes that interface from the group The value for query ...

Page 490: ...gmp snooping Use the ip igmp snooping command in Global Configuration mode without parameters to globally enable Internet Group Management Protocol IGMP snooping Use the vlan form of the command to enable IGMP snooping on a specific VLAN Use the no form of this command to disable IGMP snooping globally Syntax ip igmp snooping vlan vlan id no ip igmp snooping vlan vlan id ip igmp snooping ip igmp s...

Page 491: ...e is connected to a VLAN on which both L3 multicast and IGMP MLD snooping are enabled the multicast source is forwarded to the mrouter ports that have been discovered when the multicast source is first seen If a new mrouter is later discovered on a different port the multicast source data is not forwarded to the new port Likewise if an existing mrouter times out or stops querying the multicast sou...

Page 492: ...d has no default configuration Command Mode User EXEC Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ip igmp snooping Global IGMP Snooping configuration Admin Mode Enable IGMP Router Alert check Disabled Multicast Control Frame Count 0 Flooding Unregistered to All Ports Disabled Parameter Description vlan id Specifies a...

Page 493: ...st Leave Mode Disabled Group Membership Interval 260 Last Member Query Interval 10 Multicast Router Expiry Time 300 Report Suppression Mode Enabled show ip igmp snooping groups Use the show ip igmp snooping groups command in User EXEC mode to display the Multicast groups learned by IGMP snooping Syntax show ip igmp snooping groups vlan vlan id address ip multicast address vlan_id Specifies a VLAN ...

Page 494: ...nd Example The example shows Multicast groups learned by IGMP snooping for all VLANs console show ip igmp snooping groups Vlan IP Address Ports 1 224 239 130 2 2 3 1 0 1 2 0 2 19 224 239 130 2 2 8 1 0 9 1 0 11 IGMP Reporters that are forbidden statically Vlan IP Address Ports 1 224 239 130 2 2 3 1 0 19 show ip igmp snooping mrouter Use the show ip igmp snooping mrouter command in Privileged EXEC m...

Page 495: ...nabling immediate leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group without first sending out MAC based general queries to the interface The no form of this command disables IGMP Snooping immediate leave mode on a VLAN You should enable immediate leave admin mode only on VLANs where ...

Page 496: ...mediate leave ip igmp snooping vlan groupmembership interval This command sets the IGMP Group Membership Interval time on a VLAN The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The ...

Page 497: ...last member query interval This command sets the last member query interval on a particular VLAN The last member query interval is the amount of time in seconds after which a host is considered to have left the group This value must be less than the IGMP Query Interval time value The range is 1 to 25 seconds The no form of this command sets the last member query interval on the VLAN to the default...

Page 498: ...e time is set on a particular VLAN This is the amount of time in seconds that a switch waits for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached The range is 1 2147483647 seconds A value of 0 indicates an infinite time out no expiration The no form of this command sets the Multicast Router Present Expiration time to...

Page 499: ...sion This command enables IBMP report suppression on a specific VLAN The no form of this command disables report suppression Syntax ip igmp snooping vlan vlan id report suppression no ip igmp report suppression vlan id Number assigned to the VLAN Default Configuration Report suppression is enabled by default Command Mode Global Configuration mode User Guidelines When IGMP report suppression is ena...

Page 500: ...ll no ip igmp snooping unregistered floodall Default Configuration Unregistered multicast traffic is only flooded to router ports by default Command Mode Global Configuration mode User Guidelines This command is not available on the M6220 On the M6220 unregistered multicast traffic is always flooded to all ports in the VLAN There is no equivalent MLD command since this setting applies to both prot...

Page 501: ...r ports configured by default Command Mode Global Configuration mode User Guidelines It is preferable to configure mrouter ports for IGMP snooping as opposed to configuring a static MAC address entry for the router A static MAC address entry is tied to a specific port whereas an mrouter configuration will dynamically learn the MAC address of the router Multiple mrouter ports may be configured for ...

Page 502: ...502 IGMP Snooping Commands ...

Page 503: ...oping Querier is enabled the Querier sends out periodic IGMP MLD General Queries that trigger the multicast listeners members to send their joins to the querier so as to receive the multicast data traffic IGMP MLD snooping listens to these reports to establish the appropriate L2 forwarding table entries The PowerConnect supports version IGMP V1 and 2 for snooping IGMP queries Commands in this Chap...

Page 504: ...dress vlan id A valid VLAN number ip address An IPv4 address used for the source address Default Configuration The IGMP Snooping Querier feature is globally disabled on the switch When enabled the IGMP Snooping Querier stops sending queries if it detects IGMP traffic from a multicast enabled router Command Mode Global Configuration mode User Guidelines When using the command in Global Configuratio...

Page 505: ...merically lower IP address wins the election and continues sending periodic queries The no form of this command sets the snooping querier not to participate in the querier election but to stop sending queries as soon as it discovers the presence of another querier in the VLAN Syntax ip igmp snooping querier election participate vlan id no ip igmp snooping querier election participate vlan id Defau...

Page 506: ...hat the switch waits before sending another general query Range 1 1800 Default Configuration The query interval default is 60 seconds Command Mode Global Configuration mode User Guidelines The value of this parameter should be larger than the IGMP Snooping Max Response Time Example The following example sets the query interval to 1800 console config ip igmp snooping querier query_interval 1800 ip ...

Page 507: ...figuration mode User Guidelines This command has no user guidelines Example The following example sets the querier timer expiry time to 100 seconds console config ip igmp snooping querier timer expiry 100 ip igmp snooping querier version This command sets the IGMP version of the query that the snooping switch is going to send periodically The no form of this command sets the IGMP Querier Version t...

Page 508: ... Snooping Querier is enabled If a querier is active in the network and IGMP snooping querier is enabled the querier s IP address is shown in the Last Querier Address field Syntax show ip igmp snooping querier detail vlan vlan_id Syntax Description When the optional argument vlan_id is not used the command shows the following information Parameter Description vlan_id Specifies a VLAN ID value Param...

Page 509: ...Non Querier state it waits for moving to Querier state and does not send out any queries VLAN Operational Max Response Time Indicates the time to wait before removing a Leave from a host upon receiving a Leave request This value is calculated dynamically from the Queries received from the network If the Snooping Switch is in Querier state then it is equal to the configured value Querier Election P...

Page 510: ...er EXEC Privileged Exec modes User Guidelines This command has no user guidelines Example The following example shows querier information for VLAN 2 console show ip igmp snooping querier vlan 2 Vlan 2 IGMP Snooping querier status IGMP Snooping Querier Vlan Mode Enable Querier Election Participate Mode Disable Querier Vlan Address 0 0 0 0 Operational State Non Querier Last Querier Address 2 2 2 2 O...

Page 511: ...ces Out of band management is always through the dedicated out of band interface The serial port on the stack master provides a direct console interface supporting a CLI In band management interfaces can employ a variety of protection mechanisms including VLAN assignment and Management ACLs The out of band port does not support such protection mechanisms and therefore it is recommended that the ou...

Page 512: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes all entries from the host name to address cache console clear host clear ip address conflict detect Use the clear ip address conflict detect command in Privileged EXEC mode to clear the address conflict detection status in the...

Page 513: ...console configure console config clear ip address conflict detect interface out of band Use the interface out of band command to enter into OOB interface configuration mode Syntax Description interface out of band Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config interface out of band ...

Page 514: ...P address via DHCP by default Command Mode Interface Out of Band Configuration mode User Guidelines When setting the netmask prefix length on an IPv4 address a space is required between the address and the mask or prefix length Setting an IP address on the out of band port enables switch management over the service port Parameter Description ip address Specifies a valid IP address mask Specifies a...

Page 515: ...t of band console config if ip address 131 108 1 27 255 255 255 0 console config if ip address 131 108 1 27 24 ip address conflict detect run Use the ip address conflict detect run command in Global Configuration mode to trigger the switch to run active address conflict detection by sending gratuitous ARP packets for IPv4 addresses on the switch Syntax ip address conflict detect run Parameter Desc...

Page 516: ...e User Guidelines This command only applies to routing interfaces When DHCP is enabled on a routing interface the system automatically deletes all manually configured IPv4 addresses on the interface The command no ip address dhcp removes the interface s primary address Manual DHCP including the secondary addresses if configured and sets the Interface method to None The command no ip address remove...

Page 517: ...ent stores each DNS server address in its server list A domain name The DNS client stores each domain name in its domain name list Examples To enable DHCPv4 on vlan 2 console config console config interface vlan 2 console config if vlan2 ip address dhcp ip default gateway Use the ip default gateway command in Global Configuration mode to configure a default gateway router Syntax ip default gateway...

Page 518: ...ured via the ip route command which has a route preference of 1 Use the show ip route command to display the active default gateway Only one default gateway can be configured If you invoke this command multiple times each command replaces the previous value Example The following example sets the default gateway to 10 1 1 1 console config ip default gateway 10 1 1 1 ip domain lookup Use the ip doma...

Page 519: ...es To delete the default domain name use the no form of this command Syntax ip domain name name no ip domain name name Default domain name used to complete an unqualified host name Do not include the initial period that separates the unqualified host name from the domain name Range 1 255 characters Default Configuration This command has no default configuration Command Mode Global Configuration mo...

Page 520: ... defined Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a static host name to address mapping in the host cache console config ip host accounting dell com 176 10 23 1 ip name server Use the ip name server command in Global Configuration mode to define available IPv4 or IPv6 name servers To delete a name server use th...

Page 521: ...er console config ip name server 176 16 1 18 ipv6 address Interface Config Use the ipv6 address command to set the IPv6 address of the management interface Use the no form of this command to reset the IPv6 address to the default Syntax ipv6 address prefix prefix length eui64 autoconfig dhcp no ipv6 address prefix Consists of the bits of the address to be configured prefix length Designates how man...

Page 522: ...When setting the prefix length on an IPv6 address no space can be present between the address and the mask Example Configure ipv6 routing on vlan 10 and obtain an address via DHCP Assumes vlan 10 already exists console config ip routing console config interface vlan 10 console config if vlan10 ipv6 enable console config if vlan10 ipv6 address dhcp Configure a default gateway on vlan 10 console con...

Page 523: ...s va DHCP Use the no form of the command to remove a specific address or to return the address assignment to its default value Using the no form of the command with no parameters removes all IPv6 prefixes from the interface Syntax ipv6 address prefix prefix length eui64 autoconfig dhcp no ipv6 address prefix prefix length eui64 autoconfig dhcp Parameter Description Default Configuration No address...

Page 524: ...v6 address dhcp command in Interface VLAN Configuration mode to enable the DHCPv6 client on an IPv6 interface Syntax ipv6 address dhcp no ipv6 address dhcp Parameter Description This command does not require a parameter description Default Configuration DHCPv6 is disabled by default on routing interfaces Command Mode Interface VLAN Configuration mode User Guidelines This command only applies to VL...

Page 525: ...dress dhcp ipv6 enable Interface Config Use the ipv6 enable command in Interface Config mode to enable IPv6 on a routing interface Use the no form of this command to reset the IPv6 configuration to the defaults Syntax ipv6 enable no ipv6 enable Default Configuration IPv6 is not enabled by default Command Mode Interface Configuration mode VLAN loopback User Guidelines There are no user guidelines f...

Page 526: ...nd port Command Mode Interface out of band Configuration mode User Guidelines There are no user guidelines for this command ipv6 gateway OOB Config Use the ipv6 gateway command in Interface out of band Config mode to configure the address of the IPv6 gateway The gateway is used as a default route for packets addressed to network devices not present on the local subnet Use the no form of the comman...

Page 527: ...tname Host name Range 1 255 characters The command allows spaces in the host name when specified in double quotes For example console config snmp server host host name Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays information ...

Page 528: ...lict Syntax show ip address conflict Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines The command provides the following information Term Description Address Conflict Detection...

Page 529: ...dress Use the show ip helper address command in Privileged EXEC mode to display IP helper addresses configuration Syntax show ip helper address intf address intf address IP address of a routing interface Range Any valid IP address Last Conflicting IP Address The IP address that was last detected as conflicting on any interface Last Conflicting MAC Address The MAC Address of the conflicting host th...

Page 530: ...ss vlan 25 domain No 0 192 168 40 2 vlan 25 dhcp No 0 192 168 40 2 vlan 30 dhcp Yes 0 vlan 30 162 No 0 192 168 23 1 Any dhcp No 0 192 168 40 1 show ipv6 dhcp interface out of band statistics Use the show ipv6 dhcp interface out of band statistics command in Privileged EXEC mode to display IPv6 DHCP statistics for the out of band interface Syntax show ipv6 dhcp interface out of band statistics Defa...

Page 531: ...6 Reply Packets Discarded 0 DHCPv6 Malformed Packets Received 0 Total DHCPv6 Packets Received 0 DHCPv6 Solicit Packets Transmitted 8 DHCPv6 Request Packets Transmitted 0 DHCPv6 Renew Packets Transmitted 0 DHCPv6 Rebind Packets Transmitted 0 DHCPv6 Release Packets Transmitted 0 Total DHCPv6 Packets Transmitted 8 show ipv6 interface out of band Use the show ipv6 interface out of band command in Priv...

Page 532: ...delines This command has no user guidelines Example console config if do show ipv6 interface out of band IPv6 Administrative Mode Enabled IPv6 Prefix is FE80 21E C9FF FEAA AD79 64 128 IPv6 Default Router FE80 A912 FEC2 A145 FEAD Configured IPv6 Protocol None IPv6 AutoConfig Mode Enabled Burned In MAC Address 001E C9AA AD79 Parameter Description ipv6 address An IPv6 address not a prefix ...

Page 533: ... types of traffic are forwarded or blocked and above all provide security for the network ACLs are normally used in firewall routers that are positioned between the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of the internal network The PowerCon...

Page 534: ...nced to accept the optional time range parameter The time range parameter allows imposing a time limitation on the IPv6 ACL rule as defined by the parameter time range name If a time range with the specified name does not exist and the IPv6 ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with the specified name exi...

Page 535: ...ny destinationipv6 prefix prefixlength any matches any source IP address Or you can specify a source IPv6 addressed expressed as a prefix prefixlength flow label flow label value The value to match in the Flow Label field of the IPv6 header Range 0 1048575 dscp dscp value Specifies the TOS for an IPv6 ACL rule depending on a match of DSCP values using the parameter dscp assign queue queue id Speci...

Page 536: ...affic from the 2001 DB8 32 network but allow all other traffic from that network console config ipv6 access list STOP_HTTP console Config ipv6 acl deny ipv6 2001 DB8 32 any eq http console Config ipv6 acl permit ipv6 2001 DB8 32 any console Config ipv6 acl ipv6 access list The ipv6 access list command creates an IPv6 Access Control List ACL consisting of classification fields defined for the IP he...

Page 537: ...IPv6 ACL named DELL_IP6 and enters the IPv6 Access List Config mode console config ipv6 access list DELL_IP6 console Config ipv6 acl ipv6 access list rename The ipv6 access list rename command changes the name of an IPv6 Access Control List ACL This command fails if an IPv6 ACL with the new name already exists Syntax ipv6 access list rename name newname name the name of an existing IPv6 ACL newnam...

Page 538: ...e number is already in use for this interface and direction the specified IPv6 access list replaces the currently attached IPv6 access list using that sequence number If the sequence number is not specified for this command a sequence number that is one greater than the highest sequence number currently in use for this interface and direction is used Use the no form of the command to remove an IPv...

Page 539: ...fig if 1 0 1 ipv6 traffic filter DELL_IP6 in show ipv6 access lists Use the show ipv6 access lists command in User EXEC and Privileged EXEC mode to display an IPv6 access list and all of the rules that are defined for the IPv6 ACL Use the name parameter to identify a specific IPv6 ACL to display Syntax show ipv6 access lists name Parameter Description Default Configuration There is no default conf...

Page 540: ...ts Current number of all ACLs 1 Maximum number of all ACLs 100 IPv6 ACL Name Rules Direction Interface s VLAN s STOP_HTTP 2 inbound 1 0 1 console show ipv6 access lists STOP_HTTP ACL Name STOP_HTTP Inbound Interface s 1 0 1 Rule Number 1 Action deny Protocol 255 ipv6 Source IP Address 2001 DB8 32 Destination L4 Port Keyword 80 www http Rule Number 2 Action permit Protocol 255 ipv6 Source IP Addres...

Page 541: ...ield displays the source port for this rule Destination IP Address This displays the destination IP address for this rule Destination L4 Port Keyword This field displays the destination port for this rule IP DSCP This field indicates the value specified for IP DSCP Flow Label This field indicates the value specified for IPv6 Flow Label Log Displays when you enable logging for the rule Assign Queue...

Page 542: ...542 IPv6 Access List Commands ...

Page 543: ...uivalent to IGMPv3 MLD is a subprotocol of Internet Control Message Protocol version 6 ICMPv6 and MLD messages are a subset of ICMPv6 messages identified in IPv6 packets by a preceding Next Header value of 58 PowerConnect switches can snoop on both MLDv1 and MLDv2 protocol packets and bridge IPv6 multicast data based on destination IPv6 Multicast MAC Addresses The switch can be configured to perfo...

Page 544: ...o ipv6 mld snooping vlan id groupmembership interval time vlan id Specifies a VLAN ID value time MLD group membership interval time in seconds Range 2 3600 Default Configuration The default group membership interval time is 260 seconds Command Mode Global Config mode User Guidelines This command has no user guidelines Example console config ipv6 mld snooping vlan 2 groupmembership interval 1500 ip...

Page 545: ...Specifies the VLAN Default Configuration Immediate leave is disabled on all VLANs by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example This example enables mld snooping immediate leave for VLAN 2 console config ipv6 mld snooping vlan 2 immediate leave ipv6 mld snooping listener message suppression This command enables MLD listener ...

Page 546: ... message suppression ipv6 mld snooping vlan last listener query interval The ipv6 mld snooping vlan last listener query interval command sets the number of seconds after which a host is considered to have left the group This value must be less than the MLD Query Interval time value The range is 1 to 25 seconds Syntax ipv6 mld snooping vlan vlan id last listener query interval time no ipv6 mld snoo...

Page 547: ...y to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached The range is 1 to 3600 seconds Syntax ipv6 mld snooping vlan vlan id mcrtexpiretime time no ipv6 mld snooping vlan vlan id mcrtexpiretime vlan id Specifies a valid VLAN ID time Multicast router present expiration time in seconds Range 1 3600 Default Configuration The default...

Page 548: ... Multicast router Default Configuration There are no multicast router ports configured by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ipv6 mld snooping vlan 10 mrouter interface Gi1 0 2 ipv6 mld snooping Global Use the ipv6 mld snooping Global command to globally enable MLD Snooping on the system Global Config Mode Use t...

Page 549: ...the mrouter ports that have been discovered when the multicast source is first seen If a new mrouter is later discovered on a different port the multicast source data is not forwarded to the new port Likewise if an existing mrouter times out or stops querying the multicast source data continues to be forwarded to that port If a host in the VLAN subsequently joins or leaves the group the list of mr...

Page 550: ...packets which have been received same as IPv4 Flooding Unregistered to All Ports Indicates if Flooding Unregistered to All Ports is enabled If enabled multicast data traffic for which no listeners have registered is flooded to all ports in a VLAN instead of only flooded to multicast router ports When you specify an interface or VLAN the following information displays MLD Snooping Admin Mode Indica...

Page 551: ... received This value may be configured Listener Message Suppression Mode Sends only the first report received in response to a query to the router show ipv6 mld snooping groups The show ipv6 mld snooping groups command displays the MLD Snooping entries in the MFDB table Syntax show ipv6 mld snooping groups vlan vlan id address ipv6 multicast address vlan_id Specifies a VLAN ID value ipv6 multicast...

Page 552: ...ess Ports console show ipv6 mld snooping groups vlan 2 Vlan Ipv6 Address Type Ports 2 3333 0000 0004 Dynamic 1 0 1 1 0 3 2 3333 0000 0005 Dynamic 1 0 1 1 0 3 MLD Reporters that are forbidden statically Vlan Ipv6 Address Ports show ipv6 mld snooping mrouter Use the show ipv6 mld snooping mrouter command in Privileged EXEC mode to display information on dynamically learned Multicast router interface...

Page 553: ...router Default configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ipv6 mld snooping mrouter VLAN ID Port 10 Gi2 0 1 ...

Page 554: ...554 IPv6 MLD Snooping Commands ...

Page 555: ...t traffic in a VLAN be switched the switch can be configured as an IGMP MLD querier When IGMP MLD Snooping Querier is enabled the Querier sends out periodic IGMP MLD General Queries that trigger the Multicast listeners member to send their joins so as to receive the Multicast data traffic IGMP MLD Snooping listens to these reports to establish the appropriate forwarding table entries PowerConnect ...

Page 556: ...mmand Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 mld snooping querier ipv6 mld snooping querier VLAN mode Use the ipv6 mld snooping querier command in VLAN mode to enable MLD Snooping Querier on a VLAN Use the no form of this command to disable MLD Snooping Querier on a VLAN Syntax ipv6 mld snooping querier vlan id no ip...

Page 557: ...t the global MLD Snooping Querier address to the default Syntax ipv6 mld snooping querier address prefix prefix length no ipv6 mld snooping querier address prefix The bits of the address to be configured prefix length Designates how many of the high order contiguous bits of the address make up the prefix Default Configuration There is no global MLD Snooping Querier address configured by default Co...

Page 558: ...e sending periodic queries Use the no form of this command to disable election participation on a VLAN Syntax ipv6 mld snooping querier election participate vlan id no ipv6 mld snooping querier election participate vlan id vlan id A valid VLAN ID Range 1 4093 Default Configuration Election participation is disabled by default Command Mode VLAN Database mode User Guidelines If there is another quer...

Page 559: ...before sending another general query Range 1 1800 seconds Default Configuration The default query interval is 60 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ipv6 mld snooping querier 120 ipv6 mld snooping querier timer expiry Use the ipv6 mld snooping querier timer expiry command to set the MLD Querier timer ex...

Page 560: ...s There are no user guidelines for this command Example console config ipv6 mld snooping querier timer expiry 222 show ipv6 mld snooping querier Use the show ipv6 mld snooping querier command to display MLD Snooping Querier information Configured information is displayed whether or not MLD Snooping Querier is enabled Syntax show ipv6 mld snooping querier detail vlan vlan id vlan id A valid VLAN ID...

Page 561: ...hat a Snooping Querier waits before sending out a periodic general query Querier Expiry Interval Displays the amount of time to wait in the Non Querier operational state before moving to a Querier state Parameter Description MLD Snooping Querier VLAN Mode Indicates whether MLD Snooping Querier is active on the VLAN Querier Election Participate Mode Indicates whether the MLD Snooping Querier partic...

Page 562: ...erier enabled VLANs as well as the following information Operational Version Indicates the version of MLD that will be used while sending out the queries This is defaulted to MLD v1 and it can not be changed Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received MLD Version Indicates the version of MLD ...

Page 563: ...on a port where DHCP snooping is disabled or where DHCP snooping is enabled but the port is trusted all IP traffic received on that port is dropped depending upon the admin configured IPSG entries IPSG cannot be enabled on a port based routing interface IPSG uses two enforcement mechanisms the L2FDB to enforce the source MAC address and ingress VLAN and an ingress classifier to enforce the source ...

Page 564: ...e ip verify source port security Use the ip verify source port security command in Interface Configuration mode to enable filtering of IP packets matching the source IP address and the source MAC address Syntax ip verify source port security Default Configuration By default IPSG is disabled on all interfaces Command Mode Interface Configuration mode User Guidelines This command has no user guideli...

Page 565: ...gs configured Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ip verify binding 00 11 22 33 44 55 vlan 1 1 2 3 4 interface gigabitethernet 1 0 2 show ip verify interface Use the show ip verify interface command in Privileged EXEC mode to display the IPSG interface configuration Syntax show ip verify interface Default Configuration T...

Page 566: ... a particular interface Syntax show ip verify source interface Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ip verify source interface gigabitethernet 1 0 1 show ip source binding Use the show ip source binding command in Privil...

Page 567: ...fault Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ip source binding ...

Page 568: ...568 IP Source Guard Commands ...

Page 569: ...Frame generation In these cases the application of QoS treatment other than the default policy may result in less overall throughput or more packet loss By default iSCSI optimization is enabled and iSCSI QoS treatment is disabled LLDP is used to detect the presence of EqualLogic storage arrays When iSCSI optimization is enabled and LLDP detects an EQL array on a port that port configuration is cha...

Page 570: ...ed by iSCSI is three Commands in this Chapter This chapter explains the following commands iscsi aging time The iscsi aging time command sets the time out value for iSCSI sessions To reset the aging time to the default value use the no form of this command Syntax iscsi aging time time no iscsi aging time time The number of minutes a session must not be active prior to it s removal Range 1 43 200 D...

Page 571: ...nd in Global Configuration mode to set the quality of service profile that will be applied to iSCSI flows To return the VPT DSCP setting to the default value use the no form of this command VPT DSCP values can be configured independently from the application of QoS treatment Syntax iscsi cos enable disable vpt vpt dscp dscp remark no iscsi cos Parameter Description Parameter Description enable Ena...

Page 572: ...obin WRR You may alter the QoS setting by configuring the relevant ports to work in other scheduling and queue management modes via the Class of Service settings These choices may include strict priority for the queue used for iSCSI traffic The downside of strict priority is that in certain circumstances under heavy high priority traffic other lower priority traffic may get starved In WRR the queu...

Page 573: ...nd Upon detection of an EQL array the specific interface involved will have spanning tree portfast enabled and unicast storm control disabled These changes appear in the running config Disabling iSCSI Optimization does not disable flow control portfast or storm control configuration applied as a result of enabling iSCSI Optimization Enabling iSCSI will locally generate a DCBX Application Priority ...

Page 574: ... Global Configuration mode to configure iSCSI port s target addresses and names To delete iSCSI port s or target ports use the no form of this command Syntax iscsi target port tcp port 1 tcp port 2 tcp port 16 address ip address name targetname no iscsi target port tcp port 1 tcp port 2 tcp port 16 address ip address Parameter Description Parameter Description tcp port TCP port number or list of T...

Page 575: ...remove the port by using the no form of the command and then add it again this time together with the relevant IP address Target names are only for display when using the show iscsi command These names are not used to match or for doing any sanity check with the iSCSI session information acquired by snooping A maximum of 16 TCP ports can be configured either bound to IP or not targetname iSCSI nam...

Page 576: ...no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example The following example displays the iSCSI configuration console show iscsi iSCSI enabled iSCSI CoS enabled iSCSI vpt is 5 Session aging time 10 min Maximum number of sessions is 192 iSCSI Targets and TCP Ports TCP Port...

Page 577: ...tion is used Default Configuration If not specified sessions are displayed in short mode not detailed Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example The following examples show summary and detailed information about the iSCSI sessions console show iscsi sessions Target iqn 1993 11 com disk vendor diskarra...

Page 578: ...disk vendor diskarrays sn 45678 Session 1 Initiator iqn 1992 04 com os vendor plan9 cdrom 12 storage sys1 xyz Time started 17 Jul 2008 10 04 50 Time for aging out 10 min ISID 11 Initiator Initiator Target Target IP address TCP port IP address IP port 172 16 1 3 49154 172 16 1 20 30001 172 16 1 4 49155 172 16 1 21 30001 172 16 1 5 49156 172 16 1 22 30001 Session 2 Initiator iqn 1995 05 com os vendo...

Page 579: ...iSCSI Optimization Commands 579 Initiator Initiator Target Target IP address TCP port IP address IP port 172 16 1 30 49200 172 16 1 20 30001 172 16 1 30 49201 172 16 1 21 30001 ...

Page 580: ...580 iSCSI Optimization Commands ...

Page 581: ...on interface Commands in this Chapter This chapter explains the following commands action Use the action command in Link Dependency mode to indicate if the link dependency group should mirror or invert the status of the depended on interfaces Syntax action down up Parameter Description action add port channel link dependency group depends on add gigabitethernet show link dependency add tengigabite...

Page 582: ... depend 1 action up link dependency group Use the link dependency group command to enter the link dependency mode to configure a link dependency group Syntax link dependency group GroupId no link dependency group GroupId GroupId Link dependency group identifier Range 1 72 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The pref...

Page 583: ...rt format Separate nonconsecutive ports with a comma and no spaces Use a hyphen to designate the range of ports Range Valid Ethernet interface list or range Default Configuration This command has no default configuration Command Mode Link Dependency mode User Guidelines No specific guidelines Example console config depend 1 add gigabitethernet 1 0 1 add tengigabitethernet Use this command to add m...

Page 584: ...rnet 1 0 1 add port channel Use this command to add member port channels to the dependency list Syntax add port channel intf list no add port channel port channel list intf list List of port channel numbers Separate nonconsecutive port channels with a comma and no spaces Use a hyphen to designate the range of port channels Range Valid port channel list or range port channel list List of port chann...

Page 585: ...gigabitethernet intf list no depends on gigabitethernet port channel tengigabitethernet intf list intf list List of ports in unit slot port format or port channel numbers Separate nonconsecutive items with a comma and no spaces Use a hyphen to designate the range of ports or port channel numbers Range Valid Ethernet interface or port channel list or range Default Configuration This command has no ...

Page 586: ...ntax show link dependency group GroupId detail Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines No specific guidelines Example The following command shows link dependencies for all groups console show link dependency GroupId Member Ports Ports Depended On Link Action Group State P...

Page 587: ... GroupId Member Ports Ports Depended On Link Action Group State 1 Gi4 0 2 3 Gi4 0 5 Gi4 0 10 12 Link Up Up Down The following command shows detailed information for group 1 console show link dependency group 1 detail GroupId 1 Link Action Link UpGroup State Up Ports Depended On State Link Up Gi4 0 10 Link Down Gi4 0 11 12 Member Ports State Link Up Gi4 0 2 3 Link Down Gi4 0 5 ...

Page 588: ...588 Link Dependency Commands ...

Page 589: ...h function can be enabled or disabled separately by the network manager PowerConnect supports both the transmit and receive functions in order to support device discovery The LLDP component transmit and receive functions can be enabled disabled separately per physical port By default both transmit and receive functions are disabled on all ports The application starts each transmit and receive stat...

Page 590: ...using SNMP as defined in the MIB definitions Commands in this Chapter This chapter explains the following commands clear lldp remote data Use the clear lldp remote data command in Privileged EXEC mode to delete all LLDP information from the remote data table Syntax clear lldp remote data clear lldp remote data lldp receive show lldp med clear lldp statistics lldp timers show lldp med interface lld...

Page 591: ...ta console clear lldp remote data clear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics Syntax clear lldp statistics Default Configuration By default the statistics are only cleared on a system reset Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays how to reset all...

Page 592: ...es Use this command to disable the sending of DCBX information when it is desirable to utilize legacy QoS and disable the automatic configuration of CNAs based on transmitted DCBX information Example console config no dcb enable lldp med This command is used to enable disable LLDP MED on an interface By enabling MED the transmit and receive functions of LLDP are effectively enabled Syntax Descript...

Page 593: ...t 1 0 1 console config if 1 0 1 lldp med lldp med confignotification This command is used to enable sending the topology change notification Syntax Description lldp med confignotification no lldp med confignotification Parameter Ranges Not applicable Command Mode Interface Ethernet Configuration Default Value By default notifications are disabled on all supported interfaces Usage Guidelines No spe...

Page 594: ...ommand Mode Global Configuration Default Value 3 Usage Guidelines No specific guidelines Example console config lldp med faststartrepeatcount 2 lldp med transmit tlv This command is used to specify which optional TLVs in the LLDP MED set are transmitted in the LLDPDUs There are certain conditions that have to be met for this port to be MED compliant These conditions are explained in the normative ...

Page 595: ...fault the capabilities and network policy TLVs are included Example console config interface gigabitethernet 1 0 1 console config if 1 0 1 lldp med transmit tlv capabilities console config if 1 0 1 lldp med transmit tlv network policies lldp notification Use the lldp notification command in Interface Configuration mode to enable remote data change notifications To disable notifications use the no ...

Page 596: ...nd in Global Configuration mode to limit how frequently remote data change notifications are sent To return the notification interval to the factory default use the no form of this command Syntax lldp notification interval interval no lldp notification interval interval The smallest interval in seconds at which to send remote data change notifications Range 5 3600 seconds Default Configuration The...

Page 597: ...eive no lldp receive Default Configuration The default lldp receive mode is enabled Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example displays how to enable the LLDP receive capability console config if 1 0 3 lldp receive lldp timers Use the lldp timers command in Global Configuration mode to set the timing paramete...

Page 598: ...10 seconds Default Configuration The default transmit interval is 30 seconds The default hold multiplier is 4 The default delay before re initialization is 2 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Examples The following example displays how to configure LLDP to transmit local information every 1000 seconds console config lldp timers inter...

Page 599: ...d Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example displays how enable the transmission of local data console config if 1 0 3 lldp transmit lldp transmit mgmt Use the lldp transmit mgmt command in Interface Configuration mode to include transmission of the local system management address information in the LLDPDUs To cance...

Page 600: ...uration mode to specify which optional type length value settings TLVs in the 802 1AB basic management set will be transmitted in the LLDPDUs To remove an optional TLV use the no form of this command Syntax lldp transmit tlv sys desc sys name sys cap port desc no lldp transmit tlv sys desc sys name sys cap port desc sys name Transmits the system name TLV sys desc Transmits the system description T...

Page 601: ... the current LLDP configuration summary Syntax show lldp Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the current LLDP configuration summary console show lldp Global Configurations Transmit Interval 30 seconds Transmit ...

Page 602: ...fault configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples This example show how the information is displayed when you use the command with the all parameter console show lldp interface all Interface Link Transmit Receive Notify TLVs Mgmt 1 0 1 Up Enabled Enabled Enabled 0 1 2 3 Y 1 0 2 Down Enabled Enable...

Page 603: ...ax show lldp local device detail interface interface all detail includes a detailed version of remote data interface Specifies a valid physical interface on the device Specify either gigabitethernet unit slot port or tengigabitethernet unit slot port all Shows lldp local device information on all interfaces Default Configuration This command has no default configuration Command Mode Privileged EXE...

Page 604: ...00 62 48 00 00 00 Port ID Subtype MAC Address Port ID 00 62 48 00 00 02 System Name System Description Routing Port Description System Capabilities Supported bridge router System Capabilities Enabled bridge Management Address Type IPv4 Address 192 168 17 25 show lldp med This command displays a summary of the current LLDP MED configuration Syntax Description show lldp med Parameter Ranges Not appl...

Page 605: ...t Repeat Count 3 Device Class Network Connectivity show lldp med interface This command displays a summary of the current LLDP MED configuration for a specific interface Syntax Description show lldp med interface gigabitethernet unit slot port tengigabitethernet unit slot port all all Shows information for all valid LLDP interfaces Parameter Ranges Not applicable Command Mode Privileged EXEC Confi...

Page 606: ... 0 1 Gi1 0 5 Detach Disabled Disabled Disabled 0 1 console show lldp med interface 1 0 1 LLDP MED Interface Configuration Interface Link configMED operMED ConfigNotify TLVsTx 1 0 1 Up Enabled Enabled Disabled 0 1 TLV Codes 0 Capabilities 1 Network Policy 2 Location 3 Extended PSE 4 Extended PD 5 Inventory show lldp med local device detail This command displays the advertised LLDP local data in det...

Page 607: ...le Example Console show lldp med local device detail 1 0 1 LLDP MED Local Device Detail Interface 1 0 8 Network Policies Media Policy Application Type voice Vlan ID 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True ...

Page 608: ...x xxx Serial Num xxx xxx xxx Mfg Name xxx xxx xxx Model Name xxx xxx xxx Asset ID xxx xxx xxx Location Subtype elin Info xxx xxx xxx Extended POE Device Type pseDevice Extended POE PSE Available 0 3 watts Source primary Priority critical Extended POE PD Required 0 2 watts Source local Priority low ...

Page 609: ...slot port all show lldp med remote device detail gigabitethernet unit slot port tengigabitethernet unit slot port all Indicates all valid LLDP interfaces detail Includes a detailed version of remote data for the indicated interface Parameter Ranges Not applicable Command Mode Privileged EXEC Config mode and all Config sub modes Default Value Not applicable Example Console show lldp med remote devi...

Page 610: ...ail Local Interface 1 0 1 Capabilities MED Capabilities Supported capabilities networkpolicy location extendedpse MED Capabilities Enabled capabilities networkpolicy Device Class Endpoint Class I Network Policies Media Policy Application Type voice Vlan ID 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 ...

Page 611: ... xxx xxx Firmware Rev xxx xxx xxx Software Rev xxx xxx xxx Serial Num xxx xxx xxx Mfg Name xxx xxx xxx Model Name xxx xxx xxx Asset ID xxx xxx xxx Location Subtype elin Info xxx xxx xxx Extended POE Device Type pseDevice Extended POE PSE Available 0 3 Watts Source primary Priority critical ...

Page 612: ...ll detail Includes detailed version of remote data interface Specifies a valid physical interface on the device Substitute gigabitethernet unit slot port or tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples These example...

Page 613: ...scription System Capabilities Bridge Port ID 01 23 45 67 89 AC Port Description 1 0 4 Management Address 192 168 112 1 TTL 60 seconds show lldp statistics Use the show lldp statistics command in Privileged EXEC mode to display the current LLDP traffic statistics Syntax show lldp statistics unit slot port all Default Configuration This command has no default configuration Command Mode Privileged EX...

Page 614: ...Last Update The value of system of time the last time a remote data entry was created modified or deleted Total Inserts The number of times a complete set of information advertised by a remote device has been inserted into the table Total Deletes The number of times a complete set of information advertised by a remote device has been deleted from the table Total Drops Number of times a complete se...

Page 615: ...e indicated port has been deleted due to TTL expiration TLV Discards Number LLDP TLVs Type Length Value sets received on the indicated port and discarded for any reason by the LLDP agent TLV Unknowns Number of LLDP TLVs received on the indicated port for a type not recognized by the LLDP agent TLV MED Number of OUI specific MED Media Endpoint Device TLVs received TLV 802 1 Number of OUI specific 8...

Page 616: ...616 LLDP Commands ...

Page 617: ...tening to the join and report messages only for groups configured statically All other groups are managed by IGMP snooping There are two types of MVR ports source and receiver Source port is the port to which the multicast traffic is flowing using the multicast VLAN Receiver port is the port where a listening host is connected to the switch It can utilize any or no VLAN except the multicast VLAN T...

Page 618: ...mand to disable MVR Syntax mvr no mvr Parameter Description This command does not require a parameter description Default Configuration The default value is Disabled Command Mode Global Config Interface Config User Guidelines MVR can only be configured on physical interfaces mvr mvr type mvr group mvr vlan group mvr mode show mvr mvr querytime show mvr members mvr vlan show mvr interface mvr immed...

Page 619: ...and has no default configuration Command Mode Global Config User Guidelines The following table lists the completion messages Example console config mvr Parameter Description A B C D Specify a multicast group count Specifies the number of multicast groups to configure Groups are configured contiguously by incrementing the first group specified Message Type Message Description Successful Completion...

Page 620: ...arameter Description Default Configuration The default mode is compatible Command Mode Global Config User Guidelines This command has no user guidelines mvr querytime Use the mvr querytime command in Global Config mode to set the MVR query response time Use the no form of the command to set the MVR query response time to the default value Parameter Description compatible Do not allow membership jo...

Page 621: ...0 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver console config if Gi1 0 1 mvr mode dynamic console config if Gi1 0 1 mvr querytime 10 Parameter Description querytime The query time is a maximum time to wait for an IGMP membership report on a receiver port before removing the port from the multicast group The query time only applies to receiver ports The query time is sp...

Page 622: ...g table lists the completion messages mvr immediate Use the mvr immediate command in Interface Config mode to enable MVR Immediate Leave mode Use the no form of this command to set the MVR multicast VLAN to the default value Parameter Description vlan The VLAN specifies the port on which multicast data is expected to be received Source ports should belong to this VLAN Message Type Message Descript...

Page 623: ...t will leave a group on receipt of a leave message Without immediate leave upon receipt of a leave message the port sends an IGMP query and waits for an IGMP membership report Example console config interface Gi1 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver console config if Gi1 0 1 mvr mode dynamic console config...

Page 624: ... 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver Parameter Description receiver Configure the port as a receiver port Receiver ports are ports over which multicast data will be sent but not received source Configure the port as a source port Source ports are ports over which multicast data is received or sent Message...

Page 625: ...oup Use the mvr vlan group command in Interface Config mode to participate in the specific MVR group Use the no form of this command to remove the port participation from the specific MVR group Syntax mvr vlan mVLAN group A B C D no mvr vlan mVLAN group A B C D Parameter Description Default Configuration This command has no default configuration Command Mode Interface Config Parameter Description ...

Page 626: ...f Gi1 0 24 switchport trunk native vlan 2000 console config if Gi1 0 24 switchport trunk allowed vlan add 2000 console config if Gi1 0 24 mvr console config if Gi1 0 24 mvr type source console config if Gi1 0 24 mvr vlan 2000 group 239 1 1 1 show mvr Use the show mvr command in Privileged EXEC mode to display global MVR settings Syntax show mvr Parameter Description The following table explains th...

Page 627: ...Current multicast groups 1 MVR Global query response time 10 tenths of sec MVR Mode compatible show mvr members Use the show mvr members command in Privileged EXEC mode to display the MVR membership groups allocated MVR Current Multicast groups The current number of MVR groups allocated MVR Query Response Time The current MVR query response time MVR Mode The current MVR mode It can be compatible o...

Page 628: ...g mode and all Config sub modes User Guidelines The following table lists the completion messages Examples console show mvr members MVR Group IP Status Members 224 1 1 1 INACTIVE 1 0 1 1 0 2 1 0 3 Parameter Description MVR Group IP MVR group multicast IP address Status The status of the specific MVR group It can be active or inactive Members The list of ports which participates in the specific MVR...

Page 629: ...vid Parameter Description The following table explains the output parameters Parameter Description Interface id Identifies a specific interface VID VLAN identifier Parameter Description Port Interface number Type The MVR port type It can be None Receiver or Source type Status The interface status It consists of two characteristics 1 active or inactive indicating if port is forwarding 2 inVLAN or n...

Page 630: ...IVER ACTIVE inVLAN DISABLED console show mvr interface 1 0 9 Type RECEIVER Status ACTIVE Immediate Leave DISABLED console show mvr interface Fa1 0 23 members 235 0 0 1 STATIC ACTIVE console show mvr interface Fa1 0 23 members vlan 12 235 0 0 1 STATIC ACTIVE 235 1 1 1 STATIC ACTIVE show mvr traffic Use the show mvr traffic command in Privileged EXEC mode to display global MVR statistics Syntax show...

Page 631: ...age MVR disabled Parameter Description IGMP Query Received Number of received IGMP Queries IGMP Report V1 Received Number of received IGMP Reports V1 IGMP Report V2 Received Number of received IGMP Reports V2 IGMP Leave Received Number of received IGMP Leaves IGMP Query Transmitted Number of transmitted IGMP Queries IGMP Report V1 Transmitted Number of transmitted IGMP Reports V1 IGMP Report V2 Tr...

Page 632: ... IGMP Query Received 2 IGMP Report V1 Received 0 IGMP Report V2 Received 3 IGMP Leave Received 0 IGMP Query Transmitted 2 IGMP Report V1 Transmitted 0 IGMP Report V2 Transmitted 3 IGMP Leave Transmitted 1 IGMP Packet Receive Failures 0 IGMP Packet Transmit Failures 0 ...

Page 633: ...ol is not enabled there may be network instability Network instability occurs when one side assumes that the members in an aggregation are one single link while the other side is oblivious to this aggregation and continues to treat the members as individual links In the PowerConnect system the Actor System waits for 3 seconds before aggregating manually The 3 second wait time is specified by the p...

Page 634: ...r member ports do not participate Additionally it is not possible to change a LAG from static to dynamic via the CLI You must remove the member ports from the static LAG and then add them to the dynamic LAG VLANs and LAGs When members are added to a LAG they are removed from all existing physical link VLAN membership and gain the VLAN membership of the LAG When members are removed from a LAG the m...

Page 635: ... link aggregation is to increase bandwidth between two switches It is achieved by aggregating multiple ports in one logical group A common problem of port channels is the possibility of changing packets order in a particular TCP session The resolution of this problem is correct selection of a physical port within the port channel for transmitting the packet to keep original packets order The hashi...

Page 636: ...as the following advantages MODULO N operation based on the number of ports in the LAG Packet attributes selection based on the packet type For L2 packets Source and Destination MAC address are used for hash computation For IP packets Source IP Destination IP address TCP UDP ports are used Non Unicast traffic and Unicast traffic is hashed using a common hash algorithm Excellent load balancing perf...

Page 637: ...e following commands channel group Use the channel group command in Interface Configuration mode to associate a port with a port channel To remove the channel group configuration from the interface use the no form of this command Syntax channel group port channel number mode on active no channel group port channel number Number of a valid port channel with which to associate the current interface ...

Page 638: ...sole config interface gigabitethernet 1 0 5 console config if 1 0 5 channel group 1 mode on The following example shows how port 1 0 6 is configured to port channel 1 with LACP dynamic LAG console config interface gigabitethernet 1 0 6 console config if 1 0 6 channel group 1 mode active interface port channel Use the interface port channel command in Global Configuration mode to configure a port c...

Page 639: ...e Syntax interface range port channel port channel range all port channel range List of port channels to configure Separate non consecutive port channels with a comma and no spaces A hyphen designates a range of port channels Range valid port channel all All the channel ports Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Comm...

Page 640: ...ult 3 Syntax hashing mode mode mode Mode value in the range of 1 to 7 Range 1 7 1 Source MAC VLAN EtherType source module and port ID 2 Destination MAC VLAN EtherType source module and port ID 3 Source IP and source TCP UDP port 4 Destination IP and destination TCP UDP port 5 Source destination MAC VLAN EtherType and source MODID port 6 Source destination IP and source destination TCP UDP port 7 E...

Page 641: ...set to default priority value use the no form of this command Syntax lacp port priority value no lacp port priority value Port priority value Range 1 65535 Default Configuration The default port priority value is 1 Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example configures the priority value for port 1 0 8 to 247 ...

Page 642: ...iguration The default system priority value is 1 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures the system priority to 120 console config lacp system priority 120 lacp timeout Use the lacp timeout command in Interface Configuration mode to assign an administrative LACP timeout To reset the default administrative L...

Page 643: ...ig interface gigabitethernet 1 0 8 console config if 1 0 8 lacp timeout long port channel local preference Use the port channel local preference command in Interface Config mode to enable the local preference mode on a port channel LAG interface or range of port channel interfaces Use the no form of the command to remove the local preference Syntax port channel local preference no port channel loc...

Page 644: ...considered and the operator must ensure that sufficient egress bandwidth is available in the LAG links on every stack member to avoid excessive discards By default the local preference mode for a port channel is disabled This command can be used only on port channel interfaces port channel min links Use the port channel min links command in Interface Configuration port channel mode to set the mini...

Page 645: ...iption The command displays the following information Default Configuration This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Parameter Description index Number of the port channel to show This parameter is optional If the port channel number is not given all the channel groups are display...

Page 646: ...urce Destination MAC VLAN Ethertype source MODID port 6 Source Destination IP and source destination TCP UDP port 7 Enhanced hashing mode Example 2 console show interfaces port channel 1 Channel Ports Ch Type Hash Type Min links Local Prf Po1 Inactive Gi1 0 1 Gi1 0 2 Dynamic 3 1 Enabled Gi1 0 3 Gi1 0 4 show lacp Use this command in Privileged EXEC mode to display LACP information for Ethernet port...

Page 647: ...ace information console show lacp gigabitethernet 1 0 1 Port 1 0 1 LACP parameters Actor system priority 1 system mac addr 00 00 12 34 56 78 port Admin key 30 port Oper key 30 port Oper priority 1 port Admin timeout LONG port Oper timeout LONG LACP Activity ACTIVE Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE Partner system priority 0 system mac a...

Page 648: ...FALSE expired FALSE Port 1 0 1 LACP Statistics LACP PDUs sent 2 LACP PDUs received 2 show statistics port channel Use the show statistics port channel command in Privileged EXEC mode to display statistics about a specific port channel Syntax show statistics port channel port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode...

Page 649: ...nd TX 128 255 Octets 201 Packets RX and TX 256 511 Octets 418 Packets RX and TX 512 1023 Octets 1 Packets RX and TX 1024 1518 Octets 0 Packets RX and TX 1519 1522 Octets 0 Packets RX and TX 1523 2047 Octets 0 Packets RX and TX 2048 4095 Octets 0 Packets RX and TX 4096 9216 Octets 0 Total Packets Received Without Errors 0 Unicast Packets Received 0 Multicast Packets Received 0 Broadcast Packets Rec...

Page 650: ...dcast Storm Recovery 0 CFI Discards 0 Upstream Threshold 0 Total Packets Transmitted Octets 263567 Max Frame Size 1518 Total Packets Transmitted Successfully 1824 Unicast Packets Transmitted 330 Multicast Packets Transmitted 737 Broadcast Packets Transmitted 757 Total Transmit Errors 0 FCS Errors 0 More or q uit Tx Oversized 0 Underrun Errors 0 Total Transmit Packets Discarded 0 Single Collision F...

Page 651: ...Excessive Collision Frames 0 Port Membership Discards 0 802 3x Pause Frames Transmitted 0 GVRP PDUs received 0 GVRP PDUs Transmitted 0 GVRP Failed Registrations 0 Time Since Counters Last Cleared 0 day 0 hr 17 min 52 sec console ...

Page 652: ...652 Port Channel Commands ...

Page 653: ...ding destination port A network traffic analyzer can be attached to destination ports to analyze the traffic patterns of source ports A session is operationally active only if both a destination port and at least one source port are configured If neither is true the session is inactive A port configured as a destination port acts as a mirroring port when the session is operationally active If it i...

Page 654: ...rt monitors all the traffic received and transmitted on the physical monitored port Use the no form of the command to remove the monitoring session Syntax monitor session session_number source interface interface id rx tx destination interface interface id no monitor session session _number Session identification number interface id Ethernet interface Range Any valid Ethernet Port CPU interface CP...

Page 655: ...urce interface te1 0 8 console config monitor session 1 destination interface te1 0 10 console config monitor session 1 mode show monitor session Use the show monitor session command in Privileged EXEC mode to display status of port monitoring Syntax show monitor session session_number session _number Session identification number Default Configuration This command has no default configuration Com...

Page 656: ...656 Port Monitor Commands Session ID Admin Mode Probe Port Mirrored Port Type 1 Enable 1 0 10 1 0 8 Rx Tx ...

Page 657: ...is a means of providing consistent predictable data delivery by distinguishing between packets that have strict timing requirements from those that are more tolerant of delay Packets with strict timing requirements are given special treatment in a QoS capable network To accomplish this all elements of the network must be QoS capable If one node is unable to meet the necessary timing requirements t...

Page 658: ...ess CoS queue should handle the traffic and whether the traffic flow is to be redirected to a specific outgoing interface MAC access lists are identified by a user specified name instead of a number Layer 3 4 IPv4 ACLs The Layer 3 4 ACL feature supports IP access lists both standard and extended These lists check the Layer 3 portion of a packet looking specifically at information contained in the ...

Page 659: ...in a meaningful COS queue designation the ingress port can be configured to use its default priority to specify the CoS queue CoS queue mappings use the concept of trusted and untrusted ports A trusted port is one that takes at face value a certain priority designation within arriving packets Specifically a port may be configured to trust one of the following packet fields 802 1p User Priority IP ...

Page 660: ...classofservice dot1p mapping match destination address mac match vlan show diffserv service interface classofservice ip dscp mapping match dstip mirror show diffserv service interface port channel classofservice trust match dstip6 police simple show diffserv service brief conform color match dstl4port police two rate show interfaces cos queue cos queue min bandwidth match ethertype policy map show...

Page 661: ... mode User Guidelines This command has no user guidelines Example The following example displays how to change the queue ID to 4 for the associated traffic stream console config policy classmap assign queue 4 class Use the class command in Policy Map Class Configuration mode to create an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic...

Page 662: ...fy the DiffServ class name of DELL console config policy map DELL1 console config classmap class DELL class map Use the class map command in Global Configuration mode to define a new DiffServ class of type match all To delete the existing class use the no form of this command Syntax class map match all class map name ipv4 ipv6 no class map match all class map name class map name a case sensitive a...

Page 663: ... the name of a DiffServ class Syntax class map rename classname newclassname classname The name of an existing DiffServ class Range 1 31 characters newclassname A case sensitive alphanumeric string Range 1 31 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following exa...

Page 664: ... between an 802 1p priority and an internal traffic class Syntax classofservice dot1p mapping 802 1ppriority trafficclass no classofservice dot1p mapping 802 1ppriority Specifies the user priority mapped to the specified traffic class for this switch Range 0 7 trafficclass Specifies the traffic class for this switch Range 0 6 Default Configuration The default dot1p mapping is as follows Command Mo...

Page 665: ...ing to the default and remove a traffic class mapping for an IP DSCP value Syntax classofservice ip dscp mapping ipdscp trafficclass no classofservice ip dscp mapping ipdscp Parameter Description Default Configuration The default DSCP mapping is as follows Parameter Description ipdscp Specifies the IP DSCP value to which you map the specified traffic class Range 0 63 or an IP DSCP keyword af11 af1...

Page 666: ...mmands 2 1 3 1 4 1 5 1 6 1 7 1 8 cs1 0 9 0 10 af11 0 11 0 12 af12 0 13 0 14 af13 0 15 0 16 cs2 0 17 0 18 af21 0 19 0 20 af22 0 21 0 22 af23 0 23 0 24 cs3 1 25 1 26 af31 1 27 1 28 af32 1 29 1 IP DSCP Traffic Class ...

Page 667: ...ands 667 30 af33 1 31 1 32 cs4 2 33 2 34 af41 2 35 2 36 af42 2 37 2 38 af43 2 39 2 40 cs5 2 41 2 42 2 43 2 44 2 45 2 46 ef 2 47 2 48 cs6 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 56 cs7 3 57 3 IP DSCP Traffic Class ...

Page 668: ...ust command in either Global Configuration mode or Interface Configuration mode to set the class of service trust mode of an interface To set the interface mode to untrusted use the no form of this command Syntax classofservice trust dot1p untrusted ip dscp no classofservice trust dot1p Specifies that the mode be set to trust dot1p 802 1p packet markings untrusted Sets the Class of Service Trust M...

Page 669: ...rust IP Precedence packet mark console config classofservice trust ip precedence conform color Use the conform color command in Policy Class Map Configuration mode to enable color aware marking for a policy This command must be preceded by a police command If the conform color command is not entered the police algorithm uses the color blind version meaning in the incoming color is ignored The conf...

Page 670: ... type The input class map may have a match type of any The exceed color class may only be specified for the two rate police algorithm Example The following example uses a simple policer to color TCP packets that exceed an average rate of 1000 Kbps or a burst size of 16 Kbytes as red Conforming packets are colored green The example configuration below also shows the configuration of WRED drop thres...

Page 671: ...n mode to specify the minimum transmission bandwidth for each interface queue To restore the default for each queue s minimum bandwidth value use the no form of this command Syntax cos queue min bandwidth bw 0 bw 1 bw n no cos queue min bandwidth bw 0 Specifies the minimum transmission bandwidth guarantee for an interface You must specify as many bandwidth parameters as there are COS queues bw 0 t...

Page 672: ...scheduler does not completely starve lower priority groups when strict priority is enabled on a high numbered TCG Specifically assigning a minimum bandwidth to a lower numbered TCG even when strict priority is enabled on a higher numbered TCG will alter the normal scheduler behavior and cause the scheduler to process frames from the lower numbered TCG to conform to the min bandwidth constraint Exa...

Page 673: ...ving an interface from the port channel restores the individual interface settings This command can be used in Interface Range mode Use the cos queue min bandwidth command to configure the minimum bandwidth percentage guarantee for the CoS queues Use the show interfaces random detect command to display the WRED configuration Use the policy map and conform color commands to mark traffic with a colo...

Page 674: ... 10 100 drop prob scale 1 2 3 0 cos queue strict Use the cos queue strict command in either Global Configuration mode or Interface Configuration mode to activate the strict priority scheduler mode for each specified queue To restore the default weighted scheduler mode for each specified queue use the no form of this command Syntax cos queue strict queue id 1 queue id 2 queue id n no cos queue stri...

Page 675: ...llowing example displays how to activate the strict priority scheduler mode for three queues console config cos queue strict 1 2 4 diffserv Use the diffserv command in Global Configuration mode to set the DiffServ operational mode to active While disabled the DiffServ configuration is retained and can be changed but it is not activated When enabled DiffServ services are activated To set the DiffSe...

Page 676: ...default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to specify that matching packets are to be dropped at ingress console config policy classmap drop mark cos Use the mark cos command in Policy Class Map Configuration mode to mark all packets for the associated traffic stream with the ...

Page 677: ...ow to mark all packets with a CoS value console config policy classmap mark cos 7 mark ip dscp Use the mark ip dscp command in Policy Class Map Configuration mode to mark all packets for the associated traffic stream with the specified IP DSCP value Syntax mark ip dscp dscpval dscpval Specifies a DSCP value 10 12 14 18 20 22 26 28 30 34 36 38 0 8 16 24 32 40 48 56 46 or a DSCP keyword af11 af12 af...

Page 678: ...nd in Policy Class Map Configuration mode to mark all packets for the associated traffic stream with the specified IP precedence value Syntax mark ip precedence prec value prec value Specifies the IP precedence value as an integer Range 0 7 Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guide...

Page 679: ... DiffServ class whose match conditions are being referenced by the specified class definition Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines The parameters refclassname and class map name can not be the same Only one other class may be referenced by a class Any attempts to delete the refclassname class while the class is st...

Page 680: ...ap match class map Dell The following example deletes the match conditions defined for the Dell class from the class currently being configured console config classmap no match class map Dell match cos Use the match cos command in Class Map Configuration mode to add a match condition for the class of service value the only tag in a single tagged packet or the first or outer 802 1Q tag of a double ...

Page 681: ...2 MAC address formatted as six two digit hexadecimal numbers separated by colons macmask Specifies a valid layer 2 MAC address bit mask formatted as six two digit hexadecimal numbers separated by colons This address bit mask does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no us...

Page 682: ...be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays adding a match condition using the specified IP address and bit mask console config classmap match dstip 10 240 1 1 10 240 0 0 match dstip6 The match dstip6 command adds a match condition b...

Page 683: ... Configuration mode to add a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation Syntax match dstl4port portkey port number portkey Specifies one of the supported port name keywords A match condition is specified by one layer 4 port number The currently supported values are domain echo ftp ftpdata http smtp snmp telnet tftp and www port nu...

Page 684: ...based on the value of the ethertype Syntax match ethertype keyword 0x0600 0xffff keyword Specifies either a valid keyword or a valid hexadecimal number The supported keywords are appletalk arp ibmsna ipv4 ipv6 ipx mplsmcast mplsucast netbios novell pppoe rarp Range 0x0600 0xFFFF Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guideline...

Page 685: ...guration mode User Guidelines There are no user guidelines for this command Example The following example adds a rule to match packets whose IPv6 Flow Label equals 32312 console config classmap match ip6flowlbl 32312 match ip dscp Use the match ip dscp command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP DiffServ Code Point...

Page 686: ... but with a slightly different user notation To specify a match on all DSCP values use the match ip tos tosbits tosmask command with tosbits set to 0 zero and tosmask set to hex 03 Example The following example displays how to add a match condition based on the DSCP field console config classmap match ip dscp 3 match ip precedence Use the match ip precedence command in Class Map Configuration mode...

Page 687: ...tion based on the value of the IP precedence field console config classmap match ip precedence 1 match ip tos Use the match ip tos command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP TOS field in a packet This field is defined as all eight bits of the Service Type octet in the IP header Syntax match ip tos tosbits tosmask ...

Page 688: ...a match condition based on the value of the IP TOS field in a packet console config classmap match ip tos AA EF match protocol Use the match protocol command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the IP Protocol field in a packet using a single keyword notation or a numeric value notation Syntax match protocol protocol name...

Page 689: ...t Syntax match source address mac address macmask macaddr Specifies any valid layer 2 MAC address formatted as six two digit hexadecimal numbers separated by colons macmask Specifies a layer 2 MAC address bit mask formatted as six two digit hexadecimal numbers separated by colons This bit mask does not need to be contiguous Default Configuration This command has no default configuration Command Mo...

Page 690: ...P address bit mask is similar to a subnet mask it does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines Only one srcip matching criteria can be specified To remove the matching criteria delete the class map Example The following example displays adding a match condition for the specified IP address a...

Page 691: ... 32 match srcl4port Use the match srcl4port command in Class Map Configuration mode to add to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword or a numeric notation Syntax match srcl4port portkey port number portkey Specifies one of the supported port name keywords A match condition is specified by one layer 4 port number The curr...

Page 692: ...and in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field This field is the only tag in a single tagged packet or the first or outer tag of a double VLAN packet Syntax match vlan vlan id vlan id Specifies a VLAN ID as an integer Range 0 4095 Default Configuration This command has no default configuration C...

Page 693: ... Command Mode Policy Class Map Configuration mode User Guidelines The port identified in this command is identical to the destination port of the monitor command Example The following example displays how to copy all the data to port 1 0 5 console config policy classmap mirror 1 0 5 police simple Use the police simple command in Policy Class Map Configuration mode to applying a policing meter for ...

Page 694: ...ce value Range 0 7 dscpval DSCP value Range 0 63 or a keyword from this list af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines Only one style of police command simple or two rate is allowed for a given class instance in a p...

Page 695: ...ted rate Syntax police two rate datarate burstsize peak data rate excess burstsize conform action action exceed action action violate action action datarate Data rate in kilobits per second kbps Range 1 4294967295 burstsize Burst size in Kbytes Range 1 128 peak data rate Peak data rate in kilobits per second kbps Range 1 4294967295 excess burstsize Excess burst size in kilobits per seconds kbps Ra...

Page 696: ...d for an existing class map before entering this command Example console police two rate 100000000 64 1000000000 32 conform action set cos transmit 7 exceed action set prec transmit 7 violate action drop policy map Use the policy map command in Global Configuration mode to establish a new DiffServ policy or to enter policy map configuration mode To remove the policy use the no form of this command...

Page 697: ...L console config policy map DELL in console config policy classmap random detect queue parms Use the random detect queue parms command to configure the WRED green yellow and red TCP and non TCP packet minimum and maximum thresholds and corresponding drop probabilities on an interface or all interfaces in The policy is applied on ingress Must be specified to create new DiffServ policies An existing...

Page 698: ... 0 to 6 min thresh The minimum threshold at which to begin dropping based on the configured maximum drop probability for each color and for non TCP packets Range 0 to 100 max thresh The maximum threshold to ene dropping at the configured maximum drop probability for each color and for non TCP packets Range 0 to 100 drop prob scale The maximum drop probability Range 0 100 Queue ID WRED Minimum Thre...

Page 699: ...kets are dropped at 100 when the queue size exceeds the maximum value and at 0 when the queue size is below the minimum value Configuring a queue with a drop probability of 0 effectively applies tail drop behavior when the queue length exceeds the maximum threshold If the max thresh parameter is less than the corresponding min thresh parameter it is adjusted to be the min thresh plus one Example T...

Page 700: ...he default value is 15 Command Mode Global Config mode Interface Config mode physical and port channel Interface Range mode User Guidelines To use the instantaneous queue size in the calculation of WRED drops set the weighting constant to 0 Larger values of N reduce the effect of instantaneous changes To update the current queue size to the difference between the previous size and the current inst...

Page 701: ...packets to port 1 0 1 console config policy classmap redirect 1 0 1 service policy Use the service policy command in either Global Configuration mode for all system interfaces or Interface Configuration mode for a specific interface to attach a policy to an interface To return to the system default use the no form of this command Syntax service policy in out policymapname no service policy in out ...

Page 702: ...es within the policy definition exceed the capabilities of the interface When a policy is attached to an interface successfully any attempt to change the policy definition such that it would result in a violation of the interface capabilities causes the policy change attempt to fail ACLs and DiffServ policies may not both exist on the same interface in the same direction Example The following exam...

Page 703: ...uidelines This command has no user guidelines Example The following example displays all the configuration information for the class named Dell console show class map Class L3 Class Name Type Proto Reference Class Name ipv4 All ipv4 ipv6 All ipv6 stop_http_class All ipv6 match_icmp6 All ipv6 console show class map ipv4 Class Name ipv4 Class Type All Class Layer3 Protocol ipv4 Match Criteria Values...

Page 704: ...w classofservice dot1p mapping gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines If the interface is specified the 802 1p mapping table of the interface is displayed If omitted the most recent global c...

Page 705: ...the current IP DSCP mapping to internal traffic classes for a specific interface Syntax show classofservice ip dscp mapping Command is supported only globally Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes Parameter Description User Priority The 802 1p user priority value Traffic Class The traffic class interna...

Page 706: ...s User Guidelines Example console show classofservice ip dscp mapping IP DSCP Traffic Class 0 be cs0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 cs1 0 9 0 10 af11 0 11 0 12 af12 0 13 0 14 af13 0 15 0 16 cs2 0 17 0 18 af21 0 19 0 ...

Page 707: ...mands 707 More or q uit 20 af22 0 21 0 22 af23 0 23 0 24 cs3 1 25 1 26 af31 1 27 1 28 af32 1 29 1 30 af33 1 31 1 32 cs4 2 33 2 34 af41 2 35 2 36 af42 2 37 2 38 af43 2 39 2 40 cs5 2 41 2 42 2 More or q uit 43 2 ...

Page 708: ... 3 49 3 50 3 51 3 52 3 53 3 54 3 55 3 56 cs7 3 57 3 58 3 59 3 60 3 61 3 62 3 63 3 console show classofservice trust Use the show classofservice trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface ...

Page 709: ...ce is displayed If omitted the port trust mode for global configuration is shown Example The following example displays the current trust mode settings for the specified port console show classofservice trust 1 0 2 Class of Service Trust Mode Dot1P show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information which includes the current administrati...

Page 710: ...Max 6 150 Policy Table Size Current Max 2 64 Policy Instance Table Size Current Max 2 640 Policy Attribute Table Size Current Max 2 1920 Service Table Size Current Max 26 214 show diffserv service interface Use this command in Privileged EXEC mode to display policy service information for the specified interface Syntax show diffserv service interface gigabitethernet unit slot port tengigabitethern...

Page 711: ... 1 in DiffServ Admin Mode Enable Interface 1 0 1 Direction In No policy is attached to this interface in this direction show diffserv service interface port channel Syntax Description show diffserv service interface port channel channel group in out Parameter Description Default Configuration This command has no default configuration Parameter Description channel group A valid port channel in the ...

Page 712: ... attached to this interface in this direction show diffserv service brief Use the show diffserv service brief command in Privileged EXEC mode to display all interfaces in the system to which a DiffServ policy has been attached Syntax show diffserv service brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes Use...

Page 713: ...tax show interfaces cos queue gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines If the interface is specified the class of service queue configuration of the interface is displayed If omitted the most ...

Page 714: ...nterfaces cos queue gigabitethernet 1 0 1 Interface 1 0 1 Interface Shaping Rate 0 Queue Id Min Bandwidth Scheduler Type Queue Management Type 0 0 Weighted Tail Drop 1 0 Weighted Tail Drop 2 0 Weighted Tail Drop 3 0 Weighted Tail Drop 4 0 Weighted Tail Drop 5 0 Weighted Tail Drop 6 0 Weighted Tail Drop The following table lists the parameters in the examples and gives a description of each Paramet...

Page 715: ...ent technique used for all queues on this interface Queue An interface supports n queues numbered 0 to n 1 The specific n value is platform dependent Internal egress queue of the interface queues 0 6 are available Minimum Bandwidth The minimum transmission bandwidth guarantee for the queue expressed as a percentage A value of 0 means bandwidth is not guaranteed and the queue operates using best ef...

Page 716: ...configuration information for the specified policy Syntax show policy map policyname policyname Specifies the name of a valid existing DiffServ policy Range 1 31 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the DiffServ...

Page 717: ...tion Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the statistics information for port te1 0 1 console show policy map interface te1 0 1 in Interface te1 0 1 Operational Status Down Policy Name DELL Parameter Description port channel number A valid port channel identifier in Show inb...

Page 718: ... information for all interfaces Syntax show service policy Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays a summary of policy oriented statistics information console show service policy Oper Policy Intf Stat Name 1 0 1 Do...

Page 719: ...ing has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded To restore the default interface shaping rate value use the no form of this command Syntax traffic shape bw kbps no traffic shape bw Maximum transmission bandwidth value expressed in Kbps Range 64 4294967295 Default Configuration This command has no default configuration Command Mode ...

Page 720: ...720 QoS Commands Example The following example displays the setting of traffic shape to a maximum bandwidth of 1024 Kbps console config if 1 0 1 traffic shape 1024 kbps ...

Page 721: ... server model with secure communications using UDP as a transport protocol It is extremely flexible supporting a variety of methods to authenticate and statistically track users It is very extensible allowing for new methods of authentication to be added without disrupting existing network functionality PowerConnect supports a RADIUS client in conformance with RFC 2865 and accounting functions in ...

Page 722: ...D STATION ID Yes No No 31 CALLING STATION ID Yes No No 32 NAS IDENTIFIER Yes No No 40 ACCT STATUS TYPE Set by RADIUS client for Accounting No No 42 ACCT INPUT OCTETS Yes No No 43 ACCT OUTPUT OCTETS Yes No No 44 ACCT SESSION ID Set by RADIUS client for Accounting No No 46 ACCT SESSION TIME Yes No No 49 ACCT TERMINATE CAUSE Yes No No 52 ACCT INPUT GIGAWORDS Yes No No 53 ACCT OUTPUT GIGAWORDS Yes No ...

Page 723: ... Used by both 802 1x and Captive Portal TERMINATION ACTION Indication as to the action taken when the service is completed EAP MESSAGE Contains an EAP message to be sent to the user This is typically used for MAB clients VENDOR SPECIFIC No actions configured at this time 61 NAS PORT TYPE Yes No No 64 TUNNEL TYPE Yes No No 65 TUNNEL MEDIUM TYPE Yes No No 79 EAP MESSAGE Yes No No 80 MESSAGE AUTHENTI...

Page 724: ...a preconfigured VLAN name or a VLAN id If a VLAN id is given the string must only contain decimal digits Commands in this Chapter This chapter explains the following commands aaa accounting dot1x default start stop primary radius server timeout accounting priority retransmit acct port radius server attribute 4 show aaa servers auth port radius server deadtime show accounting methods deadtime radiu...

Page 725: ...ult command to disable dot1x accounting Syntax aaa accounting dot1x default start stop radius none no aaa accounting dot1x default aaa accounting dot1x default none aaa accounting exec commands listname default none start stop stop only radius tacacs radius tacacs tacacs radius no aaa accounting exec commands default list Parameter Description Parameter Description commands Perform accounting on a...

Page 726: ...unting type start stop Issue a start accounting notice at the beginning and stop accounting notice at the end of the accounted method Accounting notices are sent when the user logs into the switch and when the user logs out of the exec mode Accounting notifications are also sent at the beginning and at the end of the user executed command Command execution does not wait for the accounting notifica...

Page 727: ...nting for the line mode to the default Syntax accounting exec commands default list_name no accounting Parameter Description Default Configuration Accounting is not enabled by default Command Mode Line Configuration Parameter Description exec Provides accounting for a user EXEC terminal session commands Provides accounting for all user executed commands default The default list of methods for acco...

Page 728: ... acct port command to set the port that connects to the RADIUS accounting server Use the no form of this command to reset the port to the default Syntax acct port port no acct port port The layer 4 port number of the accounting server Range 1 65535 Default Configuration The default value of the port number is 1813 Command Mode Radius accounting mode User Guidelines There are no user guidelines for...

Page 729: ...nd Mode Radius mode User Guidelines The host is not used for authentication if set to 0 User must enter the mode corresponding to a specific Radius server before executing this command Example The following example sets the port number 2412 for authentication requests console config radius server host 192 143 120 123 console config radius auth port 2412 deadtime Use the deadtime command in Radius ...

Page 730: ...me interval is 0 minutes Command Mode Radius mode User Guidelines If only one RADIUS server is configured it is recommended to use a deadtime interval of 0 Example The following example specifies a deadtime interval of 60 minutes console config radius server host 192 143 120 123 console config radius deadtime 60 debug aaa accounting Use the debug aaa accounting command in Privileged EXEC mode to e...

Page 731: ...e no form of this command to remove the key Syntax key key string key string A string specifying the encryption key Range 0 128 characters Default Configuration There is no key configured by default Command Mode Radius mode User Guidelines There are no user guidelines for this command Example The following example specifies an authentication and encryption key of lion king console config radius se...

Page 732: ...ault Configuration The message authenticator attribute is enabled by default Command Mode Radius mode User Guidelines There are no user guidelines for this command Example console Config auth radius msgauth name RADIUS server Use the name command to assign a name to a RADIUS server Use the no form of the command to return the name to the default unspecified The no form of the command does not requ...

Page 733: ...me2 Even if the priority value of servers in name2 is lower lower value indicates high priority the request would be sent to the name1 servers If for name1 list the configured servers fail to respond the request is sent to the second configured name list Within the same server list the first primary server would be tried You can have multiple secondary servers in the same name list From the multip...

Page 734: ...erver name by default If it fails to communicate with the primary server for any reason it uses the backup servers configured with the same server name These backup servers are identified as the Secondary type Syntax primary Default Configuration There is no primary authentication server by default Command Mode Radius mode User Guidelines There are no user guidelines for this command Example conso...

Page 735: ... 4 Use the radius server attribute 4 command in Global Configuration mode to set the network access server NAS IP address for the RADIUS server The NAS IP address is RADIUS attribute number 4 Use the no version of the command to set the value to the default Syntax radius server attribute 4 ip address no radius server attribute 4 ip address Specifies the IP address to be used as the RADIUS attribut...

Page 736: ...responsive RADIUS server If a RADIUS server is currently active and responsive that server will be used until it no longer responds RADIUS servers whose deadtime interval has not expired are skipped when searching for a new RADIUS server to contact To set the deadtime to 0 use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime deadtime Length of time in mi...

Page 737: ...on mode To delete the specified Radius host use the no form of this command Syntax radius server host acct auth ip address hostname no radius server host acct auth ip address hostname Parameter Description Default Configuration The default server type is authentication The default server name is Default RADIUS Server The default port number is 1812 for an authentication server and 1813 for an acco...

Page 738: ... mode to set the authentication and encryption key for all Radius communications between the switch and the Radius server To reset to the default use the no form of this command Syntax radius server key key string no radius server key key string Specifies the authentication and encryption key for all Radius communications between the switch and the Radius server This key must match the encryption ...

Page 739: ...lient will retransmit requests to the Radius server To reset the default configuration use the no form of this command Syntax radius server retransmit retries no radius server retransmit retries Specifies the retransmit value Range 1 10 Default Configuration The default is 3 attempts Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following ex...

Page 740: ...rce IP address Default Configuration The default IP address is the outgoing IP interface Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures the source IP address used for communication with Radius servers to 10 1 1 1 console config radius server source ip 10 1 1 1 radius server timeout Use the radius server timeout co...

Page 741: ...a server host to reply to 5 seconds console config radius server timeout 5 retransmit Use the retransmit command in Radius mode to specify the number of times the Radius client retransmits requests to the Radius server Syntax retransmit retries retries Specifies the retransmit value Range 1 10 attempts Default Configuration The default number for attempts is 3 Command Mode Radius mode User Guideli...

Page 742: ... Configuration Authentication servers are displayed by default Command Mode User EXEC Privileged EXEC Config mode and all Config sub modes User Guidelines The following fields are displayed Parameter Description accounting This optional parameter will cause accounting servers to be displayed authentication This optional parameter will cause authentication servers to be displayed name This optional...

Page 743: ...been configured Named Authentication Server Groups The number of configured named RADIUS server groups Named Accounting Server Groups The number of configured named RADIUS server groups Timeout The configured timeout value in seconds for request retransmissions Retransmit The configured value of the maximum number of times a request packet is retransmitted Deadtime The length of time an unavailabl...

Page 744: ...Disable More or q uit RADIUS Attribute 4 Value 0 0 0 0 console show aaa servers name Server Name Host Address Port Secret Configured Default RADIUS Server 4 4 4 4 1812 No test 6 6 6 6 1812 No show accounting methods Use the show accounting methods command in Privileged EXEC mode to display the configured accounting method lists Syntax show accounting methods Default Configuration This command has ...

Page 745: ...e dfltExecList dfltCmdsList Telnet dfltExecList dfltCmdsList SSH dfltExecList UserCmdAudit show radius statistics Use the show radius statistics command to show the statistics for an authentication or accounting server Syntax show radius statistics accounting authentication ipaddress hostname name servername Parameter Description Parameter Description accounting authentication The type of server a...

Page 746: ...as used to identify the server Field Description RADIUS Accounting Server Name Name of the accounting server Server Host Address IP address of the host Round Trip Time The time interval in hundredths of a second between the most recent Accounting Response and the Accounting Request that matched it from this RADIUS accounting server Requests The number of RADIUS Accounting Request packets sent to t...

Page 747: ...received from this server on accounting port Packets Dropped The number of RADIUS packets received from this server on accounting port and dropped for some other reason Field Description RADIUS Server Name Name of the authenticating server Server Host Address IP address of the host Access Requests The number of RADIUS Access Request packets sent to this server This number does not include retransm...

Page 748: ... received from this server Malformed packets include packets with an invalid length Bad authenticators or signature attributes or unknown types are not included as malformed access responses Bad Authenticators The number of RADIUS Access Response packets containing invalid authenticators or signature attributes received from this server Pending Requests The number of RADIUS Access Request packets ...

Page 749: ... 0 0 0 0 is interpreted as a request to use the IP address of the outgoing IP interface Syntax source ip source source A valid source IP address Default Configuration The IP address is of the outgoing IP interface Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example specifies 10 240 1...

Page 750: ...nds Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example specifies the timeout setting for the designated Radius Server console config radius server host 192 143 120 123 console config radius timeout 20 usage Use the usage command in Radius mode to specify the usage type of the server...

Page 751: ... Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example specifies usage type login console config radius server host 192 143 120 123 console config radius usage login ...

Page 752: ...752 RADIUS Commands ...

Page 753: ...a network from forwarding loops induced by BPDU packet loss It can be configured to prevent a blocked port from transitioning to the forwarding state when the port stops receiving BPDUs for some reason such as a uni directional link failure STP BPDU Guard The STP BPDU guard allows the network administrator to enforce the STP domain borders and keep the active topology consistent and predictable Th...

Page 754: ...PDU flooding on a port STP should be disabled on the switch administratively When this feature is enabled on the switch it floods all the ports which have the BPDU flood feature enabled BPDU Storm Protection If STP BPDUs are received at a rate of 15 pps or greater for 3 consecutive seconds on a port the port will be diagnostically disabled A message of the following form is logged 188 MAY 04 09 45...

Page 755: ...nd has no default setting Command Mode Privileged EXEC mode User Guidelines This feature is used only when working in RSTP or MSTP mode Example The following example restarts the protocol migration process forces the renegotiation with neighboring switches on 1 0 1 console clear spanning tree detected protocols gigabitethernet 1 0 1 revision mst spanning tree disable spanning tree mst cost spannin...

Page 756: ...owing example shows how to exit the MST configuration mode and save changes console config spanning tree mst configuration console config mst exit instance mst Use the instance command in MST mode to map VLANS to an MST instance Syntax instance instance id add remove vlan vlan range instance ID ID of the MST instance Range 1 4094 vlan range VLANs to be added to the existing MST instance To specify...

Page 757: ...d on the switch Traffic received on VLANs not defined on the port received is dropped Example The following example maps the entire range of VLANs to MST instances MST instance 0 is mapped to VLAN 1 by default Additionally two 10G ports have some but not all of the VLANs mapped to MST instances console config spanning tree mode mst console config spanning tree mst 1 priority 8192 console config sp...

Page 758: ... interface te1 1 2 console config if Te1 1 2 switchport mode trunk console config if Te1 1 2 switchport trunk allowed vlan add 200 349 console config if Te1 1 2 spanning tree mst 2 port priority 16 console config if Te1 1 2 exit name mst Use the name command in MST mode to define the configuration name To return to the default setting use the no form of this command Syntax name string string Case ...

Page 759: ...Configuration Revision number is 0 Command Mode MST mode User Guidelines This command has no user guidelines Example The following example sets the configuration revision to 1 console config spanning tree mst configuration console config mst revision 1 show spanning tree Use the show spanning tree command in Privileged EXEC mode to display the spanning tree configuration Syntax show spanning tree ...

Page 760: ...ng tree Enabled BPDU Flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53 Path Cost 20000 Root Port Gi1 0 1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec TxHoldCount 6 sec Bridge ID Priority 32768 Address 001E C9AA AD1B Hello Time 2 Sec Max Age 20 sec Forward Delay 15 se...

Page 761: ...st 0 Root Guard FALSE Loop Guard FALSE TCN Guard FALSE Auto Portfast TRUE Port Up Time Since Counters Last Cleared 0 day 0 hr 17 min 1 sec BPDU sent 24 received 496 console show spanning tree detail Spanning tree Enabled BPDU flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53...

Page 762: ... Delay 15 sec Number of topology changes 1 last change occurred 0d0h17m15s ago Times hold 6 hello 2 max age 20 forward delay 15 Port Gi1 0 1 Enabled State Forwarding Role Root Port id 128 1 Port Cost 20000 Root Protection No Designated bridge Priority 32768 Address 0010 1882 1C53 Designated port id 128 48 Designated path cost 0 CST Regional Root 80 00 00 10 18 82 1C 53 CST Port Cost 0 BPDU sent 24...

Page 763: ... and parameters for the switch Syntax show spanning tree summary Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines The following fields are displayed Field Description Spanning Tree Admin Mode Enabled or disabled Spanning Tree Version Version of 802 1 currently supported IEEE 802 1s IEEE 8...

Page 764: ...nfiguration mode to enable spanning tree functionality To disable spanning tree functionality use the no form of this command Syntax spanning tree Configuration Name Identifier used to identify the configuration currently being used Configuration Revision Level Identifier used to identify the configuration currently being used Configuration Digest Key A generated Key used in the exchange of the BP...

Page 765: ...ortfast Use the spanning tree auto portfast command to set the port to auto portfast mode This enables the port to become a portfast port if it does not see any BPDUs for 3 seconds Use the no form of this command to disable auto portfast mode Syntax spanning tree auto portfast no spanning tree auto portfast Default Configuration Auto portfast mode is enabled by default Command Mode Interface Confi...

Page 766: ...ther non spanning tree ports Use the no form of the command to disable flooding Syntax spanning tree bpdu flooding no spanning tree bpdu flooding Default Configuration This feature is disabled by default Command Mode Global Configuration mode Usage Guidelines There are no usage guidelines for this command Example console spanning tree bpdu flooding spanning tree bpdu protection Use the spanning tr...

Page 767: ...inst such attack After BPDU protection function is enabled on a switch the system disables an edge port that has received BPDU and notifies the network manager about it The disabled port can only be enabled by the no version of the command Syntax spanning tree bpdu protection no spanning tree bpdu protection Default Configuration BPDU protection is not enabled Command Mode Global Configuration mod...

Page 768: ...10 mbps 2 000 000 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command configures the external cost Since by default each switch is in its own region the external cost is considered in determining the spanning tree of the network This command is also used to configure the rstp path cost Example The following example configures the s...

Page 769: ... channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The following example disables spanning tree on 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 spanning tree disable spanning tree forward time Use the spanning tree forward time command in Global Configuration mode to configure the spanning tree bridge forward time which is t...

Page 770: ...xample The following example configures spanning tree bridge forward time to 25 seconds console config spanning tree forward time 25 spanning tree guard The spanning tree guard command selects whether loop guard or root guard is enabled on an interface If neither is enabled the port operates in accordance with the multiple spanning tree protocol Use the no form of this command to disable loop guar...

Page 771: ...e 4 0 1 console config console config interface gigabitethernet 4 0 1 console config if 4 0 1 spanning tree guard none spanning tree loopguard Use the spanning tree loopguard command to enable loop guard on all ports Use the no form of this command to disable loop guard on all ports Syntax spanning tree loopguard default no spanning tree loopguard default Default Configuration Loop guard is disabl...

Page 772: ...t maximum age use the no form of this command Syntax spanning tree max age seconds no spanning tree max age seconds Time in seconds Range 6 40 Default Configuration The default max age for IEEE STP is 20 seconds Command Mode Global Configuration mode User Guidelines When configuring the Max Age the following relationships should be satisfied 2 Forward Time 1 Max Age Max Age 2 Hello Time 1 Example ...

Page 773: ...0 Default Configuration The maximum number of hops is 20 by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config spanning tree max hops 32 spanning tree mode Use the spanning tree mode command in Global Configuration mode to configure the spanning tree protocol To return to the default configuration use the no form of t...

Page 774: ...ghbor switch is using RSTP and would use STP when the neighbor switch is using STP Example The following example configures the spanning tree protocol to MSTP console config spanning tree mode mst spanning tree mst configuration Use the spanning tree mst configuration command in Global Configuration mode to enable configuring an MST region by entering the multiple spanning tree MST mode Syntax spa...

Page 775: ...configure the internal path cost for multiple spanning tree MST calculations If a loop occurs the spanning tree considers path cost when selecting an interface to put in the forwarding state To return to the default port path cost use the no form of this command Syntax spanning tree mst instance id cost cost no spanning tree mst instance id cost instance ID ID of the spanning tree instance Range 1...

Page 776: ... mst 1 cost 4 spanning tree mst port priority Use the spanning tree mst port priority command in Interface Configuration mode to configure port priority To return to the default port priority use the no form of this command Syntax spanning tree mst instance id port priority priority no spanning tree mst instance id port priority Parameter Description Default Configuration The default port priority...

Page 777: ...and in Global Configuration mode to set the switch priority for the specified spanning tree instance To return to the default setting use the no form of this command Syntax spanning tree mst instance id priority priority no spanning tree mst instance id priority Parameter Description Default Configuration The default bridge priority for IEEE STP is 32768 Parameter Description instance id ID of the...

Page 778: ... of instance 1 to 4096 console config spanning tree mst 1 priority 4096 spanning tree portfast Use the spanning tree portfast command in Interface Configuration mode to enable PortFast mode In PortFast mode the interface is immediately put into the forwarding state upon linkup without waiting for the timer to expire To disable PortFast mode use the no form of this command Syntax spanning tree port...

Page 779: ...e delay Example The following example enables PortFast on 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 spanning tree portfast spanning tree portfast bpdufilter default The spanning tree portfast bpdufilter default command discards BPDUs received on spanning tree ports in portfast mode Use the no form of the command to disable discarding Syntax spanning tree portfast...

Page 780: ...fault Default Configuration Portfast mode is disabled by default Command Mode Global Configuration mode Usage Guidelines This command only applies to access ports NOTE This command should be used with care An interface with PortFast mode enabled is moved directly to the spanning tree forwarding state when linkup occurs without waiting for the standard forward time delay Setting a port connected to...

Page 781: ...AG port channel is 96 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The priority value must be a multiple of 16 Example The following example configures the spanning priority on 1 0 5 to 96 console config interface gigabitethernet 1 0 5 console config if 1 0 5 spanning tree port priority 96 spanning tree priority Use the spanning tree pri...

Page 782: ... lowest priority is the root of the spanning tree Example The following example configures spanning tree priority to 12288 console config spanning tree priority 12288 spanning tree tcnguard Use the spanning tree tcnguard command to prevent a port from propagating topology change notifications Use the no form of the command to enable TCN propagation Syntax spanning tree tcnguard no spanning tree tc...

Page 783: ...e is allowed to send within a hello time window 2 seconds Use the no form of this command to reset the hold count to the default value Syntax spanning tree transmit hold count value no spanning tree transmit value The maximum number of BPDUs to send Range 1 10 Default Configuration The default hold count is 6 BPDUs Command Mode Global Configuration mode User Guidelines There are no user guidelines...

Page 784: ...784 Spanning Tree Commands ...

Page 785: ...ll prompt for the user login credentials and request services from the TACACS client the client will then use the configured list of servers for authentication and provide results back to the NAS The TACACS server list is configured with one or more hosts defined via their network IP address each can be assigned a priority to determine the order in which the TACACS client will contact them a serve...

Page 786: ...ers Default Configuration If left unspecified the key string parameter defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example The following example specifies an encryption and authentication key of 12 console tacacs key 12 port Use the port command in TACACS Configuration mode to specify a server port number Syntax port port ...

Page 787: ...iority command in TACACS Configuration mode to specify the order in which servers are used where 0 zero is the highest priority Syntax priority priority priority Specifies the priority for servers 0 zero is the highest priority Range 0 65535 Default Configuration If left unspecified this parameter defaults to 0 zero Command Mode TACACS Configuration mode User Guidelines This command has no user gu...

Page 788: ... address ip address The name or IP address of the host Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples The following example displays TACACS server settings console show tacacs Global Timeout 5 IP address Port Timeout Priority 10 254 24 162 49 Global 0...

Page 789: ...er host ip address hostname ip address The IP address of the TACACS server hostname The hostname of the TACACS server Range 1 255 characters Default Configuration No TACACS host is specified Command Mode Global Configuration mode User Guidelines To specify multiple hosts multiple tacacs server host commands can be used TACACS servers are keyed by the host name therefore it is advisable to use uniq...

Page 790: ...n Range 0 128 printable characters except for question marks and double quotes Default Configuration The default is an empty string Command Mode Global Configuration mode User Guidelines The tacacs server key command accepts any printable characters for the key except a double quote or question mark Enclose the string in double quotes to include spaces within the key The surrounding quotes are not...

Page 791: ...he timeout value in seconds Range 1 30 Default Configuration The default value is 5 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the timeout value as 30 console config tacacs server timeout 30 timeout Use the timeout command in TACACS Configuration mode to specify the timeout value in seconds If no timeout val...

Page 792: ...on If left unspecified the timeout defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example This example shows how to specify the timeout value console tacacs timeout 23 ...

Page 793: ...This improves fault tolerance of port channel UDLD PDUs act as network control packets They are unaffected by Spanning Tree state Thus they are transmitted and received regardless of Spanning Tree state For the successful operation of UDLD it is required that its neighbors are UDLD capable and UDLD is enabled on the corresponding ports All ports should also be configured to use the same mode of UD...

Page 794: ...D messages The state of undetermined has no effect on the operation of the port The port is not disabled and continues operating as it previously did When in normal mode a port will still be put into the D Disable state for the following cases a UDLD PDU is received from partner that does not have the port s own details echo b When there is a loopback Information sent out on a port is received bac...

Page 795: ...e interval d In aggressive mode when the partner does not respond to an ECHO within 7 seconds Commands in this Chapter This chapter explains the following commands udld enable Global Config Use the udld enable command in Global Config mode to enable UDLD on all physical interfaces on a switch Use the no form of the command to disable UDLD on all interfaces Syntax udld enable no udld enable Default...

Page 796: ...yntax udld reset Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following commands will reset an interface disabled by UDLD Use udld reset in Privileged EXEC mode to reset all interfaces disabled by UDLD The shutdown command followed by no shutdown interface configuration command The no udld enable global configuration command ...

Page 797: ...age transmit interval is 15 seconds Command Mode Global Config mode User Guidelines Lower message time values will detect the unidirectional links more quickly at the cost of higher CPU utilization The message interval is also used to age out UDLD entries from the internal database UDLD entries are removed after three times the message interval and the discovery process starts again udld timeout i...

Page 798: ... has bidirectional or unidirectional connectivity If no ECHO replies are received within three times the message interval then the link is considered to have unidirectional connectivity udld enable Interface Config Use the udld enable command in Interface physical Config mode to enable UDLD on a specific interface Use the no form of the command to disable UDLD on an interface Syntax udld enable no...

Page 799: ...ce Use the no form of the command to reset the operating mode to the default normal Syntax udld port aggressive no udld port Parameter Description Default Configuration Normal mode is configured by default when UDLD is enabled on an interface Command Mode Interface physical Config mode User Guidelines In aggressive mode UDLD will attempt to detect a peer by sending an ECHO packet every seven secon...

Page 800: ...ription Admin Mode The global administrative mode of UDLD Message Interval The time period in seconds between the transmission of UDLD probe packets Timeout Interval The time period in seconds before making decision that link is unidirectional Field Description Interface Id The interface identifier in short form e g te1 0 1 Admin Mode The administrative mode of UDLD configured on this interface Th...

Page 801: ...acket receive transmit events UDLD Status The status of the link as determined by UDLD The options are Undetermined UDLD has not collected enough information to determine the state of the port Not applicable UDLD is disabled either globally or on the port Shutdown UDLD has detected a unidirectional link and shutdown the port That is the port is in an errDisabled state Bidirectional UDLD has detect...

Page 802: ...isabled Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description Packet Display transmitted and received UDLD packets Receive Debug packets received by the switch Transmit Debug packets transmitted by the switch Events Display UDLD events ...

Page 803: ...he physical locations of devices in the network PowerConnect switching supports up to 1024 VLANs for forwarding VLANs can be allocated by subnet and netmask pairs thus allowing overlapping subnets For example subnet 10 10 128 0 with Mask 255 255 128 0 and subnet 10 10 0 0 with Mask 255 255 0 0 can have different VLAN associations Double VLAN Mode An incoming frame is identified as tagged or untagg...

Page 804: ... VLAN can quickly eat up address entries Each VLAN is associated with its own forwarding database Hence the number of forwarding databases equals the number of VLANs supported The MAC address stored is supplemented by a 2 byte VLAN ID The first 2 bytes of a forwarding database entry contain the VLAN ID associated and the next 6 bytes contain the MAC address There is a one to one relationship betwe...

Page 805: ... protocol for which the filter is desired IP Subnet Based VLANs This feature allows an untagged packet to be placed in a configured VLAN based upon its IP address MAC Based VLANs This feature allows an untagged packet to be placed in a configured VLAN based upon its MAC address Private VLAN Commands The PowerConnect Private VLAN feature separates a regular VLAN domain into two or more sub domains ...

Page 806: ... promiscuous ports community ports and isolated ports An endpoint connected to a promiscuous port is allowed to communicate with any endpoint within the private VLAN Multiple promiscuous ports can be defined for a single private VLAN domain Host port Belongs to a secondary VLAN and depending upon the type of secondary VLAN can either communicate with other ports in the same community if the second...

Page 807: ...e with the endpoints within the community and can also communicate with any configured promiscuous port The endpoints which belong to one community cannot communicate with endpoints which belong to a different community or with endpoints connected over isolated VLANs Private VLANs Operation in the Switch Environment The Private VLAN feature operates in a stacked or single switch environment The st...

Page 808: ...s forwarded to all promiscuous and trunk ports If the received port is community port the broadcast traffic is forwarded to promiscuous trunk and community ports in the same VLAN A promiscuous port sends traffic to other promiscuous ports isolated and community ports Commands in this Chapter This chapter explains the following commands dvlan tunnel ethertype show dvlan tunnel switchport general ac...

Page 809: ...cess vlan vlan Global Config show vlan private vlan protocol vlan group all switchport general forbidden vlan vlan association mac Private VLAN Commands switchport private vlan private vlan show interfaces switchport show vlan private vlan switchport mode private vlan Parameter Description 802 1Q Configures the EtherType as 0x8100 vman Configures the EtherType as 0x88A8 custom Configures a custom ...

Page 810: ...les disables the use of the ethertype on the specific interface The ethertype used in the interface form of the command must use the same ethertype as specified in the global configuration form of the command The inner vlan tag C TAG is configured using the switchport command in interface configuration mode Example The following example displays configuring Double VLAN tunnel for vman EtherType co...

Page 811: ...terface Examples console config vlan10 interface vlan 10 console config if vlan10 interface range vlan Use the interface range vlan command in Global Configuration mode to execute a command on multiple VLANs at the same time Syntax interface range vlan vlan range all vlan range A list of valid VLAN IDs to add Separate nonconsecutive VLAN IDs with a comma and no spaces use a hyphen to designate a r...

Page 812: ... tunnel command in Interface Configuration mode to enable Double VLAN Tunneling on the specified interface To disable Double VLAN Tunneling on the specified interface use the no form of this command Syntax mode dvlan tunnel no mode dvlan tunnel Default Configuration By default Double VLAN Tunneling is disabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mod...

Page 813: ...ged on ingress with the configured ethertype and the service provider ID taken from the PVID On egress the access port strips all SP tags belonging to service provider VLANS Example The following example displays how to enable Double VLAN Tunneling at gigabit ethernet port 1 0 1 console config if 1 0 1 mode dvlan tunnel name VLAN Configuration Use the name command in VLAN Configuration mode to con...

Page 814: ...ed Example The following example configures a VLAN name of office2 for VLAN 2 console config vlan 2 console config vlan2 name RDU NOC Management VLAN protocol group Use the protocol group command in VLAN Configuration mode to attach a VLAN ID to the protocol based group identified by groupid A group may only be associated with one VLAN at a time However the VLAN association can be changed The refe...

Page 815: ...otocol vlan group Use the protocol vlan group command in Interface Configuration mode to add the physical unit slot port interface to the protocol based group identified by groupid A group may have more than one interface associated with it Each interface and protocol combination can be associated with one group only If adding an interface to a group causes any conflicts with protocols currently a...

Page 816: ...ID of 2 console config if 1 0 1 protocol vlan group 2 protocol vlan group all Use the protocol vlan group all command in Global Configuration mode to add all physical interfaces to the protocol based group identified by groupid A group may have more than one interface associated with it Each interface and protocol combination can be associated with one group only If adding an interface to a group ...

Page 817: ...nd Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to add all physical interfaces to the protocol based group identified by group ID 2 console config protocol vlan group all 2 show dvlan tunnel Use the show dvlan tunnel command in Privileged EXEC mod...

Page 818: ... interface command in Privileged EXEC mode to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces Syntax show dvlan tunnel interface gigabithethernet unit slot port tengigabitethernet unit slot port all all Displays information for all interfaces Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Conf...

Page 819: ... following information Field Description Mode This field specifies the administrative mode through which Double VLAN Tunneling can be enabled or disabled The default value for this field is disabled Interface Interface Number EtherType This field represents a 2 byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel The three different EtherType tags are 1 802 1Q which represents th...

Page 820: ...n MVR Voice VLAN It is recommended that the private VLAN host ports be configured as spanning tree portfast Examples The following example displays switchport configuration individually for gi1 0 1 console show interface switchport gigabitethernet 1 0 1 Port 1 0 1 VLAN Membership mode General Operating parameters PVID 1 default Ingress Filtering Enabled Acceptable Frame Type All GVRP status Enable...

Page 821: ...ion PVID 1 default Ingress Filtering Enabled Acceptable Frame Type All Port 1 0 1 is statically configured to VLAN Name Egress rule 11 VLAN0011 tagged 19 IPv6 VLAN untagged 72 VLAN0072 untagged Forbidden VLANS VLAN Name 73 Out The following example displays switchport configuration individually for 1 0 2 console show interface switchport gigabitethernet 1 0 2 Port 1 0 2 VLAN Membership mode Genera...

Page 822: ...ering Disabled Acceptable Frame Type All Port 1 0 2 is statically configured to VLAN Name Egress rule 8 VLAN0072 untagged 91 IP Telephony tagged Forbidden VLANS VLAN Name 73 Out The following example displays switchport configuration individually for 2 0 19 console show interfaces switchport gigabitethernet 2 0 19 Port 2 0 19 Operating parameters PVID 2922 Ingress Filtering Enabled Acceptable Fram...

Page 823: ...ry A untagged Static 2922 Community A1 untagged Static show port protocol Use the show port protocol command in Privileged EXEC mode to display the Protocol Based VLAN information for either the entire system or for the indicated group Syntax show port protocol groupid all groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the...

Page 824: ... Name ID Protocol s VLAN Interface s test 1 IP 1 1 0 1 show vlan Use the show vlan command in Privileged EXEC mode to display detailed information including interface information and dynamic VLAN type for a specific VLAN The ID is a valid VLAN identification number Syntax show vlan id vlanid name vlan name Parameter Description Default Configuration This command has no default configuration Parame...

Page 825: ...t Gi1 0 1 10 console show vlan id 2 VLAN Name Ports Type 2 VLAN0002 Gi1 0 11 20 Dynamic DOT1X console show vlan id 3 VLAN Name Ports Type 3 VLAN0003 Gi1 0 21 24 Dynamic GVRP show vlan association mac Use the show vlan association mac command in Privileged EXEC mode to display the VLAN associated with a specific configured MAC address If no MAC address is specified the VLAN associations of all the ...

Page 826: ...AC address to VLAN cross reference console show vlan association mac MAC Address VLAN ID 0001 0001 0001 0001 1 console show vlan association subnet Use the show vlan association subnet command in Privileged EXEC mode to display the VLAN associated with a specific configured IP Address and netmask If no IP Address and net mask are specified the VLAN associations of all the configured IP subnets are...

Page 827: ...association subnet IP Address IP Mask VLAN ID The IP Subnet to VLAN association does not exist switchport access vlan Use the switchport access vlan command in Interface Configuration mode to configure the VLAN ID when the interface is in access mode To reconfigure the default use the no form of this command Syntax switchport access vlan vlan id no switchport access vlan vlan id A valid VLAN ID of...

Page 828: ...rnet 1 0 8 console config if 1 0 8 switchport access vlan 23 switchport general forbidden vlan Use the switchport general forbidden vlan command in Interface Configuration mode to forbid adding specific VLANs to a general mode port To revert to allowing the addition of specific VLANs to the port use the remove parameter of this command Syntax switchport general forbidden vlan add vlan list remove ...

Page 829: ... 234 256 switchport general acceptable frame type tagged only Use the switchport general acceptable frame type tagged only command in Interface Configuration mode to discard untagged frames at ingress To enable untagged frames at ingress use the no form of this command Syntax switchport general acceptable frame type tagged only no switchport general acceptable frame type tagged only Default Config...

Page 830: ...port general allowed vlan remove vlan list add vlan list List of VLAN IDs to add Separate nonconsecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs remove vlan list List of VLAN IDs to remove Separate nonconsecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs tagged Sets the port to transmit tagged packets for the VLANs If the port...

Page 831: ...and in Interface Configuration mode to disable port ingress filtering To enable ingress filtering on a port use the no form of this command Syntax switchport general ingress filtering disable no switchport general ingress filtering disable Default Configuration Ingress filtering is enabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines Thi...

Page 832: ...ral pvid vlan id PVID The VLAN ID may belong to a non existent VLAN Default Configuration The default value for the vlan id parameter is 1 when the VLAN is enabled Otherwise the value is 4093 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines Setting a new PVID does NOT remove the previously configured PVID VLAN from the port membership Exampl...

Page 833: ...cket tagged with the access port VLAN Tagged packets received with a VLAN other than the access port VLAN are discarded An access port transmits only untagged packets trunk A trunk port connects two switches A trunk port may belong to multiple VLANs A trunk port accepts only packets tagged with the VLAN IDs of the VLANs to which the trunk is a member or untagged packets if configured with a native...

Page 834: ...1 0 5 to access mode console config interface gigabitethernet 1 0 5 console config if 1 0 5 switchport mode access switchport trunk Use the switchport trunk command in Interface Configuration mode to add VLANs to or remove VLANs from a trunk port or to set the native VLAN for an interface in Trunk Mode Syntax switchport trunk allowed vlan vlan list native vlan vlan id no switchport trunk allowed v...

Page 835: ...all specifies all VLANs from 1 to 4093 This keyword is not allowed on commands that do not permit all VLANs in the list to be set at the same time add adds the defined list of VLANs to those currently set instead of replacing the list remove removes the defined list of VLANs from those currently set instead of replacing the list Valid IDs are from 1 to 4093 extended range VLAN IDs of the form X Y ...

Page 836: ...ave not yet been created from trunk port membership Example console config if Gi1 0 1 switchport trunk allowed vlan 1 1024 console config if Gi1 0 1 switchport trunk allowed vlan except 1 2 3 5 7 11 13 vlan Use the vlan command in VLAN Database mode to configure a VLAN To delete a VLAN use the no form of this command Syntax vlan vlan range no vlan vlan range vlan range A list of valid VLAN IDs to ...

Page 837: ... 22 23 56 console config vlan vlan Global Config Use the vlan command in Global Configuration mode to configure a VLAN To delete a VLAN use the no form of this command Syntax vlan vlan id vlan range no vlan vlan id vlan range Parameter Description Default Configuration This command has no default configuration Command Mode Global Configuration Config Parameter Description vlan id A valid VLAN ID R...

Page 838: ...n mac Use the vlan association mac command in VLAN Config mode to associate a MAC address to a VLAN The maximum number of MAC based VLANs is 256 Only packets with a matching source IP address are placed in the VLAN Syntax vlan association mac mac address no vlan association mac mac address mac address MAC address to associate to the VLAN Range Any MAC address in the format xxxx xxxx xxxx or xx xx ...

Page 839: ...ation subnet ip address subnet mask ip address Source IP address Range Any valid IP address subnet mask Subnet mask Range Any valid subnet mask Default Configuration No assigned ip subnet Command Mode VLAN Config mode User Guidelines This command has no user guidelines Example The following example associates the 192 168 0 xxx IP address with VLAN ID 1 console config vlan 1 console config vlan 1 v...

Page 840: ...ode console config vlan database console config vlan vlan makestatic This command changes a dynamically created VLAN one that is created by GVRP registration to a static VLAN one that is permanently configured and defined The ID is a valid VLAN identification number VLAN range is 2 4093 Syntax vlan makestatic vlan id vlan id Valid vlan ID Range is 2 4093 Default Configuration This command has no d...

Page 841: ...col group is created it is assigned a unique group ID number The group ID is used to identify the group in subsequent commands Use the no form of the command to remove the specified VLAN protocol group name from the system Syntax vlan protocol group groupid no vlan protocol group groupid groupid The protocol based VLAN group ID to create a protocol based VLAN group To see the created protocol grou...

Page 842: ...tocol group add protocol groupid ethertype value no vlan protocol group add protocol groupid ethertype value groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command To see the group ID associated with the name of a protocol group use the show port protocol all command ethertype value The protocol you...

Page 843: ...a protocol group use the show port protocol all command groupName The group name you want to add The group name can be up to 16 characters length It can be any valid alpha numeric characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config vlan protocol group name 1 user...

Page 844: ...es Example The following example displays the removal of the protocol based VLAN group identified as 2 console config vlan protocol group remove 2 switchport private vlan Use the switchport private vlan command in Interface Config mode to define a private VLAN association for an isolated or community port or a mapping for a promiscuous port Use the no form of the command to remove the private VLAN...

Page 845: ...e Use the no form of the command to remove the private VLAN association or mapping from the interface Syntax switchport mode private vlan host promiscuous no switchport mode Parameter Description host association Defines VLAN associations for community or host ports mapping Defines the private VLAN mapping for promiscuous ports primary vlan id Primary VLAN ID of a private VLAN secondary vlan id Se...

Page 846: ...VLAN host ports be configured as spanning tree portfast private vlan Use the private vlan command in VLAN Config mode to define a private VLAN association between the primary and secondary VLANs Use the no form of the command to remove the private VLAN association Syntax private vlan primary isolated community association add remove vlan list Parameter Description host association Configure the in...

Page 847: ...ary VLAN The primary VLAN is the VLAN that carries traffic from a promiscuous port to the private ports Parameter Description association Defines an association between the primary VLAN and secondary VLANs primary Specify that the selected VLAN is the primary VLAN community Specify that the selected VLAN is the community VLAN isolated Specify that the selected VLAN is the isolated VLAN add Associa...

Page 848: ...private vlan community console config vlan exit console config vlan 1003 console config vlan private vlan community console config vlan exit console config vlan 20 console config vlan private vlan association 1001 1003 console config vlan end show vlan private vlan Use the show vlan private vlan command in Privileged EXEC mode to display information about the configured private VLANs including pri...

Page 849: ...rivate VLANs on ports configured with any of these features Link Aggregation Control Protocol LACP Multicast VLAN Registration MVR Voice VLAN It is recommended that the private VLAN host ports be configured as spanning tree portfast Parameter Description Primary Primary VLAN ID Secondary Secondary VLAN ID Type Secondary VLAN type Use the type parameter to display only private VLAN ID and its type ...

Page 850: ...850 VLAN Commands ...

Page 851: ... voice data coming from the VoIP phone is tagged with the exchanged VLAN ID thus regular data arriving on the switch is given the default PVID of the port and the voice traffic is received on a predefined VLAN The two types of traffic are therefore segregated so that better service can be provided to the voice traffic When a dot1p priority is associated with the voice VLAN port instead of VLAN ID ...

Page 852: ...n no voice vlan Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines Not applicable Default Value This feature is disabled by default Example console config voice vlan console config no voice vlan voice vlan Interface This command is used to enable the voice vlan capability on the interface voice vlan voice vlan data priority voice vlan Interface show voice vlan ...

Page 853: ... priority on received voice vlan traffic trusted mode dot1p Configure Voice VLAN 802 1p priority tagging for voice traffic dscp Configure DSCP value for voice traffic on the voice vlan port Range 0 64 none Allow the IP phone to use its own configuration to send untagged voice traffic priority The Dot1p priority for the voice VLAN on the port trust Trust the dot1p priority or DSCP values contained ...

Page 854: ...ax voice vlan data priority trust untrust trust Trust the dot1p priority or DSCP values contained in packets arriving on the voice vlan port untrust Do not trust the dot1p priority or DSCP values contained in packets arriving on the voice vlan port Command Mode Interface Configuration Default Value trust Example console config if 1 0 1 voice vlan data priority untrust console config if 1 0 1 voice...

Page 855: ...VLAN Interface Mode Enabled Voice VLAN ID 1 Voice VLAN COS Override False Voice VLAN Port Status Disabled When the interface parameter is specified Voice VLAN Mode The admin mode of the voice VLAN on the interface Voice VLAN ID The voice VLAN ID Voice VLAN Priority The Dot1p priority for the voice VLAN on the port Voice VLAN Untagged The tagging option for the voice VLAN traffic Voice VLAN COS Ove...

Page 856: ...856 Voice VLAN Commands ...

Page 857: ...on server or authentication using remote RADIUS or TACACS servers Supported security methods for communication with remote servers include MD5 PEAP EAP TTL EAP TTLS and EAP TLS Local 802 1X Authentication Server The PowerConnect switch supports a dedicated database for local authentication of users for network access through the Dot1x feature This functionality is distinct from management access f...

Page 858: ...loaded or imported downloaded to from a central location using a TFTP server MAC Authentication Bypass Today 802 1x has become the recommended port based authentication method at the access layer in enterprise networks However there may be 802 1x unaware devices such as printers fax machines etc that would require access to the network without 802 1x authentication MAC Authentication Bypass MAB is...

Page 859: ... a failure to authenticate but logs the results of the authentication process for diagnostic purposes The exact details are described in the below sections The main aim of the monitor mode is to provide a mechanism to the operator to be able to identify the short comings in the configuration of a Dot1x authentication on the switch without affecting the network access to the users of the switch The...

Page 860: ...LAN is dynamically created This implies that the client can connect from any port and be assigned to the appropriate VLAN This gives flexibility for clients to move around the network with out requiring the operator to perform additional provisioning for each network interface Commands in this Chapter This chapter explains the following commands dot1x dynamic vlan enable dot1x system auth control ...

Page 861: ...tch Use the no form of the command to disable this capability Syntax dot1x dynamic vlan enable no dot1x dynamic vlan enable Parameter Description This command does not require a parameter description Default Configuration The default value is Disabled Command Mode Global Configuration User Guidelines This command has no user guidelines dot1x system auth control show dot1x authentication history do...

Page 862: ...Syntax Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command dot1x mac auth bypass Use the dot1x mac auth bypass command to enable MAB on an interface Use the no form of this command to disable MAB on an interface Syntax dot1x mac auth bypass no dot1x mac auth bypass Default Config...

Page 863: ...on Protocol EAP request frame assuming that no response is received to the client before restarting the authentication process To return to the default setting use the no form of this command Syntax dot1x max req count no dot1x max req count Number of times that the switch sends an EAP request identity frame before restarting the authentication process Range 1 10 Default Configuration The default ...

Page 864: ...ion of the command to reset the maximum number of clients supported on the port when MAC based 802 1X authentication is enabled on the port Syntax dot1x max users users no dot1x max users users The number of users the port supports for MAC based 802 1X authentication Range 1 24 Default Configuration The default number of clients supported on a port with MAC based 802 1X authentication is 8 Command...

Page 865: ...al traffic without 802 1x based authentication of the client force unauthorized Denies all access through this interface by forcing the port to transition to the unauthorized state ignoring all attempts by the client to authenticate The switch cannot provide authentication services to the client through the interface mac based Enables 802 1x authentication on the interface and allows multiple host...

Page 866: ...icate command in Privileged EXEC mode to enable manually initiating a re authentication of all 802 1x enabled ports or the specified 802 1x enabled port Syntax dot1x re authenticate gigabitethernet unit slot port tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Exa...

Page 867: ...n is disabled Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example enables periodic re authentication of the client console config interface gigabitethernet 1 0 16 console config if 1 0 16 dot1x reauthentication dot1x system auth control Use the dot1x system auth control command in Global Configuration mode to enable 8...

Page 868: ... auth control monitor Use the dot1x system auth control monitor command in Global Configuration mode to enable 802 1x monitor mode globally To disable this function use the no form of this command Syntax dot1x system auth control monitor no dot1x system auth control monitor Parameter Description This command has no arguments or keywords Default Configuration Dot1x monitor mode is disabled Command ...

Page 869: ...n period seconds no dot1x timeout guest vlan period seconds Time in seconds that the switch waits before authorizing the client if the client is a dot1x unaware client Default Configuration The switch remains in the quiet state for 90 seconds Command Mode Interface Configuration Ethernet mode User Guidelines It is recommended that the user set the dot1x timeout guest vlan period to at least three ...

Page 870: ...econds Default Configuration The switch remains in the quiet state for 60 seconds Command Mode Interface Configuration Ethernet mode User Guidelines During the quiet period the switch does not accept or initiate any authentication requests Change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients ...

Page 871: ... Configuration Re authentication period is 3600 seconds Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example sets the number of seconds between re authentication attempts to 300 console config interface gigabitethernet 1 0 16 console config if 1 0 16 dot1x timeout re authperiod 300 dot1x timeout server timeout Use the ...

Page 872: ...xample sets the time for the retransmission to the authentication server to 3600 seconds console config if 1 0 1 dot1x timeout server timeout 3600 dot1x timeout supp timeout Use the dot1x timeout supp timeout command in Interface Configuration mode to set the time that the switch waits for a response before retransmitting an Extensible Authentication Protocol EAP request frame to the client To ret...

Page 873: ...ig if 1 0 1 dot1x timeout supp timeout 3600 dot1x timeout tx period Use the dot1x timeout tx period command in Interface Configuration mode to set the number of seconds that the switch waits for a response to an Extensible Authentication Protocol EAP request identity frame from the client before resending the request To return to the default setting use the no form of this command Syntax dot1x tim...

Page 874: ...igabitethernet 1 0 16 console config if 1 0 16 dot1x timeout tx period 3600 show dot1x Use the show dot1x command in Privileged EXEC mode to display A summary of the global dot1x configuration Summary information of the dot1x configuration for a specified port or all ports Detailed dot1x configuration for a specified port Dot1x statistics for a specified port depending on the tokens used Syntax sh...

Page 875: ...authentication events and information during successful and unsuccessful dot1x authentication processes The command is available to display all events or events per interface or only failure authentication events in summary or in detail Syntax show dot1x authentication history interface id all failed auth only detail Field Description Administrative Mode Indicates whether authentication control on...

Page 876: ...Gi1 0 2 MAC Address 00 01 02 03 04 05 VLAN Assigned 111 VLAN Assigned Reason Guest VLAN Auth Status Authorized Reason Dot1x Authentication Parameter Description Time Stamp Exact time at which the event occurs Interface Physical Port on which the event occurs MAC Address Supplicant Client MAC Address VLAN assigned VLAN assigned to the client port on authentication VLAN assigned Reason Type of VLAN ...

Page 877: ...02 03 04 05 111 Authorized Mar 22 2010 01 18 22 gi1 0 1 00 00 00 03 04 05 0 Unauthorized console show dot1x authentication history gi1 0 1 failed auth only Time Stamp Interface MAC Address VLANID Auth Status Mar 22 2010 01 18 22 gi1 0 2 00 00 00 03 04 05 0 Unauthorized show dot1x clients Use the show dot1x clients command in Privileged EXEC mode to display 802 1x client information The client info...

Page 878: ...onitor Mode Indicates the number of Dot1x clients authenticated using Monitor mode Clients Authenticated using Dot1x Indicates the number of Dot1x clients authenticated using 802 1x authentication process Field Description Interface The port number Username The username representing the identity of the Supplicant This field shows the username when the port control is auto or mac based If the port ...

Page 879: ... Timeout 0 Session Termination Action Default Logical Interface 96 Interface gi1 0 7 User Name brcm Supp MAC Address 00 08 A1 7E 45 1A Session Time 67 VLAN Id 1 VLAN Assigned Monitor Mode Session Timeout 0 Filter ID The Filter ID assigned to the client by the RADIUS server This field is not applicable when the Filter ID feature is disabled on the RADIUS server and client VLAN Assigned The VLAN ass...

Page 880: ... Syntax show dot1x interface gigabitethernet unit slot port tengigabitethernet unit slot port Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show dot1x interface gigabitethernet 1 0 10 Administrative Mode Disabled Dynamic VLA...

Page 881: ...tatistics command in Privileged EXEC mode to display 802 1x statistics for the specified interface Syntax show dot1x interface gigabitethernet unit slot port tengigabitethernet unit slot port statistics Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example Th...

Page 882: ...d by this Authenticator EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator EapolLogoffFramesRx The number of EAPOL Logoff frames that have been received by this Authenticator EapolRespIdFramesRx The number of EAP Resp Id frames that have been received...

Page 883: ...has no user guidelines Example The following example displays 802 1x users console show dot1x users Port Username InvalidEapolFramesRx The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized EapLengthErrorFramesRx The number of EAPOL frames that have been received by this Authenticator in which the Packet Body Length field is invalid LastE...

Page 884: ... authentication history table captured during successful and unsuccessful authentication Syntax show dot1x authentication history interface id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Field Description Username The username representing the identity of the Supplicant Port The port that the user is using Parameter Descri...

Page 885: ...an command in Interface Configuration mode to set the guest VLAN on a port The VLAN must already have been defined The no form of this command sets the guest VLAN id to zero which disables the guest VLAN on a port Syntax dot1x guest vlan vlan id no dot1x guest vlan vlan id The ID of a valid VLAN to use as the guest VLAN Range 0 4093 Default Configuration The guest VLAN is disabled on the interface...

Page 886: ...of a valid VLAN to use for unauthenticated clients Range 0 4093 Default Configuration The unauthenticated VLAN is disabled on the interface by default Command Mode Interface Configuration Ethernet mode User Guidelines Configure the unauthenticated VLAN before using this command Example The following example set the unauthenticated VLAN on port 1 0 2 to VLAN 20 console config if 1 0 2 dot1x unauth ...

Page 887: ...et unit slot port tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays 802 1x advanced features for the switch console show dot1x advanced Port Guest Unauthenticated VLAN Vlan 1 0 1 Disabled Di...

Page 888: ...888 802 1x Commands console show dot1x advanced gigabitethernet 1 0 2 Port Guest Unauthenticated VLAN Vlan 1 0 2 10 20 ...

Page 889: ...the Internet This section of the document contains the following Layer 3 topics ARP Commands Loopback Interface Commands DHCP Server and Relay Agent Commands Multicast Commands DHCPv6 Commands IPv6 Multicast Commands DVMRP Commands OSPF Commands GMRP Commands OSPFv3 Commands IGMP Commands Router Discovery Protocol Commands IGMP Proxy Commands Routing Information Protocol Commands IP Helper DHCP Re...

Page 890: ...890 Layer 3 Commands ...

Page 891: ...earn a default gateway The router discovery protocol is one method that enables hosts to learn a default gateway If a host does not know a default gateway it can learn the first hop to the destination through proxy ARP Proxy ARP RFC 1027 is a technique used to make a machine physically located on one network appear to be logically part of a different physical network connected to the same router m...

Page 892: ...the cache entry is retained and its age is reset to 0 By enabling the dynamic renew option the system administrator can configure ARP to attempt to renew aged ARP entries regardless of their use for forwarding If the system learns a new ARP entry but the hardware does not have space to add the new ARP entry the system attempts to remove entries that have not been used for forwarding recently This ...

Page 893: ...nes This command has no user guidelines Example The following example creates an ARP entry consisting of an IP address and a MAC address console config arp 192 168 1 2 00A2 64B3 A245 arp cachesize Use the arp cachesize command in Global Configuration mode to configure the maximum number of entries in the ARP cache To return the maximum number ARP cache entries to the default value use the no form ...

Page 894: ...new command in Global Configuration mode to enable the ARP component to automatically renew dynamic ARP entries when they age out To disable the automatic renewal of dynamic ARP entries when they age out use the no form of the command Syntax arp dynamicrenew no arp dynamicrenew Default Configuration The default state is disabled Command Mode Global Configuration mode User Guidelines When an ARP en...

Page 895: ...he dynamic renew option only applies to host entries The disadvantage of enabling dynamic renew is that once an ARP cache entry is created that cache entry continues to take space in the ARP cache as long as the neighbor continues to respond to ARP requests even if no traffic is being forwarded to the neighbor In a network where the number of potential neighbors is greater than the ARP cache capac...

Page 896: ...ode to configure the ARP request response time out To return the response time out to the default value use the no form of this command Syntax arp resptime integer no arp resptime integer IP ARP entry response time out Range 1 10 seconds Default Configuration The default value is 1 second Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The followi...

Page 897: ...lt Configuration The default value is 4 retries Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines 6 as the maximum number of retries console config arp retries 6 arp timeout Use the arp timeout command in Global Configuration mode to configure the ARP entry ageout time Use the no form of the command to set the ageout ti...

Page 898: ...rp cache Use the clear arp cache command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache Syntax clear arp cache gateway gateway Removes the dynamic entries of type gateway as well Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example cle...

Page 899: ...EXEC mode User Guidelines This command has no user guidelines Example In the example below out of band management entries are shown for example those from the out of band interface console show arp Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 6144 Dynamic Renew Mode Disable Total Entry Count Current Peak 0 0 Static Entry Count Configured Active Max 0 0 128 IP Address MAC Addr...

Page 900: ...nd has no user guidelines ip proxy arp Use the ip proxy arp command in Interface Configuration mode to enable proxy ARP on a router interface Without proxy ARP a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived With proxy ARP the device may also respond if the target IP address is reachable The device only respo...

Page 901: ...console config if vlan15 ip proxy arp show arp Use the show arp command in Privileged EXEC mode to display all entries in the Address Resolution Protocol ARP cache The displayed results are not the total ARP entries To view the total ARP entries the operator should view the show ARP results Syntax show arp brief brief Display ARP parameters Default Configuration This command has no default configu...

Page 902: ...e shows show arp command output console show arp Static ARP entries are only active when the IP address is reachable on a local subnet Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 6144 Dynamic Renew Mode Disable Total Entry Count Current Peak 0 0 Static Entry Count Configured Active Max 1 0 128 IP Address MAC Address Interface Type Age 1 1 1 3 0000 0000 0022 n a Static n a ...

Page 903: ...for allocation of network addresses to hosts DHCP offers the following features and benefits It supports the definition of pools of IP addresses that can be allocated to clients by the server Many implementations use the term scope instead of pool Configuration settings like the subnet mask default router DNS server that are required to make TCP IP work correctly can be passed to the client using ...

Page 904: ...ration mode to define a DHCP address pool that can be used to supply addressing information to DHCP clients Upon successful completion this command puts the user into DHCP Pool Configuration mode Use the no form of the command to remove an address pool definition ip dhcp pool dns server IP DHCP Pool Config ip dhcp ping packets service dhcp bootfile domain name IP DHCP Pool Config lease sntp clear ...

Page 905: ...strator can configure the address space and other parameters to be supplied to DHCP clients By default the DHCP server assumes that all addresses specified are available for assignment to clients Use the ip dhcp excluded address command in Global Configuration mode to specify addresses that should never be assigned to DHCP clients To configure a dynamic DHCP address pool configure the following po...

Page 906: ...ands listed below It is only necessary to configure a DHCP client identifier or a BOOTP client MAC address for a manual binding To configure a manual binding the client identifier or hardware address must be specified before specifying the host address DHCP client identifier client identifier BOOTP client MAC address hardware address Host address host Client name optional client name Examples Exam...

Page 907: ...et the name of the image for the DHCP client to load Use the no form of the command to remove the bootfile configuration Use the show ip dhcp pool command to display pool configuration parameters Syntax bootfile filename no bootfile Parameter Description Default Configuration There is no default bootfile filename Command Mode DHCP Pool Configuration mode User Guidelines This command has no user gu...

Page 908: ...ion Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console clear ip dhcp binding 1 2 3 4 clear ip dhcp conflict Use the clear ip dhcp conflict command in Privileged EXEC mode to remove DHCP server address conflicts Use the show ip dhcp conflict command to display address conflicts detected by the DHCP server Syntax clear ip dhcp conflict ip address Pa...

Page 909: ...ion mode to identify a Microsoft DHCP client to be manually assigned an address Use the no form of the command to remove the client identifier configuration Syntax client identifier unique identifier no client identifier Parameter Description Parameter Description Clear all dhcp conflicts ip address Clear a specific address conflict Parameter Description unique identifier The identifier of the Mic...

Page 910: ...ool configuration parameters Example console config dhcp pool client identifier 01 03 13 18 22 33 11 console config dhcp pool host 192 168 21 34 32 client name Use the client name command in DHCP Pool Configuration mode to specify the host name of a DHCP client Use the no form of the command to remove the client name configuration Syntax client name name no client name Parameter Description Defaul...

Page 911: ... 32 console config dhcp pool client name Line_Printer_Hallway default router Use the default router command in DHCP Pool Configuration mode to set the IPv4 address of one or more routers for the DHCP client to use Use the no form of the command to remove the default router configuration Use the show ip dhcp pool command to display pool configuration parameters Syntax default router ip address1 ip ...

Page 912: ...nd in IP DHCP Pool Configuration mode to set the IP DNS server address which is provided to a DHCP client by the DHCP server DNS server address is configured for stateless server support Syntax dns server ip address1 no dns server Parameter Description Default Configuration This command has no default configuration Command Mode IP DHCP Pool Configuration mode User Guidelines This command has no us...

Page 913: ...e Range 1 255 characters Default Configuration This command has no default configuration Command Mode IP DHCP Pool Configuration mode hardware address Use the hardware address command in DHCP Pool Configuration mode to specify the MAC address of a client to be manually assigned an address Use the no form of the command to remove the MAC address assignment Syntax hardware address hardware address n...

Page 914: ...re address 00 23 12 43 23 54 console config dhcp pool host 192 168 21 131 32 host Use the host command in DHCP Pool Configuration mode to specify a manual binding for a DHCP client host Use the no form of the command to remove the manual binding Syntax host ip address netmask prefix length no host Parameter Description Parameter Description ip address IPv4 address to be manually assigned to the ho...

Page 915: ...ootp automatic Use the ip dhcp bootp automatic command in Global Configuration mode to enable automatic BOOTP address assignment By default BOOTP clients are not automatically assigned addresses although they may be assigned a static address Use the no form of the command to disable automatic BOOTP client address assignment Use the show ip dhcp global configuration command to display the automatic...

Page 916: ...nfiguration mode to enable DHCP address conflict detection Use the no form of the command to disable DHCP conflict logging Syntax ip dhcp conflict logging no ip dhcp conflict logging Parameter Description This command does not require a parameter description Default Configuration Conflict logging is enabled by default Command Mode Global Configuration mode User Guidelines This command has no user ...

Page 917: ...ddress Parameter Description Default Configuration By default no IP addresses are excluded from the lists configured by the IP DHCP pool configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console ip dhcp excluded address 192 168 20 1 192 168 20 3 Parameter Description Low address An IPv4 address indicating the starting range for exclusi...

Page 918: ...s the selected IP address Syntax ip dhcp ping packets 0 2 10 no ip dhcp ping packets Parameter Description Default Configuration The command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console ip dhcp ping packets 5 Parameter Description count The number of ping packets sent to detect an address in use The default ...

Page 919: ...ameters Use the show ip dhcp binding command to display the expiration time of the leased IP address Syntax lease days hours minutes infinite no lease Parameter Description Default Configuration The default is a 1 day lease Command Mode DHCP Pool Configuration mode User Guidelines This command has no user guidelines Parameter Description days The number of days for the lease duration Range 0 59 De...

Page 920: ...ip address ip address2 ip address8 no netbios name server Parameter Description Default Configuration There is no default name server configured Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters Up to eight name server addresses may be specified The NetBIOS WINS information is conveyed in the Option 44 TLV of the DH...

Page 921: ... is no default NetBIOS node type configured Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters The NetBIOS node type information is conveyed in the Option 46 TLV of the DHCP OFFER DHCP ACK DHCP INFORM ACK and DHCP BOOTREPLY messages Supported NetBIOS node types are broadcast b node peer to peer p node mixed m node hy...

Page 922: ...l Configuration mode next server Use the next server command in DHCP Pool Configuration mode to set the IPv4 address of the TFTP server to be used during auto install Use the no form of the command to remove the next server configuration Syntax next server ip address no next server Parameter Description network number A valid IPv4 address mask A valid IPv4 network mask with contiguous left aligned...

Page 923: ...M ACK and DHCP BOOTREPLY messages Example console config dhcp pool next server 192 168 21 2 option Use the option command in DHCP Pool Configuration mode to supply arbitrary configuration information to a DHCP client Use the no form of the command to remove the option configuration Use the show ip dhcp pool command to display pool configuration parameters Syntax option code ascii string1 hex strin...

Page 924: ... be configured and their fixed length minimum length and length multiple requirements Parameter Description code The DHCP TLV option code ascii string1 An ASCII character string Strings with embedded blanks must be wholly contained in quotes hex string1 A hexadecimal string containing the characters 0 9A F The string should not begin with 0x A hex string consists of two characters which are parsed...

Page 925: ...1 20 Non local Source Routing 1 21 Policy Filter 8 8 22 Max Datagram Reassembly 2 23 IP TTL 1 24 Path MTU Aging 4 25 Path MTU Plateau 2 2 26 Interface MTU 2 27 Subnets are local 1 28 Broadcast Address 4 29 Perform Mask 1 30 Mask Supplier 1 31 Perform Router Discovery 1 32 Router Solicitation Address 4 33 Static Router Option 8 8 Figure 42 1 Option Codes and Lengths continued Option Code Fixed Leng...

Page 926: ...1 41 Network Information Servers 4 4 42 NTP Servers 4 4 43 Vendor Specific Information 1 45 NetBIOS Datagram Distribution 4 4 47 Netbois Scope 1 48 X Windows Font Server 4 4 49 X Windows Display Manager 4 4 58 Renewal Time T1 4 59 Rebinding Time T2 4 60 Vendor Class 1 64 NIS Domain 1 65 NIS Servers 4 4 66 TFTP Server 1 Figure 42 1 Option Codes and Lengths continued Option Code Fixed Length Minimum...

Page 927: ...nfig dhcp pool option 25 hex 01 ff service dhcp Use the service dhcp command in Global Configuration mode to enable local IPv4 DHCP server on the switch Use the no form of the command to disable the DHCPv4 service Syntax service dhcp no service dhcp 68 Mobile IP Home Agent 0 4 69 SMTP Server 4 4 70 POP3 Server 4 4 71 NNTP Server 4 4 72 WWW Server 4 4 73 Finger Server 4 4 74 IRC Server 4 4 75 Stree...

Page 928: ...no form of the command to remove the NTP server configuration Syntax sntp ip address no sntp Parameter Description Default Configuration There is no default IPv4 NTP server configured Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters The IPv4 address of the NTP server is conveyed in the Option 42 TLV of the DHCP OFF...

Page 929: ...dress Parameter Description Default Configuration The command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console config show ip dhcp binding IP address Hardware Address Expires Type client DUID 10 10 10 3 00 0e c6 88 0e 98 00 23 56 Auto 00 01 01 02 03 04 05 06 00 0e c6 88 0e 98 Para...

Page 930: ...Parameter Description Default Configuration The command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines show ip dhcp global configuration Use the show ip dhcp global configuration command in Privileged EXEC mode to display the DHCP global configuration Syntax show ip dhcp server statistics Param...

Page 931: ...how ip dhcp pool command in User EXEC or Privileged EXEC mode to display the configured DHCP pool or pools If no pool name is specified information about all pools is displayed Syntax show ip dhcp pool all poolname Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines Th...

Page 932: ...arameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ip dhcp server statistics Automatic Bindings 100 Expired Bindings 32 Malformed Bindings 0 Messages Received DHCP DISC...

Page 933: ...DHCP Server and Relay Agent Commands 933 DHCP RELEASE 32 DHCP INFORM 0 Messages Sent DHCP OFFER 132 DHCP ACK 132 DHCP NACK 0 ...

Page 934: ...934 DHCP Server and Relay Agent Commands ...

Page 935: ...tics Indicates statistics display if VLAN is specified Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines clear ipv6 dhcp service dhcpv6 dns server IPv6 DHCP Pool Config show ipv6 dhcp domain name IPv6 DHCP Pool Config show ipv6 dhcp binding ipv6 dhcp pool show ipv6 dhcp interface User EXEC ipv6 dhcp...

Page 936: ...or stateless server support Syntax dns server ipv6 address no dns server ipv6 address Parameter Description Default Configuration This command has no default configuration Command Mode IPv6 DHCP Pool Configuration mode User Guidelines This command has no user guidelines domain name IPv6 DHCP Pool Config Use the domain name command in IPv6 DHCP Pool Configuration mode to set the DNS domain name whi...

Page 937: ... test which is provided to a DHCPv6 client by the DHCPv6 server console config ipv6 dhcp pool addrpool console config dhcp6s pool domain name test console config dhcp6s pool no domain name test ipv6 dhcp pool Use the ipv6 dhcp pool command in Global Configuration mode to enter IPv6 DHCP Pool Configuration mode DHCPv6 pools are used to specify information for DHCPv6 server to distribute to DHCPv6 c...

Page 938: ...or DHCPv6 relay functionality Syntax ipv6 dhcp relay destination relay address interface vlan vlan id interface vlan vlan id remote id duid ifid user defined string destination Keyword that sets the relay server IPv6 address relay address An IPv6 address of a DHCPv6 relay server interface Sets the relay server interface vlan id A valid VLAN ID remote id duid ifid user defined string The Relay Agen...

Page 939: ...rface in DHCP relay mode overwrites the DHCP server mode and vice versa An IP interface configured in relay mode cannot be configured as a DHCP client ip address dhcp Example The following example configures VLAN 15 for DHCPv6 relay functionality console config interface vlan 15 console config if vlan15 ipv6 dhcp relay destination 2020 1 1 ipv6 dhcp server Use the ipv6 dhcp server command in Inter...

Page 940: ...figuration and vice versa An interface in server mode cannot be configured as a DHCP client ip address dhcp Example The following example configures DHCPv6 server functionality console config interface vlan 15 console config if vlan15 ipv6 dhcp server pool prefix delegation Use the prefix delegation command in IPv6 DHCP Pool Configuration mode to define multiple IPv6 prefixes within a pool for dis...

Page 941: ... 00 01 00 09 f8 79 4e 00 04 76 73 43 76 Parameter Description prefix prefix length Delegated IPv6 prefix client DUID Client DUID e g 00 01 00 09 f8 79 4e 00 04 76 73 43 76 hostname Client hostname used for logging and tracing Range 0 31 characters The command allows spaces in the host name when specified in double quotes For example console config snmp server host host name valid lifetime Valid li...

Page 942: ... Use the service dhcpv6 command in Global Configuration mode to enable local IPv6 DHCP server on the switch Use the no form of the command to disable the DHCPv6 service Syntax service dhcpv6 no service dhcpv6 Default Configuration The service dhcpv6 is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enable...

Page 943: ...n Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines The DUID value of the server will only appear in the output when a DHCPv6 lease is active Example The following example displays the DHCPv6 server name and status console show ipv6 dhcp DHCPv6 is disabled Server DUID show ipv6 dhcp binding Use the show ipv6 dhcp binding command in Privileged EXEC mo...

Page 944: ...how ipv6 dhcp binding 2020 1 show ipv6 dhcp interface User EXEC Use the show ipv6 dhcp interface command in User EXEC mode to display DHCPv6 information for all relevant interfaces or for the specified interface If an interface is specified the optional statistics parameter is available to view statistics for the specified interface Syntax show ipv6 dhcp interface type number statistics Syntax Des...

Page 945: ...for VLAN 11 when configured in relay mode console show ipv6 dhcp interface vlan 11 IPv6 Interface vlan11 Mode Relay Relay Address 2020 1 1 Relay Interface Number Relay Relay Remote ID Option Flags console show ipv6 dhcp interface vlan 11 statistics DHCPv6 Interface vlan11 Statistics DHCPv6 Solicit Packets Received 0 DHCPv6 Request Packets Received 0 DHCPv6 Confirm Packets Received 0 DHCPv6 Renew P...

Page 946: ...reply Packets Transmitted 0 DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 show ipv6 dhcp interface Privileged EXEC Use the show ipv6 dhcp interface command in Privileged EXEC mode to display configuration and status information about an IPv6 DHCP interface or all interfaces Syntax show ipv6 dhcp interface interface id statistics Syntax Description Default Configurat...

Page 947: ...ime The T1 in seconds time as indicated by the DHCPv6 Server T1 value indicates the time interval after which the address is requested for renewal T2 Time The T2 in seconds time as indicated by the DHCPv6 Server T2 value indicates the time interval after which the Client sends Rebind message to the Server in case there are no replies to the Renew messages Interface IAID An identifier for an identi...

Page 948: ... 0 days 19 hrs 12 mins 0 secs Interface IAID 20 Leased Address 2017 309D 161 4EF1 DBB1 128 Preferred Lifetime 1 days 0 hrs 0 mins 0 secs Valid Lifetime 2 days 0 hrs 0 mins 0 secs Renew Time 0 days 11 hrs 55 mins 28 secs Expiry Time 1 days 23 hrs 55 mins 28 secs console show ipv6 dhcp interface vlan 10 IPv6 Interface Vl10 Mode Relay Relay Address 3030 3 Relay Interface Number Relay Relay Remote ID ...

Page 949: ...al DHCPv6 Packets Received 0 DHCPv6 Advertisement Packets Transmitted 0 DHCPv6 Reply Packets Transmitted 0 DHCPv6 Reconfig Packets Transmitted 0 DHCPv6 Relay reply Packets Transmitted 0 DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 console show ipv6 dhcp interface vlan 10 statistics DHCPv6 Client Interface Vl10 Statistics DHCPv6 Advertisement Packets Received 0 DHCP...

Page 950: ...lt configuration Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the configured DHCP pool console show ipv6 dhcp pool test DHCPv6 Pool test show ipv6 dhcp statistics Use the show ipv6 dhcp statistics command in User EXEC mode to display the global DHCPv6 server and relay sta...

Page 951: ...ed 0 DHCPv6 Confirm Packets Received 0 DHCPv6 Renew Packets Received 0 DHCPv6 Rebind Packets Received 0 DHCPv6 Release Packets Received 0 DHCPv6 Decline Packets Received 0 DHCPv6 Inform Packets Received 0 DHCPv6 Relay forward Packets Received 0 DHCPv6 Relay reply Packets Received 0 DHCPv6 Malformed Packets Received 0 Received DHCPv6 Packets Discarded 0 Total DHCPv6 Packets Received 0 DHCPv6 Advert...

Page 952: ...952 DHCPv6 Commands DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 ...

Page 953: ... a distributed routing algorithm to build per source group multicast trees It is also called Broadcast and Prune Multicasting protocol It dynamically generates per source group multicast trees using Reverse Path Multicasting Trees are calculated and updated dynamically to track membership of individual groups Commands in this Chapter This chapter explains the following commands ip dvmrp Use the ip...

Page 954: ... of DVMRP to active console config interface vlan 15 console config if vlan15 ip dvmrp ip dvmrp metric Use the ip dvmrp metric command in Interface Configuration mode to configure the metric for an interface This value is used in the DVMRP messages as the cost to reach this network Syntax ip dvmrp metric metric no ip dvmrp metric metric Cost to reach the network Range 1 31 Default Configuration 1 ...

Page 955: ...and in Privileged EXEC mode to display the system wide information for DVMRP Syntax show ip dvmrp Default Configuration This command has no default condition Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays system wide information for DVMRP console config show ip dvmrp Admin Mode Disabl...

Page 956: ... VLAN ID Default Configuration This command has no default condition Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays interface information for VLAN 11 DVMRP console config show ip dvmrp interface vlan 11 Interface Mode Disable show ip dvmrp neighbor Use the show ip dvmrp neighbor comma...

Page 957: ...tion for DVMRP console config show ip dvmrp neighbor No neighbors available show ip dvmrp nexthop Use the show ip dvmrp nexthop command in Privileged EXEC mode to display the next hop information on outgoing interfaces for routing multicast datagrams Syntax show ip dvmrp nexthop Default Configuration This command has no default condition Command Mode Privileged EXEC mode Config mode and all Config...

Page 958: ...ivileged EXEC mode to display the table that lists the router s upstream prune information Syntax show ip dvmrp prune Default Configuration This command has no default condition Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the table that lists the router s upstream prune information...

Page 959: ...oute Default Configuration This command has no default condition Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the multicast routing information for DVMRP console show ip dvmrp route Upstream Expiry Up Time Source Address Neighbor Interface Metric Time secs secs ...

Page 960: ...960 DVMRP Commands ...

Page 961: ...resses associated with the Group 2 Group service requirements information This indicates that one or more GMRP participants require Forward all Groups or Forward Unregistered to be the default filtering behavior NOTE The Group Service capability is not supported Registration of group membership information allow networking devices to be made aware that frames destined for that group MAC address co...

Page 962: ...gments which neither have registered GMRP participants nor are in the path through the active topology between the sources of the frames and the registered group members Commands in this Chapter This chapter explains the following commands gmrp enable Use the gmrp enable command in Global Configuration mode to enable GMRP globally or Interface Configuration mode to enable GMRP on a port Syntax gmr...

Page 963: ...d in Global Configuration mode and Interface Configuration mode to display GMRP configuration Syntax show gmrp configuration Parameter Description This command does not require a parameter description Default Configuration GMRP is disabled by default Command Mode Global Configuration and Interface Configuration modes User Guidelines This command has no user guidelines Example console show gmrp con...

Page 964: ...e Timer Timer Timer GMRP Mode centisecs centisecs centisecs Gi1 0 1 20 60 1000 Disabled Gi1 0 2 20 60 1000 Disabled Gi1 0 3 20 60 1000 Disabled Gi1 0 4 20 60 1000 Disabled Gi1 0 5 20 60 1000 Disabled Gi1 0 6 20 60 1000 Disabled ...

Page 965: ...otocol that is not the host portion It is backward compatible with IGMPv1 and IGMPv2 One router periodically broadcasts IGMP Query messages onto the network Hosts respond to the Query messages by sending IGMP Report messages indicating their group memberships All routers receive the Report messages and note the memberships of hosts on the network If a router does not receive a Report message for a...

Page 966: ...ticast router to learn which sources are of interest to neighboring systems for packets sent to any particular multicast address This information gathered by IGMP is provided to the multicast routing protocol that is DVMRP PIM DM and PIM SM that is currently active on the router in order to ensure multicast packets are delivered to all networks where there are interested receivers Commands in this...

Page 967: ...following example globally enables IGMP console config ip multicast console config ip igmp ip igmp last member query count Use the ip igmp last member query count command in Interface Configuration mode to set the number of Group Specific Queries sent before the router assumes that there are no local members on the interface Syntax ip igmp last member query count Imqc no ip igmp last member query ...

Page 968: ...ember query interval Use the ip igmp last member query interval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group Specific Queries which are sent in response to Leave Group messages Syntax ip igmp last member query interval tenthsofseconds no ip igmp last member query interval tenthsofseconds Maximum Response Time in tenths of a second Range 0 255 Def...

Page 969: ...rval for the specified interface The query interval determines how fast IGMP Host Query packets are transmitted on this interface Syntax ip igmp query interval seconds no ip igmp query interval seconds Query interval Range 1 3600 Default Configuration The default query interval value is 125 seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines E...

Page 970: ...Configuration The default maximum response time value is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures a maximum response time interval of one second for VLAN 15 console config interface vlan 15 console config if vlan15 ip igmp query max response time 10 ip igmp robustness Use the ip igmp robus...

Page 971: ...gures a robustness value of 10 for VLAN 15 console config interface vlan 15 console config if vlan15 ip igmp robustness 10 ip igmp startup query count Use the ip igmp startup query count command in Interface Configuration mode to set the number of queries sent out on startup at intervals equal to the startup query interval for the interface Syntax ip igmp startup query count count no ip igmp start...

Page 972: ...ry count 10 ip igmp startup query interval Use the ip igmp startup query interval command in Interface Configuration mode to set the interval between general queries sent at startup on the interface Syntax ip igmp startup query interval seconds no ip igmp startup query interval seconds Startup query interval Range 1 300 seconds Default Configuration The default interval value is 31 seconds Command...

Page 973: ... to configure the version of IGMP for an interface Syntax ip igmp version version version IGMP version Range 1 3 Default Configuration The default version is 3 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures version 2 of IGMP for VLAN 15 console interface vlan 15 console config if vlan15 ip igmp version 2 s...

Page 974: ...s system wide IGMP information console show ip igmp IGMP Admin Mode Enabled IGMP Router Alert check Disabled IGMP INTERFACE STATUS Interface Interface Mode Operational Status vlan 3 Enabled Non Operational show ip igmp groups Use the show ip igmp groups command in User EXEC or Privileged EXEC modes to display the registered multicast groups on the interface If detail is specified this command disp...

Page 975: ...oups for VLAN 1 console show ip igmp groups interface vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2 Group Multicast Last Up Expiry Host Host Compat IP Address Reporter Time Time Timer Timer Mode 225 0 0 5 1 1 1 5 00 00 05 00 04 15 00 04 15 v2 show ip igmp interface Use the show ip igmp interface command in Privileged EXEC mode to display the IGMP information for the specified ...

Page 976: ...ng example displays IGMP information for VLAN 11 console show ip igmp vlan 11 Interface 11 IGMP Admin Mode Enable Interface Mode Enable IGMP Version 3 Query Interval secs 125 Query Max Response Time 1 10 of a second 100 Robustness 2 Startup Query Interval secs 31 Startup Query Count 2 Last Member Query Interval 1 10 of a second 10 Last Member Query Count 2 Parameter Description interface type inte...

Page 977: ... EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples The following examples display the list of interfaces that have registered in the multicast group at IP address 224 5 5 5 the latter in detail mode console show ip igmp interface membership 224 5 5 5 console config show ip igmp interface membership 224 5 5 5 detail show ip igmp interface s...

Page 978: ...lays the IGMP statistical information for VLAN 7 console show ip igmp interface stats vlan 7 Querier Status Querier Querier IP Address 7 7 7 7 Querier Up Time secs 55372 Querier Expiry Time secs 0 Wrong Version Queries 0 Number of Joins 7 Number of Groups 1 ip igmp router alert check Use the ip igmp router alert check command to set IGMP to require the IP Router Alert option in the IP header Synta...

Page 979: ...ter alert check is enabled IGMP frames without the router alert option in the IP header are discarded early in the processing of IGMP packets If all the multicast hosts in the network include the router alert option as required by RFC 2236 and RFC 3376 then enabling this check can reduce the load on the system Example ip igmp router alert check ...

Page 980: ...980 IGMP Commands ...

Page 981: ...e group membership terminations to be quickly reported to overcome leave latency and is designed to be interoperable with Version 1 Commands in this Chapter This chapter explains the following commands ip igmp proxy Use the ip igmp proxy command in Interface Configuration mode to enable the IGMP Proxy on the router To enable the IGMP Proxy on the router multicast forwarding must be enabled and the...

Page 982: ...lan 15 console config if vlan15 ip igmp proxy ip igmp proxy reset status Use the ip igmp proxy reset status command in Interface Configuration mode to reset the host interface status parameters of the IGMP Proxy router This command is valid only when IGMP Proxy is enabled on the interface Syntax ip igmp proxy reset status Default Configuration This command has no default configuration Command Mode...

Page 983: ...al for the IGMP Proxy router This command is valid only if IGMP Proxy on the interface is enabled Syntax ip igmp proxy unsolicit rprt interval seconds seconds Unsolicited report interval Range 1 260 seconds Default Configuration The default configuration is 1 second Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets...

Page 984: ...iguration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays a summary of the host interface status parameters console show ip igmp proxy Interface Index vlan13 Admin Mode Enable Operational Mode Enable Version 3 Number of Multicast Groups 0 Unsolicited Report Interval 1 Querier...

Page 985: ...ed Syntax show ip igmp proxy interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example fails to display status parameters because IGMP Proxy is not enabled console show ip igmp proxy interface Interface Index vlan13 Ver Query Rcvd ...

Page 986: ...des User Guidelines This command has no user guidelines Example The following example attempts to display a table of information about multicast groups that IGMP Proxy reported console show ip igmp proxy groups Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 7 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 48 DELAY MEMBER Exclude 0 show...

Page 987: ... This command has no user guidelines Example The following example displays complete information about multicast groups that IGMP Proxy has reported console show ip igmp proxy groups detail Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 26 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 67 DELAY MEMBER Exclude 0 ...

Page 988: ...988 IGMP Proxy Commands ...

Page 989: ... priority over global configuration If the destination UDP port for a packet matches any entry on the ingress interface the packet is handled according to the interface configuration If the packet does not match any entry on the ingress interface the packet is handled according to the global IP helper configuration Network administrators can configure discard relay entries Discard entries are used...

Page 990: ...ddress as the source IP address of relayed DHCP client packets When a switch receives a broadcast UDP packet on a routing interface the relay agent verifies that the interface is configured to relay to the destination UDP port If so the relay agent unicasts the packet to the configured server IP addresses Otherwise the relay agent verifies that there is a global configuration for the destination U...

Page 991: ...CP Relay on the system Use the no form of the command to set the maximum hop count to the default value Syntax bootpdhcprelay maxhopcount integer no bootpdhcprelay maxhopcount integer Maximum allowable relay agent hops for BootP DHCP Relay on the system Range 1 16 Default Configuration The default integer configuration is 4 bootpdhcprelay maxhopcount ip helper address global configuration bootpdhc...

Page 992: ...elay on the system When the BOOTP relay agent receives a BOOTREQUEST message it might use the seconds sinceclient began booting field of the request as a factor in deciding whether to relay the request or not Use the no form of the command to set the minimum wait time to the default value Syntax bootpdhcprelay minwaittime integer no bootpdhcprelay minwaittime integer Minimum wait time for BootP DH...

Page 993: ...and Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear ip helper statistics ip dhcp relay information check Use the ip dhcp relay information check command to enable DHCP Relay to check that the relay agent information option in forwarded BOOTREPLY messages is valid If an invalid message is received the relay agent drops it This in...

Page 994: ...igured such that only it should insert option 82 fields and no other device near the client has the facility to insert options Example The following example enables relay information check globally console config ip dhcp relay information check ip dhcp relay information check reply Use the ip dhcp relay information check reply command to enable DHCP Relay to check that the relay agent information ...

Page 995: ... client and server processes DHCP information options Example The following example enables relay information check on the interface console config interface vlan 10 console config if vlan10 ip dhcp relay information check ip dhcp relay information option Use the ip dhcp relay information option command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP...

Page 996: ...he ip dhcp relay information option insert command in Interface Configuration mode to enable the circuit ID option and remote agent ID mode for BootP DHCP Relay on the interface also called option 82 Use the no form of the command to return the option insert configuration to the default Syntax ip dhcp relay information option insert none no ip dhcp relay information option insert Parameter Descrip...

Page 997: ...ived on any interface To delete an IP helper entry use the no form of this command Syntax ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time no ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time server addres...

Page 998: ...ecify multiple server addresses for a given port number or to specify multiple port numbers handled by a specific server The command no ip helper address with no arguments clears all global IP helper addresses Example To relay DHCP packets received on any interface to two DHCP servers 10 1 1 1 and 10 1 2 1 use the following commands console config console config ip helper address 10 1 1 1 dhcp con...

Page 999: ...o which relayed UDP broadcast packets are sent The server address cannot be an IP address configured on any interface of the local router discard Matching packets should be discarded rather than relayed even if a global ip helper address configuration matches the packet dest udp port A destination UDP port number from 0 to 65535 port name The destination UDP port may be optionally specified by its...

Page 1000: ... 20 1 dhcp To relay both DHCP and DNS packets to 192 168 30 1 use the following commands console config console config interface vlan 5 console config if vlan5 ip helper address 192 168 30 1 dhcp console config if vlan5 ip helper address 192 168 30 1 dns This command takes precedence over an ip helper address command given in global configuration mode With the following configuration the relay age...

Page 1001: ...of this command Syntax ip helper enable no ip helper enable Default Configuration IP helper is enabled by default Command Mode Global Configuration mode User Guidelines This command can be used to temporarily disable IP helper without deleting all IP helper addresses This command replaces the bootpdhcprelay enable command but affects not only relay of DHCP packets but also relay of any other proto...

Page 1002: ...tion is applied to packets that arrive on this interface This field is set to any for global IP helper entries UDP Port The relay configuration is applied to packets whose destination UDP port is this port Entries whose UDP port is identified as any are applied to packets with the destination UDP ports listed in Table 47 1 Discard If Yes packets arriving on the given interface with the given desti...

Page 1003: ...tion Syntax show ip dhcp relay Parameter Description This command has no arguments or keywords Default Configuration The command has no default configuration Command Mode User EXEC and Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example defines the Boot DHCP Relay information console show ip dhcp relay Maximum...

Page 1004: ...the ingress routing interface is up and the packet passes a number of validity checks such as having a TTL 1 and having valid source and destination IP addresses DHCP client messages relayed The number of DHCP client messages relayed to a server If a message is relayed to multiple servers the count is incremented once for each server DHCP server messages received The number of DHCP responses recei...

Page 1005: ...ay these packets DHCP message with secs field below min The number of DHCP client messages received with secs fields that are less than the minimum value The minimum secs value is a configurable value and is displayed in show ip dhcp relay A log message is written for each such failure The DHCP relay agent does not relay these packets DHCP message with giaddr set to local address The number of DHC...

Page 1006: ...r DHCP Relay Commands DHCP message hop count exceeded max 0 DHCP message with secs field below min 0 DHCP message with giaddr set to local address 0 Packets with expired TTL 0 Packets that matched a discard entry 0 ...

Page 1007: ...res multiple next hops to a given destination intending for the router to load share across the next hops 2 The operator configures multiple next hops to a given destination intending for the router to use the primary next hops and only use the other next hops if the primary next hops are unusable The operator distinguishes static routes by specifying a route preference value A static route with a...

Page 1008: ...tes are typically used to prevent routing loops Default Routes PowerConnect routing provides a preference option for the configuration of default routes A configured default route is treated exactly like a static route Therefore default routes and static routes have the same default preference Commands in this Chapter This chapter explains the following commands encapsulation show ip interface ip ...

Page 1009: ... Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example applies SNAP encapsulation for VLAN 15 console config interface vlan 15 console config if vlan15 encapsulation snap ip address Use the ip address command in Interface Configuration mode to configure an IP address on an interface Also use this command to configure one or more seconda...

Page 1010: ...ace Configuration VLAN Loopback mode User Guidelines This command also implicitly enables the VLAN or loopback interface for routing i e as if the user had issued the routing interface command By default configuring an IP address on a VLAN enables in band management for interfaces configured with that VLAN Setting up an IP address on VLAN 1 enables switch management on all in band interfaces excep...

Page 1011: ... ip mtu command OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange If two OSPF neighbors advertise different IP MTUs they will not form an adjacency unless OSPF has been instructed to ignore differences in IP MTU with the ip ospf mtuignore command Syntax ip mtu bytes no ip mtu Parameter Description Default Configuration 1500 bytes is t...

Page 1012: ... When enabled network directed broadcasts are forwarded When disabled they are dropped Use the no form of the command to disable the broadcasts Syntax ip netdirbcast no ip netdirbcast Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example defines the IP address and ...

Page 1013: ...than other static routes to the same destination Syntax ip route ip addr subnetmask prefix length nextHopRtr preference no ip route ip addr subnetmask prefix length nextHopRtr preference ip address IP address of destination interface subnet mask Subnet mask of destination interface prefix length Length of prefix Must be preceded with a forward slash Range 0 32 bits nextHopRtr IP address of the nex...

Page 1014: ...P address of the next hop router preference Specifies the preference value a k a administrative distance of an individual static route Range 1 255 Default Configuration Default value of preference is 1 Command Mode Global Configuration mode User Guidelines For routed management traffic 1 Router entries are checked for applicable destinations 2 The globally assigned default gateway is consulted If ...

Page 1015: ...next hop ip and a preference value of 200 console config ip route default 192 168 10 1 200 ip route distance Use the ip route distance command in Global Configuration mode to set the default distance preference for static routes Lower route preference values are preferred when determining the best route The ip route and ip route default commands allow optional setting of the distance of an individ...

Page 1016: ...p routing command in Global Configuration mode to globally enable IPv4 routing on the router To disable IPv4 routing globally use the no form of the command Syntax ip routing no ip routing Default Configuration Disabled is the default configuration Command Mode Global Configuration mode User Guidelines Use the show ip brief command to determine if routing is enabled or disabled Example The followi...

Page 1017: ...e and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays IP summary information console show ip brief Default Time to Live 30 Routing Mode Disabled IP Forwarding Mode Enabled Maximum Next Hops 2 show ip interface Use the show ip interface command in Privileged EXEC mode to display information about one or more IP interfaces The output sh...

Page 1018: ...nfig if show ip interface Default Gateway 0 0 0 0 L3 MAC Address Routing Interfaces Interface State IP Address IP Mask Method Vl1 Down 0 0 0 0 0 0 0 0 None The following examples display all IP information and information specific to VLAN 2 Parameter Description type Interface type loopback out of band or vlan number Interface number Valid only for loopback and VLAN types Field Description DHCP Th...

Page 1019: ...The address is leased from a DHCP server Manual The address is manually configured The Method field is also added to the long form console show ip interface vlan2 Routing Interface Status Up Primary IP Address 192 168 75 1 255 255 255 0 Method DHCP Routing Mode Enable Administrative Mode Enable Forward Net Directed Broadcasts Disable Proxy ARP Enable Local Proxy ARP Disable Active State Active Lin...

Page 1020: ...v4 Protocol DHCP Burned In MAC Address 001E C9AA AD1C show ip protocols Use the show ip protocols command in Privileged EXEC mode to display a summary of the configuration and status for each unicast routing protocol The command lists all supported routing protocols regardless of whether they are currently configured or enabled Syntax show ip protocols Parameter Description Parameter Description B...

Page 1021: ...fix list Prefix List In The global prefix list used to filter inbound routes from all neighbors Prefix List Out The global prefix list used to filter outbound routes to all neighbors Neighbors A list of configured neighbors and the inbound and outbound policies configured for each OSPFv2 Section Routing Protocol OSPFv2 Router ID The router ID configured for OSPFv2 OSPF Admin Mode Whether OSPF is e...

Page 1022: ... OSPF areas with at least one interface running on this router Also broken down by area type ABR Status The number of OSPF areas with at least one interface running on this router Also broken down by area type ASBR Status Whether the router is an autonomous system boundary router The router is an ASBR if it is redistributing any routes or originating a default route RIP Section RIP Admin Mode Whet...

Page 1023: ...in Mode Enable Maximum Paths Internal 32 External 32 Distance Ext 20 Int 200 Local 200 Address Wildcard Distance Pfx List 172 20 0 0 0 0 255 255 40 None 172 21 0 0 0 0 255 255 45 1 Prefix List In PfxList1 Prefix List Out None Neighbors 172 20 1 100 Filter List In 1 Filter List Out 2 Prefix List In PfxList2 Prefix List Out PfxList3 Route Map In rmapUp Route Map Out rmapDown 172 20 5 1 Prefix List O...

Page 1024: ...efault 2 Yes None connected 10 2 Yes 1 Number of Active Areas 3 3 normal 0 stub 0 nssa ABR Status Yes ASBR Status Yes Routing Protocol RIP RIP Admin Mode Enable Split Horizon Mode Simple Default Metric Not configured Default Route Advertise Disable Distance 120 Interface Send Recv 0 25 RIPv2 RIPv2 show ip route Use the show ip route command in Privileged EXEC mode to display the current state of t...

Page 1025: ...splayed If the longer prefixes option is specified then the subnets within an aggregate are displayed Parameter Description ip address Specifies the network for which the route is to be displayed and displays the best matching best route for the address mask Subnet mask of the IP address prefix length Length of prefix in bits Must be preceded with a forward slash Range 0 32 bits longer prefixes In...

Page 1026: ... 2 S 0 0 0 0 0 254 0 via 10 1 20 1 C 10 1 20 0 24 0 1 directly connected Vl2 C 4 4 0 0 16 0 1 directly connected Lo1 C 20 1 20 0 24 0 1 directly connected Vl4 show ip route configured Use the show ip route configured command in Privileged EXEC mode to display the configured routes whether they are reachable or not Syntax show ip route configured Default Configuration This command has no default co...

Page 1027: ...d Use the show ip route connected command in Privileged EXEC mode display connected routes Connected routes are those that are reachable over a switch interface Syntax show ip route connected Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ...

Page 1028: ... the best route Lower router preference values are preferred over higher router preference values The user can configure a global default gateway using the ip default gateway command creating a default route with a preference of 253 The show ip route preferences command lists the new preference value The show command also displays the preference of default routes learned from a DHCP server Syntax ...

Page 1029: ...ry Use the show ip route summary command in Privileged EXEC mode to display the routing table summary including best and non best routes Syntax show ip route summary best Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes Parameter Description best Shows the number of best routes To...

Page 1030: ...Intra Area Routes 0 Inter Area Routes 0 External Type 1 Routes 0 External Type 2 Routes 0 Total routes 0 show ip traffic Use the show ip traffic command in User EXEC mode to display IP statistical information Refer to RFC 1213 for more information about the fields that are displayed Syntax show ip traffic Syntax Description This command has no arguments or keywords Default Configuration This comma...

Page 1031: ...wing example displays IP route preferences console show ip traffic IpInReceives 24002 IpInHdrErrors 1 IpInAddrErrors 925 IpForwDatagrams 0 IpInUnknownProtos 0 IpInDiscards 0 IpInDelivers 18467 IpOutRequests 295 IpOutDiscards 0 IpOutNoRoutes 0 IpReasmTimeout 0 IpReasmReqds 0 IpReasmOKs 0 IpReasmFails 0 IpFragOKs 0 IpFragFails 0 IpFragCreates 0 IpRoutingDiscards 0 IcmpInMsgs 3 ...

Page 1032: ... IcmpInEchos 3 IcmpInEchoReps 0 IcmpInTimestamps 0 IcmpInTimestampReps 0 IcmpInAddrMasks 0 IcmpInAddrMaskReps 0 IcmpOutMsgs 3 IcmpOutErrors 0 IcmpOutDestUnreachs 0 IcmpOutTimeExcds 0 IcmpOutParmProbs 0 IcmpOutSrcQuenchs 0 IcmpOutRedirects 0 IcmpOutEchos 3 IcmpOutEchoReps 3 IcmpOutTimestamps 0 IcmpOutTimestampReps 0 IcmpOutAddrMasks 0 ...

Page 1033: ...User Guidelines This command has no user guidelines Example The following example displays VLAN routing information console show ip vlan MAC Address used by Routing VLANs 00 00 00 01 00 02 VLAN ID IP Address Subnet Mask 10 0 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 0 show routing heap summary Use the show routing heap summary command in Privileged EXEC mode to display a summary of the memory allocation from...

Page 1034: ...eap summary Heap Size 92594000 bytes Memory In Use 149598 bytes 0 Parameter Description Heap Size The amount of memory in bytes allocated at startup for the routing heap Memory In Use The number of bytes currently allocated Memory on Free List The number of bytes currently on the free list When a chunk of memory from the routing heap is freed it is placed on a free list for future reuse Memory Ava...

Page 1035: ...IP Routing Commands 1035 Memory on Free List 78721 bytes 0 Memory Available in Heap 92365249 bytes 99 In Use High Water Mark 210788 bytes 0 ...

Page 1036: ...1036 IP Routing Commands ...

Page 1037: ... interfaces by default Command Mode Interface VLAN Configuration mode User Guidelines There are no user guidelines for this command ipv6 pim ipv6 pim join prune interval show ipv6 pim bsr router ipv6 pim sparse Global config ipv6 pim register rate limit show ipv6 pim interface ipv6 pim dense ipv6 pim rp address show ipv6 pim neighbor ipv6 pim bsr border ipv6 pim rp candidate show ipv6 pim rp hash ...

Page 1038: ...o ipv6 pim sparse Default Configuration IPv6 PIM is disabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router Example console config ipv6 pim sparse ipv6 pim dense Use the ipv6 pim dense command in Global configuration mode to administratively configure PIM dense mode for IPv6 multicast routing Use the no form of this ...

Page 1039: ...istratively disable bootstrap router BSR messages from being sent or received through an interface Use the no form of this command to return the configuration to the default Syntax ipv6 pim bsr border no ipv6 pim bsr border Default Configuration BSR messages are enabled on the interface by default Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if spa...

Page 1040: ...es not advertise itself as an BSR candidate Command Mode Global Configuration mode User Guidelines All multicast groups with the same hash value correspond to the same RP Lower priority values are preferred Parameter Description vlan id A valid VLAN identifier with multicast routing enabled hash mask len The length of the BSR hash to be AND ed with the multicast group address Range 0 32 Default 0 ...

Page 1041: ...rn the configuration to the default Syntax ipv6 pim dr priority priority no ipv6 pim dr priority Parameter Description Default Configuration The default election priority is 1 Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower values are preferred Example console if vlan 10 ipv6 pim dr priority 32768 Parameter Description ...

Page 1042: ...val is 30 seconds Command Mode Interface VLAN Configuration mode User Guidelines There are no user guidelines for this command Example console if vlan 10 ipv6 pim hello interval 20 ipv6 pim join prune interval Use the ipv6 pim join prune interval command to administratively configure the frequency of join prune messages on the specified interface Use the no form of this command to return the join ...

Page 1043: ...6 pim register rate limit command to set a limit on the maximum number of PIM register messages sent per second for each S G entry Use the no form of this command to return the limit to its default value 0 Syntax ipv6 pim register rate limit register rate limit no ipv6 pim register rate limit Parameter Description Parameter Description interval The number of seconds between successive join prune t...

Page 1044: ...is command to remove a configured RP Syntax ipv6 pim rp address rp address group address group mask override no ipv6 pim rp address rp address group address group mask Parameter Description Default Configuration None There are no static multicast groups configured for an RP Parameter Description rp address The valid IPv6 address for the Rendezvous Point group address A valid multicast group addres...

Page 1045: ...default configuration Syntax ipv6 pim rp candidate vlan vlan id group address group mask interval interval no ipv6 pim rp candidate vlan vlan id group address group mask Parameter Description Default Configuration None The router does not advertise itself as an RP candidate by default Parameter Description vlan id A valid VLAN identifier with multicast routing enabled group address A valid Multica...

Page 1046: ...st hop router to switch to the shortest path on the router Use the no form of this command to return the threshold to its default value 0 Syntax ipv6 pim spt threshold spt threshold no ipv6 pim spt threshold Parameter Description Default Configuration The default threshold rate is 0 This indicates that the multicast router should always switch to the multicast source tree Command Mode Global Confi...

Page 1047: ...and to removed configured ranges of addresses from the router Syntax ipv6 pim ssm default group address group mask no ipv6 pim ssm default group address group mask Parameter Description Default Configuration There are no group addresses configured by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Parameter Description default Defines th...

Page 1048: ...faces Syntax show ipv6 pim Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show ipv6 pim Admin Mode Enabled Data Threshold Rate Kbps 1000 Register Threshold Rate Kbps 250 SSM RANGE TABLE Group Address Prefix Length ...

Page 1049: ...tstrap router BSR information Syntax show ipv6 pim bsr router Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the following table Field Description BSR Address Address of the BSR BSR Priority Configu...

Page 1050: ...interface command to display the PIM interface status parameters If the interface number is not specified this command displays the status parameters of all the PIM enabled interfaces Syntax show ipv6 pim interface vlan vlan id Parameter Description Default Configuration There is no default configuration for this command Next Bootstrap Message Remaining time until a BSR message is sent Next Candid...

Page 1051: ...al secs 60 DR Priority1 BSR BorderDisabled Neighbor Count1 Designated Router 2001 db8 85a3 0 0 8a2e 370 7334 Field Description Mode Active PIM protocol Interface Interface number Hello Interval Hello interval value Join prune Interval Join prune interval value DR Priority DR priority configured on this interface BSR Border Whether or not this interface is configured as a BSR border Neighbor Count ...

Page 1052: ...ow ipv6 pim neighbor Use the show ipv6 pim neighbor command to display IPv6 PIM neighbors discovered by PIMv2 Hello messages If the interface number is not specified this command displays the neighbors discovered on all the PIM enabled interfaces Syntax show ipv6 pim neighbor vlan vlan id Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXE...

Page 1053: ...8 85a3 0 0 8a2e 370 7334 VLAN0010 00 02 55 00 01 15 console show ipv6 pim neighbor Neighbor AddrInterfaceUptimeExpiry Time HH MM SS HH MM SS 2001 db8 85a3 0 0 8a2e 370 7334 VLAN0001 00 02 55 00 01 15 2001 db8 85a3 0 0 8a2e 370 7334 VLAN0010 00 03 50 00 02 10 Field Description Neighbor Addr IPv6 address of the PIM neighbor Interface Interface number Uptime Time since the neighbor was learned Expiry...

Page 1054: ...dress Parameter Description Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the following table Example console show ipv6 pim rp hash ff1e abcd fed1 0 Parameter Description group address A valid grou...

Page 1055: ...ctive Rendezvous Points RPs Syntax show ipv6 pim rp mapping rp address Parameter Description Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the following table Parameter Description rp address IP ad...

Page 1056: ...dress ff1e abcd def1 0 Group Mask 24 Origin BSR C RP Advertisement Interval secs 60 Next Candidate RP Advertisement hh mm ss 00 00 15 If no RP Group mapping exist on the router the following message is displayed No RP Group mappings exist on this router Origin Origin from where this group mapping is learned Field Description ...

Page 1057: ...apply IPSec support is not available The DHCPv6 server does not support stateful address configuration Automated router renumbering is not supported Commands in this Chapter This chapter explains the following commands clear ipv6 neighbors ipv6 mld query max response time ipv6 route show ipv6 mld proxy groups detail clear ipv6 statistics ipv6 mld router ipv6 route distance show ipv6 mld proxy inte...

Page 1058: ...ines This command has no user guidelines ipv6 mld last member query count ipv6 nd other config flag show ipv6 interface show ipv6 route summary ipv6 mld last member query interval ipv6 nd prefix show ipv6 interface management statistics show ipv6 traffic ipv6 mld proxy ipv6 nd ra interval show ipv6 mld groups show ipv6 vlan ipv6 mld proxy reset status ipv6 nd ra lifetime show ipv6 mld interface tr...

Page 1059: ...l interfaces IPv6 statistics display in the output of the show ipv6 traffic command Syntax clear ipv6 statistics vlan vlan id tunnel tunnel id loopback loopback id vlan id Valid VLAN ID tunnel id Tunnel identifier Range 0 7 loopback id Loopback identifier Range 0 7 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no ...

Page 1060: ...longer a unique representation Dropping zeros 3ffe ffff 100 f101 0 0 0 1 becomes 3ffe ffff 100 f101 1 Local host 0000 0000 0000 0000 0000 0000 0000 0001 becomes 1 Any host 0000 0000 0000 0000 0000 0000 0000 0000 becomes The hexadecimal letters in the IPv6 addresses are not case sensitive An example of an IPv6 prefix and prefix length is 3ffe 1 1234 64 Syntax ipv6 address prefix prefix length eui64...

Page 1061: ...el and loopback interfaces that has not been configured with an explicit IPv6 address Command execution automatically configures the interface with a link local address The command is not required if an IPv6 global address is configured on the interface Syntax ipv6 enable no ipv6 enable Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN Tunnel Loo...

Page 1062: ...o the default setting Syntax ipv6 hop limit count no ipv6 hop limit Parameter Description Default Configuration The default count is 64 hops Command Mode Global Configuration ipv6 host The ipv6 host command is used to define static host name to ipv6 address mapping in the host cache Syntax ipv6 host name ipv6 address no ipv6 host name name Host name ipv6 address IPv6 address of the host Parameter ...

Page 1063: ... of listener specific queries sent before the router assumes that there are no local members on the interface Use the no form of this command to set the last member query count to the default Syntax ipv6 mld last member query count last member query count no ipv6 mld last member query count last member query count Query count Range 1 20 Default Configuration The default last member query count is ...

Page 1064: ...r query interval no ipv6 mld last member query interval last member query interval The last member query interval Range 0 65535 milliseconds Default Configuration The default last member query interval is 1 second Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld last member query interval 5000 ipv6...

Page 1065: ...g if vlan3 ipv6 mld proxy ipv6 mld proxy reset status Use the ipv6 mld proxy reset status command to reset the host interface status parameters of the MLD Proxy router This command is only valid when MLD Proxy is enabled on the interface Syntax ipv6 mld proxy reset status Command Mode Interface Configuration VLAN mode Default Configuration There is no default configuration for this command User Gu...

Page 1066: ...nterval no ipv6 mld proxy unsolicited report interval interval The interval between unsolicited reports Range 1 260 seconds Default Configuration The unsolicited report interval is 1 second by default Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example console config if vlan3 ipv6 mld proxy unsolicit rprt interval 10 ipv6 mld query interval Th...

Page 1067: ... mld query max response time The ipv6 mld query max response time command sets MLD query maximum response time for the interface This value is used in assigning the maximum response time in the query messages that are sent on that interface Use the no form of this command to set the maximum query response time to the default Syntax ipv6 mld query max response time query max response time no ipv6 m...

Page 1068: ...nd is used to enable MLD in the router in global configuration mode and for a specific interface in interface configuration mode Use the no form of this command to disable MLD Syntax ipv6 mld router no ipv6 mld router Default Configuration MLD is disabled by default Command Mode Global Configuration mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this comman...

Page 1069: ...arded by the hardware ignore the IPv6 MTU Syntax ipv6 mtu bytes no ipv6 mtu Parameter Description Default Configuration The default MTU is 1500 Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the maximum transmission unit MTU size in bytes of IPv6 packets console config interface vlan 15 console c...

Page 1070: ...nd dad attempts value no ipv6 nd dad attempts Parameter Description Default Configuration The default value for attempts is 1 Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets at 10 the number of duplicate address detection probes transmitted while doing neighbor discovery console config interface v...

Page 1071: ...ult Configuration False is the default configuration Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example In the following example the end node uses DHCPv6 console config interface vlan 15 console config if vlan15 ipv6 nd managed config flag ipv6 nd ns interval Use the ipv6 nd ns interval command in Interface Configuration mode ...

Page 1072: ...ween router advertisements for advertised neighbor solicitations at 5000 ms console config interface vlan 15 console config if vlan15 ipv6 nd ns interval 5000 ipv6 nd other config flag Use the ipv6 nd other config flag command in Interface Configuration mode to set the other stateful configuration flag in router advertisements sent from the interface Syntax ipv6 nd other config flag no ipv6 nd oth...

Page 1073: ...r advertisements Syntax ipv6 nd prefix ipv6 prefix prefix length valid lifetime infinite preferred lifetime infinite no autoconfig off link no ipv6 nd prefix ipv6 prefix prefix length Syntax Description Parameter Description ipv6 prefix IPv6 prefix prefix length IPv6 prefix length valid lifetime Valid lifetime of the router in seconds Range 0 4294967295 seconds infinite Indicates lifetime value is...

Page 1074: ...to configuration Use the ipv6 nd prefix command to configure these values The ipv6 nd prefix command will allow you to preconfigure RA prefix values before you configure the associated interface address In order for the prefix to be included in RAs you must configure an address that matches the prefix using the ipv6 address command Prefixes specified using ipv6 nd prefix without an associated inte...

Page 1075: ...erval between router advertisements at 1000 seconds console config interface vlan 15 console config if vlan15 ipv6 nd ra interval 1000 ipv6 nd ra lifetime Use the ipv6 nd ra lifetime command in Interface Configuration mode to set the value that is placed in the Router Lifetime field of the router advertisements sent from the interface Syntax ipv6 nd ra lifetime seconds no ipv6 nd ra lifetime secon...

Page 1076: ...vlan15 ipv6 nd ra lifetime 1000 ipv6 nd reachable time Use the ipv6 nd reachable time command in Interface Configuration mode to set the router advertisement time to consider a neighbor reachable after neighbor discovery confirmation Syntax ipv6 nd reachable time milliseconds no ipv6 nd reachable time milliseconds Reachable time duration A value of zero means the time is unspecified by the router ...

Page 1077: ...v6 nd suppress ra Use the ipv6 nd suppress ra command in Interface Configuration mode to suppress router advertisement transmission on an interface Syntax ipv6 nd suppress ra no ipv6 nd suppress ra Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following examp...

Page 1078: ...ministrative distance for static routes Range 1 255 ipv6 prefix An IPv6 prefix representing the subnet that can be reached via the next hop neighbor prefix length The length of the IPv6 prefix a decimal value usually 0 64 that shows how many of the high order contiguous bits of the address comprise the prefix the network portion of the address A slash mark must separate the prefix from the prefix ...

Page 1079: ...hen determining the best route The ipv6 route and ipv6 route default commands allow optional setting of the distance of an individual static route The default distance is used when no distance is specified in these commands Changing the default distance does not update the distance of existing static routes even if they were assigned the original default distance The new default distance is applie...

Page 1080: ...ing Use the ipv6 unicast routing command in Global Configuration mode to enable forwarding of IPv6 unicast datagrams Syntax ipv6 unicast routing no ipv6 unicast routing Default Configuration Disabled is the default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example globally enables Ipv6 unicast datagram forwarding ...

Page 1081: ...nds three pings to the target station Syntax ping ipv6 ip address hostname size size ipv6 address Target IPv6 address to ping hostname Hostname to ping contact Range 1 158 characters The command allows spaces in the host name when specified in double quotes For example console config ping ipv6 host name size Size of the datagram Range 48 2048 bytes Default Configuration This command has no default...

Page 1082: ...arget station Use the interface keyword to ping an interface by using the link local address or the global IPv6 address of the interface The source can be a loopback tunnel or logical interface Syntax ping ipv6 interface vlan vlan id tunnel tunnel id loopback loopback id link local address size datagram size vlan id Valid VLAN ID tunnel id Tunnel identifier Range 0 7 loopback id Loopback identifie...

Page 1083: ... and IPv6 unicast routing mode Syntax show ipv6 brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the IPv6 status of forwarding mode and IPv6 unicast routing mode console show ipv6 brief IPv6 Unicast Routing Mode Enabl...

Page 1084: ...tunnel id vlan vlan id prefix Syntax Description Default Configuration Displays all IPv6 interfaces Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines The Method field contains one of the following values Parameter Description loopback id Valid loopback interface ID tunnel id Valid tunnel interface ID vlan id Valid VLAN ID prefix Display IPv6 Interfac...

Page 1085: ...l5 Enabled FE80 211 88FF FE2A 3E3C 128 2017 A42A 26DB 1049 43DD 128 DHCP Vl7 Enabled FE80 211 88FF FE2A 3E3C 128 2001 211 88FF FE2A 3E3C 64 AUTO Vl9 Disabled FE80 211 88FF FE2A 3E3C 128 TENT The Method column shows one of the following values Auto The IPv6 address was automatically generated using IPv6 auto address configuration RFC 2462 Config The IPv6 address was manually configured DHCP The IPv...

Page 1086: ...r Advertisement Reachable Time 0 Router Advertisement Interval 600 Router Advertisement Managed Config Flag Disabled Router Advertisement Other Config Flag Disabled Router Advertisement Router Preference medium Router Advertisement Suppress Flag Disabled IPv6 Destination Unreachables Enabled IPv6 Default Router fe80 213 c4ff fedb 6c42 show ipv6 interface management statistics Use the show ipv6 int...

Page 1087: ...scarded 0 DHCPv6 Malformed Packets Received 0 Total DHCPv6 Packets Received 0 DHCPv6 Solicit Packets Transmitted 0 DHCPv6 Request Packets Transmitted 0 DHCPv6 Renew Packets Transmitted 0 DHCPv6 Rebind Packets Transmitted 0 DHCPv6 Release Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 show ipv6 mld groups The show ipv6 mld groups command is used to display information about multicast grou...

Page 1088: ...d for each multicast group and each interface Field Description Number of G entries Displays the number of groups present in the MLD Table Number of S G entries Displays the number of include and exclude mode sources present in the MLD Table Group Address The address of the multicast group Interface Interface through which the multicast group is reachable Uptime Time elapsed in seconds since the m...

Page 1089: ...p table of this interface Last Reporter The IP Address of the source of the last membership report received for this multicast group address on that interface Filter Mode The filter mode of the multicast group on this interface The values it can take are INCLUDE and EXCLUDE Compatibility Mode The compatibility mode of the multicast group on this interface The values it can take are MLDv1 and MLDv2...

Page 1090: ...erface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 3 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 4 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss show ipv6 mld interface The show ipv6 mld interface command is used to display MLD related information for an interface Syntax show ipv6 mld interface vlan vlan id all v...

Page 1091: ...he version of MLD configured on the interface Query Interval This field indicates the configured query interval for the interface Query Max Response Time This field indicates the configured maximum query response time in seconds advertised in MLD queries on this interface Robustness This field displays the configured value for the tuning for the expected packet loss on a subnet attached to the int...

Page 1092: ...a MLD querier or non querier on the subnet with which it is associated Querier Address The IP address of the MLD querier on the subnet the interface with which it is associated Querier Up Time Time elapsed in seconds since the querier state has been updated Querier Expiry Time Time left in seconds before the Querier losses its title as querier Wrong Version Queries Indicates the number of queries ...

Page 1093: ... Syntax show ipv6 mld proxy Command Mode Privileged EXEC mode Config mode and all Config sub modes Default Configuration There is no default configuration for this command User Guidelines The command displays the following parameters only when you enable MLD Proxy Field Description Interface Index The interface number of the MLD Proxy interface Admin Mode Indicates whether MLD Proxy is enabled or ...

Page 1094: ...ntax show ipv6 mld proxy groups Version The present MLD host version that is operational on the proxy interface Number of Multicast Groups The number of multicast groups that are associated with the MLD Proxy interface UnsolicitedReport Interval The time interval at which the MLD Proxy interface sends unsolicited group membership reports Querier IP Address on Proxy Interface The IP address of the ...

Page 1095: ...100 2 3 00 02 44 DELAY_MEMBER Include 4 Field Description Interface The MLD Proxy interface Group Address The IP address of the multicast group Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible val...

Page 1096: ...ace number of the MLD Proxy Group Address The IP address of the multicast group Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the latest gr...

Page 1097: ...st Expiry Time 3001 1 00 03 32 3002 2 00 03 32 FF1E 3 FE80 100 2 3 328 DELAY_MEMBER Exclude 0 FF1E 4 FE80 100 2 3 255 DELAY_MEMBER Include 4 Group Source List Expiry Time 4001 1 00 03 40 5002 2 00 03 40 4001 2 00 03 40 5002 2 00 03 40 show ipv6 mld proxy interface Use the show ipv6 mld proxy interface command to display a detailed list of the host interface status parameters Group Source List The ...

Page 1098: ... with the interface are as follows Example console show ipv6 mld proxy interface Interface vlan 10 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent Parameter Description Interface The MLD Proxy interface Parameter Description Ver The MLD version Query Rcvd Number of MLD queries received Report Rcvd Number of MLD reports received Report Sent Number of MLD reports sent Leaves Rcvd Number...

Page 1099: ...played Field Description Valid MLD Packets Received The number of valid MLD packets received by the router Valid MLD Packets Sent The number of valid MLD packets sent by the router Queries Received The number of valid MLD queries received by the router Queries Sent The number of valid MLD queries sent by the router Reports Received The number of valid MLD reports received by the router Reports Sen...

Page 1100: ...ighbors Use the show ipv6 neighbors command in Privileged EXEC mode to display information about the IPv6 neighbors Syntax show ipv6 neighbors Syntax Description This command has no arguments or keywords Default Configuration This command has no default configuration Bad Checksum MLD Packets The number of bad checksum MLD packets received by the router Malformed MLD Packets The number of malformed...

Page 1101: ...mode to display the IPv6 routing table The output of the command also displays the IPv6 address of the default gateway and the default route associated with the gateway Syntax show ipv6 route ipv6 address ipv6 prefix prefix length protocol interface type interface number best Syntax Description Parameter Description ipv6 address Specifies an IPv6 address for which the best matching route would be ...

Page 1102: ...F Intra OI OSPF Inter OE1 OSPF Ext 1 OE2 OSPF Ext 2 ON1 OSPF NSSA Ext Type 1 ON2 OSPF NSSA Ext Type 2 Default gateway is 10 1 20 1 S 0 0 0 0 0 254 0 via 10 1 20 1 C 10 1 20 0 24 0 1 directly connected vlan2 C 20 1 20 0 24 0 1 directly connected vlan4 interface type interface number Valid IPv6 interface Specifies that the routes with next hops on the selected interface be displayed Supported interf...

Page 1103: ...how ipv6 route preferences Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example shows the preference value associated with the type of route console show ipv6 route preferences Local 0 Static 1 OSPF Intra area routes 110 OSPF Inter area...

Page 1104: ...unt summary for only best routes Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays a summary of the routing table console show ipv6 route summary IPv6 Routing Table Summary 0 entries Connected Routes 0 Static Rout...

Page 1105: ...about traffic on all interfaces tunnel Tunnel identifier Range 0 7 loopback Loopback identifier Range 0 7 Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples The following examples show traffic and statistics for IPv6 and ICMPv6 first for all interfaces and an i...

Page 1106: ...ded 0 Datagrams Locally Transmitted 0 Datagrams Transmit Failed 0 Datagrams Successfully Fragmented 0 Datagrams Failed To Fragment 0 Fragments Created 0 Multicast Datagrams Received 0 Multicast Datagrams Transmitted 0 console show ipv6 traffic vlan 11 Interface 11 IPv6 STATISTICS Total Datagrams Received 0 Received Datagrams Locally Delivered 0 Received Datagrams Discarded Due To Header Errors 0 R...

Page 1107: ...ment 0 Fragments Created 0 Multicast Datagrams Received 0 Multicast Datagrams Transmitted 0 show ipv6 vlan Use the show ipv6 vlan command in Privileged EXEC mode to display IPv6 VLAN routing interface addresses Syntax show ipv6 vlan Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has...

Page 1108: ...ostname to ping contact Range 1 158 characters The command allows spaces in the host name when specified in double quotes For example console config traceroute host name port UDP port used as the destination of packets sent as part of the traceroute This port should be an unused port on the destination system Range 0 65535 Default Configuration 33434 is the default port value Command Mode Privileg...

Page 1109: ...IPv6 Routing Commands 1109 Tracing route over a maximum of 20 hops 1 N N N ...

Page 1110: ...1110 IPv6 Routing Commands ...

Page 1111: ...its data but may receive data It is typically expected to be used by routing protocols Support for the internal loopback address if present is limited to testing the IP stack Commands in this Chapter This chapter explains the following commands interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loopback configuration mode Syntax interface loop...

Page 1112: ...8 22 1 icmp_seq 0 time 10 msec Reply From 192 168 22 1 icmp_seq 1 time 10 msec Reply From 192 168 22 1 icmp_seq 2 time 10 msec Reply From 192 168 22 1 icmp_seq 3 time 10 msec show interfaces loopback Use the show interfaces loopback command in Privileged EXEC mode to display information about one or all configured loopback interfaces Syntax show interfaces loopback loopback id loopback id Loopback...

Page 1113: ...nformation about configured loopback interfaces console show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets 1 loopback 1 0 0 0 0 0 0 console show interfaces loopback 1 Interface Link Status Up IP Address 0 0 0 0 0 0 0 0 MTU size 1500 bytes ...

Page 1114: ...1114 Loopback Interface Commands ...

Page 1115: ...d below Network Load Decrease A number of applications are required to transmit packets to hundreds of stations The packets transmitted to these stations share a group of links on their paths to their destinations Multicast transmission can conserve much needed network bandwidth since multicasting transmission requires the transmission of only a single packet by the source and replicates this pack...

Page 1116: ...his Chapter This chapter explains the following commands ip mcast boundary Use the ip mcast boundary command in Interface Configuration mode to add an administrative scope multicast boundary specified by groupipaddr and mask for which this multicast administrative boundary is applicable groupipaddr is a group IP address and mask is a group IP mask ip mcast boundary ip pim dr priority show ip multi...

Page 1117: ...dds an administrative scope multicast boundary console config interface vlan 15 console config if vlan15 ip mcast boundary 239 5 5 5 255 255 255 255 ip mroute Use the ip mroute command to create a static multicast route for a source range Use the no form of this command to delete a static multicast route Syntax ip mroute source address mask rpf address preference no ip mroute source address mask s...

Page 1118: ...ation mode to set the administrative mode of the IP multicast forwarder in the router to active For multicast routing to become operational IGMP must be currently enabled An error message is displayed on the CLI if multicast routing is enabled while IGMP is disabled However the IP multicast mode configuration is stored in the multicast configuration file and is automatically enabled once IGMP is e...

Page 1119: ... to be forwarded to that port If a host in the VLAN subsequently joins or leaves the group the list of mrouter ports is updated for the multicast source and the forwarding of the multicast source is adjusted The workaround to this limitation is to statically configure mrouter ports when enabling IGMP MLD snooping in L3 multicast enabled VLANs Example The following example enables IP multicast on t...

Page 1120: ...terface vlan 15 console config if vlan15 ip multicast ttl threshold 5 ip pim Use the ip pim command in Interface VLAN Configuration mode to administratively configure PIM mode for IP multicast routing on a VLAN interface Use the no form of the command to disable PIM on the interface Syntax ip pim no ip pim Default Configuration PIM is not enabled on interfaces by default Command Mode Interface VLA...

Page 1121: ...to administratively disable bootstrap router BSR messages on the interface Use the no form of this command to return the configuration to the default Syntax ip pim bsr border no ip pim bsr border Default Configuration BSR messages are enabled on the interface by default Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower va...

Page 1122: ...ter Description Default Configuration None the router does not advertise itself as a BSR candidate Command Mode Global Configuration mode User Guidelines All multicast groups with the same hash value correspond to the same RP Lower priority values are preferred Parameter Description vlan id A valid VLAN identifier with multicast routing enabled hash mask length Length of the BSR hash to be ANDed w...

Page 1123: ...on PIM is not enabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router It is recommended that IGMP be enabled if PIM is enabled Example console config ip multicast console config ip igmp console config ip pim dense ip pim dr priority The ip pim dr priority command in Interface VLAN Configuration mode to administrativel...

Page 1124: ...n10 ip pim dr priority 32768 ip pim hello interval The ip pim hello interval command in Interface VLAN Configuration mode to administratively configure the frequency of PIM Hello messages on the specified interface Use the no form of this command to return the configuration to the default This command deprecates the ip pimsm query interval the ip pimsm hello interval and the ip pimdm hello interva...

Page 1125: ...ency of join prune messages on the specified interface Use the no form of this command to return the configuration to the default This command deprecates the ip pimsm message interval and ip pimsm join prune interval commands Syntax ip pim join prune interval interval no ip pim join prune interval interval The number of seconds between successive join prune transmissions Range 0 18000 seconds Defa...

Page 1126: ...no ip pim rp address rp address group address group mask Parameter Description Default Configuration None no static multicast groups are configured for an RP Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Parameter Description rp address The valid IPv4 address for the rendezvous point group address A valid multicast group address to be sourced ...

Page 1127: ...x ip pim rp candidate vlan vlanid group address group mask interval interval no ip pim rp candidate vlan vlanid group address group mask Parameter Description Default Configuration None the router does not advertise itself as an RP candidate by default Command Mode Global Configuration mode Parameter Description vlan id A valid VLAN identifier with multicast routing enabled group address A valid m...

Page 1128: ... routing Use the no form of this command to disable PIM Syntax ip pim sparse no ip pim sparse Default Configuration PIM not enabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router It is recommended that IGMP be enabled if PIM is enabled IP multicast must be enabled for PIM to operate It is recommended that IGMP snoopi...

Page 1129: ... mask Parameter Description Default Configuration There are no group addresses configured by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip pim ssm 239 0 10 0 255 255 255 0 show ip multicast Use the show ip multicast command in Privileged EXEC mode to display the system wide multicast information Parameter Desc...

Page 1130: ...mmand has no user guidelines Example The following example displays system wide multicast information console show ip multicast Admin Mode Enabled Protocol State Non Operational Table Max Size 256 Protocol PIMDM Multicast Forwarding Cache Entry Count 0 show ip mcast boundary Use the show ip mcast boundary command in Privileged EXEC mode to display all the configured administrative scoped multicast...

Page 1131: ...show ip mcast boundary all MULTICAST BOUNDARY Interface Group Ip Mask show ip multicast interface Use the show ip multicast interface command in Privileged EXEC mode to display the multicast information for the specified interface Syntax show ip multicast interface type number Syntax Description Default Configuration Show information for all multicast interfaces Parameter Description type number I...

Page 1132: ...p mcast mroute Use the show ip mcast mroute command in Privileged EXEC mode to display a summary or all the details of the multicast table Syntax show ip mcast mroute detail summary Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example d...

Page 1133: ...ining the groupipaddr value Syntax show ip mcast mroute group groupipaddr detail summary groupipaddr IP address of the multicast group Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the multicast configuration settings su...

Page 1134: ...dress of source groupipaddr IP address of multicast group Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays multicast configuration settings console show ip mcast mroute source 10 1 1 1 summary console show ip mcast mroute s...

Page 1135: ...es This command has no user guidelines Example The following example displays the static routes configured in the static mcast table console show ip mcast mroute static MULTICAST STATIC ROUTES Source IP Source Mask RPF Address Preference 1 1 1 1 255 255 255 0 2 2 2 2 23 show ip pim The show ip pim command displays information about the interfaces enabled for PIM Syntax show ip pim Default Configur...

Page 1136: ...bsr router command displays information about a bootstrap router BSR This command deprecates the show ip pimsm componenttable and show ip pimsm bsr commands Syntax show ip pim bsr router candidate elected candidate Shows the candidate routers capable of acting as the bootstrap router elected Shows the router elected as the PIM bootstrap router Default Configuration There is no default configuratio...

Page 1137: ...PIM interface status parameters If the interface number is not is specified the command displays the status parameters of all the PIM enabled interfaces This command deprecates the show ip pimsm interface stats show ip pimsm interface and show ip pimdm interface commands Field Description BSR address IP address of the BSR BSR Priority The configured BSR priority BSR Hash Mask Length The configured...

Page 1138: ...elines There are no user guidelines for this command Example console show ip pim interface InterfaceVLAN0010 ModeSparse Field Description Mode Active PIM Protocol Interface Interface number Hello Interval Hello interval value Join prune Interval Join prune interval value DR Priority DR Priority configured on this interface BSR Border Whether or not this interface is configured as a BSR Border Neig...

Page 1139: ...none of the interfaces are enabled for PIM the following message is displayed None of the routing interfaces are enabled for PIM show ip pim neighbor Use the show ip pim neighbor command in User EXEC or Privileged EXEC modes to display PIM neighbors discovered by PIMv2 Hello messages If the interface number is not specified this command displays the neighbors discovered on all the PIM enabled inte...

Page 1140: ...nsole show ip pim neighbor vlan 10 Up Time Expiry Time Neighbor Addr Interface hh mm ss hh mm ss 192 168 10 2 VLAN0010 00 02 55 00 01 15 console show ip pim neighbor Neighbor Addr Interface Uptime Expiry Time HH MM SS HH MM SS 192 168 10 2 VLAN0001 00 02 55 00 01 15 Field Description Neighbor Addr IP address of the PIM neighbor Interface Interface number Uptime Time since the neighbor is learned E...

Page 1141: ...p hash group address group address A valid multicast address supported by RP Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines The following fields are displayed Example console show ip pim rp hash 224 1 2 0 RP Address192 168 10 1 TypeStatic If no RP Group mapping exists on the r...

Page 1142: ...s Syntax show ip pim rp mapping rp address candidate static rp address An RP address Default configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Field Descriptions Example console show ip pim rp mapping candidate RP Address 192 168 10 1 Field ...

Page 1143: ...ecs 60 Next Candidate RP Advertisement hh mm ss 00 00 15 If no RP Group mapping exists on the router the following message is displayed No RP Group mappings exist on this router If no static RP Group mapping exists on the router the following message is displayed No Static RP Group mappings exist on this router ...

Page 1144: ...1144 Multicast Commands ...

Page 1145: ...ea and Inter area Intra area routing occurs if a source and destination are in the same area Inter area routing occurs when a source and destination are in different areas An OSPF backbone distributes information between areas For IPv4 networks PowerConnect routing supports OSPF version 2 in accordance with RFC 2328 The PowerConnect routing also provides a compatibility mode for the RFC 1583 OSPF ...

Page 1146: ...all never be used for forwarding The RIP preference is not used in IPv6 routing OSPF Equal Cost Multipath ECMP A device running the IP routing protocol OSPF maintains multiple equal cost routes to all destinations The multiple routes are of the same type intra area inter area type 1 external or type 2 external cost and have the same associated area However each route is defined by a separate adver...

Page 1147: ... and static route into a single route to 20 0 0 0 8 with two next hops All next hops within an ECMP route must be provided by the same source On StrataXGS IV platforms the ECMP hashing support is extended to Enhanced hashing mode which provides improved load balancing performance ECMP hashing on these platforms has the following features MODULO N operation based on the number N of next hops in the...

Page 1148: ...hbors continue to forward packets through the restarting router The restarting router relearns the network topology from its helpful neighbors PowerConnect implements both the restarting router and helpful neighbor features described in RFC 3623 Commands in this Chapter This chapter explains the following commands area default cost Router OSPF capability opaque ip ospf priority show ip ospf asbr a...

Page 1149: ...w ip ospf range area stub no summary exit overflow interval nsf helper strict lsa checking show ip ospf statistics area virtual link external lsdb limit nsf restart interval show ip ospf stub table area virtual link authentication ip ospf area passive interface default show ip ospf traffic area virtual link dead interval ip ospf authentication passive interface show ip ospf virtual link area virtu...

Page 1150: ...r OSPF Configuration mode to configure the specified area ID to function as an NSSA If the area has not been previously created this command creates the area and then applies the NSSA distinction If the area already exists the NSSA distinction is added or modified Use the no form of the command to remove the NSSA distinction from the specified area ID Syntax area area id nssa no redistribution def...

Page 1151: ...rea to configure Range IP address or decimal from 0 4294967295 metric value Specifies the metric of the default route advertised to the NSSA Range 1 16777214 metric type value The metric type can be one of the following 1 A metric type of nssa external 1 2 A metric type of nssa external 2 default role The translator role where role is one of the following always The router assumes the role of the ...

Page 1152: ...pe can be comparable nssa external 1 or non comparable nssa external 2 Use the no form of the command to return the metric value and type to the default value Syntax area area id nssa default info originate integer comparable non comparable no area area id nssa default info originate area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 integer Specifies the m...

Page 1153: ... NSSA Area Border router ABR so that learned external routes are not redistributed to the NSSA Syntax area area id nssa no redistribute no area area id nssa no redistribute area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This comman...

Page 1154: ...on Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the NSSA so that summary LSAs are not advertised into the NSSA console config router area 20 nssa no summary area nssa translator role Use the area nssa translator role command in Router OSPF Configuration mode to configure the translator role of the NSSA Synt...

Page 1155: ...g router area 20 nssa translator role always area nssa translator stab intv Use the area nssa translator stab intv command in Router OSPF Configuration mode to configure the translator stability interval of the NSSA Syntax area area id nssa translator stab intv integer no area area id nssa translator stab intv area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967...

Page 1156: ...nge rather than the specific intra area route as a type 3 summary LSA Also an area range can be configured at the edge of an NSSA to summarize external routes reachable within the NSSA The range is advertised as a type 5 external LSA Use the no form of the command to delete an area range or revert an option to its default Syntax area area id range prefix netmask summarylink nssaexternallink advert...

Page 1157: ...d prefixes are advertised when the area range is active Then the not advertise option is given any static cost previously configured is removed from the system configuration cost Optional If an optional cost is given OSPF sets the metric field in the summary LSA to the configured value rather than setting the metric to the largest cost among the networks covered by the area range A static cost may...

Page 1158: ...example Create area range Suppress summary console config router area 1 range 10 0 0 0 255 0 0 0 summarylink not advertise Advertise summary console config router no area 1 range 10 0 0 0 255 0 0 0 summarylink not advertise The no form may be use to remove a static area range cost so that OSPF sets the cost to the largest cost among the contained routes For example Create area range with static co...

Page 1159: ...route console config router area 1 range 225 0 0 0 255 0 0 0 summarylink 225 0 0 0 255 0 0 0 is an invalid prefix for an area range If the maximum number of ranges is already configured console config router area 3 range 90 0 0 0 255 0 0 0 summarylink cost 50 The maximum number of area ranges 60 is alrady configured If the user tries to delete an area range that does not exist console config route...

Page 1160: ...uce the link state database of routers within the stub area Use the no form of the command to remove the stub area Syntax area area id stub no area area id stub area id Identifies the area identifier of the OSPF stub Range IP address or decimal from 0 4294967295 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command ...

Page 1161: ...figuration mode User Guidelines This command has no user guidelines Example The following example prevents the Summary LSA from being advertised into the area 3 NSSA console config router area 3 stub no summary area virtual link Use the area virtual link command in Router OSPF Configuration mode to create the OSPF virtual interface for the specified area id and neighbor router To remove the link u...

Page 1162: ...sed Overrides password or message digest authentication if configured for the area hello interval seconds Number of seconds to wait before sending hello packets to the OSPF virtual interface Range 1 65535 dead interval seconds Number of seconds to wait before the OSPF virtual interface on the virtual interface is assumed to be dead Range 1 65535 retransmit interval seconds The number of seconds to...

Page 1163: ... virtual link with a 40 second transmit delay interval and default values for all other optional parameters router ospf network 10 50 50 0 0 0 0 255 area 10 area 10 virtual link 192 168 2 2 transmit delay 40 Parameter Default area id No area ID is predefined router id No router ID is predefined hello interval seconds 10 seconds retransmit interval seconds 5 seconds transmit delay seconds 1 second ...

Page 1164: ...e default value Syntax area area id virtual link neighbor id authentication none simple key encrypt key key id no area area id virtual link neighbor id authentication area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router identifier of the neighbor encrypt Use MD5 Encryption for an OSPF Virtual Link key Authentication key for t...

Page 1165: ... the area virtual link dead interval command in Router OSPF Configuration mode to configure the dead interval for the OSPF virtual interface on the virtual interface identified by area id and neighbor router Use the no form of the command to return the dead interval to the default value Syntax area area id virtual link neighbor id dead interval seconds no area area id virtual link neighbor id dead...

Page 1166: ...lo interval for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID Use the no form of the command to return the hello interval to the default value Syntax area area id virtual link neighbor id hello interval seconds no area area id virtual link neighbor id hello interval area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294...

Page 1167: ... ID and neighbor ID Use the no form of the command to return the retransmit interval to the default value Syntax area area id virtual link neighbor id retransmit interval seconds no area area id virtual link neighbor id retransmit interval area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router ID of the neighbor seconds The num...

Page 1168: ...efault value Syntax area area id virtual link neighbor id transmit delay seconds no area area id virtual link neighbor id transmit delay area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 neighbor id Identifies the Router ID of the neighbor seconds Number of seconds to increment the age of the LSA before sending based on the estimated time it takes to trans...

Page 1169: ...nterfaces whose bandwidth is 100 Mbps or greater To change the reference bandwidth use the auto cost command specifying the reference bandwidth in megabits per second The different reference bandwidth can be independently configured for OSPFv2 and OSPFv3 Syntax auto cost reference bandwidth ref_bw ref_bw The reference bandwidth in Mbps Range 1 4294967 Default Configuration The default reference ba...

Page 1170: ...d routing interfaces and to 10 Mbps for VLAN routing interfaces This command does not affect the actual speed of an interface Syntax bandwidth bw bw Interface bandwidth in Kbps Range 1 10000000 Default Configuration The default reference bandwidth is 10 Mbps Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example The following example co...

Page 1171: ...iguration redistribution counters neighbor interface vlan vlan id neighbor id configuration Reset the OSPF configuration to factory defaults redistribution Flush all self originated external LSAs Reapply the redistribution configuration and re originate prefixes as necessary counters Reset global and interface statistics neighbor Drop the adjacency with all OSPF neighbors On each neighbor s interf...

Page 1172: ...nd configuration Restore OSPF configuration to defaults counters Clear OSPF counters neighbor Bounce all OSPF neighbors redistribution Flush and reoriginate external LSAs clear ip ospf stub router Use the clear ip ospf stub router command in Privileged EXEC mode to force OSPF to exit stub router mode when it has automatically entered stub router mode because of a resource limitation Syntax clear i...

Page 1173: ...ration mode to enable OSPF 1583 compatibility Use the no form of the command to disable it Syntax compatible rfc1583 no compatible rfc1583 Syntax Description This command has no arguments or keywords Default Configuration Compatible with RFC 1583 Command Mode Router OSPF Configuration mode User Guidelines If all OSPF routers in the routing domain are capable of operating according to RFC 2328 OSPF...

Page 1174: ... Syntax Description Default Configuration The default configuration is no default information originate The default metric is none and the default type is 2 Command Mode Router OSPF Configuration mode User Guidelines The only routers that actually have Internet connectivity should advertise a default route All other routers in the network should learn the default route from the routers that have c...

Page 1175: ...efault for the metric of distributed routes Use the no form of the command to remove the metric from the distributed routes If the area has not been previously created it is created by this command If the area already exists the default metric information is added or modified Syntax default metric metric value no default metric metric value The metric or preference value of the default route Range...

Page 1176: ...nce value is 110 for dist1 dist2 and dist3 Command Mode Router OSPF Configuration mode Router OSPFv3 Configuration mode User Guidelines There are no user guidelines for this command Parameter Description intra area dist1 Used to select the best path within an area when there are two or more routes to the same destination from two different routing protocols Range 1 255 inter area dist2 Used to sel...

Page 1177: ...fied source protocol from the access list Syntax distribute list name out rip static connected no distribute list name out rip static connected Syntax Description Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode Parameter Description name The name used to identify an existing ACL The range is 1 31 characters rip Apply the specified access ...

Page 1178: ...ble command in Router OSPF Configuration mode to reset the default administrative mode of OSPF in the router active Use the no form of the command to disable the administrative mode for OSPF Syntax enable no enable Default Configuration Enabled is the default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example ...

Page 1179: ...overflow state that a router will wait before attempting to leave the overflow state Range 0 2147483647 Default Configuration 0 seconds is the default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example sets the exit overflow interval for OSPF at 10 seconds console config router exit overflow interval 10 extern...

Page 1180: ...e User Guidelines The external LSDB limit MUST be set identically in all routers attached to the OSPF backbone and or any regular OSPF area Example The following example configures the external LSDB limit for OSPF with the number of non default AS external LSAs set at 20 console config router external lsdb limit 20 ip ospf area The ip ospf area command enables OSPFv2 and sets the area ID of an int...

Page 1181: ...cation Use the ip ospf authentication command in the Interface Configuration mode to set the OSPF Authentication Type and Key for the specified interface Use the no form of the command to return the authentication type to the default value Syntax ip ospf authentication none simple key encrypt key key id no ip ospf authentication encrypt MD5 encrypted authentication key key Authentication key for t...

Page 1182: ...5 console config if vlan15 ip ospf authentication encrypt test123 100 ip ospf cost Use the ip ospf cost command in Interface Configuration mode to configure the cost on an OSPF interface Use the no form of the command to return the cost to the default value Syntax ip ospf cost interface cost no ip ospf cost interface cost Specifies the cost link state metric of the OSPF interface Range 1 65535 Def...

Page 1183: ...to enable flooding of LSAs on an interface Syntax ip ospf database filter all out no ip ospf database filter all out Default Configuration By default LSAs are flooded on all interfaces in a routed VLAN Command Mode Interface Configuration mode User Guidelines This command is only applicable to OSPFv2 routing configurations ip ospf dead interval Use the ip ospf dead interval command in Interface Co...

Page 1184: ...lue should be some multiple of the Hello Interval i e 4 Example The following example sets the dead interval at 30 seconds console config if vlan15 ip ospf dead interval 30 ip ospf hello interval Use the ip ospf hello interval command in Interface Configuration mode to set the OSPF hello interval for the specified interface Use the no form of the command to return the interval to the default value...

Page 1185: ...ription packets specify the size of the largest IP packet that can be sent without fragmentation on the interface When a router receives a Database Description packet it examines the MTU advertised by the neighbor By default if the MTU is larger than the router can accept the Database Description packet is rejected and the OSPF adjacency is not established Use the no form of the command to enable ...

Page 1186: ...fault Configuration Interfaces operate in broadcast mode by default Command Mode Interface Configuration VLAN mode Usage Guidelines OSPF treats interfaces as broadcast interfaces by default Loopback interfaces have a special loopback network type which cannot be changed When there are only two routers on the network OSPF can operate more efficiently by treating the network as a point to point netw...

Page 1187: ...uter interface Range 0 255 Default Configuration 1 is the default integer value Command Mode Interface Configuration VLAN mode User Guidelines A value of 1 is the highest router priority A value of 0 indicates that the interface is not eligible to become the designated router on this network Example The following example sets the OSPF priority for the VLAN 15 router at 100 console config if vlan15...

Page 1188: ...uter priority A value of 0 indicates that the interface is not eligible to become the designated router on this network Example The following example sets the OSPF retransmit Interval for VLAN 15 at 50 seconds console config if vlan15 ip ospf retransmit interval 50 ip ospf transmit delay Use the ip ospf transmit delay command in Interface Configuration mode to set the OSPF Transit Delay for the sp...

Page 1189: ...the log adjacency changes command in OSPFv2 Router Configuration mode to enable logging of OSPFv2 neighbor state changes Use the no form of the command to disable state change logging Syntax log adjacency changes detail no log adjacency changes detail Parameter Description Default Configuration Adjacency changes are not logged by default Parameter Description detail Optional When this keyword is s...

Page 1190: ...tric no max metric router lsa on startup summary lsa Parameter Description Default Configuration By default OSPF is not in stub router mode Command Mode OSPFv2 Global Configuration mode Parameter Description on startup Optional OSPF starts in stub router mode after a reboot seconds Required if on startup The number of seconds that OSPF remains in stub router mode after a reboot The range is 5 to 8...

Page 1191: ...ode on startup max metric router lsa on startup and one then enters max metric router lsa there is no change If OSPF is administratively in stub router mode the max metric router lsa command has been given and one configures OSPF to enter stub router mode on startup max metric router lsa on startup OSPF exits stub router mode assuming the startup period has expired and the configuration is updated...

Page 1192: ...ospf area command is given for an interface it overrides any matching network area command OSPF only advertises IP subnets for secondary IP addresses if the secondary address is within the range of a network area command for the same area as the primary address on the same interface When a network area command is deleted matching interfaces are reevaluated against all remaining network area comman...

Page 1193: ...etwork area range Any individual interface can only be attached to a single area If an interface address matches multiple network area ranges the interface is assigned to the area for the first matching range If the ip ospf area command is given for an interface it overrides any matching network area command OSPF only advertises IP subnets for secondary IP addresses if the secondary address is wit...

Page 1194: ...estart works in concert with nonstop forwarding to enable the hardware to continue forwarding IPv4 packets using OSPFv2 routes while a backup unit takes over management unit responsibility When OSPF executes a graceful restart it informs its neighbors that the OSPF control plane is restarting but that it will be back shortly Helpful neighbors continue to advertise to the rest of the network that t...

Page 1195: ...er Guidelines The grace LSA announcing the graceful restart includes a restart reason Reasons 1 software restart and 2 software reload upgrade are considered planned restarts Reasons 0 unknown and 3 switch to redundant control processor are considered unplanned restarts nsf ietf helper disable is functionally equivalent to no nsf helper and is supported solely for IS CLI compatibility nsf helper s...

Page 1196: ...at persist until the graceful restart completes By exiting the graceful restart on a topology change a router tries to eliminate the loops or black holes as quickly as possible by routing around the restarting router A helpful neighbor considers a link down with the restarting router to be a topology change regardless of the strict LSA checking configuration nsf restart interval Use the nsf restar...

Page 1197: ...and complete a full database exchange with each of those neighbors Example console config router nsf restart interval 180 passive interface default The passive interface default command enables the global passive mode by default for all interfaces It overrides any interface level passive mode Use the no form of this command to disable the global passive mode by default for all interfaces Any inter...

Page 1198: ...e mode that is currently effective on the interface Use the no form of this command to set the interface as non passive Syntax passive interface vlan vlan id no passive interface vlan vlan id vlan id The vlan number Default Configuration Passive interface mode is disabled by default Command Mode Router OSPF Configuration mode User Guidelines There are no user guidelines for this command Example co...

Page 1199: ...efault Configuration 0 is the tag value default configuration Parameter Description protocol rip Specifies RIP as the source protocol static Specifies that the source is a static route connected Specifies that the source is a directly connected route static Specifies that the source is a static route connected Specifies that the source is a directly connected route metric value Specifies the metri...

Page 1200: ...r id Use the router id command in Router OSPF Configuration mode to set a 4 digit dotted decimal number uniquely identifying the router OSPF ID Syntax router id ip address ip address IP address that uniquely identifies the router OSPF ID Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Ex...

Page 1201: ... prompt changes when the router ospf command executes Example The following example enters into router OSPF mode console config router ospf console config router show ip ospf Use the show ip ospf command to display information relevant to the OSPF router This command has been modified to show additional fields Syntax show ip ospf Syntax Description This command has no arguments or keywords Default...

Page 1202: ... These rules prevent routing loops when external LSAs for the same destination have been originated from different areas External LSDB Limit Shows the maximum number of non default external LSAs entries that can be stored in the link state database Exit Overflow Interval Shows the number of seconds that after entering OverflowState as defined by RFC 1765 a router will attempt to leave OverflowStat...

Page 1203: ...riginates a type 5 LSA advertising a default route Always When this option is configured OSPF only originates a default route when the router has learned a default route from another source Metric Shows the metric for the advertised default routes If the metric is not configured this field is not configured Metric Type Shows whether the metric for the default route is advertised as External Type 1...

Page 1204: ...ows the number of link state advertisements received determined to be new instantiations LSA Count The number of LSAs in the link state database MaximumNumber of LSAs The limit on the number of LSAs that the router can store in its link state database LSA High Water Mark The maximum number of LSAs that have been in the link state database since OSPF began operation AS Scope LSA Flood List Length T...

Page 1205: ...ible values are Not attempted In progress Completed Timed out Topology change and Manual clear NSF Helper Support Whether this router is configured to act as a graceful restart helpful neighbor Possible values are Helper Support Always Disabled or Planned NSF Helper Strict LSA Checking As a graceful restart helpful neighbor whether to terminate the helper relationship if a topology change occurs d...

Page 1206: ...figured Metric Type External Type 2 Number of Active Areas 1 1 normal 0 stub 0 nssa ABR Status Disable ASBR Status Disable Stub Router FALSE External LSDB Overflow FALSE External LSA Count 0 External LSA Checksum 0 AS_OPAQUE LSA Count 0 AS_OPAQUE LSA Checksum 0 New LSAs Originated 25 LSAs Received 7 LSA Count 4 Maximum Number of LSAs 18200 LSA High Water Mark 4 Retransmit List Entries 0 Maximum Nu...

Page 1207: ...d are the values of the LSA pacing configuration parameters console show ip ospf Router ID 1 1 1 1 OSPF Admin Mode Enable RFC 1583 Compatibility Enable External LSDB Limit No Limit Exit Overflow Interval 0 Spf Delay Time 5 Spf Hold Time 10 Flood Pacing Interval 33 ms LSA Refresh Group Pacing Time 60 sec Opaque Capability Enable AutoCost Ref BW 100 Mbps Default Passive Setting Disabled Maximum Path...

Page 1208: ...0 AS_OPAQUE LSA Count 0 AS_OPAQUE LSA Checksum 0 New LSAs Originated 300269 LSAs Received 300276 LSA Count 6020 Maximum Number of LSAs 36968 LSA High Water Mark 6020 AS Scope LSA Flood List Length 0 Retransmit List Entries 0 Maximum Number of Retransmit Entries 147872 Retransmit Entries High Water Mark 32616 NSF Helper Support Always NSF Helper Strict LSA Checking Enabled show ip ospf abr The show...

Page 1209: ... Hop Next Hop Intf INTRA 3 3 3 3 1 0 0 0 1 10 1 23 3 vlan11 INTRA 4 4 4 4 10 0 0 0 1 10 1 24 4 vlan12 show ip ospf area Use the show ip ospf area command in Privileged EXEC mode to display information about the identified OSPF area Syntax show ip ospf area area id Default Configuration This command has no default configuration Field Description area id Identifies the OSPF area whose ranges are bei...

Page 1210: ...AreaID 0 0 0 10 External Routing Import External LSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 Import Summary LSAs Enable Example 2 console show ip ospf area 20 AreaID 0 0 0 20 External Routing Import NSSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 OSPF NSSA Specific Information Import Summary LSAs Enable Redistribute into NSSA Ena...

Page 1211: ... area console show ip ospf area 1 AreaID 0 0 0 1 External Routing Import External LSAs Spf Runs 10 Area Border Router Count 0 Area LSA Count 3004 Area LSA Checksum 0x5e0abed Flood List Length 0 Import Summary LSAs Enable show ip ospf asbr The show ip ospf asbr command displays the internal OSPF routing table entries to Autonomous System Boundary Routes ASBR This command takes no options Syntax sho...

Page 1212: ...ers are entered the command displays the LSA headers Use the optional parameters to specify the type of link state advertisements to display Syntax show ip ospf area id database asbr summary external network nssa external router summary ls id adv router ip address self originate opaque area opaque as opaque link area id Identifies a specific OSPF area for which link state database information will...

Page 1213: ... Display link opaque LSAs Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines Information is only displayed if OSPF is enabled Example The following example displays information about the link state database when OSPF is enabled console show ip ospf database Router Link States Area 0 0 0 0 Link Id Ad...

Page 1214: ...Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1360 80000007 242e Summary ASBR States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1361 80000006 183a Link Opaque States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1361 80000005 ef59 Area Opaque States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt ...

Page 1215: ...how ip ospf database database summary Use the show ip ospf database database summary command to display the number of each type of LSA in the database for each area and for the router The command also displays the total number of LSAs in the database This command has been modified Syntax show ip ospf database database summary Default Configuration There is no default configuration for this command...

Page 1216: ...l number of network LSAs in the OSPF link state database Summary Net Shows Total number of summary network LSAs in the database Summary ASBR Shows Number of summary ASBR LSAs in the database Type 7 Ext Shows Total number of Type 7 external LSAs in the database Self Originated Type 7 Shows Total number of self originated AS external LSAs in the OSPFv3 link state database Opaque Link Shows Number of...

Page 1217: ...0 database summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Self Originated Type 7 0 Opaque Link 0 Opaque Area 0 Subtotal 0 Router database summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Opaque Link 0 Opaque Area 0 Type 5 Ext 0 Self Originated Type 5 Ext 0 Opaque AS 0 ...

Page 1218: ...ault configuration Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Example 1 The following example displays the information for the IFO object or virtual interface tables associated with VLAN 3 console show ip ospf interface vlan 10 IP Address 1 1 1 1 Subnet Mask 255 255 255 0 Secondary IP Address es Parameter De...

Page 1219: ...s Non passive interface OSPF Mtu ignore Disable State designated router Designated Router 1 1 1 1 Backup Designated Router 0 0 0 0 Number of Link Events 2 Example 2 The following example shows the configuration of flood blocking console show ip ospf interface gi2 0 11 IP Address 172 20 11 2 Subnet Mask 255 255 255 0 Secondary IP Address es OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 OSPF Network T...

Page 1220: ...ow ip ospf interface brief Use the show ip ospf interface brief command in Privileged EXEC mode to display brief information for the IFO object or virtual interface tables Syntax show ip ospf interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examp...

Page 1221: ... in User EXEC mode to display the statistics for a specific interface The information is only displayed if OSPF is enabled Syntax show ip ospf interface stats vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The followi...

Page 1222: ...erface number neighbor id Syntax Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following examples display information about OSPF neighbors on the specified Ethernet and IP interfaces console show ip ospf neighbor 3 3 3 3 Par...

Page 1223: ...escription Field Description Interface The name of the interface on which the adjacency is formed Neighbor IP Address The IPv4 address on the neighbor s interface used to form the adjacency Interface Index The SNMP interface index Area Id The OSPF area in which the adjacency is formed Options The options advertised by the neighbor Router Priority The router priority advertised by the neighbor Dead...

Page 1224: ... s retransmit queue waiting for the neighbor to acknowledge Restart Helper Status One of two values Helping This router is acting as a helpful neighbor to this neighbor A helpful neighbor does not report an adjacency change during graceful restart but continues to advertise the restarting router as a FULL adjacency A helpful neighbor continues to forward data packets to the restarting router trust...

Page 1225: ... a grace LSA it sets the Restart Reason to Software Restart on a planned warm restart when the initiate failover command is invoked and to Unknown on an unplanned warm restart Remaining Grace Time The number of seconds remaining in the current graceful restart interval This row is only included if the router is currently acting as a restart helper for the neighbor Restart Exit Reason One of the fo...

Page 1226: ...net Mask Type Action Cost Active 10 1 0 0 255 255 0 0 S Advertise Auto N 172 20 0 0 255 255 0 0 S Advertise 500 Y Field Description area id Identifies the OSPF area whose ranges are being displayed Range IP address or decimal from 0 4294967295 Prefix The summary prefix Subnet Mask The subnetwork mask of the summary prefix Type S Summary Link or E External Link Action Advertise or Suppress Cost Met...

Page 1227: ...s command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Field Descriptions Field Description Delta T The time since the routing table was computed in hours minutes and seconds hh mm ss Intra The time taken to compute in...

Page 1228: ...0 SN 00 01 22 0 0 40 50 260 SN 00 01 19 0 0 20 20 190 X 00 01 16 0 0 0 0 110 R X show ip ospf stub table Use the show ip ospf stub table command in Privileged EXEC mode to display the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch RIB Update The time from the completion of the routing table calculation until all changes have been made in the commo...

Page 1229: ...g show ip ospf stub table AreaId TypeofService Metric Val Import SummaryLSA 0 0 0 1 Normal 1 Enable show ip ospf traffic Use the show ip ospf traffic command in Privileged EXEC mode to display OSPFv2 packet and LSA statistics and OSPFv2 message queue statistics Packet statistics count packets and LSAs since OSPFv2 counters were last cleared using the clear ip ospf counters command NOTE Note that t...

Page 1230: ...since OSPF counters were last cleared LS Update Max Receive Rate The maximum rate of LS Update packets received during any 5 second interval since OSPF counters were last cleared The rate is in packets per second LS Update Max Send Rate The maximum rate of LS Update packets transmitted during any 5 second interval since OSPF counters were last cleared The rate is in packets per second Number of LS...

Page 1231: ...d 0 LS Update Max Receive Rate 20 pps LS Update Max Send Rate 10 pps Number of LSAs Received T1 Router 10 T2 Network 0 T3 Net Summary 300 T4 ASBR Summary 15 T5 External 20 T7 NSSA External 0 T9 Link Opaque 0 T10 Area Opaque 0 T11 AS Opaque 0 Total 345 OSPFv2 Queue Statistics Current Max Drops Limit Hello 0 10 0 500 ACK 2 12 0 1680 Data 24 47 0 500 Event 1 8 0 1000 ...

Page 1232: ...neighbor id Identifies the neighbor s router ID Range Valid IP address Default Configuration Show information for all OSPF Virtual Interfaces Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the OSPF Virtual Interface information for area 10 and its neighbor console show ip o...

Page 1233: ... show ip ospf virtual link brief Syntax Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the OSPF Virtual Interface information in the system console show ipv...

Page 1234: ...outing information in Link State Advertisements LSAs which are bundled into Link State Update LS Update packets To reduce the likelihood of sending a neighbor more packets than it can buffer OSPF rate limits the transmission of LS Update packets By default OSPF sends up to 30 updates per second on each interface 1 the pacing interval Use this command to adjust the LS Update transmission rate timer...

Page 1235: ... Update packets makes LSA distribution more efficient When OSPF originates a new or changed LSA it selects a random refresh delay for the LSA When the refresh delay expires OSPF refreshes the LSA By selecting a random refresh delay OSPF avoids refreshing a large number of LSAs at one time even if a large number of LSAs are originated at one time timers spf Use the timers spf command in Router OSPF...

Page 1236: ...econds Default Configuration The default value for delay time is 5 The default value for hold time is 10 Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the SPF delay and hold time console config router timers spf 20 30 ...

Page 1237: ... ospf database area nssa no summary enable maximum paths show ipv6 ospf database database summary area nssa translator role exit overflow interval nsf show ipv6 ospf interface area nssa translator stab intv external lsdb limit nsf helper show ipv6 ospfinterface brief area range Router OSPFv3 ipv6 ospf nsf helper strict lsa checking show ipv6 ospfinterface stats area stub ipv6 ospf area nsf restart...

Page 1238: ...rea area id default cost cost no area area id default cost areaid Valid area identifier cost Default cost Range 1 16777215 Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the monetary default cost at 100 for stub area 1 console config ipv6 route...

Page 1239: ...o summary translator role translator stab intv Parameter Description Parameter Description area id Identifies the OSPFv3 stub area to configure Range IP address or decimal from 0 4294967295 metric value Specifies the metric of the default route advertised to the NSSA Range 1 16777214 metric type value The metric type can be one of the following 1 A metric type of nssa external 1 comparable 2 A met...

Page 1240: ...s are not advertised into the NSSA console config router area 20 nssa default info originate metric 250 metric type 2 no summary area nssa default info originate Router OSPFv3 Config Use the area nssa default info originate command in Router OSPFv3 Configuration mode to configure the metric value and type for the default route advertised into the NSSA The optional metric parameter specifies the me...

Page 1241: ...configures the default metric value for the default route advertised into the NSSA console config ipv6 router ospf console config rtr area 1 nssa default info originate area nssa no redistribute Use the area nssa no redistribute command in Router OSPFv3 Configuration mode to configure the NSSA ABR so that learned external routes will not be redistributed to the NSSA Use the no form of the command ...

Page 1242: ...ssa no redistribute area nssa no summary Use the area nssa no summary command in Router OSPFv3 Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA Use the no form of the command to remove the configuration Syntax area areaid nssa no summary no area area id nssa no summary areaid Valid OSPF area identifier Default Configuration This command has no default ...

Page 1243: ...ax area areaid nssa translator role always candidate no area areaid nssa translator role areaid Valid OSPF area identifier always Causes the router to assume the role of the translator the instant it becomes a border router candidate Causes the router to participate in the translator election process when it attains border router status Default Configuration This command has no default configurati...

Page 1244: ...atus has been deposed by another router Syntax area areaid nssa translator stab intv seconds no area areaid nssa translator stab intv areaid Valid OSPF area identifier seconds Translator stability interval of the NSSA Range 0 3600 seconds Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines...

Page 1245: ...tes reachable within the NSSA The range is advertised as a type 5 external LSA Use the no form of the command to remove the summary prefix configuration for routes learned in the specified area Syntax area area id range ipv6 prefix prefix length summarylink nssaexternallink advertise not advertise no area area id range ipv6 prefix prefix length summarylink nssaexternallink Parameter Description De...

Page 1246: ...a has not been previously created this command creates the area and then applies the stub distinction A stub area is characterized by the fact that AS External LSAs are not propagated into the area Removing AS External LSAs and Summary LSAs can significantly reduce the size of the link state database of routers within the stub area Syntax area area id stub no summary no area area id stub no summar...

Page 1247: ... no summary command in Router OSPFv3 Configuration mode disable the import of Summary LSAs for the stub area identified by area id Syntax area area id stub no summary no area area id stub no summary area id Valid OSPFv3 area identifier so summary Disable the import of Summary LSAs for the stub area identified by area id Default Configuration This command has no default configuration Command Mode R...

Page 1248: ...mit interval seconds transmit delay seconds dead interval seconds no area area id virtual link router id id hello interval retransmit interval transmit delay dead interval Parameter Description area id Valid OSPFv3 area identifier or decimal value in the range of 0 4294967295 router id Identifies the Router ID or valid IP address of the neighbor hello interval seconds Number of seconds to wait bef...

Page 1249: ...rval a hello interval of 20 seconds a retransmit interval of 20 seconds and a 20 second transmit delay for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 dead interval 20 hello interval 20 retransmit interval 20 transmit delay 20 Parameter Default area id No area ID is predefined rou...

Page 1250: ... Range 1 65535 Default Configuration 40 is the default value for seconds Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures a 20 second dead interval for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual li...

Page 1251: ...rval of 20 seconds for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 hello interval 20 area virtual link retransmit interval Use the area virtual link retransmit interval command in Router OSPFv3 Configuration mode to configure the retransmit interval for the OSPF virtual interface ...

Page 1252: ... ipv6 router ospf config rtr area 1 virtual link 2 retransmit interval 20 area virtual link transmit delay Use the area virtual link transmit delay command in Router OSPFv3 Configuration mode to configure the transmit delay for the OSPF virtual interface on the virtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor transmit delay seconds no area areaid virtual...

Page 1253: ...SPFv3 Configuration Use the default information originate command in Router OSPFv3 Configuration mode to control the advertisement of default routes Use the no form of the command to return the default route advertisement settings to the default value Syntax default information originate always metric metric value metric type type value no default information originate metric metric type Syntax De...

Page 1254: ...tr default information originate metric 100 metric type 2 default metric Use the default metric command in Router OSPFv3 Configuration mode to set a default for the metric of distributed routes Use the no form of the command to remove the metric from the distributed routes Syntax default metric metric value no default metric metric value The metric or preference value of the default route Range 1 ...

Page 1255: ...ame preference value Use the no form of this command to reset the preference values to the default Syntax distance ospf external inter area intra area distance no distance ospf external inter area intra area distance distance Used to select the best path when there are two or more routes to the same destination from two different routing protocols Range 1 255 Default Configuration The default pref...

Page 1256: ...er guidelines Example The following example enables administrative mode of OSPF in the router active console config ipv6 router ospf console config rtr enable exit overflow interval Use the exit overflow interval command in Router OSPFv3 Configuration mode to configure the exit overflow interval for OSPF It describes the number of seconds after entering Overflow state that a router will wait befor...

Page 1257: ...g rtr exit overflow interval 100 external lsdb limit Use the external lsdb limit command in Router OSPFv3 Configuration mode to configure the external LSDB limit for OSPF If the value is 1 then there is no limit When the number of non default AS external LSAs in a router s link state database reaches the external LSDB limit the router enters overflow state The router never holds more than the exte...

Page 1258: ...ple sets the external LSDB limit at 100 for OSPF console config ipv6 router ospf console config rtr external lsdb limit 100 ipv6 ospf Use the ipv6 ospf command in Interface Configuration mode to enable OSPF on a router interface or loopback interface Syntax ipv6 ospf no ipv6 ospf Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN Tunnel Loopback m...

Page 1259: ...atted as a 4 digit dotted decimal number or a decimal value It uniquely identifies the area to which the interface connects Assigning an area id which does not exist on an interface causes the area to be created with default values Range 0 4294967295 Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This c...

Page 1260: ...ace Range 1 65535 Default Configuration 10 is the default link state metric configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures a cost of 100 console config interface vlan 15 console config if vlan15 ipv6 ospf cost 100 ipv6 ospf dead interval Use the ipv6 ospf dead interval command in Interface Co...

Page 1261: ...Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF dead interval at 100 seconds console config interface vlan 15 console config if vlan15 ipv6 ospf dead interval 100 ipv6 ospf hello interval Use the ipv6 ospf hello interval command in Interface Configuration mode to set the OSPF hello interval for the specified interface Syntax ipv6 ospf h...

Page 1262: ...ction Use the no form of the command to reset mismatch detection to the default value Syntax ipv6 ospf mtu ignore no ipv6 ospf mtu ignore Default Configuration The default state is Disabled Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface...

Page 1263: ...broadcast point to point The network type is point to point Default Configuration The default state is point to point Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines Normally the network type is determined from the physical IP network type By default all Ethernet networks are OSPF type broadcast Similarly tunnel interfaces default to point to point When an Ethernet p...

Page 1264: ... default value Syntax ipv6 ospf priority number value no ipv6 ospf priority number value Specifies the OSPF priority for the specified router interface Range 0 255 A value of 0 indicates that the router is not eligible to become the designated router on this network Default Configuration 1 the highest router priority is the default value Command Mode Interface Configuration VLAN Tunnel Loopback mo...

Page 1265: ...ing database description and link state request packets Range 0 to 3600 seconds Default Configuration 5 seconds is the default value Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF retransmit interval at 100 seconds console config interface vlan 15 console config if vlan15 ipv6 ospf retra...

Page 1266: ...User Guidelines This command has no user guidelines Example The following example sets the OSPF Transmit Delay at 100 seconds for VLAN 15 console config interface vlan 15 console config if vlan15 ipv6 ospf transmit delay 100 ipv6 router ospf Use the ipv6 router ospf command in Global Configuration mode to enter Router OSPFv3 Configuration mode Syntax ipv6 router ospf Default Configuration This com...

Page 1267: ... paths maxpaths Number of paths that can be reported Range 1 2 Default Configuration 2 is the default value for maxpaths Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example sets the number of paths that OSPF can report for a destination to 1 console config ipv6 router ospf console config rtr maximum paths 1 nsf Use this co...

Page 1268: ...unit takes over management unit responsibility When OSPF executes a graceful restart it informs its neighbors that the OSPF control plane is restarting but that it will be back shortly Helpful neighbors continue to advertise to the rest of the network that they have full adjacencies with the restarting router avoiding announcement of a topology change and everything that goes with that i e floodin...

Page 1269: ...ndant control processor are considered unplanned restarts nsf ietf helper disable is functionally equivalent to no nsf helper and is supported solely for IS CLI compatibility nsf helper strict lsa checking Use the nsf helper strict lsa checking command to require that an OSPF helpful neighbor exit helper mode whenever a topology change occurs Use the no form of this command to allow OSPF to contin...

Page 1270: ...down with the restarting router to be a topology change regardless of the strict LSA checking configuration nsf restart interval Use the nsf restart interval command to configure the length of the grace period on the restarting router Use the no form of this command to revert the grace period to its default Syntax nsf ietf restart interval seconds no nsf ietf restart interval ietf This keyword is ...

Page 1271: ...rrides the global passive mode that is currently effective on the interface or tunnel Use the no form of this command to set the interface or tunnel as non passive Syntax passive interface vlan vlan id tunnel tunnel id no passive interface vlan vlan id tunnel tunnel id vlan id The vlan number tunnel id Tunnel identifier Range 0 7 Default Configuration Passive interface mode is disabled by default ...

Page 1272: ...face default Default Configuration Global passive mode is disabled by default Command Mode Router OSPFv3 Configuration mode User Guidelines There are no user guidelines for this command Example console config rtr passive interface default redistribute Use the redistribute command in Router OSPFv3 Configuration mode to configure the OSPFv3 protocol to allow redistribution of routes from the specifi...

Page 1273: ...es from the specified source protocol routers console config ipv6 router ospf console config rtr redistribute connected router id Use the router id command in Router OSPFv3 Configuration mode to set a 4 digit dotted decimal number uniquely identifying the Router OSPF ID Syntax router id router id router id Router OSPF identifier Range 0 4294967295 Default Configuration This command has no default ...

Page 1274: ...is command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines Some of the information below displays only if you enable OSPF and configure certain features The following fields may be displayed Field Description Router ID A 32 bit integer in dotted decimal format identifying the router about which information is displayed T...

Page 1275: ...en this option is configured OSPF only originates a default route when the router has learned a default route from another source Metric Shows the metric for the advertised default routes If the metric is not configured this field is not configured Metric Type Shows whether the metric for the default route is advertised as External Type 1 or External Type 2 Number of Active Areas The number of OSP...

Page 1276: ... state database New LSAs Originated Shows the number of link state advertisements that have been originated LSAs Received Shows the number of link state advertisements received determined to be new instantiations LSA Count The number of LSAs in the link state database MaximumNumber of LSAs The limit on the number of LSAs that the router can store in its link state database LSA High Water Mark The ...

Page 1277: ...Completed Timed out Topology change and Manual clear NSF Helper Support Whether this router is configured to act as a graceful restart helpful neighbor Possible values are Helper Support Always Disabled or Planned NSF Helper Strict LSA Checking As a graceful restart helpful neighbor whether to terminate the helper relationship if a topology change occurs during a neighbor s graceful restart Redist...

Page 1278: ...r Support Always NSF Helper Strict LSA Checking Enabled show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers ABR This command takes no options Syntax show ipv6 ospf abr Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Exampl...

Page 1279: ...ntifier for the OSPF area being displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays information about area 1 console show ipv6 ospf area 1 AreaID 0 0 0 1 External Routing Import External LSAs Spf Runs 0 Area Border R...

Page 1280: ... mode and all Config sub modes User Guidelines This command has no user guidelines Example console show ipv6 ospf asbr Type Router Id Cost Area ID Next Hop Next Hop Intf INTRA 1 1 1 1 10 0 0 0 1 FE80 213 C4FF FEDB 6C41 vlan10 INTRA 4 4 4 4 10 0 0 0 1 FE80 210 18FF FE82 8E1 vlan12 show ipv6 ospf border routers Use the show ipv6 ospf command to display internal OSPFv3 routes to reach Area Border Rou...

Page 1281: ...rnal inter area prefix router link network nssaexternal prefix router unknown area as link link state id adv router router id self originate area id Identifies a specific OSPF area for which link state database information will be displayed external Displays the external LSAs inter area Displays the inter area LSAs link Displays the link LSAs network Displays the network LSAs nssa external Display...

Page 1282: ...sole show ipv6 ospf database Router Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 4 80000034 54BD V6E R B 2 2 2 2 0 2 80000044 95A5 V6E R B Network Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 2 2 2 2 636 636 80000001 8B0D V6E R Inter Network States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 1...

Page 1283: ...000004D 9126 Router Link States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 1 8000002E 35AD V6E R V B 2 2 2 2 0 0 8000004A D2F3 V6E R B Network Link States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 634 621 80000001 B9E2 V6E R Inter Network States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 16 4 80000001 C...

Page 1284: ...in Privileged EXEC mode to display the number of each type of LSA in the database and the total number of LSAs in the database Syntax show ipv6 ospf database database summary Syntax Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines Thi...

Page 1285: ...0 Link Unknown 0 Area Unknown 0 AS Unknown 0 Type 5 Ext 0 Self Originated Type 5 Ext 0 Total 0 show ipv6 ospf interface Use the show ipv6 ospf interface command in Privileged EXEC mode to display the information for the IFO object or virtual interface tables Syntax show ipv6 ospf interface interface type interface number Syntax Description Parameter Description interface type The interface type VL...

Page 1286: ...ace tables console show ipv6 ospf interface vlan 11 IP Address Err ifIndex 1 OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 10 computed OSPF Mtu ignore Disable OSPF cannot be initialized on this interface interface number The valid interface num...

Page 1287: ...ub modes User Guidelines This command has no user guidelines Example The following example displays brief ospf interface information console show ipv6 ospf interface brief Hello Dead Retrax LSA Admin Router Int Int Int Retrax Ack Interface Mode Area ID Prior Cost Val Val Val Delay Intval show ipv6 ospf interface stats Use the show ipv6 ospf interface stats command in User EXEC mode to display the ...

Page 1288: ... show ipv6 ospf interface stats vlan 5 OSPFv3 Area ID 0 0 0 1 Spf Runs 265 Area Border Router Count 1 AS Border Router Count 0 Area LSA Count 6 IPv6 Address FE80 202 BCFF FE00 3146 1283FFE 2 64 OSPF Interface Events 53 Virtual Events 13 Neighbor Events 6 External LSA Count 0 LSAs Received 660 Originate New LSAs 853 Sent Packets 1013 Received Packets 893 Discards 48 Bad Version 0 Virtual Link Not F...

Page 1289: ... information for a specific vlan Syntax show ipv6 ospf interface vlan vlan id brief vlan id Valid VLAN ID Range is 1 4093 brief Displays a snapshot of configured interfaces Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays o...

Page 1290: ...1 Backup Designated Router 2 2 2 2 Number of Link Events 46 show ipv6 ospf neighbor Use the show ipv6 ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors If a neighbor IP address is not specified the output displays summary information in a table If an interface or tunnel is specified only the information for that interface or tunnel displays The information b...

Page 1291: ... in the second in a table specific to tunnel 1 console show ipv6 ospf neighbor Router ID Priority Intf Interface State Dead ID Time console show ipv6 ospf neighbor interface tunnel 1 IP Address Err ifIndex 619 OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Parameter Description interface type Interface type vlan or tunnel interface number A va...

Page 1292: ...t the area ranges for the specified area identifier Syntax show ipv6 ospf range areaid areaid Identifies the OSPF area whose ranges are being displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays information about the ...

Page 1293: ...elines This command has no user guidelines Example The following example displays the OSPF stub table console show ipv6 ospf stub table AreaId TypeofService Metric Val Import SummaryLSA 0 0 0 10 Normal 1 Enable show ipv6 ospf virtual links Use the show ipv6 ospf virtual links command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor or for a...

Page 1294: ...information for area 1 and its neighbor console show ipv6 ospf virtual link 1 1 1 1 1 Area ID 1 Neighbor Router ID 1 1 1 1 Hello Interval 10 Dead Interval 40 Iftransit Delay Interval 1 Retransmit Interval 5 State point to point Metric 10 Neighbor State Full show ipv6 ospf virtual link brief Use the show ipv6 ospf virtual link brief command in Privileged EXEC mode to display the OSPFV3 Virtual Inte...

Page 1295: ... Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the OSPF stub table console config show ipv6 ospf virtual link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay ...

Page 1296: ...1296 OSPFv3 Commands ...

Page 1297: ...t periodic message Router discovery enables hosts to select from among multiple default gateways and switch to a different default gateway if an initially designated gateway goes down Commands in this Chapter This chapter explains the following commands ip irdp Use the ip irdp command in Interface Configuration mode to enable Router Discovery on an interface Use the no form of the command to disab...

Page 1298: ...ed broadcast address holdtime seconds Integer value in seconds of the holdtime field of the router advertisement sent from this interface Range 4 9000 seconds maxadvertinterval seconds Maximum time in seconds allowed between sending router advertisements from the interface Range 4 or the minimum advertisement interval whichever is greater and 1800 seconds minadvertinterval seconds Minimum time in ...

Page 1299: ...ments Use the no form of the command to return the address to the default Syntax ip irdp address ip address no ip irdp address ip address IP address for router discovery advertisements Range 224 0 0 1 all hosts IP multicast address or 255 255 255 255 limited broadcast address Default Configuration IP address 224 0 0 1 is the default configuration Command Mode Interface Configuration VLAN mode User...

Page 1300: ...lue Syntax ip irdp holdtime integer no ip irdp holdtime integer Integer value in seconds of the holdtime field of the router advertisement sent from this interface The holdtime must be no less than the maximum advertisement interval and cannot be greater than 9000 seconds Default Configuration The holdtime defaults to 3 times the maximum advertisement interval Command Mode Interface Configuration ...

Page 1301: ... seconds Default Configuration 600 seconds is the default value Command Mode Interface Configuration VLAN mode User Guidelines The default values of the minimum advertisement interval and the holdtime depend on the value of the maximum advertisement interval Setting the maximum advertisement interval changes the minimum advertisement interval and holdtime if those values are at their defaults so t...

Page 1302: ... the command to set the time to the default value Syntax ip irdp minadvertinterval integer no ip irdp minadvertinterval integer Minimum time in seconds allowed between sending router advertisements from the interface Range 3 to value of maximum advertisement interval in seconds Default Configuration The default value is 0 75 times the maximum advertisement interval Command Mode Interface Configura...

Page 1303: ...ode User Guidelines If a subnet includes any hosts that do not accept IP multicast packets send router advertisements to the limited broadcast address Example The following example configures router discovery to send to the limited broadcast address console config interface vlan 15804 Router Discovery Protocol Commands www d e l l c om s u p p o r t d e l l com console config if vlan15 no ip irdp ...

Page 1304: ...Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets the ip irdp preference to 1000 for VLAN 15 console config interface vlan 15 console config if vlan15 ip irdp preference 1000 show ip irdp Use the show ip irdp command in Privileged EXEC mode to display the router discovery information for all interfaces or for a specified interface Syntax...

Page 1305: ...e and all Config sub modes User Guidelines This command has no user guidelines Example The following example shows router discovery information for VLAN 15 console show ip irdp vlan 15 Interface Ad Mode Advertise Address Max Int Min Int Hold Time Preference vlan15 Enable 224 0 0 1 600 450 1800 0 ...

Page 1306: ...1306 Router Discovery Protocol Commands ...

Page 1307: ...to moderately sized networks whose physical interconnections are of similar type and speed PowerConnect routing supports RIPv2 as specified in RFC 2453 Commands in this Chapter This chapter explains the following commands auto summary Use the auto summary command in Router RIP Configuration mode to enable the RIP auto summarization mode Use the no form of the command to disable auto summarization ...

Page 1308: ...delines Example console config router auto summary default information originate Router RIP Configuration Use the default information originate command in Router RIP Configuration mode to control the advertisement of default routes Syntax default information originate no default information originate Default Configuration The default configuration is no default information originate Command Mode R...

Page 1309: ...ommand in Router RIP Configuration mode to set a default for the metric of distributed routes Use the no form of the command to return the metric to the default value Syntax default metric number value no default metric number value Metric for the distributed routes Range 1 15 Default Configuration Default metric is not configured by default Command Mode Router RIP Configuration mode User Guidelin...

Page 1310: ...1 255 Default Configuration 15 is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example sets the route preference value of RIP in the router at 100 console config router distance rip 100 distribute list out Use the distribute list out command in Router RIP Configuration mode to specify the access list ...

Page 1311: ...kets come from a directly connected route Default Configuration This command has no default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example elects access list ACL40 to filter routes received from the source protocol console config router distribute list ACL40 out static enable Use the enable command in Route...

Page 1312: ...stroutesaccept Use the hostroutesaccept command in Router RIP Configuration mode to enable the RIP hostroutesaccept mode Use the no form of the command to disable the RIP hostroutesaccept mode Syntax hostroutesaccept no hostroutesaccept Default Configuration Enabled is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example c...

Page 1313: ...ion VLAN mode User Guidelines This command has no user guidelines Example console config if vlan2 ip rip console config if vlan2 no ip rip ip rip authentication Use the ip rip authentication command in Interface Configuration Mode to set the RIP Version 2 Authentication Type and Key for the specified VLAN Use the no form of the command to return the authentication to the default value Syntax ip ri...

Page 1314: ...e sets the RIP Version 2 Authentication Type and Key for VLAN 11 console config if vlan11 ip rip authentication encrypt pass123 35 ip rip receive version Use the ip rip receive version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version s to be received Use the no form of the command to return the version to the default value Syn...

Page 1315: ... version command in Interface Configuration mode to configure the interface to allow RIP control packets of the specified version to be sent Use the no form of the command to return the version to the default value Syntax ip rip send version rip1 rip1c rip2 none no ip rip send version rip1 Send RIP version 1 formatted packets rip1c Send RIP version 1 compatibility mode which sends RIP version 2 fo...

Page 1316: ...edistribute ospf redistribute static connected metric integer metric integer Specifies the metric to use when redistributing the route Range 0 15 match internal Adds internal matches to any match types presently being redistributed match external 1 Adds routes imported into OSPF as Type 1 external routes into any match types presently being redistributed match external 2 Adds routes imported into ...

Page 1317: ...es Example console config router redistribute ospf metric 10 match nssa external 1 console config router redistribute connected metric 1 router rip Use the router rip command in Global Configuration mode to enter Router RIP mode Syntax router rip Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guideline...

Page 1318: ...o default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays information relevant to the RIP router console show ip rip RIP Admin Mode Enable Split Horizon Mode Simple Auto Summary Mode Enable Host Routes Accept Mode Enable Global route changes 0 Global queries 0 Default Met...

Page 1319: ...ay information related to a particular RIP interface Syntax show ip rip interface vlan vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays information related to the VLAN 15 RIP interface console ...

Page 1320: ...ce brief Use the show ip rip interface brief command in Privileged EXEC mode to display general information for each RIP interface For this command to display successful results routing must be enabled per interface i e ip rip Syntax show ip rip interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes Use...

Page 1321: ...on mode to set the RIP split horizon mode Use the no form of the command to return the mode to the default value Syntax split horizon none simple poison no split horizon none RIP does not use split horizon to avoid routing loops simple RIP uses split horizon to avoid routing loops poison RIP uses split horizon with poison reverse increases routing packet update size Default Configuration Simple is...

Page 1322: ...1322 Routing Information Protocol Commands console config router split horizon none ...

Page 1323: ...o the number of tunnel interfaces available to the entire system To support IPv4 to IPv6 transition PowerConnect supports configured tunnels RFC 4213 and automatic 6to4 tunnels RFC 3056 6to4 tunnels are automatically formed for IPv4 tunnels carrying IPv6 traffic The automatic tunnels IPv4 destination address is derived from the 6to4 IPv6 address of the tunnel s next hop PowerConnect can act as a 6...

Page 1324: ...guration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the interface configuration mode for tunnel 1 console config interface tunnel 1 console config if tunnel1 show interfaces tunnel Use the show interfaces tunnel command in Privileged EXEC mode to display the parameters related to tunnel such as tunnel mode tunnel...

Page 1325: ...ow interfaces tunnel 1 Interface Link Status down MTU size 1480 bytes console show interfaces tunnel TunnelId Interface TunnelMode SourceAddress DestinationAddress 1 tunnel 1 IPv6OVER4 10 254 25 14 10 254 25 10 2 tunnel 2 IPv6OVER4 10 254 20 10 tunnel destination Use the tunnel destination command in Interface Configuration mode to specify the destination transport address of the tunnel Syntax tun...

Page 1326: ...estination 10 1 1 1 tunnel mode ipv6ip Use the tunnel mode ipv6ip command in Interface Configuration mode to specify the mode of the tunnel Syntax tunnel mode ipv6ip 6to4 no tunnel mode 6to4 Sets the tunnel mode to automatic Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guidelines Example Th...

Page 1327: ... interface number no tunnel source Syntax Description Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guidelines Example The following example specifies VLAN 11 as the source transport address of the tunnel console config interface tunnel 1 console config if tunnel1 tunnel source vlan 11 Param...

Page 1328: ...1328 Tunnel Interface Commands ...

Page 1329: ... and starts handling traffic sent to the address This change is transparent to end stations VRRP increases the availability of the default path without requiring configuration of dynamic routing or router discovery protocols on every end station Multiple virtual routers can be defined on a single router interface Pingable VRRP Interface RFC 3768 specifies that a router may only accept IP packets s...

Page 1330: ...onds to ICMP Echo Requests When Echo Replies are disabled using that option the VRRP master does not respond to Echo Requests even if this new option is enabled VRRP Route Interface Tracking The VRRP Route Interface Tracking feature extends the capability of the Virtual Router Redundancy Protocol VRRP to allow tracking of specific route interface IP states within the router that can alter the prio...

Page 1331: ...ble entry exists for the route and the route is accessible For route tracking make VRRP a best route client of RTO When a tracked route is added or deleted change the priority For simplicity routes are not distinguished with the next hop interface that has VRRP enabled So VRRP Route Tracking can ignore route modifications Commands in this Chapter This chapter explains the following commands Virtua...

Page 1332: ...tion VRRP is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables VRRP protocol on the router console config ip vrrp vrrp accept mode Use the vrrp accept mode command in Interface VLAN Configuration mode to enable the VRRP Master to accept ping packets sent to one of the virtual router s IP addresses fr...

Page 1333: ...de to set the authentication details value for the virtual router configured on a specified interface Use the no form of the command to return the authentication type to the default value Syntax vrrp group authentication none simple key no vrrp group authentication Syntax Description Default Configuration None is the default configuration Parameter Description group The virtual router identifier R...

Page 1334: ...e test123 vrrp description Use the vrrp description command in Interface Configuration mode to assign a description to the Virtual Router Redundancy Protocol VRRP group To remove the description use the no form of the command Syntax vrrp group description text no vrrp group description Syntax Description Default Configuration No description is present Command Mode Interface Configuration VLAN mode...

Page 1335: ...ation mode to enable VRRP and set the virtual router IP address value for an interface Use the no form of the command remove the secondary IP address It is not possible to remove the primary IP address once assigned Remove the VRRP group instead Syntax vrrp group ip ip address secondary no vrrp group ip ip address vlan secondary Syntax Description Default Configuration VRRP is not configured on th...

Page 1336: ... address on the selected interface 6 Enable VRRP on the interface using the vrrp mode command Example The following example configures VRRP on VLAN 15 console configure console config ip routing console config ip vrrp console config vlan database console config vlan vlan 15 console config vlan vlan routing 15 console config vlan exit console config interface vlan 15 console config if vlan15 ip add...

Page 1337: ... The following example enables the virtual router for VLAN 15 console config interface vlan 15 console config if vlan15 vrrp 5 mode vrrp preempt Use the vrrp preempt command in Interface Configuration mode to set the preemption mode value for the virtual router configured on a specified interface Use the no form of the command to disable preemption mode Syntax vrrp group preempt delay seconds no v...

Page 1338: ...e specified number of seconds before issuing an advertisement claiming master ownership Example The following example sets the preemption mode value for the virtual router for VLAN 15 console config interface vlan 15 console config if vlan15 vrrp 5 preempt vrrp priority Use the vrrp priority command in Interface Configuration mode to set the priority value for the virtual router configured on a sp...

Page 1339: ...value cannot be changed Example The following example sets the priority value for the virtual router 5 on VLAN 15 console config if vlan15 vrrp 5 priority 20 vrrp timers advertise Use the vrrp timers advertise command in Interface Configuration mode to set the frequency in seconds that an interface on the specified virtual router sends a virtual router advertisement Use the no form of the command ...

Page 1340: ...earn command in Interface Configuration mode to configure the router when it is acting as backup virtual router for a Virtual Router Redundancy Protocol VRRP group to learn the advertisement interval used by the master virtual router Use the no form of the command to prevent the router from learning the advertisement interval from the master virtual router Syntax vrrp group timers learn no vrrp gr...

Page 1341: ...the priority argument When the interface is up for the IP protocol the priority will be incremented by the priority value A VRRP configured interface can track more than one interface When a tracked interface goes down then the priority of the router will be decreased by 10 default priority decrement for each downed interface The default priority decrement is changed using the priority argument Th...

Page 1342: ...ity When the tracked route is deleted the priority of the VRRP router is decremented by the value specified in the priority argument When the tracked route is added the priority is incremented by the same A VRRP configured interface can track more than one route When a tracked route goes down the priority of the router is decreased by 10 default priority decrement for each downed route By default ...

Page 1343: ...fix length Parameter Description Default Configuration There are no routes tracked by default The default decrement priority is 10 Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example The following example adds the route 2 2 2 0 24 to the virtual router tracked list with a priority decrement value of 20 console config if vlan10 vrrp 1...

Page 1344: ...Configuration Show information on all VRRP groups Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays detailed VRRP status console show vrrp Admin Mode Enable Router Checksum Errors 0 Router Version Errors 0 Router VRID Errors 0 Vlan 7 Group 1 Parameter Description group The virt...

Page 1345: ...nitialized Timers Learn Mode Enable Description Track Interface vlan 3 Track Interface State Down Track Interface DecrementPriority 20 Track Route pfx len 10 10 10 0 24 Track Route Reachable False Track Route DecrementPriority 20 Vlan 7 Group 2 Primary IP Address 192 168 5 65 VMAC Address 0000 5E00 0202 Authentication Type None Priority 60 Configured Priority 100 Advertisement Interval secs 10 Acc...

Page 1346: ...how vrrp interface Use the show vrrp interface command in User EXEC or Privileged EXEC mode to display all configuration information and VRRP router statistics of a virtual router configured on a specific interface Syntax show vrrp interface brief vlan vlan id stats Syntax Description Parameter Description brief Display summary information about each virtual router configured on the switch stats D...

Page 1347: ...virtual router console show vrrp interface vlan 7 Vlan 7 Group 1 Primary IP Address 192 168 5 55 VMAC Address 0000 5E00 0101 Authentication Type None Priority 100 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Disable Pre empt Mode Enable Pre empt Delay 0 Administrative Mode Enable State Initialized Timers Learn Mode Disable Description GoodStuff The following example displays ...

Page 1348: ... 0 Advertisement Received 0 Advertisement Interval Errors 0 Authentication Failure 0 IP TTL Errors 0 Zero Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 show vrrp interface brief Use the show vrrp interface brief command in Privileged EXEC mode to disp...

Page 1349: ...ow vrrp interface brief Interface VRID IP Address Mode State vlan1 2 0 0 0 0 Disable Initialize vlan2 5 192 168 5 55 Enable Initialize show vrrp interface stats Use the show vrrp interface stats command in User EXEC mode to display the statistical information about each virtual router configured on the switch Syntax show vrrp interface stats vlan vlan id vr id vlan id Valid VLAN ID vr id The virtu...

Page 1350: ...ertisement Interval Errors 0 Authentication Failure 0 IP TTL Errors 0 Zero Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 Pingable VRRP Commands ip vrrp accept mode Use the ip vrrp accept mode command in Interface VLAN Configuration mode to enable the ...

Page 1351: ...vrrp interface Use the show ip vrrp interface command in User EXEC or Privileged EXEC mode to display the configured value for Accept Mode Syntax show ip vrrp interface interface id vrid Syntax Description Default Configuration The command has no default configuration Command Mode User EXEC Privileged EXEC mode Config mode and all Config sub modes Parameter Description interface id Any valid routi...

Page 1352: ...y IP Address 10 10 10 1 VMAC Address 00 00 5E 00 01 01 Authentication Type None Priority 100 Configured Priority 100 Advertisement Interval secs 1 Pre empt Mode Enable Administrative Mode Disable Accept Mode Enable State Initialized Track Interface State Decrement Priority No interfaces are tracked for this vrid and interface combination Track Route pfx len Reachable Decrement Priority No routes a...

Page 1353: ...Packet Commands Terminal Length Commands CLI Macro Commands Mode Commands Sflow Commands Time Ranges Commands Clock Commands Password Management Commands SNMP Commands USB Flash Drive Commands Command Line Configuration Scripting Commands PHY Diagnostics Commands SSH Commands User Interface Commands Configuration and Image File Commands Power Over Ethernet Commands Syslog Commands Web Server Comma...

Page 1354: ...1354 Utility Commands ...

Page 1355: ...ble on Dell PowerConnect devices as per the specification listed below Auto Install features in this release include 1 Support download of image from TFTP server using DHCP option 125 The image update can result in a downgrade or upgrade of the firmware on the switch or stack of switches 2 Support for automatic download of a configuration file from a TFTP server when the device is booted with no s...

Page 1356: ...y sw command in Privileged EXEC mode to enable or disable Stack Firmware Synchronization Use the no form of the command to disable Stack Firmware Synchronization Syntax boot auto copy sw no boot auto copy sw Parameter Description This command does not require a parameter description Default Configuration Stack firmware synchronization is disabled by default boot auto copy sw boot auto copy sw allo...

Page 1357: ...on the stack member if the firmware version on the manager is older than the firmware version on the member Use the no form of the command to disable downgrading the image Syntax boot auto copy sw allow downgrade no boot auto copy sw allow downgrade Parameter Description This command does not require a parameter description Default Configuration The default value is Enable Command Mode Global Conf...

Page 1358: ...aded Syntax boot host autoreboot no boot host autoreboot Parameter Description This command does not require a parameter description Default Configuration The default value is enabled Command Mode Global Configuration mode User Guidelines The configuration on the master switch controls the stack as if it is a single switch No configuration steps need to be taken on the member switches to enable re...

Page 1359: ...eter Description This command does not require a parameter description Default Configuration The default value is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console console configure console config boot host auto save console config no boot host auto save boot host dhcp Use the boot host dhcp command in Global Configuration mode to e...

Page 1360: ...en minutes Syntax boot host dhcp no boot host dhcp Parameter Description This command does not require a parameter description Default Configuration The default value is Enabled Command Mode Global Configuration User Guidelines This command has no user guidelines Example console console configure console config boot host dhcp console config no boot host dhcp boot host retrycount The boot host retr...

Page 1361: ...ommand Mode Global Configuration mode User Guidelines This command has no user guidelines Example console console configure console config boot host retrycount 5 console config no boot host retrycount show auto copy sw Use the show auto copy sw command in Privileged EXEC mode to display Stack Firmware Synchronization configuration status Syntax show auto copy sw Parameter Description This command ...

Page 1362: ...e synchronization status Example console show auto copy sw Stack Firmware Synchronization Synchronization Enabled SNMP Trap status Enabled Allow Downgrade Enabled show boot Use the show boot command in Privileged EXEC mode to display the auto install configuration and the status Syntax show boot Parameter Description This command does not require a parameter description Default Configuration This ...

Page 1363: ...C Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show boot AutoInstall Mode Started AutoSave Mode Enabled AutoReboot Mode Enabled AutoInstall Retry Count 3 AutoInstall State Waiting for boot options ...

Page 1364: ...1364 Auto Install Commands ...

Page 1365: ...ed to use an optional HTTP port in support of HTTP Proxy networks or an optional HTTPS port If configured this additional port or ports are then used exclusively by Captive Portal NOTE This optional HTTP port is in addition to the standard HTTP port 80 which is currently being used for all other web traffic and the optional HTTPS port is in addition to the standard HTTPS port 443 used for secure w...

Page 1366: ...e client status show captive portal client status show captive portal interface configuration status show captive portal configuration client status clear captive portal users user logout no user user name show captive portal user user password user group user session timeout show captive portal configuration show captive portal configuration locales show captive portal configuration interface sho...

Page 1367: ...this command to reset the authentication timeout to the default Syntax authentication timeout timeout no authentication timeout timeout The authentication timeout Range 60 600 seconds Default Configuration The default authentication timeout is 300 seconds Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP authentic...

Page 1368: ...elines for this command Example console config captive portal console config CP enable Use the enable command to globally enable captive portal Use the no form of this command to globally disable captive portal Syntax enable no enable Default Configuration Captive Portal is disabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this comm...

Page 1369: ...port number to monitor Range 1 65535 Default Configuration Captive portal only monitors port 80 by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP http port 81 console config CP no http port https port Use the https port command to configure an additional HTTPS port for captive portal to monitor Use the ...

Page 1370: ...r guidelines for this command Example console config CP https port 1443 console config CP no https port show captive portal Use the show captive portal command to display the status of the captive portal feature Syntax show captive portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines T...

Page 1371: ...d to report the status of all captive portal instances in the system Syntax show captive portal status Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show captive portal status Additional HTTP Port 81 Additional HTTP Secure P...

Page 1372: ...The commands in this section are related to captive portal configurations block Use the block command to block all traffic for a captive portal configuration Use the no form of this command to unblock traffic Syntax block no block Default Configuration Traffic is not blocked by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example c...

Page 1373: ...The default configuration 1 cannot be deleted Syntax configuration cp id no configuration cp id cp id Captive Portal ID Range 1 10 Default Configuration Configuration 1 is enabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP configuration 2 console config CP 2 enable Use the enable command to enabl...

Page 1374: ...ration If a group number is configured the user entry Local or RADIUS must be configured with the same name and the group to authenticate to this captive portal instance Use the no form of this command to reset the group number to the default Syntax group group number no group group number The number of the group to associate with this configuration Range 1 10 Default Configuration The default gro...

Page 1375: ...rfaces are associated with a configuration by default Command Mode Captive Portal Instance Config mode User Guidelines There are no user guidelines for this command Example console config CP 2 interface 1 0 2 locale The locale command is not intended to be a user command The administrator must use the Web UI to create and customize captive portal web content This command is primarily used by the s...

Page 1376: ...e name command to configure the name for a captive portal configuration Use the no form of this command to remove a configuration name Syntax name cp name no name cp name CP configuration name Range 1 32 characters Default Configuration Configuration 1 has the name Default by default All other configurations have no name by default Command Mode Captive Portal Instance mode User Guidelines There ar...

Page 1377: ...d Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 protocol http redirect Use the redirect command to enable the redirect mode for a captive portal configuration Use the no form of this command to disable redirect mode Syntax redirect no redirect Default Configuration Redirect mode is disabled by default Command Mode Captiv...

Page 1378: ...rection Range 1 512 characters Default Configuration There is no redirect URL configured by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 redirect url www dell com session timeout Use the session timeout command to configure the session timeout for a captive portal configuration Use the no form of this co...

Page 1379: ...n timeout 86400 console config CP 2 no session timeout verification Use the verification command to configure the verification mode for a captive portal configuration Syntax verification guest local radius guest Allows access for unauthenticated users users that do not have assigned user names and passwords local Authenticates users against a local user database radius Authenticates users against ...

Page 1380: ...portal client Syntax captive portal client deauthenticate macaddr macaddr Client MAC address Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console captive portal client deauthenticate 0002 BC00 1290 show captive portal client status Use the show captive portal client s...

Page 1381: ...4 96 47 https Local 0d 00 01 20 0002 BC00 1291 10 254 96 48 https Local 0d 00 05 20 0002 BC00 1292 10 254 96 49 https Radius 0d 00 00 20 console show captive portal client 0002 BC00 1290 status Client MAC Address 0002 BC00 1290 Client IP Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User...

Page 1382: ...s Interface 1 cp1 0002 BC00 1290 10 254 96 47 1 0 1 0002 BC00 1291 10 254 96 48 1 0 2 2 cp2 0002 BC00 1292 10 254 96 49 1 0 3 3 cp3 0002 BC00 1293 10 254 96 50 1 0 4 console show captive portal configuration 1 client status CP ID 1 CP Name cp1 Client Client MAC Address IP Address Interface Interface Description 0002 BC00 1290 10 254 96 47 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96...

Page 1383: ... interface client status Client Client Intf Intf Description MAC Address IP Address 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1290 10 254 96 47 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit 0002 BC00 1292 10 254 96 49 1 0 3 Unit 1 Slot 0 Port 3 Gigabit 0002 BC00 1293 10 254 96 50 console show captive portal interface 1 0 1 client status Interface 1 0 1 Interface Description Uni...

Page 1384: ...tus cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show captive portal interface configuration status CP ID CP Name Interface Interface Description Type 1 Default 1 0 1 Unit 1 Slot 0 Port 1 Gigabit Phy...

Page 1385: ...is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear captive portal users no user Use the no user command to delete a user from the local user database If the user has an existing session it is disconnected Syntax no user user id user id User ID Range 1 128 Default Configuration There is n...

Page 1386: ... a specific user in the captive portal local user database Syntax show captive portal user user id user id User ID Range 1 128 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show captive portal user Session User ID User Name ...

Page 1387: ... a captive portal user Use the no form of this command to disassociate a group and user A user must be associated with at least one group so the last group cannot be disassociated Syntax user user id group group id user id User ID Range 1 128 group id Group ID Range 1 10 Default Configuration A user is associated with group 1 by default Command Mode Captive Portal Configuration mode User Guideline...

Page 1388: ...Syntax user logout no user logout Parameter Description This command does not require a parameter description Default Configuration User logout is disabled by default Command Mode Captive portal Instance mode User Guidelines There are no user guidelines for this command Example In this example all classes of entries in the mac address table are displayed console config captive portal console confi...

Page 1389: ...me for a user by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines Example console config CP user 1 name johnsmith user password Use the user password command to create a local user or change the password for an existing user Syntax user user id password password encrypted enc password user id User ID Range 1 128 password User password Range 8 64 c...

Page 1390: ... user session timeout Use the user session timeout command to set the session timeout value for a captive portal user Use the no form of this command to reset the session timeout to the default Syntax user user id session timeout timeout no user user id session timeout user id User ID Range 1 128 timeout Session timeout 0 indicates use global configuration Range 0 86400 seconds Default Configurati...

Page 1391: ...display the operational status of each captive portal configuration Syntax show captive portal configuration cp id cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 CP ...

Page 1392: ...gigabitethernet unit slot port tengigabitethernet unit slot port cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 interface CP ID 1 CP Name cp1 Operational Block Inter...

Page 1393: ...aptive portal configuration cp id locales cp id Captive Portal Configuration ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 locales Locale Code en show captive portal configuration statu...

Page 1394: ...Guidelines There are no user guidelines for this command Example console show captive portal configuration status CP ID CP Name Mode Protocol Verification 1 cp1 Enable https Guest 2 cp2 Enable http Local 3 cp3 Disable https Guest console show captive portal configuration 1 status CP ID 1 CP Name cp1 Mode Enabled Protocol Mode https Verification Mode Guest Group Name group123 Redirect URL Mode Enab...

Page 1395: ...d group id Group ID Range 1 10 Default Configuration User group 1 is created by default and cannot be deleted Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user group 2 console config CP no user group 2 user group moveusers Use the user group moveusers command to move a group s users to a different group Synta...

Page 1396: ...e console config CP user group 2 moveusers 3 user group name Use the user group name command to configure a group name Syntax user group group id name name group id Group ID Range 1 10 name Group name Range 1 32 characters Default Configuration User groups have no names by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example c...

Page 1397: ...cros which cannot be changed or deleted User Defined Macros or Custom Macros the macros which allow the operator to bundle some pre requisites or global configurations as a macro and then apply them to one or more interfaces at a time which can then be copied or used by other switches Up to 50 user defined macros are supported The software includes 6 built in macros profile global the global confi...

Page 1398: ...no form of the command to delete a macro Syntax macro name name no macro name name Parameter Description Default Configuration The following macros are defined by default and may not be deleted or altered macro name macro apply macro global apply macro trace macro global trace macro description macro global description show parser macro Parameter Description name The name of the macro A macro name...

Page 1399: ...n the macro is applied Macros may be applied to a specific interface a range of interfaces or to the global configuration Up to 50 user defined macros may be configured macro global apply Use the macro global apply command in Global Configuration mode to apply a macro Syntax macro global apply macro name parameter value parameter value parameter value Macro Default Definition default global profil...

Page 1400: ...The trace command will display each line of the macro as it is executed and list any errors encountered Syntax macro global trace macro name parameter value parameter value parameter value Parameter Description Parameter Description macro name The name of the macro parameter The name of the parameter recognized by the macro The parameter must begin with a dollar sign value The string to be substit...

Page 1401: ...ion information by default macro global description Use the macro global description command in Global Configuration mode to append a line to the global macro description Use the no form of the command to clear the description Syntax macro global description line Parameter Description Default Configuration There is no description by default value The string to be substituted within the macro for t...

Page 1402: ... macro apply macro name parameter value parameter value parameter value Parameter Description Default Configuration No parameters are substituted unless supplied on the command line Command Mode Interface Configuration mode User Guidelines Commands applied are additive in nature That is they do not remove existing configuration information by default Parameter Description macro name The name of th...

Page 1403: ...ters are substituted unless supplied on the command line Command Mode Interface Configuration mode User Guidelines The line number of the first error encountered is printed The script is aborted after the first error Commands applied are additive in nature That is they do not remove existing configuration information by default Parameter Description macro name The name of the macro parameter The n...

Page 1404: ...ode User Guidelines This command is intended to give the administrator an easy way to remember which macros have been applied to an interface All text up to the new line is included in the description The line is appended to the interface description show parser macro Use the show parser macro command in Privileged EXEC mode to display information about defined macros Syntax show parser macro brie...

Page 1405: ...fig mode and all Config sub modes User Guidelines There are no user guidelines for this command Parameter Description brief Shows the list of defined macros and their type description Shows the macro descriptions name Shows an individual macro including its contents macro The name of the macro to display interface id The interface for which to show the macro description ...

Page 1406: ...1406 CLI Macro Commands ...

Page 1407: ...te as either a client or a server To an NTP or SNTP server NTP and SNTP clients are indistinguishable Likewise to an NTP or SNTP client NTP and SNTP servers are indistinguishable Furthermore any version of NTP is compatible with any other version of NTP PowerConnect SNTP implements the client side of SNTP Support for IPv6 address configuration is provided to the existing SNTP client The end user c...

Page 1408: ...mple Network Time Protocol SNTP Syntax show sntp configuration Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines show sntp configuration sntp trusted key show sntp server sntp unicast client enable show sntp status clock timezone hours offset sntp authenticate no...

Page 1409: ...No trusted keys Unicast clients Disable Unicast servers Server Key Polling Priority 10 27 128 21 Disabled Enabled 1 show sntp server Use the show sntp server command in Privileged EXEC mode to display the pre configured SNTP servers The configured servers can be either IPv4 or IPv6 format Syntax show sntp server Parameter Description This command does not require a parameter description Default Co...

Page 1410: ... 2001 01 Server Type IPv6 Server Stratum 2 Server Reference Id NTP Srv 158 108 96 32 Server Mode Server Server Maximum Entries 3 Server Current Entries 2 SNTP Servers Host Address 2001 01 Address Type IPv6 Priority 1 Version 4 Port 123 Last Update Time Dec 22 11 10 00 2009 Last Attempt Time Dec 22 11 10 00 2009 Last Update Status Success Total Unicast Requests 955 Failed Unicast Requests 1 ...

Page 1411: ...nicast Requests 157 Failed Unicast Requests 2 show sntp status Use the show sntp status command in Privileged EXEC mode to show the status of the Simple Network Time Protocol SNTP Syntax show sntp status Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples ...

Page 1412: ...re server authentication for received Network Time Protocol NTP traffic To disable the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User Guidelines The command is relevant for both Unicast and Broadcast Example The following example after defining the authentication key for SNTP ...

Page 1413: ...o form of this command Syntax sntp authentication key key number md5 value no sntp authentication key number key number number Range 1 4294967295 value value Range 1 8 characters Default value No authentication is defined Command Mode Global Configuration mode User Guidelines This command has no user guidelines Examples The following examples define the authentication key for SNTP console config s...

Page 1414: ... Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables a Simple Network Time Protocol SNTP Broadcast client console config sntp broadcast client enable sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time for the Simple Network Time Protocol SNTP client To return...

Page 1415: ... server Use the sntp server command in Global Configuration mode to configure an SNTP server address or a host name The server address can be either an IPv4 address or an IPv6 address Use the no form of this command to unconfigure an SNTP server address or a host name Syntax sntp server ip address ipv6 address hostname no sntp server ip address ipv6 address hostname ip address IP address of the se...

Page 1416: ...ey command in Global Configuration mode to authenticate the identity of a system to which Simple Network Time Protocol SNTP will synchronize To disable authentication of the identity of the system use the no form of this command Syntax sntp trusted key key number no sntp trusted key key number key number Key number of authentication key to be trusted Range 1 4294967295 Default Configuration No key...

Page 1417: ...ork Time Protocol SNTP predefined Unicast clients To disable an SNTP Unicast client use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP Unicast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp server command to define SNTP servers Examples The following example enables the device to use...

Page 1418: ...fset zone acronym hours offset Hours difference from UTC Range 12 to 13 minutes offset Minutes difference from UTC Range 0 59 acronym The acronym for the time zone Range Up to four characters Command Mode Global Configuration Default Value No default setting User Guidelines No specific guidelines Example console config clock timezone 5 minutes 30 zone IST no clock timezone Use the no clock timezon...

Page 1419: ...e read as either 0 or 0 as appropriate Syntax clock summer time recurring usa eu week day month hh mm week day month hh mm offset offset zone acronym week Week of the month Range 1 5 first last day Day of the week Range The first three letters by name sun for example month Month Range The first three letters by name jan for example hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm...

Page 1420: ...ot specified they are read as either 0 or 0 as appropriate Syntax clock summer time date date month month date year hh mm date month month date year hh mm offset offset zone acronym date Day of the month Range 1 31 month Month Range The first three letters by name jan for example year Year Range 2000 2097 hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm 0 59 offset Number of minu...

Page 1421: ...le config clock summer time date Apr 1 2007 02 00 Oct 28 2007 offset 90 zone EST no clock summer time Use the no clock summer time command to reset the summertime configuration Syntax Description no clock summer time Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config no clock summer time ...

Page 1422: ...mand has no default configuration Command Mode User EXEC Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example shows the time and date only console show clock 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP The following example shows the time date timezone and summertime configuration console show clock detail 15 ...

Page 1423: ...ng every year Begins at first Sunday of April at 2 00 Ends at last Sunday of October at 2 00 Offset is 60 minutes The following example displays the time and date from the system clock console show clock 15 29 03 Jun 17 2002 Time source is SNTP ...

Page 1424: ...1424 Clock Commands ...

Page 1425: ... modifications Commands applied from a script are additive in nature That is they modify but do not automatically replace the current configuration Any valid command can be placed in a script including show commands Scripts execute in Privileged EXEC mode The script author must add a command configure in order to enter Global Configuration mode Commands in this Chapter This chapter explains the fo...

Page 1426: ...o the switch console script apply config scr script delete Use the script delete command in Privileged EXEC mode to delete a specified script Syntax script delete scriptname all scriptname Script name of the file being deleted Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines E...

Page 1427: ...onfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all scripts present on the switch console script list Configuration Script Name Size Bytes 0 configuration script s found 2048 Kbytes free script show Use the script show command in Privileged EXEC mode to display the co...

Page 1428: ...how config scr interface gigabitethernet 1 0 1 ip address 176 242 100 100 255 255 255 0 exit script validate Use the script validate command in Privileged EXEC mode to validate a script file by parsing each line in the script file The validate option is intended for use as a tool in script development Validation identifies potential problems though it may not identify all problems with a given scr...

Page 1429: ... Scripting Commands 1429 Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example validates the contents of the script file config scr console script validate config scr ...

Page 1430: ...1430 Command Line Configuration Scripting Commands ...

Page 1431: ... Line Interface Scripting The configuration scripting feature allows the user to save the current PowerConnect configuration in text format To modify the configuration script file follow these procedures 1 Upload the file to a personal computer 2 Edit the file 3 Download the file to a PowerConnect switch 4 Apply it to the PowerConnect system With this feature in place the PowerConnect administrato...

Page 1432: ...ration Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image delete backup config show running config delete backup image show startup config delete startup config update bootcode dir write erase Parameter Description image1 Marks the given image as active for subsequent reboots image2 Marks the given image as active for subseque...

Page 1433: ...configuration Syntax clear config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example restores the switch to its default configuration console clear config copy Use the copy command in Privileged EXEC mode to copy files within the switch and to upload and download files f...

Page 1434: ...e Uploads code file via tftp operational log Uploads Operational Log file running config Copies system config file script Uploads Configuration Script file startup config Uploads Startup Config file startup log Uploads Startup Log file Valid source URLs for downloading to the switch tftp ipaddress hostname filepath filename scp user ipaddresss hostname filepath filename sftp user ipaddress hostnam...

Page 1435: ...r name for logging into the remote server via SSH The following table lists and describes reserved keywords destination url The URL or reserved keyword of the destination file Range 1 160 characters List of valid destination parameters for downloading to the switch backup config Downloads config file using sftp or tftp image Downloads code file by ftp sftp or tftp script Downloads configuration sc...

Page 1436: ...nd it refers to the backup image When image is the source of a copy command it refers to the active image If this is destination the file will be distributed to all units in the stack ftp Source or destination URL for an FTP network server The syntax for this alias is ftp ipaddr filepath filename image tftp Source or destination URL for a TFTP network server The syntax for this alias is tftp locat...

Page 1437: ... running config console copy running config backup config This operation may take a few minutes Management interfaces will not be available during this time Are you sure you want to save y n y Configuration saved Example Downloading new code to the switch console copy tftp 10 27 65 61 PC7000v20100911_2 stk image Transfer Mode TFTP Server IP Address 10 27 65 61 File Path File Name PCM7000v20100911_...

Page 1438: ...age1 image1 After the file transfer completes use the boot system command to select the new image to run Example Downloading and applying ias users file console copy tftp 10 131 17 104 aaa_users txt ias users Transfer Mode TFTP Server IP Address 10 131 17 104 File Path File Name aaa_users txt Data Type IAS Users Management access will be blocked for the duration of the transfer Are you sure you wa...

Page 1439: ...g txt console copy usb backup config txt backup config console copy image usb image1 stk console copy flash crashdump 0 usb crashdump 0 delete Use the delete command to delete files from flash Syntax delete file file Name of the file to be deleted Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Ex...

Page 1440: ...Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes the backup config file console delete backup config Delete backup config Y N y delete backup image Use the delete backup image command in Privileged EXEC mode to delete a file from a flash memory device Syntax delete backup image Default Configuration This command has no defa...

Page 1441: ...vileged EXEC mode to delete the startup config file Syntax delete startup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the startup config file is not present when system reboots it reboots with default settings Example The following example deletes the startup config file console delete startup config Delete startup con...

Page 1442: ...15 58 10 0 rwx 256 Jan 22 2005 08 00 48 vpd bin 0 rwx 16380 Jan 10 2031 15 58 18 log2 bin 0 rwx 72 Jan 10 2031 15 58 14 boot dim 0 rwx 0 Jan 10 2031 15 58 18 slog2 txt 0 rwx 53205 Jan 22 2005 09 45 04 rc soc 0 rwx 148 Jan 10 2031 15 58 22 hpc_broad cfg 0 rwx 11224 Jan 22 2005 09 45 04 helixmem soc More or q uit console erase Use the erase command to erase the startup configuration the backup confi...

Page 1443: ...Use the no version of this command to remove the description from the filename Syntax filedescr image 1 image2 description no filedescr image 1 image2 image1 image2 Image file description Block of descriptive text Range 0 128 characters Default Configuration No description is attached to the file Command Mode Privileged EXEC mode Parameter Description startup config Erases the contents of the star...

Page 1444: ...may accept entries up to the first illegal character or reject the entry entirely Example The following example attaches a file description to image2 console filedescr image2 backedup on 03 22 05 rename Use the rename command in Privileged EXEC mode to rename a file present in flash Syntax rename source dest source Source file name dest Destination file name Default Configuration This command has ...

Page 1445: ...t configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example shows backup config data console show backup config software version 1 1 hostname device interface gigabitethernet 1 0 1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 exit interface gigabitethernet 1 0 2 ip addres...

Page 1446: ...n This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the active system image file that the device loads at startup console show bootvar Image Descriptions image1 default image image2 Images currently available on Flash unit image1 image2 current active ...

Page 1447: ...e that this non readable data is contained and displayed at the end of the script files Syntax show running config all scriptname all To display or capture the commands with settings and configuration that are equal to the default value include the all option scriptname If the optional scriptname is provided the output is redirected to a script file NOTE If you issue the show running config comman...

Page 1448: ...Privileged EXEC mode to display the startup configuration file contents Syntax show startup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the contents of the startup config file console show startup config Current...

Page 1449: ... slot 1 1 11 SFP Card slot 1 2 9 CX4 Card stack member 1 7 PCT7048R exit logging console informational logging cli command logging file informational interface vlan 1 exit snmp server community public su exit update bootcode Use the update bootcode command in Privileged EXEC mode to update the bootcode on one or more switches For each switch the bootcode is extracted from the active image and prog...

Page 1450: ...Example The following example updates the bootcode on unit 2 console update bootcode 2 write Use the write command to copy the running configuration image to the startup configuration Syntax write Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Usage Guidelines This command is equivalent to the copy running config startup config command functionall...

Page 1451: ...Configuration and Image File Commands 1451 console ...

Page 1452: ...1452 Configuration and Image File Commands ...

Page 1453: ...ler then configured value TCP Fragment IP Fragment Offset 1 TCP Flag TCP Flag SYN set and Source Port 1024 or TCP Control Flags 0 and TCP Sequence Number 0 or TCP Flags FIN URG and PSH set and TCP Sequence Number 0 or TCP Flags SYN and FIN set L4 Port Source TCP UDP Port Destination TCP UDP Port ICMP Limiting the size of ICMP Ping packets SMAC DMAC Source MAC address Destination MAC address TCP Po...

Page 1454: ...nd FIN set TCP FIN URG PSH TCP Flags FIN and URG and PSH set and TCP Sequence Number 0 ICMP V6 Limiting the size of ICMPv6 Ping packets ICMP Fragment Checks for fragmented ICMP packets Commands in this Chapter This chapter explains the following commands dos control firstfrag ip icmp error interval dos control icmp ip unreachables dos control l4port ip redirects dos control sipdip ipv6 icmp error ...

Page 1455: ... size is 20 ICMP packet size is 512 Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a minimum TCP header size of 20 Packets entering with a smaller header size are dropped console config dos control firstfrag 20 dos control icmp Use the dos control icmp command in Gl...

Page 1456: ...Maximum ICMP Packet Denial of Service protection with a maximum packet size of 1023 console config dos control icmp 1023 dos control l4port Use the dos control l4port command in Global Configuration mode to enable L4 Port Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress having Source TCP UDP Port Number equal to D...

Page 1457: ...IP Address Destination IP Address SIP DIP Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets is dropped if the mode is enabled Syntax dos control sipdip no dos control sipdip Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This comma...

Page 1458: ... SYN and FIN both set the packets are dropped Syntax dos control tcpflag no dos control tcpflag Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example activates TCP Flag Denial of Service protections console config dos control tcpflag dos control tcpfrag Use the dos control tcpfrag...

Page 1459: ...vice protection console config dos control tcpfrag ip icmp echo reply Use the ip icmp echo reply command to enable or disable the generation of ICMP Echo Reply messages Use the no form of this command to prevent the generation of ICMP Echo Replies Syntax ip icmp echo reply no ip icmp echo reply Default Configuration ICMP Echo Reply messages are enabled by default Command Mode Global Configuration ...

Page 1460: ...interval and burst size to their default values Syntax ip icmp error interval burst interval burst size no ip icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can be sent during a burst interval Range 1 200 Default Configuration Rate limiting is enabled by default The default burst interval i...

Page 1461: ...and Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ip icmp unreachables ip redirects Use the ip redirects command to enable the generation of ICMP Redirect messages Use the no form of this command to prevent the sending of ICMP Redirect Messages In global configuration mode this command affects all interfaces In...

Page 1462: ...rval Use the no form of this command to return burst interval and burst size to their default values To disable ICMP rate limiting set burst interval to zero Syntax ipv6 icmp error interval burst interval burst size no ipv6 icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can be sent during a...

Page 1463: ...revent the generation of ICMPv6 Destination Unreachable messages Syntax ipv6 unreachables no ipv6 unreachables Default Configuration ICMPv6 Destination Unreachable messages are enabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ipv6 unreachables show dos control Use the show dos control co...

Page 1464: ...onfig sub modes User Guidelines This command has no user guidelines Example The following example displays Denial of Service configuration information console show dos control SIPDIP Mode Disable First Fragment Mode Disable Min TCP Hdr Size 20 TCP Fragment Mode Disable TCP Flag Mode Disable L4 Port Mode Disable ICMP Mode Disable Max ICMP Pkt Size 512 ...

Page 1465: ...t before timeout The exec timeout command is also used by the web for timing out web sessions To restore the default setting use the no form of this command Syntax exec timeout minutes seconds no exec timeout minutes Integer that specifies the number of minutes Range 0 65535 seconds Additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Comman...

Page 1466: ...tory Use the history command in Line Configuration mode to enable the command history function To disable the command history function use the no form of this command Syntax history no history Default Configuration The default value for this command is enabled Command Mode Line Interface mode User Guidelines This command has no user guidelines Example The following example disables the command his...

Page 1467: ...mmand history buffer size is 10 Command Mode Line Configuration mode User Guidelines This command has no user guidelines Example The following example configures the command history buffer size to 20 commands for the current terminal session console config line history size 20 line Use the line command in Global Configuration mode to identify a specific line for configuration and enter the line co...

Page 1468: ...o access privileged mode Alternatively the administrator can set the telnet and ssh lists to enableList which has the enable and none methods defined When using line ssh authentication with a RADIUS server as the primary authentication method be aware that the default 802 1x timeout is 45 seconds This is the same timeout value as SSH Thus a secondary authentication method is unlikely to be invoked...

Page 1469: ...h Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode User EXEC and Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the line configuration console show line Console configuration Interactive timeout Disabled History 10 ...

Page 1470: ...e Use the no form of the command to restore the default settings Syntax speed bps no speed bps Baud rate in bits per second bps The options are 2400 9600 19200 38400 57600 and 115200 Default Configuration This default speed is 9600 Command Mode Line Interface console mode User Guidelines This configuration applies only to the current session Example The following example configures the console bau...

Page 1471: ...and destination port Additionally other attributes such as incoming port or port channel and VLAN ID can be used to determine if the traffic should be allowed to the management interface When the component is disabled incoming TCP UDP packets are not filtered and are processed normally There is also an option to restrict all the above packets from the network interface This is done by specifying c...

Page 1472: ...n vlan id A valid VLAN number port channel port channel number A valid routed port channel number tengigabitethernet unit slot port A valid 10 gigabit Ethernet routed port number ip address Source IP address mask mask Specifies the network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a...

Page 1473: ...s list mlist console config macal deny management access class Use the management access class command in Global Configuration mode to restrict management connections To disable restriction use the no form of this command Syntax management access class console only name no management access class name A valid access list name Range 1 32 characters console only The switch can be managed only from t...

Page 1474: ...t use the no form of this command Syntax management access list name no management access list name name The access list name Range 1 32 printable characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command enters the access list configuration mode where the denied or permitted access conditions with the deny and pe...

Page 1475: ...and gigabit Ethernet 2 0 9 console config management access list mlist console config macal deny gigabitethernet 1 0 1 priority 1 console config macal deny gigabitethernet 2 0 9 priority 2 console config macal permit priority 2 console config macal exit console config management access class mlist permit management Use the permit command in Management Access List configuration mode to set conditio...

Page 1476: ... tftp snmp sntp or any The any keyword indicates that the service match for the ACL is effectively don t care priority priority value Priority for the rule Range 1 64 Default Configuration This command has no default configuration Command Mode Management Access list Configuration mode User Guidelines Rules with gigabitethernet tengigabitethernet vlan and port channel parameters are valid only if a...

Page 1477: ...console config macal exit console config management access class mlist show management access class Use the show management access class command in Privileged EXEC mode to display information about the active management access list Syntax show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub mod...

Page 1478: ...1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the active management access list console show management access list mlist permit priority 1 gigabitethernet 1 0 1 permit priority 2 gigabitethernet 2 0 1 No...

Page 1479: ...configure terminal Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Example console conf t console config console configure terminal console config do Use the do command to execute commands available in Privileged EXEC mode Global Configuration and any config sub mode with command completion Command completion using the space bar is not available wh...

Page 1480: ...ich they have the appropriate privileges Default Configuration This command has no default configuration Command Mode All except Privileged EXEC and User EXEC modes User Guidelines As per each command Example 1 console en console configure console config interface gi1 0 1 console config if Gi1 0 1 d description dhcp do dot1x duplex dvlan tunnel console config if Gi1 0 1 do Help from privileged EXE...

Page 1481: ... Send ICMP echo packets to a specified IP address quit Exit this session Any unsaved changes are lost release Release an in band DHCP assigned address reload Reload stack or a switch in the stack rename Rename a file renew Renew an in band DHCP assigned address script Manage and execute configuration scripts show Show configured settings and operational status telnet Open a telnet connection termi...

Page 1482: ...1482 Mode Commands ...

Page 1483: ...e default operation is that no history is stored Password Aging The switch can implement an aging process on passwords and require users to change them when they expire The administrator can configure the switch to force a password change between 1 and 365 days By default password aging is disabled When a password expires the user must enter a new password before continuing User Lockout The admini...

Page 1484: ...sting password until their password ages out Password Strength is only enforced when a user is configuring a new password or changing their existing password The default action is Disabled in FP and is independent of any platform The network operator has to take care that the Password Strength check is Disabled before downloading scripts containing old users to avoid password configuration failure...

Page 1485: ...ring properties of passwords NOTE To change a password use the passwords command which is described in AAA Commands passwords aging passwords strength minimum special characters passwords history passwords strength max limit consecutive characters passwords lock out passwords strength max limit repeated characters passwords min length passwords strength minimum character classes passwords strength...

Page 1486: ...fault value is 0 Command Mode Global Configuration mode User Guidelines A value of 0 days disables password aging Example The following example sets the password age limit to 100 days console config passwords aging 100 passwords history As administrator use the passwords history command in Global Configuration mode to set the number of previous passwords that are stored for each user account When ...

Page 1487: ...words lock out Use the passwords lock out command in Global Configuration mode to strengthen the security of the switch by locking user accounts that have failed login due to wrong passwords When a lockout count is configured a user who is logging in must enter the correct password within that count Otherwise that user is locked out from further switch access Only a user with read write access can...

Page 1488: ...ample The following example sets the number of user attempts before lockout at 2 console config passwords lock out 2 passwords min length Use the passwords min length command in Global Configuration mode to enforce a minimum length password length for local users The value also applies to the enable password The valid range is 8 64 The default is 8 Use the no version of this command to set the min...

Page 1489: ...le the Password Strength feature The command is used to enable the checking of password strength during user configuration Use the no form of the command to disable the Password Strength feature Syntax passwords strength check no passwords strength check Parameter Description This command does not require parameter descriptions Default Behavior The password strength feature is disabled by default ...

Page 1490: ...that a password must contain The valid range is 0 16 The default is 1 A minimum of 0 means no restriction on that set of characters Use the no form of the command to reset the minimum uppercase letters to the default value Syntax passwords strength minimum uppercase letters 0 16 no passwords strength minimum uppercase letters Parameter Description This command has no effect unless enabled by the p...

Page 1491: ...o the default value Syntax passwords strength minimum lowercase letters 0 16 no passwords strength minimum lowercase letters Parameter Description This command does not require parameter descriptions Default Behavior The default value is 1 Command Mode Global Configuration User Guidelines This command has no effect unless enabled by the passwords strength minimum character classes command This lim...

Page 1492: ...to reset the minimum numeric characters to the default value Syntax passwords strength minimum numeric characters 0 16 no passwords strength minimum numeric characters Parameter Description This command does not require parameter descriptions Default Behavior The default value is 1 Command Mode Global Configuration User Guidelines This command has no effect unless the passwords strength minimum ch...

Page 1493: ... Parameter Description This command does not require parameter descriptions Default Behavior The default value is 1 Command Mode Global Configuration User Guidelines This limit is not enforced unless the passwords strength minimum character classes command is configured with a value greater than 0 Example console config passwords strength minimum special characters 6 passwords strength max limit c...

Page 1494: ...ameter descriptions Default Behavior The default value is 0 Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config passwords strength max limit consecutive characters 3 passwords strength max limit repeated characters Use this command to enforce a maximum repeated characters that a password should contain If password has repetition of character...

Page 1495: ...asses Use this command to enforce a minimum number of character classes that a password should contain Character classes are uppercase letters lowercase letters numeric characters and special characters The valid range is 0 4 The default is 0 If a value of 0 is configured then no character class checking is performed i e for special characters uppercase characters lower case characters etc Use the...

Page 1496: ...umeric characters A value greater than 0 specifies the minimum number of character class tests a password must pass A value of 0 disables the minimum strength checking set by the above commands Example console config passwords strength minimum character classes 4 passwords strength exclude keyword Use this command to exclude the keyword while configuring the password The password does not accept t...

Page 1497: ...xclude keyword brcm enable password encrypted This command is used by an Administrator to transfer the enable password between devices without having to know the password The password parameter must be exactly 128 hexadecimal characters Syntax enable password encrypted password Parameter Description This command does not require parameter descriptions Default Behavior This command has no default c...

Page 1498: ...password is valid Lockout Attempts Number of failed password login attempts before lockout Minimum Password Uppercase Letters Minimum number of uppercase characters required when configuring passwords Minimum Password Lowercase Letters Minimum number of uppercase characters required when configuring passwords Minimum Password Numeric Characters Minimum number of numeric characters required when co...

Page 1499: ...story 0 Password Aging days 0 Lockout Attempts 0 Password Strength Check Enable Minimum Password Uppercase Letters 4 Minimum Password Lowercase Letters 4 Minimum Password Numeric Characters 3 Minimum Password Special Characters 3 Maximum Password Consecutive Characters 3 Minimum Password Character Classes Minimum number of character classes uppercase lowercase numeric and special required when con...

Page 1500: ...scription This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the command output console show passwords result Last User whose password is set brcm Password strength check ...

Page 1501: ...mmand has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines The copper related commands do not apply to the stacking CX 4 or 10GBaseT ports associated with these plug in modules The maximum length of the cable for the Time Domain Reflectometry TDR test is 120 meters Disable green mode on the port in order to obtain accurate results Exam...

Page 1502: ...l transceiver interface interface A valid fiber port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines The show fiber ports command is applicable to all fiber ports including SFP SFP and XFP ports It will display an error if executed against a copper port or passive or active direct attach cables E...

Page 1503: ...tometry TDR technology the quality and characteristics of a copper cable attached to a 1GBaseT or 10GBaseT port Syntax test copper port tdr interface interface A valid Ethernet port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command prompts the user to shut down the port for the duration of the test Passive or active direc...

Page 1504: ...e length Use the show copper port tdr command to view the results Do you wish to continue and take the port offline Y N y The following example results in a failure to report on the cable attached to port te2 0 3 console test copper port tdr te2 0 3 Can t perform the test on fiber ports ...

Page 1505: ...forcibly stopped to supply power in order to provide power to higher priority ports The Static Power Management feature allows operator to reserve a guaranteed amount of power for a PoE port This is useful for powering up devices which draw variable amount of power and provide them an assured power range to operate with in In the Dynamic Power Management feature power is not reserved for a given p...

Page 1506: ...col and stops supplying power to the device Command Mode Interface Configuration Ethernet Usage Guidelines No specific guidelines Default Value auto Examples console config interface gigabitethernet 1 0 1 power inline power inline priority enable power inline detection power inline reset power inline high power power inline usage threshold power inline limit clear power inline statistics power inl...

Page 1507: ...f legacy legacy only no power inline detection Parameter Description Default Value Default value is dot3af Command Mode Interface Configuration User Guidelines This command has no user guidelines power inline high power Use this command to configure the port high power mode Use the no form of this command to disable high power mode In high power mode the switch PSE negotiates the power budget with...

Page 1508: ...the power inline limit command to configure the type of power limit Use the no form of this command to set the power limit type to the default Syntax power inline limit class none user defined limit no power inline limit Parameter Description Parameter Description Class Allows the port to draw up to advertised class maximum power None Allows port to draw up to class 0 maximum power in low power mo...

Page 1509: ...ult Static and dynamic modes differ in how the available power is calculated Static Power Management Available Power Power limit of the Source Total Allocated Power where Total Allocated Power is calculated as the power limit configured on the port Dynamic Power Management Available Power Power limit of the Source Total Allocated Power where Total Allocated Power is calculated as the amount of pow...

Page 1510: ... management Parameter Description Default Value Default management is dynamic Command Mode Global Configuration power inline powered device The power inline powered device Interface Configuration Ethernet mode command adds a comment or description of the powered device type to enable the user to remember what is attached to the interface To remove the description use the no form of this command Sy...

Page 1511: ...an attached device The switch may not be able to supply power to all connected devices so the port priority is used to determine which ports will supply power if adequate power capacity is not available for all enabled ports For ports that have the same priority level the lower numbered port has higher priority For a system delivering peak power to a certain number of devices if a new device is at...

Page 1512: ...ly the PD and there is a lower priority port delivering power it is turned off If priority is disabled power is delivered to ports on a first come first served basis Use the no form of this command to disable the priority The default threshold for determining if insufficient power is available is 96 of available power Syntax Description power inline priority enable no power inline priority enable ...

Page 1513: ...ures the system power usage threshold level at which lower priority ports are disconnected The threshold is configured as a percentage of the total available power Use the no form of the command to set the threshold to the default value Syntax Description power inline usage threshold threshold no power inline usage threshold Parameter Description Default Configuration The default threshold is 96 C...

Page 1514: ... the PoE statistics Syntax clear power inline statistics unit slot port Parameter Description This command does not require parameter description Default Behavior This command has no default configuration Command Modes Privileged EXEC User Guidelines This command has no user guidelines show power inline Use the show power inline command to report current PoE configuration and status If no port is ...

Page 1515: ...following example no port is specified so the command displays global configuration and status of all the ports console show power inline Unit Status Unit1 Power On Nominal Power 150 watt Consumed Power 120 watts 80 Unit2 Power On Nominal Power 150 watt Consumed Power 120 watts 80 Parameter Description interface id Any physical interface See Interface Naming Conventions for interface representatio...

Page 1516: ...ls for the single port console show power inline gigabitethernet 1 0 13 Port Powered Device State Priority Status Class W Power mW 1 0 13 auto Low On 3 84 6 49 5000 Overload Counter 0 Short Counter 0 Denied Counter 0 Absent Counter 0 Invalid Signature Counter 0 console show power inline firmware version Use the show power inline firmware version command in Privileged EXEC mode to display the versi...

Page 1517: ...Power Over Ethernet Commands 1517 Command Mode Privileged EXEC User Guidelines This command has no user guidelines ...

Page 1518: ...1518 Power Over Ethernet Commands ...

Page 1519: ...FC 2819 A device that supports gathering and reporting the RMON data is referred to as an RMON probe or RMON Agent An RMON probe provides RMON data to an RMON Manager for analysis and presentation to the user An RMON probe may be embedded in an existing network device or stand alone Commands in this Chapter This chapter explains the following commands rmon alarm Use the rmon alarm command in Globa...

Page 1520: ...reshold value Range 2147483648 2147483647 falling threshold value Falling Threshold value Range 2147483648 2147483647 event number The index of the Event that is used when a rising or falling threshold is crossed Range 1 65535 delta The sampling method for the selected variable and calculating the value to be compared against the thresholds If the method is delta the selected variable value at the...

Page 1521: ...larm 1 1 3 6 1 2 1 2 2 1 1 10 5 10 50000 10 1 1 startup direction The alarm that may be sent when this entry is first set to valid If the first sample after this entry becomes valid is greater than or equal to the rising threshold and direction is equal to rising or rising falling then a single rising alarm is generated If the first sample after this entry becomes valid is less than or equal to th...

Page 1522: ...pecified the name is an empty string buckets bucket number A value associated with the number of buckets specified for the RMON collection history group of statistics If unspecified defaults to 50 Range 1 65535 interval seconds The number of seconds in each polling cycle If unspecified defaults to 1800 Range 1 3600 Default Configuration The buckets configuration is 50 The interval configuration is...

Page 1523: ...lt Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Parameter Description number The event index Range 1 65535 log An entry is made in the log table for each event trap An SNMP trap is sent to one or more management stations community If an SNMP trap is to be sent it is sent to the SNMP community spec...

Page 1524: ...larm command Syntax show rmon alarm number number Alarm index Range 1 65535 Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays RMON 1 alarms console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 10 1 Last sample Value 878128 Inte...

Page 1525: ...d against the thresholds If the value is absolute the value of the variable is compared directly with the thresholds at the end of the sampling interval If the value is delta the value of the variable at the last sample is subtracted from the current value and the difference compared with the thresholds Startup Alarm The alarm that may be sent when this entry is first set If the first sample is gr...

Page 1526: ...example displays the alarms summary table console show rmon alarms Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3 6 1 2 1 2 2 1 10 1 Manager Falling Threshold A sampled statistic threshold When the current sampled value is less than or equal to this threshold and the value at the last sampling interval is greater than this threshold a single event is generated Rising Event The event index used...

Page 1527: ...slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays all RMON group statistics console show rmon collection history Index Interface Interval Requested Grant...

Page 1528: ...nd has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the RMON event table Field Description Index An index that uniquely identifies the entry Interface The sampled Ethernet interface Interval The interval in seconds between samples Requested Samples The requested n...

Page 1529: ...Displays error counters other Displays drop and collision counters period seconds Specifies the requested period time to display Range 0 2147483647 Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of...

Page 1530: ...le Set 1 Owner CLI Interface 1 0 1 interval 1800 Requested samples 50 Granted samples 50 Maximum table size 270 Time Octets Packets Broadcast Multicast 09 Mar 2005 18 29 32 303595962 357568 3289 7287 19 09 Mar 2005 18 29 42 287696304 275686 2789 5878 20 The following example displays RMON Ethernet Statistics history for errors on index number 1 console show rmon history 1 errors Sample Set 1Owner ...

Page 1531: ...ons 10 Mar 2005 22 06 00 3 0 10 Mar 2005 22 06 20 3 0 The following table describes the significant fields shown in the display Field Description Time Date and Time the entry is recorded Octets The total number of octets of data including those in bad packets received on the network excluding framing bits but including FCS octets Packets The number of packets including bad packets received during ...

Page 1532: ...ng FCS octets but were otherwise well formed Fragments The total number of packets received during this sampling interval that were less than 64 octets in length excluding framing bits but including FCS octets had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets AlignmentError It is normal for etherHistoryFragments ...

Page 1533: ...ation Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following examples display the RMON logging table console show rmon log Maximum table size 100 Event Description Time 1 Errors Jan 18 2005 23 48 19 1 Errors Jan 18 2005 23 58 17 2 High Broadcast Jan 18 2005 23 59 48 console show rmon log Maximum table size 100 100 ...

Page 1534: ...it slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays RMON Ethernet Statistics for port 1 0 1 console show rmon statistics gigabitethernet 1 0 1 Port 1 0 ...

Page 1535: ...tets of data including those in bad packets received on the network excluding framing bits but including FCS octets Packets The total number of packets including bad packets Broadcast packets and Multicast packets received Broadcast The total number of good packets received and directed to the Broadcast address This does not include Multicast packets Multicast The total number of good packets rece...

Page 1536: ...r of collisions on this Ethernet segment 64 Octets The total number of packets including bad packets received that are 64 octets in length excluding framing bits but including FCS octets 65 to 127 Octets The total number of packets including bad packets received that are between 65 and 127 octets in length inclusive excluding framing bits but including FCS octets 128 to 255 Octets The total number...

Page 1537: ...4 only routing environments depending on the how the switch is used in the network at runtime The operator can choose between Ipv4 only where all the routing table entries are reserved for IPv4 Routes or IPv4 IPv6 Default mode Commands in this Chapter This chapter explains the following commands sdm prefer Use the sdm prefer command in Global Config mode to change the template that will be active ...

Page 1538: ... it to the stack and power it on The following table lists the completion messages Parameter Description dual ipv4 and ipv6 This keyword filters subsequent template choices to those that support both IPv4 and IPv6 There is only one such template It is selected using the keyword default ipv4 routing This keyword filters subsequent template choices to those that support IPv4 and not IPv6 The default...

Page 1539: ...efault List the scaling parameters for the IPv4 only template maximizing the number of unicast routes ipv4 routing data center List the scaling parameters for the IPv4 only template supporting more ECMP next hops Parameter Description ARP Entries The maximum number of entries in the IPv4 Address Resolution Protocol ARP cache for routing interfaces IPv4 Unicast Routes The maximum number of IPv4 uni...

Page 1540: ...template as the next active template To list the scaling parameters of a specific template use that template s keyword as an argument to the command The following table lists the completion messages Examples This example shows the current SDM template The user has not changed the next active SDM template console show sdm prefer IPv4 Multicast Routes The maximum number of IPv4 multicast forwarding ...

Page 1541: ...ive SDM template for optimal performance for IPv4 routing console configure console config sdm prefer ipv4 routing default Changes to the running SDM preferences have been stored but cannot take effect until the next reload Use show sdm prefer to see what SDM preference is currently active config show sdm prefer The current template is the Dual IPv4 and IPv6 template ARP Entries 6144 IPv4 Unicast ...

Page 1542: ...he scaling parameters for the data center template invoke the command with the ipv4 routing data center keywords config show sdm prefer ipv4 routing data center Scaling parameters for the IPv4 data center template ARP Entries 6144 IPv4 Unicast Routes 8160 IPv6 NDP Entries 0 IPv6 Unicast Routes 0 ECMP Next Hops 16 IPv4 Multicast Routes 2048 IPv6 Multicast Routes 0 ...

Page 1543: ...logging in the syslog utility is not required in order to view the output of debug traces Debug commands are provided in the normal CLI tree Debug settings are not persistent and are not visible in the running configuration To view the current debug settings use the show debug command The output of debug commands can be large and may adversely affect system performance Enabling debug for all IP pa...

Page 1544: ...p no debug arp Default Configuration ARP packet tracing is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug arp debug console debug ip pimsm packet debug lacp debug vrrp debug dot1x debug ip vrrp debug mldsnooping show debugging debug igmpsnooping debug ipv6 dhcp debug ospf debug ip acl debug ipv6 mcache debu...

Page 1545: ...essages Syntax debug auto voip H323 SCCP SIP no debug auto voip H323 SCCP SIP Default Configuration Auto VOIP tracing is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug auto voip debug clear Use the debug clear command to disable all debug traces Syntax debug clear Default Configuration There is no default c...

Page 1546: ... appears on all login sessions for which debug console has been enabled The configuration of this command remains in effect for the life of the login session The effect of this command is not persistent across resets Syntax debug console Default Configuration Display of debug traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this comm...

Page 1547: ... Example console debug dot1x packet debug igmpsnooping Use the debug igmpsnooping to enable tracing of IGMP Snooping packets transmitted and or received by the switch IGMP Snooping should be enabled on the device and the interface in order to monitor packets for a particular interface Syntax debug igmpsnooping packet receive transmit no debug igmpsnooping packet receive transmit Default Configurat...

Page 1548: ...o debug ip acl acl acl The number of the IP ACL to debug Default Configuration Display of IP ACL traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug ip acl 1 debug ip dvmrp Use the debug ip dvmrp to trace DVMRP packet reception and transmission The receive option traces only received DVMRP packets and ...

Page 1549: ...this command Example console debug ip dvmrp packet debug ip igmp Use the debug ip igmp command to trace IGMP packet reception and transmission The receive option traces only received IGMP packets and the transmit option traces only transmitted IGMP packets When neither keyword is used in the command then all IGMP packet traces are dumped Vital information such as source address destination address...

Page 1550: ...smit option traces only transmitted data packets When neither keyword is used in the command then all data packet traces are dumped Vital information such as source address destination address packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable MDATA tracing Syntax debug ip mcache packet receive trans...

Page 1551: ...dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable debug tracing of PIMDM packet reception and transmission Syntax debug ip pimdm packet receive transmit no debug ip pimdm packet receive transmit Default Configura...

Page 1552: ... on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable debug tracing of PIMSM packet reception and transmission Syntax debug ip pimsm packet receive transmit no debug ip pimsm packet receive transmit Default Configuration Display of PIMSM traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usag...

Page 1553: ...e to display debug information about DHCPv6 client activities and to trace DHCPv6 packets to and from the local DHCPv6 client To disable debugging use the no form of the command Syntax debug ipv6 dhcp no debug ipv6 dhcp Parameter Description This command does not require a parameter description Default Configuration Debugging for the DHCP for IPv6 is disabled by default Command Mode Privileged EXE...

Page 1554: ... address packet length and the interface on which the packet is received or transmitted is displayed on the console Syntax debug ipv6 mcache packet receive transmit no debug ipv6 mcache packet receive transmit Default Configuration Display of MDATA traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console debug ipv6 mcache p...

Page 1555: ...vileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug ipv6 mld packet debug ipv6 pimdm Use the debug ipv6 pimdm command to trace PIMDMv6 packet reception and transmission The receive option traces only received PIMDMv6 packets and the transmit option traces only transmitted PIMDMv6 packets When neither keyword is used in the command then all PIMDMv6...

Page 1556: ... only received PIMSMv6 packets and the transmit option traces only transmitted PIMSMv6 packets When neither keyword is used in the command then all PIMSMv6 packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command...

Page 1557: ... in the command then all ISDP packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable ISDP tracing Syntax debug isdp packet receive transmit no debug isdp packet receive transmit Default Configuration...

Page 1558: ...ug lacp packet debug mldsnooping Use the debug mldsnooping command to trace MLD snooping packet reception and transmission The receive option traces only received MLD snooping packets and the transmit option traces only transmitted MLD snooping packets When neither keyword is used in the command then all MLD snooping packet traces are dumped Vital information such as source address destination add...

Page 1559: ...and Example console debug mldsnooping debug ospf Use the debug ospf command to enable tracing of OSPF packets received and transmitted by the switch Use the no form of this command to disable tracing of OSPF packets Syntax debug ospf packet no debug ospf packet Default Configuration Display of OSPF traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage ...

Page 1560: ...s disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug ospfv3 packet debug ping Use the debug ping command to enable tracing of ICMP echo requests and responses This command traces pings on the network port and on the routing interfaces Use the no form of this command to disable tracing of ICMP echo requests and...

Page 1561: ... debug rip Use the debug rip command to enable tracing of RIP requests and responses Use the no form of this command to disable tracing of RIP requests and responses Syntax debug rip packet no debug rip packet Default Configuration Display of RIP traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug rip...

Page 1562: ... Use the debug spanning tree command to trace spanning tree BPDU packet reception and transmission The receive option traces only received spanning tree BPDUs and the transmit option traces only transmitted BPDUs When neither keyword is used in the command all spanning tree BPDU traces are dumped Vital information such as source address destination address control packet type packet length and the...

Page 1563: ...bpdu debug vrrp Use the debug vrrp command in Privileged EXEC mode to enable VRRP debug protocol messages Use the no form of this command to disable VRRP debug protocol messages Syntax debug vrrp all no debug vrrp all Default Configuration The display of VRRP traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines show debugging Use the s...

Page 1564: ...nfiguration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes Usage Guidelines Enabled packet tracing configurations are displayed Example console debug arp Arp packet tracing enabled console show debugging Arp packet tracing enabled ...

Page 1565: ...d to forward the sampled traffic statistics immediately to an sFlow Collector for analysis The sFlow Agent supports two forms of sampling statistical packet based sampling of switched or routed Packet Flows and time based sampling of counters Commands in this Chapter This chapter explains the following commands sflow destination Use the sflow destination command to configure the sFlow collector pa...

Page 1566: ...tring The identity string must be set before assigning a receiver to a sampler or poller Range 1 127 characters rcvr_timeout The time in seconds remaining before the sampler or poller is released and stops sending samples to the receiver Setting a value of 0 for the timeout value permanently configures the sflow receiver Use the no form of the command to remove permanently configured receivers A m...

Page 1567: ...onsole config sflow 1 destination maxdatagram 500 console config sflow 1 destination 30 30 30 1 560 sflow polling Use the sflow polling command to enable a new sflow poller instance for this data source if rcvr_idx is valid An sflow poller sends counter samples to the receiver Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling gigabitethernet...

Page 1568: ...rface Mode to enable a new sflow poller instance for this interface if rcvr_idx is valid An sflow poller sends counter samples to the receiver Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling poll interval no sflow rcvr index polling rcvr index The sFlow Receiver associated with the poller Range 1 8 poll interval The sFlow instance polling ...

Page 1569: ...abitethernet tengigabitethernet interface list rcvr index The sFlow Receiver for this sFlow sampler to which flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver times out then all samplers associated with the receiver will also expire Range 1 8 interface list The list of interfaces to poll in unit slot port format ...

Page 1570: ...ampling command in Interface Mode to enable a new sflow sampler instance for this data source if rcvr_idx is valid Use the no form of this command to reset sampler parameters to the default Syntax sflow rcvr index sampling sampling rate size no sflow rcvr index sampling rcvr index The sFlow Receiver for this sFlow sampler to which flow samples are to be sent If no receiver is configured then no pa...

Page 1571: ... of ports may tax the CPU beyond it s ability to deliver the packets to the receiver Lowering the sampling rate higher numerical value will help to ensure that all collected samples can be sent to the receiver Example console config if 1 0 15 sflow 1 sampler 1500 50 show sflow agent Use the show sflow agent command to display the sflow agent information Syntax show sflow agent Default Configuratio...

Page 1572: ...efault Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines The following fields are displayed sFlow Version Uniquely identifies the version and implementation of this MIB The version string must have the following structure MIB Version Organization Software Revision where MIB Version 1 3 the version of this ...

Page 1573: ...abitethernet interface list rcvr index The sFlow Receiver associated with the poller Range 1 8 interface list The list of interfaces to poll in unit slot port format Default Configuration This command has no default configuration Owner String The identity string for receiver the entity making use of this sFlowRcvrTable entry Time Out The time in seconds remaining before the receiver is released an...

Page 1574: ...ow rcvr index sampling gigabitethernet tengigabitethernet interface list rcvr index The sFlow Receiver associated with the poller Range 1 8 interface list The list of interfaces on which data is sampled Default Configuration This command has no default configuration Poller Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physical ports only Receiver Ind...

Page 1575: ... Index Sampling Rate Size Gi1 0 1 1 0 128 Sampler Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver configured for this sFlow sampler Packet Sampling Rate The statistical sampling rate for packet sampling from this source Max Header Size The maximum number of bytes that should be copied from a sampled ...

Page 1576: ...1576 Sflow Commands ...

Page 1577: ... undemanding The agent allows a network control station to retrieve reports from the networked device These reports are based upon the defined objects in the MIB The agent queries reports and sets MIB variables based upon directions from the network control station or upon preset conditions Commands in this Chapter This chapter explains the following commands show snmp Use the show snmp command in...

Page 1578: ...s status Console show snmp Community String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su DefaultSuper 172 17 1 1 Community String Group name IP address public user group All Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Community Version UDP Filter TO Retries Port name Sec 192 ...

Page 1579: ...f the local Simple Network Management Protocol SNMP engine Syntax show snmp engineID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the SNMP engine ID console show snmp engineID Local SNMP engineID 08009009020C0B099C07587...

Page 1580: ...sent at the beginning of every filter list This implicit filter is not shown in the output of this command Example The following examples display the configuration of filters with and without a filter name specification console show snmp filters Name OID Tree Type user filter1 1 3 6 1 2 1 1 Included user filter1 1 3 6 1 2 1 1 7 Excluded user filter2 1 3 6 1 2 1 2 2 1 1 Included console show snmp f...

Page 1581: ...cters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following examples display the configuration of views console show snmp group Name Secur...

Page 1582: ...nd all Config sub modes Field Description Name Name of the group Security Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet with encryption Applicable only to SNMP Version 3 security model Views Read A string that is the name of the view that enables you only to view the contents of the agent If unspecified all the objects except the community table and SNMPv3 user and ...

Page 1583: ...ays the configuration of users with the user name specified Console show snmp user Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106 john user group SHA DES 800002a20300fce3900106 Console show snmp users bob Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106 show snmp views Use the show snmp views comm...

Page 1584: ... show trapflags command in Privileged EXEC mode to display the trap settings Syntax show trapflags ospf ospfv3 captive portal Parameter Description console show snmp views Name OID Tree Type user view1 1 3 6 1 2 1 1 Included user view1 1 3 6 1 2 1 1 7 Excluded user view2 1 3 6 1 2 1 2 2 1 1 Included Parameter Description ospf Display OSPFv2 specific trap settings ospfv3 Display OSPFv3 specific tra...

Page 1585: ... show trapflags Authentication Flag Disable Auto copy sw Flag Enable Dot1q Flag Enable Link Up Down Flag Enable Maclock violation Flag Enable Multiple Users Flag Enable Spanning Tree Flag Enable VRRP trap Enable ACL Traps Enable DVMRP Traps Disable OSPFv2 Traps Disable PIM Traps Disable OSPFv3 Traps Disable FIP snooping Traps Enable Example 2 console show trapflags ospf OSPF Traps errors all Disab...

Page 1586: ...sabled rtb rtb entryinfo Disabled state change all Disabled if state change Enabled neighbor state change Enabled virtif state change Disabled virtneighbor state change Disabled snmp server community Use the snmp server community command in Global Configuration mode to set up the community access string to permit access to the SNMP protocol To remove the specified community string use the no form ...

Page 1587: ...nal group name The internal group name for SNMPv1 and SNMPv2 security models is mapped to a view name If ro is specified then read view and notify view are mapped If rw is specified then read view notify view and write view are mapped Parameter Description string Permits access to the SNMP protocol Range 1 20 characters ro Indicates read only access rw Indicates read write access su Indicates SNMP...

Page 1588: ... su ipaddress 192 168 1 20 snmp server community group Use the snmp server community group command in Global Configuration mode to map the internal security name for SNMP v1 and SNMP v2 security models to the group name To remove the specified community string use the no form of this command Syntax snmp server community group community string group name ipaddress ip address community string Commun...

Page 1589: ... console config snmp server community group dell_community dell_group 192 168 29 1 snmp server contact Use the snmp server contact command in Global Configuration mode to set up a system contact sysContact string To remove the system contact information use the no form of the command Syntax snmp server contact text no snmp server contact text Character string 0 to 160 characters describing the sys...

Page 1590: ...w captive portal cp type dot1q dvrmp link maclock multiple users ospf ospftype ospfv3 ospfv3type pim poe snmp authentication spanning tree stack vrrp cp type all client auth failure client connect client db full client disconnect ospftype all errors all authentication failure bad packet config error virt authentication failure virt bad packet virt config error lsa all lsa maxage lsa originate over...

Page 1591: ... Enable traps on ACL match events all Enable all traps not recommended auto copy sw Enable traps on automatic download of switch software captive portal Enable captive portal traps dot1q Enable traps on VLAN configuration failures dvmrp Enable dvmrp traps maclock Enable traps on MAC locking violations ospf Enable OSPF event traps ospfv3 Enable OSPFv3 event traps pim Enable pim traps pim sm and pim...

Page 1592: ...for Protocol Independent Multicast spanning tree Enable Disable sending Spanning Tree traps vrrp Enable Disable VRRP trap snmp server engineID local Use the snmpserver engineID local command in Global Configuration mode to specify the Simple Network Management Protocol SNMP engine ID on the local device To remove the configured engine ID use the no form of this command Syntax snmp server engineID ...

Page 1593: ...5 or SHA security digest This digest is based on both the password and the local engine ID The command line password is then destroyed as required by RFC 2274 Because of this deletion if the local value of engineID changes the security digests of SNMPv3 users will be invalid and the users will have to be reconfigured Example The following example configures the Engine ID automatically console conf...

Page 1594: ...ecedence when an object identifier is included in two or more lines The filter name may include any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the ...

Page 1595: ... security model noauth Indicates no authentication of a packet Applicable only to the SNMP Version 3 security model auth Indicates authentication of a packet without encrypting it Applicable only to the SNMP Version 3 security model priv Indicates authentication of a packet with encryption Applicable only to the SNMP Version 3 security model contextname Provides different views of the system and p...

Page 1596: ... the same view name then the argument specified in this command points to first view name in the table Example The following example attaches a group called user group to SNMPv3 and assigns to the group the privacy security level and read access rights to a view called user view console config snmp server group user group v3 priv read user view snmp server host Use the snmp server host command in ...

Page 1597: ...a password like community string sent with the notification operation Range 1 20 characters traps Indicates that SNMP traps are sent to this host version 1 Indicates that SNMPv1 traps will be used version 2 Indicates that SNMPv2 traps will be used informs Indicates that SNMPv2 informs are sent to this host seconds Number of seconds to wait for an acknowledgment before resending informs The default...

Page 1598: ..._powerconnect traps v2 snmp server location Use the snmp server location command in Global Configuration mode to set the system location string To remove the location string use the no form of this command Syntax snmp server location text no snmp server location text Character string describing the system location Range 1 to 255 characters Default Configuration This command has no default configur...

Page 1599: ...he engine ID of the remote SNMP entity to which the user belongs The engine ID is a concatenated hexadecimal string Each byte in the hexadecimal character string is two hexadecimal digits The remote engine id designates the remote management station and should be defined to enable the device to receive acknowledgements to informs Range 5 32 characters auth md5 The HMAC MD5 96 authentication level ...

Page 1600: ...Mode Global Configuration mode User Guidelines If the SNMP local engine ID is changed configured users will no longer be able to connect and will need to be reconfigured Example The following example configures an SNMPv3 user John in group user group console config snmp server user John user group snmp server view Use the snmp server view command in Global Configuration mode to create or update a ...

Page 1601: ...idelines This command can be entered multiple times for the same view record The view name accepts any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal combinations of characters on entry and may accept entries up to the first ille...

Page 1602: ...ies user name used to generate the notification Range 1 30 characters traps Indicates that SNMP traps are sent to this host informs Indicates that SNMPv2 informs are sent to this host noauth Specifies sending of a packet without authentication auth Specifies authentication of a packet without encrypting it priv Specifies authentication and encryption of a packet seconds Number of seconds to wait f...

Page 1603: ...in the key The surrounding quotes are not used as part of the key The CLI does not filter illegal characters but may accept entries up to the first illegal character or reject the entry entirely Example The following example identifies an SNMPv3 host console config snmp server v3 host 192 168 0 20 The following example shows the syntax of the no snmp server host ip address command console config n...

Page 1604: ...1604 SNMP Commands ...

Page 1605: ...g commands crypto key generate dsa Use the crypto key generate dsa command in Global Configuration mode to generate DSA key pairs for your switch A key pair is one public DSA key and one private DSA key Use the no form of the command to remove the generated key from the local file system Syntax crypto key generate dsa no crypto key generate dsa crypto key generate dsa ip ssh server crypto key gene...

Page 1606: ...ystem and the private key is never displayed to the user DSA keys along with other switch credentials are distributed to all units in a stack on a configuration save Example The following example generates DSA key pairs console config crypto key generate dsa crypto key generate rsa Use the crypto key generate rsa command in Global Configuration mode to generate RSA key pairs Use the no form of the...

Page 1607: ... Example The following example generates RSA key pairs console config crypto key generate rsa crypto key pubkey chain ssh Use the crypto key pubkey chain ssh command in Global Configuration mode to enter public key configuration mode in order to manually specify public keys such as SSH client public keys Syntax crypto key pubkey chain ssh user key username rsa dsa Default Configuration By default ...

Page 1608: ...4t6 AINEICBCCA4YcF6zMzaT1wefWwX6f Rmt5nhhqdAtN 4oJfce166DqVX1gWmNzNR4DYDvSzg0lDnwCAC8Q h console config pubkey key exit crypto key zeroize pubkey chain Use the crypto key zeroize pubkey chain command in Global Configuration mode to erase all public key chains or the public key chain for a user Syntax crypto key zeroize pubkey chain ssh user key username Default Configuration There is no default co...

Page 1609: ... Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config crypto key zeroize rsa ip ssh port Use the ip ssh port command in Global Configuration mode to specify the TCP port to be used by the SSH server To use the default port use the no form of this command Syntax ip ssh port port number no ip ssh port port number Port number for use by the...

Page 1610: ...h port 8080 ip ssh pubkey auth Use the ip ssh pubkey auth command in Global Configuration mode to enable public key authentication for incoming SSH sessions To disable this function use the no form of this command Syntax ip ssh pubkey auth no ip ssh pubkey auth Default Configuration The function is disabled Command Mode Global Configuration mode User Guidelines AAA authentication is independent fr...

Page 1611: ... SSH server is disabled by default Command Mode Global Configuration mode User Guidelines To generate SSH server keys use the commands crypto key generate rsa and crypto key generate dsa Example The following example enables the switch to be configured using SSH console config ip ssh server key string Use the key string SSH Public Key Configuration mode to specify an SSH public key manually Syntax...

Page 1612: ...ing row with no characters Examples The following example shows how to enter a public key string for a user called bob console config crypto key pubkey chain ssh console config pubkey chain user key bob rsa console config pubkey key key string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHuj...

Page 1613: ... pubkey key key string row C1yc2 no crypto certificate Use the no crypto certificate command in Global Configuration mode to display the SSH public keys of the switch Syntax no crypto certificate number number The number of the certificate between 1 to 2 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user g...

Page 1614: ...e displays the SSH public keys on the switch console show crypto key mypubkey rsa rsa key data ssh rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu7WHtjQDUygjSQXHVgyqdUby dxUXEAiDHXcWHVr0R ak1HDQitBzeEv1vVEToEn5ddLmRhtIgRdKUJHgBHJV R2VaSN WC0IK53j9re4B11AE O3qAxwJs0KD7cTkvF9I YdiXeOM8VE4skkw AiyLDNVWXgNQ6iat8 8Mjth PIo5t3HykYUCkD8B1v93nzi sr4hHHJCdx7w wRW3QtgXaGwYt2rdlr3x8ViAF6B7AKYd8xGVVjyJTD6TjrCRRwQHgB BHsFr ...

Page 1615: ...erprint is unspecified it defaults to Hex format Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays all SSH public keys stored on the switch console show crypto key pubkey chain ssh Username Fingerprint bob 9A CC 01 C5 78 39 ...

Page 1616: ...de to display the SSH server configuration Syntax show ip ssh Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the SSH server configuration console show ip ssh SSH server enabled Port 22 RSA key was generated DSA key was ge...

Page 1617: ...Specifies the remote SSH client username Range 1 to 40 characters rsa RSA key dsa DSA key Default Configuration By default there are no keys Command Mode SSH Public Key Chain Configuration mode User Guidelines This command has no user guidelines Example The following example enables a SSH public key to be manually configured for the SSH public key chain called bob console config crypto key pubkey ...

Page 1618: ...1618 SSH Commands ...

Page 1619: ...vel messages CLI Logged to Local File and Syslog Server The PowerConnect Command Logging component logs all command line interface commands issued on the system The command log messages are stored with the other system logs and provide the system operators with a detailed log of the commands executed CLI command logging is configured through any of the PowerConnect management interfaces When the f...

Page 1620: ...1 22 admin User admin logged in 190 JAN 10 18 58 56 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 362 CLI admin 10 27 21 22 User has successfully logged in The CLI command log subsystem also logs all user log out instances The format of the log message is 190 JAN 10 19 01 04 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 382 CLI admin 10 27 21 22 User has logged out Commands in this C...

Page 1621: ...vileged EXEC mode User Guidelines This command has no user guidelines Example The following example clears messages from the internal syslog message logging buffer console clear logging Clear logging buffer y n clear logging file Use the clear logging file command in Privileged EXEC mode to clear messages from the logging file Syntax clear logging file Default Configuration There is no default con...

Page 1622: ...n Logging mode to describe the syslog server Syntax description description description Sets the description of the syslog server Range 1 64 characters Default Configuration This command has no default value Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the description of the server Example The followi...

Page 1623: ...de User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the severity level for syslog messages Example The following example sets the syslog message severity level to alert console config logging level alert logging cli command Use the logging cli command in Global Configuration mode to enable CLI command logging Parameter Description...

Page 1624: ...er Logging level informational Buffer Messages 71 Logged File Logging level notActive File Messages 385 Dropped CLI Command Logging enabled Switch Auditing enabled Web Session Logging disabled SNMP Set Command Logging disabled Syslog server hostname logging informational Messages 0 dropped Syslog server a12345678901234567890123456789012345678901234567890123456789012 logging informational Messages ...

Page 1625: ...2 2 CLI_WEB 209809328 cmd_logger_api c 260 374 CLI admin 10 27 21 22 User has successfully logged in 190 JAN 10 18 59 28 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 375 CLI admin 10 27 21 22 User admin logged in to enable mode logging Use the logging command in Global Configuration mode to log messages to a syslog server To delete the syslog server with the specified address from the list...

Page 1626: ...Message Sequence Number Line Number File Name Thread ID Component Name Stack ID Host IP Address Timestamp PRI PRI This consists of the facility code see RFC 3164 multiplied by 8 and added to the severity See below for more information on severity Timestamp The system up time For systems that use SNTP this is UTC When time zones are enabled local time will be used Host IP Address The IP address of ...

Page 1627: ...mponent Name Component name for the logging component Components must use the new APIs in order to enable identification of the logging component Component UNKN is substituted for components that do not use the new logging APIs Thread ID The thread ID of the logging component File Name The name of the file containing the invoking macro Line Number The line number which contains the invoking macro ...

Page 1628: ...vel no logging buffered Parameter Description Default Configuration The default value for level is info Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the commands displayed to the user Parameter Description severity level Optional The number or name of the desired severity level Range 0 emergencies 1 alerts 2 cr...

Page 1629: ...ages logged to the console based on severity To disable logging to the console terminal use the no form of this command Syntax logging console severity level no logging console Parameter Description Default Configuration The default value for level is warnings Command Mode Global Configuration mode Parameter Description severity level Optional The number or name of the desired severity level Range...

Page 1630: ... command in Global Config mode to configure the facility to be used in log messages Syntax logging facility facility no logging facility Parameter Description Default Configuration The default value is local7 Command Mode Global Config mode User Guidelines This command has no user guidelines Example The following example sets the logging facility as local3 Parameter Description facility The facili...

Page 1631: ...ommand Syntax logging file severity level number type no logging file Parameter Description Default Configuration The default severity level is error Command Mode Global Configuration mode User Guidelines This command has no user guidelines Parameter Description severity level number Optional The number or name of the desired severity level Range 0 emergencies 1 alerts 2 critical 3 errors 4 warnin...

Page 1632: ... logging messages to telnet and SSH sessions with the default severity level Use the no logging monitor command to disable logging messages Syntax logging monitor severity no logging monitor Parameter Description Default Configuration The default severity value is warnings Parameter Description severity level Optional The number or name of the desired severity level Range 0 emergencies 1 alerts 2 ...

Page 1633: ... of log messages use the no form of this command Syntax logging on no logging on Default Configuration Logging is enabled Command Mode Global Configuration mode User Guidelines The logging process controls the distribution of logging messages to the various destinations such as the logging buffer logging file or syslog server Logging on and off for these destinations can be individually configured...

Page 1634: ... of this command Syntax logging snmp no logging snmp Default Configuration Disabled Command Mode Global Configuration mode User Guidelines To see SNMP Set command logs use the show logging command Example console config logging snmp logging web session Use the logging web session command in Global Configuration mode to enable web session logging To disable use the no form of this command Syntax lo...

Page 1635: ..._api c 140 764 WEB 10 131 7 67 UNKNOWN EwaSessionLookup session 0 created 133 MAR 24 07 46 07 10 131 7 165 2 UNKN 83102768 cmd_logger_api c 140 765 WEB 10 131 7 67 admin User admin logged in port Use the port command in Logging mode to specify the port number of syslog messages To reset to the default value use the no form of the command Syntax port port no port Parameter Description Parameter Des...

Page 1636: ...ssage port to 300 console config logging port 300 show logging Use the show logging command in Privileged EXEC mode to display all logging information including auditing status Syntax show logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The foll...

Page 1637: ... Log 190 JAN 10 16 26 53 0 0 0 0 1 NIM 177745344 nim_intf_map_api c 381 985 nimCheckIfNumber incorrect phase for operation 190 JAN 10 16 26 53 0 0 0 0 1 NIM 177745344 nim_intf_map_api c 381 986 nimCheckIfNumber incorrect phase for operation show logging file Use the show logging file command in Privileged EXEC mode to display the state of logging and the syslog messages stored in the logging file ...

Page 1638: ...aaaa show syslog servers Use the show syslog servers command in Privileged EXEC mode to display the syslog servers settings Syntax show syslog servers Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the syslog server setti...

Page 1639: ...lnet and SSH sessions Syntax terminal monitor no terminal monitor Default Configuration The default setting is terminal monitor Command Mode Privileged EXEC mode User Guidelines Use the terminal monitor command in Privileged EXEC mode to change the severity of messages displayed on the terminal monitor Use the no terminal monitor command to disable the display of logging messages on the terminal f...

Page 1640: ...1640 Syslog Commands ...

Page 1641: ...m fan banner login media type show system temperature banner motd member show memory cpu show tech support banner motd acknowledge motd banner show nsf show users clear checkpoint statistics nsf show power usage history show version clear counters stack ports reload show process cpu stack cut through mode set description show sessions stack port exec banner slot show slot standby hardware profile ...

Page 1642: ... the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following example specifies the switch asset tag as 1qwepot Because the unit parameter is not specified the command defaults to the master switch number console config asset tag 1qwepot banner ...

Page 1643: ... line entered will consume an extra two characters to account for the carriage return and line feed Example console config banner exec banner text banner login Use the banner login command to set the message that is displayed just before the login prompt after a user has successfully logged in to the switch Use no banner login command to remove the message Syntax banner login MESSAGE no banner log...

Page 1644: ...ome examples Example console config banner login banner text banner motd Use the banner motd command to set the message that is displayed prior to logging into the switch Use no banner motd command to remove the message Syntax banner motd MESSAGE no banner motd MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines The ...

Page 1645: ... console must be acknowledged if banner motd acknowledge is executed Enter y or n to continue to the login prompt If n is entered the session is terminated and no further communication is allowed on that session However serial connection will not get terminated if y is not entered Use the no banner motd acknowledge command to disable banner acknowledge Syntax banner motd acknowledge no banner motd...

Page 1646: ...therwise make changes to the configuration you may contact Kevin at x911 Please be advised this unit is under test by Kevin dellradius 192 168 12 84 s password Press y to continue within 30 seconds y n Welcome to the M6220 in the Bottom Chassis 192 168 12 190 This unit is located in A2 and is currently under test M6220 C1 SSH Linux Terminal root kevin ssh 192 168 12 84 l dellradius If you need to ...

Page 1647: ...6220 C1 Telnet If you need to utilize this device or otherwise make changes to the configuration you may contact Kevin at x911 Press y to continue within 30 seconds y n y Please be advised this unit is under test by Kevin User root Password Welcome to the M6220 in the Bottom Chassis 192 168 12 190 This unit is located in A2 and is currently under test M6220 C1 Example console config banner motd Th...

Page 1648: ...nfiguration Command Mode Privileged EXEC mode User Guidelines When nonstop forwarding is enabled on a stack the stack s management unit checkpoints operational data to the backup unit If the backup unit takes over as the management unit the control plane on the new management unit uses the checkpoint data when initializing its state Checkpoint statistics track the amount of data checkpointed from ...

Page 1649: ...ack ports diag commands Example console clear counters stack ports cut through mode Use the cut through mode command to enable the cut through mode on the switch The mode takes effect on all ports on next reload of the switch To disable the cut through mode on the switch use the no form of this command Syntax cut through mode no cut through mode Default Configuration This command has no default co...

Page 1650: ...r MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Line Configuration User Guidelines The exec banner can consist of multiple lines Enter a quote to complete the message and return to configuration mode Example console config telnet no exec banner hardware profile portmode Use the hardware profile portmode command in Interface Config mode to configur...

Page 1651: ...the 4x10G interfaces or any other 10G port will give an error This command takes effect only after rebooting the switch hostname Use the hostname command in Global Configuration mode to specify or modify the switch host name To restore the default host name use the no form of the command Syntax hostname name no hostname Parameter Description 1x40g Configure the port as a single 40G port using 4 la...

Page 1652: ... in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may truncate entries at the first illegal character or reject the entry entirely Example The following example specifies the switch host name console config hostname Dell initiate failover To manually force a failover from the management unit to...

Page 1653: ...rning message Use the standby command to select a specific unit to act as the backup unit Example console config stack initiate failover cr Press enter to execute the command console config stack initiate failover Management unit will be reloaded Are you sure you want to failover to the backup unit y n y locate Use the locate command to locate a switch by LED blinking Syntax locate switch unit tim...

Page 1654: ... persist across reboots Example console locate switch 1 time 555 login banner Use the login banner command to enable login banner on the console telnet or SSH connection To disable use the no form of the command Syntax login banner no login banner MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Line Configuration User Guidelines This command has no ...

Page 1655: ...dia type is powered on and the alternate media type is powered off Note that when the auto select keyword is used with any media type the SFP port will remain powered and the laser if any will remain on in order to allow connections over the SFP port Example Select the RJ45 port and power off the SFP port console config if Te1 0 24 media type rj45 Parameter Description auto select rj45 Utilize RJ4...

Page 1656: ...switchindex no member unit unit The switch identifier of the switch to be added or removed from the stack Range 1 12 switchindex The index into the database of the supported switch types indicating the type of the switch being preconfigured The switch index is a 32 bit integer obtained from the show supported switchtype command Default configuration This command has no defaults Command Mode Stack ...

Page 1657: ...motd on the console telnet or SSH connection To disable use the no form of the command Syntax motd banner no motd banner MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Line Configuration User Guidelines This command has no user guidelines Example console config telnet motd banner nsf Use this command to enable non stop forwarding The no form of the...

Page 1658: ...e or software fault on the stack management unit Example console config nsf ping Use the ping command in User EXEC mode to check the accessibility of the desired node on the network Syntax ping ip ipv6 ipaddress hostname repeat count timeout interval size size ipaddress IP address to ping contact hostname Hostname to ping contact Range 1 158 characters The command allows spaces in the host name wh...

Page 1659: ...mode User Guidelines The local VRRP IP address is not pingable Examples The following example displays a ping to IP address 10 27 65 60 console ping 10 27 65 60 Pinging 10 27 65 60 with 0 bytes of data Reply From 10 27 65 60 icmp_seq 0 time 10 msec Reply From 10 27 65 60 icmp_seq 1 time 10 msec Reply From 10 27 65 60 icmp_seq 2 time 10 msec Reply From 10 27 65 60 icmp_seq 3 time 10 msec 10 27 65 6...

Page 1660: ...seq 2 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 3 time 7 ms 10 1 1 1 PING Statistics 4 packets transmitted 4 packets received 0 packet loss round trip ms min avg max 7 8 11 reload Use the reload command in Privileged EXEC mode to reload stack members Syntax reload stack member number Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC ...

Page 1661: ...reload the switch y n y Reloading management switch 1 set description Use the set description command in Stack Global Configuration mode to associate a text description with a switch in the stack Syntax set description unit description unit The switch identifier Range 1 12 description The text description Range 1 80 alphanumeric characters Default Configuration This command has no default configur...

Page 1662: ... the specified slot The card index is a 32 bit integer If a card is currently present in the slot that is unconfigured the configured information will be deleted and the slot will be reconfigured with default information for the card The supported card types are PowerConnect 7024 PowerConnect 7024P PowerConnect 7024F PowerConnect 7048 PowerConnect 7048P PowerConnect 7048R PowerConnect 7048R RA CX4...

Page 1663: ...lt configuration Command Mode Global Configuration User Guidelines The card index CID can be obtained by executing the show supported cardtype command in User EXEC mode show banner Use the show banner command to display banner information Syntax show banner Default Configuration This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guideli...

Page 1664: ...in Banner MOTD Line Console Enable Line SSH Enable Line Telnet Enable motd show boot version Use the show boot version command to display the boot image version details The details available to the user include the build date and time Syntax show boot version unit unit The switch identifier Range 1 12 Default Configuration This command has no default configuration ...

Page 1665: ...Syntax show checkpoint statistics Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines When nonstop forwarding is enabled on a stack the stack s management unit checkpoints operational data to the backup unit If the backup unit takes over as the management unit the control plane on the new management ...

Page 1666: ...10 second Message Rate 8 msg sec show cut through mode Use the show cut through mode command to show the cut through mode on the switch Syntax show cut through mode Command Mode Privileged EXEC Config mode and all Config sub modes Default Configuration This command has no default configuration User Guidelines No specific guidelines Example Console show cut through mode Current mode Enable Configur...

Page 1667: ...nterface id Default Configuration This command has no default setting Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples console show hardware profile portmode Configured Running 40G Interface 10G Interfaces Mode Mode Fo1 0 1 Te1 0 25 28 1x40G 4x10G Fo1 0 2 Te1 0 29 32 1x40G 1x40G console show hardware profile portmod...

Page 1668: ...onfiguration This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines This command is only applicable to 10G non stacking interfaces Example console show interfaces advanced firmware Port Revision Part number Te1 0 1 0x411 BCM8727 Te1 0 2 0x411 BCM8727 Te1 0 3 0x411 BCM8727 Te1 0 4 0x411 BCM8727 Te1 0 5 0x411 BCM8727 Parameter Desc...

Page 1669: ...EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show interfaces media type Port Configured Media Type s Active Te1 0 21 auto select SFP preferred SFP Te1 0 22 auto select SFP preferred SFP Parameter Description auto select rj45 Utilize RJ45 media when both media types are active auto select sfp Utilize the SFP media when both media type...

Page 1670: ...space on the switch Syntax show memory cpu Default Configuration This command has no default configuration Command Mode Privileged EXEC Config mode and all Config sub modes User Guidelines No specific guidelines Example console show memory cpu Total Memory 262144 KBytes Available Memory Space 121181 KBytes show nsf Use the show nsf command to show the status of non stop forwarding Syntax show nsf ...

Page 1671: ...art 0 days 16 hrs 52 mins 55 secs Restart In Progress No Warm Restart Ready Yes Copy of Running Configuration to Backup Unit Status Stale Time Since Last Copy 0 days 4 hrs 53 mins 22 secs Time Until Next Copy 28 seconds Unit NSF Support 1 Yes 2 Yes 3 Yes show power usage history Use the show power usage history command in Privileged EXEC mode to display the history of unit power consumption for th...

Page 1672: ...is command Example console show power usage history unit 1 Sampling Interval sec 30 Total No of Samples to Keep 168 Current Power Consumption mWatts 56172 Sample Time Since Power Power No The Sample Consumption Consumption Was Recorded On This Unit Per Stack mWatts mWatts 3 0d 00 00 13 56172 56172 2 0d 00 00 43 56172 56172 1 0d 00 01 12 54360 54360 Parameter Description unit id Stack unit for whic...

Page 1673: ...x show process cpu Command Mode Privileged EXEC Config mode and all Config sub modes Default Configuration This command has no default configuration User Guidelines No specific guidelines Example console show process cpu Memory Utilization Report status bytes free 64022608 alloc 151568112 CPU Utilization PID Name 5 Sec 1 Min 5 Min 328bb20 tTffsPTask 0 00 0 00 0 02 ...

Page 1674: ... 48a1250 osapiMonTask 0 00 0 32 0 17 4969790 BootP 0 00 0 00 0 01 4d71610 dtlTask 0 00 0 06 0 05 4ed00e0 hapiRxTask 0 00 0 06 0 03 562e810 DHCP snoop 0 00 0 00 0 06 58e9bc0 Dynamic ARP Inspection 0 00 0 06 0 03 62038a0 dot1s_timer_task 0 00 0 00 0 03 687f360 dot1xTimerTask 0 00 0 06 0 07 6e23370 radius_task 0 00 0 00 0 01 6e2c870 radius_rx_task 0 00 0 06 0 03 7bc9030 spmTask 0 00 0 09 0 01 7c58730...

Page 1675: ...emote hosts Syntax show sessions Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays a list of open telnet sessions to remote hosts console show sessions User NameConnection fromIdleSession Session Time Time Type EIA 232 00 00...

Page 1676: ...tion Connection Connection number Host Remote host to which the switch is connected through a Telnet session Address IP address of the remote host Port Telnet TCP port number Parameter Description Slot The slot identifier in a slot port format Slot Status The slot is empty full or has encountered an error Admin State The slot administrative mode is enabled or disabled Power State The slot power mo...

Page 1677: ...d displays information about specific card types supported in the system Card index values are specific to each family of products Use the generic form without specifying an index to display all the card types for a product family Pluggable Cards are pluggable or non pluggable in the slot Parameter Description Inserted Card Model Identifier The model identifier of the card inserted in the slot Mod...

Page 1678: ... default configuration Command Mode User EXEC Config mode and all Config sub modes User Guidelines The CID information is used when pre configuring cards using the slot command Parameter Description Card Index CID The index into the database of the supported card types This index is used when preconfiguring a slot Card Model Identifier The model identifier for the supported card type Parameter Des...

Page 1679: ...nd has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines The switch SID is used when pre configuring switches in a stack using the member command in config stack mode Example The following example displays the information for supported switch types console show supported switchtype Mgmt Code SID Switch Model ID Pref Type 2 PCT6248 1 0x100b000...

Page 1680: ...cribes the fields in the example Model Identifier This field displays the model identifier for the supported switch type Management Preference This field indicates the management preference value of the switch type Code Version This field displays the code load target identifier of the switch type Field Description Switch Type This field displays the 32 bit numeric switch type for the supported sw...

Page 1681: ...tch configuration including the SFS last attempt status for the specified unit The show switch command may show an SDM Mismatch value in the Switch Status field This value indicates that the unit joined the stack but is running a different SDM template than the management unit This status should be temporary the stack unit should automatically reload using the template running on the stack manager...

Page 1682: ...t Switch Switch Type 0xb6360003 Preconfigured Model Identifier PCT7024F Plugged in Model Identifier PCT7024F Switch Status OK Switch Description PowerConnect 7024F Detected Code Version I 12 19 2 Detected Code in Flash I 12 19 2 SFS Last Attempt Status None stack member number The stack member number stack ports Display summary stack port information for all interfaces counters Display summary dat...

Page 1683: ...reference value indicates how likely the switch is to be chosen as the Management Switch Switch Type This field displays the 32 bit numeric switch type Model Identifier This field displays the model identifier for this switch Model Identifier is a 32 character field assigned by the switch manufacturer to identify the switch Switch Status This field displays the switch status Possible values are OK...

Page 1684: ...ation then the code version is None SFS Last Attempt Status This field displays the Stack Firmware Synchronization status CPLD Version This field displays the Complex Programmable Logic Device version Serial Number This field displays the Switch serial number Up Time This field displays the system up time Unit Description Switch This field displays the unit identifier assigned to the switch Manage...

Page 1685: ...racter field assigned by the switch manufacturer to identify the switch Switch Status This field indicates the switch status Possible values for this state are OK Unsupported CodeMismatch ConfigMismatch or NotPresent Code Version This field indicates the detected version of code on this switch Parameter Description Range Default NSF Administrative Status Whether nonstop forwarding is administrativ...

Page 1686: ...ager to the backup manager and was unable to maintain user data traffic This is usually caused by multiple failures occurring close together Power On Administrative Move Warm Auto Restart Cold Auto Restart None Time Since Last Restart Time since the current management card became the active management card For the backup manager the value is set to 0d 00 00 00 Time Stamp 0d 00 00 00 Restart in pro...

Page 1687: ...Unit Status Stale Time Since Last Copy 0 days 4 hrs 53 mins 22 secs Time Until Next Copy 28 seconds Time Since Last Copy When the running configuration was last copied from the management unit to the backup unit Time Stamp Time Until Next Copy The number of seconds until the running configuration will be copied to the backup unit This line only appears when the running configuration on the backup ...

Page 1688: ... 48 ANFirebolt 48 OK 4 12 17 37 2 Stack Mbr ANFirebolt 24 ANFirebolt 24 Updating Code 13 4 8 42 console show switch 1 Switch 1 Management Status Management Switch Hardware Management Preference Unassigned Admin Management Preference Unassigned Switch Type 0xb6340001 Preconfigured Model Identifier PCT7048 Plugged in Model Identifier PCT7048 Switch Status OK Switch Description PowerConnect 7048 Expe...

Page 1689: ...Model IDModel IDStatusVersion 1Mgmt SwANFirebolt 48ANFirebolt 48OK2 24 17 48 2ANFirebolt 48ANFirebolt 48SDM Mismatch 2 24 17 48 show system Use the show system command in User EXEC mode to display system information Syntax show system unit unit The unit number Default Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guide...

Page 1690: ...s System Contact System Name System Location Burned In MAC Address 00FF F2A3 8888 System Object ID 1 3 6 1 4 1 674 10895 3011 System Model ID PCT6248 Machine Type Dell 48 Port Gigabit Ethernet Temperature Sensors Unit Temperature Celsius Status 1 25 OK Fans Unit Description Status 1 Fan 1 OK 1 Fan 2 OK 1 Fan 3 OK 1 Fan 4 OK ...

Page 1691: ...ommand in User EXEC or Privileged EXEC mode to explicitly display the fan status Syntax show system fan Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example console show system fan Fans Unit Description Status ...

Page 1692: ...t Configuration This command has no default configuration Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines The tag information is on a switch by switch basis Example The following example displays the system service tag information console show system id Service Tag 89788978 Serial number 8936589782 Asset tag 7843678957 Unit Service tag Serial number Asset tag 1 897...

Page 1693: ...t require a parameter description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Examples console show system power console show system power Power Supplies Unit Description Status Source Average Current Since Power Power Date Time Watts Watts 1 SystemOK ...

Page 1694: ...ter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC Config mode and all Config sub modes User Guidelines Temperature status is indicated as per the following table Examples console show system temperature Temperature Sensors Unit Description Temperature Status Status Degrees Cel...

Page 1695: ...ow tech support command to display system and configuration information for use in debugging or contacting technical support The output of the show tech support command combines the output of the following commands show version show sysinfo show port all show isdp neighbors show logging show event log show logging buffered show running config show debugging ...

Page 1696: ...delines Not applicable Default Value Not applicable Example console show tech support Show Version Switch 2 System Description PowerConnect 6248P 1 23 0 33 VxWorks 6 5 Machine Type PowerConnect 6248P Machine Model PCT6248P Serial Number CN0PK4632829881C0067 FRU Number 1 Part Number BCM56314 Maintenance Level A Manufacturer 0xbc00 Burned In MAC Address 00 1E 4F 04 5D F4 ...

Page 1697: ...0 100 Ethernet 802 3 interface s 4 Gig Ethernet 802 3 interface s 1 10Gig Ethernet 802 3 interface s 0 Virtual Ethernet 802 3 interface s 0 MIBs Supported More or q uit Selecting More m continues the display of output for the show tech support command show users Use the show users command in Privileged EXEC mode to display information about the active users The command also shows which administrat...

Page 1698: ...mand has no user guidelines Example The following example displays a list of active users and the information about them console show users Username Protocol Location Profile s admin Serial EIA 232 net admin console show users accounts UserName Privilege Password Password Lockout Aging Expiry date admin 15 False Administrative Profile s network admin user 1 False Administrative Profile s network o...

Page 1699: ...Command Mode User EXEC mode Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays a system version this version number is only for demonstration purposes console show version Image Descriptions image1 default image image2 Images currently available on Flash unit image1 image2 current active next active 1 K 3 9 1 0 0 0 0 imag...

Page 1700: ...ack configuration Stack members that do not match the saved config after a reboot will show a config mismatch and do not join the stack Example The following example sets the mode to Stack Global Config console config stack console config stack stack port Use the stack port command in Stack Configuration mode to configure ports as either Stacking ports or as Ethernet ports This command is used to ...

Page 1701: ...tus command output Use the show switch command to display information regarding the switches in a stack Redundant stacking links between any two units must operate at the same speed A 40G port configured in 4x10G mode is considered to be operating at 10G speed Up to eight stack ports can be configured per stacking unit four in each direction The PC80xx and PC81xx switches support up to six units c...

Page 1702: ...idelines Examples console config stack console config stack standby 2 switch renumber Use the switch renumber command in Global Configuration mode to change the identifier for a switch in the stack Upon execution the switch is configured with the configuration information for the new switch if any is available The old switch configuration information is retained however the old switch will be oper...

Page 1703: ...et Syntax telnet ip address hostname port keyword1 Parameter Description Parameter Description ip address Valid IP address of the destination host hostname Hostname of the destination host Range 1 158 characters The command allows spaces in the host name when specified in double quotes For example console config snmp server host host name port A decimal TCP port number or one of the keywords from ...

Page 1704: ...ble Keyword Description Port Number bgp Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands 514 daytime Daytime 13 discard Discard 9 domain Domain Name Service 53 echo Echo 7 exec Exec 512 finger Finger 79 ftp File Transfer Protocol 21 ftp data FTP data connections 20 gopher Gopher 70 hostname NIC hostname server 101 ident Ident Protocol 113 irc Internet Relay Chat 194 k...

Page 1705: ...le telnet 176 213 10 50 Esc U sends telnet EL lpd Printer service 515 nntp Network News Transport Protocol 119 pim auto rp PIM Auto RP 496 pop2 Post Office Protocol v2 109 pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunrpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control System 49 talk Talk 517 telnet Telnet 23 time Time 37 uucp Unix to Unix Cop...

Page 1706: ...st host name initTtl The initial time to live TTL the maximum number of router hops between the local and remote system Range 0 255 maxTtl The largest TTL value that can be used Range 1 255 maxFail Terminate the traceroute after failing to receive a response for this number of consecutive probes Range 0 255 interval The timeout period If a response is not received within this period of time then t...

Page 1707: ...d EXEC mode User Guidelines There are no user guidelines for this command Examples The following example discovers the routes that packets will actually take when traveling to the destination specified in the command console traceroute 192 168 77 171 Tracing route over a maximum of 20 hops 1 192 168 21 1 30 ms 10 ms 10 ms 2 3 4 src ip address The IPv4 source address to use in the ICMP echo request...

Page 1708: ...1708 System Management Commands 5 ...

Page 1709: ...mize performance for the systems involved When a Telnet connection is initiated each side of the connection is assumed to originate and terminate at a Network Virtual Terminal or NVT Therefore the server and user hosts do not maintain information about the characteristics of each other s terminals and terminal handling conventions Telnet Client Behaviors Different telnet clients operate differentl...

Page 1710: ...M6220 in the Bottom Chassis 192 168 12 190 This unit is located in A2 and is currently under test M6220 C1 2 SSH Linux Terminal root ssh 192 168 12 84 l dellradius If you need to utilize this device or otherwise make changes to the configuration you may contact the owner at x38525 Please be advised this unit is under test dellradius 192 168 12 84 s password Press y to continue within 30 seconds y ...

Page 1711: ...ue within 30 seconds y n Welcome to the M6220 in the Bottom Chassis 192 168 12 190 This unit is located in A2 and is currently under test M6220 C1 4 Telnet If you need to utilize this device or otherwise make changes to the configuration you may contact the owner at x38525 Press y to continue within 30 seconds y n y Please be advised this unit is under test User root Password Welcome to the M6220 ...

Page 1712: ...ervice on the switch Syntax ip telnet server disable no ip telnet server disable Parameter Ranges Not applicable Command Mode Global Configuration Usage Guidelines No specific guidelines Default Value This feature is enabled by default Example console configure console config ip telnet server disable console config no ip telnet server disable ip telnet server disable show ip telnet ip telnet port ...

Page 1713: ...TCP port is 23 Command Mode Global Configuration Usage Guidelines The Telnet TCP port should not be set to a value that might conflict with other well known protocol port numbers used on this switch Example console config ip telnet port 45 console config no ip telnet port show ip telnet The show ip telnet command displays the status of the Telnet server and the Telnet TCP port number Syntax show i...

Page 1714: ...1714 Telnet Server Commands Command Mode Privileged EXEC Config mode and all Config sub modes Example console show ip telnet Telnet Server is Enabled Port 23 ...

Page 1715: ...fault value is 24 Command Mode Privileged EXEC mode User Guidelines Setting the terminal length to 0 disables paging altogether It is recommended that the terminal length either be set to 0 or a value larger than 4 as terminal lengths in the range of 1 to 4 may give odd output due to prompting The terminal length command is specific to the current session Logging out rebooting or otherwise ending ...

Page 1716: ...1716 Terminal Length Commands ...

Page 1717: ...y this name already exists this command enters Time Range Configuration mode to allow updating the time range entries Use the no form of this command to delete a time range identified by name Syntax time range name no time range name Parameter Description Default Configuration This command has no default configuration time range periodic absolute show time range Parameter Description name A case s...

Page 1718: ...arameter Description Start time date Time and date at which the configuration that referenced the time range is in effect The time is expressed in a 24 hour clock in the form of hours minutes For example 8 00 is 8 00 am and 20 00 is 8 00 pm The date is expressed in the format day month year If no start time and date are specified the configuration statement is in effect immediately End time date T...

Page 1719: ...the currently configured time zone Example console time range timeRange_1 console Config time range absolute end 12 00 16 Dec 2010 periodic Use the periodic command to add a periodic time entry to a time range The time parameter is based off of the currently configured time zone Use the no form of this command to delete a periodic time entry from a time range Syntax periodic days of the week time ...

Page 1720: ...erenced the time range is no longer in effect If the end days of the week are the same as the start they can be omitted This argument can be any single day or combinations of days Monday Tuesday Wednesday Thursday Friday Saturday Sunday Other possible values are daily Monday through Sunday weekdays Monday through Friday weekend Saturday and Sunday If the ending days of the week are the same as the...

Page 1721: ...vidually Monday Tuesday Wednesday Thursday Friday but with after work hours 9pm to 11pm The administrator wants to permit deny HTTP traffic for this time range but the entire time range is invalid due to conflicting entries The absolute entry is forced to inactive because the periodic entry time is not yet in effect Examples console time range timeRange_2 console Config time range periodic monday ...

Page 1722: ...Inactive Entry Number 1 Absolute End Time 12 00 16 Dec 2010 Parameter Description Number of Time Ranges Number of time ranges configured in the system Time Range Name Name of the time range Time Range Status Status of the time range active inactive Absolute start Start time and day for absolute time entry Absolute end End time and day for absolute time entry Periodic Entries Number of periodic ent...

Page 1723: ...13 00 Periodic End Time WED 12 00 Entry Number 4 Periodic Start Time WED 12 30 Periodic End Time THU 20 00 Entry Number 5 Periodic Start Time SUN SAT 18 00 More or q uit Periodic End Time SUN SAT 20 00 console show time range Current number of all Time Ranges 5 Maximum number of all Time Ranges 100 Periodic Time Range Name Status Entry count Absolute Entry ...

Page 1724: ...1724 Time Ranges Commands timeRange_1 Inactive 4 Exists timeRange_2 Inactive 4 Exists timeRange_3 Inactive 4 Exists timeRange_4 Inactive 4 Exists timeRange_5 Inactive4Exists ...

Page 1725: ...ve can be used easily to move and copy configuration and image files from one switch to other Files from the switch can be copied to a USB flash device and can be used to deploy on other switches in the network Validation of Files Downloaded Uploaded from USB Device Files are validated before downloading files from USB flash drive to switch and uploading files from switch to USB flash drive Downlo...

Page 1726: ...to be supported by switch Downloading and Uploading of Files After the file validations are successful switch proceeds with downloading of files from the USB flash device to the switch and uploading of files from the switch to the USB flash drive The status of file download upload is shown on the console Detailed messages are logged in the system log for further reference Commands in this Chapter ...

Page 1727: ...ice details Syntax show usb device Parameter Description The following table explains the output parameters Parameter Description Device Status This field specifies the current status of device Active if device is plugged in and the device is recognized by the switch Inactive if device is not mounted Invalid if device is not present or invalid device is plugged in Manufacturer Manufacturer details...

Page 1728: ...ce is plugged into the USB slot console show usb device Device Status Active Manufacturer xxxx Serial Number yyyyy USB Version Compliance 2 0 Class Code abc Subclass Code acb Protocol 0x0 Vendor ID zzzzz Product ID aaaaa Class Code Device Class Subclass Code Device SubClass Protocol Device Protocol Vendor ID Vendor specific details of device Vendor ID Product ID Vendor specific details of device P...

Page 1729: ...and memory statistics Syntax dir usb Parameter Description The following table explains the output parameters Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Parameter Description Filename File name Filesize File size Total Size USB flash device storage size Bytes Used Indicates size of memory used on ...

Page 1730: ... 14 43 24 Documents 4096 11 27 2009 14 58 36 Stuff 4096 11 27 2009 14 59 32 Austin 4096 09 11 2010 18 43 16 running config 819 05 13 2000 20 40 44 PC7000v20101108_1 stk 12567304 11 08 2010 16 13 54 PCM6348v10 29 16 43 stk 12444340 11 01 2010 13 55 40 Total Size 3708858368 Bytes Used 218435911 Bytes Free 3490422457 ...

Page 1731: ...ed EXEC mode Syntax enable Default Configuration The default privilege level is 15 Command Mode User EXEC and Privileged EXEC modes User Guidelines If there is no authentication method defined for enable then a level 1 user is not allowed to execute this command Example The following example shows how to enter privileged mode console enable console enable end quit exit ...

Page 1732: ...s command has no default configuration Command Mode All command modes User Guidelines No specific guidelines Example console config end console end console exit Use the exit command to go to the next lower command prompt or in User EXEC mode to close an active terminal session by logging off the switch Syntax exit Default Configuration This command has no default configuration ...

Page 1733: ...ration mode from Interface Configuration mode to User EXEC mode to the login prompt console config if Gi1 0 1 exit console config exit console exit console exit User quit Use the quit command in User EXEC mode to close an active terminal session by logging off the switch Syntax quit Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines ...

Page 1734: ...1734 User Interface Commands Example The following example closes an active terminal session console quit ...

Page 1735: ...ies must be enabled on the browser The Set Cookie directive is sent only once at initiation of the session With the introduction of Web Sessions the client connections can be monitored and controlled Web Sessions put the authentication control in the PowerConnect instead of the client browser resulting in a more efficient implementation that allows web access while using Radius or TACACS for authe...

Page 1736: ...y ip http secure server crypto certificate generate key generate crypto certificate import location crypto certificate request organization unit duration show crypto certificate mycertificate ip http port show ip http server status ip http server show ip http server secure status ip http secure certificate state Parameter Description common name Specifies the fully qualified URL or IP address of t...

Page 1737: ...rypto cert common name router gm com country Use the country command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the country Syntax country country country Specifies the country name Range 2 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This ...

Page 1738: ...t saved in the router switch configuration however the certificate and keys generated by this command are saved in the private configuration This saved information is never displayed to the user or backed up to another switch If the RSA keys do not exist the generate parameter must be used To save the generated certificate and keys on the local switch and distribute the certificate across a stack ...

Page 1739: ...rypto certificate import command in Global Configuration mode to import a certificate signed by the Certification Authority for HTTPS Syntax crypto certificate number import number Specifies the certificate number Range 1 2 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Use this command to enter an external certificate signed ...

Page 1740: ...Ew CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgclsZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENOPXNlcnZl END CERTIFICATE Certificate imported successfully Issued to router gm com Issued by www verisign com Valid from 8 9 2005 to 8 9 2005 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 ...

Page 1741: ...ication Authority use the crypto certificate import command in Global Configuration mode to import the certificate into the switch This certificate replaces the self signed certificate Use the end command to exit Crypto Certificate Request mode without generating a certificate request Use the exit command to exit Crypto Certificate Request mode and generate a certificate request duration Use the d...

Page 1742: ... a web browser to configure the switch To use the default TCP port use the no form of this command Syntax ip http port port number no ip http port port number Port number for use by the HTTP server Range 1 65535 Default Configuration This default port number is 80 Command Mode Global Configuration mode User Guidelines The HTTP TCP port should not be set to a value that might conflict with other we...

Page 1743: ...ault mode is enabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the switch to be configured from a browser console config ip http server ip http secure certificate Use the ip http secure certificate command in Global Configuration mode to configure the active certificate for HTTPS To return to the default setting...

Page 1744: ...certificate for HTTPS console config ip http secure certificate 1 ip http secure port Use the ip http secure port command in Global Configuration mode to configure a TCP port for use by a secure web browser to configure the switch To use the default port use the no form of this command Syntax ip http secure port port number no ip http secure port Parameter Description Parameter Description number ...

Page 1745: ...ig ip http secure port 2 ip http secure server Use the ip http secure server command in Global Configuration mode to enable the switch to be configured monitored or modified securely from a browser To disable this function use the no form of this command Syntax ip http secure server no ip http secure server Default Configuration The default for the switch is disabled Command Mode Global Configurat...

Page 1746: ...This command has no default configuration Command Mode Crypto Certificate Generation mode User Guidelines This command mode is entered using the crypto certificate request command You must use the key generate command prior to exiting the crypto certificate request mode to properly generate a certificate request Example The following example displays how to specify that you want to regenerate the ...

Page 1747: ...erate command Example The following example displays how to specify the city location of austin console config crypto cert location austin organization unit Use the organization unit command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the organization unit Syntax organization unit organization unit organization unit Specifies the organization unit or department n...

Page 1748: ... number Specifies the certificate number Range 1 2 digits Default configuration This command has no default configuration Command Mode Privileged EXEC mode Config mode and all Config sub modes Example The following example displays the SSL certificate of a sample switch console show crypto certificate mycertificate 1 BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS N...

Page 1749: ...er status Syntax Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC Config mode and all Config sub modes User Guidelines This command has no user guidelines Example The following example displays the HTTP server configuration console show ip http server status HTTP server enabled Port 80 show ...

Page 1750: ... has no user guidelines Example The following example displays an HTTPS server configuration with DH Key exchange enabled console show ip https HTTPS server enabled Port 443 DH Key exchange enabled Certificate 1 is active Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inacti...

Page 1751: ...04 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print 1873B936 88DC3411 BC8932EF 782134BA state Use the state command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the state or provi...

Page 1752: ...on or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command Example The following example shows how to specify the state of texas console config crypto cert state texas ...

Page 1753: ...ounting dot1x default start stop 725 aaa authentication dot1x default 248 aaa authentication enable 249 aaa authentication login 251 aaa authorization network default radius 255 aaa authorization 252 aaa ias user username 255 aaa new model 256 absolute 1718 access list 292 accounting 727 acct port 728 action 581 ...

Page 1754: ... area nssa translator role 1243 area nssa translator stab intv 1155 area nssa translator stab intv 1244 area range Router OSPF 1156 area range Router OSPFv3 1245 area stub no summary 1161 area stub no summary 1247 area stub 1160 area stub 1246 area virtual link authentication 1164 area virtual link dead interval 1165 area virtual link dead interval 1250 area virtual link hello interval 1166 area v...

Page 1755: ...uto copy sw allow downgrade 1357 boot auto copy sw 1356 boot host autoreboot 1358 boot host autosave 1359 boot host dhcp 1359 boot host retrycount 1360 boot system 1432 bootfile 907 bootpdhcprelay maxhopcount 991 bootpdhcprelay minwaittime 992 capability opaque 1170 captive portal client deauthenticate 1380 captive portal 1367 channel group 637 class 661 class map rename 663 class map 662 classofs...

Page 1756: ...ict 908 clear ip dhcp snooping binding 368 clear ip dhcp snooping statistics 369 clear ip helper statistics 993 clear ip ospf stub router 1172 clear ip ospf 1171 clear ipv6 dhcp 935 clear ipv6 neighbors 1058 clear ipv6 statistics 1059 clear isdp counters 333 clear isdp table 334 clear lldp remote data 590 clear lldp statistics 591 clear logging email statistics 404 clear logging file 1621 clear lo...

Page 1757: ...enerate rsa 1606 crypto key pubkey chain ssh 1607 crypto key zeroize rsa dsa 1609 crypto key zeroize pubkey chain 1608 cut through mode 1649 dcb enable 592 deadtime 729 debug aaa accounting 730 debug arp 1544 debug auto voip 1545 debug cfm 461 debug clear 1545 debug console 1546 debug dhcp packet 362 debug dot1x 1546 debug igmpsnooping 1547 debug ip acl 1548 debug ip dvmrp 1548 debug ip igmp 1549 ...

Page 1758: ...riginate Router RIP Configuration 1308 default metric 1175 default metric 1254 default metric 1309 default router 911 delete backup config 1440 delete backup image 1440 delete startup config 1441 delete 1439 deny management 1472 deny permit IP ACL 294 deny permit IPv6 ACL 534 deny permit Mac Access List Configuration 296 depends on 585 description Administrative Profile Config 282 description Logg...

Page 1759: ...ontrol sipdip 1457 dos control tcpflag 1458 dos control tcpfrag 1458 dot1x dynamic vlan enable 861 dot1x guest vlan 885 dot1x initialize 862 dot1x mac auth bypass 862 dot1x max req 863 dot1x max users 864 dot1x port control 865 dot1x re authenticate 866 dot1x reauthentication 867 dot1x system auth control monitor 868 dot1x system auth control 867 dot1x timeout guest vlan period 869 dot1x timeout q...

Page 1760: ...ve 451 ethernet cfm mep archive hold time 452 ethernet cfm mep enable 450 ethernet cfm mep level 449 ethernet cfm mip level 452 exec banner 1650 exec timeout 1465 exit mst 756 exit 1732 exit overflow interval 1179 exit overflow interval 1256 external lsdb limit 1179 external lsdb limit 1257 filedescr 1443 flowcontrol 415 garp timer 480 gmrp enable 962 green mode eee 467 green mode eee lpi history ...

Page 1761: ...ce range vlan 811 interface range 417 interface tunnel 1324 interface vlan 810 interface 1375 interface 416 ip access group 298 ip address Out of Band 514 ip address dhcp Interface Config 516 ip address 1009 ip address conflict detect run 515 ip arp inspection filter 385 ip arp inspection limit 385 ip arp inspection trust 386 ip arp inspection validate 387 ip arp inspection vlan 388 ip default gat...

Page 1762: ...per address global configuration 997 ip helper address interface configuration 999 ip host 520 ip http authentication 261 ip http port 1742 ip http secure certificate 1743 ip http secure port 1744 ip http secure server 1745 ip http server 1743 ip https authentication 262 ip icmp echo reply 1459 ip icmp error interval 1460 ip igmp last member query count 967 ip igmp last member query interval 968 i...

Page 1763: ...rval 972 ip igmp version 973 ip igmp 966 ip igmp proxy reset status 982 ip igmp proxy unsolicited report interval 983 ip igmp proxy 981 ip irdp address 1299 ip irdp holdtime 1300 ip irdp maxadvertinterval 1301 ip irdp minadvertinterval 1302 ip irdp multicast 1303 ip irdp preference 1303 ip irdp 1297 ip local proxy arp 900 ip mcast boundary 1116 ip mroute 1117 ip mtu 1011 ip multicast ttl threshold...

Page 1764: ...20 ip proxy arp 900 ip redirects 1461 ip rip authentication 1313 ip rip receive version 1314 ip rip send version 1315 ip rip 1313 ip route default 1014 ip route distance 1015 ip route 1013 ip routing 1016 ip ssh port 1609 ip ssh pubkey auth 1610 ip ssh server 1611 ip telnet port 1713 ip telnet server disable 1712 ip unreachables 1461 ip verify binding 565 ip verify source port security 564 ip veri...

Page 1765: ... snooping listener message suppression 545 ipv6 mld snooping querier VLAN mode 556 ipv6 mld snooping querier address 557 ipv6 mld snooping querier election participate 558 ipv6 mld snooping querier query interval 559 ipv6 mld snooping querier timer expiry 559 ipv6 mld snooping querier 556 ipv6 mld snooping vlan groupmembership interval 544 ipv6 mld snooping vlan immediate leave 544 ipv6 mld snoopi...

Page 1766: ...65 ipv6 ospf 1258 ipv6 pim bsr border 1039 ipv6 pim bsr candidate 1040 ipv6 pim dense 1038 ipv6 pim dr priority 1041 ipv6 pim hello interval 1042 ipv6 pim join prune interval 1042 ipv6 pim register rate limit 1043 ipv6 pim rp address 1044 ipv6 pim rp candidate 1045 ipv6 pim sparse Global config 1038 ipv6 pim spt threshold 1046 ipv6 pim ssm 1047 ipv6 pim 1037 ipv6 route distance 1079 ipv6 route 107...

Page 1767: ...med transmit tlv 594 lldp med 592 lldp notification 595 lldp notification interval 596 lldp receive 597 lldp timers 597 lldp transmit 599 lldp transmit mgmt 599 lldp transmit tlv 600 locale 1375 locate 1653 location 1746 log adjacency changes 1189 logging audit 1627 logging buffered 1628 logging cli command 1623 logging console 1629 logging email from addr 401 logging email logtime 402 logging ema...

Page 1768: ... mac address table multicast forbidden address 310 mac address table static 311 mac address table static 311 macro apply 1402 macro description 1404 macro global apply 1399 macro global description 1401 macro global trace 1400 macro name 1398 macro trace 1403 mail server ip address hostname 406 management access class 1473 management access list 1474 mark cos 676 mark ip dscp 677 mark ip precedenc...

Page 1769: ...a 1190 media type 1655 member 1656 mirror 693 mode dvlan tunnel 812 monitor session 654 motd banner 1657 msgauth 732 mtu 418 mvr group 619 mvr immediate 622 mvr mode 620 mvr querytime 620 mvr type 623 mvr vlan group 625 mvr vlan 622 mvr 618 name Captive Portal 1376 name mst 758 name RADIUS server 732 name VLAN Configuration 813 netbios name server 920 netbios node type 921 network area 1192 networ...

Page 1770: ...ver Configuration Mode 408 password User EXEC 266 passwords aging 1486 passwords history 1486 passwords lock out 1487 passwords min length 1488 passwords strength exclude keyword 1496 passwords strength max limit consecutive characters 1493 passwords strength max limit repeated characters 1494 passwords strength minimum character classes 1495 passwords strength minimum lowercase letters 1491 passw...

Page 1771: ...ower inline management 1509 power inline powered device 1510 power inline priority enable 1512 power inline priority 1511 power inline reset 1512 power inline usage threshold 1513 power inline 1506 prefix delegation 940 primary 734 priority 734 priority 787 private vlan 846 protocol group 814 protocol vlan group all 816 protocol vlan group 815 protocol 1377 quit 1733 radius server attribute 4 735 ...

Page 1772: ...41 revision mst 759 rmon alarm 1519 rmon collection history 1522 rmon event 1523 router ospf 1201 router rip 1317 router id 1200 router id 1273 rule 283 script apply 1425 script delete 1426 script list 1427 script show 1427 script validate 1428 sdm prefer 1537 security 405 service dhcp 927 service dhcpv6 942 service 447 service acl input 302 service policy 701 session timeout 1378 set description ...

Page 1773: ...ve portal configuration client status 1381 show captive portal configuration interface 1392 show captive portal configuration locales 1393 show captive portal configuration status 1393 show captive portal configuration 1391 show captive portal interface client status 1382 show captive portal interface configuration status 1384 show captive portal status 1371 show captive portal user 1386 show capt...

Page 1774: ... channel 711 show diffserv 709 show dos control 1463 show dot1x advanced 886 show dot1x authentication history 875 show dot1x clients 877 show dot1x interface statistics 881 show dot1x interface 880 show dot1x users 883 show dot1x 874 show dvlan tunnel interface 818 show dvlan tunnel 817 show ethernet cfm domain 456 show ethernet cfm errors 456 show ethernet cfm maintenance points local 457 show e...

Page 1775: ...819 show interfaces tunnel 1324 show ip access lists 304 show ip address conflict 528 show ip arp inspection vlan 393 show ip arp inspection 390 show ip brief 1017 show ip dhcp binding 929 show ip dhcp conflict 930 show ip dhcp global configuration 930 show ip dhcp pool 931 show ip dhcp relay 1003 show ip dhcp server statistics 932 show ip dhcp snooping binding 377 show ip dhcp snooping database 3...

Page 1776: ... 986 show ip igmp proxy interface 985 show ip igmp proxy 984 show ip interface 1017 show ip irdp 1304 show ip mcast boundary 1130 show ip mcast mroute group 1133 show ip mcast mroute source 1134 show ip mcast mroute static 1134 show ip mcast mroute 1132 show ip multicast interface 1131 show ip multicast 1129 show ip ospf abr 1208 show ip ospf area 1209 show ip ospf asbr 1211 show ip ospf database ...

Page 1777: ...8 show ip route summary 1029 show ip route 1024 show ip source binding 566 show ip ssh 1616 show ip telnet 1713 show ip traffic 1030 show ip verify interface 565 show ip verify source interface 566 show ip vlan 1033 show ip vrrp interface 1351 show ipv6 access lists 539 show ipv6 brief 1083 show ipv6 dhcp binding 943 show ipv6 dhcp interface Privileged EXEC 946 show ipv6 dhcp interface User EXEC 9...

Page 1778: ...6 ospf database database summary 1284 show ipv6 ospf database 1281 show ipv6 ospf interface brief 1287 show ipv6 ospf interface stats 1287 show ipv6 ospf interface vlan 1289 show ipv6 ospf interface 1285 show ipv6 ospf neighbor 1290 show ipv6 ospf range 1292 show ipv6 ospf stub table 1293 show ipv6 ospf virtual link brief 1294 show ipv6 ospf virtual links 1293 show ipv6 ospf 1274 show ipv6 pim bsr...

Page 1779: ... statistics 613 show lldp 601 show logging email statistics 404 show logging file 1637 show logging 1636 show mac access list 305 show mac address table address 317 show mac address table count 318 show mac address table dynamic 319 show mac address table interface 320 show mac address table multicast 314 show mac address table static 321 show mac address table vlan 322 show mac address table 315 ...

Page 1780: ...istics 745 show rmon alarm 1524 show rmon alarms 1526 show rmon collection history 1527 show rmon events 1528 show rmon history 1529 show rmon log 1533 show rmon statistics 1534 show routing heap summary 1033 show running config 1447 show sdm prefer 1539 show service acl interface 303 show service policy 718 show sessions 1675 show sflow agent 1571 show sflow destination 1572 show sflow polling 15...

Page 1781: ...switchport voice 328 show syslog servers 1638 show system fan 1691 show system id 1692 show system power 1693 show system temperature 1694 show system 1689 show tacacs 788 show tech support 1695 show time range 1721 show trapflags 1584 show udld 800 show usb 1727 show users accounts 272 show users login history 273 show users 1697 show version 1699 show vlan association mac 825 show vlan associati...

Page 1782: ...adcast client enable 1414 sntp client poll timer 1414 sntp server 1415 sntp trusted key 1416 sntp unicast client enable 1417 sntp 928 source ip 749 spanning tree auto portfast 765 spanning tree bpdu flooding 766 spanning tree bpdu protection 766 spanning tree cost 767 spanning tree disable 769 spanning tree forward time 769 spanning tree guard 770 spanning tree loopguard 771 spanning tree max age ...

Page 1783: ... 441 switch renumber 1702 switchport access vlan 827 switchport forbidden vlan 828 switchport general acceptable frame type tagged only 829 switchport general allowed vlan 830 switchport general ingress filtering disable 831 switchport general pvid 832 switchport mode private vlan 845 switchport mode 833 switchport private vlan 844 switchport protected name 443 switchport protected 442 switchport ...

Page 1784: ...Interface Config 798 udld message time 797 udld port 799 udld reset 796 udld timeout interval 797 unmount usb 1726 update bootcode 1449 usage 750 user group moveusers 1395 user group name 1396 user group 1387 user group 1395 user name 1389 user password 1389 user session timeout 1390 user key 1617 user logout 1388 username Mail Server Configuration Mode 407 username unlock 277 username 274 verific...

Page 1785: ...tocol group 841 vlan 836 voice vlan 852 voice vlan Interface 852 voice vlan data priority 854 vrrp accept mode 1332 vrrp authentication 1333 vrrp description 1334 vrrp ip 1335 vrrp mode 1336 vrrp preempt 1337 vrrp priority 1338 vrrp timers advertise 1339 vrrp timers learn 1340 vrrp track interface 1341 vrrp track ip route 1342 write 1450 ...

Page 1786: ...1786 Appendix A List of Commands ...

Page 1787: ...www dell com support dell com Printed in the U S A ...

Page 1788: ......

Reviews:

No comments

Related manuals for Networking 7048

GE SE-100E Instructions Manual preview
SE-100E
Brand: GE Pages: 20
Hama S2100 Operating Instruction preview
S2100
Brand: Hama Pages: 18
FAAC 593 Quick Start Manual preview
593
Brand: FAAC Pages: 2
Kathrein EXR 221 Quick Start Manual preview
EXR 221
Brand: Kathrein Pages: 8
Nayar Systems Switch Manual preview
Switch
Brand: Nayar Systems Pages: 21
Kathrein EXD 1532 User Manual preview
EXD 1532
Brand: Kathrein Pages: 24
Kasia Switch Installation Manual preview
Switch
Brand: Kasia Pages: 5
Valcom V-2972 User Manual preview
V-2972
Brand: Valcom Pages: 2
D-Link DES-3224 - Switch User Manual preview
DES-3224 - Switch
Brand: D-Link Pages: 75
PRO SIGNAL PSG3450 Manual preview
PSG3450
Brand: PRO SIGNAL Pages: 5
Black Box LB9019A Installation preview
LB9019A
Brand: Black Box Pages: 2
plasa SRS Lighting DTS16F-DIN Instruction Manual preview
SRS Lighting DTS16F-DIN
Brand: plasa Pages: 4
Aruba 2930F Series Installation, Safety, And Regulatory Information preview
2930F Series
Brand: Aruba Pages: 6
SMC Networks PF2A7 Series Operation Manual preview
PF2A7 Series
Brand: SMC Networks Pages: 43
JAR Systems MD-5135 Installing preview
MD-5135
Brand: JAR Systems Pages: 2
Surefire ST07 User Manual preview
ST07
Brand: Surefire Pages: 2
PKP PSA10 Instruction Manual preview
PSA10
Brand: PKP Pages: 11
CIECO PCI-100LS Programming And Installation Manual preview
PCI-100LS
Brand: CIECO Pages: 17

Brands by name

Popular brands

Load more brands