Dell PowerConnect 6024 Command Line Interface Reference Manual Download Page 83 | Manualshive

Page: 83 / 504

Dell PowerConnect 6024 Command Line Interface Reference Manual Download Page 83

ACL Commands

83

User Guidelines

When an access control entry (ACE) is added to an access control list, an implied

deny-any-

any

condition exists at the end of the list. If there are no matches, the packets are denied.

However, before the first ACE is added, the list permits all packets.

If

vlan id

is used as a classifier element then it cannot connect a policy map to a VLAN

interface.

Example

The following example configures a MAC ACE to deny traffic from MAC address 6:6:6:6:6:6.

service-acl

The

service-acl

interface configuration command applies an access-list to the interface input. To

detach an access-list from an interface use the

no

form of this command.

Syntax

service-acl

{

input

acl-name

}

no

service-acl

{

input

}

•

input

acl-name

—Apply the specified ACL to the input interface.

Default Configuration

This command has no default configuration.

Command Mode

Interface Configuration mode

User Guidelines

Whenever an ACL is assigned to an interface (port, LAG or VLAN), flows (from that ingress
interface) that do not match the ACL are matched to the default rule: "drop unmatched
packets". If an ACL X is bound to a port and the port becomes a member of the VLAN to
which a different ACL Y is bound, then the ACL Y bound to the VLAN overrides the ACL X
bound to the port.

Example

The following example attaches the ACL "dell" to the interface input.

Console (config)#

mac access-list

dell

Console (config-mac-al)#

deny

06:06:06:06:06:06 00:00:FF:FF:FF:FF

any

Console (config-if)#

service-acl input

dell

«
...
81
82
83
84
85
...
»

Summary of Contents for PowerConnect 6024

Page 1: ...w w w d e l l c o m s u p p o r t d e l l c o m Dell PowerConnect 6024 6024F Systems CLI Reference Guide ...

Page 2: ...nformation in this document is subject to change without notice 2005 Dell Inc All rights reserved Reproduction in any manner whatsoever without the written permission of Dell Inc is strictly forbidden Trademarks used in this text Dell the DELL logo and PowerConnect are trademarks of Dell Inc Other trademarks and trade names may be used in this document to refer to either the entities claiming the ...

Page 3: ...e Files Commands 30 DHCP Relay Commands 30 Ethernet Configuration Commands 30 GVRP Commands 31 IGMP Snooping Commands 33 IP Addressing 33 IP Routing 34 LACP Commands 35 Line Commands 35 Management ACL Commands 35 Multicast Routing 36 OSPF 36 PHY Diagnostics Commands 38 Port Channel Commands 38 Port Monitor Commands 38 QoS Commands 39 Radius Commands 40 RIP Commands 40 ...

Page 4: ... Commands 45 VLAN Commands 46 VRRP Commands 47 Web Server Commands 47 802 1x Commands 48 2 Using the CLI CLI Command Modes 49 Starting the CLI 53 Editing Features 53 3 AAA Commands aaa authentication login 57 aaa authentication enable 58 login authentication 59 enable authentication 60 ip http authentication 61 ip https authentication 62 password 63 enable password 63 ...

Page 5: ... 69 set username active 69 set line active 70 set enable password active 71 show authentication methods 71 show users accounts 72 show passwords configuration 73 show users login history 75 4 ACL Commands ip access list 77 permit IP 77 deny IP 79 mac access list 80 permit MAC 81 deny MAC 82 service acl 83 show access lists 84 show interfaces access lists 84 ...

Page 6: ...ridge 93 port security 93 port security routed secure address 94 show bridge address table 95 show bridge address table static 96 show bridge multicast address table 97 show bridge multicast filtering 98 show ports security 99 6 Clock clock source 101 clock timezone 101 clock summer time 102 sntp authentication key 103 sntp authenticate 104 sntp trusted key 105 sntp client poll timer 106 sntp broa...

Page 7: ...ay Commands ip dhcp relay enable 115 ip dhcp relay address 115 show ip dhcp relay 116 8 Configuration and Image Files configure 117 copy 117 delete startup config 121 boot system 121 show running config 122 show startup config 123 show backup config 126 show bootvar 127 9 Ethernet Configuration Commands interface ethernet 129 interface range ethernet 129 interface out of band eth 130 ...

Page 8: ...tion 138 show interfaces status 140 show interfaces description 142 show interfaces counters 143 show ports jumbo frame 146 port storm control include multicast 147 port storm control broadcast enable 147 port storm control broadcast rate 148 show ports storm control 149 show interfaces advertise 149 10 GVRP Commands gvrp enable global 151 gvrp enable interface 151 garp timer 152 gvrp vlan creatio...

Page 9: ...ds ip address 159 ip address dhcp 160 ip default gateway 161 show ip interface 161 arp 162 arp timeout 163 ip proxy arp 164 clear arp cache 164 show arp 165 directed broadcast 165 broadcast address 166 ip helper address 167 helper address 168 show ip helper address 169 ip domain lookup 170 ip domain name 170 ip name server 171 ip host 171 clear host 172 clear host dhcp 173 ...

Page 10: ...177 ip igmp snooping leave time out 178 show ip igmp snooping mrouter 178 show ip igmp snooping interface 179 show ip igmp snooping groups 180 13 IP Routing Protocol Independent Commands interface ip 183 ip route 183 key chain 184 key key chain 185 key global 186 key string 186 accept lifetime 188 send lifetime 189 ip maximum paths 190 show ip route 191 show ip protocols 193 show key chains 195 sh...

Page 11: ...ine 201 speed 201 exec timeout 202 show line 203 terminal history 204 terminal history size 204 16 Management ACL management access list 207 permit management 208 deny management 209 management access class 210 show management access list 211 show management access class 211 17 Multicast Routing Commands ip multicast routing 213 ip dvmrp 213 ip dvmrp metric 214 ...

Page 12: ...e 223 show ip dvmrp neighbor 224 show ip dvmrp next hop 226 show ip dvmrp route 227 show ip dvmrp prune 228 show ip igmp interface 229 show ip igmp groups 230 18 OSPF Commands router ospf enable 233 router ospf area 233 router ospf redistribute rip 234 router ospf redistribute static 235 router ospf redistribute connected 236 router ospf area virtual link 236 hello interval 237 dead interval 238 r...

Page 13: ...rval 247 ospf retransmit interval 248 ospf transmit delay 249 router ospf compatible rfc1583 250 ospf authentication 250 clear ip ospf process 251 show ip ospf 252 show ip ospf virtual links 253 show ip ospf database 254 show ip ospf interface 267 show ip ospf neighbor 268 19 PHY Diagnostics Commands test copper port tdr 271 show copper ports tdr 272 show copper ports cable length 272 show fiber p...

Page 14: ...ort monitor vlan tagging 282 show ports monitor 283 22 QoS Commands qos 285 show qos 285 priority queue out num of queues 286 traffic shape 287 qos wrr queue threshold 287 wrr queue bandwidth 288 wrr queue 289 show qos interface 290 qos map dscp queue 294 qos map tcp port queue 295 qos map udp port queue 296 wrr queue cos map 296 show qos map 297 qos trust Global 300 qos trust Interface 301 ...

Page 15: ... class map 306 show class map 307 match 307 policy map 308 show policy map 309 class 310 police 311 police aggregate 312 trust 313 set 314 service policy 314 23 Radius Commands radius server host 317 radius server key 318 radius server retransmit 319 radius server source ip 319 radius server timeout 320 radius server deadtime 320 show radius servers 321 ...

Page 16: ...on 326 rip offset 327 rip default route originate 327 rip default route offset 328 rip authentication 329 show ip rip 330 25 RMON Commands show rmon statistics 333 rmon collection history 335 show rmon collection history 336 show rmon history 337 rmon alarm 340 show rmon alarm table 341 show rmon alarm 342 rmon event 344 show rmon events 345 show rmon log 346 rmon table size 347 ...

Page 17: ...nning tree max age 371 spanning tree priority 372 spanning tree disable 372 spanning tree cost 373 spanning tree port priority 373 spanning tree portfast 374 spanning tree link type 375 spanning tree bpdu 375 clear spanning tree detected protocols 376 show spanning tree 377 spanning tree pathcost method 391 spanning tree mst priority 392 spanning tree mst max hops 393 spanning tree mst port priori...

Page 18: ...port 401 ip ssh server 401 crypto key generate dsa 402 crypto key generate rsa 402 ip ssh pubkey auth 403 crypto key pubkey chain ssh 404 user key 404 key string 405 show ip ssh 406 show crypto key mypubkey 407 show crypto key pubkey chain ssh 408 30 Syslog Commands logging on 411 logging 411 logging console 412 logging buffered 413 logging buffered size 413 ...

Page 19: ...nt logging 417 show logging 418 show logging file 420 show syslog servers 422 31 System Management ping 423 reload 424 clock set 425 hostname 426 asset tag 426 show users 427 show clock 427 show system 428 show version 430 show system id 430 traceroute 431 telnet 434 resume 437 32 TACACS Commands tacacs server host 439 ...

Page 20: ...erface enable 445 disable 445 login 446 exit configuration 446 exit EXEC 447 end 447 help 448 history 448 history size 449 debug mode 450 show history 450 show privilege 451 34 VLAN Commands vlan database 453 vlan 453 interface vlan 454 interface range vlan 454 name 455 switchport mode 456 switchport access vlan 456 ...

Page 21: ...gged only 460 switchport forbidden vlan 461 switchport protected 462 map protocol protocols group 463 switchport general map protocols group vlan 463 show vlan 464 show vlan internal usage 465 show vlan protocols groups 466 show interfaces switchport 467 35 VRRP Commands vrrp ip 469 vrrp up 469 vrrp timer 470 vrrp priority 471 vrrp source ip 472 vrrp authentication 472 vrrp preempt 473 show vrrp c...

Page 22: ...ow ip http 484 show ip https 484 37 802 1x Commands aaa authentication dot1x 487 dot1x system auth control 487 dot1x port control 488 dot1x re authentication 489 dot1x timeout re authperiod 489 dot1x re authenticate 490 dot1x timeout quiet period 491 dot1x timeout tx period 491 dot1x max req 492 dot1x timeout supp timeout 493 dot1x timeout server timeout 494 show dot1x 494 show dot1x users 497 sho...

Page 23: ...Contents 23 dot1x auth not req 500 dot1x multiple hosts 501 dot1x single host violation 501 show dot1x advanced 502 ...

Page 24: ...24 Contents ...

Page 25: ...tion for configuring the PowerConnect switch details the procedures and provides configuration examples Basic installation configuration is described in the User s Guide and must be completed before using this document Command Groups The system commands can be broken down into the functional groups shown below Command Group Description AAA Configures connection security including authorization and...

Page 26: ...e device PHY Diagnostics Diagnoses and displays the interface status Port Channel Configures and displays Port channel information Port Monitor Monitors activity on specific target ports QoS Configures and displays QoS information RADIUS Configures and displays RADIUS information RIP Configures RIP RMON Displays RMON statistics SNMP Configures SNMP communities traps and displays SNMP information S...

Page 27: ...e GC password aging Sets the expiration time for line passwords in the local database LC passwords aging Sets the expiration time for username and enable passwords GC passwords history Sets the number of required password changes before a password in the local database can be reused GC passwords history hold time Sets the time period during which a password is relevant for tracking its password hi...

Page 28: ... traffic if the conditions defined in the permit statement are matched MT service acl Applies an access list to the input of an interface IC show access lists Displays access control lists ACLs defined on the switch PE show interfaces access lists Displays access lists applied on interfaces PE Command Group Description Mode bridge address Adds a static MAC layer station source address to the bridg...

Page 29: ...de clock source Configures an external time source to maintain the system clock GC clock timezone Defines the time zone for display purposes GC clock summer time Configures the system clock to automatically switch to Daylight Savings Time GC sntp authentication key Defines an authentication key for SNTP GC sntp authenticate Set to require authentication for received NTP traffic from servers GC snt...

Page 30: ...iguration file contents PE show backup config Displays the backup configuration file contents PE show bootvar Displays the active system image file that the device loads at startup PE Command Group Description Mode ip dhcp relay enable Enables DHCP relay features on the router GC ip dhcp relay address Defines the DHCP address available for the DHCP relay GC show ip dhcp relay Displays the DHCP rel...

Page 31: ...d interfaces UE show interfaces status Displays the status for all configured interfaces UE show interfaces description Displays the description for all configured interfaces UE show interfaces counters Displays traffic seen by the physical interface UE show ports jumbo frame Displays the jumbo frames configuration UE port storm control include multicast Enables the device to count Multicast packe...

Page 32: ...ll VLANs and prevents dynamic VLAN registration on the port IC clear gvrp statistics Clears all the GVRP statistics information GC show gvrp configuration Displays GVRP configuration information PE show gvrp statistics Displays GVRP statistics PE show gvrp error statistics Displays GVRP error statistics UE ...

Page 33: ...ooping groups Displays Multicast groups learned by IGMP snooping UE Command Group Description Mode ip address Sets an IP address on the device IC ip address dhcp Acquires an IP address on an interface from the DHCP server IC show ip interface Displays the usability status of interfaces configured for IP UE arp Adds a permanent entry in the ARP cache GC arp timeout Configures how long an entry rema...

Page 34: ...nfiguration mode GC ip route Establishes static IP routes on the device GC key chain Defines authentication key group for routing protocols GC key key chain Defines an authentication key on a key chain KC key global Creates an authentication key on the device GC key string Specifies an authentication string for a key KE accept lifetime Sets the time period during which the authentication key on a ...

Page 35: ... the line baud rate LC exec timeout Configures the interval that the system waits until user input is detected LC terminal history Enables the command history function for the current terminal session UE terminal history size Defines the command history buffer size for the current terminal session UE show line Displays line parameters UE Command Group Description Mode management access list Define...

Page 36: ...C show ip mroute Displays the IP Multicast routing table contents UE show ip mroute next hop Displays IP Multicast routing next hop information UE show ip dvmrp interface Displays DVMRP interface information UE show ip dvmrp neighbor Displays DVMRP neighbor information on a per interface basis UE show ip dvmrp next hop Displays DVMRP next hop information on a per interface basis UE show ip dvmrp r...

Page 37: ... ospf area default cost Specifies a cost for the default summary route sent into a stub area GC ospf Creates OSPF routing process on an interface IC ospf enable Activates OSPF on an interface IC ospf area Defines an interface area ID IC ospf cost Specifies the cost of sending a packet on an interface IC ospf priority Sets the router priority which determines the designated router for the network I...

Page 38: ...Time Domain Reflectometry tests on specified ports PE show copper ports cable length Displays the estimated copper cable length attached to a port PE show fiber ports optical transceiver Displays the optical transceiver diagnostics PE Command Group Description Mode interface port channel Enters the interface configuration mode of a specific port channel GC interface range port channel Enters the i...

Page 39: ...lues to select one of the egress queues GC show qos map Displays all the QoS maps PE qos trust Global Configures the system to basic mode and the trust state GC qos trust Interface Enables each port trust state while the system is in basic mode IC qos cos Configures the default port CoS value IC qos dscp mutation Modifies the DSCP to DSCP mutation map GC qos map dscp mutation Modifies the DSCP val...

Page 40: ...mes the software searches the list of RADIUS server hosts GC radius server source ip Specifies the source IP address used for communication with RADIUS servers GC radius server timeout Sets the interval for which a router waits for a server host to reply GC radius server deadtime Improves RADIUS response times when servers are unavailable GC show radius servers Displays the RADIUS server settings ...

Page 41: ...E rmon alarm Configures alarm conditions GC show rmon alarm table Displays the alarms summary table UE show rmon alarm Displays alarm configurations UE rmon event Configures a RMON event GC show rmon events Displays the RMON event table UE show rmon log Displays the RMON logging table UE rmon table size Configures the maximum RMON tables sizes GC Command Group Description Mode snmp server communit...

Page 42: ...roup Description Mode spanning tree Enables spanning tree functionality GC spanning tree mode Configures the spanning tree protocol GC spanning tree forward time Configures the spanning tree bridge forward time GC spanning tree hello time Configures the spanning tree bridge Hello Time GC spanning tree max age Configures the spanning tree bridge maximum age GC spanning tree priority Configures the ...

Page 43: ... mode and applies configuration changes MC abort mst Exits the MST configuration mode without applying configuration changes MC show spanning tree Displays spanning tree configuration PE Command Group Description Mode ip ssh port Specifies the port to be used by the SSH server GC ip ssh server Enables the device to be configured from a SSH server GC crypto key generate dsa Generates DSA key pairs ...

Page 44: ... file system logging Enables logging file system events GC management logging Enables logging management access list ACL events GC show logging Displays the state of logging and the syslog messages stored in the internal buffer PE show logging file Displays the state of logging and the syslog messages stored in the logging file PE show syslog servers Displays the syslog servers settings PE Command...

Page 45: ...for a server host to reply GC show tacacs Displays TACACS server settings and statistics PE Command Group Description Mode enable Enters the privileged EXEC mode UE disable Returns to User EXEC mode PE login Changes a login username UE exit configuration Exits any configuration mode to the previously highest mode in the CLI mode hierarchy All exit EXEC Closes an active terminal session by logging ...

Page 46: ...n Adds or removes VLANs from a general port IC switchport general pvid Configures the PVID when the interface is in general mode IC switchport general ingress filtering disable Disables port ingress filtering IC switchport general acceptable frame type tagged only Discards untagged frames at ingress IC switchport forbidden vlan Forbids adding specific VLANs to a port IC switchport protected Overri...

Page 47: ...ys VRRP status PE Command Group Description Mode ip http port Specifies the TCP port for use by a web browser to configure the device GC ip http server Enables the device to be configured from a browser GC ip https port Configures a TCP port for use by a secure web browser to configure the device GC ip https server Enables the device to be configured from a secured browser GC crypto certificate ge...

Page 48: ... dot1x max req Sets the maximum number of times the device sends an EAP request frame to the client before restarting the authentication process IC dot1x timeout supp timeout Sets the number of seconds the device waits for a response to an EAP request frame from the client before retransmitting the request IC dot1x timeout server timeout Sets the number of seconds the device waits for a response f...

Page 49: ...sole Global ConfigurationMode Prompt console config Layer2 Layer 3 Management Interface OOB Ethernet Prompt console config oob Interface IP Prompt console config ip OSPF Virtual Link Prompt console config ip Interface Ethernet Prompt console config if Interface VLAN Prompt console config if Interface Port Channel Prompt console config if Interface Range Ethernet Prompt console config if Interface ...

Page 50: ...mmand mode unless the user is defined as a privileged user In general the User EXEC commands allow the user to perform basic tests and list system information The user level prompt consists of the device host name followed by the angle bracket The default host name is Console unless it has been changed using the hostname command in the Global Configuration mode Privileged EXEC Mode Because many of...

Page 51: ...ust a specific interface The Privileged EXEC mode command configure is used to enter the Global Configuration mode The Global Configuration mode commands perform the following 1 At the Privileged EXEC mode prompt enter the command configure and press Enter The Global Configuration mode prompt is displayed The Global Configuration mode prompt consists of the device host name followed by the word co...

Page 52: ...ace ethernet enters the Interface Configuration mode to configure an Ethernet type interface Port Channel Contains commands to configure port channels for example assigning ports to a VLAN or port channel Most of these commands are the same as the commands in the Ethernet interface mode and are used to manage the member ports as a single entity The Global Configuration mode command interface port ...

Page 53: ...s entered into and the prompt Console is displayed 2 Configure the device and enter the necessary commands to complete the required tasks 3 When finished exit the session with the quit or exit command When a different user is required to log onto the system in the Privileged EXEC Command mode the login command is entered This effectively logs off the current user and logs on the new user Editing F...

Page 54: ...eatures are described Terminal Command Buffer Command Completion Keyboard Shortcuts Terminal Command Buffer Every time a command is entered in the CLI it is recorded on an internally managed Command History buffer Commands are stored in the buffer which is maintained on a First In First Out FIFO basis These commands can be recalled reviewed modified and reissued This buffer is not preserved across...

Page 55: ...f a parameter must be added the parameter can be added to the basic command already displayed next to the cursor The following example indicated that the command interface ethernet requires the parameter port num Keyboard Shortcuts The CLI has a range of keyboard shortcuts to assist in editing the CLI commands The following table describes the CLI shortcuts config interface ethernet missing mandat...

Page 56: ...ff means that for the flowcontrol command either auto on or off must be selected Italic font Indicates a parameter Enter Any individual key on the keyboard For example click Enter Ctrl F4 Any combination keys pressed simultaneously on the keyboard Screen Display Indicates system messages and prompts appearing on the console all When a parameter is required to define a range of ports or parameters ...

Page 57: ...st one from the following table Default Configuration The local user database is checked This has the same effect as the command aaa authentication login list name local NOTE On the console login succeeds without any authentication check if the authentication method is not defined Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authen...

Page 58: ...ess will never require Radius authentication Example The following example configures authentication login aaa authentication enable The aaa authentication enable global configuration command defines authentication method lists for accessing higher privilege levels To return to the default configuration use the no form of this command Syntax aaa authentication enable default list name method1 meth...

Page 59: ... not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Spaces cannot be used in the string which defines the list name NOTE Make sure that the given sequence of authentication methods is sensible For example a sequence where Radius follows None is not sensible because None requires no authentication and t...

Page 60: ... authentication method for a remote Telnet or console enable authentication The enable authentication line configuration command specifies the authentication method list when accessing a higher privilege level from a remote telnet or console To return to the default specified by the enable authentication command use the no form of this command Syntax enable authentication default list name no enab...

Page 61: ...l Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line NOTE Make sure that the given sequence of authentication methods is sensible For example a sequence ...

Page 62: ... of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line NOTE Make sure that the given sequence of authentication methods is sensible For example a sequence where Radius follows None is not sensible because None requires no authenticati...

Page 63: ...d is specified on a line the required password length is 32 characters Example The following example specifies a password dell on a line enable password The enable password global configuration command sets a local password to control access to normal and privilege levels To remove the password requirement use the no form of this command Syntax enable password level level password encrypted no ena...

Page 64: ...ername based authentication system To remove a user name use the no form of this command Syntax username name password password privilege level encrypted no username name The name of the user password The authentication password for the user from 1 to 159 characters in length level The user level Range 1 15 encrypted Encrypted password entered copied from another device configuration Default Confi...

Page 65: ...sword length requirement use the no form of this command Syntax passwords min length length no passwords min length length The mimimum length required for passwords Range 8 64 Default Configuration No minimum password length Command Mode Global Configuration mode User Guidelines Relevant to local user passwords line passwords and enable passwords The software checks the password length when an une...

Page 66: ... before the password expiration date the user receives a warning to change the password within n days These warnings continue until the password expiration date After the password expiration date the user receives three chances to log in and change the password If the user still does not change the password the account is locked Example The following example configures password aging to 120 days p...

Page 67: ...n date After the password expiration date the user receives three chances to log in and change the password If the user still does not change the password the account is locked Example The following example configures the password expiration time of username bob to 120 days passwords history The passwords history global configuration command configures the number of required password changes befor...

Page 68: ...ines the same password Passwords are aged out based on the initial time definitions for the original username password Example The following example configures the required number of password changes before a password can be reused to 3 passwords history hold time The passwords history hold time global configuration command configures the number of days a password is relevant for tracking its pass...

Page 69: ...gin history file global configuration command enables writing to the login history file To disable writing to the file use the no form of this command Syntax aaa login history file no aaa login history file Default Configuration Writing to the login history file is enabled Command Mode Global Configuration mode User Guidelines The login history is also saved in the internal buffer of the device Ex...

Page 70: ...EXEC command reactivates a locked line Syntax set line console telnet ssh active console Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The f...

Page 71: ...e User Guidelines There are no user guidelines for this command Example The following example reactivates a locked local level 15 password show authentication methods The authentication methods privileged EXEC command displays information about the authentication methods Syntax show authentication methods Default Configuration This command has no default configuration Command Mode Privileged EXEC ...

Page 72: ...EC command displays information about the local user database Syntax show users accounts Console show authentication methods Login Authentication Method Lists Console_Default None Network_Default Local Enable Authentication Method Lists Default Enable admin Enable Line Login Method List Enable Method List Console Default Default Telnet Default Default SSH Default Default http None https None ...

Page 73: ...displays information about password management Syntax show passwords configuration Console show users accounts Username Privilege Password Aging Password Expiry date Lockout Bob 15 0 Robert 15 30 Jan 18 2005 1 Smith 15 30 Jan 19 2005 LOCKOUT Field Description Username Name of the user Privilege User s privilege level Password Aging User s password expiration time in days Password Expiry Date Expir...

Page 74: ...command Example The following example displays information about password management in the local database Console show passwords configuration Minimal length 8 History 10 History hold time 365 days Lock out control Disabled Enable Passwords Level Aging Expiry date Lockout 1 90 Jan 18 2005 1 15 90 Jan 18 2005 0 Line Passwords Level Aging Expiry date Lockout Console Telnet 90 Jan 18 2005 LOCKOUT SS...

Page 75: ...local database History Number of required passwords changes before a password in the local database can be reused History hold time Period of time that a password is relevant for tracking password history Lockout control Control locking a user account after a series of authentication failures Enable passwords Describes the configuration and status of a local password with a specific level Aging Pa...

Page 76: ...users Console show users login history Login Time Username Protocol Location Jan 18 2005 23 58 17 Robert HTTP 172 16 1 8 Jan 19 2005 07 59 23 Robert HTTP 172 16 0 8 Jan 19 2005 08 23 48 Bob Serial Jan 19 2005 08 29 29 Robert HTTP 172 16 0 8 Jan 19 2005 08 42 31 John SSH 172 16 0 1 Jan 19 2005 08 49 52 Betty Telnet 172 16 1 7 ...

Page 77: ... Configuration mode User Guidelines ACLs on the system perform both access control and Layer 3 field classification To define Layer 3 fields access lists the ip access list command should be used ACLs cannot be removed when they are assigned to an interface using service acl command The ip access list command enters the IP access list configuration mode Example The following example creates an ACL...

Page 78: ...destination destination wildcard IP address and wildcard for host to which the packet is sent Specify the IP address as 0 0 0 0 and mask as 255 255 255 255 protocol The name or the number of an IP protocol Use to see list of available protocols icmp igmp ip tcp egp igp udp hmp rdp idpr ipv6 ipv6 route ipv6 frag idrp rsvp gre esp ah ipv6 icmp eigrp ospf ipip pim l2tp isis use any for all protocols ...

Page 79: ...stination mask any destination port dscp dscp number ip precedence ip precedence disable port If the statement is deny then the port is disabled Source IP address can be one of the following any Packets received from any IP address source source wildcard IP address and wildcard for host from which the packet is sent Specify the IP address as 0 0 0 0 and mask as 255 255 255 255 Destination IP addre...

Page 80: ...mits all packets NOTE Using any specifies that all IP protocols are denied The deny any does not imply that other protocols running over IP for example TCP UDP etc are denied Example The following example configures an ACL called Dell to deny any IP traffic to address 192 1 1 10 and mask 0 0 0 255 mac access list The mac access list global configuration command creates Layer 2 MAC ACLs and enters ...

Page 81: ... any host source source wildcard any destination destination wildcard vlan vlan id Source MAC address can be one of the following any Packets received from any MAC address source source wildcard MAC address and wildcard for host from which the packet is sent Specify the MAC address and wildcard using hexadecimal format HH HH HH HH HH HH or XXXX XXXX XXXX Destination MAC address can be one of the f...

Page 82: ...yntax deny disable port any source source wildcard any destination destination wildcard vlan vlan id disable port If the statement is deny then the port is disabled Source MAC address can be one of the following any Packets received from any MAC address source source wildcard MAC address and wildcard for host from which the packet is sent Specify the MAC address and wildcard using hexadecimal form...

Page 83: ...form of this command Syntax service acl input acl name no service acl input input acl name Apply the specified ACL to the input interface Default Configuration This command has no default configuration Command Mode Interface Configuration mode User Guidelines Whenever an ACL is assigned to an interface port LAG or VLAN flows from that ingress interface that do not match the ACL are matched to the ...

Page 84: ...ation This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays an ACL configured on the device show interfaces access lists The show interfaces access lists privileged EXEC command displays access lists applied on interfaces Console show access lists IP access list one permit ip...

Page 85: ...number port channel number port channel index Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays an ACL configured on the device Console show interfaces access lists ethernet g1 Interface Input ACL g1 one ...

Page 86: ...86 ACL Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 87: ...bridge address mac address mac address A valid MAC address interface A valid Ethernet port port channel number A valid port channel number permanent The address can only deleted by the no bridge address command delete on reset The address is deleted after reset delete on timeout The address is deleted after age out time has expired secure The address is deleted after the port changes mode to unloc...

Page 88: ...N Command Mode Global Configuration mode User Guidelines If Multicast routers exist on the VLAN and IGMP snooping is not enabled the bridge multicast forward all command should be used to enable forwarding all Multicast packets to the Multicast routers Example In this example bridge Multicast filtering is enabled bridge multicast address The bridge multicast address interface configuration command...

Page 89: ... no spaces a hyphen is used to designate a range of ports Default Configuration No Multicast addresses are defined Command Mode Interface configuration VLAN mode User Guidelines If the command is executed without add or remove the command only registers the group in the bridge database Static Multicast addresses can only be defined on static VLANs Examples The following example registers the MAC a...

Page 90: ...omma and no spaces a hyphen is used to designate a range of port channels Default Configuration No forbidden addresses are defined Command Modes Interface Configuration VLAN mode User Guidelines Before defining forbidden ports the Multicast group should be registered Examples In this example the MAC address 0100 5e02 0203 is forbidden on port g9 within VLAN 8 bridge multicast forward all The bridg...

Page 91: ...orbidden forward all The bridge multicast forbidden forward all interface configuration command forbids a port to be a forward all Multicast port To restore the default use the no form of the bridge multicast forward all command Syntax bridge multicast forbidden forward all add remove ethernet interface list port channel port channel number list no bridge multicast forward all add Forbids forwardi...

Page 92: ...is example forwarding all Multicast packets to g6 are forbidden bridge aging time The bridge aging time global configuration command sets the address table aging time To restore the default use the no form of the bridge aging time command Syntax bridge aging time seconds no bridge aging time seconds Time is number of seconds Range 10 630 seconds Default Configuration 300 seconds Command Mode Globa...

Page 93: ...mmand locks the port By locking the port new addresses are not learned on the port To enable new address learning use the no form of the port security command Syntax port security forward discard discard shutdown trap seconds no port security forward Forwards frames with unlearned source addresses but does not learn the address discard Discards frames with unlearned source addresses This is the de...

Page 94: ...t Use the no form of this command to delete the MAC addresses Syntax port security routed secure address mac address no port security routed secure address mac address mac address Specify a MAC address Default Configuration No addresses are defined Command Mode Interface configuration Ethernet port channel Cannot be configured for a range of interfaces range context User Guidelines The command ena...

Page 95: ... address table vlan vlan ethernet interface port channel port channel number vlan Specific valid VLAN such as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console config interface ethernet g1 Consol...

Page 96: ...show bridge address table static vlan vlan ethernet interface port channel port channel number vlan Specific valid VLAN such as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console show bridge addre...

Page 97: ... ip mac vlan_id A VLAN ID value mac multicast address A MAC Multicast address ip multicast address An IP Multicast address format Multicast address format Can be ip or mac If format is unspecified the default is mac Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console show bridge addr...

Page 98: ...w bridge multicast filtering vlan id vlan_id A valid VLAN ID value Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console show bridge multicast address table Vlan MAC address Type Ports 1 01 00 5e 02 02 03 staticg1 g2 19 01 00 5e 02 02 08 static g1 8 19 01 00 5e 02 02 08 dynamicg 9 11 F...

Page 99: ...t interface port channel port channel number interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console show bridge multicast filtering 1 Filtering Enabled VLAN 1 Port Forward All Static Status g1 Forbidden Filt...

Page 100: ... port lock status are displayed Console show ports security Port Status Action Trap Frequency Counter g1 Unlocked g2 Unlocked g3 Unlocked g4 Unlocked g5 Unlocked g6 Unlocked g7 Unlocked g8 Unlocked g9 Unlocked g22 Unlocked g23 Unlocked g24 Unlocked ch1 ch2 Unlocked ch3 Unlocked ch4 Unlocked ch5 Unlocked ch6 Unlocked ch7 Unlocked ...

Page 101: ...imple Network Time Protocol STNP Examples The following example configures an external time source for the system clock clock timezone The clock timezone global configuration command sets the time zone for display purposes To set the time to the Coordinated Universal Time UTC use the no form of this command Syntax clock timezone hours offset minutes minutes offset zone acronym no clock timezone ho...

Page 102: ...date month year hh mm date month year hh mm offset offset zone acronym clock summer time date month date year hh mm month date year hh mm offset offset zone acronym no clock summer time recurring recurring Indicates that summer time should start and end on the corresponding specified days every year date Indicates that summer time should start on the first specific date listed in the command and e...

Page 103: ...e to summer time If the starting month is chronologically after the ending month the system assumes that you are in the southern hemisphere USA rule for daylight saving time Start First Sunday in April End Last Sunday in October Time 2 am local time EU rule for daylight saving time Start Last Sunday in March End Last Sunday in October Time 1 00 am 01 00 Example The following example sets summer ti...

Page 104: ...ollowing example defines the authentication key for SNTP sntp authenticate The sntp authenticate global configuration command grants authentication for received Simple Network Time Protocol SNTP traffic from servers To disable the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User...

Page 105: ... Syntax sntp trusted key key number no sntp trusted key key number key number Key number of authentication key to be trusted Range 1 4294967295 Default Configuration No keys are trusted Command Mode Global Configuration mode User Guidelines This command is relevant for both received Unicast and Broadcast Examples The following example authenticates key 8 Console config sntp authentication key 8 md...

Page 106: ...and Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example sets the polling time for the Simple Network Time Protocol SNTP client to 120 seconds sntp broadcast client enable The sntp broadcast client enable global configuration command enables Simple Network Time Protocol SNTP Broadcast clients To disable SNTP Broadcast clients u...

Page 107: ...Default Configuration SNTP Anycast clients are disabled Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer global configuration command Use the sntp client enable interface configuration command to enable SNTP clients on a specific interface Examples The following example enables Anycast clients sntp client enable The sntp client enable ...

Page 108: ...able Anycast clients globally Examples The following example enables SNTP Broadcast and Anycast clients on the interface sntp unicast client enable The sntp unicast client enable global configuration command enables clients to use Simple Network Time Protocol SNTP predefined Unicast clients To disable SNTP Unicast clients use the no form of this command Syntax sntp unicast client enable no sntp un...

Page 109: ...rmined by the sntp client poll timer global configuration command Examples The following example enables polling for the Simple Network Time Protocol SNTP predefined unicast clients sntp server The sntp server global configuration command configures the device to use Simple Network Time Protocol SNTP to request and accept Simple Network Time Protocol SNTP traffic from a specified server To remove ...

Page 110: ...ld also use the sntp unicast client poll global configuration command Polling time is determined by the sntp client poll timer global configuration command To define an SNTP server on the out of band port use the out of band IP address format oob ip address Examples The following example configures the device to accept Simple Network Time Protocol SNTP traffic from the server on 192 1 1 1 show clo...

Page 111: ...tive blank Time is authoritative Time is authoritative but SNTP is not synchronized Console show clock 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP Console show clock detail 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP Time zone Acronym is PST Offset is UTC 8 Summertime Acronym is PDT Recurring every year Begins at first Sunday of April at 2 00 Ends at last Sunday of October at 2 00 Of...

Page 112: ...leged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the current SNTP configuration of the device Console show sntp configuration Polling interval 180 seconds No MD5 Authentication keys Authentication is not required for synchronization No trusted keys Unicast Clients Polling Disabled Server Polling Encryption Key 42 52 3 123 Disable...

Page 113: ... The following example shows the status of the SNTP Server Polling Encryption Key 10 1 1 91 Enabled 9 Broadcast Clients Enabled Anycast Clients Enabled Broadcast and Anycast Interfaces g1 g3 Console show sntp status Clock is synchronized stratum 4 reference is 176 1 1 8 unicast Reference time is AFE2525E 70597B34 00 10 22 438 PDT Jul 5 1993 Unicast servers Server Status Last response Offset mSec D...

Page 114: ...ffset mSec Delay mSec 176 1 1 8 Unknown 19 19 51 198 PDT Feb 19 2005 2 98 129 19 Anycast server Server Interface Status Last response Offset Delay mSec mSec 176 1 11 8 VLAN 118 Up 9 53 21 789 PDT Feb 19 2005 7 19 119 89 Broadcast Server Interface Last response 176 9 1 1 VLAN 119 19 17 59 792 PDT Feb 19 2005 ...

Page 115: ...obal Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables DHCP services on the DHCP Server ip dhcp relay address The ip dhcp relay address global configuration command defines the DHCP servers available for the DHCP relay To remove a server from the available DHCP servers list use the no form of this command Syntax ip dhcp relay add...

Page 116: ...DHCP address show ip dhcp relay The show ip dhcp relay privileged EXEC command displays the defined DHCP relay server addresses available for DHCP relay Syntax show ip dhcp relay Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays DHCP relay server addr...

Page 117: ...d has no default configuration Example In the following example because no keyword is entered a prompt is displayed After the keyword is selected a message confirming the command entry method is displayed copy The copy privileged EXEC command copies files from a source to a destination Syntax copy source url destination url source url The source file location URL or reserved keyword being copied d...

Page 118: ...e The image is executable code which is decompressed during system startup into the switching and routing software that manages the device There are always two images stored in the device flash known as image 1 and image 2 The images do not necessarily have to contain the same versions of the software One of these images is always marked as active and the other image serves as a back up The active...

Page 119: ...figuration as if the commands were typed in the command line interface CLI The resulting configuration file is a combination of the previous running configuration and the loaded configuration file with the loaded configuration file having precedence Copying a Configuration File from a Server to the Startup Configuration Use the copy source url startup config command to copy a configuration file fr...

Page 120: ...he running configuration to the backup configuration file Use the copy startup config backup config command to backup the startup configuration to the backup configuration file Specifying out of band addresses To copy from to a server on the out of band port use the out of band P address format oob ip address Example The following example copies a system image named file1 from the TFTP server with...

Page 121: ...tup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example deletes the startup config file boot system The boot system privileged EXEC command specifies the system image that the device loads at startup Router copy tftp oob 172 16 1 1 file1 startup config A...

Page 122: ...owing example loads system image 1 for the next device startup show running config The show running config privileged EXEC command displays the contents of the currently running configuration file Syntax show running config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The print out is sorted by feature Information about the confi...

Page 123: ...show startup config Default Configuration This command has no default configuration Console show running config Router Configuration no spanning tree interface ethernet g1 ip address 16 1 1 3 255 0 0 0 exit radius server host 16 1 1 200 auth port 1812 key da aaa authentication enable 12 radius aaa authentication login 123 radius line telnet login authentication 123 enable authentication 12 exit OO...

Page 124: ... command Examples The following example displays the contents of the startup config file Console show startup config Router Configuration Empty configuration OOB host Configuration Empty configuration _____________________________ Default settings _____________________________ Router Configuration Service tag 12345678 SW version 1 3 0 18 date 27 Dec 2004 time 19 00 32 ...

Page 125: ...gabit Ethernet Ports no shutdown speed 1000 duplex full negotiation flow control off mdix auto no back pressure interface vlan 1 interface port channel 1 7 no router RIP no router OSPF enable spanning tree spanning tree mode STP qos basic ...

Page 126: ...ackup configuration file contents Syntax show backup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command OOB host Configuration interface out of band eth no shutdown speed 100 duplex full negotiation flow control off mdix auto no back pressure exit ...

Page 127: ...nfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the active system image file that the device loads at startup Console show backup config no spanning tree interface ethernet g12 ip address 12 1 1 1 255 0 0 0 exit Console show bootvar Images currently availabl...

Page 128: ...128 Configuration and Image Files w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 129: ...e are no user guidelines for this command Example The following example enables ports g18 for configuration interface range ethernet The interface range ethernet global configuration command enters the interface configuration mode to configure multiple Ethernet type interfaces Syntax interface range ethernet port range all port range List of valid ports to add Separate non consecutive ports with a...

Page 130: ...e out of band eth The interface out of band eth global configuration command configures the Out of Band Ethernet port and enter interface configuration mode interface out of band eth interface interface Interface number If unspecified defaults to 1 Default Configuration The interface is enabled Command Mode Global Configuration mode User Guidelines The following commands are available on interface...

Page 131: ...for this command Examples The following example disables Ethernet g5 The following example re enables ethernet port 5 description The description interface configuration command adds a description to an interface To remove the description use the no form of this command Syntax description string no description string Comment or a description of the port up to 64 characters Default Configuration By...

Page 132: ...he default use the no form of this command Syntax speed 10 100 1000 no speed 10 Configures the port to 10 Mbps 100 Configures the port to 100 Mbps 1000 Configures the port to 1000 Mbps Default Configuration Maximum port capability Command Mode Interface Configuration Ethernet port channel Out of Band Ethernet mode User Guidelines The command no speed in port channel context returns each port in th...

Page 133: ... Force full duplex operation Default Configuration The interface is set to full duplex Command Mode Interface Configuration Ethernet Out of Band Ethernet mode User Guidelines Before attempting to force a particular duplex mode on the port operating at 10 100 Mbps disable the auto negotiation on that port Half duplex mode can be set only for ports operating at 10 Mbps or 100 Mbps Example The follow...

Page 134: ...t channel Out of Band Ethernet mode User Guidelines Turning off auto negotiation on an aggregate link may under some circumstances make it non operational If the other side has auto negotiation turned on it may re synchronize all members of the aggregated link to half duplex operation and may as per the standards set them all inactive Example The following example enables autonegotiation with all ...

Page 135: ...use auto negotiation the other side of the link must also be configured to not use auto negotiation To select auto ensure negotiation for Flow Control is enabled Example In the following example Flow Control is enabled on g5 mdix The mdix interface configuration command enables automatic crossover on a given interface To disable automatic crossover use the no form of this command Syntax mdix on au...

Page 136: ...abled Command Mode Interface Configuration Ethernet port channel mode User Guidelines Back Pressure will operate only if duplex mode is set to half Example In the following example Back Pressure is enabled on g5 port jumbo frame The port jumbo frame global configuration command enables jumbo frames for the device To disable jumbo frames use the no form of this command Syntax port jumbo frame no po...

Page 137: ...et port port channel number Valid port channel trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example In the following example the counters for interface g1 are cleared set interface active The set interface active privileged EXEC mode command reactivates an interface that was sus...

Page 138: ...aces configuration The show interfaces configuration Privilege EXEC mode command displays the configuration for all configured interfaces Syntax show interfaces configuration ethernet interface port channel port channel number oob eth oob interface interface Valid Ethernet port port channel number Valid port channel trunk index oob interface Out of Band Ethernet port number Default Configuration T...

Page 139: ...G Copper Full 1000 Enabled Off Up Disabled Auto g6 1G Copper Full 1000 Enabled Off Up Disabled Auto g7 1G Copper Full 1000 Enabled Off Up Disabled Auto g22 1G Combo C Full 1000 Enabled Off Up Disabled Auto g23 1G Combo C Full 1000 Enabled Off Up Disabled Auto g24 1G Combo C Full 1000 Enabled Off Up Disabled Auto Flow Admin Back Ch Type Speed Neg control State Pressure ch1 Enabled Off Up Disabled c...

Page 140: ...ck Pressure status MDIX Mode Displays the Auto crossover status Admin State Displays whether the port is enabled or disabled show interfaces status The show interfaces status user EXEC command displays the status for all configured interfaces Syntax show interfaces status ethernet interface port channel port channel number oob eth oob interface interface A valid Ethernet port port channel number A...

Page 141: ... Copper Down g5 1G Copper Down g6 1G Copper Down g7 1G Copper Down g8 1G Copper Down g22 1G Combo C Down g23 1G Combo C Down g24 1G Combo C Down Flow Link Back Ch Type Duplex Speed Neg control State Pressure ch1 Not Present ch2 Not Present ch3 Not Present ch4 Not Present ch5 Not Present ch6 Not Present ch7 Not Present Link Oob eth Type Duplex Speed Neg State Oob eth 1 100M Copper Full 100 Enabled ...

Page 142: ...gotiation status Flow Control Displays the Flow Control status Back Pressure Displays the Back Pressure status Link State Displays the Link Aggregation status show interfaces description The show interfaces description user EXEC command displays the description for all configured interfaces Syntax show interfaces description ethernet interface port channel port channel number oob eth oob interface...

Page 143: ...al interface Syntax show interfaces counters ethernet interface port channel port channel number interface A valid Ethernet port port channel number A valid port channel index Default Configuration This command has no default configuration Command Modes Privilege EXEC mode User Guidelines There are no user guidelines for this command Console show interfaces description ethernet g1 Port Description...

Page 144: ...stPkts InMcastPkts InBcastPkts g1 0 0 0 0 g2 0 0 0 0 g3 0 0 0 0 g4 0 0 0 0 g23 0 0 0 0 g24 0 0 0 0 Port OutOctets OutUcastPkts OutMcastPkts OutBcastPkts g1 0 0 0 0 g2 0 0 0 0 g3 0 0 0 0 g4 0 0 0 0 g23 0 0 0 0 g24 0 0 0 0 Ch InOctets InUcastPkts InMcastPkts InBcastPkts ch1 0 0 0 0 ch2 0 0 0 0 ch3 0 0 0 0 ch7 0 0 0 0 Ch OutOctets OutUcastPkts OutMcastPkts OutBcastPkts ch1 0 0 0 0 ch2 0 0 0 0 ch3 0 0...

Page 145: ...rnal MAC Tx Errors 0 Oversize Packets 0 Internal MAC Rx Errors 0 Received Pause Frames 0 Transmitted Pause Frames 0 Field Description InOctets Counted received octets InUcastPkts Counted received Unicast packets InMcastPkts Counted received Multicast packets InBcastPkts Counted received Broadcast packets OutOctets Counted transmitted octets OutUcastPkts Counted transmitted Unicast packets OutMcast...

Page 146: ...ision is detected later than one slotTime into the transmission of a packet Excessive Collisions Counted frames for which transmission fails due to excessive collisions Internal MAC Tx Errors Counted frames for which transmission fails due to an internal MAC sublayer transmit error Oversize Packets Counted frames received that exceed the maximum permitted frame size Internal MAC Rx Errors Counted ...

Page 147: ...User Guidelines To control multicasts storms use the commands port storm control broadcast enable and port storm control broadcast rate Example The following example enables the counting of Multicast packets port storm control broadcast enable The port storm control broadcast enable interface configuration command enables Broadcast storm control To disable Broadcast storm control use the no form o...

Page 148: ...rm control broadcast rate rate no port storm control broadcast rate rate Maximum of kilobytes per second of Broadcast and Multicast traffic on a port Rate 0 1000000 Default Configuration The default storm control Broadcast rate is 12000 Command Mode Interface Configuration Ethernet User Guidelines Use the port storm control broadcast enable interface configuration command to enable Broadcast storm...

Page 149: ...ser Guidelines There are no user guidelines for this command Example The following example displays the storm control configuration show interfaces advertise The show interfaces advertise privileged EXEC command displays information about auto negotiation advertisement Syntax show interfaces advertise ethernet interface port channel port channel number interface A valid Ethernet port port channel ...

Page 150: ...on about auto negoiation advertisement Console show interfaces advertise Port Type Neg Operational Link Advertisement g1 1G Copper Enable 1000f 100f 100h 10f 10h g2 1G Copper Enable 1000f Console show interfaces advertise ethernet g1 Port Ethernet g1 Type 1G Copper Link state Up Auto negotiation enabled 10h 10f 100h 100f 1000f Admin Local Link Advertisement Oper Local Link Advertisement yes yes ye...

Page 151: ...o disable GVRP globally on the switch use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example globally enables GVRP on the device gvrp enable interface The gvrp enable interface configuration command enables GVR...

Page 152: ...imer join Indicates the time in milliseconds that PDUs are transmitted Range 10 2147483640 leave Indicates the amount of time in milliseconds that the device waits before leaving its GARP state The Leave Time is activated by a Leave All Time message sent received and cancelled by the Join message Range 10 2147483640 leaveall Used to confirm the port within the VLAN The time in milliseconds between...

Page 153: ...ple The following example sets the leave timer for port g8 to 900 milliseconds gvrp vlan creation forbid The gvrp vlan creation forbid interface configuration command enables or disables dynamic VLAN creation To disable dynamic VLAN creation use the no form of this command Syntax gvrp vlan creation forbid no gvrp vlan creation forbid Default Configuration By default dynamic VLAN creation is enable...

Page 154: ...N on the port is allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example shows how default dynamic registering and deregistering is forbidden for each VLAN on port g8 clear gvrp statistics The clear gvrp statistics privileged EXEC command clears all the GVRP statistics information Syntax cle...

Page 155: ...ormation including timer values whether GVRP and dynamic VLAN creation is enabled and which ports are running GVRP Syntax show gvrp configuration ethernet interface port channel port channel number interface A valid Ethernet interface port channel number A valid port channel trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines Ther...

Page 156: ...ty Received rLA Leave All Received sJE Join Empty Sent sJIn Join In Sent sEmp Empty Sent sLIn Leave In Sent sLE Leave Empty Sent sLA Leave All Sent Port rJE rJIn rEmp rLIn rLE rLA sJE sJIn sEmp sLIn sLE sLA g1 0 0 0 0 0 0 0 0 0 0 0 0 g2 0 0 0 0 0 0 0 0 0 0 0 0 g3 0 0 0 0 0 0 0 0 0 0 0 0 g4 0 0 0 0 0 0 0 0 0 0 0 0 g5 0 0 0 0 0 0 0 0 0 0 0 0 g6 0 0 0 0 0 0 0 0 0 0 0 0 g7 0 0 0 0 0 0 0 0 0 0 0 0 g8 0...

Page 157: ... configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command show gvrp error statistics The show gvrp error statistics user EXEC command displays GVRP error statistics Console show gvrp configuration GVRP Feature is currently enabled on the switch Maximum VLANs 256 Maximum VLANs after reset 256 Port GVRP Status Regist ration Dynamic VLAN Timers milli sec...

Page 158: ...ion This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays GVRP statistics information Console show gvrp error statistics GVRP Error Statistics Legend INVPROT Invalid Protocol Id INVATYP Invalid Attribute Type INVALEN Invalid Attribute Length INVAVAL Invalid Attribute Value INVEVENT ...

Page 159: ...guration No IP address is defined for interfaces Command Mode Interface configuration Ethernet VLAN port channel out of band Ethernet User Guidelines Each part of an IP address must start with a number other than zero For example IP address 131 108 1 27 is valid whereas IP addresses 001 100 192 6 and 192 001 10 3 are invalid An IP address cannot be configured for a range of interfaces range contex...

Page 160: ... interface to dynamically learn its IP address by using the DHCP protocol Some DHCP servers require that the DHCPDISCOVER message have a specific host name The most typical usage of the ip address dhcp hostname host name command is when host name is the host name provided by the system administrator If a router is configured to obtain its IP address from a DHCP server it sends a DHCPDISCOVER messa...

Page 161: ...d Command Mode Interface Configuration Out of Band Ethernet User Guidelines The setting of the default gateway on the out of band port must not precede the assignment of the IP address Always assign the IP address to the out of band port first and then set the default gateway Example The following example defines ip default gateway 192 6 32 17 show ip interface The show ip interface user EXEC comm...

Page 162: ...mple The following example displays VLAN 1 configuration arp The arp global configuration command adds a permanent entry in the Address Resolution Protocol ARP cache To remove an entry from the ARP cache use the no form of this command Syntax arp ip_addr hw_addr ethernet interface number vlan vlan id port channel number no arp ip_addr ethernet interface number vlan vlan id port channel number ip_a...

Page 163: ...efault value use the no form of this command Syntax arp timeout seconds no arp timeout seconds seconds Time in seconds that an entry remains in the ARP cache Range 1 40000000 Default Configuration The default timeout is 60000 seconds Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600 NOTE The ARP entry is deleted between the peri...

Page 164: ...uidelines There are no user guidelines for this command Example The following example configures authentication login clear arp cache The clear arp cache privileged EXEC command deletes all dynamic entries from the ARP cache Syntax clear arp cache Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this ...

Page 165: ...t of band IP interfaces Example The following example displays entries in the ARP table directed broadcast The directed broadcast interface configuration command enables the translation of a directed Broadcast to physical Broadcasts To disable this function use the no form of this command Syntax directed broadcast no directed broadcast Default Configuration Disabled all IP directed broadcasts are ...

Page 166: ...ddress use the no form of this command Syntax broadcast address 255 255 255 255 0 0 0 0 no broadcast address 255 255 255 255 Use 255 255 255 255 as the Broadcast address 0 0 0 0 Use 0 0 0 0 as the Broadcast address Default Configuration The default is 255 255 255 255 as the Broadcast address Command Mode IP Interface Configuration mode User Guidelines There are no user guidelines for this command ...

Page 167: ...address Default Configuration Disabled Command Mode Global Configuration User Guidelines The ip helper address command forwards specific UDP broadcast from one interface to another You can define many helper addresses but the total number of address port pairs is limited to 128 for the whole device The setting of helper address for specific interface has precedence over a setting of helper address...

Page 168: ...efault services are forwarded to the helper address Default Configuration Broadcast packets forwarding to specific addresses is disabled If no UDP port number is specified the device forwards UDP Broadcast packets for the following six services IEN 116 Name Service port 42 DNS port 53 NetBIOS Name Server port 137 NetBIOS Datagram Server port 138 TACACS Server port 49 Time Service port 37 Command M...

Page 169: ...53 show ip helper address The show ip helper address privileged EXEC command displays IP helper addresses configuration Syntax show ip helper address interface interface The IP interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays configured IP ...

Page 170: ...P Domain Naming System DNS based host name to address translation ip domain name The ip domain name global configuration command defines a default domain name used to complete unqualified host names An unqualified host name does not include a dotted decimal domain name To delete the default domain name use the no form of this command Syntax ip domain name name no ip domain name name Default domain...

Page 171: ... Out of Band IP address see the user guidelines Default Configuration No name server IP addresses are specified Command Mode Global Configuraton mode User Guidelines Server preference is determined by entry order Up to 8 servers can be defined in one command or by using multiple commands To define a radius server on the out of band port use the out of band IP address format oob ip address Example ...

Page 172: ...llowing format oob ip address Example The following example defines a static host name to address mapping in the host cache clear host The clear host privileged EXEC command deletes entries from the host name to address cache Syntax clear host name address name Host name to be deleted from the host name to address cache Range 1 158 characters Deletes all entries in the host name to address cache D...

Page 173: ...e to address mapping cache Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example deletes all entries from the DHCP host name to address mapping cache show hosts The show hosts user EXEC command displays the default domain name a list of name server hosts and the s...

Page 174: ...plays information about IP hosts Console show hosts Host name Device Default domain gm com sales gm COM usa sales gm com DHCP Name address lookup is enabled Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping Host Addresses accounting gm com 176 16 8 8 176 16 8 9 DHCP Cache TTL Hours Host Total Elapsed Type Addresses www stanford edu 72 3 IP 171 64 14 203 ...

Page 175: ...ation mode User Guidelines There are no user guidelines for this command Example The following example enables IGMP snooping ip igmp snooping Interface The ip igmp snooping interface configuration command enables Internet Group Management Protocol IGMP snooping on a specific VLAN To disable IGMP snooping on a VLAN interface use the no form of this command Syntax ip igmp snooping no ip igmp snoopin...

Page 176: ...f mrouter ports is enabled Command Mode Interface Configuration VLAN mode User Guidelines Multicast router ports can be configured statically by the bridge multicast forward all command Example The following example enables automatic learning of Multicast router ports on VLANs ip igmp snooping host time out The ip igmp snooping host time out interface configuration command configures the host time...

Page 177: ...t The ip igmp snooping mrouter time out interface configuration command configures the mrouter time out The mrouter time out command is used for setting the aging out time after Multicast router ports are automatically learned To configure the default mrouter time out use the no form of this command Syntax ip igmp snooping mrouter time out time out no ip igmp snooping mrouter time out time out mro...

Page 178: ... seconds Range 0 2147483647 immediate leave Specifies that the port should be immediately removed from the members list after receiving IGMP Leave Default Configuration The default leave time out configuration is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines The leave timeout should be set greater than the maximum time that a host is allowed to respond to an IGMP Query ...

Page 179: ...mple The following example shows IGMP snooping mrouter information show ip igmp snooping interface The show ip igmp snooping interface User EXEC command displays IGMP snooping configuration Syntax show ip igmp snooping interface vlan id vlan_id VLAN ID value Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for ...

Page 180: ...ID value ip multicast address IP Multicast address Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines To see the full Multicast address table including static addresses use the show bridge address table command Console show ip igmp snooping interface 1 IGMP Snooping is globaly disabled IGMP Snooping is disabled on VLAN 1 IGMP host timeout is...

Page 181: ...ping Commands 181 Example The example shows IGMP snooping information on VLAN 1000 Console show ip igmp snooping groups Vlan IP Address Querier Ports 1 224 239 130 2 2 3 Yes g1 g2 19 224 239 130 2 2 8 Yes g9 11 ...

Page 182: ...182 IGMP Snooping Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 183: ...rs the IP interface configuration mode ip route The ip route global configuration command establishes static IP routes To remove static IP routes use the no form of this command Syntax ip route prefix mask prefix length gateway metric distance reject route no ip route prefix mask gateway prefix The destination IP route prefix mask The IP address network mask prefix length The number of bits that c...

Page 184: ...ablishes a static route to 172 16 0 0 key chain The key chain global configuration command defines authentication key group for routing protocols To remove the key chain use the no form of this command Syntax key chain name of chain no key chain name of chain name of chain Key chain name Default Configuration No key chain exists Command Mode Global Configuration mode User Guidelines To use an auth...

Page 185: ...It is useful to have multiple keys on a key chain so that the software can sequence through the keys as they become invalid after time based on the accept lifetime and send lifetime key chain key command settings Authentication keys and their key strings which are to be included in the key chain should be defined prior to configuring the key chain Authentication keys are defined by the key global ...

Page 186: ... key command the console automatically enters the key chain configuration mode Example The following example creates an authentication key number 3 key string The key string SSH public key chain configuration command manually specifies an SSH public key Syntax key string key string row key string row Specifies SSH public key row by row key string UU encoded DER format is the same format in the aut...

Page 187: ...owing example automatically specifies SSH public row keys AAAAB3Nza and C1yc2 Console config crypto key pubkey chain ssh Console config pubkey chain user key bob rsa Console config pubkey key key string AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQW...

Page 188: ...ollowing hh mm ss month date year or hh mm ss date month year hh mm ss Time in hours minutes and seconds Range hh 0 23 mm 0 59 ss 0 59 day Day by date in the month Range 1 31 month Month first three letters by name Range Jan Dec year Year no abbreviation Range 1998 2097 infinite Key is valid to be received from the start time value with no limit end time Key is valid from the start time value unti...

Page 189: ...specified by the key command is valid to be sent The syntax can be either of the following hh mm ss Month date year or hh mm ss date Month year hh mm ss Time in hours minutes and seconds Range hh 0 23 mm 0 59 ss 0 59 day Day by date in the month Range 1 31 month Month first three letters by name Range Jan Dec year Year no abbreviation Range 1998 2097 infinite Key is valid to be sent from the start...

Page 190: ... range from 15 00 00 Jan 25 2005 for 3600 seconds ip maximum paths The ip maximum paths global configuration command defines the maximum number of parallel routes To restore the default number of parallel routes use the no form of this command Syntax ip maximum paths number paths no ip maximum paths number paths Maximum number of parallel routes installed in a routing table Range 1 4 Default Confi...

Page 191: ...ing protocol or the keyword connected static If specifying a routing protocol use one of the following keywords ospf rip address Address about which routing information should be displayed mask The IP address network mask prefix length The number of bits that comprise the IP address prefix The prefix length must be preceded by a forward slash Range 0 32 longer prefixes The address and mask pair be...

Page 192: ...ected Loopback0 C 10 0 1 0 24 is directly connected Ethernet g1 C 10 0 2 0 24 is directly connected Ethernet g2 R 10 8 2 0 24 230 50 via 10 0 2 2 00 17 19 Ethernet g2 S 10 9 1 0 24 5 2 via 10 0 1 2 17 19 18 Ethernet g1 S 10 9 1 0 24 5 3 via 10 0 2 2 Backup Not Active O 10 8 1 0 24 30 2000 via 10 0 1 2 00 39 08 Ethernet g1 S 172 1 0 0 16 5 3 via 10 0 1 1 18 21 58 Ethernet g1 S 172 1 1 0 24 5 3 via ...

Page 193: ...here are no user guidelines for this command Console show ip route address 192 168 1 0 255 255 255 0 longer prefixes Codes C connected S static R RIP O OSPF E OSPF external S 192 168 1 0 24 5 3 via 10 0 2 1 17 12 19 Ethernet g1 S 192 168 1 1 32 5 3 via 10 0 3 1 19 51 18 Ethernet g1 Field Description O Indicates protocol that derived the route 10 8 1 0 24 Indicates the remote network address 30 200...

Page 194: ...n 120 flushed after 300 Redistributing RIP Static OSPF Default version control send version 1 receive version 1 Interfaces Interface Send Receive Key chain 176 1 1 1 1 1 flowers 176 2 1 1 passive 2 Routing Information Sources Gateway Last Update 176 1 1 2 0 00 17 Preference 60 Routing Protocol is ospf Redistributing OSPF External direct Static RIP Interfaces Interface Metric Key chain 176 1 1 1 10...

Page 195: ...nes for this command Example The following example displays key chain information Console show key chains key chain internal key 1 accept 13 30 00 Jan 25 2005 duration 7200 send 14 00 00 Jan 25 2005 duration 3600 key 2 accept 14 30 00 Jan 25 2005 duration 7200 send 15 00 00 Jan 25 2005 duration 3600 key chain external key 1 accept 13 30 00 Jan 25 2005 until 15 30 00 Jan 25 2005 send 14 00 00 Jan 2...

Page 196: ... has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays key chain information Router show keys key 1 accept 13 30 00 Jan 25 2005 forever send 13 30 00 Jan 25 2005 forever key 2 accept 13 30 00 Jan 25 2005 until 15 30 00 Jan 25 2005 send 14 00 00 Jan 25 2005 until 15 00 00 Jan 25 2005 key 3 ...

Page 197: ... Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the system priority to 120 lacp port priority The lacp port priority interface configuration command configures the priority value for physical ports To reset to default priority value use the no form of this command Syntax lacp port priority value no lacp ...

Page 198: ...p timeout long short no lacp timeout long Specifies a long timeout value short Specifies a short timeout value Default Configuration The default port timeout value is long Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example assigns an administrative LACP timeout for port g8 to a long timeout value show lacp ...

Page 199: ...how to display LACP statistics information show lacp port channel The show lacp port channel privileged EXEC command displays LACP information for a port channel Syntax show lacp port channel port_channel_number port_channel_number The port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines f...

Page 200: ... example shows how to display LACP port channel information Console show lacp port channel 1 Port Channel ch1 Port Type Unknown Attached Lag id Actor System Priority 1 MAC Address 0a d0 0f f0 eb ee Admin Key 25 Oper Key 25 Partner System Priority 0 MAC Address 00 00 00 00 00 00 Oper Key 0 ...

Page 201: ...cess SSH Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example configures the device as a virtual terminal for remote console access speed The speed line configuration command sets the line baud rate Syntax speed bps bps Baud rate in bits per second bps The ...

Page 202: ...l user input is detected To restore the default setting use the no form of this command Syntax exec timeout minutes seconds no exec timeout minutes Integer that specifies the number of minutes Range 0 65535 seconds Additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line Configuration mode User Guidelines To specify no timeout ...

Page 203: ... Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the line configuration Console show line Console configuration Interactive timeout 20 History 10 Baudrate 9600 Databits 8 Parity none Stopbits 1 Telnet configuration Interactive timeout 10 minutes 10 seconds Histo...

Page 204: ...session 216 If the maximum of 216 commands is issued in one session the other sessions operate with a maximum default setting of 10 commands each Examples The following example disables the command history function for the current terminal session terminal history size The terminal history size user EXEC command configures the command history buffer size for the current terminal session To reset t...

Page 205: ...uffer for the current terminal session To change the default size of the command history buffer use the history size line configuration command The maximum number of commands in all buffers is 256 Examples The following example configures the command history buffer size to 20 commands for the current terminal session Console terminal history size 20 ...

Page 206: ...206 Line Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 207: ...lines This command enters the access list configuration mode where the denied or permitted access conditions with the deny and permit commands must be defined If no match criteria are defined the default is deny If reentering to an access list context the new rules are entered at the end of the access list Use the management access class command to select the active access list The active manageme...

Page 208: ...t interface number A valid Ethernet port number vlan vlan id A valid VLAN number port channel number A valid port channel number ip address Source IP address mask mask Specifies the network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash service service Indicates service t...

Page 209: ...n vlan id port channel number out of band eth oob interface service service ethernet interface number A valid Ethernet port number vlan vlan id A valid VLAN number port channel number A valid port channel number ip address Source IP address mask mask Specifies the network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The pr...

Page 210: ...ines which management access list is used To disable restriction use the no form of this command Syntax management access class console only name no management access class name A valid access list name console only The device can be managed only from the console Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user...

Page 211: ...uidelines There are no user guidelines for this command Example The following example displays the active management access list show management access class The show management access class privileged EXEC command displays the active management access list Syntax show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Console ...

Page 212: ... t d e l l c o m User Guidelines There are no user guidelines for this command Example The following example displays the management access list information Console show management access class Management access class is enabled using access list mlist ...

Page 213: ...ration mode User Guidelines This command enables IP Multicast routing and DVMRP on a system wide basis DVMRP is the only form of Multicast routing supported by the device and is enabled whether or not DVMRP is specified in the command Example The following example enables IP Multicast routing ip dvmrp The ip dvmrp interface configuration mode enables DVMRP on an interface To disable DVMRP use the ...

Page 214: ... dvmrp metric metric Metric for DVMRP reports Range 1 31 Default Configuration The default metric value is 1 Command Mode Interface configuration Ethernet VLAN port channel User Guidelines If DVMRP is disabled on an interface the DVMRP parameters on the interface return to default This command is available only when DVMRP is enabled Example The following example configures the interface metric for...

Page 215: ...l interface configuration command configures the frequency at which the software sends Internet Group Management Protocol IGMP host query messages To return to the default frequency use the no form of this command Syntax ip igmp query interval seconds no ip igmp query interval seconds Frequency in seconds at which to send IGMP host query messages Range 1 65535 Default Configuration The default is ...

Page 216: ...essages To set this frequency to the default value use the no form of this command Syntax ip igmp last member query interval seconds tenths of seconds no ip igmp last member query interval seconds Frequency in seconds at which IGMP group specific host query messages are sent Range 0 25 tenths of seconds Additional tenths of seconds to add to the defined seconds Range 0 9 Default Configuration The ...

Page 217: ...s Syntax ip igmp query max response time seconds tenths of seconds no ip igmp query max response time seconds The maximum response time in seconds advertised in Internet Group Management Protocol IGMP queries Range 0 25 tenths of seconds Additional tenths of seconds to add to the defined seconds Range 0 9 Default Configuration This command has no default configuration Command Mode Interface config...

Page 218: ...ommand Syntax ip igmp version 1 2 no ip igmp version 1 IGMP version 1 2 IGMP version 2 Default Configuration The default is IGMP version 2 Command Mode Interface configuration Ethernet VLAN port channel User Guidelines IGMP must be enabled before setting the IGMP version If IGMP is disabled on an interface the IGMP parameters on the interface return to the default values Example The following exam...

Page 219: ...et VLAN port channel User Guidelines There are no user guidelines for this command Example The following example configures the router to be a statically connected member of the specified group on port g5 with IP address 224 0 0 0 show ip mroute The show ip mroute user EXEC command displays the IP Multicast routing table contents Syntax show ip mroute group group address source source address ethe...

Page 220: ...00 dvmrp 224 0 255 1 199 92 37 100 32 10 20 37 33 eth g1 1d 4h 20m dvmrp 224 1 255 1 198 92 37 100 32 10 20 37 33 eth g1 21 20 00 dvmrp 224 1 255 1 199 92 37 100 32 10 20 37 33 eth g1 1d 5h 20m dvmrp 224 8 255 1 179 82 17 200 32 10 20 37 33 vlan127 1w 1d 2h dvmrp 224 8 255 1 179 82 17 200 32 10 20 37 33 vlan128 3m 2w 2d dvmrp 224 8 255 1 179 82 17 200 32 10 20 37 33 vlan129 1y 2m 2w dvmrp 224 9 25...

Page 221: ...up 224 1 255 1 Group Source Upstream Interface Up Time Owner 224 1 255 1 198 92 37 100 32 10 20 37 33 eth g1 21 20 00 dvmrp 224 1 255 1 199 92 37 100 32 10 20 37 33 eth g1 1d 5h 20m dvmrp Field Description Group IP Multicast group address Source The network address that identifies the sources Upstream The upstream neighbor RPF address from which IP datagrams from these sources to this Multicast ad...

Page 222: ...lt Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays Multicast next hop information Console show ip mroute next hop Group Source Interface Up Time Expiry Time State Owner 224 0 255 1 198 92 37 100 32 eth g2 20 20 00 0 02 55 Forward igmp 224 0 255 1 199 92 37 100 32...

Page 223: ...guidelines for this command Field Description Group IP Multicast group address Source The network address that identifies the sources Interface The outgoing interface Up time The time since the Multicast routing information was learned by the router Expiry time The minimum amount of time remaining before this entry is aged out If the state is pruned the remaining time until the prune expires and t...

Page 224: ... dvmrp interface Interface IP address Metric RCV Bad RCV Bad Sent Packets Routes Routes eth g1 172 16 1 1 10 0 12 Field Description Interface Interface type number IP address The IP address this system uses as a source address on this interface Metric The distance metric for this interface used to calculate distance vectors RCV Bad Packets The number of DVMRP messages received on the interface by ...

Page 225: ... neighbor ethernet g1 Inter face Neighbor Up Time Expiry Time Version Capabilities State eth g1 192 168 1 28 20 20 00 0 02 55 3 255 L P G M Active eth g1 192 168 1 10 20 20 00 0 02 55 3 255 L P G M Active eth g2 192 168 1 28 20 20 00 0 02 55 3 255 L P G M Active eth g2 192 168 1 89 20 20 00 0 02 55 3 255 L P G M Active Console show ip dvmrp neighbor Inter face Neighbor Up Time Expiry Time Version ...

Page 226: ...d Mode User EXEC mode User Guidelines There are no user guidelines for this command Field Description Interface Interface type number Neighbor The DVMRP neighbor IP address Up Time The time since this DVMRP neighbor became a neighbor of the local router Expiry Time The minimum time remaining before this DVMRP neighbor is aged out Version The neighboring router DVMRP version number Capabilities Des...

Page 227: ...p address ip address IP address of an entry in the DVMRP routing table Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Console show ip dvmrp next hop Source Interface Hop Type 198 92 37 100 32 eth g2 Leaf Field Description Source The network address identifying the sources Interface The outgoi...

Page 228: ...mand has no default configuration Command Mode User EXEC mode Console show ip dvmrp route Source Neighbor Interface Metric Expiry Up Time Time 171 68 0 0 16 192 168 1 28 eth g1 10 00 02 52 07 55 50 Field Description Source The network address that identifies the sources for which this entry contains Multicast routing information Neighbor The upstream neighbor for example RPF neighbor address from ...

Page 229: ...umber Ethernet port number vlan vlan id VLAN number port channel number Port channel number Default Configuration This command has no default configuration Console show ip dvmrp prune Group Source Expiry Time 224 192 78 88 171 68 0 0 16 00 02 52 224 192 78 89 171 68 0 0 16 00 08 52 Field Description Group The group address which has been pruned Source The address of the source or source network wh...

Page 230: ...interface Interface Version Query Last Max Querier Interval Member response router sec mSec Sec eth g1 2 60 1000 10 198 92 37 33 eth g2 60 1000 10 198 92 36 131 Field Description Interface Interface type number IP address Interface IP address Version The version of IGMP running on this interface Query interval The frequency seconds at which IGMP Host Query packets are transmitted Last member The L...

Page 231: ... default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example configures authentication login Console show ip igmp groups Group Address Interface Uptime Expires Last Reporter 239 255 255 254 eth g1 1w0d 00 02 19 172 21 200 159 224 0 1 40 eth g1 1w0d 00 02 15 172 21 200 1 224 0 1 40 eth g3 1w0d 00 02 11 static 224 0 1 ...

Page 232: ...address Interface Interface through which the group is reachable Uptime How long in weeks days hours minutes and seconds this Multicast group is known Expires How long in hours minutes and seconds until the entry expires The word static indicates that the entry will not time out because the entry is defined as static Last Reporter Last host to report being a member of the Multicast group ...

Page 233: ... guidelines for this command Example The following example enables the OSPF routing process router ospf area The router ospf area global configuration command defines an OSPF area To remove the definition use the no form of this command Syntax router ospf area area id no router ospf area area id area id OSPF area associated with a range of IP addresses The area id is specified in a dotted decimal ...

Page 234: ...to two or more OSPF areas Small networks usually will only have an area 0 Larger networks will have multiple OSPF areas to reduce the size of the IP route tables and to reduce the CPU and memory demands on the routers to a manageable level It is not necessary to define an OSPF area globally OSPF areas may also be defined with the interface command Example The following example globally defines an ...

Page 235: ... The following example enables route advertisements learnt by RIP while running OSPF router ospf redistribute static The router ospf redistribute static global configuration command enables advertising routes configured statically in the OSPF routing process To disable static route advertising use the no form of this command Syntax router ospf redistribute static no router ospf redistribute static...

Page 236: ...lines for this command Example The following example enables advertisements of directly connected networks routes running OSPF router ospf area virtual link The router ospf area virtual link global configuration mode command defines an OSPF virtual link and enters the OSPF Virtual link Configuration mode To remove a virtual link use the no form of this command Syntax router ospf area area id virtu...

Page 237: ...ue must be the same for all nodes on a specific network Range 1 65535 Default Configuration The default value is 10 seconds Command Mode OSPF virtual link configuration User Guidelines This value is advertised in the hello packets The smaller the hello interval the faster topological changes are detected but causes more routing traffic This value must be the same for all routers and access servers...

Page 238: ...s value must be the same for all routers and access servers on a specific network Example The following example sets the interval at which hello packets must not be seen before its neighbors declare the router down to 100 seconds retransmit interval The retransmit interval ospf virtual link interface configuration command specifies the time between link state advertisement LSA retransmissions for ...

Page 239: ...pf virtual link interface configuration command sets the estimated time required to send a link state update packet on the OSPF virtual link interface To return to the default value use the no form of this command Syntax transmit delay seconds no transmit delay seconds Time in seconds required to send a link state update Range 1 3600 Default Configuration The default value is 1 second Command Mode...

Page 240: ... authentication use the no form of this command Syntax authentication text text md5 name of chain no authentication text text Clears text authentication The string can contain from 1 to 8 uppercase and lowercase alphanumeric characters md5 name of chain Keyed Message Digest 5 MD5 authentication Default Configuration No authentication is provided for OSPF packets Command Mode OSPF virtual link conf...

Page 241: ...y value for the ip address keyword for each router can be configured however each router ID must be unique Example The following example configures an OSPF router ID as 196 127 2 1 router ospf area stub The router ospf area stub global configuration command defines an area as a stub area To disable this function use the no form of this command Syntax router ospf area area id stub no router ospf ar...

Page 242: ...the end of the router ospf area stub command the same hint is displayed twice at the prompt line Example The following example defines an OSPF stub area 7 7 7 7 router ospf area default cost The router ospf area default cost global configuration command specifies a cost for the default summary route sent into a stub area To remove the assigned default route cost use the no form of this command Syn...

Page 243: ...delines After creating an OSPF process on an interface the OSPF process must be activated on the interface using the ospf enable command If the specified area id has not yet been created using the ip interface configuration ospf area command then it is auto created using this command An OSPF area that is auto created is not displayed in the configuration file An auto created OSPF area is deleted o...

Page 244: ...guration mode User Guidelines An OSPF interface must be created before it can be enabled To enable an OSPF interface use the ospf command Example The following example activates OSPF on IP interface 1 100 100 100 ospf area The ospf area interface configuration command assigns an area to an interface To remove the definition use the no form of this command Syntax ospf area area id no ospf area area...

Page 245: ...he running configuration file Example The following example defines an interface area ID of 192 168 2 1 on IP interface 1 100 100 100 ospf cost The ospf cost interface configuration command specifies the cost of sending a packet on an interface To reset the path cost to the default value use the no form of this command Syntax ospf cost interface cost no ospf cost interface cost Unsigned integer va...

Page 246: ... specifies the router priority Range 0 255 Default Configuration The default router priority number is 1 Command Mode IP Interface Configuration mode User Guidelines When two routers attached to a network both attempt to become the designated router the one with the higher router priority takes precedence If there is a tie the router with the higher router ID takes precedence A router with a route...

Page 247: ...e smaller the hello interval the faster topological changes are detected resulting in extra routing traffic This value must be the same for all routers and access servers on a specific network Example The following example defines the hello time of 100 seconds on IP interface 1 100 100 100 ospf dead interval The ospf dead interval interface configuration command sets the interval at which hello pa...

Page 248: ...interface adjacencies belonging to the interface To return to the default value use the no form of this command Syntax ospf retransmit interval seconds no ospf retransmit interval seconds Time in seconds between retransmissions The time must be greater than the expected round trip delay between any two routers on the attached network Range 1 3600 Default Configuration The default time is 5 seconds...

Page 249: ...erface Configuration User Guidelines Link state advertisements LSAs in the update packet must have their ages incremented by the amount specified in the seconds argument before transmission The value assigned should take into account the transmission and propagation delays for the interface If the delay is not added before transmission over a link the time in which the LSA propagates over the link...

Page 250: ...idelines This command enables support of RFC1583 compatibility in products that support later standards Example The following example restores the method of calculation of summary route costs as suggested by RFC 1583 ospf authentication The ospf authentication interface configuration command enables authentication for OSPF packets and specifies the authentication type To prevent authentication use...

Page 251: ...rs OSPF database entries learned by the device or by a specific interface Syntax clear ip ospf process interface interface IP interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines OSPF database entries learned by the device or by a specific interface cannot be cleared using the Web user interface Example The following example cl...

Page 252: ...thentication login The following table describes the fields that display Console show ip ospf OSPF is enabled OSPF Router ID 192 42 110 200 Supports only single TOS TOS0 route It is an area border and autonomous system boundary router Redistributing External Routes from rip with metric mapped to type 2 Number of areas in this router is 3 Area 192 42 110 0 Area is a stub area with default cost 10 N...

Page 253: ...s range It is specified as an IP address router id Router ID associated with the virtual link neighbor Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command It is Possible types are internal area border or autonomous system boundary Redistributing External Routes from Lists redistributed routes by p...

Page 254: ...a id database asbr summary link state id adv router ip address Console show ip ospf virtual links Virtual Link to router 192 168 101 2 is up Transit area 0 0 0 1 Virtual link has simple password authentication Transmit Delay is 1 sec State POINT_TO_POINT Timer intervals configured Hello 10 Dead 40 Retransmit 5 Adjacency State FULL Field Description Virtual Link to router 192 168 101 2 is up Specif...

Page 255: ...database router adv router ip address show ip ospf area id database router self originate link state id show ip ospf area id database self originate link state id show ip ospf area id database summary link state id show ip ospf area id database summary link state id adv router ip address show ip ospf area id database summary link state id self originate link state id area id Area number associated...

Page 256: ...P address When the LSA is describing a router the link state ID is always the OSPF router ID of the described router When an autonomous system external advertisement Type 5 is describing a default route its link state ID is set to the default destination 0 0 0 0 database summary Displays how many of each type of LSA for each area there are in the database and the total number of LSA types external...

Page 257: ... ID ADV Router Age Seq Checksum Link count 200 1 1 8 200 1 1 8 1381 0x8000010D 0xEF60 2 200 1 1 11 200 1 1 11 1460 0x800002FE 0xEB3D 4 200 1 1 12 200 1 1 12 2027 0x80000090 0x875D 3 200 1 1 27 200 1 1 27 1323 0x800001D6 0x12CC 3 Net Link States Area 0 Link ID ADV Router Age Seq Checksum 140 1 1 27 200 1 1 27 1323 0x8000005B 0xA8EE 141 1 1 11 200 1 1 11 1461 0x8000005B 0x7AC ...

Page 258: ...detects old or duplicate LSAs Checksum Fletcher checksum of the complete the LSA contents Link count Number of interfaces detected for router Console show ip ospf database asbr summary OSPF Router with id 190 20 239 66 Displaying Summary ASB Link States Area 0 0 0 0 LS age 1463 Options No TOS capability LS Type Summary Links AS Boundary Router Link State ID 155 187 245 1 AS Boundary Router address...

Page 259: ...ptions Type 0 only LS Type Link state type Link State ID Link state ID ASBR Advertising Router Advertising router ID LS Seq Number Link state sequence detects old or duplicate LSAs Checksum Link state checksum Fletcher checksum of the complete contents of the LSA Length Length in bytes of the LSA Network Mask Network mask implemented TOS Type of service Metric Link state metric ...

Page 260: ...er with id 190 20 239 66 Displaying AS External Link States LS age 280 Options No TOS capability LS Type AS External Link Link State ID 143 105 0 0 External Network Number Advertising Router 155 187 70 6 LS Seq Number 80000AFD Checksum 0xC3A Length 36 Network Mask 255 255 0 0 Metric Type 2 Larger than any link state path TOS 0 Metric 1 Forward Address 0 0 0 0 External Route Tag 0 ...

Page 261: ...ce number detects old or duplicate LSAs Checksum Checksum Fletcher checksum of the complete contents of the link state advertisement Length Length in bytes of the LSA Network Mask Network mask implemented Metric Type External type TOS Type of service Metric Link state metric Forward Address Forwarding address Data traffic for the advertised destination is forwarded to this address If the forwardin...

Page 262: ...splaying Net Link States Area 0 0 0 0 LS age 1367 Options No TOS capability LS Type Network Links Link State ID 155 187 1 3 address of Designated Router Advertising Router 190 20 239 66 LS Seq Number 800000E7 Checksum 0x1229 Length 52 Network Mask 255 255 255 0 Attached Router 190 20 239 66 Attached Router 155 187 241 5 Attached Router 155 187 1 1 Attached Router 155 187 54 5 Attached Router 155 1...

Page 263: ...tate type Link State ID Link state ID of designated router Advertising Router Advertising router ID LS Seq Number Link state sequence detects old or duplicate LSAs Checksum Checksum Fletcher checksum of the link state advertisement complete contents Length Length in bytes of the link state advertisement Network Mask Network mask implemented Attached Router List of routers attached to the network b...

Page 264: ...outer Link States Area 0 0 0 0 LS age 1176 Options No TOS capability LS Type Router Links Link State ID 155 187 21 6 Advertising Router 155 187 21 6 LS Seq Number 80002CF6 Checksum 0x73B7 Length 120 AS Boundary Router Number of Links 8 Link connected to another Router point to point link ID Neighboring Router ID 155 187 21 5 Link Data Router Interface address 155 187 21 6 Number of TOS metrics 0 T...

Page 265: ...ink State ID Link state ID Advertising Router Advertising router ID LS Seq Number Link state sequence detects old or duplicate link state advertisements Checksum Checksum Fletcher checksum of the complete contents of the LSA Length Length in LSA bytes AS Boundary Router Router type definition Number of Links Number of active links link ID Link type Link Data Router interface address TOS Type of se...

Page 266: ...ing Router 155 187 241 5 LS Seq Number 80000072 Checksum 0x84FF Length 28 Network Mask 255 255 255 0 TOS 0 Metric 1 Field Description OSPF Router with id Router ID number LS age Link state age Options Type of service options Type 0 only LS Type Link state type Link State ID Link state ID summary network number Advertising Router The ID of the advertising router LS Seq Number Link state sequence de...

Page 267: ...ation Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Console show ip ospf database summary OSPF Router with ID 172 19 65 21 Process ID 1 Area ID Router Network Sum Net Sum ASBR Subtotal 1 1 1 1 1 0 0 0 1 AS External 0 Total 1 0 0 0 1 Field Description Area ID Area ID Router Number of router LSAs in that area Network Number of network LSAs in that area Sum...

Page 268: ... Interface has simple password authentication Transmit Delay is 1 sec State OTHER Priority 1 Designated Router id 192 168 1 11 Interface address 192 168 1 11 Backup Designated router id 192 168 1 28 Interface addr 192 168 1 28 Timer intervals configured Hello 10 Dead 60 Retransmit 5 Neighbor Count is 8 Adjacent neighbor count is 2 Adjacent with neighbor 192 168 1 28 Backup Designated Router Adjace...

Page 269: ...ptions stub nssa Hello Interval default 10 sec Router Dead Interval default 40 sec Examples The following example displays OSPF neighbor information on interface 192 168 1 1 Console show ip ospf neighbor 192 168 1 1 Neighbor 192 168 1 11 Address 192 168 1 11 In the area 0 0 0 0 Neighbor priority is 1 State is FULL Options 2 Neighbor 192 168 1 12 Address 192 168 1 12 In the area 0 0 0 0 Neighbor pr...

Page 270: ...a Area and interface through which the OSPF neighbor is known Neighbor priority Router priority of the neighbor neighbor state State OSPF neighbor state init two way loading full On a broadcast media the roles are Designated Router DR Backup Designated Router BDR Other DRother Options Hello packet options field contents E bit only Possible values are 0 and 2 2 indicates area is not a stub 0 indica...

Page 271: ...twisted together If for example MDI 0 pins are connected to pairs 1 2 of the RJ45 which are connected to the orange pair then MDI 0 will be connected to the solid orange and MDI 0 will be connected to the striped orange The short between wires that do not belong to the same pair will not be reported Syntax test copper port tdr interface interface A valid Ethernet port Default Configuration This co...

Page 272: ...s no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the last TDR Time Domain Reflectometry tests on all ports show copper ports cable length The show copper ports cable length privileged EXEC command displays the estimated copper cable length attached to a port Console test copper port tdr...

Page 273: ...imated copper cable length attached to all ports show fiber ports optical transceiver The show fiber ports optical transceiver privileged EXEC command displays the optical transceiver diagnostics Syntax show fiber ports optical transceiver interface detailed Syntax Description interface A valid Ethernet port detailed Detailed diagnostics Default Configuration This command has no default configurat...

Page 274: ...274 PHY Diagnostics Commands w w w d e l l c o m s u p p o r t d e l l c o m Command Mode Privileged EXEC mode User Guidelines To test optical transceivers ensure a fiber link is present ...

Page 275: ...N A N A g13 N A N A N A N A N A N A N A N A g14 N A N A N A N A N A N A N A N A g15 N A N A N A N A N A N A N A N A g16 N A N A N A N A N A N A N A N A g17 N A N A N A N A N A N A N A N A g18 N A N A N A N A N A N A N A N A g19 N A N A N A N A N A N A N A N A g20 N A N A N A N A N A N A N A N A g21 N A N A N A N A N A N A N A N A g22 N A N A N A N A N A N A N A N A g23 N A N A N A N A N A N A N A ...

Page 276: ...ut TX LOS Data C Volt mA dBm dBm Fault Ready g1 48 5 15 50 1 7 1 7 No No Yes g2 43 5 15 10 1 7 1 7 No No Yes g3 Copper Temp Internally measured transceiver temperature Voltage Internally measured supply voltage Current Measured TX bias current Output Power Measured TX output power Input Power Measured RX received power Tx Fault Transmitter fault LOS Loss of signal Data ready Indicates transceiver ...

Page 277: ...er some circumstances make it non operational If the other side has auto negotiation turned on it may re synchronize all members of the aggregated link to half duplex operation and may as per the standards set them all to inactive Example The following example enters the context of port channel number 1 interface range port channel The interface range port channel global configuration command ente...

Page 278: ...on command associates a port with a port channel To remove a port from a port channel use the no form of this command Syntax channel group port channel number mode on auto no channel group port channel_number Specifies the number of the valid port channel for the current port to join on Forces the port to join a channel auto Allows the port to join a channel as a result of an LACP operation Defaul...

Page 279: ...whether they are currently active or not Syntax show interfaces port channel port channel number port channel number Valid port channel number information to display Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how all port channel information is displaye...

Page 280: ...280 Port Channel Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 281: ...one port to be copied to another port or between the source port src interface and a destination port the port being configured Only a single target port can be defined per system The port being monitored cannot be set faster than the monitoring port The following restrictions apply to ports configured to be destination ports The port cannot be already configured as a source port The port cannot b...

Page 282: ...e Example The following example shows how traffic on port g8 source port is copied to port g1 destination port port monitor vlan tagging The port monitor vlan tagging interface configuration command transmits tagged ingress mirrored packets To transmit untagged ingress mirrored packets use the no form of this command Syntax port monitor vlan tagging no port monitor vlan tagging Default Configurati...

Page 283: ...uration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how the port monitoring status is displayed Console show ports monitor Source Port Destination Port Type Status VLAN Tagging g1 g8 RX TX Active No g2 g8 RX TX Active No g18 g8 RX Active No ...

Page 284: ...284 Port Monitor Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 285: ...l QoS configuration Default Configuration By default QoS is enabled in basic mode Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command However switching to Basic qos mode sets the trust mode to cos Example The following example shows how QoS is enabled on the device in basic mode show qos The show qos user EXEC command displays the QoS status Syntax ...

Page 286: ...rm of this command Syntax priority queue out num of queues number of queues no priority queue out num of queues number of queues Assign the number of queues to be expedite queues The expedite queues would be the queues with higher indexes The range is 0 8 Default Configuration All queues are expedite queues Command Mode Global Configuration mode User Guidelines When configuring the priority queue ...

Page 287: ...he port number and use the traffic shape command without the queue id option and the CIR and the CBS are applied on the specified port In order to activate shaper for a specific queue add the queue ID to the line Example The following example sets a shaper on port g5 when the average traffic rate exceeds 124000 bps or the a normal burst size exceeds 96000 bps qos wrr queue threshold The qos wrr qu...

Page 288: ... exceeded Example The following example configures the tail drop thresholds to 80 wrr queue bandwidth The wrr queue bandwidth interface configuration command assigns Weighted Round Robin WRR weights to egress queues The weights ratio determines the frequency in which the packet scheduler dequeues packets from each queue To return to the default values use the no form of this command Syntax wrr que...

Page 289: ...weights as follows Queue 1 6 Queue 2 6 Queue 3 6 Queue 4 6 Queue 5 6 Queue 6 6 Queue 7 6 Queue 8 6 wrr queue The wrr queue interface configuration command defines the wrr queue mechanism on an egress queue Use the no form of the command to define the default thresholds Syntax wrr queue tail drop no wrr queue tail drop Tail drop mechanism Default Configuration The system default is tail drop mechan...

Page 290: ...ings are displayed queuing Displays the queue strategy WRR or EF the weight for WRR queues the CoS to queue map and the EF priority shapers Displays the specified interface shaper and the shaper for the queue on the specified interface policers Displays all the policers configured for this interface their setting and the number of policers currently unused Default Configuration For VLAN interface ...

Page 291: ... disable 100 100 100 3 disable 100 100 100 4 disable 100 100 100 5 Enable N A N A N A 6 Enable N A N A N A 7 Enable N A N A N A 8 Enable N A N A N A qid MinDP0 MaxDP0 ProbDP0 MinDP1 MaxDP1 ProbDP1 MinDP2 MaxDP2 ProbDP2weight 1 N A N A N A N A N A N A N A N A N A N A 2 N A N A N A N A N A N A N A N A N A N A 3 N A N A N A N A N A N A N A N A N A N A 4 N A N A N A N A N A N A N A N A N A N A 5 50 60...

Page 292: ...interface ethernet g1 queueing command Console show qos interface ethernet g1 queueing Ethernet g1 wrr bandwidth weights and EF priority qid weights Ef Priority 1 125 dis N A 2 125 dis N A 3 125 dis N A 4 125 dis N A 5 N A ena 5 6 125 dis N A 7 125 dis N A 8 N A ena 8 Cos queue map cos qid 0 3 1 1 2 2 3 4 4 5 5 6 6 7 7 8 ...

Page 293: ...erface g1 shapers Ethernet g1 Port shaper enable Committed rate 192000 bps Committed burst 9600 bytes Target Target qid Status Committed Committed Rate bps Burst bytes 1 Enable 100000 17000 2 Disable N A N A 3 Enable 200000 19000 4 Disable N A N A 5 Disable N A N A 6 Disable N A N A 7 Enable 178000 8000 8 Enable 23000 1000 ...

Page 294: ...ueue id no qos map dscp queue dscp list Specify up to 8 DSCP values separate each DSCP with a space Range 0 63 queue id Enter the queue number to which the DSCP value corresponds Console show qos interface ethernet g1 policers Ethernet g1 Class map A Policer type aggregate Committed rate 192000 bps Committed burst 9600 bytes Exceed action policed dscp transmit Class map B Policer type single Commi...

Page 295: ... this command is used the complete table is deleted Syntax qos map tcp port queue port1 port8 to queue id no qos map tcp port queue port1 port8 port1 port8 Specify up to 8 ports destination ports separated by commas that are being mapped Range 1 65535 queue id Specify the queue number being mapped Default Configuration The table is empty Command Mode Global Configuration mode User Guidelines This ...

Page 296: ...at are being mapped Range 1 65535 queue id Specify the queue number being mapped Default Configuration The table is empty Command Mode Global Configuration mode User Guidelines This command maps the UDP destination port in the ingress packet to a specified queue This map is used when the UDP trust mode is enabled and when the trust command is enabled Example The following example shows how the map...

Page 297: ...can use this command to distribute traffic into different queues where each queue is configured with different weighted round robin WRR and Weighted Random Early Detection WRED parameters You enable the expedite queues by using the priority queue out interface configuration command wrr queue cos map Example The following example maps CoS 3 to queue 7 show qos map The show qos map user EXEC command...

Page 298: ...Command Mode User EXEC command User Guidelines There are no user guidelines for this command Example The following example displays the DSCP port queue map Console show qos map dscp queue Dscp queue map d1 d2 0 1 2 3 4 5 6 7 8 9 0 01 01 01 01 01 01 01 01 02 02 1 02 02 02 02 02 02 03 03 03 03 2 03 03 03 03 04 04 04 04 04 04 3 04 04 05 05 05 05 05 05 05 05 4 06 06 06 06 06 06 06 06 07 07 5 07 07 07 ...

Page 299: ...he policed DSCP map Tcp port queue map Port qid 6000 1 6001 2 6002 3 Udp port queue map Port qid 8000 1 8001 2 Policed dscp map d1 d2 0 1 2 3 4 5 6 7 8 9 0 00 01 02 03 04 05 06 07 08 09 1 10 11 12 13 14 15 16 17 18 19 2 20 21 22 23 24 25 26 27 28 29 3 30 31 32 33 34 35 36 37 38 39 4 40 41 42 43 44 45 46 47 48 49 5 50 51 52 53 54 55 56 57 58 59 6 60 61 62 63 ...

Page 300: ... DSCP values tcp udp port Classifies ingress packets with the packet destination port values Default Configuration If the system is in basic mode then CoS is the default trust mode Command Mode Global Configuration mode User Guidelines This command can be used only in QoS basic mode Packets entering a quality of service QoS domain are classified at the edge of the QoS domain When the packets are c...

Page 301: ...owing example configures the system in basic mode to DSCP trust state qos trust Interface The qos trust interface configuration command enables each port trust state while the system is in basic mode To disable the trust state on each port use the no form of this command Syntax qos trust no qos trust Default Configuration Each port is enabled while the system is in basic mode Command Mode Interfac...

Page 302: ...nfiguration Port CoS is 0 Command Mode Interface Configuration Ethernet port channel command User Guidelines There are no user guidelines for this command Example The following example configures port g5 default CoS value to 3 qos dscp mutation The qos dscp mutation global configuration command applies the DSCP Mutation map to system DSCP trusted ports To return to the trust port with no DSCP muta...

Page 303: ...ation global configuration command modifies the DSCP values to the DSCP mutation map values To return to the default mutation map use the no form of this command Syntax qos map dscp mutation in dscp to out dscp no qos map dscp mutation in dscp Specifies up to 8 DSCP values to be mutated separate each DSCP with a space Range 0 63 out dscp Specifies up to 8 DSCP values to be mutated separate each DS...

Page 304: ...ake when rate is exceeded which is to drop the packet exceed action policed dscp transmit Specifies the action to take when rate is exceeded which is to remark the packet DSCP according to policed DCP map dscp dscp The value that the DSCP is remarked Relevant only if exceed action is policed dscp transmit Default Configuration By default no aggregate policer is defined Command Mode Global Configur...

Page 305: ... purposes To return to the default map use the no form of this command Syntax qos map policed dscp dscp list to dscp mark down no qos map policed dscp dscp list Specifies up to 8 DSCP values separated by spaces Range 0 63 dscp mark down Specifies the DSCP value to mark down Range 0 63 Default Configuration The default map is the Null map which means that each income DSCP value is mapped to the sam...

Page 306: ...ual ACLs must be matched match any Performs the logical OR condition which requires that all the criteria within any ACL in the class does not have to be matched It is sufficient for one criterion to be matched Default Configuration If neither the match all or match any is specified the default is match all Command Mode Global Configuration mode User Guidelines An error message is generated if the...

Page 307: ... Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the class map called class1 match The match class map configuration command defines the match criterion to classify traffic To delete the match criterion use no form of this command Syntax match access group acl name no match access group acl name acl name Specifies the access ...

Page 308: ...ckets and to set the CoS value to 0 if the packet is tagged Command Mode Global Configuration mode User Guidelines Before you configure policies for classes whose match criteria are defined in a class map use the policy map command to specify the name of the policy map to be created added to or modified Entering the policy map command enables the policy map configuration mode in which the class po...

Page 309: ...nything other than the match ip dscp class map configuration command an error message is generated Example The following example creates policy map called policy1 show policy map The show policy map user EXEC command displays the defined policy maps Syntax show policy map policy map name class class name policy map name The policy map name being displayed class class name Displays the QoS policy a...

Page 310: ...default no policy map class maps are defined Command Mode Policy map Configuration mode User Guidelines Use the policy map global configuration command to identify the policy map and to enter Policy map Configuration mode before using the class command After specifying a policy map a policy for new classes can be configured or a policy for any existing classes in that policy map can be modified At...

Page 311: ...ed burst byte exceed action drop policed dscp transmit no police committed rate kbps The average traffic rate CIR in kilo bits per second bps committed burst byte The normal burst size CBS in bytes exceed action drop Specifies action taken when the rate is exceed which is to drop the packet exceed action policed dscp transmit Specifies the action taken when the rate is exceeded which is to remark ...

Page 312: ...olice aggregate aggregate policer name no police aggregate aggregate policer name Specifies the name of an existing aggregate policer defined in the qos aggregate policer command Default Configuration This command has no default configuration Command Mode Policy map Class Configuration mode User Guidelines An aggregate policer cannot be used across different policy maps or interfaces Example The f...

Page 313: ...Guidelines This command is used to distinguish the quality of service QoS trust behavior for certain traffic from others For example incoming traffic with certain DSCP values can be trusted A class map can be configured to match and trust the DSCP values in the incoming traffic NOTE Policy maps that contain set or trust commands or have ACL classification cannot be attached to an egress interface ...

Page 314: ...Default Configuration This command has no default configuration Command Mode Policy map Class Configuration mode User Guidelines NOTE Policy maps that contain set or trust commands or have ACL classification cannot be attached to an egress interface by using the service policy interface configuration command Example The following example sets a new DSCP value in the packet to 56 The class is in a ...

Page 315: ...ass configuration commands or that have access control list ACL classification to an egress interface The only match criterion supported on an egress interface is match ip dscp dscp list For non IP Packets the final CoS is converted to DSCP for classification purposes If there is an attempt to apply a policy map on an egress interface with anything other than the match ip dscp class map configurat...

Page 316: ...316 QoS Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 317: ... value If no re transmit value is specified the global value is used Range 1 10 deadtime Length of time in minutes for which a RADIUS server is skipped over by transaction requests Range 0 2000 key Specifies the authentication and encryption key for all RADIUS communications between the router and the RADIUS server This key must match the encryption used on the RADIUS daemon If no key value is spe...

Page 318: ... between the router and the RADIUS daemon To reset to the default use the no form of this command Syntax radius server key key string no radius server key key string Specifies the authentication and encryption key for all RADIUS communications between the router and the RADIUS server This key must match the encryption used on the RADIUS daemon The key can be up to 128 characters long Default Confi...

Page 319: ...de User Guidelines There are no user guidelines for this command Example The following example configures the number of times the software searches the list of RADIUS server hosts to 5 attempts radius server source ip The radius server source ip global configuration command specifies the source IP address used for communication with RADIUS servers To return to the default use the no form of this c...

Page 320: ...timeout timeout Specifies the timeout value in seconds Range 1 30 Default Configuration The default value is 3 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the interval for which a router waits for a server host to reply to 5 seconds radius server deadtime The radius server deadtime global configurat...

Page 321: ... for this command Example The following example sets a dead time where a RADIUS server is skipped over by transaction requests for this period to 10 minutes show radius servers The show radius servers user EXEC command displays the RADIUS server settings Syntax show radius servers Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are ...

Page 322: ...g example displays the RADIUS server settings Console show radius servers IP address Auth Acct TimeOut Retransmit deadtime source IP Priority 172 16 1 1 1645 1646 3 3 0 172 16 8 1 1 172 16 1 2 1645 1646 1 18 0 172 16 8 1 2 Global values TimeOut 3 Retransmit 3 Deadtime 0 Source IP 172 16 8 1 ...

Page 323: ... user guidelines for this command Example The following example enables RIP on the device router rip redistribute ospf The router rip redistribute ospf global configuration command advertises routes learned by OSPF in the RIP process To disable advertisements use the no form of this command Syntax router rip redistribute ospf no router rip redistribute ospf Default Configuration Routes learned by ...

Page 324: ...ult Configuration Routes statically configured are not advertised in the RIP process Disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables statically configured routes to advertise in the RIP process rip The rip interface configuration command creates a Routing Information Protocol RIP process on an inter...

Page 325: ...User Guidelines If the sending of routing updates on an interface is disabled the particular subnet continues to be advertised to other interfaces and updates from other routers on that interface continue to be received and processed Example The following example disables the sending of routing updates on IP address 100 1 1 1 rip auto send The rip auto send interface configuration command automati...

Page 326: ...utomatically detects whether RIP information is required to be sent on IP address 100 1 1 1 rip version The rip version interface configuration command specifies a Routing Information Protocol RIP version To return to the default use the no form of this command Syntax rip version 1 2 no rip version Use RIP Version 1 on the interface Use RIP Version 2 on the interface Default Configuration RIP Vers...

Page 327: ...e IP Interface Configuration mode User Guidelines This option is used to make the device prefer RIP routes learned from the specific interfaces less than RIP routes from other interfaces Example The following example applies an offset of 5 to a metric learned via RIP before adding it to the interface table on IP address 100 1 1 1 rip default route originate The rip default route originate interfac...

Page 328: ...his command has been configured does not accept default route advertisement in order to prevent a possible loop on the default route Example The following example applies a metric of 5 to generate a default route to RIP on IP address 100 1 1 1 rip default route offset The rip default route offset interface configuration command generates an offset for a default route into RIP To disable this featu...

Page 329: ...mand enables authentication for Routing Information Protocol RIP Version 2 packets and specifies the authentication type To prevent authentication use the no form of this command Syntax rip authentication text text md5 name of chain no rip authentication text text Clear text authentication The string can contain from 1 to 16 uppercase and lowercase alphanumeric characters md5 name of chain Keyed M...

Page 330: ...ting information Syntax show ip rip show ip rip md5 show ip rip statistics show ip rip peer md5 Displays MD5 authentication information statistics Displays statistics information peer Displays peer information Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console config interface ip 10...

Page 331: ...IP is enabled OSPF leaking is enabled Static leaking is enabled InterfaceVerOffsetDefaultPassiveAutoAuth RouteSend 176 16 0 0 1621DisabledNoYesMD5 192 168 0 0 1621DisabledNoNoText Console show ip rip md5 Interface MD5 Authentication key chain 176 16 0 0 16 keychain1 Console show ip rip statistics Interface Received Received Sent Bad Packets Bad Routes Updates 176 16 0 0 16 0 1 8 192 168 0 0 16 0 0...

Page 332: ...nvalid metric Sent Updates The number of triggered RIP updates actually sent on this interface This explicitly does NOT include full updates sent containing new information Console show ip rip peer Address Route Last Update Version Received Received Tag Bad Packets Bad Routes 176 16 1 1 10 00 17 20 1 192 168 1 1 10 00 27 20 0 Field Description Address The peer IP Address Route Tag The value in the...

Page 333: ...This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays RMON Ethernet Statistics for port g1 Console show rmon statistics ethernet g1 Port g1 Dropped 8 Octets 878128 Packets 978 Broadcast 7 Multicast 1 CRC Align Errors 0 Collisions 0 Undersize Pkts 0 Oversize Pkts 0 Fragments 0 Jabber...

Page 334: ...rsize Pkts The total number of packets received less than 64 octets long excluding framing bits but including FCS octets and otherwise well formed Oversize Pkts The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and otherwise well formed Fragments The total number of packets received less than 64 octets in length excluding framing bits but ...

Page 335: ...defaults to 50 Range 1 65535 interval seconds The number of seconds in each polling cycle If unspecified defaults to 1800 Range 1 3600 Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command cannot be executed on multiple ports using the interface range ethernet command 256 to 511 Octets The total ...

Page 336: ... collection history ethernet interface port channel port channel number interface Valid Ethernet port port channel number Valid port channel trunk index Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays all RMON group statistics Console config interface eth...

Page 337: ...splays drop and collision counters period seconds Specifies the requested period time to display Range 1 4294967295 Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Field Description Index An index that uniquely identifies the entry Interface The sampled Ethernet interface Interval The interval...

Page 338: ...0 Requested samples 50 Granted samples 50 Maximum table size 270 Time Octets Packets Broadcast Multicast 09 Mar 2005 18 29 32 0 0 0 0 0 09 Mar 2005 18 29 42 0 0 0 0 0 09 Mar 2005 18 29 52 0 0 0 0 0 09 Mar 2005 18 30 02 0 0 0 0 0 09 Mar 2005 18 30 12 0 0 0 0 0 09 Mar 2005 18 30 22 0 0 0 0 0 Console show rmon history 5 errors Sample Set 5 Owner cli Interface 24 interval 10 Requested samples 50 Grant...

Page 339: ...s Multicast The number of good packets received during this sampling interval that were directed to a Multicast address This number does not include packets addressed to the Broadcast address Utilization The best estimate of the mean physical layer network utilization on this interface during this sampling interval in hundredths of a percent CRC Align The number of packets received during this sam...

Page 340: ...the method is delta the selected variable value at the last sample is subtracted from the current value and the difference compared with the thresholds Fragments The total number of packets received during this sampling interval that were less than 64 octets in length excluding framing bits but including FCS octets had either a bad Frame Check Sequence FCS with an integral number of octets FCS Err...

Page 341: ...mpty string Default Configuration The following parameters have the following default values type type If unspecified the type is absolute startup direction If unspecified the startup direction is rising falling Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the following alarm conditions Alarm index 100...

Page 342: ...s shown in the display show rmon alarm The show rmon alarm user EXEC command displays alarm configuration Syntax show rmon alarm number number Alarm index Range 1 65535 Default Configuration This command has no default configuration Command Mode User EXEC mode Console show rmon alarm table Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3 6 1 2 1 2 2 1 10 1 Manager 3 1 3 6 1 2 1 2 2 1 10 9 CLI Fi...

Page 343: ...he sample type is delta this value is the difference between the samples at the beginning and end of the period If the sample type is absolute this value is the sampled value at the end of the period Alarm Alarm index Owner The entity that configured this entry Interval The interval in seconds over which the data is sampled and compared with the rising and falling thresholds Sample Type The method...

Page 344: ...ult configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Startup Alarm The alarm that may be sent when this entry is first set If the first sample is greater than or equal to the rising threshold and startup alarm is equal to rising or rising and falling then a single rising alarm is generated If the first sample is less than or equal t...

Page 345: ...nfiguration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the RMON event table Console config rmon event 10 log Console show rmon events Index Description Type Community Owner Last time sent 1 Errors Log CLI Jan 18 2005 23 58 17 2 High Broadcast Log Trap router Manager Jan 1...

Page 346: ... the RMON logging table Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the case of trap an SNMP trap is sent to one or more management sta...

Page 347: ...log entries Maximum number of log table entries Range 20 32767 Default Configuration History table size is 270 Log table size is 100 Console show rmon log Maximum table size 500 Event Description Time 1 Errors Jan 18 2005 23 48 19 1 Errors Jan 18 2005 23 58 17 2 High Broadcast Jan 18 2005 23 59 48 Console show rmon log Maximum table size 500 800 after reset Event Description Time 1 Errors Jan 18 2...

Page 348: ...o m Command Mode Global Configuration mode User Guidelines The configured table size is effective after the device is rebooted Example The following example configures the maximum RMON history table sizes to 1000 entries Console config rmon table size history 1000 ...

Page 349: ...mand Mode Global Configuration mode User Guidelines Do not include spaces in the text string Example The following example displays setting up the system contact point as Dell_Technical_Support snmp server location The snmp server location global configuration command sets up information on where the device is located To remove the location string use the no form of this command Syntax snmp server...

Page 350: ...snmp server enable traps Default Configuration Traps are enabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example displays the command to enable SNMP traps snmp server trap authentication The snmp server trap authentication global configuration command enables the switch to send Simple Network Management ...

Page 351: ...B variable name name value List of name and value pairs In case of scalar MIBs there is only a single pair of name values In case of entry in a table the first pairs are the indexes followed by one or more fields Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Although the CLI can set any required configuration there might be a...

Page 352: ...at is being created or updated The name is used to reference the record Range 1 30 characters oid tree Specifies the object identifier of the ASN 1 subtree to be included or excluded from the view To identify the subtree specify a text string consisting of numbers such as 1 3 6 2 4 or a word such as system Replace a single subidentifier with the asterisk wildcard to specify a subtree family for ex...

Page 353: ...ates the SNMP Version 1 security model v2 Indicates the SNMP Version 2 security model v3 Indicates the SNMP Version 3 security model noauth Indicates no authentication of a packet Applicable only to the SNMP Version 3 security model auth Indicates authentication of a packet without encrypting it Applicable only to the SNMP Version 3 security model priv Indicates authentication of a packet with enc...

Page 354: ...ation is required while allowing only notification view for interfaces A group of the same name can be created for which priv authentication is required Read views can for example be configured for this group for mib2 and write views for interfaces In this case users in this group who send priv packets can modify all interfaces MIBs and view all mib2 Examples The following example attaches a group...

Page 355: ...d multiple times for the same filter record Later lines take precedence when an object identifier is included in two or more lines Examples The following example creates a filter that includes all objects in the MIB II system group except for sysServices System 7 and all objects for interface 1 in the MIB II interfaces group show snmp The show snmp privileged EXEC command displays the SNMP status ...

Page 356: ... 16 1 1 OOB private su DefaultSuper 172 17 1 1 Router Community String Group name IP address type public user group All Router OOB management stations Community String Community Access View name IP address type private read write user view 176 16 8 9 Router private oob read write user view 176 16 8 9 OOB Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type...

Page 357: ...Privileged EXEC mode OOB trap receivers Target Address Type Community Version UDP Port Filter Name To Sec Retries 176 16 8 9 Trap public 2 162 15 3x Version 3 notifications Target Address Type Username Security Level UDP Port Filter Name To Sec Retries 192 122 173 42 Inform Bob Priv 162 15 3 OOB trap receivers Target Address Type Username Security Level UDP Port Filter Name To Sec Retries 176 16 8...

Page 358: ...roupname groupname Specifies the name of the group Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of views Console show snmp views Name OID Tree Type user view 1 3 6 1 2 1 1 Included user view 1 3 6 1 2 1 1 7 Excluded u...

Page 359: ...lter Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command user group V3 priv Default managers group V3 priv Default Default managers group V3 priv OOB Default Console show snmp groups user group Name Security Views Model Level Context Read Write Notify user group V3 priv Default ...

Page 360: ...g that acts like a password and permits access to the SNMP protocol Range 1 20 characters ro Indicates read only access default rw Indicates read write access su Indicates SNMP administrator access ip address Specifies the IP address of the management station If no IP address is specified all management stations are permitted For information on specifying out of band IP addresses see the user guid...

Page 361: ... a view name read view and notify view always and for rw for write view also The group name parameter can also be used to restrict the access rights of a community string When it is specified An internal security name is generated The internal security name for SNMPv1 and SNMPv2 security models is mapped to the group name To define a management station on the out of band port use out of band IP ad...

Page 362: ...ge 1 158 characters community string Specifies a password like community string sent with the notification operation Range 1 20 traps Indicates that SNMP traps are sent to this host informs Indicates that SNMP informs are sent to this host Not applicable to SNMPv1 1 Indicates that SNMPv1 traps will be used 2 Indicates that SNMPv2 traps will be used port Specifies the UDP port of the host to use Ra...

Page 363: ...p server user global configuration command configures a new SNMP Version 3 user To delete a user use the no form of this command Syntax snmp server user username groupname remote engineid string auth md5 password auth sha password auth md5 key md5 des keys auth sha key sha des keys no snmp server user username remote engineid string username Specifies the name of the user on the host that connects...

Page 364: ... level The user should enter a concatenated hexadecimal string of the SHA key MSB and the privacy key LSB If authentication is only required 20 bytes should be entered if authentication and privacy are required 36 bytes should be entered Each byte in the hexadecimal character string is two hexadecimal digits Each byte can be separated by a period or colon 20 or 36 bytes Default Configuration No gr...

Page 365: ... Range 1 24 traps Indicates that SNMP traps are sent to this host informs Indicates that SNMP informs are sent to this host noauth Indicates no authentication of a packet auth Indicates authentication of a packet without encrypting it priv Indicates authentication of a packet with encryption port Specifies the UDP port of the host to use Range 1 65535 filtername Specifies a string that defines the...

Page 366: ...ation or inform depends on how the trap receiver has been configured Example The following example configures an SNMPv3 host show snmp engineID The show snmp engineID privileged EXEC command displays the ID of the local Simple Network Management Protocol SNMP engine Syntax show snmp engineID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guid...

Page 367: ...s no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of users Console show snmp users Name Group name Auth Method Remote John user group md5 John user group md5 08009009020C0B099C075879 Console show snmp users John Name Group name Auth Method Remote John user group md5 080...

Page 368: ...368 w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 369: ...de User Guidelines There are no user guidelines for this command Example The following example enables spanning tree functionality spanning tree mode The spanning tree mode global configuration command configures the spanning tree protocol To return to the default configuration use the no form of this command Syntax spanning tree mode stp rstp no spanning tree mode stp STP is supported rstp RSTP i...

Page 370: ...panning tree forward time seconds no spanning tree forward time seconds Time in seconds Range 4 30 Default Configuration The default forwarding time for IEEE Spanning tree Protocol STP is 15 seconds Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures spanning tree bridge forward time to 25 seconds spanning t...

Page 371: ...tree max age The spanning tree max age global configuration command configures the spanning tree bridge maximum age To reset the default maximum age use the no form of this command Syntax spanning tree max age seconds no spanning tree max age seconds Time in seconds Range 6 40 Default Configuration The default max age for IEEE STP is 20 seconds Command Modes Global Configuration mode User Guidelin...

Page 372: ... priority for IEEE STP is 32768 Command Modes Global Configuration mode User Guidelines The lower the priority the more likely the bridge is to be the Root Bridge Example The following example configures spanning tree priority to 12288 spanning tree disable The spanning tree disable interface configuration command disables spanning tree on a specific port To enable spanning tree on a port use the ...

Page 373: ...llows Port Channel 20 000 1000 mbps giga 20 000 100 mbps 200 000 10 mbps 2 000 000 Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the spanning tree cost on g5 to 35000 spanning tree port priority The spanning tree port priority interface configuration command configures port pri...

Page 374: ...ng tree portfast interface configuration command enables PortFast mode In PortFast mode the interface is immediately put into the forwarding state upon linkup without waiting for the timer to expire To disable PortFast mode use the no form of this command Syntax spanning tree portfast no spanning tree portfast Default Configuration PortFast mode is disabled Command Modes Interface Configuration Et...

Page 375: ...duplex mode A full duplex port is considered a point to point link and a half duplex port is considered a shared link Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example enables shared spanning tree on g5 spanning tree bpdu The spanning tree bpdu global configuration command defines BPDU handli...

Page 376: ...restarts the protocol migration process force the renegotiation with neighboring switches on all interfaces or on the specified interface Syntax clear spanning tree detected protocols ethernet interface number port channel port channel number interface A valid Ethernet port port channel number A port channel index Default Configuration If no interface is specified the action is applied to all inte...

Page 377: ... show spanning tree mst configuration detail Displays detailed information active Displays active ports only blockedports Displays blocked ports only mst configuration Displays the MST configuration interface number A valid Ethernet port number port channel number A valid port channel index instance id ID of the spanning tree instance Range 0 15 Default Configuration This command has no default co...

Page 378: ...dress 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 g1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type g1 Enabled 128 1 20000 FWD Root No P2p RSTP g2 Enabled 128 2 20000 FWD Desg No Shared STP g3 Disabled 128 3 20000 g4 Enabled 128 ...

Page 379: ...aces Name State Prio Nbr Cost Sts Role PortFast Type g1 Enabled 128 1 20000 FWD Desg No P2p RSTP g2 Enabled 128 2 20000 FWD Desg No Shared STP g3 Disabled 128 3 20000 g4 Enabled 128 4 20000 FWD Desg No Shared STP g5 Enabled 128 5 20000 DIS Console show spanning tree Spanning tree disabled BPDU filtering mode RSTP Default port cost method long Root ID Priority N A Address N A Path Cost N A Root Por...

Page 380: ...nabled 128 1 20000 g2 Enabled 128 2 20000 g3 Disabled 128 3 20000 g4 Enabled 128 4 20000 g5 Enabled 128 5 20000 Console show spanning tree active Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 g1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Ti...

Page 381: ...ow spanning tree blocked ports Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 g1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type g4 Enabled ...

Page 382: ...ddress 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 2 last change occurred 2d18h ago Times hold 1 topology change 35 notification 2 hello 2 max age 20 forward delay 15 Port 1 g1 enabled State Forwarding Role Root Port id 128 1 Port cost 20000 Type P2p configured auto RSTP Port Fast No configured no Designated bridge Priority 32768 Address 00 01 ...

Page 383: ...8 3 Port cost 20000 Type N A configured auto Port Fast N A configured no Designated bridge Priority N A Address N A Designated port id N A Designated path cost N A Number of transitions to forwarding state N A BPDU sent N A received N A Port 4 g4 enabled State Blocking Role Alternate Port id 128 4 Port cost 20000 Type Shared configured auto STP Port Fast No configured no Designated bridge Priority...

Page 384: ...t N A received N A Console show spanning tree ethernet g1 Port 1 g1 enabled State Forwarding Role Root Port id 128 1 Port cost 20000 Type P2p configured auto RSTP Port Fast No configured no Designated bridge Priority 32768 Address 00 01 42 97 e0 00 Designated port id 128 25 Designated path cost 0 Number of transitions to forwarding state 1 BPDU sent 2 received 120638 Console show spanning tree mst...

Page 385: ...o Time 2 sec Max Age 20 sec Forward Delay 15 sec IST Master ID Priority 32768 Address 00 02 4b 29 7a 00 This switch is the IST master Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 Interfaces Name State Prio Nbr Cost Sts Role PortFast Type g1 Enabled 128 1 20000 FWD Root No P2p Bound RSTP g2 Enabled 128 2 20000 FWD Desg No Shared Bound STP g3 Enabled 128 3 20000 FWD Desg No P2p g...

Page 386: ... 7a 00 Interfaces Name State Prio Nbr Cost Sts Role PortFast Type g1 Enabled 128 1 20000 FWD Boun No P2p Bound RSTP g2 Enabled 128 2 20000 FWD Boun No Shared Bound STP g3 Enabled 128 3 20000 BLK Altn No P2p g4 Enabled 128 4 20000 FWD Desg No P2p Console show spanning tree detail Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 21 4094 CST Root ID Priority 32768 ...

Page 387: ...ing Role Root Port id 128 1 Port cost 20000 Type P2p configured auto Boundary RSTP Port Fast No configured no Designated bridge Priority 32768 Address 00 01 42 97 e0 00 Designated port id 128 25 Designated path cost 0 Number of transitions to forwarding state 1 BPDU sent 2 received 120638 Port 2 g2 enabled State Forwarding Role Designated Port id 128 2 Port cost 20000 Type Shared configured auto B...

Page 388: ...U sent 2 received 170638 Port 4 g4 enabled State Forwarding Role Designated Port id 128 4 Port cost 20000 Type Shared configured auto Internal Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 MST 1 Vlans Mapped 10 20 Root ID Priority 24576...

Page 389: ...enabled State Forwarding Role Designated Port id 128 2 Port cost 20000 Type Shared configured auto Boundary STP Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Port 3 g3 disabled State Blocking Role Alternate Port id 128 3 Port cost 20000...

Page 390: ...d 128 2 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 21 4094 CST Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 g1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec IST Master ID Priority 32768 Address...

Page 391: ...ort Specifies 1 through 65 535 range for port path costs Default Configuration If the pathcost method is short the default configuration is Ethernet 10 Mbps 100 Fast Ethernet 100 Mbps 19 Gigabit Ethernet 1000 Mbps 4 Port Channel 4 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Map...

Page 392: ...in the range of 1 through 200 000 000 Examples The following example specifies the long pathcost method spanning tree mst priority The spanning tree mst priority global configuration command configures the device priority for the specified spanning tree instance To return to the default setting use the no form of this command Syntax spanning tree mst instance id priority priority no spanning tree ...

Page 393: ...op count no spanning tree mst max hops hop count Number of hops in an MST region before the BDPU is discarded Range 1 40 Default Configuration The default number of hops is 20 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the maximum number of hops that a packet travels in an MST region before it is dis...

Page 394: ...e mst cost interface configuration command configures the path cost for multiple spanning tree MST calculations If a loop occurs the spanning tree considers path cost when selecting an interface to put in the forwarding state To return to the default port path cost use the no form of this command Syntax spanning tree mst instance id cost cost no spanning tree mst instance id cost instance ID ID of...

Page 395: ...he MSTP instance 1 path cost for interface g9 to 4 spanning tree mst configuration The spanning tree mst configuration global configuration command enables configuring an MST region by entering the multiple spanning tree MST mode Syntax spanning tree mst configuration Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines All devices ...

Page 396: ...on mode User Guidelines All VLANs that are not explicitly mapped to an MST instance are mapped to the common and internal spanning tree CIST instance instance 0 and cannot be unmapped from the CIST For two or more devices to be in the same MST region they must have the same VLAN mapping the same configuration revision number and the same name Example The following example maps VLANs 10 20 to MST i...

Page 397: ...nfiguration name to region1 revision mst The revision MST configuration command defines the configuration revision number To return to the default setting use the no form of this command Syntax revision value no revision value Configuration revision number Range 0 65535 Default Configuration Revision number is 0 Command Mode MST Configuration mode User Guidelines There are no user guidelines for t...

Page 398: ...ending Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example displays a pending MST region configuration Console config spanning tree mst configuration Console config mst revision 1 Device config mst show pending Pending MST configuration Name Region1 Revision 1...

Page 399: ... guidelines for this command Example The following example shows how to exit the MST configuration mode and save changes abort mst The abort MST configuration command exits the MST configuration mode without applying the configuration changes Syntax abort Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines...

Page 400: ...mands w w w d e l l c o m s u p p o r t d e l l c o m Example The following example shows how to exit the MST configuration mode without saving changes Console config spanning tree mst configuration Console config mst abort ...

Page 401: ...t value is 22 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the port to be used by the SSH server as 8080 ip ssh server The ip ssh server global configuration command enables the device to be configured from a SSH server To disable this function use the no form of this command Syntax ip ssh server no ip ...

Page 402: ...1 64 of PowerConnect 6024 6024F to the current version you may need to create a new certificate DSA keys are generated in pairs one public DSA key and one private DSA key If the device already has DSA keys a warning and prompt to replace the existing keys with new keys is displayed The maximum supported size for the DSA key is 1 024 This command is not saved in the startup configuration however th...

Page 403: ...s generated by this command are saved in the running configuration which is never displayed to the user or backed up to another device This command may take a considerable period of time to execute Example The following example generates RSA key pairs ip ssh pubkey auth The ip ssh pubkey auth global configuration command enables public key authentication for incoming SSH sessions To disable this f...

Page 404: ...ode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enters the SSH Public Key chain configuration mode user key The user key SSH public key chain configuration command specifies which SSH public key is manually configured and enters the SSH public key string configuration command To remove a SSH public key use the no form of thi...

Page 405: ... key use the key string key configuration command To remove the authentication string use the no form of this command Syntax key string text no key string text Authentication string that must be sent and received in the packets using the routing protocol being authenticated The string can contain 1 to 16 characters Default Configuration By default the key string is empty Command Mode Key configura...

Page 406: ...er guidelines for this command Console config crypto key pubkey chain ssh Console config pubkey chain user key bob rsa Console config pubkey key key string rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQWu08licglk02LYciz Z4TrEU 9FJxwPiVQOjc KBXuR0...

Page 407: ...SA key Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Console show ip ssh SSH server enabled Port 22 RSA key was generated DSA DSS key was generated SSH Public Key Authentication is enabled Active incoming sessions IP address SSH username Version Cipher Auth Code 172 16 0 1 John Brown 2 0 3 DES HMAC SH1 Field Description IP address Client address ...

Page 408: ...bble Fingerprints in Bubble Babble format hex Fingerprint in Hex format If fingerprint is unspecified it defaults to Hex format Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console show crypto key mypubkey rsa RSA key data 005C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C5E23B...

Page 409: ...pubkey chain ssh Username Fingerprint bob 9A CC 01 C5 78 39 27 86 79 CC 23 C5 98 59 F1 86 john 98 F7 6E 28 F2 79 87 C8 18 F8 88 CC F8 89 87 C8 Console show crypto key pubkey chain ssh username bob Username bob Key 005C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C5E23B 55D6AB22 04AEF1BA A54028A6 9ACC01C5 129D99E4 Fingerprint 9A CC 01 C5 78 39 27 86 79 CC 23 C5 98 59 F1 86 ...

Page 410: ...410 SSH Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 411: ...ng on and off for these destinations can be individually configured using the logging buffered logging file and logging global configuration commands However if the logging on command is disabled no messages are sent to these destinations Only the console receives messages Example The following example shows how logging is enabled logging The logging global configuration command logs messages to a...

Page 412: ...syslog servers can be used If no specific severity level is specified the global values apply to each server To define a logging server on the out of band port use the out of band IP address format oob ip address Example The following example configures messages with a critical severity level so that they are logged to a syslog server with an IP address 10 1 1 1 logging console The logging console...

Page 413: ...ritical errors warnings notifications informational debugging Default Configuration The default level is informational Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the commands displayed to the user Example The following example limits syslog messages displayed from an internal buffer based on the severity leve...

Page 414: ...is command Example The following example changes the number of syslog messages stored in the internal buffer to 300 clear logging The clear logging privileged EXEC command clears messages from the internal logging buffer Syntax clear logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this comman...

Page 415: ... Default Configuration The default severity level is errors Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits syslog messages sent to the logging file based on the severity level alerts clear logging file The clear logging file privileged EXEC command clears messages from the logging file Syntax clear logging f...

Page 416: ...lated events Default Configuration Logging AAA login events is enabled Command Mode Global Configuration mode User Guidelines Other types of AAA events are not subject to this command Example The following example enables logging messages related to AAA login events file system logging The file system logging global configuration command enables logging file system events To disable logging file s...

Page 417: ...events To disable logging management access list events use the no form of this command Syntax management logging deny no management logging deny deny Indicates logging messages related to deny actions of management ACLs Default Configuration Logging management ACL events is enabled Command Mode Global Configuration mode User Guidelines Other types of management ACL events are not subject to this ...

Page 418: ... The following example displays the state of logging and the syslog messages stored in the internal buffer Console show logging Logging is enabled Console logging level debugging Console Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messages 6 D...

Page 419: ...te to up 11 Aug 2005 15 41 43 LINK 3 UPDOWN Interface Ethernet g3 changed state to up 11 Aug 2005 15 41 43 SYS 5 CONFIG_I Configured from memory by console 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface FastEthernet g1 changed state to up 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet g1 changed state to down 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN ...

Page 420: ...ample The following example displays the state of logging and the syslog messages stored in the logging file Console show logging file Logging is enabled Console logging level debugging Console Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messa...

Page 421: ...e to up 11 Aug 2005 15 41 43 LINK 3 UPDOWN Interface Ethernet g3 changed state to up 11 Aug 2005 15 41 43 SYS 5 CONFIG_I Configured from memory by console 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface FastEthernet g1 changed state to up 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet g1 changed state to down 11 Aug 2005 15 41 39 LINEPROTO 5 UPDOWN L...

Page 422: ...syslog servers Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the syslog server settings Console show syslog servers IP address Port Severity Facility Description 192 180 2 275 14 Informational local 7 192 180 2 285 14 Warning local 7 ...

Page 423: ...t Timeout in milliseconds to wait for each reply from 1 to 65 535 milliseconds Default Configuration The default packet size is 56 bytes The default packet count is 4 packets The default time out is 1 000 milliseconds Command Mode User EXEC mode User Guidelines Press Ctrl C to stop pinging Following are sample results of the ping command Destination does not respond If the host does not respond a ...

Page 424: ...icmp_seq 0 time 11 ms 64 bytes from 10 1 1 1 icmp_seq 1 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 2 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 3 time 7 ms C 10 1 1 1 PING Statistics 4 packets transmitted 4 packets received 0 packet loss round trip ms min avg max 7 8 11 Console Console ping oob 176 16 1 1 64 bytes from oob 176 16 1 1 icmp_seq 0 time 5 ms 64 bytes from oob 176 16 1 1 icmp_seq 1 time ...

Page 425: ...y year hh mm ss Current time in hours military format minutes and seconds 0 23 mm 0 59 ss 0 59 day Current day by date in the month 1 31 month Current month using the first three letters by name Jan Dec year Current year 1998 2097 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example T...

Page 426: ...e Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the device host name asset tag The asset tag global configuration command specifies the device asset tag To remove the existing asset tag use the no form of the command Syntax asset tag tag no asset tag tag The device asset tag Default Configuration This command has no ...

Page 427: ...mand Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active users show clock The show clock user EXEC command displays the time and date from the system clock Syntax show clock Default Configuration This command has no default configuration Console config asset tag 1qwepot Console show users Username Pro...

Page 428: ...ample The following example displays the time and date from the system clock show system The show system user EXEC command displays system information Syntax show system Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Console show clock 15 29 03 Jun 17 2005 ...

Page 429: ...me days hour min sec 0 00 00 17 System Contact System Name System Location System MAC Address 00 00 b0 00 00 00 Sys Object ID 1 3 6 1 4 1 674 10895 3006 Type PowerConnect 3424 FAN Status Fan 1 OK Fan 2 OK Power supply Source Status PowerSupply 1 Internal redundant OK PowerSupply 2 Internal redundant OK Sensor Temperature Celsius Status 1 38 ok 2 36 ok ...

Page 430: ...s command Example The following example displays a system version this version number is only for demonstration purposes show system id The show system id user EXEC command displays the ID information Syntax show system id Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines The tag information is on a device by device basis Console show versi...

Page 431: ...argest TTL value that can be used The traceroute user EXEC command terminates when the destination is reached or when this value is reached Range 1 255 packet_count The number of probes to be sent at each TTL level Range 1 10 time_out The number of seconds to wait for a response to a probe packet Range 1 60 ip address One of the interface addresses of the device to use as a source address for the ...

Page 432: ...aceroute user EXEC command sends out one probe at a time Each outgoing packet may result in one or two error messages A time exceeded error message indicates that an intermediate router has seen and discarded the probe A destination unreachable error message indicates that the destination router has received the probe and discarded it because it could not deliver the packet If the timer goes off b...

Page 433: ...V POS calren2 net 198 32 249 162 1 msec 1 msec 1 msec 5 kscyng snvang abilene ucaid edu 198 32 8 103 33 msec 35 msec 35 msec 6 iplsng kscyng abilene ucaid edu 198 32 8 80 47 msec 45 msec 45 msec 7 so 0 2 0x1 aa1 mich net 192 122 183 9 56 msec 53 msec 54 msec 8 atm1 0x24 michnet8 mich net 198 108 23 82 56 msec 56 msec 57 msec 9 10 A ARB3 LSA NG c SEB umnet umich edu 141 211 5 22 58 msec 58 msec 58 ...

Page 434: ...delines keyword One or more keywords from the keywords table in the user guidelines Default Configuration port Telnet port decimal 23 on the host Command Mode User EXEC mode User Guidelines Telnet software supports special Telnet commands in the form of Telnet sequences that map generic terminal control functions to operating system specific functions To issue a special Telnet command press Esc an...

Page 435: ...can be opened and switched To open a subsequent session the current connection has to be suspended by pressing the escape sequence Ctrl Shift 6 and x to return to the system command prompt Then open a new connection using the telnet command To log into a host on the out of band port use the out of band format oob ip address Escape Sequence Purpose Ctrl Shift 6 b Break Ctrl Shift 6 c Interrupt Proc...

Page 436: ...s running UNIX to UNIX Copy Program UUCP and other non Telnet protocols Ctrl shift 6 x Returns to the system command prompt Keyword Description Port Number bgp Border Gateway Protocol 179 chargen Character generator 19 cmd Remote commands 514 daytime Daytime 13 discard Discard 9 domain Domain Name Service 53 echo Echo 7 exec Exec 512 finger Finger 79 ftp File Transfer Protocol 21 ftp data FTP data...

Page 437: ... recent Telnet connection Command Mode User EXEC mode User Guidelines There are no user guidelines for this command pim auto rp PIM Auto RP 496 pop2 Post Office Protocol v2 109 pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunrpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control System 49 talk Talk 517 telnet Telnet 23 time Time 37 uucp Unix to Uni...

Page 438: ...438 System Management w w w d e l l c o m s u p p o r t d e l l c o m Examples The following command switches to another open Telnet session number 1 console resume 1 ...

Page 439: ...out The timeout value in seconds If no timeout value is specified the global value is used Range 1 30 key string The authentication and encryption key for all TACACS communications between the device and the TACACS server This key must match the encryption used on the TACACS daemon If no key value is specified the global value is used Type to specify an empty string Range 0 128 source The source I...

Page 440: ...x tacacs server key key string no tacacs server key key string The authentication and encryption key for all TACACS communications between the router and the TACACS server This key must match the encryption used on the TACACS daemon Range 0 128 Default Configuration The default is an empty string Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command E...

Page 441: ...er timeout The tacacs server timeout global configuration command sets the interval during which a router waits for a server host to reply To restore the default use the no form of this command Syntax tacacs server timeout timeout no tacacs server timeout timeout The timeout value in seconds Range 1 30 Default Configuration The default value is 5 seconds Command Mode Global Configuration mode User...

Page 442: ...iguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays TACACS server settings Console show tacacs IP address Status Port Single Connection TimeOut Source IP Priority 172 16 1 1 Connected 49 No Global Global 1 OOB TACACS servers IP address Status Port Single Connectio...

Page 443: ...TACACS Commands 443 Global values TimeOut 3 Source IP 172 16 8 1 OOB Source IP 172 16 8 1 ...

Page 444: ...444 TACACS Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 445: ... 15 Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how to enter privileged mode disable The disable privileged EXEC command returns to User EXEC mode Syntax disable privilege level privilege level Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 1 Command Mode Privilege...

Page 446: ...name Syntax login Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how to enter privileged EXEC mode and login exit configuration The exit command exits any configuration mode to the next highest mode in the CLI mode hierarchy Syntax exit Console disable Cons...

Page 447: ...xit user EXEC command closes an active terminal session by logging off the device Syntax exit Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session end The end global configuration command ends the current configuration session ...

Page 448: ...d returns to the previous command mode help The help command displays a brief description of the help system Syntax help Default Configuration This command has no default configuration Command Mode All Command modes User Guidelines There are no user guidelines for this command history The history line configuration command enables the command history function for a particular line To disable the c...

Page 449: ...es the command history buffer size for a particular line To reset the command history buffer size to the default use the no form of this command Syntax history size number of commands no history size number of commands Number of commands that the system records in its history buffer Range 10 216 Default Configuration The default history buffer size is 10 Command Mode Line Configuration mode User G...

Page 450: ...o default configuration Command Mode Privilege EXEC command mode User Guidelines There are no user guidelines for this command Example The following example enables the debug command interface show history The show history user EXEC command lists the commands entered in the current session Syntax show history Default Configuration This command has no default configuration Command Mode User EXEC co...

Page 451: ...ileged EXEC mode show privilege The show privilege user EXEC command displays the current privilege level Syntax show privilege Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines There are no user guidelines for this command Example The following example displays the current privilege level Console show history Console show version C...

Page 452: ...452 User Interface w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 453: ...he following example enters the VLAN database mode vlan Use the vlan interface configuration VLAN command to create a VLAN To delete a VLAN use the no form of this command Syntax vlan vlan range no vlan vlan range vlan range A list of valid VLAN IDs to be added List separate non consecutive VLAN IDs separated by commas without spaces use a hyphen to designate a range of IDs Range 2 4063 Default Co...

Page 454: ...ynamic VLANs Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the VLAN 1 IP address of 131 108 1 27 and subnet mask 255 255 255 0 interface range vlan The interface range vlan global configuration command enters the interface configuration mod...

Page 455: ...he command returns an error on one of the interfaces an error message is displayed and execution continues on other interfaces Example The following example groups VLAN 221 till 228 and VLAN 889 to receive the same command name The name interface configuration command adds a name to a VLAN To remove the VLAN name use the no form of this command Syntax name string no name string Unique name up to 3...

Page 456: ...ort belongs to 1 4063 VLANs and each VLAN is explicitly set by the user as tagged or untagged full 802 1Q mode Default Configuration All port are in access mode and belong to the default VLAN whose VID 1 Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures g8 as an untagged layer 2 VLA...

Page 457: ...runk allowed vlan interface configuration command adds or removes VLANs from a trunk port Syntax switchport trunk allowed vlan add vlan list remove vlan list add vlan list List of VLAN IDs to add Separate non consecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs remove vlan list List of VLAN IDs to remove Separate non consecutive VLAN IDs with a comma and no spaces A h...

Page 458: ...r Guidelines This command has the following consequences incoming untagged frames are assigned to this VLAN and outgoing traffic in this VLAN on this port is sent untagged despite the normal situation where traffic sent from a trunk mode port is all tagged The command adds the port as a member in the VLAN If the port is already a member in the VLAN not as a native it should be first removed from t...

Page 459: ...transmit untagged packets for the VLANs Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example shows how to add VLANs 2 5 and 6 to the allowed list switchport general pvid The switchport general pvid interface configuration command con...

Page 460: ...ress filtering disable no switchport general ingress filtering disable Default Configuration Ingress filtering is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example shows how to enables port ingress filtering on g8 switchport general acceptable frame type tagged only The switchport gene...

Page 461: ...VLANs active on the selected ports To revert to allowing the addition of specific VLANs to the port use the remove parameter for this command Syntax switchport forbidden vlan add vlan list remove vlan list add vlan list List of VLAN IDs to add to the forbidden list Separate non consecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs remove vlan list List of VLAN IDs to r...

Page 462: ...chport protected is disabled Command Mode Interface Configuration Ethernet port channel User Guidelines Private VLAN Edge PVE supports private communication by isolating PVE defined ports and ensuring that all Unicast Broadcast and Multicast traffic from those ports is only forwarded to uplink port s PVE requires only one VLAN on each device but not on every port this reduces the number of VLANs r...

Page 463: ... the default is ethernet group Group number of group of protocols associated together Range 1 2147483647 Default Configuration This command has no default configuration Command Mode VLAN Database mode User Guidelines The following protocol names are reserved ip arp ipx Example The following example maps protocol ip arp to the group named 213 switchport general map protocols group vlan The switchpo...

Page 464: ... following example sets a protocol based classification rule of protocol group 1 to VLAN 8 show vlan The show vlan privileged EXEC command displays VLAN information Syntax show vlan tag vlan id name vlan name vlan id A valid VLAN ID vlan name A valid VLAN name string Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guideli...

Page 465: ...sed internally by the switch Syntax show vlan internal usage Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Console show vlan Vlan Name Ports Type 1 1 g 1 22 ch 1 7 other 2 2 g 1 4 permanent 3 3 g 2 3 5 8 9 permanent ...

Page 466: ...ps Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays protocols groups information Console show vlan internal usage VLAN Usage 1008 Eth g21 1009 Eth g22 Console show vlan protocols groups Encapsulation Protocol Group Id ethernet 08 00 213 ethernet 08 0...

Page 467: ...onfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays switchport configuration individually for g1 Console show interface switchport ethernet g8 Port g8 Port Mode General Gvrp Status disabled Ingress Filtering true Acceptable Frame Type admitAll Ingress Untagged V...

Page 468: ...468 VLAN Commands w w w d e l l c o m s u p p o r t d e l l c o m Forbidden VLANS Vlan Name 4 vlan4 Classification rules Group ID Vlan ID ...

Page 469: ... is required Default Configuration No Virtual Router is defined Command Mode Interface configuration Ethernet VLAN port channel User Guidelines This command cannot be used with a range of ports Example The following example defines VRRP with the IP address 172 16 1 1 and 172 16 2 1 for port g8 vrrp up The vrrp up interface configuration command activates Virtual Router Redundancy Protocol VRRP on ...

Page 470: ...ertisements messages To restore the timer to its default value use the no form of this command Syntax vrrp virtual router timer seconds no vrrp virtual router timer virtual router Virtual router number Range 1 255 seconds The time interval in seconds between sending advertisements messages Range 1 255 Default Configuration The default time interval between sending advertisements messages is 1 seco...

Page 471: ...Virtual router number Range 1 255 priority The priority used for the virtual router master election process Higher values imply higher priority Range 1 255 Default Configuration The default VRRP priority values are as follows Non owner 100 Owner 255 Command Mode Interface configuration Ethernet VLAN port channel User Guidelines This command cannot be used with a range of ports The owner priority c...

Page 472: ...ess Command Mode Interface configuration Ethernet VLAN port channel User Guidelines This command cannot be used with a range of ports Example The following example defines the source IP address 168 192 1 1 for VRRP messages on g8 vrrp authentication The vrrp authentication interface configuration command enables authentication for the Virtual Router Redundancy Protocol VRRP on an interface To disa...

Page 473: ...outer preempt virtual router Virtual router number Range 1 255 Default Configuration VRRP preemption is enabled Command Mode Interface configuration Ethernet VLAN port channel User Guidelines An exception is that the router that owns the IP address es associated with the virtual router always preempts independent of the setting of this command Example The following example enables VRRP preemption ...

Page 474: ...owing table describes the significant fields shown in the display Console show vrrp configuration Interface VRID Address Priority Timer Auth Preempt Source ip State g1 10 1 1 1 99 100 1 No Yes 0 0 0 0 down Field Description Interface Interface type and number VRID Virtual Router Identifier Address Virtual Router associated address Priority Priority used for the virtual router master election Timer...

Page 475: ...XEC mode User Guidelines There are no user guidelines for this command Example The following example configures authentication login The following table describes the significant fields shown in the display Console show vrrp status Interface VRID Address State Master MAC address g1 10 1 1 1 99 initialize 0 0 0 0 00 00 5e 00 01 0a Field Description Interface Interface type and number VRID Virtual R...

Page 476: ...476 VRRP Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 477: ...al Configuration mode User Guidelines There are no user guidelines for this command However specifying 0 as the port number will effectively disable HTTP access to the device Example The following example shows how the http port number is configured to 100 ip http server The ip http server global configuration command enables the device to be configured from a browser To disable this function use ...

Page 478: ...ps port port number Port number for use by the HTTP server Range 0 65535 Default Configuration This default port number is 443 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the https port number to 100 ip https server The ip https server global configuration command enables the device to be configured f...

Page 479: ...L RSA key length Specifies the SSL RSA key length Range 512 2048 string Specifies the passphrase used to export the certificate in PKCS12 file format If unspecified the certificate cannot be exported Range 8 96 characters common name Specifies the fully qualified URL or IP address of the device Range 1 64 organization unit Specifies the organizational unit or department name Range 1 64 organizatio...

Page 480: ... privileged EXEC command generates and displays a certificate request for HTTPS Syntax crypto certificate number request cn common name ou organization unit or organization loc location st state cu country number Specifies the certificate number Range 2 characters common name Specifies the fully qualified URL or IP address of the device Range 1 64 organization unit Specifies the organizational uni...

Page 481: ...eplaces the self signed certificate Examples The following example generates and displays a certificate request for HTTPS Console crypto certificate 1 request BEGIN CERTIFICATE REQUEST MIwTCCASoCAQAwYjELMAkGA1UEBhMCUFAxCzAJBgNVBAgTAkNDMQswCQYDVQQH EwRDEMMAoGA1UEChMDZGxkMQwwCgYDVQQLEwNkbGQxCzAJBgNVBAMTAmxkMRAw DgKoZIhvcNAQkBFgFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ecwQ HdML0831i0fh F0MV Kib6Sz5p...

Page 482: ...uration mode User Guidelines Use this command to enter an external certificate signed by the Certification Authority to the device To end the session enter a blank line The imported certificate must be based on a certificate request created by the crypto certificate request privileged EXEC command If the public key found in the certificate does not match the device s SSL RSA key the command fails ...

Page 483: ...nd Mode Global Configuration mode Console config crypto certificate 1 import BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgclsZGFw...

Page 484: ...yntax show ip http Default Configuration This command has no default configuration Command Mode Privileged EXEC command User Guidelines There are no user guidelines for this command Example The following example displays the HTTP server configuration show ip https The show ip http privileged EXEC command displays the HTTPS server configuration Syntax show ip https Default Configuration This comman...

Page 485: ...erver enabled Port 443 Certificate 1 is active Issued by www verisign com Valid from 8 9 2005 to 8 9 2005 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 2005 to 8 9 2005 Subject CN router gm com 0 General Motors C US Finger print 1873B936 88DC3411 BC8932EF 782134BA ...

Page 486: ...486 Web Server w w w d e l l c o m s u p p o r t d e l l c o m ...

Page 487: ...r Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Examples The following example uses the aaa authentication dot1x default command with no authentication dot1x system auth control The dot1x syst...

Page 488: ...ses the port to transition to the authorized or unauthorized state based on the 802 1x authentication exchange between the device and the client force authorized Disables 802 1x authentication on the interface and causes the port to transition to the authorized state without any authentication exchange required The port resends and receives normal traffic without 802 1x based authentication of the...

Page 489: ...ng use the no form of this command Syntax dot1x re authentication no dot1x re authentication Default Configuration Periodic re authentication is disabled Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Examples The following example enables periodic re authentication of the client dot1x timeout re authperiod The dot1x timeout re auth...

Page 490: ...entication attempts to 300 dot1x re authenticate The dot1x re authenticate privileged EXEC mode command enables manually initiating a re authentication of all 802 1x enabled ports or the specified 802 1x enabled port dot1x re authenticate ethernet interface interface Valid Ethernet port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guideline...

Page 491: ...e device does not accept or initiate any authentication requests The default value of this command should only be changed to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients authentication servers To provide a faster response time to the user a smaller number than the default should be entered Examples The following example sets the num...

Page 492: ...ication servers Examples The following command sets the number of seconds that the device waits for a response to an EAP request identity frame to 3600 seconds dot1x max req The dot1x max req interface configuration command sets the maximum number of times that the device sends an Extensible Authentication Protocol EAP request frame assuming that no response is received to the client before restar...

Page 493: ...ing an Extensible Authentication Protocol EAP request frame to the client To return to the default setting use the no form of this command Syntax dot1x timeout supp timeout seconds no dot1x timeout supp timeout seconds Time in seconds that the device should wait for a response to an EAP request frame from the client before resending the request Range 1 65535 Default Configuration The period of tim...

Page 494: ...1x timeout server timeout seconds Time in seconds that the device waits for a response from the authentication server Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Examples The following example sets the time for the retransmission of packets to the authent...

Page 495: ... 802 1x is enabled Port Admin Mode Oper Mode Reauth Control Reauth Period Username g1 Auto Authorized Ena 3600 Bob g2 Auto Authorized Ena 3600 John g3 Auto Unauthorized Ena 3600 Clark g4 Force Auth Authorized Dis 3600 n a g5 Force Auth Unauthorized Dis 3600 n a Port is down or not present Console show dot1x ethernet g3 802 1x is enabled Port Admin Mode Oper Mode Reauth Control Reauth Period Userna...

Page 496: ...per mode The port oper mode Possible values are Authorized Unauthorized or Down Reauth Control Reauthentication control Reauth Period Reauthentication period Username The username representing the identity of the Supplicant This field shows the username in case the port control is auto If the port is Authorized it shows the username of the current user If the port is unauthorized it shows the last...

Page 497: ...ime in seconds the device waits for a response to an EAP request frame from the client before resending the request Server timeout Time in seconds the device waits for a response from the authentication server before resending the request Session Time How long the user is logged in MAC address The supplicant MAC address Authentication Method The authentication method used to establish the session ...

Page 498: ...n This command has no default configuration Command Mode Privileged EXEC mode Console show dot1x users Port Username Session Time Auth Method MAC Address g1 Bob 1d 03 08 58 Remote 0008 3b79 8787 g2 John 08 19 17 Remote 0008 3b89 3127 Console show dot1x users username Bob Port Username Session Time Auth Method MAC Address g1 Bob 1d 03 08 58 Remote 0008 3b79 8787 Field Description Port The interface...

Page 499: ...ameVersion 1 LastEapolFrameSource 00 08 78 32 98 78 Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator EapolLogoffFramesRx The n...

Page 500: ... the unauthorized state Examples The following example enables unauthorized users access to the VLAN EapolReqIdFramesTx The number of EAP Req Id frames that have been transmitted by this Authenticator EapolReqFramesTx The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator InvalidEapolFramesRx The number of EAPOL frames that have been received by t...

Page 501: ...re denied access to the network If a port joins a port channel its state is multiple hosts as long as the port is a member of the port channel For unauthenticated VLANs multiple hosts are always enabled Examples The following command allows multiple hosts clients on an 802 1x authorized port dot1x single host violation The dot1x single host violation interface configuration command configures the ...

Page 502: ... relevant when Multiple Hosts is disabled and the user has been successfully authenticated Examples The following example uses forward action to forward frames with source addresses that are not the supplicant address show dot1x advanced The show dot1x advanced privileged EXEC command displays 802 1x advanced features for the device or for the specified interface Syntax show dot1x advanced etherne...

Page 503: ...nsole show dot1x advanced Unauthenticated VLANs 91 92 Port Multiple Hosts g1 Disabled g2 Enabled Console show dot1x advanced ethernet g1 Port Multiple Hosts g1 Disabled Single host parameters Violation action Discard Trap Enabled Trap frequency 100 Status Single host locked Violations since last trap 9 ...

Page 504: ...504 802 1x Commands w w w d e l l c o m s u p p o r t d e l l c o m ...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands