Dell PowerConnect 7000 Series Reference Manual Download Page 353

Page: 353 / 1730

DHCP Snooping Commands

353

DHCP Snooping Commands

DHCP Snooping is a security feature that monitors DHCP messages between

DHCP clients and DHCP server to filter harmful DHCP messages and build

a bindings database of {MAC address, IP address, VLAN ID, interface} tuples

that are considered authorized.
The DHCP snooping application processes incoming DHCP messages. For

DHCPRELEASE and DHCPDECLINE messages, the application compares

the receive interface and VLAN with the client's interface and VLAN in the

bindings database. If the interfaces do not match, the application logs the

event and drops the message. For valid client messages, DHCP snooping

compares the source MAC address to the DHCP client hardware address.

When there is a mismatch, DHCP snooping logs and drops the packet.

DHCP Snooping forwards valid client messages on trusted members within

the VLAN. If DHCP Relay and/or DHCP Server coexist with DHCP

Snooping, the DHCP client message is sent to the DHCP Relay or/and

DHCP Server for further processing.
The DHCP Snooping application uses DHCP messages to build and

maintain the binding's database. The binding's database only includes data

for clients on untrusted ports. DHCP Snooping creates a tentative binding

from DHCP DISCOVER and REQUEST messages. Tentative bindings tie a

client to a port (the port where the DHCP client message was received).

Tentative bindings are completed when DHCP Snooping learns the client's IP

address from a DHCP ACK message on a trusted port. DHCP Snooping

removes bindings in response to DECLINE, RELEASE, and NACK messages.

The DHCP Snooping application ignores the ACK messages as a reply to the

DHCP Inform messages received on trusted ports. The network administrator

can enter static bindings into the binding database.
IP Source Guard and Dynamic ARP Inspection use the DHCP Snooping

bindings database for the validation of IP and ARP packets.

Commands in this Chapter

This chapter explains the following commands:

2CSPC4.XCT-SWUM2XX1.book Page 353 Monday, October 3, 2011 11:05 AM

Summary of Contents for PowerConnect 7000 Series

Page 1: ...rConnect 7000 Series Systems CLI Reference Guide Regulatory Model PC7024 PC7024F PC7024P PC7048 PC7048P PC7048R and PC7048R RA Regulatory Type XXXXX 2CSPC4 XCT SWUM2XX1 book Page 1 Monday October 3 2011 11 05 AM ...

Page 2: ...ered trademark of InMon Corporation Cisco is a registered trademark of Cisco Systems Inc and or its affiliates in the United States and certain other countries Microsoft and Windows are registered trademarks of Microsoft Corporation in the United States and or other countries Other trademarks and trade names may beused in this publication to refer to either the entities claiming the marks and name...

Page 3: ...pes 79 Layer 2 Commands 81 Layer 3 Commands 115 Utility Commands 142 2 Using the CLI 165 Introduction 165 Entering and Editing CLI Commands 165 CLI Command Modes 175 Starting the CLI 188 Using CLI Functions and Tools 196 2CSPC4 XCT SWUM2XX1 book Page 3 Monday October 3 2011 11 05 AM ...

Page 4: ...default radius 245 aaa ias user username 246 aaa new model 247 clear IAS 247 enable authentication 248 enable password 249 ip http authentication 250 ip https authentication 251 login authentication 252 password aaa IAS User Configuration 253 password Line Configuration 254 password User EXEC 255 show aaa ias users 256 show authentication methods 257 2CSPC4 XCT SWUM2XX1 book Page 4 Monday October ...

Page 5: ...n this Chapter 270 access list 270 deny permit IP ACL 272 deny permit Mac Access List Configuration 274 ip access group 276 mac access group 277 mac access list extended 278 mac access list extended rename 279 service acl input 280 show service acl interface 281 show ip access lists 282 show mac access list 283 2CSPC4 XCT SWUM2XX1 book Page 5 Monday October 3 2011 11 05 AM ...

Page 6: ...red 290 mac address table multicast forward all 291 mac address table multicast forward unregistered 292 mac address table multicast static 293 mac address table static 295 port security 296 port security max 297 show mac address table multicast 297 show mac address table filtering 299 show mac address table 300 show mac address table address 301 show mac address table count 302 show mac address t...

Page 7: ... 311 Commands in this Chapter 311 show switchport voice 312 switchport voice detect auto 314 8 CDP Interoperability Commands 317 Commands in this Chapter 317 clear isdp counters 317 clear isdp table 318 isdp advertise v2 318 isdp enable 319 isdp holdtime 320 isdp timer 321 show isdp 321 show isdp entry 322 show isdp interface 324 2CSPC4 XCT SWUM2XX1 book Page 7 Monday October 3 2011 11 05 AM ...

Page 8: ...ote id 332 dhcp l2relay trust 332 dhcp l2relay vlan 333 show dhcp l2relay all 334 show dhcp l2relay interface 335 show dhcp l2relay stats interface 336 show dhcp l2relay subscription interface 337 show dhcp l2relay agent option vlan 338 show dhcp l2relay vlan 339 show dhcp l2relay circuit id vlan 340 show dhcp l2relay remote id vlan 341 clear dhcp l2relay statistics interface 342 2CSPC4 XCT SWUM2X...

Page 9: ...snooping binding 354 clear ip dhcp snooping statistics 355 ip dhcp snooping 355 ip dhcp snooping binding 356 ip dhcp snooping database 357 ip dhcp snooping database write delay 358 ip dhcp snooping limit 359 ip dhcp snooping log invalid 360 ip dhcp snooping trust 360 ip dhcp snooping verify mac address 361 show ip dhcp snooping 362 show ip dhcp snooping binding 363 2CSPC4 XCT SWUM2XX1 book Page 9 ...

Page 10: ...tatistics 370 ip arp inspection filter 371 ip arp inspection limit 371 ip arp inspection trust 372 ip arp inspection validate 373 ip arp inspection vlan 374 permit ip host mac host 375 show arp access list 376 show ip arp inspection 376 show ip arp inspection vlan 379 13 Email Alerting Commands 383 Commands in this Chapter 383 logging email 384 logging email urgent 386 2CSPC4 XCT SWUM2XX1 book Pag...

Page 11: ...ar logging email statistics 392 security 393 mail server ip address hostname 394 port Mail Server Configuration Mode 395 username Mail Server Configuration Mode 395 password Mail Server Configuration Mode 396 show mail server 397 14 Ethernet Configuration Commands 399 Commands in this Chapter 400 clear counters 400 description 401 duplex 402 flowcontrol 403 interface 403 2CSPC4 XCT SWUM2XX1 book P...

Page 12: ...rfaces status 417 show statistics 418 show statistics switchport 423 show storm control 425 shutdown 426 speed 427 storm control broadcast 428 storm control multicast 429 storm control unicast 430 switchport protected 431 switchport protected name 432 show switchport protected 432 15 Ethernet CFM Commands 435 Commands in this Chapter 435 2CSPC4 XCT SWUM2XX1 book Page 12 Monday October 3 2011 11 05...

Page 13: ...fm 443 traceroute ethernet cfm 444 show ethernet cfm errors 446 show ethernet cfm domain 446 show ethernet cfm maintenance points local 447 show ethernet cfm maintenance points remote 448 show ethernet cfm statistics 450 debug cfm 451 16 Green Ethernet Commands 455 Energy Detect Mode 455 Energy Efficient Ethernet 455 Commands in this Chapter 455 green mode energy detect 456 2CSPC4 XCT SWUM2XX1 boo...

Page 14: ...9 Commands in this Chapter 469 clear gvrp statistics 469 garp timer 470 gvrp enable global 471 gvrp enable interface 472 gvrp registration forbid 473 gvrp vlan creation forbid 474 show gvrp configuration 474 show gvrp error statistics 476 show gvrp statistics 477 18 IGMP Snooping Commands 479 Commands in this Chapter 480 ip igmp snooping global 480 2CSPC4 XCT SWUM2XX1 book Page 14 Monday October 3...

Page 15: ...igmp snooping fast leave 488 ip igmp snooping groupmembership interval 489 ip igmp snooping maxresponse 490 ip igmp snooping mcrtrexpiretime 491 19 IGMP Snooping Querier Commands 493 Commands in this Chapter 493 ip igmp snooping querier 493 ip igmp snooping querier election participate 495 ip igmp snooping querier query interval 496 ip igmp snooping querier timer expiry 497 ip igmp snooping querie...

Page 16: ...e Config 505 ip default gateway 506 ip domain lookup 508 ip domain name 508 ip host 509 ip name server 510 ipv6 address Interface Config 511 ipv6 address OOB Port 512 ipv6 address dhcp 514 ipv6 enable Interface Config 515 ipv6 enable OOB Config 515 ipv6 gateway OOB Config 516 show hosts 517 show ip address conflict 518 show ip helper address 519 2CSPC4 XCT SWUM2XX1 book Page 16 Monday October 3 20...

Page 17: ...8 show ipv6 access lists 529 22 IPv6 MLD Snooping Commands 533 Commands in this Chapter 533 ipv6 mld snooping immediate leave 534 ipv6 mld snooping groupmembership interval 535 ipv6 mld snooping maxresponse 535 ipv6 mld snooping mcrtexpiretime 536 ipv6 mld snooping Global 537 ipv6 mld snooping Interface 538 ipv6 mld snooping VLAN 539 show ipv6 mld snooping 540 show ipv6 mld snooping groups 541 2CS...

Page 18: ...uerier query interval 548 ipv6 mld snooping querier timer expiry 549 show ipv6 mld snooping querier 550 24 IP Source Guard Commands 553 Commands in this Chapter 553 ip verify source 553 ip verify source port security 554 ip verify binding 555 show ip verify interface 555 show ip verify source interface 556 show ip source binding 556 25 iSCSI Optimization Commands 559 Commands in this Chapter 560 2...

Page 19: ... Commands in this Chapter 571 action 571 link dependency group 572 add gigabitethernet 573 add tengigabitethernet 573 add port channel 574 depends on 575 show link dependency 576 27 LLDP Commands 579 Commands in this Chapter 580 clear lldp remote data 580 clear lldp statistics 581 lldp med 582 2CSPC4 XCT SWUM2XX1 book Page 19 Monday October 3 2011 11 05 AM ...

Page 20: ...lldp timers 587 lldp transmit 588 lldp transmit mgmt 589 lldp transmit tlv 589 show lldp 590 show lldp interface 591 show lldp local device 592 show lldp med 594 show lldp med interface 595 show lldp med local device detail 596 show lldp med remote device 598 show lldp remote device 602 show lldp statistics 603 2CSPC4 XCT SWUM2XX1 book Page 20 Monday October 3 2011 11 05 AM ...

Page 21: ...time 610 mvr vlan 612 mvr immediate 612 mvr type 613 mvr vlan group 615 show mvr 616 show mvr members 618 show mvr interface 619 show mvr traffic 621 29 Port Channel Commands 623 Static LAGS 623 VLANs and LAGs 624 LAG Thresholds 624 Port Channels 624 LAG Hashing 625 2CSPC4 XCT SWUM2XX1 book Page 21 Monday October 3 2011 11 05 AM ...

Page 22: ...t channel 629 interface range port channel 629 hashing mode 630 lacp port priority 631 lacp system priority 632 lacp timeout 633 port channel min links 633 show interfaces port channel 634 show lacp 635 show statistics port channel 637 30 Port Monitor Commands 641 Commands in this Chapter 641 monitor session 642 show monitor session 643 2CSPC4 XCT SWUM2XX1 book Page 22 Monday October 3 2011 11 05 ...

Page 23: ...Chapter 648 assign queue 649 class 649 class map 650 class map rename 651 classofservice dot1p mapping 652 classofservice ip dscp mapping 653 classofservice trust 653 conform color 654 cos queue min bandwidth 655 cos queue random detect 656 cos queue strict 657 diffserv 658 drop 659 mark cos 660 2CSPC4 XCT SWUM2XX1 book Page 23 Monday October 3 2011 11 05 AM ...

Page 24: ...h dstip6 666 match dstl4port 666 match ethertype 667 match ip6flowlbl 668 match ip dscp 669 match ip precedence 670 match ip tos 670 match protocol 671 match source address mac 672 match srcip 673 match srcip6 674 match srcl4port 674 match vlan 675 mirror 676 police simple 677 2CSPC4 XCT SWUM2XX1 book Page 24 Monday October 3 2011 11 05 AM ...

Page 25: ... interface 689 show diffserv service interface port channel 690 show diffserv service brief 691 show interfaces cos queue 692 show interfaces random detect 694 show policy map 695 show policy map interface 696 show service policy 697 traffic shape 698 32 RADIUS Commands 701 Commands in this Chapter 704 aaa accounting network default start stop group radius 705 2CSPC4 XCT SWUM2XX1 book Page 25 Mond...

Page 26: ...11 radius server deadtime 712 radius server host 713 radius server key 714 radius server retransmit 715 radius server source ip 715 radius server timeout 716 retransmit 717 show aaa servers 718 show radius statistics 721 source ip 725 timeout 726 usage 727 2CSPC4 XCT SWUM2XX1 book Page 26 Monday October 3 2011 11 05 AM ...

Page 27: ...ing tree summary 739 spanning tree 741 spanning tree auto portfast 742 spanning tree bpdu flooding 742 spanning tree bpdu protection 743 spanning tree cost 744 spanning tree disable 745 spanning tree forward time 746 spanning tree guard 747 spanning tree loopguard 747 spanning tree max age 748 spanning tree max hops 749 spanning tree mode 750 2CSPC4 XCT SWUM2XX1 book Page 27 Monday October 3 2011 ...

Page 28: ...lt 755 spanning tree portfast default 756 spanning tree port priority 757 spanning tree priority 758 spanning tree tcnguard 758 spanning tree transmit hold count 759 34 TACACS Commands 761 Commands in this Chapter 762 key 762 port 763 priority 763 show tacacs 764 tacacs server host 765 tacacs server key 766 tacacs server timeout 767 timeout 767 2CSPC4 XCT SWUM2XX1 book Page 28 Monday October 3 201...

Page 29: ...l ethertype 772 interface vlan 773 interface range vlan 774 mode dvlan tunnel 775 name VLAN Configuration 776 protocol group 777 protocol vlan group 778 protocol vlan group all 779 show dvlan tunnel 780 show dvlan tunnel interface 781 show interfaces switchport 782 show port protocol 786 show vlan 787 show vlan association mac 788 2CSPC4 XCT SWUM2XX1 book Page 29 Monday October 3 2011 11 05 AM ...

Page 30: ...ess filtering disable 793 switchport general pvid 794 switchport mode 795 switchport trunk 796 vlan 798 vlan Global Config 799 vlan association mac 800 vlan association subnet 800 vlan database 801 vlan makestatic 802 vlan protocol group 803 vlan protocol group add protocol 804 vlan protocol group name 805 vlan protocol group remove 805 vlan routing 806 2CSPC4 XCT SWUM2XX1 book Page 30 Monday Octo...

Page 31: ... Authentication Server 815 MAC Authentication Bypass 816 Guest VLAN 817 802 1x Monitor Mode 817 RADIUS based Dynamic VLAN Assignment 818 Commands in this Chapter 818 dot1x dynamic vlan enable 819 dot1x initialize 820 dot1x mac auth bypass 820 dot1x max req 821 dot1x max users 822 dot1x port control 823 dot1x re authenticate 824 2CSPC4 XCT SWUM2XX1 book Page 31 Monday October 3 2011 11 05 AM ...

Page 32: ...9 dot1x timeout supp timeout 830 dot1x timeout tx period 831 show dot1x 832 show dot1x authentication history 833 show dot1x clients 835 show dot1x interface 837 show dot1x statistics 839 show dot1x users 841 clear dot1x authentication history 842 dot1x guest vlan 843 dot1x unauth vlan 844 show dot1x advanced 845 radius server attribute 4 846 2CSPC4 XCT SWUM2XX1 book Page 32 Monday October 3 2011 ...

Page 33: ...amicrenew 854 arp purge 855 arp resptime 856 arp retries 857 arp timeout 857 clear arp cache 858 clear arp cache management 859 ip local proxy arp 860 ip proxy arp 860 show arp 861 40 DHCP Server and Relay Agent Commands 863 Commands in this Chapter 864 ip dhcp pool 864 2CSPC4 XCT SWUM2XX1 book Page 33 Monday October 3 2011 11 05 AM ...

Page 34: ...onfig 872 domain name IP DHCP Pool Config 873 hardware address 874 host 875 ip dhcp bootp automatic 876 ip dhcp conflict logging 876 ip dhcp excluded address 877 ip dhcp ping packets 878 lease 879 netbios name server 880 netbios node type 881 network 882 next server 883 option 884 service dhcp 888 2CSPC4 XCT SWUM2XX1 book Page 34 Monday October 3 2011 11 05 AM ...

Page 35: ...rver IPv6 DHCP Pool Config 896 domain name IPv6 DHCP Pool Config 896 ipv6 dhcp pool 897 ipv6 dhcp relay 898 ipv6 dhcp server 899 prefix delegation 900 service dhcpv6 902 show ipv6 dhcp 903 show ipv6 dhcp binding 903 show ipv6 dhcp interface User EXEC 904 show ipv6 dhcp interface Privileged EXEC 906 show ipv6 dhcp pool 909 show ipv6 dhcp statistics 910 2CSPC4 XCT SWUM2XX1 book Page 35 Monday Octobe...

Page 36: ...p nexthop 917 show ip dvmrp prune 918 show ip dvmrp route 919 43 GMRP Commands 921 Commands in this Chapter 922 gmrp enable 922 show gmrp configuration 923 44 IGMP Commands 925 Commands in this Chapter 926 ip igmp 926 ip igmp last member query count 927 ip igmp last member query interval 928 ip igmp query interval 929 2CSPC4 XCT SWUM2XX1 book Page 36 Monday October 3 2011 11 05 AM ...

Page 37: ... interface 935 show ip igmp membership 937 show ip igmp interface stats 937 45 IGMP Proxy Commands 939 Commands in this Chapter 939 ip igmp proxy 939 ip igmp proxy reset status 940 ip igmp proxy unsolicited report interval 941 show ip igmp proxy 942 show ip igmp proxy interface 943 show ip igmp proxy groups 944 show ip igmp proxy groups detail 944 2CSPC4 XCT SWUM2XX1 book Page 37 Monday October 3 ...

Page 38: ...lay information option 953 ip dhcp relay information option insert 954 ip helper address global configuration 955 ip helper address interface configuration 957 ip helper enable 959 show ip helper address 960 show ip dhcp relay 961 show ip helper statistics 962 47 IP Routing Commands 965 Static Routes ECMP Static Routes 965 Static Reject Routes 966 Default Routes 966 Commands in this Chapter 966 2C...

Page 39: ...outing 975 show ip brief 975 show ip interface 976 show ip protocols 979 show ip route 980 show ip route configured 982 show ip route preferences 983 show ip route summary 984 show ip traffic 985 show ip vlan 987 48 IPv6 PIM Commands 989 ipv6 pim 989 ipv6 pim sparse Global config 990 2CSPC4 XCT SWUM2XX1 book Page 39 Monday October 3 2011 11 05 AM ...

Page 40: ...996 ipv6 pim rp candidate 997 ipv6 pim spt threshold 998 ipv6 pim ssm 999 show ipv6 pimsm 1000 show ipv6 pim bsr router 1001 show ipv6 pim interface 1002 show ipv6 pim neighbor 1004 show ipv6 pim rp hash 1006 show ipv6 pim rp mapping 1007 49 IPv6 Routing Commands 1009 IPv6 Limitations Restrictions 1009 Commands in this Chapter 1009 clear ipv6 neighbors 1011 2CSPC4 XCT SWUM2XX1 book Page 40 Monday ...

Page 41: ...proxy reset status 1017 ipv6 mld proxy unsolicit rprt interval 1018 ipv6 mld query interval 1019 ipv6 mld query max response time 1020 ipv6 mld router 1020 ipv6 mtu 1021 ipv6 nd dad attempts 1022 ipv6 nd managed config flag 1023 ipv6 nd ns interval 1024 ipv6 nd other config flag 1025 ipv6 nd prefix 1025 ipv6 nd ra interval 1027 ipv6 nd ra lifetime 1028 2CSPC4 XCT SWUM2XX1 book Page 41 Monday Octob...

Page 42: ...pv6 interface management statistics 1038 show ipv6 mld groups 1040 show ipv6 mld interface 1043 show ipv6 mld proxy 1045 show ipv6 mld proxy groups 1047 show ipv6 mld proxy groups detail 1048 show ipv6 mld proxy interface 1050 show ipv6 mld traffic 1051 show ipv6 neighbors 1053 show ipv6 route 1054 show ipv6 route preferences 1055 show ipv6 route summary 1056 2CSPC4 XCT SWUM2XX1 book Page 42 Monda...

Page 43: ...loopback 1064 51 Multicast Commands 1067 Commands in this Chapter 1068 ip mcast boundary 1069 ip mroute 1069 ip multicast 1070 ip multicast ttl threshold 1071 ip pim 1072 ip pim bsr border 1073 ip pim bsr candidate 1073 ip pim dense 1075 ip pim dr priority 1075 ip pim hello interval 1076 ip pim join prune interval 1077 2CSPC4 XCT SWUM2XX1 book Page 43 Monday October 3 2011 11 05 AM ...

Page 44: ...how ip mcast boundary 1085 show ip multicast interface 1086 show ip mcast mroute 1087 show ip mcast mroute group 1087 show ip mcast mroute source 1088 show ip mcast mroute static 1089 show ip pim bsr router 1090 show ip pim interface 1091 show ip pim neighbor 1093 show ip pim rp hash 1094 show ip pim rp mapping 1095 52 OSPF Commands 1097 Route Preferences 1098 2CSPC4 XCT SWUM2XX1 book Page 44 Mond...

Page 45: ...lt info originate 1104 area nssa no redistribute 1105 area nssa no summary 1105 area nssa translator role 1106 area nssa translator stab intv 1107 area range Router OSPF 1108 area stub 1109 area stub no summary 1110 area virtual link 1111 area virtual link authentication 1113 area virtual link dead interval 1114 area virtual link hello interval 1115 area virtual link retransmit interval 1116 2CSPC...

Page 46: ...2 default metric 1123 distance ospf 1124 distribute list out 1125 enable 1126 exit overflow interval 1127 external lsdb limit 1128 ip ospf area 1129 ip ospf authentication 1130 ip ospf cost 1131 ip ospf dead interval 1131 ip ospf hello interval 1132 ip ospf mtu ignore 1133 ip ospf network 1134 ip ospf priority 1135 2CSPC4 XCT SWUM2XX1 book Page 46 Monday October 3 2011 11 05 AM ...

Page 47: ... 1142 passive interface default 1143 passive interface 1143 redistribute 1144 router id 1145 router ospf 1146 show ip ospf 1147 show ip ospf abr 1152 show ip ospf area 1153 show ip ospf asbr 1155 show ip ospf database 1156 show ip ospf database database summary 1159 show ip ospf interface 1161 show ip ospf interface brief 1163 2CSPC4 XCT SWUM2XX1 book Page 47 Monday October 3 2011 11 05 AM ...

Page 48: ... OSPFv3 Commands 1175 area default cost Router OSPFv3 1176 area nssa Router OSPFv3 1177 area nssa default info originate 1178 area nssa no redistribute 1179 area nssa no summary 1180 area nssa translator role 1181 area nssa translator stab intv 1182 area range Router OSPFv3 1183 area stub 1184 area stub no summary 1185 area virtual link 1186 area virtual link dead interval 1188 2CSPC4 XCT SWUM2XX1...

Page 49: ...1194 exit overflow interval 1195 external lsdb limit 1195 ipv6 ospf 1196 ipv6 ospf area 1197 ipv6 ospf cost 1198 ipv6 ospf dead interval 1199 ipv6 ospf hello interval 1199 ipv6 ospf mtu ignore 1200 ipv6 ospf network 1201 ipv6 ospf priority 1202 ipv6 ospf retransmit interval 1203 ipv6 ospf transmit delay 1204 ipv6 router ospf 1204 maximum paths 1205 2CSPC4 XCT SWUM2XX1 book Page 49 Monday October 3...

Page 50: ...br 1216 show ipv6 ospf area 1217 show ipv6 ospf asbr 1218 show ipv6 ospf border routers 1219 show ipv6 ospf database 1219 show ipv6 ospf database database summary 1222 show ipv6 ospf interface 1223 show ipv6 ospf interface brief 1225 show ipv6 ospf interface stats 1226 show ipv6 ospf interface vlan 1227 show ipv6 ospf neighbor 1229 show ipv6 ospf range 1230 2CSPC4 XCT SWUM2XX1 book Page 50 Monday ...

Page 51: ...5 ip irdp address 1237 ip irdp holdtime 1238 ip irdp maxadvertinterval 1239 ip irdp minadvertinterval 1240 ip irdp multicast 1241 ip irdp preference 1242 show ip irdp 1242 55 Routing Information Protocol Commands 1245 Commands in this Chapter 1245 auto summary 1245 default information originate 1246 default metric 1247 distance rip 1247 2CSPC4 XCT SWUM2XX1 book Page 51 Monday October 3 2011 11 05 ...

Page 52: ...tribute 1254 router rip 1255 show ip rip 1256 show ip rip interface 1257 show ip rip interface brief 1258 split horizon 1259 56 Tunnel Interface Commands 1261 Commands in this Chapter 1261 interface tunnel 1262 show interfaces tunnel 1262 tunnel destination 1263 tunnel mode ipv6ip 1264 tunnel source 1265 2CSPC4 XCT SWUM2XX1 book Page 52 Monday October 3 2011 11 05 AM ...

Page 53: ...apter 1269 ip vrrp 1270 vrrp accept mode 1270 vrrp authentication 1271 vrrp description 1272 vrrp ip 1273 vrrp mode 1274 vrrp preempt 1275 vrrp priority 1276 vrrp timers advertise 1277 vrrp timers learn 1278 vrrp track interface 1279 vrrp track ip route 1280 show vrrp 1282 show vrrp interface 1285 show vrrp interface brief 1287 2CSPC4 XCT SWUM2XX1 book Page 53 Monday October 3 2011 11 05 AM ...

Page 54: ... boot auto copy sw 1296 boot auto copy sw allow downgrade 1297 boot host autoreboot 1298 boot host autosave 1299 boot host dhcp 1299 boot host retrycount 1300 show auto copy sw 1301 show boot 1302 60 Captive Portal Commands 1305 Commands in this Chapter 1305 authentication timeout 1307 captive portal 1307 enable 1308 2CSPC4 XCT SWUM2XX1 book Page 54 Monday October 3 2011 11 05 AM ...

Page 55: ... locale 1315 name Captive Portal 1316 protocol 1317 redirect 1317 redirect url 1318 session timeout 1318 verification 1319 captive portal client deauthenticate 1320 show captive portal client status 1320 show captive portal configuration client status 1321 show captive portal interface client status 1322 2CSPC4 XCT SWUM2XX1 book Page 55 Monday October 3 2011 11 05 AM ...

Page 56: ...ion timeout 1330 show captive portal configuration 1331 show captive portal configuration interface 1332 show captive portal configuration locales 1333 show captive portal configuration status 1334 user group 1335 user group moveusers 1336 user group name 1336 61 CLI Macro Commands 1339 Commands in this Chapter 1340 macro name 1340 macro global apply 1341 2CSPC4 XCT SWUM2XX1 book Page 56 Monday Oc...

Page 57: ...k Time Protocol 1349 Commands in this Chapter 1350 show sntp configuration 1350 show sntp server 1351 show sntp status 1353 sntp authenticate 1354 sntp authentication key 1355 sntp broadcast client enable 1356 sntp client poll timer 1356 sntp server 1357 sntp trusted key 1358 sntp unicast client enable 1359 clock timezone hours offset 1360 2CSPC4 XCT SWUM2XX1 book Page 57 Monday October 3 2011 11 ...

Page 58: ...mmands 1367 Commands in this Chapter 1367 script apply 1367 script delete 1368 script list 1369 script show 1369 script validate 1370 64 Configuration and Image File Commands 1373 File System Commands 1373 Command Line Interface Scripting 1373 Commands in this Chapter 1373 boot system 1374 clear config 1375 copy 1375 2CSPC4 XCT SWUM2XX1 book Page 58 Monday October 3 2011 11 05 AM ...

Page 59: ...config 1387 show bootvar 1388 show running config 1389 show startup config 1390 update bootcode 1392 write 1392 65 Denial of Service Commands 1395 Commands in this Chapter 1396 dos control firstfrag 1397 dos control icmp 1397 dos control l4port 1398 dos control sipdip 1399 dos control tcpflag 1400 2CSPC4 XCT SWUM2XX1 book Page 59 Monday October 3 2011 11 05 AM ...

Page 60: ...4 ipv6 unreachables 1405 show dos control 1405 66 Line Commands 1407 exec timeout 1407 history 1408 history size 1409 line 1409 show line 1410 speed 1412 67 Management ACL Commands 1413 Commands in this Chapter 1413 deny management 1414 management access class 1415 management access list 1416 2CSPC4 XCT SWUM2XX1 book Page 60 Monday October 3 2011 11 05 AM ...

Page 61: ... Configurable Minimum Password Length 1423 Password History 1423 Password Aging 1423 User Lockout 1423 Password Strength 1424 Commands in this Chapter 1425 passwords aging 1426 passwords history 1426 passwords lock out 1427 passwords min length 1428 passwords strength check 1429 passwords strength minimum uppercase letters 1430 2CSPC4 XCT SWUM2XX1 book Page 61 Monday October 3 2011 11 05 AM ...

Page 62: ...d characters 1434 passwords strength minimum character classes 1435 passwords strength exclude keyword 1436 enable password encrypted 1437 show passwords configuration 1437 show passwords result 1439 70 PHY Diagnostics Commands 1441 show copper ports tdr 1441 show fiber ports optical transceiver 1442 test copper port tdr 1443 71 Power Over Ethernet Commands 1445 Flexible Power Management 1445 2CSP...

Page 63: ...ority 1451 power inline priority enable 1452 power inline reset 1453 power inline usage threshold 1453 clear power inline statistics 1454 show power inline 1455 show power inline firmware version 1457 72 RMON Commands 1459 Commands in this Chapter 1459 rmon alarm 1459 rmon collection history 1462 rmon event 1463 show rmon alarm 1464 show rmon alarms 1466 2CSPC4 XCT SWUM2XX1 book Page 63 Monday Oct...

Page 64: ...1479 Commands in this Chapter 1479 sdm prefer 1479 show sdm prefer 1481 74 Serviceability Tracing Packet Commands 1485 Commands in this Chapter 1485 debug arp 1486 debug auto voip 1487 debug clear 1487 debug console 1488 debug dot1x 1488 debug igmpsnooping 1489 debug ip acl 1490 debug ip dvmrp 1490 2CSPC4 XCT SWUM2XX1 book Page 64 Monday October 3 2011 11 05 AM ...

Page 65: ...debug ipv6 mcache 1496 debug ipv6 mld 1496 debug ipv6 pimdm 1497 debug ipv6 pimsm 1498 debug isdp 1499 debug lacp 1500 debug mldsnooping 1500 debug ospf 1501 debug ospfv3 1502 debug ping 1502 debug rip 1503 debug sflow 1504 debug spanning tree 1504 debug vrrp 1505 show debugging 1505 2CSPC4 XCT SWUM2XX1 book Page 65 Monday October 3 2011 11 05 AM ...

Page 66: ...Interface Mode 1512 show sflow agent 1513 show sflow destination 1514 show sflow polling 1515 show sflow sampling 1516 76 SNMP Commands 1519 Commands in this Chapter 1519 show snmp 1519 show snmp engineID 1521 show snmp filters 1522 show snmp group 1523 show snmp user 1524 show snmp views 1526 show trapflags 1527 2CSPC4 XCT SWUM2XX1 book Page 66 Monday October 3 2011 11 05 AM ...

Page 67: ...1538 snmp server host 1539 snmp server location 1541 snmp server user 1542 snmp server view 1543 snmp server v3 host 1545 77 SSH Commands 1547 Commands in this Chapter 1547 crypto key generate dsa 1547 crypto key generate rsa 1548 crypto key pubkey chain ssh 1549 ip ssh port 1550 ip ssh pubkey auth 1551 ip ssh server 1551 key string 1552 2CSPC4 XCT SWUM2XX1 book Page 67 Monday October 3 2011 11 05...

Page 68: ...slog Server 1559 Commands in this Chapter 1560 clear logging 1561 clear logging file 1561 description 1562 level 1563 logging cli command 1563 logging 1565 logging audit 1567 logging buffered 1568 logging console 1569 logging file 1570 logging on 1571 logging snmp 1572 logging web session 1572 port 1573 2CSPC4 XCT SWUM2XX1 book Page 68 Monday October 3 2011 11 05 AM ...

Page 69: ...ec 1580 banner login 1581 banner motd 1582 banner motd acknowledge 1583 clear checkpoint statistics 1584 cut through mode 1585 exec banner 1585 hostname 1586 initiate failover 1587 locate 1588 login banner 1589 media type 1589 member 1590 motd banner 1591 nsf 1592 ping 1593 2CSPC4 XCT SWUM2XX1 book Page 69 Monday October 3 2011 11 05 AM ...

Page 70: ...irmware 1601 show interfaces media type 1602 show memory cpu 1603 show power usage history 1605 show process cpu 1606 show sessions 1609 show slot 1610 show supported cardtype 1611 show supported switchtype 1612 show switch 1615 show system 1623 show system id 1625 show system power 1626 show system temperature 1627 2CSPC4 XCT SWUM2XX1 book Page 70 Monday October 3 2011 11 05 AM ...

Page 71: ...ute 1638 80 Telnet Server Commands 1643 Commands in this Chapter 1643 ip telnet server disable 1643 ip telnet port 1644 show ip telnet 1645 81 Terminal Length Commands 1647 terminal length 1647 82 Time Ranges Commands 1649 time range 1649 absolute 1650 periodic 1651 2CSPC4 XCT SWUM2XX1 book Page 71 Monday October 3 2011 11 05 AM ...

Page 72: ...om Switch to USB Flash Drive 1658 Downloading and Uploading of Files 1658 Commands in this Chapter 1658 unmount usb 1658 show usb 1659 dir usb 1661 84 User Interface Commands 1663 enable 1663 end 1664 exit 1664 quit 1665 85 Web Server Commands 1667 Web Sessions 1667 Commands in this Chapter 1668 2CSPC4 XCT SWUM2XX1 book Page 72 Monday October 3 2011 11 05 AM ...

Page 73: ...tp server 1675 ip http secure certificate 1676 ip http secure port 1677 ip http secure server 1677 key generate 1678 location 1679 organization unit 1680 show crypto certificate mycertificate 1680 show ip http server status 1682 show ip http server secure status 1682 state 1684 A Appendix A List of Commands 1687 2CSPC4 XCT SWUM2XX1 book Page 73 Monday October 3 2011 11 05 AM ...

Page 74: ...74 Contents 2CSPC4 XCT SWUM2XX1 book Page 74 Monday October 3 2011 11 05 AM ...

Page 75: ... textual input and output with commands being entered by a terminal keyboard and the output displayed as text via a terminal monitor The CLI can be accessed from a console terminal connected to an EIA TIA 232 port or through a Telnet SSH session This guide describes how the CLI is structured describes the command syntax and describes the command functionality This guide also provides information f...

Page 76: ...P Inspection Configures for rejection of invalid and malicious ARP packets Ethernet Configuration Configures all port configuration options for example ports storm control port speed and auto negotiation Ethernet CFM Configures and displays GVRP configuration and information IGMP Snooping Configures IGMP snooping and displays IGMP configuration and IGMP information IGMP Snooping Querier Configures...

Page 77: ...mmands ARP IPv4 Manages Address Resolution Protocol functions DHCP Server and Relay Agent IPv4 Manages DHCP BOOTP operations on the system DHCPv6 Configures IPv6 DHCP functions DVMRP Mcast Configures DVMRP operations IGMP Mcast Configures IGMP operations IGMP Proxy Mcast Manages IGMP Proxy on the system IP Helper DHCP Relay Configures relay of UDP packets IP Routing IPv4 Configures IP routing and ...

Page 78: ...Clock Configures the system clock Command Line Configuration Scripting Manages the switch configuration files Denial of Service Provides several Denial of Service options Line Configures the console SSH and remote Telnet connection Management ACL Configures and displays management access list information Password Management Provides password management PHY Diagnostics Diagnoses and displays the in...

Page 79: ...R Interface Range KC Key Chain KE Key sFlow Configures sFlow monitoring SNMP Configures SNMP communities traps and displays SNMP information SSH Configures SSH authentication Syslog Manages and displays syslog messages System Management Configures the switch clock name and authorized users Telnet Server Configures Telnet service on the switch and displays Telnet information User Interface Describe...

Page 80: ... Configuration R Radius RIP Router RIP Configuration RC Router Configuration ROSPF Router Open Shortest Path First ROSV3 Router Open Shortest Path First Version 3 SG Stack Global Configuration SP SSH Public Key SK SSH Public Key chain TC TACACS Configuration TRC Time Range Configuration UE User EXEC VLAN VLAN Configuration reached via vlan database command v6ACL IPv6 Access List Configuration v6CM...

Page 81: ...tion method list when accessing a higher privilege level from a remote telnet or console LC enable password Sets a local password to control access to the normal level GC ip http authentication Specifies authentication methods for http GC ip https authentication Specifies authentication methods for https GC login authentication Specifies the login authentication method list for a remote telnet or ...

Page 82: ...tions defined in the permit statement are matched ML ip access group Attaches a specified access control list to an interface GC or IC mac access group Attaches a specific MAC Access Control List ACL to an interface in the in bound direction GC or IC mac access list extended Creates the MAC Access Control List ACL identified by the name parameter GC mac access list extended rename Renames the exis...

Page 83: ...arding unregistered multicast addresses port IC mac address table multicast forward all Enables forwarding of all Multicast packets on a port IC mac address table multicast forward unregistered Enables the forwarding of unregistered multicast addresses IC mac address table multicast static Registers MAC layer Multicast addresses to the bridge table and adds static ports to the group IC mac address...

Page 84: ...formation PE show mac address table static Displays statically created entries in the bridge forwarding database PE show mac address table vlan Displays all entries in the bridge forwarding database for the specified VLAN UE or PE show ports security Displays the port lock status PE show ports security addresses Displays current dynamic addresses in locked ports PE a For the meaning of each Mode a...

Page 85: ...r Sets period of time between sending new ISDP packets GC show isdp Displays global ISDP settings PE show isdp interface Displays ISDP settings for the specified interface PE show isdp entry Displays ISDP entries PE show isdp neighbors Displays the list of neighboring devices PE show isdp traffic Displays ISDP statistics PE Command Description Modea dhcp l2relay Enables the Layer 2 DHCP Relay agen...

Page 86: ... lane PE debug dhcp packet Displays debug information about DHCPv4 client activities and traces DHCP v4 packets to and from the local DHCPv4 client PE show dhcp lease Displays IPv4 addresses leased from a DHCP server PE Command Description Modea clear ip dhcp snooping binding Clears all DHCP Snooping entries PE clear ip dhcp snooping statistics Clears all DHCP Snooping statistics PE ip dhcp snoopi...

Page 87: ...and per port configuration PE show ip dhcp snooping binding Displays the DHCP snooping binding entries PE show ip dhcp snooping database Displays the DHCP snooping configuration related to the database persistence PE show ip dhcp snooping interfaces Displays the DHCP Snooping status of the interfaces PE show ip dhcp snooping statistics Displays the DHCP snooping filtration statistics PE a For the ...

Page 88: ...ys the configured ARP ACLs with the rules PE show ip arp inspection interfaces Displays the Dynamic ARP Inspection configuration PE show ip arp inspection interfaces Displays the Dynamic ARP Inspection configuration on all the DAI enabled interfaces PE show ip arp inspection vlan Displays the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range PE a For the meaning of each...

Page 89: ...ng email statistics Clears the email alerting statistics GC security Sets the email alerting security protocol MSC mail server ip address hostname Configures the SMTP server IP address and changes the mode to Mail Server Configuration Mode GC port Mail Server Configuration Mode Configures the TCP port to use for communication with the SMTP servers MSC username Mail Server Configuration Mode Config...

Page 90: ...ration Displays the configuration for all configured interfaces UE show interfaces counters Displays traffic seen by the physical interface UE show interfaces description Displays the description for all configured interfaces UE show interfaces detail Displays the detail for all configured interfaces UE show interfaces status Displays the status for all configured interfaces UE show statistics Dis...

Page 91: ...s a VLAN with a maintenance domain MDC ethernet cfm cc level Initiates sending continuity checks CCMs at the specified interval and level on a VLAN monitored by an existing domain GC ethernet cfm mep level Creates a Maintenance End Point MEP on an interface at the specified level and direction IC ethernet cfm mep enable Enables a MEP at the specified level and direction IC ethernet cfm mep active ...

Page 92: ... Command Description Modea green mode energy detect Enables a Dell proprietary mode of power reduction on ports that are not connected to another interface IC green mode eee Enables EEE low power idle mode on an interface or all the interfaces IC clear green mode statistics Clears The EEE LPI event count and LPI duration The EEE LPI history table entries The Cumulative Power savings estimates for ...

Page 93: ... page 79 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 clear gvrp statistics Clears all the GVRP statistics information PE garp timer Adjusts the GARP application join leave and leaveall GARP timer values IC gvrp enable global Enables GVRP globally GC gvrp enable interface Enables GVRP on an interface IC gvrp registration forbid De registers all VL...

Page 94: ...ups learned by IGMP snooping UE show ip igmp snooping interface Displays IGMP snooping configuration PE show ip igmp snooping mrouter Displays information on dynamically learned Multicast router interfaces PE ip igmp snooping VLAN In VLAN Config mode enables IGMP snooping on a particular VLAN or on all interfaces participating in a VLAN VLAN ip igmp snooping fast leave Enables or disables IGMP Sno...

Page 95: ... Sets the IGMP version of the query that the snooping switch is going to send periodically GC show igmp snooping querier Displays IGMP Snooping Querier information PE Command Description Modea clear host Deletes entries from the host name to address cache PE clear ip address conflict detect Clears the address conflict detection status in the switch PE ip address Out of Band Sets an IP address for ...

Page 96: ...OOB Config Configures the address of the IPv6 gateway IC show hosts Displays the default domain name a list of name server hosts static and cached list of host names and addresses UE show ip address conflict Displays the status information corresponding to the last detected address conflict UE or PE show ip helper address Displays the ip helper addresses configuration PE show ipv6 dhcp interface o...

Page 97: ...g immediate leave admin mode on a selected interface or VLAN IC VLAN ipv6 mld snooping groupmembership interval Sets the MLD Group Membership Interval time on a VLAN or interface IC VLAN ipv6 mld snooping maxresponse Sets the MLD Maximum Response time for an interface or VLAN IC or VLAN ipv6 mld snooping mcrtexpiretime Sets the Multicast Router Present Expiration time IC ipv6 mld snooping Global E...

Page 98: ...Interval time GC ipv6 mld snooping querier timer expiry Sets the MLD Querier timer expiration period GC show ipv6 mld snooping querier Displays MLD Snooping Querier information PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 ip verify source Enables filtering of IP packets matching the source IP address IC ip verify source port security Enables fi...

Page 99: ...ions PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 action Indicates if the link dependency group should mirror or invert the status of the depended on interfaces LD link dependency group Enters the link dependency mode to configure a link dependency group GC add gigabitethernet Adds member gigabit Ethernet port s to the dependency list LD add te...

Page 100: ...les the LLDP receive capability IC lldp timers Sets the timing parameters for local data transmission on ports enabled for LLDP GC lldp transmit Enables the LLDP advertise capability IC lldp transmit mgmt Specifies that transmission of the local system management address information in the LLDPDUs is included IC lldp transmit tlv Specifies which optional TLVs in the 802 1AB basic management set wi...

Page 101: ...e Mode Types on page 79 mvr Enables MVR GC or IC mvr group Adds an MVR membership group GC mvr mode Changes the MVR mode type GC mvr querytime Sets the MVR query response time GC mvr vlan Sets the MVR multicast VLAN GC mvr immediate Enables MVR Immediate Leave mode IC mvr type Sets the MVR port type IC mvr vlan group Use to participate in the specific MVR group IC show mvr Displays global MVR sett...

Page 102: ...physical ports IC lacp system priority Configures the system LACP priority GC lacp timeout Assigns an administrative LACP timeout IC port channel min links Sets the minimum number of links that must be up in order for the port channel interface to be declared up IC show interfaces port channel Displays port channel information PE show lacp Displays LACP information for ports PE show statistics por...

Page 103: ... dscp mapping Maps an IP DSCP value to an internal traffic class GC classofservice trust Sets the class of service trust mode of an interface GC or IC conform color Specifies for each outcome the only possible actions are drop setdscp transmit set prec transmit or transmit PCMC cos queue min bandwidth Specifies the minimum transmission bandwidth for each interface queue GC or IC cos queue random d...

Page 104: ...ecified class definition a match condition based on the destination IP address of a packet CMC match dstip6 Adds to the specified class definition a match condition based on the destination IPv6 address of a packet v6CMC match dstl4port Adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation CMC match e...

Page 105: ...cl4port Adds to the specified class definition a match condition based on the source layer 4 port of a packet using a single keyword a numeric notation or a numeric range notation CMC match vlan Adds to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field CMC mirror Mirrors all the data that matches the class defined to the destination port speci...

Page 106: ...ormation for the specified interface and direction PE show diffserv service brief Displays all interfaces in the system to which a DiffServ policy has been attached PE show interfaces cos queue Displays the class of service queue configuration for the specified interface PE show interfaces random detect Displays the WRED policy on an interface PE show policy map Displays all configuration informat...

Page 107: ...IUS Authenticating server being configured R name Assigns a name to a RADIUS server R primary Specifies that a configured server should be the primary server in the group of authentication servers which have the same server name R priority Specifies the order in which the servers are to be used with 0 being the highest priority R radius server deadtime Improves RADIUS response times when servers a...

Page 108: ...ounting server PE source ip Specifies the source IP address to be used for communication with RADIUS servers R timeout Sets the timeout value in seconds for the designated radius server R usage Specifies the usage type of the server R a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea clear spanning tree detected protocols Restarts the protocol migratio...

Page 109: ...her loop guard or root guard is enabled on an interface IC spanning tree loopguard Enables loop guard on all ports GC spanning tree max age Configures the spanning tree bridge maximum age GC spanning tree max hops Sets the MSTP Max Hops parameter to a new value for the common and internal spanning tree GC spanning tree mode Configures the spanning tree protocol GC spanning tree mst configuration E...

Page 110: ...page 79 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 key Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server TC port Specifies a server port number TC priority Specifies the order in which servers are used TC show tacacs Displays TACACS server settings and statistics PE tacacs serv...

Page 111: ...ed VLAN identified by groupid GC show dvlan tunnel Displays all interfaces enabled for Double VLAN Tunneling PE show dvlan tunnel interface Displays detailed information about Double VLAN Tunneling for the specified interface PE show interfaces switchport Displays switchport configuration PE show port protocol Displays the Protocol Based VLAN information for either the entire system or for the ind...

Page 112: ... GC vlan association mac Associates a MAC address to a VLAN VLAN vlan association subnet Associates an IP subnet to a VLAN VLAN vlan database Enters the VLAN database configuration mode GC vlan makestatic Changes a dynamically created VLAN to a static VLAN VLAN vlan protocol group Adds protocol based VLAN groups to the system GC vlan protocol group add protocol Adds a protocol to the protocol base...

Page 113: ...lize Begins the initialization sequence on the specified port PE dot1x mac auth bypass Enables MAB on an interface IC dot1x max req Sets the maximum number of times the switch sends an EAP request frame to the client before restarting the authentication process IC dot1x max users Sets the maximum number of clients supported on the port when MAC based 802 1X authentication is enabled on the port IC...

Page 114: ...of seconds the switch waits for a response to an EAP request identify frame from the client before resending the request IC show dot1x Displays 802 1X status for the switch or the specified interface PE show dot1x authentication history Displays the dot1x authentication events and information during successful and unsuccessful dot1x authentication processes PE show dot1x clients Displays detailed ...

Page 115: ...mber of entries in the ARP cache GC arp dynamicrenew Enables the ARP component to automatically renew dynamic ARP entries when they age out GC arp purge Causes the specified IP address to be removed from the ARP cache PE arp resptime Configures the ARP request response timeout GC arp retries Configures the ARP count of maximum request for retries GC arp timeout Configures the ARP entry age out tim...

Page 116: ...s PE client identifier Identifies a a Microsoft DHCP client to be manually assigned an address DP client name Specifies the host name of a DHCP client DP default router Sets the IPv4 address of one or more routers for the DHCP client to use DP dns server IP DHCP Pool Config Sets the IPv4 DNS server address which is provided to a DHCP client by the DHCP server DP domain name IP DHCP Pool Config Set...

Page 117: ... TFTP server to be used during auto install DP option Supplies arbitrary configuration information to a DHCP client DP service dhcp Enables local IPv4 DHCP server on the switch GC sntp Sets the IPv4 address of the NTP server to be used for time synchronization of the client DP show ip dhcp binding Displays the configured DHCP bindings PE show ip dhcp conflict Displays DHCP address conflicts for al...

Page 118: ...ctionality on an interface IC prefix delegation Defines Multiple IPv6 prefixes within a pool for distributing to specific DHCPv6 Prefix delegation clients v6DP service dhcpv6 Enables DHCPv6 configuration on the router GC show ipv6 dhcp Displays the DHCPv6 server name and status PE show ipv6 dhcp binding Displays the configured DHCP pool PE show ipv6 dhcp interface Displays DHCPv6 information for a...

Page 119: ...each Mode abbreviation see Mode Types on page 79 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 gmrp enable Enables GMRP globally or on a port GC or IC show gmrp configuration Displays GMRP configuration GC or IC Command Description Modea ip igmp Sets the administrative mode of IGMP in the system to active GC ip igmp last member query count Sets the...

Page 120: ...e interface IC ip igmp version Configures the version of IGMP for an interface IC show ip igmp Displays system wide IGMP information PE show ip igmp groups Displays the registered multicast groups on the interface PE show ip igmp interface Displays the IGMP information for the specified interface PE show ip igmp interface membership Displays the list of interfaces that have registered in the multi...

Page 121: ...ootpdhcprelay maxhopcount Configures the maximum allowable relay agent hops for BootP DHCP Relay on the system GC bootpdhcprelay minwaittime Configures the minimum wait time in seconds for BootP DHCP Relay on the system GC clear ip helper statistics Resets to 0 the statistics displayed in show ip helper statistics PE ip dhcp relay information check Enables DHCP Relay to check that the relay agent ...

Page 122: ...elay Displays the BootP DHCP Relay information UE or PE show ip helper statistics Displays the number of DHCP and other UDP packets processed and relayed by the UDP relay agent PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea encapsulation Configures the link layer encapsulation type for the packet IC ip address Configures an IP address on an inter...

Page 123: ...e number of all routes including best and non best routes PE show ip traffic Displays IP statistical information UE or PE show ip vlan Displays the VLAN routing information for all VLANs with routing enabled PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea ipv6 pimsm Global Config Administratively enables PIMSM for IPv6 multicast routing GC ipv6 pi...

Page 124: ...imsm spt threshold Configures the Data Threshold rate for the last hop router to switch to the shortest path on the router GC ipv6 pimsm ssm Defines the Source Specific Multicast SSM range of multicast addresses GC show ipv6 pimsm Displays global status of IPv6 PIMSM and its IPv6 routing interfaces PE show ipv6 pimsm bsr Displays the bootstrap router BSR information PE show ipv6 pimsm interface Di...

Page 125: ... in the host cache GC ipv6 mld last member query count Sets the number of listener specific queries sent before the router assumes that there are no local members on the interface IC VLAN ipv6 mld last member query interval Sets the last member query interval for the MLD interface which is the value of the maximum response time parameter in the groupspecific queries sent out of this interface IC V...

Page 126: ...lag in router advertisements sent from the interface IC ipv6 nd prefix Sets the IPv6 prefixes to include in the router advertisement IC ipv6 nd ra interval Sets the transmission interval between router advertisements IC ipv6 nd ra lifetime Sets the value that is placed in the Router Lifetime field of the router advertisements sent from the interface IC ipv6 nd reachable time Sets the router advert...

Page 127: ...tion about multicast groups that the MLD Proxy reported PE show ipv6 mld proxy groups detail Displays information about multicast groups that MLD Proxy reported PE show ipv6 mld proxy interface Displays a detailed list of the host interface status parameters PE show ipv6 mld traffic Displays MLD statistical information for the router PE show ipv6 neighbors Displays information about IPv6 neighbors...

Page 128: ...an administrative scope multicast boundary IC ip mroute Creates a static multicast route for a source range GC ip multicast Sets the administrative mode of the IP multicast forwarder in the router to active GC ip multicast ttl threshold Applies a ttlvalue to a routing interface IC ip pim Administratively configures PIM mode for IP multicast routing on a VLAN interface IC ip pim bsr border Administ...

Page 129: ...ific multicast group range IC ip pim sparse Administratively configures PIM sparse mode for IP multicast routing GC ip pim ssm Administratively configures PIM Source Specific Multicast SSM range of addresses for IP multicast routing GC ip pim spt threshold Sets the multicast traffic threshold rate for the last hop router to switch to the shortest path on the router GC show bridge multicast address...

Page 130: ...ecified the command displays the neighbors discovered on all PIM enabled interfaces UE or PE show ip pimrphash Displays the rendezvous point RP selected for the specified group address UE or PE show ip pim rp mapping Displays the mappings for the PIM group to the active rendezvous points RPs UE or PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea ar...

Page 131: ...igures the dead interval for the OSPF virtual interface on the virtual interface identified by area id and neighbor router ROSPF area virtual link hello interval Configures the hello interval for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID ROSPF area virtual link retransmit interval Configures the retransmit interval for the OSPF virtual interface ...

Page 132: ...ea ID of an interface IC ip ospf authentication Sets the OSPF Authentication Type and Key for the specified interface IC ip ospf cost Configures the cost on an OSPF interface IC ip ospf dead interval Sets the OSPF dead interval for the specified interface IC ip ospf hello interval Sets the OSPF hello interval for the specified interface IC ip ospf mtu ignore Disables OSPF maximum transmission unit...

Page 133: ...interface default Enables the global passive mode by default for all interfaces ROSPF passive interface router mode Sets the interface or tunnel as passive ROSPF redistribute Configures OSPF protocol to allow redistribution of routes from the specified source protocol routers ROSPF router id Sets a 4 digit dotted decimal number uniquely identifying the router OSPF ID ROSPF router ospf Enters Route...

Page 134: ... PE show ip ospf statistics Displays information about recent Shortest Path First SPF calculations PE show ip ospf stub table Displays the OSPF stub table PE show ip ospf virtual link Displays the OSPF Virtual Interface information for a specific area and neighbor PE show ip ospf virtual link brief Displays the OSPF Virtual Interface information for all areas in the system PE timers spf Configures...

Page 135: ...nterval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor ROSV3 area virtual link hello interval Configures the hello interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor ROSV3 area virtual link retransmit interval Configures the retransmit interval for the OSPF virtual interface on the virtual interface identifi...

Page 136: ... IC ipv6 ospf priority Sets the OSPF priority for the specified router interface IC ipv6 ospf retransmit interval Sets the OSPF retransmit interval for the specified interface IC ipv6 ospf transmit delay Sets the OSPF Transmit Delay for the specified interface IC ipv6 router ospf Enters Router OSPFv3 Configuration mode GC maximum paths Sets the number of paths that OSPF can report for a given dest...

Page 137: ...nd Autonomous System Boundary Routers ASBR UE or PE show ipv6 ospf database Displays information about the link state database when OSPFv3 is enabled PE show ipv6 ospf database database summary Displays the number of each type of LSA in the database and the total number of LSAs in the database PE show ipv6 ospf interface Displays the information for the IFO object or virtual interface tables PE sh...

Page 138: ...iscovery advertisements IC ip irdp holdtime Configures the value in seconds of the holdtime field of the router advertisement sent from this interface IC ip irdp maxadvertinterval Configures the maximum time in seconds allowed between sending router advertisements from the interface IC ip irdp minadvertinterval Configures the minimum time in seconds allowed between sending router advertisements fr...

Page 139: ...les RIP on a router interface IC ip rip authentication Sets the RIP Version 2 Authentication Type and Key for the specified interface IC ip rip receive version Configures the interface to allow RIP control packets of the specified version s to be received IC ip rip send version Configures the interface to allow RIP control packets of the specified version to be sent IC redistribute Configures OSPF...

Page 140: ...rt address of the tunnel either explicitly or by reference to an interface IC Command Description Modea ip vrrp Enables the administrative mode of Virtual Router Redundancy Protocol VRRP for the router GC vrrp accept mode Enables the VRRP Master to accept ping packets sent to one of the virtual router s IP addresses IC vrrp authentication Sets the authentication details value for the virtual route...

Page 141: ...ity IC show vrrp Displays the global VRRP configuration and status as well as the brief or detailed status of one or all VRRP groups UE or PE show vrrp interface Displays all configuration information and VRRP router statistics of a virtual router configured on a specific interface UE or PE show vrrp interface brief Displays information about each virtual router configured on the switch PE show vr...

Page 142: ...oaded GC boot host autosave Enables disables automatically saving the downloaded configuration on the switch GC boot host dhcp Enables disables Auto Config on the switch GC boot host retrycount Set the number of attempts to download a configuration GC show auto copy sw Displays Stack Firmware Synchronization configuration status PE show boot Displays the current status of the Auto Config process P...

Page 143: ...a captive portal configuration CPI name Configures the name for a captive portal configuration CPI protocol Configures the protocol mode for a captive portal configuration CPI redirect Enables the redirect mode for a captive portal configuration CPI redirect url Configures the redirect URL for a captive portal configuration CPI session timeout Configures the session timeout for a captive portal co...

Page 144: ...logout Enables captive portal users to log out of the portal CPI user name Modifies the user name for a local captive portal user CP user password Creates a local user or changes the password for an existing user CP user session timeout Sets the session timeout value for a captive portal user CP show captive portal configuration Displays the operational status of each captive portal configuration ...

Page 145: ...cro apply Use to apply a macro IC macro trace Applies and traces a macro IC macro description Appends a line to the macro description IC show parser macro Displays information about defined macros PE Command Description Modea show clock Displays the time and date of the system clock PE show sntp configuration Displays the SNTP configuration PE show sntp server Displays the pre configured SNTP serv...

Page 146: ...ock summer time date Sets the summertime offset to UTC GC show clock Displays the time and date from the system clock PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 Configuration and Image Files script apply Applies commands in the script to the switch PE script delete Deletes ...

Page 147: ...t startup UE show running config Displays the contents of the currently running configuration file PE show startup config Displays the startup configuration file contents PE update bootcode Updates the bootcode on one or more switches PE write Copies the running configuration image to the startup configuration PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Descrip...

Page 148: ...ror messages are sent GC ipv6 unreachables Enables the generation of ICMPv6 Destination Unreachable messages IC show dos control Displays Denial of Service configuration information PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea exec timeout Configures the interval that the system waits for user input LC history Enables the command history functi...

Page 149: ...it rule MA show management access class Displays the active management access list PE show management access list Displays management access lists PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 configure terminal Gets to the configure line This command is equivalent to the configure command PE do Executes commands available in Privileged EXEC mod...

Page 150: ...ercase letters that a password must contain GC passwords strength minimum numeric characters Enforces a minimum number of numeric numbers that a password should contain GC passwords strength minimum special characters Enforces a minimum number of special characters that a password may contain GC passwords strength maximum consecutive characters Enforces a maximum number of consecutive characters t...

Page 151: ...iagnostics PE test copper port tdr Diagnoses with TDR Time Domain Reflectometry technology the quality and characteristics of a copper cable attached to a port PE Command Description Modea power inline Enables disables the ability of the port to deliver power IC Ethernet power inline detection Configures the detection type that tells which types of PD s will be detected and powered by the switch I...

Page 152: ...the PoE controller firmware present on the switch file system PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea rmon alarm Configures alarm conditions GC rmon collection history Enables a Remote Monitoring RMON MIB history statistics group on an interface IC rmon event Configures an RMON event GC show rmon alarm Displays alarm configurations UE show...

Page 153: ...nables Auto VOIP debug messages PE debug clear Disables all debug traces PE debug console Enables the display of debug trace output on the login session in which it is executed PE debug dot1x Enables dot1x packet tracing PE debug igmpsnooping Enables tracing of IGMP Snooping packets transmitted and or received by the switch PE debug ip acl Enables debug of IP Protocol packets matching the ACL crit...

Page 154: ...f LACP packets received and transmitted by the switch PE debug mldsnooping Traces MLD snooping packet reception and transmission PE debug ospf Enables tracing of OSPF packets received and transmitted by the switch PE debug ospfv3 Enables tracing of OSPFv3 packets received and transmitted by the switch PE debug ping Enables tracing of ICMP echo requests and responses PE debug rip Enables tracing of...

Page 155: ...f rcvr_idx is valid IC show sflow agent Displays the sflow agent information PE show sflow destination Displays all the configuration information related to the sFlow receivers PE show sflow polling Displays the sFlow polling instances created on the switch PE show sflow sampling Displays the sFlow sampling instances created on the switch PE Command Description Modea show snmp Displays the SNMP st...

Page 156: ...er host Specifies the recipient of SNMP notifications GC snmp server location Sets the system location string GC snmp server user Configures a new SNMP Version 3 user GC snmp server view Creates or updates a Simple Network Management Protocol SNMP server view entry GC snmp server v3 host Specifies the recipient of Simple Network Management Protocol Version 3 SNMPv3 notifications GC a For the meani...

Page 157: ...nfigured and enters the SSH public key string configuration command SP a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea clear logging Clears messages from the internal logging buffer PE clear logging file Clears messages from the logging file PE description Describes the syslog server L level Specifies the importance level of syslog messages L logging...

Page 158: ...isplays the syslog servers settings PE a For the meaning of each Mode abbreviation see Mode Types on page 79 Command Description Modea asset tag Specifies the switch asset tag GC banner exec Sets the message that is displayed after a successful login GC banner login Sets the message that is displayed just before the login prompt GC banner motd Specifies message of the day banner GC banner motd ack...

Page 159: ...igures a slot in the system GC show banner Displays banner information PE show boot version Displays the boot image version details UE show checkpoint statistics Displays the statistics for the checkpointing process PE show cut through mode Show the cut through mode on the switch PE show interfaces advanced firmware Displays the firmware revision of the PHY for a port PE show memory cpu Checks the...

Page 160: ...mperature and fan status UE or PE show tech support Displays system and configuration information for debugging calls to technical support PE show users Displays information about the active users PE show version Displays the system version information UE stack Sets the mode to Stack Global Configuration mode GC stack port Sets the mode to Stack Global Configuration mode to configure Stack ports a...

Page 161: ...eviation see Mode Types on page 79 terminal length Sets the terminal length PE Command Description Modea a For the meaning of each Mode abbreviation see Mode Types on page 79 time range Creates a time range identified by name consisting of one absolute time entry and or one or more periodic time entries GC absolute Adds an absolute time entry to a time range TRC periodic Adds a periodic time entry...

Page 162: ...ode to the previously highest mode in the CLI mode hierarchy All exit EXEC Closes an active terminal session by logging off the switch UE quit Closes an active terminal session by logging off the switch UE Command Description Modea common name Specifies the common name for the device CC country Specifies the country CC crypto certificate generate Generates a HTTPS certificate GC crypto certificate...

Page 163: ...from a browser GC key generate Specifies the key generate CC location Specifies the location or city name CC organization unit Specifies the organization unit or department name CC show crypto certificate mycertificate Displays the SSL certificates of your switch PE show ip http server status Displays the HTTP server status information PE show ip http server secure status Displays the HTTP secure ...

Page 164: ...164 Command Groups 2CSPC4 XCT SWUM2XX1 book Page 164 Monday October 3 2011 11 05 AM ...

Page 165: ...net 1 0 5 show interfaces and status are keywords gigabitethernet is an argument that specifies the interface type and 1 0 5 specifies the unit slot port When working with the CLI the command options are not displayed The command is not selected by a menu but is entered manually To see what commands are available in each mode or within an Interface Configuration the CLI provides a method of displa...

Page 166: ...rm Commands Keyboard Shortcuts Operating on Multiple Objects Range Command Scripting CLI Command Notation Conventions Interface Naming Conventions History Buffer Every time a command is entered in the CLI it is recorded in an internally managed Command History buffer Commands are stored in the buffer which operates on a First In First Out FIFO basis These commands can be recalled reviewed modified...

Page 167: ... EXEC modes Command Completion CLI can complete partially entered commands when the user presses the tab or space key If a command entered is not complete is not valid or if some parameters of the command are not valid or missing an error message is displayed to assist in entering the correct command By pressing the tab key an incomplete command is changed into a complete command If the characters...

Page 168: ...rm of the command as if the user typed the full command Keyboard Shortcuts The CLI has a range of keyboard shortcuts to assist in editing the CLI commands The help command when used in the User EXEC and Privileged EXEC modes displays the keyboard short cuts Table 2 2 contains the CLI shortcuts displayed by the help command 2CSPC4 XCT SWUM2XX1 book Page 168 Monday October 3 2011 11 05 AM ...

Page 169: ... Ctrl B Go backward one character Ctrl D Delete current character Ctrl U X Delete to beginning of line Ctrl K Delete to the end of the line Ctrl W Delete previous word Ctrl T Transpose previous character Ctrl P Go to previous line history buffer Ctrl R Rewrites or pastes the line Ctrl N Go to next line in history buffer Ctrl Y Print last deleted character Ctrl Q Enables serial flow Ctrl S Disables...

Page 170: ...ventions on page 171 To specify a range of LAGs use the following command interface range port channel 1 48 No spaces are allowed anywhere in a range parameter e g gi1 0 1 2 is not accepted nor is gi1 0 2 gi1 0 4 Use gi1 0 1 2 and gi 1 0 2 gi1 0 4 respectively When operating on a range of objects the CLI implementation hides the parameters that may not be configured in a range for example paramete...

Page 171: ...hernet Interfaces The gigabit Ethernet and ten gigabit Ethernet ports are identified in the CLI by the variable unit slot port where Convention Description In a command line square brackets indicate an optional entry In a command line inclusive brackets indicate a selection of compulsory parameters separated by the character One option must be selected For example flowcontrol auto on off means tha...

Page 172: ... 1 12 The unit value is 1 for standalone switches Slot The slot number is an integer number assigned to a particular slot Front panel ports have a slot number of 0 Rear panel ports are numbered from 1 and can be identified by the lexan on the rear panel Use the show slot command on page 1610 to retrieve information for a particular slot Port The port number is an integer number assigned to the phy...

Page 173: ...nted in the CLI by the variable loopback id which can assume values from 0 7 VLAN Interfaces VLAN interfaces are represented in the CLI by the variable vlan id which can can assume values from 1 4093 Tunnel Interfaces Tunnel interfaces are represented in the CLI by the variable tunnel id which can can assume values from 0 7 Interface Type Long Form Short Form Identifier Fast Ethernet fastethernet ...

Page 174: ...l 5 Example 2 console show vlan VLAN Name Ports Type 1 default Po1 48 Default Gi1 0 1 24 Example 3 console show slot 1 0 Slot 1 0 Slot Status Full Admin State Enable Power State Enable Inserted Card Model Identifier PowerConnect 7024F Card Description Dell 24 Port Fiber Configured Card 2CSPC4 XCT SWUM2XX1 book Page 174 Monday October 3 2011 11 05 AM ...

Page 175: ...e to the user and only those commands are shown in the context sensitive help for that level In this guide commands are organized into three categories Layer 2 Data Link Layer commands Layer 3 Network Layer commands Utility Commands Layer 2 Data Link Layer describes the logical organization of data bits transmitted on a particular medium This layer defines the framing addressing and checksumming o...

Page 176: ...ext level the Privileged EXEC mode a password is required The Privileged EXEC mode provides access to commands that can not be executed in the User EXEC mode and permits access to the switch Configuration mode The Global Configuration mode manages switch configuration on a global level For specific interface configurations command modes exist at a sub level Entering a at the system prompt displays...

Page 177: ...e Global Configuration mode console config The following are the Global Configuration modes SNMP v3 Host Configuration Configures the parameters for the SNMP v3 server host SNMP Community Configuration Configures the parameters for the SNMP server community Interface and Other Specific Configuration Modes Interface configuration modes are used to modify specific interface operations The following ...

Page 178: ...on mode Policy map Use the policy map command to access the QoS policy map configuration mode to configure the QoS policy map Policy Class Use the class command to access the QoS Policy class mode to attach or remove a diffserv class from a policy and to configure the QoS policy class Class Map This mode consists of class creation deletion and matching commands The class matching commands specify ...

Page 179: ...mote SSH Client The SSH Public Key Chain Configuration mode command user key command is used to enter the SSH Public Key Configuration mode MAC Access List Configures conditions required to allow traffic based on MAC addresses The Global Configuration mode command mac access list is used to enter the MAC Access List configuration mode TACACS Configures the parameters for the TACACS server Radius C...

Page 180: ...example if the current configuration mode is config if and the object being operated on is gigabit ethernet 1 on unit 1 the prompt displays the object type and unit for example 1 0 1 The sign is used to indicate that the system is in the Privileged EXEC mode The symbol indicates that the system is in the User EXEC mode which is a read only mode in which the system does not allow configuration Navi...

Page 181: ...obal Configuration From Privileged EXEC mode use the configure command console config Use the exit command or press Ctrl Z to return to the PrivilegedEXEC mode Line Interface From Global Configuration mode use the line command console config line To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Management Access List From Global Configuration mode u...

Page 182: ... Z to Privileged EXEC mode MAC Access List From Global Configuration mode use the mac access list command console config mac access list To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SSH Public Key Chain From Global Configuration mode use the crypto key pubkey chain ssh command console config pubkey chain To exit to Global Configuration mode use ...

Page 183: ...exit command or press Ctrl Z to Privileged EXEC mode Radius From Global Configuration mode use the radius server host command console config radius To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode SNMP Host Configuration From Global Configuration mode use the snmp server command console config snmp To exit to Global Configuration mode use the exit c...

Page 184: ...r press Ctrl Z to Privileged EXEC mode Crypto Certificate Generation From Global Configuration mode use the crypto certificate number generate command console config crypto cert To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Crypto Certificate Request From Privileged EXEC mode use the crypto certificate number request command console config crypto...

Page 185: ...l Z to Privileged EXEC mode MST From Global Configuration mode use the spanning tree mst configuration command console config mst To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode VLAN Config From Global Configuration mode use the vlan database command console config vlan To exit to Global Configuration mode use the exit command or press Ctrl Z to Pr...

Page 186: ...ivileged EXEC mode Router OSPFv3 Config From Global Configuration mode use the ipv6 router ospf command console config rtr To exit to Global Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode IPv6 DHCP Pool Mode From Global Configuration mode use the ipv6 dhcp pool command console config dhcp6s pool To exit to Global Configuration mode use the exit command or press Ctr...

Page 187: ...l Configuration mode use the exit command or press Ctrl Z to Privileged EXEC mode Port Channel From Global Configuration mode use the interface port channel command Or use the abbreviation interface po console config if poport channel number To exit to Global Configuration mode use the exit command or Ctrl Z to Privileged EXEC mode VLAN From Global Configuration mode use the interface vlan command...

Page 188: ...n to the switch console port or through a Telnet connection If access is through a Telnet connection the switch must have a defined IP address corresponding management access granted and a connection to the network Tunnel From Global Configuration mode use the interface tunnel command Or use the abbreviation interface tu console config tunneltunnel id To exit to Global Configuration mode use the e...

Page 189: ...local authentication setting only which allows user account access via these management interfaces The user may return later to configure Radius or TACACS Sets the IP address for VLAN 1 or enables support for DHCP to configure the IP address dynamically Sets up the SNMP community string to be used by the SNMP manager The user may choose to skip this step if SNMP management is not used If it is con...

Page 190: ...configuration the user saved previously automatically is offered for the user to accept The user may elect to correct only a few items instead of re entering all the data Since a switch may be powered on in the field without a serial connection the switch waits 60 seconds for the user to respond to the setup wizard question in instances where no configuration files exist If there is no response th...

Page 191: ... No Transfer to CLI mode No Did the user previously save a startup configuration Yes Transfer to CLI mode Yes Is SNMP Management Required Yes Yes Save Setup Discard Changes and Restart Wizard Request IP Address Network Mask Default Gateway IP Request SNMP Community String Server IP Address No No 2CSPC4 XCT SWUM2XX1 book Page 191 Monday October 3 2011 11 05 AM ...

Page 192: ... defined above SNMPv3 is disabled The admin user account is set up as defined The address of the network management station is configured From this management station the user can access the SNMP HTTP and CLI interfaces The user may also choose to allow all IP addresses to access switch management by choosing the 0 0 0 0 IP address An IP address is configured for the default VLAN 1 A default gatew...

Page 193: ...ault system configuration Note You can exit the setup wizard at any point by entering ctrl z Would you like to run the setup wizard you must answer this question within 60 seconds Y N y Step 1 The system is not setup for SNMP management by default To manage the switch using SNMP required for Dell Network Manager you can o Set up the initial SNMP version 2 account now o Return later and setup other...

Page 194: ... initial privilege Level 15 user account This account is used to login to the CLI and Web interface You may setup other accounts and change privilege levels later For more information on setting up user accounts and changing privilege levels see the user documentation To setup a user account Please enter the user name admin Enter Please enter the user password Enter Please reenter the user passwor...

Page 195: ... 255 255 0 Enter Step 4 Finally set up the gateway Please enter the IP address of the gateway from which this network is reachable 192 168 1 1 Enter This is the configuration information that has been collected SNMP Interface public 192 168 2 1 User Account setup admin Password Management IP address 192 168 2 1 255 255 255 0 Gateway 0 0 0 0 Step 5 If the information is correct please select Y to s...

Page 196: ...ut only one of them is active The other one is a backup image The same is true for configuration images which store the configuration parameters for the switch The system has three configuration images One image is a memory only image and is the current configuration image for the switch The second image is the one that is loaded by the system when it reboots There is one backup configuration imag...

Page 197: ...on the local file system to accommodate the file an error is flagged Refer to the copy command description on page 1375 in the Layer 2 commands section of the guide for command details Referencing External Internal File systems Configuration or software images are copied to or retrieved from remote file systems using TFTP and XMODEM protocols tftp server name path filename identifies a file on a r...

Page 198: ...image2 These files refer to software images One of these will be loaded when the system next reboots Either image1 or image2 can be chosen for the next reboot using the command boot system CLI prevents the user from accidentally copying a configuration image onto a software image and vice versa Management Interface Security This section describes the minimum set of management interface security me...

Page 199: ... accounts but the user will not be able to delete the last level 15 account The user password is saved internally in encrypted format and never appears in clear text anywhere on the CLI The CLI supports TACACS and Radius authentication servers The CLI allows the user to configure primary and secondary authentication servers If the primary authentication server fails to respond within a configurabl...

Page 200: ... x TACACS provides the appropriate level of access The following rules and specifications apply The user determines whether remote authentication servers or locally defined user authentication accounts are used If authentication servers are used the user can identify at least two remote servers the user may choose to configure only one server and what protocol to use with the server TACACS or Radi...

Page 201: ...ts are not recorded Security Logs Security logs are maintained to record all security events including the following User login User logout Denied login attempts User attempt to exceed security access level Denied attempts by external management system to access the system The security log record contains the following information The user name if available or the protocol being accessed if the ev...

Page 202: ...agement profiles the user defines the list of hosts or subnets from which the management profiles may be used Other CLI Tools and Capabilities The CLI has several other capabilities associated with its primary functions Terminal Paging The terminal width and length for CLI displays is 79 characters and 25 lines respectively The length setting is used to control the number of lines the CLI will dis...

Page 203: ...n progress DskVol Volume is OK volume descriptor ptr pVolDesc 0x814cf10 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE volume options max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volum...

Page 204: ...n sectors 8 first cluster is in sector 260 Update last access date for open read close FALSE Boot Menu 4 1 0 6 Select an option If no selection in 10 seconds then operational code will start 1 Start operational code 2 Start Boot Menu Select 1 2 Operational Code Date Mon Feb 28 16 43 14 2011 Uncompressing Bulk Class Driver Successfully Initialized 2CSPC4 XCT SWUM2XX1 book Page 204 Monday October 3 ...

Page 205: ...iptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0xbb total number of sectors 124 408 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 122 of FAT table copies 2 of hidden sectors 8 first cluster is in sec...

Page 206: ...aaaaaa Instantiating RamCP as rawFs device 0x30001 Formatting RamCP for DOSFS Instantiating RamCP as rawFs device 0x30001 Formatting OK Unit 1 Waiting to select management unit Applying Global configuration please wait Applying Interface configuration please wait console Boot Utility Menu If a user is connected through the serial interface during the boot sequence pressing the esc key interrupts t...

Page 207: ...roduct data 6 Abort boot code update 7 Update boot code 8 Delete backup image 9 Reset the system 10 Restore configuration to factory defaults delete config files 11 Activate Backup Image 12 Password Recovery Procedure 13 Reformat and restore file system Boot Menu 2 Select baud rate 1 1200 2 2400 3 4800 4 9600 5 19200 6 38400 2CSPC4 XCT SWUM2XX1 book Page 207 Monday October 3 2011 11 05 AM ...

Page 208: ...e Size 0K 12 Sectors 89 Bytes Estimated transmission time 14 seconds Send several Control X characters to cancel before transfer starts Boot Menu 4 Ready to receive the file with XMODEM CRC Ready to RECEIVE File xcode bin in binary mode Send several Control X characters to cancel before transfer starts CKCK Boot Menu 5 2CSPC4 XCT SWUM2XX1 book Page 208 Monday October 3 2011 11 05 AM ...

Page 209: ...nts 3 Operational Code Size 0xa73af4 10959604 Operational Code Offset 0x74 116 Operational Code FLASH flag 1 Operational Code CRC 0x20E7 Operational Compression flag 2 lzma Boot Code Version 1 Boot Code Size 0x100000 1048576 Boot Code Offset 0xa73b68 10959720 Boot Code FLASH flag 0 Boot Code CRC 0x578 2CSPC4 XCT SWUM2XX1 book Page 209 Monday October 3 2011 11 05 AM ...

Page 210: ...t Code and reset y n y Validating image2 OK Extracting boot code from image CRC valid Erasing Boot Flash Done Wrote 0x10000 bytes Wrote 0x20000 bytes Wrote 0x30000 bytes Wrote 0x40000 bytes Wrote 0x50000 bytes Wrote 0x60000 bytes Wrote 0x70000 bytes Wrote 0x80000 bytes Wrote 0x90000 bytes Wrote 0xa0000 bytes 2CSPC4 XCT SWUM2XX1 book Page 210 Monday October 3 2011 11 05 AM ...

Page 211: ...evices in x16 mode DskVol disk check in progress DskVol Volume is OK Change volume Id from 0x0 to 0x79 volume descriptor ptr pVolDesc 0x814cf10 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE volume options max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 2CSPC4 XCT SWUM2XX1 boo...

Page 212: ...ctors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 122 of FAT table copies 2 of hidden sectors 8 first cluster is in sector 260 Update last access date for open read close FALSE Boot Menu 4 1 0 6 Select an option If no selection in 10 seconds then operational code will start 1 Start operational code 2 Start Boot Menu 2CSPC4 XCT SWUM2XX1 book Page 212 Monday Octo...

Page 213: ...nal code vital product data 6 Abort boot code update 7 Update boot code 8 Delete backup image 9 Reset the system 10 Restore configuration to factory defaults delete config files 11 Activate Backup Image 12 Password Recovery Procedure 13 Reformat and restore file system Boot Menu 8 Are you SURE you want to delete image1 y n y image1 deleted 2CSPC4 XCT SWUM2XX1 book Page 213 Monday October 3 2011 11...

Page 214: ...de Date Mon Feb 28 16 43 14 2011 Uncompressing Bulk Class Driver Successfully Initialized Adding 0 symbols for standalone CFI Probe Found 2x16 devices in x16 mode volume descriptor ptr pVolDesc 0x5157150 XBD device block I O handle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 2CSPC4 XCT SWUM2XX1 book Page 214 Monday October 3 2011 11 05 AM ...

Page 215: ...lume label NO LABEL in boot sector volume Id 0x79 total number of sectors 124 408 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FAT entry size FAT16 of sectors per FAT copy 122 of FAT table copies 2 of hidden sectors 8 first cluster is in sector 260 Update last access date for open read close FALSE PCI unit 0 Dev 0xb634 Rev 0x11 Chip BCM56634_B0 Driver BCM56634_B0 2CSPC4 XCT ...

Page 216: ...Instantiating download as rawFs device 0x20001 Formatting OK 186 NOV 15 10 03 48 0 0 0 0 1 General 1073741072 bootos c 220 1 Event 0xaaaaaaaa Instantiating RamCP as rawFs device 0x30001 Formatting RamCP for DOSFS Instantiating RamCP as rawFs device 0x30001 Formatting OK Unit 1 Waiting to select management unit USB Auto Configuration process is completed Applying Global configuration please wait 2C...

Page 217: ...the setup wizard within 60 seconds otherwise the system will continue with normal operation using the default system configuration Note You can exit the setup wizard at any point by entering ctrl z Would you like to run the setup wizard you must answer this question within 60 seconds Y N n Thank you for using the Dell Easy Setup Wizard You will now enter CLI mode Applying Interface configuration p...

Page 218: ... 1 0 6 CPU Card ID 0x508548 CFI Probe Found 2x16 devices in x16 mode DskVol disk check in progress DskVol files DskVol files image2 DskVol files boot dim DskVol files crashdump ctl DskVol files dh512 pem DskVol files dh1024 pem DskVol files sslt_cert1 pem DskVol files sslt_key1 pem DskVol files ssh_host_key DskVol files ssh_host_dsa_key 2CSPC4 XCT SWUM2XX1 book Page 218 Monday October 3 2011 11 05...

Page 219: ...andle 0x10001 auto disk check on mount DOS_CHK_REPAIR DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE volume options max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0x79 total number of sectors 124 408 2CSPC4 XCT SWUM...

Page 220: ...last access date for open read close FALSE Boot Menu 4 1 0 6 Select an option If no selection in 10 seconds then operational code will start 1 Start operational code 2 Start Boot Menu Select 1 2 2 Boot Menu 4 1 0 6 Options available 1 Start operational code 2 Change baud rate 3 Retrieve event log using XMODEM 4 Load new operational code using XMODEM 2CSPC4 XCT SWUM2XX1 book Page 220 Monday October...

Page 221: ...wFs device 0x20001 Formatting RamDisk for DOSFS Instantiating RamDisk as rawFs device 0x20001 Formatting RamDisk file system is marked clean skipping check OK copying file DskVol files image1 RamDisk image1 copying file DskVol files image2 RamDisk image2 copying file DskVol files startup config RamDisk startup config copying file DskVol files vpd bin RamDisk vpd bin copying file DskVol files hpc_b...

Page 222: ...key RamDisk ssh_host_key copying file DskVol files ssh_host_dsa_key RamDisk ssh_host_dsa_key copying file DskVol files ssh_host_rsa_key RamDisk ssh_host_rsa_key image2 12679504 11 15 113 9 30 36 hpc_broad cfg 148 11 15 113 10 04 30 boot dim 77 4 22 105 8 00 02 dh512 pem 156 5 30 113 0 20 24 dh1024 pem 245 5 30 113 0 20 24 sslt_cert1 pem 863 6 2 113 5 09 30 sslt_key1 pem 887 6 2 113 5 09 30 ssh_hos...

Page 223: ...atted 4 of 251 units 1 5 Formatted 5 of 251 units 1 9 Formatted 6 of 251 units 2 3 Formatted 7 of 251 units 2 7 Formatted 8 of 251 units 3 1 Formatted 9 of 251 units 3 5 Formatted 10 of 251 units 3 9 Formatted 11 of 251 units 4 3 Formatted 12 of 251 units 4 7 Formatted 13 of 251 units 5 1 Formatted 14 of 251 units 5 5 Formatted 15 of 251 units 5 9 Formatted 16 of 251 units 6 3 Formatted 17 of 251 ...

Page 224: ... units 11 5 Formatted 30 of 251 units 11 9 Formatted 31 of 251 units 12 3 Formatted 32 of 251 units 12 7 Formatted 33 of 251 units 13 1 Formatted 34 of 251 units 13 5 Formatted 35 of 251 units 13 9 Formatted 36 of 251 units 14 3 Formatted 37 of 251 units 14 7 Formatted 38 of 251 units 15 1 Formatted 39 of 251 units 15 5 Formatted 40 of 251 units 15 9 Formatted 41 of 251 units 16 3 Formatted 42 of ...

Page 225: ... 251 units 21 9 Formatted 56 of 251 units 22 3 Formatted 57 of 251 units 22 7 Formatted 58 of 251 units 23 1 Formatted 59 of 251 units 23 5 Formatted 60 of 251 units 23 9 Formatted 61 of 251 units 24 3 Formatted 62 of 251 units 24 7 Formatted 63 of 251 units 25 0 Formatted 64 of 251 units 25 4 Formatted 65 of 251 units 25 8 Formatted 66 of 251 units 26 2 Formatted 67 of 251 units 26 6 Formatted 68...

Page 226: ... 251 units 32 2 Formatted 82 of 251 units 32 6 Formatted 83 of 251 units 33 0 Formatted 84 of 251 units 33 4 Formatted 85 of 251 units 33 8 Formatted 86 of 251 units 34 2 Formatted 87 of 251 units 34 6 Formatted 88 of 251 units 35 0 Formatted 89 of 251 units 35 4 Formatted 90 of 251 units 35 8 Formatted 91 of 251 units 36 2 Formatted 92 of 251 units 36 6 Formatted 93 of 251 units 37 0 Formatted 94...

Page 227: ... units 42 6 Formatted 108 of 251 units 43 0 Formatted 109 of 251 units 43 4 Formatted 110 of 251 units 43 8 Formatted 111 of 251 units 44 2 Formatted 112 of 251 units 44 6 Formatted 113 of 251 units 45 0 Formatted 114 of 251 units 45 4 Formatted 115 of 251 units 45 8 Formatted 116 of 251 units 46 2 Formatted 117 of 251 units 46 6 Formatted 118 of 251 units 47 0 Formatted 119 of 251 units 47 4 Form...

Page 228: ...51 units 52 9 Formatted 134 of 251 units 53 3 Formatted 135 of 251 units 53 7 Formatted 136 of 251 units 54 1 Formatted 137 of 251 units 54 5 Formatted 138 of 251 units 54 9 Formatted 139 of 251 units 55 3 Formatted 140 of 251 units 55 7 Formatted 141 of 251 units 56 1 Formatted 142 of 251 units 56 5 Formatted 143 of 251 units 56 9 Formatted 144 of 251 units 57 3 Formatted 145 of 251 units 57 7 Fo...

Page 229: ...51 units 63 3 Formatted 160 of 251 units 63 7 Formatted 161 of 251 units 64 1 Formatted 162 of 251 units 64 5 Formatted 163 of 251 units 64 9 Formatted 164 of 251 units 65 3 Formatted 165 of 251 units 65 7 Formatted 166 of 251 units 66 1 Formatted 167 of 251 units 66 5 Formatted 168 of 251 units 66 9 Formatted 169 of 251 units 67 3 Formatted 170 of 251 units 67 7 Formatted 171 of 251 units 68 1 Fo...

Page 230: ...51 units 73 7 Formatted 186 of 251 units 74 1 Formatted 187 of 251 units 74 5 Formatted 188 of 251 units 74 9 Formatted 189 of 251 units 75 2 Formatted 190 of 251 units 75 6 Formatted 191 of 251 units 76 0 Formatted 192 of 251 units 76 4 Formatted 193 of 251 units 76 8 Formatted 194 of 251 units 77 2 Formatted 195 of 251 units 77 6 Formatted 196 of 251 units 78 0 Formatted 197 of 251 units 78 4 Fo...

Page 231: ...51 units 84 0 Formatted 212 of 251 units 84 4 Formatted 213 of 251 units 84 8 Formatted 214 of 251 units 85 2 Formatted 215 of 251 units 85 6 Formatted 216 of 251 units 86 0 Formatted 217 of 251 units 86 4 Formatted 218 of 251 units 86 8 Formatted 219 of 251 units 87 2 Formatted 220 of 251 units 87 6 Formatted 221 of 251 units 88 0 Formatted 222 of 251 units 88 4 Formatted 223 of 251 units 88 8 Fo...

Page 232: ...matted 237 of 251 units 94 4 Formatted 238 of 251 units 94 8 Formatted 239 of 251 units 95 2 Formatted 240 of 251 units 95 6 Formatted 241 of 251 units 96 0 Formatted 242 of 251 units 96 4 Formatted 243 of 251 units 96 8 Formatted 244 of 251 units 97 2 Formatted 245 of 251 units 97 6 Formatted 246 of 251 units 98 0 Formatted 247 of 251 units 98 4 Formatted 248 of 251 units 98 8 Formatted 249 of 25...

Page 233: ...DOS_CHK_VERB_2 volume write mode copyback DOS_WRITE volume options max of simultaneously open files 52 file descriptors in use 0 of different files in use 0 of descriptors for deleted files 0 of obsolete descriptors 0 current volume configuration volume label NO LABEL in boot sector volume Id 0x0 total number of sectors 124 408 bytes per sector 512 of sectors per cluster 4 of reserved sectors 1 FA...

Page 234: ...ing file RamDisk image1 DskVol files image1 copying file RamDisk image2 DskVol files image2 copying file RamDisk startup config DskVol files startup config copying file RamDisk vpd bin DskVol files vpd bin copying file RamDisk hpc_broad cfg DskVol files hpc_broad cfg copying file RamDisk boot dim DskVol files boot dim copying file RamDisk dh512 pem DskVol files dh512 pem 2CSPC4 XCT SWUM2XX1 book P...

Page 235: ...pying file RamDisk ssh_host_dsa_key DskVol files ssh_host_dsa_key copying file RamDisk ssh_host_rsa_key DskVol files ssh_host_rsa_key image2 12679504 11 15 113 9 30 36 hpc_broad cfg 148 11 15 113 10 04 30 boot dim 77 4 22 105 8 00 02 dh512 pem 156 5 30 113 0 20 24 dh1024 pem 245 5 30 113 0 20 24 sslt_cert1 pem 863 6 2 113 5 09 30 sslt_key1 pem 887 6 2 113 5 09 30 ssh_host_key 517 5 30 113 0 20 24 ...

Page 236: ...traps from the system This feature is equivalent to the alarm monitoring window in a typical network management system The user enables events or monitor traps from the CLI by entering the command logging console Traps generated by the system are dumped to all CLI sessions that have requested monitoring mode to be enabled The no logging console command disables trap monitoring for the session By d...

Page 237: ... Commands IPv6 MLD Snooping Querier Commands QoS Commands Address Table Commands Ethernet CFM Commands IP Source Guard Commands RADIUS Commands Auto VoIP Commands Green Ethernet Commands iSCSI Optimization Commands Spanning Tree Commands CDP Interoperability Commands GVRP Commands Link Dependency Commands TACACS Commands DHCP Layer 2 Relay Commands IGMP Snooping Commands LLDP Commands VLAN Command...

Page 238: ...238 Layer 2 Switching Commands 2CSPC4 XCT SWUM2XX1 book Page 238 Monday October 3 2011 11 05 AM ...

Page 239: ...uthenticated using the RADIUS server TACACS The user s ID and password are authenticated using the TACACS server None No authentication is used Enable Uses the enable password for authentication Line Uses the line password for authentication Authentication Preference Lists APLs An Authentication Preference List is an ordered list of authentication methods To authenticate a user the authentication ...

Page 240: ... basis see above Commands in this Chapter This chapter explains the following commands aaa authentication dot1x default Use the aaa authentication dot1x default command in Global Configuration mode to specify an authentication method for 802 1x clients Use the no form of the command to return the authentication method to its default settings aaa authentication dot1x default enable authentication p...

Page 241: ...ntication server Example The following example configures 802 1x authentication to use no authentication Absent any other configuration this command allows all 802 1x users to pass traffic through the switch console config aaa authentication dot1x default none The following example configures 802 1x authentication to use a RADIUS server A RADIUS server must be configured using the radius server ho...

Page 242: ...ivilege levels list name Character string used to name the list of authentication methods activated when using access higher privilege levels Range 1 15 characters method1 method2 Specify at least one from the following table Default Configuration The default enable list is enableList It is used by console telnet and SSH and only contains the method none Command Mode Global Configuration mode Keyw...

Page 243: ...if no authentication method is defined A level one user must authenticate to get to privileged EXEC mode For example if none is specified as an authentication method after radius no authentication is used if the RADIUS server is down NOTE Requests sent by the switch to a RADIUS server include the username enabx where x is the requested privilege level For enable to be authenticated on Radius serve...

Page 244: ...command Create a list by entering the aaa authentication login list name method command for a particular protocol where list name is any character string used to name this list The method argument identifies the list of methods that the authentication algorithm tries in the given sequence The additional methods of authentication are used only if the previous method returns an error not if there is...

Page 245: ...able the switch to accept VLAN assignment by the RADIUS server Syntax aaa authorization network default radius no aaa authorization network default radius Default Configuration By default the switch does not accept VLAN assignments by the RADIUS server Command Mode Global Configuration mode User Guidelines The RADIUS server can place a port in a particular VLAN based on the result of the authentic...

Page 246: ...o remove the user from the internal user database Syntax aaa ias user username user no aaa ias user username user Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines This command has no user guidelines Examples console configure console config aaa ias user usern...

Page 247: ...re a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the switch to use the new model command set config aaa new model clear IAS Use the clear aaa ias users command in Privileged EXEC mode to delete all IAS users Syntax c...

Page 248: ...tion method list when accessing a higher privilege level from a remote telnet or console To return to the default specified by the enable authentication command use the no form of this command Syntax enable authentication default list name no enable authentication default Uses the default list created with the aaa authentication enable command list name Uses the indicated list created with the aaa...

Page 249: ...enable authentication default enable password Use the enable password command in Global Configuration mode to set a local password to control access to the privileged EXEC mode To remove the password requirement use the no form of this command Syntax enable password password encrypted no enable password password Password for this level Range 8 64 characters encrypted Encrypted password entered cop...

Page 250: ...nable password xxxyyyzzz ip http authentication Use the ip http authentication command in Global Configuration mode to specify authentication methods for http server users To return to the default use the no form of this command Syntax ip http authentication method1 method2 no ip http authentication method1 method2 Specify at least one from the following table Default Configuration The local user ...

Page 251: ...ig ip http authentication radius local ip https authentication Use the ip https authentication command in Global Configuration mode to specify authentication methods for https server users To return to the default configuration use the no form of this command Syntax ip https authentication method1 method2 no ip https authentication Parameter Description method1 method2 Specify at least one from th...

Page 252: ... Example The following example configures https authentication console config ip https authentication radius local login authentication Use the login authentication command in Line Configuration mode to specify the login authentication method list for a line console telnet or SSH To return to the default specified by the authentication login command use the no form of this command Syntax login aut...

Page 253: ...to configure a password for a user The password is composed of up to 64 alphanumeric characters An optional parameter encrypted is provided to indicate that the password given to the command is already pre encrypted To clear the user s password use the no form of this command Syntax password password encrypted no password Parameter Description This command does not require a parameter description ...

Page 254: ...sword 1f3ccb1157 console Config IAS User exit console config password Line Configuration Use the password command in Line Configuration mode to specify a password on a line To remove the password use the no form of this command NOTE For commands that configure password properties see Password Management Commands on page 1423 Syntax password password encrypted no password password Password for this...

Page 255: ...n user to change the password for only that user without having read write privileges This command should be used after the password has aged The user is prompted to enter the old password and the new password NOTE For commands that configure password properties see Password Management Commands Syntax password Parameter Description This command does not require a parameter description Default Conf...

Page 256: ... ias users command in Privileged EXEC mode to display configured IAS users and their attributes Passwords configured are not shown in the show command output Syntax show aaa ias users username Parameter Description This command does not require a parameter description Default Behavior This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user gu...

Page 257: ...a45c74fdf50a558a2b5cf05573cd633bac2c6c598d54497ad4c46 104918f2c encrypted exit show authentication methods Use the show authentication methods command in Privileged EXEC mode to display information about the authentication methods Syntax show authentication methods Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no ...

Page 258: ...List enable none enableNetList enable Line Login Method List Enable Method List Console defaultList enableList Telnet networkList enableNetList SSH networkList enableNetList HTTPS local HTTP local DOT1X show users accounts Use the show users accounts command in Privileged EXEC mode to display the local user status with respect to user account lockout and password aging 2CSPC4 XCT SWUM2XX1 book Pag...

Page 259: ...rmation about the local user database console show users accounts UserName Privilege Password Password Lockout Aging Expiry date Parameter Description User Name Local user account s user name Privilege User s access level read only or read write Lockout Status Indicates whether the user account is locked out or not Password Expiration Date Current password expiration date in date format Lockout Di...

Page 260: ...figuration mode to display information about the login history of users Syntax show users login history long name name of user Range 1 20 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example show user login history outputs 2CSPC4 XCT SWUM2XX1 book Page 260 Monda...

Page 261: ...er Use the no form of this command to remove the username from the local user database Syntax username name password password privilege level encrypted no username name Parameter Description Parameter Description name The name of the user Range 1 32 printable characters The special characters allowed in the password include _ User names can contain blanks if the name is surrounded by double quotes...

Page 262: ... Enter the password The special characters allowed in the password include _ console config username bob password xxxyyymmm privilege 15 username password encrypted The Administrator uses the username password encrypted command in Global Configuration mode to transfer local user passwords between devices without having to know the passwords The password parameter must be level The user level Level...

Page 263: ...a Syntax username name password password level level encrypted Parameter Description This command does not require a parameter description Default Behavior This command has no default configuration Command Modes Global Configuration mode User Guidelines The following table lists the completion messages Message Type Message Description Successful Completion Message Message Error Completion Message ...

Page 264: ...eeds Minimum Length of a Password Password should be in the range of 8 64 characters in length Set minimum password length to 0 by using the passwords min length 0 command 2 Password should contain Minimum number uppercase letters number lowercase letters number numeric numbers number specialcharactersand number characterclassesand Maximum limit of number consecutive alphabetic and numeric charact...

Page 265: ...This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines 2CSPC4 XCT SWUM2XX1 book Page 265 Monday October 3 2011 11 05 AM ...

Page 266: ...266 AAA Commands 2CSPC4 XCT SWUM2XX1 book Page 266 Monday October 3 2011 11 05 AM ...

Page 267: ...rewall routers that are positioned between the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of the internal network The PowerConnect ACL feature allows classification of packets based upon Layer 2 through Layer 4 header information An Ethernet IP...

Page 268: ...autioned to specify ACL access list permit and deny rule criteria as fully as is possible in order to avoid false matches This is especially true in networks with protocols such as FCoE that have newly introduced Ether type values As an example rules that specify a TCP or UDP port value should also specify the TCP or UDP protocol and the IPv4 or IPv6 Ether type Rules that specify an IP protocol sh...

Page 269: ...et Protocol version 6 IPv6 0x8808 MAC Control 0x8809 Slow Protocols IEEE 802 3 0x8870 Jumbo frames 0x888E EAP over LAN EAPOL 802 1x 0x88CC Link Layer Discovery Protocol 0x8906 Fibre Channel over Ethernet 0x8914 FCoE Initialization Protocol 0x9100 Q in Q Table 5 2 Common IP Protocol Numbers IP Protocol Numbers Protocol 0x00 IPv6 Hop by hop option 0x01 ICMP 0x02 IGMP 0x06 TCP 0x08 EGP 0x09 IGP 0x11 ...

Page 270: ...hen the ACL rule is applied immediately If a time range with specified name exists and the ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied when the time range with specified name becomes active The ACL rule is removed when the time range with specified name becomes inactive access list list name deny permit every icmp igmp ip tcp udp number a...

Page 271: ...n IP mask portvalue The source layer 4 port match condition for the ACL rule is specified by the port value parameter Range 0 65535 portkey Or you can specify the portkey which can be one of the following keywords domain echo ftp ftpdata http smtp snmp telnet tftp and www log Specifies that this rule is to be logged time range name Displays the name of the time range if the ACL rule has referenced...

Page 272: ...hanced to accept the optional time range parameter The time range parameter allows imposing a time limitation on the IP ACL rule as defined by the parameter time range name If a time range with the specified name does not exist and the IP ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with the specified name exist...

Page 273: ...lso specify the protocol and ethertype Rules that specify a protocol should also specify the ethertype value for the frame In general any rule that specifies matching on an upper layer protocol field should also include matching constraints for lower layer protocol fields For example a rule to match packets directed to the well known UDP port number 22 SSH should also include constraints on the IP...

Page 274: ...e does not exist and the MAC ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with the specified name exists and the MAC ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied when the time range with a specified name becomes active The ACL rule is removed when the ti...

Page 275: ...ppoe rarp 0x0600 0xFFFF Specify custom ethertype value hexadecimal range 0x0600 0xFFFF vlan eq VLAN number Range 0 4095 cos Class of service Range 0 7 log Specifies that this rule is to be logged time range name Use the time range parameter to impose a time limitation on the MAC ACL rule as defined by the parameter time range name assign queue Specifies particular hardware queue for handling traff...

Page 276: ...nded DELL123 console config mac access list deny 0806 c200 0000 ffff ffff ffff any ip access group Use the ip access group command in Global and Interface Configuration modes to apply an IP based ACL on an Ethernet interface or a group of interfaces An IP based ACL should have been created by the access list name command with the same name specified in this command Use the no ip access group comma...

Page 277: ...and does so for the interface Examples console config ip access group aclname in console config no ip access group aclname in console config ip access group aclname1 out console config if 1 0 1 ip access group aclname out 2 console config if 1 0 1 no ip access group aclname out mac access group Use the mac access group command in Global Configuration or Interface Configuration mode to attach a spe...

Page 278: ...is in use for this interface and direction the specified access list replaces the currently attached access list using that sequence number If the sequence number is not specified for this command a sequence number is selected that is one greater than the highest sequence number currently in use for this interface and direction This command specified in Interface Configuration mode only affects a ...

Page 279: ...he following example creates MAC ACL and enters MAC Access List Configuration mode console config mac access list extended LVL7DELL console config mac access list mac access list extended rename Use the mac access list extended rename command in Global Configuration mode to rename the existing MAC Access Control List ACL Syntax mac access list extended rename name newname name Existing name of the...

Page 280: ...nblock link local protocol s on a given port Syntax service acl input blockcdp blockvtp blockdtp blockudld blockpagp blocksstp blockall no service acl input Parameter Description Parameter Description blockcdp To block CDP PDU s from being forwarded blockvtp To block VTP PDU s from being forwarded blockdtp To block DTP PDU s from being forwarded blockudld To block UDLD PDU s from being forwarded b...

Page 281: ...d has been entered show service acl interface This command displays the status of LLPF rules configured on a particular port or on all the ports Syntax show service acl interface interface id all Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description interface ...

Page 282: ...mand in Privileged EXEC mode to display an IP ACL and time range parameters Syntax show ip access lists accesslistnumber Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Parameter Description accesslistnumber The number used to identify the IP ACL 2CSPC4 XCT SWUM2XX1...

Page 283: ...n Privileged EXEC mode to display a MAC access list and all of the rules that are defined for the MAC ACL Use the name parameter to identify a specific MAC ACL to display Syntax show mac access list name Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Parameter Description Name Use the name parameter to identify a specific MAC...

Page 284: ...es the following information Fields Description MAC ACL Name The name of the MAC access list Rules The number of user configured rules defined for the MAC ACL The implicit deny all rule defined at the end of every MAC ACL is not included Interfaces Displays the list of interfaces unit slot port to which the MAC ACL is attached in a given direction 2CSPC4 XCT SWUM2XX1 book Page 284 Monday October 3...

Page 285: ... see if it has been defined as a filter If the MAC address is not defined as a filter then the packet is forwarded If the specific destination MAC address is defined as a filter then the ingress port number is compared to the set of source ports listed for the address If the port of ingress is not in the set of source ports then the packet is immediately discarded If the ingress port is a member o...

Page 286: ...icast show mac address table static mac address table multicast forbidden forward unregistered show mac address table filtering show mac address table vlan mac address table multicast forward all show mac address table show ports security mac address table multicast forward unregistered show mac address table address show ports security addresses mac address table multicast static show mac address...

Page 287: ...ddress table aging time command in Global Configuration mode to set the aging time of the address To restore the default use the no form of the mac address table aging time command Syntax mac address table aging time 0 10 1000000 no mac address table aging time Parameter Description Default Configuration 300 seconds Parameter Description 0 Disable aging time for the MAC Address Table 10 1000000 Se...

Page 288: ...disable filtering of Multicast addresses use the no form of the command Syntax mac address table multicast filtering no mac address table multicast filtering Parameter Description This command has no arguments or keywords Default Configuration Multicast filtering is disabled by default The switch will flood multicast packets to all ports belonging to the received VLAN and ignores the settings of t...

Page 289: ...nd in Global Configuration mode to forbid adding a specific Multicast address to specific ports To return to the system default use the no form of this command If routers exist on the VLAN do not change the unregistered multicast addresses state to drop on the routers ports Syntax mac address table multicast forbidden address vlan vlan id mac multicast address ip multicast address add remove inter...

Page 290: ...Use the mac address table multicast forbidden forward unregistered command in Global Configuration mode to forbid forwarding unregistered multicast addresses Use the no form of this command to return to the default Syntax mac address table multicast forbidden forward unregistered vlan vlan id mac multicast address MAC Multicast address in the format xxxx xxxx xxxx ip multicast address IP Multicast...

Page 291: ...config mac address table multicast forbidden forward unregistered vlan 8 mac address table multicast forward all Use the mac address table multicast forward all command in Interface Configuration mode to enable forwarding of all Multicast packets To restore the default use the no form of the mac address table multicast forward all command Syntax mac address table multicast forward all vlan vlan id...

Page 292: ...d all vlan 1 mac address table multicast forward unregistered Use the mac address table multicast forward unregistered command in Global Configuration mode to enable the forwarding of unregistered multicast addresses Syntax mac address table multicast forward unregistered vlan vlan id Parameter Description Parameter Description vlan vlan id A valid VLAN ID Range 1 4093 Parameter Description vlan v...

Page 293: ...stered multicast addresses console config bridge multicast forward unregistered vlan 1 mac address table multicast static Use the mac address table multicast static command in Global Configuration mode to register MAC layer Multicast addresses to the bridge table and to add ports to the group statically To deregister the MAC address use the no form of the mac address table multicast static command...

Page 294: ...03 The following example registers the MAC address and adds ports statically console config interface vlan 8 Parameter Description add Adds ports to the group If no option is specified this is the default option remove Removes ports from the group vlan vlan id Valid vlan ID 1 4093 mac multicast address MAC multicast address in the format xxxx xxxx xxxx ip multicast address IP multicast address int...

Page 295: ...erface gigabitethernet port channel tengigabitethernet interface id no mac address table static mac addr vlan vlan id interface gigabitethernet port channel tengigabitethernet interface id Syntax Description Default Configuration No static addresses are defined The default mode for an added address is permanent Command Mode Global Configuration mode User Guidelines This command has no user guideli...

Page 296: ...ort security discard Discards frames with unlearned source addresses This is the default if no option is indicated Default Configuration Disabled No port security Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines When port security is enabled on an interface all dynamic entries learned up to that point are flushed and new entries can be learn...

Page 297: ...e maximum number of addresses that can be learning on the port Range 0 600 Default Configuration The default value for this command is 100 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The following example shows using this command in Ethernet Interface Configuration mode console config if 1 0 3...

Page 298: ...ulticast address ip multicast address A valid IP Multicast address format Multicast address format Can be ip or mac Default Configuration If format is unspecified the default is mac Command Mode Privileged EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range 01 00 5e 00 00 00 through 01 00 5e 7f ff ff 2CSPC4 XCT SWUM2XX1 book Page 298 Monday October 3 20...

Page 299: ...0505 NOTE A multicast MAC address maps to multiple IP addresses as shown above show mac address table filtering Use the show mac address table filtering command in Privileged EXEC mode to display the Multicast filtering configuration Syntax show mac address table filtering vlan id vlan_id A valid VLAN ID value Default Configuration This command has no default configuration Command Mode Privileged ...

Page 300: ...ress table Use the show mac address table command in User EXEC or Privileged EXEC mode to display all entries in the bridge forwarding database Syntax show mac address table Parameter Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines 2C...

Page 301: ...gement Vl10 90 001E C9AA AE1B Management Vl90 Total MAC Addresses in use 5 show mac address table address Use the show mac address table address command in User EXEC or Privileged EXEC mode to display all entries in the bridge forwarding database for the specified MAC address Syntax show mac address table address mac address interface interface id vlan vlan id Parameter Description Parameter Descr...

Page 302: ...000 E26D 2C2A Dynamic 1 0 1 show mac address table count Use the show mac address table count command in User EXEC or Privileged EXEC mode to display the number of addresses present in the Forwarding Database Syntax show mac address table count vlan vlan id interface interface id interface id Display information for a specific interface Valid interfaces include physical ports and port channels vla...

Page 303: ...le count Capacity 8192 Used 109 Static addresses 2 Secure addresses 1 Dynamic addresses 97 Internal addresses 9 show mac address table dynamic Use the show mac address table command in User EXEC or Privileged EXEC mode to display all dynamic entries in the bridge forwarding database Parameter Description interface id Specify an interface type valid interfaces include physical ports and port channe...

Page 304: ...le are displayed console show mac address table dynamic Aging time is 300 Sec Vlan Mac Address Type Port 1 0000 0001 0000 Dynamic gi1 0 1 1 0000 8420 5010 Dynamic gi1 0 1 1 0000 E26D 2C2A Dynamic gi1 0 1 1 0000 E89A 596E Dynamic gi1 0 1 Parameter Description mac address A MAC address with the format xxxx xxxx xxxx interface id Display information for a specific interface Valid interfaces include p...

Page 305: ...mmand Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example In this example all classes of entries in the bridge forwarding database for gigabit Ethernet interface 1 0 1 are displayed console show mac address table interface gigabitethernet 1 0 1 Aging time is 300 Sec Vlan Mac Address Type Port Parameter Description interface id Specify an interface type V...

Page 306: ...Syntax show mac address table static address mac address interface interface id vlan vlan id Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description mac address A MAC address with the format xxxx xxxx xxxx interface id Specify an interface type valid i...

Page 307: ...and in User EXEC or Privileged EXEC mode to display all entries in the bridge forwarding database for the specified VLAN Syntax show mac address table vlan vlan id Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description vlan id Specify a valid VLAN the...

Page 308: ...1 0000 E89A 596E Dynamic gi1 0 1 1 0001 02F1 0B33 Dynamic gi1 0 1 Total Mac Addresses for this criterion 5 show ports security Use the show ports security command in Privileged EXEC mode to display the port lock status Syntax show ports security gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default config...

Page 309: ...e show ports security addresses Use the show ports security addresses command in Privileged EXEC mode to display current dynamic addresses in locked ports Field Description Port The port number Status The status can be one of the following Locked or Unlocked Actions Action on violations Maximum The maximum addresses that can be associated on this port in Static Learning mode or in Dynamic Learning...

Page 310: ...mand has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example displays dynamic addresses for port channel number 1 0 1 console show ports security addresses gigabitethernet 1 0 1 Dynamic addresses 83 Maximum addresses 100 Learned addresses 2CSPC4 XCT SWUM2XX1 book Page 310 Monday October 3 2011 11 05 AM ...

Page 311: ... to assign the highest priority for the following VoIP packets Session Initiation Protocol SIP H 323 Skinny Client Control Protocol SCCP Auto VoIP borrows ACL lists from the global system pool ACL lists allocated by Auto VoIP reduce the total number of ACLs available for use by the network operator Enabling Auto VoIP uses one ACL list to monitor for VoIP sessions Each monitored VoIP session utiliz...

Page 312: ...tion There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example shows command output when a port is specified console show switchport voice Interface Auto VoIP Mode Traffic Class Gi1 0 1 Disabled 6 Gi1 0 2 Disabled 6 Gi1 0 3 Disabled 6 Gi1 0 4 Disabled 6 Gi1 0 5 Disabled 6 Gi1 0 6...

Page 313: ...6 Gi1 0 16 Disabled 6 Gi1 0 17 Disabled 6 Gi1 0 18 Disabled 6 Gi1 0 19 Disabled 6 Gi1 0 20 Disabled 6 Gi1 0 21 Disabled 6 Gi1 0 22 Disabled 6 Gi1 0 23 Disabled 6 Gi1 0 24 Disabled 6 Po1 Disabled 6 Po2 Disabled 6 Po3 Disabled 6 Po4 Disabled 6 Po5 Disabled 6 Po6 Disabled 6 Po7 Disabled 6 Po8 Disabled 6 Po9 Disabled 6 2CSPC4 XCT SWUM2XX1 book Page 313 Monday October 3 2011 11 05 AM ...

Page 314: ... Mode The Auto VoIP mode on the interface Traffic Class The Cos Queue or Traffic Class to which all VoIP traffic is mapped This is not configurable and defaults to the highest COS queue available in the system for data traffic switchport voice detect auto The switchport voice detect auto command is used to enable the VoIP Profile on all the interfaces of the switch global configuration mode or for...

Page 315: ...ult Command Mode Global Configuration mode Interface gigabitethernet port channel tengigabitethernet Configuration mode User Guidelines This command has no user guidelines Example console config interface gigabitethernet 1 0 1 console config if Gi1 0 1 switchport voice detect auto 2CSPC4 XCT SWUM2XX1 book Page 315 Monday October 3 2011 11 05 AM ...

Page 316: ...316 Auto VoIP Commands 2CSPC4 XCT SWUM2XX1 book Page 316 Monday October 3 2011 11 05 AM ...

Page 317: ...co Discovery Protocol CDP ISDP is based on CDP which is a precursor to LLDP Commands in this Chapter This chapter explains the following commands clear isdp counters The clear isdp counters command clears the ISDP counters Syntax clear isdp counters Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode clear isdp counters show isdp clear isdp ta...

Page 318: ... no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear isdp table isdp advertise v2 The isdp advertise v2 command enables the sending of ISDP version 2 packets from the device Use the no form of this command to disable sending ISDP version 2 packets Syntax isdp advertise v2 no isdp advertise v...

Page 319: ...User the no form of this command to disable ISDP Use this command in global configuration mode to enable the ISDP function on the switch Use this command in interface mode to enable sending ISDP packets on a specific interface Syntax isdp enable no isdp enable Default Configuration ISDP is enabled Command Mode Global Configuration mode Interface Ethernet configuration mode User Guidelines There ar...

Page 320: ...P packet before discarding it The range is given in seconds Use the no form of this command to reset the holdtime to the default Syntax isdp holdtime time no isdp holdtime Parameter Description Default Configuration The default holdtime is 180 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets isdp holdtim...

Page 321: ...iption Default Configuration The default timer is 30 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the isdp timer value to 40 seconds console config isdp timer 40 show isdp The show isdp command displays global ISDP settings Syntax show isdp Parameter Description time The time in seconds range 5 254 s...

Page 322: ...st time changed 0 days 00 06 01 Device ID QTFMPW82400020 Device ID format capability Serial Number Device ID format Serial Number show isdp entry The show isdp entry command displays ISDP entries If a device id specified then only the entry about that device is displayed Syntax show isdp entry all deviceid Parameter Description Parameter Description all Show ISDP settings for all devices deviceid ...

Page 323: ...ddress 172 20 1 18 IP Address 172 20 1 18 Capability Router IGMP Platform cisco WS C4948 Interface 1 0 1 Port ID GigabitEthernet1 1 Holdtime 64 Advertisement Version 2 Entry last changed time 0 days 00 13 50 Version Cisco IOS Software Catalyst 4000 L3 Switch Software cat4000 I9K91S M Version 12 2 25 EWA9 RELEASE SOFTWARE fc3 Technical Support http www cisco com techsupport Copyright c 1986 2007 by...

Page 324: ... slot port tengigabitethernet unit slot port Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show isdp interface all Interface Mode 1 0 1 Enabled 1 0 2 Enabled 1 0 3 Enabled 1 0 4 Enabled 1 0 5 Enabled 1 0 6 Enabled 1 0 7 Enabled 2CSPC4 XCT SWUM2XX1 book Page 324...

Page 325: ...abled 1 0 17 Enabled 1 0 18 Enabled 1 0 19 Enabled 1 0 20 Enabled 1 0 21 Enabled 1 0 22 Enabled 1 0 23 Enabled 1 0 24 Enabled console show isdp interface gigabitethernet 1 0 1 Interface Mode 1 0 1 Enabled show isdp neighbors The show isdp neighbors command displays the list of neighboring devices 2CSPC4 XCT SWUM2XX1 book Page 325 Monday October 3 2011 11 05 AM ...

Page 326: ...er guidelines for this command Example console show isdp neighbors Capability Codes R Router T Trans Bridge B Source Route S Switch H Host I IGMP r Repeater Device ID Intf Hold Cap Platform Port ID Switch 1 0 1 165 RI cisco WS C4948 GigabitEthernet1 1 console show isdp neighbors detail Device ID Switch Address es IP Address 172 20 1 18 IP Address 172 20 1 18 Capability Router IGMP Platform cisco W...

Page 327: ...w cisco com techsupport Copyright c 1986 2007 by Cisco Systems Inc Compiled Wed 21 Mar 07 12 20 by tinhuang show isdp traffic The show isdp traffic command displays ISDP statistics Syntax show isdp traffic Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show isdp...

Page 328: ...DPv1 Packets Transmitted 0 ISDPv2 Packets Received 4253 ISDPv2 Packets Transmitted 4351 ISDP Bad Header 0 ISDP Checksum Error 0 ISDP Transmission Failure 0 ISDP Invalid Format 0 ISDP Table Full 392 ISDP Ip Address Table Full 737 2CSPC4 XCT SWUM2XX1 book Page 328 Monday October 3 2011 11 05 AM ...

Page 329: ... supports DHCP Relay Option 82 circuit id and remote id for a VLAN Commands in this Chapter This chapter explains the following commands dhcp l2relay Global Configuration Use the dhcp l2relay command to enable Layer 2 DHCP Relay functionality The subsequent commands mentioned in this section can only be used when the L2 DHCP Relay is enabled Use the no form of this command to disable L2 DHCP Relay...

Page 330: ...lay Interface Configuration Use the dhcp l2relay command to enable DHCP L2 Relay for an interface Use the no form of this command to disable DHCP L2 Relay for an interface Syntax dhcp l2relay no dhcp l2relay Default Configuration DHCP L2Relay is disabled on all interfaces by default Command Mode Interface Configuration Ethernet Port channel User Guidelines There are no user guidelines for this com...

Page 331: ...disable setting the DHCP Option 82 Circuit ID Syntax dhcp l2relay circuit id vlan vlan range no dhcp l2relay circuit id vlan vlan range Parameter Description Default Configuration Setting the DHCP Option 82 Circuit ID is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l2relay circuit id vlan 340 350 Par...

Page 332: ...moteId vlan vlan range Parameter Description Default Configuration Setting the DHCP Option 82 Remote ID is disabled by default Command Mode Global Configuration User Guidelines There are no user guidelines for this command Example console config dhcp l2relay remote id dslforum vlan 10 20 30 dhcp l2relay trust Use the dhcp l2relay trust command to configure an interface to mandate Option 82 on rece...

Page 333: ... the dhcp l2relay vlan command to enable the L2 DHCP Relay agent for a set of VLANs All DHCP packets which arrive on interfaces in the configured VLAN are subject to L2 Relay processing Use the no form of this command to disable L2 DHCP Relay for a set of VLANs Syntax dhcp l2relay vlan vlan range no dhcp l2relay vlan vlan range Parameter Description Default Configuration DHCP L2 Relay is disabled ...

Page 334: ...l command in Privileged EXEC mode to display the summary of DHCP L2 Relay configuration Syntax show dhcp l2relay all Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show dhcp l2relay all DHCP L2 Relay is Enabled Interface L2RelayMode TrustMode 2CSPC4 XCT SWUM2XX1 book Pag...

Page 335: ... 10 Enabled Disabled NULL show dhcp l2relay interface Use the show dhcp l2relay interface command in Privileged EXEC mode to display DHCP L2 Relay configuration specific to interfaces Syntax show dhcp l2relay interface all interface id Parameter Description Default Configuration This command has no default configuration Parameter Description all Show all interfaces interface id A physical interfac...

Page 336: ...ed trusted show dhcp l2relay stats interface Use the show dhcp l2relay stats interface command in Privileged EXEC mode to display DHCP L2 Relay statistics specific to interfaces Syntax show dhcp l2relay stats interface all interface id Parameter Description Default Configuration This command has no default configuration Parameter Description all Show all interfaces interface id A physical interfac...

Page 337: ...MsgsWithoutOpt82 MsgsWithoutOpt82 Gi1 0 1 0 0 0 0 Gi1 0 2 0 0 3 7 Gi1 0 3 0 0 0 0 show dhcp l2relay subscription interface Use the show dhcp l2relay subscription interface command in Privileged EXEC mode to display DHCP L2 Relay Option 82 configuration specific to interfaces Syntax show dhcp l2relay subscription interface all interface id Parameter Description Parameter Description all Show all in...

Page 338: ... specific to VLANs Syntax show dhcp l2relay agent option vlan vlan range Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show dhcp l2relay agent option vlan 5 10 Parameter Description vlan range Show information for the specified VLAN range A range m...

Page 339: ...an command in Privileged EXEC mode to display whether DHCP L2 Relay is globally enabled on the specified VLAN or VLAN range Syntax show dhcp l2relay vlan vlan range Parameter Description Default Configuration This command has no default configuration Parameter Description vlan range Show information for the specified VLAN range A range may be a single VLAN ID or two VLAN IDs separated by a single ...

Page 340: ...e to display whether DHCP L2 Relay is globally enabled and whether the DHCP Circuit ID option is enabled on the specified VLAN or VLAN range Syntax show dhcp l2relay circuit id vlan vlan range Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Parameter Description vlan range Show information for the specified VLAN range A range ...

Page 341: ...lay is globally enabled and shows the remote ID configured on the specified VLAN or VLAN range Syntax show dhcp l2relay remote id vlan vlan range Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Parameter Description vlan range Show information for the specified VLAN...

Page 342: ...o zero Specify the port with the counters to clear or use the all keyword to clear the counters on all ports Syntax clear dhcp l2relay statistics interface all interface id Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Parameter Description all Show all interfaces...

Page 343: ...DHCP Layer 2 Relay Commands 343 Example console clear dhcp l2relay statistics interface gi1 0 1 2CSPC4 XCT SWUM2XX1 book Page 343 Monday October 3 2011 11 05 AM ...

Page 344: ...344 DHCP Layer 2 Relay Commands 2CSPC4 XCT SWUM2XX1 book Page 344 Monday October 3 2011 11 05 AM ...

Page 345: ...s on the same interface Only a single in band interface can be configured as a DHCPv6 client DHCP is disabled by default on all in band interfaces The DHCP client retains an IP address even if the IP interface goes down The client does not attempt to renew its IP address until the lease expires regardless of changes in link state The operator may renew or release an IP address at any time using th...

Page 346: ...suing this command To lease an IP address again issue either the renew dhcp interface id command below or ip address dhcp Interface Config command on page 505 in interface mode If the IPv4 address on the interface was not assigned by DHCP then the command fails and displays the following error message Interface does not have a DHCP originated address The release dhcp option is applicable only for ...

Page 347: ... server that it wants to continue using the IP address If DHCP is enabled on the interface but the interface does not currently have an IPv4 address for example if the address was previously released then the DHCP client sends a DISCOVER to acquire a new address If DHCP is not enabled on the interface then the command fails and displays the following error message DHCP is not enabled on this inter...

Page 348: ...nt To disable debugging use the no form of this command Syntax debug dhcp packet transmit receive no debug dhcp packet transmit receive Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines DHCP client already has packet tracing This command turns the packet tracing on...

Page 349: ... Mode Privileged EXEC User Guidelines This command lists all IPv4 addresses currently leased from a DHCP server on a routing interface This command only applies to routing interfaces This command output provides the following information Parameter Description interface id Any valid IP interface VLAN only See Interface Naming Conventions for interface representation Term Description IP address Subn...

Page 350: ... 0x11EB Lease 86400 secs Renewal 43200 secs Rebind 75600 secs Retry count 0 console show dhcp lease interface vl10 IP address 10 1 20 1 on interface VLAN10 Subnet mask 255 255 255 0 State State of the DHCPv4 Client on this interface DHCP transaction id The transaction ID of the DHCPv4 Client Lease The time in seconds that the IP address was leased by the server Renewal The time in seconds when the...

Page 351: ...erface Commands 351 DHCP Lease server 10 1 20 3 state 5 Bound DHCP transaction id 0x7AD Lease 86400 secs Renewal 43200 secs Rebind 75600 secs Retry count 0 2CSPC4 XCT SWUM2XX1 book Page 351 Monday October 3 2011 11 05 AM ...

Page 352: ...352 DHCP Management Interface Commands 2CSPC4 XCT SWUM2XX1 book Page 352 Monday October 3 2011 11 05 AM ...

Page 353: ...P Snooping the DHCP client message is sent to the DHCP Relay or and DHCP Server for further processing The DHCP Snooping application uses DHCP messages to build and maintain the binding s database The binding s database only includes data for clients on untrusted ports DHCP Snooping creates a tentative binding from DHCP DISCOVER and REQUEST messages Tentative bindings tie a client to a port the po...

Page 354: ...mand clear ip dhcp snooping binding ip dhcp snooping trust clear ip dhcp snooping statistics ip dhcp snooping verify mac address ip dhcp snooping show ip dhcp snooping ip dhcp snooping binding show ip dhcp snooping binding ip dhcp snooping database show ip dhcp snooping database ip dhcp snooping database write delay show ip dhcp snooping interfaces ip dhcp snooping limit show ip dhcp snooping stat...

Page 355: ...Example console clear ip dhcp snooping statistics ip dhcp snooping Use the ip dhcp snooping command to enable DHCP snooping globally Use the no form of this command to disable DHCP snooping NOTE Effective with the October 2011 A03 release the ip dhcp snooping command in Interface Configuration VLAN mode is deprecated in favor of the ip dhcp snooping command in Global Configuration mode Syntax ip d...

Page 356: ... ip dhcp snooping binding mac address vlan vlan id ip address interface gigabitethernet unit slot port tengigabitethernet unit slot port no ip dhcp snooping binding mac address Parameter Description Default Configuration There are no static DHCP snooping bindings by default Parameter Description mac address The client s MAC address vlan id The number of the VLAN the client is authorized to use ip ...

Page 357: ...snooping database This can be local to the switch or on a remote machine Syntax ip dhcp snooping database local tftp hostIP filename Parameter Description Default Configuration The database is stored locally by default Configuration Mode Global Configuration mode Parameter Description hostIP The IP address of the remote host filename The name of the file for the database on the remote host The fil...

Page 358: ...tabase write delay Use the ip dhcp snooping database write delay command to configure the interval in seconds at which the DHCP Snooping database will be stored in persistent storage Use the no form of this command to reset the write delay to the default Syntax ip dhcp snooping database write delay seconds no ip dhcp snooping database write delay Parameter Description Default Configuration The wri...

Page 359: ...nterval seconds no ip dhcp snooping limit rate The maximum number of packets per second allowed Range 0 300 pps seconds The time allowed for a burst Range 1 15 seconds Default Configuration DHCP snooping rate limiting is disabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines There are no user guidelines for this command Examples console c...

Page 360: ...d by default Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines There are no user guidelines for this command Example console config if 1 0 1 ip dhcp snooping log invalid console config if 1 0 1 no ip dhcp snooping log invalid ip dhcp snooping trust Use the ip dhcp snooping trust command to configure a port as trusted Use the no form of this c...

Page 361: ...ess Use the ip dhcp snooping verify mac address command to enable the verification of the source MAC address with the client MAC address in the received DHCP message Use the no form of this command to disable verification of the source MAC address Syntax ip dhcp snooping verify mac address no ip dhcp snooping verify mac address Default Configuration Source MAC address verification is enabled by de...

Page 362: ...guments or keywords Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping DHCP snooping is Disabled DHCP snooping source MAC verification is enabled DHCP snooping is enabled on the following VLANs 11 30 40 Interface Trusted Log Invalid P...

Page 363: ...tatic dynamic Use these keywords to filter by static or dynamic bindings interface id The interface for which to show bindings vlan id The number of the VLAN for which to show bindings Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ip dhcp snoopin...

Page 364: ...iguration related to the database persistence Syntax show ip dhcp snooping database Syntax Description This command has no arguments or keywords Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping database agent url 10 131 13 79 sai1 txt wr...

Page 365: ... is no default configuration for this command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console show ip dhcp snooping interfaces Interface Trust State Rate Limit Burst Interval pps seconds 1 0 1 No 15 1 1 0 2 No 15 1 1 0 3 No 15 1 console show ip dhcp snooping interfaces gigabitethernet 1 0 15 Interface Trust State Rate Limit Burst Interval ...

Page 366: ...C Privileged EXEC User Guidelines The following fields are displayed by this command Example console show ip dhcp snooping statistics Fields Description MAC Verify Failures The number of DHCP messages that were filtered on an untrusted interface because of source MAC address and client MAC address mismatch Client Ifc Mismatch The number of DHCP release and Deny messages received on the different p...

Page 367: ... 0 2 0 0 0 1 0 3 0 0 0 1 0 4 0 0 0 1 0 5 0 0 0 1 0 6 0 0 0 1 0 7 0 0 0 1 0 8 0 0 0 1 0 9 0 0 0 1 0 10 0 0 0 1 0 11 0 0 0 1 0 12 0 0 0 1 0 13 0 0 0 1 0 14 0 0 0 1 0 15 0 0 0 1 0 16 0 0 0 1 0 17 0 0 0 1 0 18 0 0 0 1 0 19 0 0 0 1 0 20 0 0 0 2CSPC4 XCT SWUM2XX1 book Page 367 Monday October 3 2011 11 05 AM ...

Page 368: ...368 DHCP Snooping Commands 2CSPC4 XCT SWUM2XX1 book Page 368 Monday October 3 2011 11 05 AM ...

Page 369: ... in the DHCP Snooping bindings database Commands in this Chapter This chapter explains the following commands arp access list Use the arp access list command to create an ARP ACL It will place the user in ARP ACL Configuration mode Use the no form of this command to delete an ARP ACL Syntax arp access list acl name no arp access list acl name acl name A valid ARP ACL name Range 1 31 characters arp...

Page 370: ...ip arp inspection statistics command in Privileged EXEC mode to reset the statistics for Dynamic Address Resolution Protocol ARP inspection on all VLANs Syntax clear ip arp inspection statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no us...

Page 371: ...ection filter acl name vlan vlan range static no ip arp inspection filter acl name vlan vlan range static acl name The name of a valid ARP ACL Range 1 31 characters vlan range A valid VLAN range Default Configuration No ARP ACL is configured Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config ip arp inspection filter tier1 vla...

Page 372: ... The default burst interval is 1 second Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines There are no user guidelines for this command Example console config if 1 0 1 ip arp inspection limit none console config if 1 0 1 ip arp inspection limit rate 100 burst interval 2 ip arp inspection trust The ip arp inspection trust command configures an...

Page 373: ...ived ARP packets Each command overrides the configuration of the previous command For example if a command enables source MAC address and destination MAC address validations and a second command enables IP address validation only the source MAC address and destination MAC address validations are disabled as a result of the second command Use the no form of this command to disable additional valida...

Page 374: ...ion validate ip ip arp inspection vlan Use the ip arp inspection vlan command to enable Dynamic ARP Inspection on a single VLAN or a range of VLANs Use the no form of this command to disable Dynamic ARP Inspection on a single VLAN or a range of VLANs Syntax ip arp inspection vlan vlan range logging no ip arp inspection vlan vlan range logging vlan range A valid range of VLAN IDs logging Use this p...

Page 375: ...is command to delete an ARP ACL rule Syntax permit ip host sender ip mac host sender mac no permit ip host sender ip mac host sender mac sender ip Valid IP address used by a host sender mac Valid MAC address in combination with the above sender ip used by a host Default Configuration There are no ARP ACL rules created by default Command Mode ARP Access list Configuration mode User Guidelines There...

Page 376: ...nfiguration for this command Command Mode Privileged EXEC User Guidelines There are no user guidelines for this command Example console show arp access list ARP access list H2 permit ip host 1 1 1 1 mac host 00 01 02 03 04 05 permit ip host 1 1 1 2 mac host 00 03 04 05 06 07 ARP access list H3 ARP access list H4 permit ip host 2 1 1 2 mac host 00 03 04 05 06 08 show ip arp inspection Use the show ...

Page 377: ... vlan vlan range Display the statistics of the ARP packets processed by Dynamic ARP Inspection Given vlan range argument it displays the statistics on all DAI enabled VLANs in that range In the case of no argument it lists the summary of the forwarded and dropped ARP packets vlan vlan range Display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range It also displays t...

Page 378: ...te Rate Limit Burst Interval DHCP Drops The number of packets dropped due to DHCP Snooping binding database match failure ACL Drops The number of packets dropped due to ARP ACL rule match failure DHCP Permits The number of packets permitted due to DHCP snooping binding database match ACL Permits The number of packets permitted due to ARP ACL rule match Bad Src MAC The number of packets dropped due...

Page 379: ... DHCP ACL Bad Src Bad Dest Invalid Drops Drops Permits Permits MAC MAC IP 10 11 1 65 25 1 1 0 20 1 0 8 2 0 1 1 show ip arp inspection vlan Use the show ip arp inspection vlan command to display the Dynamic ARP Inspection configuration on all the VLANs in the given VLAN range It also displays the global configuration values for source MAC validation destination MAC validation and invalid IP validat...

Page 380: ...ription Source Mac Validation If Source Mac validation of ARP frame is enabled Destination Mac Validation If Destination Mac validation of ARP Response frame is enabled IP Address Validation If IP address validation of ARP frame is enabled Field Description VLAN The VLAN ID for each displayed row Configuration Whether DAI is enabled on the VLAN Log Invalid Whether logging of invalid ARP packets is...

Page 381: ...isabled Destination Mac Validation Disabled IP Address Validation Disabled Vlan Configuration Log Invalid ACL Name Static flag 10 Enabled Enabled H2 Enabled 11 Disabled Enabled 12 Enabled Disabled 2CSPC4 XCT SWUM2XX1 book Page 381 Monday October 3 2011 11 05 AM ...

Page 382: ...382 Dynamic ARP Inspection Commands 2CSPC4 XCT SWUM2XX1 book Page 382 Monday October 3 2011 11 05 AM ...

Page 383: ... with each log message in a separate mail Log messages in the non urgent group are batched into a single email message and after a configurable delay Only the minimum part MUA functionality of RFC 4409 required by the switch or router to send the messages to the SMTP server is supported Some SMTP servers insist on authentication before the messages may be received by them The minimum part MUA func...

Page 384: ...l logging email show logging email statistics logging email urgent clear logging email statistics logging traps security logging email message type to addr mail server ip address hostname logging email from addr port Mail Server Configuration Mode logging email message type subject username Mail Server Configuration Mode logging email logtime password Mail Server Configuration Mode logging email t...

Page 385: ... in the logging email logtime command and then emailed in a single email message If you set the non urgent severity level to the same value as the urgent severity level then no log messages are emailed non urgently See the logging email urgent command to specify the urgent severity level The command no logging email disables all email alerting Parameter Description severity If you specify a severi...

Page 386: ...t severity level is alert Parameter Description severity Log messages at or above this severity level are emailed immediately The severity level may either be specified by keyword or as an integer from 0 to 7 The accepted keywords and the numeric severity level each represents are as follows emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 debug 7 none If you specify this keyword n...

Page 387: ... logging traps command in Global Configuration mode to set the lowest severity level at which SNMP traps are logged To revert the urgent severity level to its default value use the no form of this command Syntax logging traps severity no logging traps Parameter Description Parameter Description severity The severity level at which SNMP traps are logged The severity level may either be specified by...

Page 388: ... Use the logging email message type to addr command in Global Configuration mode to configure the To address field of the email The message types supported now are urgent non urgent and both For each supported severity level multiple email addresses can be configured For example for urgent type of messages there could be multiple addresses configured Syntax logging email message type urgent non ur...

Page 389: ...l addr no logging email from addr Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines There are no user guidelines for this command logging email message type subject Use the logging email message type subject command in Global Configuration mode to configures s...

Page 390: ...must enter the message type parameter manually as tab and space bar completion do not work for this parameter logging email logtime Use the logging email logtime command in Global Configuration mode to configure the value of how frequently the queued messages are sent Syntax logging email logtime time duration no logging email logtime Parameter Description Default Configuration The default value i...

Page 391: ...TP server Syntax logging email test message type message type message body message body Parameter Description Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines This command has no user guidelines Parameter Description message type Urgent non urgent or both message body The message to log Enclose the message in double quotes if it cont...

Page 392: ...led mode Syntax show logging email statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines clear logging email statistics Use the clear logging email statistics command in Privileged EXEC mode to clear the email alerting sta...

Page 393: ...d disables the switch to use TLS authentication with the SMTP Server If the administrator sets the TLS mode and if the SMTP sever does not support TLS mode then no email goes to the SMTP server Syntax security tls none Parameter Description This command does not require a parameter description Default Configuration The default value is disabled Command Mode Mail Server Configuration User Guideline...

Page 394: ...l server ip address ip address hostname hostname no mail server ip address hostname Parameter Description Default Configuration The default configuration for a mail server is shown in the table below Command Mode Global Configuration User Guidelines This command has no user guidelines Parameter Description ip address An IPv4 or IPv6 address hostname The DNS name of an SMTP server Field Default Ema...

Page 395: ...n Default Configuration The default value is 25 Command Mode Mail Server Configuration User Guidelines Port 25 is the standard SMTP port for cleartext messages Port 465 is the standard port for messages sent using TLSv1 Messages are always sent in plain text mode username Mail Server Configuration Mode Use the username command in Mail Server Configuration mode to configure the username required by...

Page 396: ...ommand in Mail Server Configuration mode to configure the password required to authenticate to the email server Use the no form of the command to revert the password to the default value Syntax password password no password Parameter Description This command does not require a parameter description Default Configuration The default value for password is admin Command Mode Mail Server Configuration...

Page 397: ... does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show mail server all Mail Servers configuration No of mail servers configured 2 Mail Serqy ver1 configuration SMTP server IP Address 10 131 1 11 SMTP server Port 465 SMTP server security protocol t...

Page 398: ...ver Port 465 SMTP server security protocol tls SMTP server authentication details Username admin console show mail server ip address 10 131 1 11 SMTP server IP Address 10 131 1 11 SMTP server Port 465 SMTP server security protocol tls SMTP server authentication details Username admin 2CSPC4 XCT SWUM2XX1 book Page 398 Monday October 3 2011 11 05 AM ...

Page 399: ... MTU Max Frame Size from 1518 1522 with VLAN header bytes to 9216 bytes However any device connecting to the same broadcast domain should support the same or larger MTU Flow control is a mechanism or protocol used to temporarily suspend transmission of data to a device to avoid overloading the device receive path PowerConnect switching implements the flow control mechanism defined in IEEE 802 3 An...

Page 400: ... this Chapter This chapter explains the following commands clear counters Use the clear counters command in Privileged EXEC mode to clear statistics on an interface Syntax clear counters gigabitethernet unit slot port port channel port channel number switchport tengigabitethernet unit slot port Default Configuration This command has no default configuration clear counters show interfaces configura...

Page 401: ... To remove the description use the no form of this command Syntax description string no description string Comment or a description of the port attached to this interface Range 1 to 64 characters Default Configuration By default the interface does not have a description Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no use...

Page 402: ... half full no duplex Parameter Description Default Configuration Auto is enabled by default Command Mode Interface Configuration Ethernet mode User Guidelines When duplex is configured to auto auto negotiation is enabled for the port This configuration cannot be done on SFP module ports as they operate only in full duplex mode Parameter Description auto Auto negotiation is enabled for the port hal...

Page 403: ...ol Default Configuration Flow Control is enabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example In the following example flow control is enabled console config flowcontrol interface Use this command to configure parameters for the gigabit Ethernet and ten gigabit Ethernet ports and for port channels While in Global Configuration mode e...

Page 404: ...guration Interface Configuration User Guidelines It is possible to enter interface configuration mode from global configuration mode or from interface configuration mode Example The following example enables gigabit port 2 on stack member 1 for configuration console config interface gigabitethernet 1 0 2 console config if interface range Use the interface range command in Global Configuration mode...

Page 405: ...the same command console config interface range gigabitethernet 5 0 18 20 3 0 1 24 console config if range The following example shows how all gigabitethernet ports can be configured at once console config interface range gigabitethernet all console config if range The following examples demonstrate various valid interface ranges console config interface range gigabitEthernet 1 0 1 20 Parameter De...

Page 406: ...terface by adjusting the maximum size of a packet To return to the default setting use the no form of this command Syntax mtu bytes no mtu bytes Number of bytes Range 1518 9216 Default Configuration The default number of bytes is 1518 1522 bytes of VLAN tagged frames Command Mode Interface Configuration Ethernet mode User Guidelines The value set allows an additional four bytes for the VLAN tag Th...

Page 407: ...ommand Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples display information about auto negotiation advertisement console show interfaces advertise Port Type Neg Operational Link Advertisement 1 0 2 1G Copper Enable 1000f 100f 100h 10f 10h 1 0 2 1G Copper Enable 1000f console show interfaces advertise gigabitethernet 1 0 1 Port Gigabitethe...

Page 408: ...ort Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no use guidelines Example The following example displays the configuration for all configured interfaces console show interfaces configuration Port Type Duplex Speed Neg Admin State 1 0 1 Gigabit Level Full 100 Auto Up 1 0 2 Gigabit Level N A Unknown Auto Up 1 0 3 Gigabi...

Page 409: ...p 1 0 18 Gigabit Level N A Unknown Auto Up 1 0 19 Gigabit Level N A Unknown Auto Up More or q uit The displayed port configuration information includes the following show interfaces counters Use the show interfaces counters command in User EXEC mode to display traffic seen by the interface Field Description Port The port number Port Type The port designated IEEE shorthand identifier For example 10...

Page 410: ...onfiguration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays traffic seen by the physical interface console show interfaces counters Port InOctets InUcastPkts 1 0 1 183892 1289 3 0 1 123899 1788 Port OutOctets OutUcastPkts 1 0 1 9188 9 2 0 1 0 0 3 0 1 8789 27 Ch InOctets InUcastPkts 2CSPC4 XCT SWUM2XX1 book Page 410 Monday Octo...

Page 411: ...ounters gigabitethernet 1 0 1 Port InOctets InUcastPkts 1 0 1 183892 1289 Port OutOctets OutUcastPkts 1 0 1 9188 9 Alignment Errors 17 FCS Errors 8 Single Collision Frames 0 Multiple Collision Frames 0 Deferred Transmissions 0 Late Collisions 0 Excessive Collisions 0 Oversize Packets 0 Internal MAC Rx Errors 0 2CSPC4 XCT SWUM2XX1 book Page 411 Monday October 3 2011 11 05 AM ...

Page 412: ...k FCS Errors Counted frames received that are an integral number of octets in length but do not pass the FCS check Single Collision Frames Counted frames that are involved in a single collision and are subsequently transmitted successfully Multiple Collision Frames A count of frames that are involved in a multiple collision and are subsequently transmitted successfully Deferred Transmissions A cou...

Page 413: ...s no user guidelines Example The following example displays the description for all interfaces console show interfaces description Port Description 1 0 1 Port that should be used for management only 2 0 1 2 0 2 Internal MAC Rx Errors A count of frames for which reception fails due to an internal MAC sublayer receive error Received Pause Frames A count of MAC Control frames received with an opcode ...

Page 414: ...ult Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays detailed status and configuration of the specified interface console show interfaces detail gi1 0 1 Port Type Duplex Speed Neg Admin Link Field Description interface id A physical interface or port channel identifie...

Page 415: ... Control Enabled Port Gi1 0 1 VLAN Membership mode Access Mode Operating parameters PVID 1 Ingress Filtering Enabled Acceptable Frame Type Untagged Default Priority 0 GVRP status Disabled Protected Disabled Port Gi1 0 1 is member in VLAN Name Egress rule Type 2CSPC4 XCT SWUM2XX1 book Page 415 Monday October 3 2011 11 05 AM ...

Page 416: ...abled Acceptable Frame Type Untagged Port Gi1 0 1 is statically configured to VLAN Name Egress rule Forbidden VLANS VLAN Name Port Gi1 0 1 Enabled State Disabled Role Disabled Port id 128 1 Port Cost 0 Port Fast No Configured no Root Protection No 2CSPC4 XCT SWUM2XX1 book Page 416 Monday October 3 2011 11 05 AM ...

Page 417: ... interfaces Syntax show interfaces status The displayed port status information includes the following Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Field Description Port The port or port channel number Oob means Out of Band Management Interface Name The port name Duplex Displays the port Duplex status Speed Refers to the port speed Neg Describe...

Page 418: ...e show statistics command in Privileged EXEC mode to display detailed statistics for a specific port or for the entire switch Syntax show statistics gigabitethernet unit slot port switchport port channel port channel number tengigabitethernet unit slot port Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Parameter Description ...

Page 419: ... Octets 479543 Packets Received 1522 Octets 0 Packets RX and TX 64 Octets 94516 Packets RX and TX 65 127 Octets 483312 Packets RX and TX 128 255 Octets 101329 Packets RX and TX 256 511 Octets 163696 Packets RX and TX 512 1023 Octets 4982 Packets RX and TX 1024 1518 Octets 479845 Packets RX and TX 1519 1522 Octets 0 Packets RX and TX 1523 2047 Octets 0 Packets RX and TX 2048 4095 Octets 0 Packets R...

Page 420: ...0 CFI Discards 0 Upstream Threshold 0 Total Packets Transmitted Octets 3604988 Packets Transmitted 64 Octets 45566 Packets Transmitted 65 127 Octets 886 Packets Transmitted 128 255 Octets 245 More or q uit Packets Transmitted 256 511 Octets 25 Packets Transmitted 512 1023 Octets 158 Packets Transmitted 1024 1518 Octets 302 Max Frame Size 1518 Total Packets Transmitted Successfully 47182 Unicast Pa...

Page 421: ...BPDU sent 44432 received 0 EAPOL Frames Transmitted 0 EAPOL Start Frames Received 0 Time Since Counters Last Cleared 1 day 0 hr 41 min 44 sec The following example shows statistics for the entire switch console show statistics gigabitethernet switchport Total Packets Received Octets 16877295 Unicast Packets Received 1608 Multicast Packets Received 48339 Broadcast Packets Received 69535 Receive Pac...

Page 422: ... Dynamic VLAN Entries 0 VLAN Deletes 0 Time Since Counters Last Cleared 1 day 0 hr 42 min 13 sec console The following example shows statistics for the entire switch console show statistics switchport Total Packets Received Octets 0 Packets Received Without Error 0 Unicast Packets Received 0 Multicast Packets Received 0 Broadcast Packets Received 0 Receive Packets Discarded 0 Octets Transmitted 0 ...

Page 423: ...d 0 day 18 hr 1 min 59 sec show statistics switchport Use the show statistics command in Privileged EXEC mode to display detailed statistics for a specific port or for the entire switch Syntax show statistics interface id switchport Parameter Description Default Configuration This command has no default configuration Parameter Description interface id Interface id See Interface Naming Conventions ...

Page 424: ... show statistics switchport Total Packets Received Octets 0 Packets Received Without Error 0 Unicast Packets Received 0 Multicast Packets Received 0 Broadcast Packets Received 0 Receive Packets Discarded 0 Octets Transmitted 0 Packets Transmitted Without Errors 0 Unicast Packets Transmitted 0 Multicast Packets Transmitted 0 Broadcast Packets Transmitted 0 Transmit Packets Discarded 0 Most Address ...

Page 425: ...display the configuration of storm control Syntax show storm control all gigabitethernet unit slot port tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example shows storm control configurations for all valid Ethernet ports The second exampl...

Page 426: ... the shutdown command in Interface Configuration mode to disable an interface To restart a disabled interface use the no form of this command Syntax shutdown no shutdown Default Configuration The interface is enabled Command Mode Interface Configuration Ethernet Port Channel Tunnel Loopback mode User Guidelines This command has no user guidelines Examples The following example disables gigabit Eth...

Page 427: ...0 auto 10 100 1000 10000 no speed Parameter Description Default Configuration Auto is enabled by default Command Mode Interface Configuration Ethernet mode Parameter Description 10 Configures the port to 10 Mbps operation 100 Configures the port to 100 Mbps operation 1000 Configures the port to 1000 Mbps operation 10000 Configures the port to 10 Gbps operation auto The port automatically detects t...

Page 428: ...l broadcast command in Interface Configuration mode to enable broadcast storm recovery mode for a specific interface If the mode is enabled broadcast storm recovery is active and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of broadcast traffic will be limited to the configured threshold Synt...

Page 429: ...d Therefore the rate of multicast traffic will be limited to the configured threshold When you use the no storm control multicast command to disable storm control after having set the level or rate to a non default value that value is still set but is not active until you re enable storm control Syntax storm control multicast level rate no storm control multicast level The configured rate as a per...

Page 430: ...fic will be limited to the configured threshold When you use the no storm control multicast command to disable storm control after having set the level or rate to a non default value that value is still set but is not active until you re enable storm control Syntax storm control unicast level rate no storm control unicast level The configured rate as a percentage of link speed rate The configured ...

Page 431: ...s on two different switches No traffic forwarding is possible between two protected ports Ports in a protected group will not forward traffic to other ports in the group Syntax switchport protected groupid no switchport protected groupid Identifies which group this port will be protected in Range 0 2 Default Configuration No protected switchports are defined Command Mode Interface Configuration Et...

Page 432: ... Range 0 32 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example assigns the name protected to group 1 console config if 1 0 1 switchport protected 1 name protected show switchport protected Use the show switchport protected command in Privileged EXEC mode ...

Page 433: ...nfiguration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example identifies test as the protected group console show switchport protected 0 Name test 2CSPC4 XCT SWUM2XX1 book Page 433 Monday October 3 2011 11 05 AM ...

Page 434: ...434 Ethernet Configuration Commands 2CSPC4 XCT SWUM2XX1 book Page 434 Monday October 3 2011 11 05 AM ...

Page 435: ...e layer across networks comprising multiple LANs including LANs other than 802 3 media PowerConnect CFM supports the following functionality Path discovery linktrace message Fault detection continuity check message Fault verification and isolation loopback and linktrace messages Fault notification alarm indication signal or SNMP trap Commands in this Chapter This chapter explains the following com...

Page 436: ...m of the command to delete a maintenance domain Syntax ethernet cfm domain domain name level 0 7 Parameter Description Default Configuration No CFM domains are pre configured Command Mode Global Configuration mode ethernet cfm mep archive hold time show ethernet cfm statistics ethernet cfm mip level debug cfm Parameter Description Range Default Access Maintenance domain ID Unique identifier mainte...

Page 437: ... Use the service command in maintenance domain config mode to associate a VLAN with a maintenance domain Use the no form of the command to remove the association Syntax service service name vlan vlanid Parameter Description Default Configuration No VLANs are associated with a maintenance domain by default Parameter Description Range Default Access service Unique service identifier alphanumeric str...

Page 438: ... level on a VLAN monitored by an existing domain Use the no form of the command to cease send CCMs Syntax ethernet cfm cc level 0 7 vlan vlan list interval secs Parameter Description Parameter Description Range Default Access Maintenance association VLAN ID VLAN ID representing a serviceinstance that is monitored by this maintenance association 1 4093 0 Read write CCM Interval Time interval betwee...

Page 439: ...ed level and direction MEPs are configured per Maintenance Association per Maintenance Domain Use the no form of the command to delete a MEP Syntax ethernet cfm mep level 0 7 direction up down mpid 1 8191 vlan 1 4093 Parameter Description Default Configuration No MEPs are preconfigured Parameter Description level Maintenance association level direction Up indicates the MEP is facing towards Bridge...

Page 440: ...hernet cfm mep enable command in Interface Configuration mode to enable a MEP at the specified level and direction Use the no form of the command to disable the MEP Syntax ethernet cfm mep enable level 0 7 vlan 1 4093 mpid 1 8191 Parameter Description Default Configuration No MEPs are preconfigured Command Mode Interface Configuration Parameter Description level Maintenance association level mpid ...

Page 441: ...ce Configuration mode to activate a MEP at the specified level and direction Use the no form of the command to deactivate the MEP Syntax ethernet cfm mep active level 0 7 vlan 1 4093 mpid 1 8191 Parameter Description Default Configuration No MEPs are preconfigured Command Mode Interface Configuration User Guidelines This command has no user guidelines Parameter Description level Maintenance associ...

Page 442: ...s than the CCM message interval Example The following example sets the hold time for maintaining internal information regarding a missing MEP console config ethernet cfm mep archive hold time 1200 ethernet cfm mip level Use the ethernet cfm mip level command in Interface Configuration mode to create a Maintenance Intermediate Point MIP at the specified level The MEPs are configured per Maintenance...

Page 443: ...p level 7 ping ethernet cfm Use the ping ethernet cfm command in Privileged EXEC mode to generate a loopback message LBM from the configured MEP Syntax ping ethernet cfm mac mac addr remote mpid 1 8191 domain domain name level 0 7 vlan vlan id mpid 1 8191 count 1 255 Parameter Description Parameter Description level Maintenance association level Parameter Description level Maintenance association ...

Page 444: ... the configured MEP mac addr The destination MAC address for which the connectivity needs to be verified Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity is to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VLAN associated with the maintenance domain Rang...

Page 445: ...on level Maintenance association level mac addr The destination MAC address for which the route needs to be traced Either MEP ID or the MAC address option can be used remote mpid The MEP ID for which connectivity needs to be verified i e the destination MEP ID domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length vlan id A VLAN associated with the maintenanc...

Page 446: ...elines This command has no user guidelines Example console show ethernet cfm errors Level SVID MPID DefRDICcm DefMACStatus DefRemoteCCM DefErrorCCM DefXconCCM show ethernet cfm domain Use the show ethernet cfm domain command in Privileged EXEC mode to display the configured parameters in a maintenance domain Parameter Description domain Name of the maintenance domain an alphanumeric string of up t...

Page 447: ...et cfm domain domain1 Domain Name domain1 Level 1 Total Services 1 VLAN ServiceName CC Interval secs 10 serv1 1 show ethernet cfm maintenance points local Use the show ethernet cfm maintenance points local command in Privileged EXEC mode to display the configured local maintenance points Parameter Description domain Name of the maintenance domain an alphanumeric string of up to 43 characters in le...

Page 448: ... Dire CC MEP Operational MAC ction Transmit Active Status 1 1 MEP 10 1 0 1 UP Enabled True 00 02 bc 02 02 02 Level Type Port MAC show ethernet cfm maintenance points remote Use the show ethernet cfm maintenance points remote command in Privileged EXEC mode to display the configured remote maintenance points Parameter Description domain Name of the maintenance domain an alphanumeric string of up to...

Page 449: ...thernet cfm maintenance points remove level 1 MEP Id RMEP Id Level MAC VLAN Expiry Timer sec Service Id 1 2 1 00 11 22 33 44 55 10 25 serv1 Parameter Description domain Name of the maintenance domain an alphanumeric string of up to 43 characters in length level Maintenance association level mac address The destination MAC address for which the information is desired vlan id A VLAN associated with ...

Page 450: ...ivileged EXEC User Guidelines This command has no user guidelines Example show Ethernet cfm statistics domain domain name level 0 7 Console show ethernet cfm statistics Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 1 Out of sequence CCM s received 0 CCM s transmitted 259 In order Loopback Replies received 5 Parameter Description domain name Name of the maintenance domain an alphanumeric str...

Page 451: ...oopback Replies transmitted 0 Unexpected LTR s received 0 Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 3 Out of sequence CCM s received 0 CCM s transmitted 1 In order Loopback Replies received 0 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 5 Unexpected LTR s received 0 debug cfm Use the debug cfm command in Privileged EXEC mode ...

Page 452: ...1 Level 1 Vlan 11 MEP Id 1 Out of sequence CCM s received 0 CCM s transmitted 259 In order Loopback Replies received 5 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 5 Parameter Description event CFM events pdu CFM PDUs ccm Continuity check messages ltm Link trace messages lbm Loopback messages tx Transmit only rx Receive only all Everyth...

Page 453: ...Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 0 Unexpected LTR s received 0 Statistics for Domain domain1 Level 1 Vlan 11 MEP Id 3 Out of sequence CCM s received 0 CCM s transmitted 1 In order Loopback Replies received 0 Out of order Loopback Replies received 0 Bad MSDU Loopback Replies received 0 Loopback Replies transmitted 5 Unexpected LTR s received 0 2CSPC4 XCT SWUM2XX1 bo...

Page 454: ...454 Ethernet CFM Commands 2CSPC4 XCT SWUM2XX1 book Page 454 Monday October 3 2011 11 05 AM ...

Page 455: ...s Energy Efficient Ethernet Energy Efficient Ethernet EEE combines the MAC with a family of PHYs that support operation in a Low Power Mode as defined by the IEEE 802 3az Energy Efficient Ethernet Task Force Lower Power Mode enables both the send and receive sides of the link to disable some functionality for power savings when lightly loaded Transition to Low Power Mode does not change the link s...

Page 456: ...nergy detect mode even if the fiber port is enabled If enabled energy detect mode will become active when the copper port is used Use the no form of the command to disable energy detect mode on the interface s Energy detect mode cannot be disabled on 10G copper interfaces Syntax green mode energy detect no green mode energy detect Parameter Description This command does not require a parameter des...

Page 457: ...ransit are not dropped or corrupted in transition to and from Low Power Mode On combo ports eee mode can be enabled even if the port is using the fiber interface If enabled eee mode is only active when the copper interface is active Use the no form of the command to disable the feature Syntax green mode eee no green mode eee Parameter Description This command does not require a parameter descripti...

Page 458: ...ription Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines green mode eee lpi history Use the green mode eee lpi history command in Global Configuration mode to configure the Global EEE LPI history collection interval and buffer size This value is applied globally on all interfaces on the stack LPI histor...

Page 459: ...68 Command Mode Global Configuration User Guidelines This command has no user guidelines Examples Use the command below to set the EEE LPI History sampling interval to the default console config no green mode eee lpi history sampling interval Use the command below to set the EEE LPI History max samples to the default console config no green mode eee lpi history max samples Parameter Description sa...

Page 460: ...efault Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command output provides the following information Parameter Description interface id Any valid interface See Interface Naming Conventions for interface representation Term Description Energy Detect Energy detect admin mode Energy detect mode is enabled or disabled Energy detect operatio...

Page 461: ... TX enters LP IDLE state Shows the total number of Tx LPI Events since EEE counters are last cleared Rx Low Power Idle Duration μSec This field indicates duration of Tx LPI state in 10us increments Shows the total duration of Tx LPI since the EEE counters are last cleared Tw_sys_tx μSec Integer that indicates the value of Tw_sys that the local system can support This value is updated by the EEE DL...

Page 462: ...teger that indicates the value of Receive Tw_sys echoed back by the remote system This value maps from the aLldpXdot3RemRxTwSysEcho attribute Remote Fallback Tw_sys μSec Integer that indicates the value of fallback Tw_sys that the remote system is advertising This attribute maps to the variable RemFbSystemValue as defined in 78 4 2 3 Tx_dll_enabled Initialization status of the EEE transmit Data Li...

Page 463: ...nabled Rx Low Power Idle Event Count 0 Rx Low Power Idle Duration uSec 0 Tx Low Power Idle Event Count 0 Tx Low Power Idle Duration uSec 0 Tw_sys_tx usec XX Tw_sys_tx Echo usec XX Tw_sys_rx usec XX Tw_sys_tx Echo usec XX Fallback Tw_sys usec XX Remote Tw_sys_tx usec XX Time Since Counters Last Cleared Time Since Counters Last Cleared since the time of power up or after clear eee counters is execut...

Page 464: ...reen mode Use the show green mode command in Privileged EXEC mode to display the green mode configuration for the whole system The status is shown only for the modes supported on the corresponding hardware platform whether enabled or disabled Syntax show green mode Parameter Description This command does not require a parameter description Default Configuration This command has no default configur...

Page 465: ...In Active Enabled gi1 0 7 Enabled Active Enabled Disabled In Active Enabled gi1 0 8 Enabled Active Enabled Disabled In Active Enabled show green mode eee lpi history interface Use the show green mode eee lpi history interface command in Privileged EXEC mode to display the interface green mode EEE LPI history Syntax show green mode eee lpi history interface interface id Term Description Energy Dete...

Page 466: ...rval Interval at which EEE LPI statistics is collected Total No of Samples to Keep Maximum number of samples to keep Percentage LPI Time per Stack Percentage of total time spent in LPI mode by all ports in the stack when compared to total time since reset Sample No Sample index Sample Time Time since last reset Time Spent in LPI Mode Since Last Sample Percentage of time spent in LPI mode on this p...

Page 467: ...nce Time Spent in Time Spent in No the Sample LPI Mode Since LPI Mode Since Was Recorded Last Sample Last Reset 10 0d 00 00 13 3 2 9 0d 00 00 44 3 2 8 0d 00 01 15 3 2 7 0d 00 01 46 3 2 6 0d 00 02 18 3 2 5 0d 00 02 49 3 2 4 0d 00 03 20 3 2 3 0d 00 03 51 3 1 2 0d 00 04 22 3 1 1 0d 00 04 53 3 1 2CSPC4 XCT SWUM2XX1 book Page 467 Monday October 3 2011 11 05 AM ...

Page 468: ...468 Green Ethernet Commands 2CSPC4 XCT SWUM2XX1 book Page 468 Monday October 3 2011 11 05 AM ...

Page 469: ...s the GPDUs The VLAN registration is made in the context of the port that receives the GPDU The networking device propagates this VLAN membership on all of its other ports in the active topology Thus the end station VLAN ID is propagated throughout the network GVRP is an application defined in the IEEE 802 1p standard that allows for the control of 802 1Q VLANs Commands in this Chapter This chapte...

Page 470: ...e Configuration mode to adjust the GARP application join leave and leaveall GARP timer values To reset the timer to default values use the no form of this command Syntax garp timer join leave leaveall timer_value no garp timer join Indicates the time in centiseconds that PDUs are transmitted leave Indicates the time in centiseconds that the device waits before leaving its GARP state leaveall Used ...

Page 471: ...GARP timer values on all Layer 2 connected devices If the GARP timers are set differently on Layer 2 connected devices the GARP application will not operate successfully The timer_value setting must be a multiple of 10 Example The following example sets the leave timer for port 1 0 8 to 90 centiseconds console config interface gigabitethernet 1 0 8 console config if 1 0 8 garp timer leave 90 gvrp ...

Page 472: ...nd in Interface Configuration mode to enable GVRP on an interface To disable GVRP on an interface use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is disabled on all interfaces by default Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines An Access port cannot join dynamically to a VLAN because it is...

Page 473: ...ort and prevent any dynamic registration on the port To allow dynamic registering for VLANs on a port use the no form of this command Syntax gvrp registration forbid no gvrp registration forbid Default Configuration Dynamic registering and deregistering for each VLAN on the port is not forbidden Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelin...

Page 474: ... Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The following example disables dynamic VLAN creation on port 1 0 8 console config interface gigabitethernet 1 0 8 console config if 1 0 8 gvrp vlan creation forbid show gvrp configuration Use the show gvrp configuration command in Privileged EXEC mode to di...

Page 475: ...onfiguration Global GVRP Mode Disabled Join Leave LeaveAll Port VLAN Interface Timer Timer Timer GVRP Mode Create Register centisecs centisecs centisecs Forbid Forbid 1 0 1 20 60 1000 Disabled 1 0 2 20 60 1000 Disabled 1 0 3 20 60 1000 Disabled 1 0 4 20 60 1000 Disabled 1 0 5 20 60 1000 Disabled 1 0 6 20 60 1000 Disabled 1 0 7 20 60 1000 Disabled 1 0 8 20 60 1000 Disabled 1 0 9 20 60 1000 Disabled...

Page 476: ... configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays GVRP error statistics information console show gvrp error statistics GVRP error statistics Legend INVPROT Invalid Protocol Id INVATYP Invalid Attribute Type INVALEN Invalid Attribute Length INVAVAL Invalid Attribute Value INVEVENT Invalid Event Port INVPROT INVATYP ...

Page 477: ... configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example This example shows output of the show gvrp statistics command console show gvrp statistics GVRP statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Received rLIn Leave In Received rLE Leave Empty Received rLA Leave All Received sJE Join Empty Sent JIn Join In Sent sEmp Empt...

Page 478: ... 0 0 0 0 0 0 0 0 1 0 2 0 0 0 0 0 0 0 0 0 0 0 0 1 0 3 0 0 0 0 0 0 0 0 0 0 0 0 1 0 4 0 0 0 0 0 0 0 0 0 0 0 0 1 0 5 0 0 0 0 0 0 0 0 0 0 0 0 1 0 6 0 0 0 0 0 0 0 0 0 0 0 0 1 0 7 0 0 0 0 0 0 0 0 0 0 0 0 1 0 8 0 0 0 0 0 0 0 0 0 0 0 0 2CSPC4 XCT SWUM2XX1 book Page 478 Monday October 3 2011 11 05 AM ...

Page 479: ...as IGMP Snooping The IGMP Snooping code in the CPU ages out IGMP entries in the MFDB If a report for a particular group on a particular interface is not received within a certain time interval query interval the IGMP Snooping code deletes that interface from the group The value for query interval time is configurable using management If an IGMP Leave Group message is received on an interface the I...

Page 480: ...n mode to globally enable Internet Group Management Protocol IGMP snooping Use the no form of this command to disable IGMP snooping globally Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Global Configuration mode ip igmp snooping global show ip igmp snooping interface ip igmp snooping interface show ip igmp snooping mrouter ip igmp snoopin...

Page 481: ... Group Management Protocol IGMP snooping on a specific interface To disable IGMP snooping on an Ethernet interface use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines IGMP snooping can be enabled on Ethernet interfaces Exa...

Page 482: ...in seconds Range 2 3600 Default Configuration The default host time out is 260 seconds Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The timeout should be more than sum of response time and twice the query interval Example The following example configures the host timeout to 300 seconds console config if 1 0 1 ip igmp snooping host time o...

Page 483: ...figuration gigabitethernet port channel tengigabitethernet mode User Guidelines The leave timeout should be set greater than the maximum time that a host is allowed to respond to an IGMP Query Use immediate leave only where there is only one host connected to a port Example The following example configures the host leave time out to 15 seconds console config if 1 0 1 ip igmp snooping leave time ou...

Page 484: ...ines This command has no user guidelines Example The following example configures the mrouter timeout to 200 seconds console config if 1 0 1 ip igmp snooping mrouter time out 200 show ip igmp snooping Use the show ip igmp snooping command in Privileged EXEC mode to display the IGMP snooping configuration Syntax show ip igmp snooping vlan vlan id Parameter Description Parameter Description vlan id ...

Page 485: ...nooping Syntax show ip igmp snooping groups vlan vlan id address ip multicast address vlan_id Specifies a VLAN ID value ip multicast address Specifies an IP Multicast address Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The example shows Multicast groups learned by IGMP snooping for all VLANs...

Page 486: ... IGMP snooping configuration Syntax show ip igmp snooping interface interface gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The example displays IGMP snooping information console show ip igm...

Page 487: ...mrouter Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example shows IGMP snooping mrouter information console show ip igmp snooping mrouter Port 1 0 1 ip igmp snooping VLAN Use the ip igmp snooping command in VLAN Configuration mode to enable IGMP snooping on a p...

Page 488: ...ayer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group without first sending out MAC based general queries to the interface The no form of this command disables IGMP Snooping fast leave mode on a VLAN You should enable fast leave admin mode only on VLANs where only one host is connected to each layer 2 LAN port This setting prevents the i...

Page 489: ...l time on a VLAN The Group Membership Interval time is the amount of time in seconds that a switch waits for a report from a particular group on a particular interface before deleting the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds The no form of this command sets the IGMPv3 Group Membership Interval time to the def...

Page 490: ...time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface This value must be less than the IGMP Query Interval time value The range is 1 to 3174 seconds The no form of this command sets the maximum response time on the VLAN to the default value Syntax ip igmp snooping maxresponse ...

Page 491: ...its for a query to be received on an interface before the interface is removed from the list of interfaces with multicast routers attached The range is 1 2147483647 seconds A value of 0 indicates an infinite time out no expiration The no form of this command sets the Multicast Router Present Expiration time to 0 The time is set for a particular VLAN Syntax ip igmp snooping mcrtexpiretime vlan id s...

Page 492: ...ould be less than the group membership interval Example The following example sets the multicast router present expiration time on VLAN 2 to 60 seconds console config vlan ip igmp mcrtexpiretime 2 60 2CSPC4 XCT SWUM2XX1 book Page 492 Monday October 3 2011 11 05 AM ...

Page 493: ...the Querier sends out periodic IGMP MLD General Queries that trigger the Multicast listeners member to send their joins so as to receive the Multicast data traffic IGMP MLD Snooping listens to these reports to establish the appropriate L2 forwarding table entries The PowerConnect supports version IGMP V1 and 2 for snooping IGMP queries Commands in this Chapter This chapter explains the following c...

Page 494: ...p address An IPv4 address used for the source address Default Configuration The IGMP snooping querier feature is globally disabled on the switch When enabled the IGMP snooping querier disables itself if it detects IGMP traffic from a multicast enabled router Command Mode Global Configuration mode User Guidelines When using the command in Global Configuration mode to configure a snooping querier so...

Page 495: ...ooping Querier wins the election then it continues sending periodic queries The no form of this command sets the snooping querier not to participate in the querier election but to go into a non querier mode as soon in as it discovers the presence of another querier in the same VLAN Syntax ip igmp snooping querier election participate vlan id no ip igmp snooping querier election participate vlan id...

Page 496: ...t value Syntax ip igmp snooping querier query interval interval count no ip igmp snooping querier query interval interval count Amount of time in seconds that the switch waits before sending another general query Range 1 1800 Default Configuration The query interval default is 60 seconds Command Mode Global Configuration mode User Guidelines The value of this parameter should be larger than the IG...

Page 497: ... the switch remains in Non Querier mode after it has discovered that there is a multicast querier in the network The range is 60 300 seconds Default Configuration The query interval default is 60 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the querier timer expiry time to 100 seconds ip igmp snooping querier ...

Page 498: ...1 show ip igmp snooping querier This command displays IGMP Snooping Querier information Configured information is displayed whether or not IGMP Snooping Querier is enabled If a querier is active in the network and IGMP snooping querier is enabled the querier s IP address is shown in the Last Querier Address field Syntax show ip igmp snooping querier detail vlan vlan_id Syntax Description When the ...

Page 499: ...Operational State Indicates whether IGMP Snooping Querier is in the Querier or Non Querier state When the switch is in Querier state it sends out periodic general queries When in Non Querier state it waits for moving to Querier state and does not send out any queries VLAN Operational Max Response Time Indicates the time to wait before removing a Leave from a host upon receiving a Leave request Thi...

Page 500: ... 2 console show ip igmp snooping querier vlan 2 Vlan 2 IGMP Snooping querier status IGMP Snooping Querier Vlan Mode Enable Querier Election Participate Mode Disable Querier Vlan Address 0 0 0 0 Operational State Non Querier Last Querier Address 2 2 2 2 Operational version 3 Operational Max Resp Time 11 Elected Querier Indicates the IP address of the Querier that has been designated as the Querier ...

Page 501: ...ching routing interfaces Out of band management is always through the dedicated service port In band management interfaces can employ a variety of protection mechanisms including VLAN assignment and Management ACLs The out of band port does not support such protection mechanisms and therefore it is recommended that the service port only be connected to a physically segregated management network Co...

Page 502: ...ult configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes all entries from the host name to address cache console clear host clear ip address conflict detect Use the clear ip address conflict detect command in Privileged EXEC mode to clear the address conflict detection status in the switch Syntax clear ip address ...

Page 503: ...to set an IP address for the service port Use the no form of this command to return the ip address configuration to its default value Syntax ip address ip address mask prefix length dhcp no ip address Parameter Description Parameter Description ip address Specifies a valid IP address mask Specifies a valid subnet network mask IP address prefix length The number of bits that comprise the IP address...

Page 504: ...rvice port with IP address 131 108 1 27 and subnet mask 255 255 255 0 and the same IP address with prefix length of 24 bits console config interface out of band console config if ip address 131 108 1 27 255 255 255 0 console config if ip address 131 108 1 27 24 ip address conflict detect run Use the ip address conflict detect run command in Global Configuration mode to trigger the switch to run ac...

Page 505: ...sole config ip address conflict detect run ip address dhcp Interface Config Use the ip address dhcp command in Interface VLAN Configuration mode to enable the DHCPv4 client on an interface Syntax ip address dhcp no ip address dhcp Parameter Description This command does not require a parameter description Default Configuration DHCPv4 is disabled by default on routing interfaces Command Mode Interf...

Page 506: ...learn the following parameters from a DHCP server The IPv4 address of a default gateway If the device learns different default gateways on different interfaces the system uses the first default gateway learned The system installs a default route in the routing table with the default gateway s address as the next hop address This default route has a preference of 254 The IPv4 address of a DNS serve...

Page 507: ...ed with this command is more preferred than a default gateway learned from a DHCP server which has a route preference of 254 It is less preferred than a static route configured via the ip route command which has a route preference of 1 Use the show ip route command to display the active default gateway Only one default gateway can be configured If you invoke this command multiple times each comman...

Page 508: ...nd Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables the IP Domain Naming System DNS based host name to address translation console config ip domain lookup ip domain name Use the ip domain name command in Global Configuration mode to define a default domain name used to complete unqualified host names To delete the default doma...

Page 509: ...ser guidelines Example The following example defines a default domain name of dell com console config ip domain name dell com ip host Use the ip host command in Global Configuration mode to define static host name to address mapping in the host cache To delete the name to address mapping use the no form of this command Syntax ip host name address no ip host name name Host name address IP address o...

Page 510: ...mmand Syntax ip name server server address1 server address2 server address8 no ip name server server address1 server address8 server address Valid IPv4 or IPv6 addresses of the name server Range 1 255 characters Default Configuration No name server IP addresses are specified Command Mode Global Configuration mode User Guidelines Server preference is determined by entry order Up to eight servers ca...

Page 511: ... of the address make up the prefix eui64 The optional eui 64 field designates that IPv6 processing on the interfaces is enabled using an EUI 64 interface ID in the low order 64 bits of the address If this option is used the value of prefix_length must be 64 bits autoconfig Use this keyword to set the IPv6 address auto configuration mode dhcp Use this keyword to obtain an IPv6 address via DHCP Defa...

Page 512: ... config no ipv6 address 2001 64 eui64 console config no ipv6 address ipv6 address OOB Port Use the ipv6 address command in Interface out of band Config mode to set the IPv6 prefix on the out of band port If the prefix is specified the address will be configured using the prefix and length A link local address in EUI 64 format may also be assigned The autoconfig parameter specifies that a link loca...

Page 513: ...lines When DHCPv6 is enabled on the Out of Band interface the system automatically deletes all manually configured IPv6 addresses on the interface DHCPv6 can be enabled on the Out of Band interface only when IPv6 auto configuration or DHCPv6 is not enabled on any of the in band management interfaces IPv6 auto configuration mode can be enabled in the Out of Band interface only when IPv6 auto config...

Page 514: ... to VLAN routing interfaces When DHCPv6 is enabled on a VLAN routing interface the system automatically deletes all manually configured IPv6 addresses on the interface Use the no ipv6 address dhcp command to release a leased address and to disable DHCPv6 on an interface The command no ipv6 address does not disable the DHCPv6 client on the interface This command will fail if DHCPv6 server has been ...

Page 515: ... VLAN loopback User Guidelines There are no user guidelines for this command Example console config no ipv6 enable ipv6 enable OOB Config Use the ipv6 enable command in Interface out of band Config mode to enable IPv6 operation on the out of band interface Prefixes configured by the ipv6 adddress command are not configured until the interface is enabled Syntax ipv6 enable no ipv6 enable Default Co...

Page 516: ...for packets addressed to network devices not present on the local subnet Use the no form of the command to remove the gateway configuration Syntax ipv6 gateway ipv6 address no ipv6 gateway Parameter Description Default Configuration By default no IPv6 gateway is configured Command Mode Interface out of band Configuration mode User Guidelines There are no user guidelines for this command Parameter ...

Page 517: ...fault Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about IP hosts console show hosts Host name Default domain gm com sales gm com usa sales gm com Name address lookup is enabled Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to ad...

Page 518: ...uidelines The command provides the following information Example console show ip address conflict Term Description Address Conflict Detection Status Whether the switch has detected an address conflict on any IP address Set to Conflict Detected if detected No Conflict Detected otherwise Last Conflicting IP Address The IP address that was last detected as conflicting on any interface Last Conflictin...

Page 519: ... show ip helper address command in Privileged EXEC mode to display IP helper addresses configuration Syntax show ip helper address intf address intf address IP address of a routing interface Range Any valid IP address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip helper a...

Page 520: ...XEC mode to display IPv6 DHCP statistics for the out of band interface Syntax show ipv6 dhcp interface out of band statistics Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show ipv6 dhcp interface out of band statistics DHCPv6 Client Statistics DHCPv6 Advertisement Packets Received 0 ...

Page 521: ...e Packets Transmitted 0 Total DHCPv6 Packets Transmitted 8 show ipv6 interface out of band Use the show ipv6 interface out of band command in Privileged EXEC mode to show the ipv6 out of band port configuration Syntax show ipv6 interface out of band Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no...

Page 522: ...nd IPv6 Administrative Mode Enabled IPv6 Prefix is FE80 21E C9FF FEAA AD79 64 128 IPv6 Default Router FE80 A912 FEC2 A145 FEAD Configured IPv6 Protocol None IPv6 AutoConfig Mode Enabled Burned In MAC Address 001E C9AA AD79 2CSPC4 XCT SWUM2XX1 book Page 522 Monday October 3 2011 11 05 AM ...

Page 523: ...r blocked and above all provide security for the network ACLs are normally used in firewall routers that are positioned between the internal network and an external network such as the Internet They can also be used on a router positioned between two parts of the network to control the traffic entering or exiting a specific part of the internal network The PowerConnect ACL feature allows classific...

Page 524: ... range parameter The time range parameter allows imposing a time limitation on the IPv6 ACL rule as defined by the parameter time range name If a time range with the specified name does not exist and the IPv6 ACL containing this ACL rule is applied to an interface or bound to a VLAN then the ACL rule is applied immediately If a time range with the specified name exists and the IPv6 ACL containing ...

Page 525: ...ength any matches any source IP address Or you can specify a source IPv6 addressed expressed as a prefix prefixlength flow label flow label value The value to match in the Flow Label field of the IPv6 header Range 0 1048575 dscp dscp value Specifies the TOS for an IPv6 ACL rule depending on a match of DSCP values using the parameter dscp assign queue queue id Specifies particular hardware queue fo...

Page 526: ...1 DB8 32 network but allow all other traffic from that network console config ipv6 access list STOP_HTTP console Config ipv6 acl deny ipv6 2001 DB8 32 any eq http console Config ipv6 acl permit ipv6 2001 DB8 32 any console Config ipv6 acl ipv6 access list The ipv6 access list command creates an IPv6 Access Control List ACL consisting of classification fields defined for the IP header of an IPv6 fr...

Page 527: ...example creates an IPv6 ACL named DELL_IP6 and enters the IPv6 Access List Config mode console config ipv6 access list DELL_IP6 console Config ipv6 acl ipv6 access list rename The ipv6 access list rename command changes the name of an IPv6 Access Control List ACL This command fails if an IPv6 ACL with the new name already exists Syntax ipv6 access list rename name newname name the name of an exist...

Page 528: ... direction A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified IPv6 access list replaces the currently attached IPv6 access list using that sequence number If the sequence number is not specified for this command a sequence number that is one greater than the highest sequence number currently in use for this interfa...

Page 529: ...rfaces Example The following example attaches an IPv6 access control list to an interface console config if 1 0 1 ipv6 traffic filter DELL_IP6 in show ipv6 access lists Use the show ipv6 access lists command in User EXEC and Privileged EXEC mode to display an IPv6 access list and all of the rules that are defined for the IPv6 ACL Use the name parameter to identify a specific IPv6 ACL to display Sy...

Page 530: ...pv6 access lists Current number of all ACLs 1 Maximum number of all ACLs 100 IPv6 ACL Name Rules Direction Interface s VLAN s STOP_HTTP 2 inbound 1 0 1 console show ipv6 access lists STOP_HTTP ACL Name STOP_HTTP Inbound Interface s 1 0 1 Rule Number 1 Action deny Protocol 255 ipv6 Source IP Address 2001 DB8 32 Destination L4 Port Keyword 80 www http Rule Number 2 Rule Status Status Active Inactive...

Page 531: ... rule Source L4 Port Keyword This field displays the source port for this rule Destination IP Address This displays the destination IP address for this rule Destination L4 Port Keyword This field displays the destination port for this rule IP DSCP This field indicates the value specified for IP DSCP Flow Label This field indicates the value specified for IPv6 Flow Label Log Displays when you enabl...

Page 532: ...532 IPv6 Access List Commands 2CSPC4 XCT SWUM2XX1 book Page 532 Monday October 3 2011 11 05 AM ...

Page 533: ...n 2 MLDv2 is equivalent to IGMPv3 MLD is a subprotocol of Internet Control Message Protocol version 6 ICMPv6 and MLD messages are a subset of ICMPv6 messages identified in IPv6 packets by a preceding Next Header value of 58 PowerConnect switches can snoop on both MLDv1 and MLDv2 protocol packets and bridge IPv6 multicast data based on destination IPv6 Multicast MAC Addresses The switch can be conf...

Page 534: ...N port This prevents the inadvertent dropping of the other hosts that were connected to the same layer 2 LAN port but were still interested in receiving multicast traffic directed to that group Also fast leave processing is supported only with MLD version 1 hosts Syntax ipv6 mld snooping immediate leave vlan id no ipv6 mld snooping immediate leave vlan id vlan_id Specifies a VLAN ID value in VLAN ...

Page 535: ...s no ipv6 mld snooping groupmembership interval vlan id vlan_id Specifies a VLAN ID value in VLAN Database mode seconds MLD group membership interval time in seconds Range 2 3600 Default Configuration The default group membership interval time is 260 seconds Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidelines Example console config if 4 ...

Page 536: ...nd Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidelines Example console config if 4 0 1 ipv6 mld snooping maxresponse 33 ipv6 mld snooping mcrtexpiretime The ipv6 mld snooping mcrtexpiretime command sets the Multicast Router Present Expiration time The time is set for a particular interface or VLAN This is the amount of time in seconds that a swi...

Page 537: ... Command Mode Interface Configuration mode VLAN Database mode User Guidelines This command has no user guidelines Example console config if 4 0 1 ipv6 mld snooping mcrtrexpiretime 60 ipv6 mld snooping Global The ipv6 mld snooping Global command enables MLD Snooping on the system Global Config Mode Syntax ipv6 mld snooping no ipv6 mld snooping Default Configuration MLD Snooping is disabled Command ...

Page 538: ...6 mld snooping Interface command enables MLD Snooping on an interface If an interface has MLD Snooping enabled and it becomes a member of a port channel LAG MLD Snooping functionality is disabled on that interface MLD Snooping functionality is re enabled if the interface is removed from a port channel LAG 2CSPC4 XCT SWUM2XX1 book Page 538 Monday October 3 2011 11 05 AM ...

Page 539: ...is command Example console config if 4 0 1 ipv6 mld snooping ipv6 mld snooping VLAN The ipv6 mld snooping VLAN command enables MLD Snooping on a particular VLAN and enables MLD snooping on all interfaces participating in a VLAN Syntax ipv6 mld snooping vlan id no ipv6 mld snooping vlan id vlan id Specifies a VLAN ID value Default Configuration MLD Snooping is disabled Command Mode VLAN Database mo...

Page 540: ... number tengigabitethernet unit slot port vlan vlan id Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example With no optional arguments the command displays the following information Admin Mode Indicates whether or not MLD Snooping is active on the switch Interfaces Enabled for MLD Snooping Inte...

Page 541: ...it sends a query on an interface participating in the VLAN because it did not receive a report for a particular group on that interface This value may be configured Multicast Router Present Expiration Time Displays the amount of time to wait before removing an interface that is participating in the VLAN from the list of interfaces with multicast routers attached The interface is removed if a query...

Page 542: ... 1 3333 0000 0003 Dynamic 1 0 1 1 0 3 2 3333 0000 0004 Dynamic 1 0 1 1 0 3 2 3333 0000 0005 Dynamic 1 0 1 1 0 3 MLD Reporters that are forbidden statically Vlan Ipv6 Address Ports console show ipv6 mld snooping groups vlan 2 Vlan Ipv6 Address Type Ports 2 3333 0000 0004 Dynamic 1 0 1 1 0 3 2 3333 0000 0005 Dynamic 1 0 1 1 0 3 2CSPC4 XCT SWUM2XX1 book Page 542 Monday October 3 2011 11 05 AM ...

Page 543: ...IPv6 MLD Snooping Commands 543 MLD Reporters that are forbidden statically Vlan Ipv6 Address Ports 2CSPC4 XCT SWUM2XX1 book Page 543 Monday October 3 2011 11 05 AM ...

Page 544: ...544 IPv6 MLD Snooping Commands 2CSPC4 XCT SWUM2XX1 book Page 544 Monday October 3 2011 11 05 AM ...

Page 545: ...he switch can be configured as an IGMP MLD querier When IGMP MLD Snooping Querier is enabled the Querier sends out periodic IGMP MLD General Queries that trigger the Multicast listeners member to send their joins so as to receive the Multicast data traffic IGMP MLD Snooping listens to these reports to establish the appropriate forwarding table entries PowerConnect switches support IGMP V1 and 2 fo...

Page 546: ...mode User Guidelines There are no user guidelines for this command Example console config ipv6 mld snooping querier ipv6 mld snooping querier VLAN mode Use the ipv6 mld snooping querier command in VLAN mode to enable MLD Snooping Querier on a VLAN Use the no form of this command to disable MLD Snooping Querier on a VLAN Syntax ipv6 mld snooping querier vlan id no ipv6 mld snooping querier vlan id ...

Page 547: ... address to the default Syntax ipv6 mld snooping querier address prefix prefix length no ipv6 mld snooping querier address prefix The bits of the address to be configured prefix length Designates how many of the high order contiguous bits of the address make up the prefix Default Configuration There is no global MLD Snooping Querier address configured by default Command Mode Global Configuration m...

Page 548: ...ction participation on a VLAN Syntax ipv6 mld snooping querier election participate vlan id no ipv6 mld snooping querier election participate vlan id vlan id A valid VLAN ID Range 1 4093 Default Configuration Election participation is disabled by default Command Mode VLAN Database mode User Guidelines There are no user guidelines for this command Example console config vlan ipv6 mld snooping queri...

Page 549: ...ld snooping querier timer expiry Use the ipv6 mld snooping querier timer expiry command to set the MLD Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Querier in the network Use the no form of this command to reset the timer expiration period to the default Syntax ipv6 mld snooping querier timer expi...

Page 550: ...uerier command to display MLD Snooping Querier information Configured information is displayed whether or not MLD Snooping Querier is enabled Syntax show ipv6 mld snooping querier detail vlan vlan id vlan id A valid VLAN ID Range 1 4093 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines When the optional argument vlan vlan id ...

Page 551: ...terval Displays the amount of time to wait in the Non Querier operational state before moving to a Querier state Parameter Description MLD Snooping Querier VLAN Mode Indicates whether MLD Snooping Querier is active on the VLAN Querier Election Participate Mode Indicates whether the MLD Snooping Querier participates in querier election if it discovers the presence of a querier in the VLAN Querier V...

Page 552: ...erier Commands Last Querier Address Indicates the IP address of the most recent Querier from which a Query was received MLD Version Indicates the version of MLD 2CSPC4 XCT SWUM2XX1 book Page 552 Monday October 3 2011 11 05 AM ...

Page 553: ...disabled or where DHCP snooping is enabled but the port is trusted all IP traffic received on that port is dropped depending upon the admin configured IPSG entries IPSG cannot be enabled on a port based routing interface IPSG uses two enforcement mechanisms the L2FDB to enforce the source MAC address and ingress VLAN and an ingress classifier to enforce the source IP address or source IP source MA...

Page 554: ... ip verify source port security Use the ip verify source port security command in Interface Configuration mode to enable filtering of IP packets matching the source IP address and the source MAC address Syntax ip verify source port security Default Configuration By default IPSG is disabled on all interfaces Command Mode Interface Configuration mode User Guidelines This command has no user guidelin...

Page 555: ...ce Default Configuration By default there will not be any static bindings configured Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ip verify binding 00 11 22 33 44 55 vlan 1 1 2 3 4 interface gigabitethernet 1 0 2 show ip verify interface Use the show ip verify interface command in Privileged EXEC mode to display the IPSG interfac...

Page 556: ...ileged EXEC mode to display the bindings configured on a particular interface Syntax show ip verify source interface Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip verify source interface gigabitethernet 1 0 1 show ip source binding Use the show ip source binding ...

Page 557: ...efault Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip source binding 2CSPC4 XCT SWUM2XX1 book Page 557 Monday October 3 2011 11 05 AM ...

Page 558: ...558 IP Source Guard Commands 2CSPC4 XCT SWUM2XX1 book Page 558 Monday October 3 2011 11 05 AM ...

Page 559: ...formance in traffic burst handling and the most accurate 802 3x Flow Control Pause Frame generation In these cases the application of QoS treatment other than the default policy may result in less overall throughput or more packet loss By default iSCSI optimization is enabled and iSCSI QoS treatment is disabled LLDP is used to detect the presence of EqualLogic storage arrays When iSCSI optimizatio...

Page 560: ...es from additional ACL lists up to a maximum of two ACL lists This means that the maximum number of ACL lists allocated by iSCSI is three Commands in this Chapter This chapter explains the following commands iscsi aging time The iscsi aging time command sets the time out value for iSCSI sessions To reset the aging time to the default value use the no form of this command Syntax iscsi aging time ti...

Page 561: ...ost vpt command is not supported on the PC7000 Use the iscsi cos command in Global Configuration mode to set the quality of service profile that will be applied to iSCSI flows To return the VPT DSCP setting to the default value use the no form of this command VPT DSCP values can be configured independently from the application of QoS treatment Syntax iscsi cos enable disable vpt vpt dscp dscp rema...

Page 562: ...me is mapped The default setting for egress queues scheduling is Weighted Round Robin WRR You may alter the QoS setting by configuring the relevant ports to work in other scheduling and queue management modes via the Class of Service settings These choices may include strict priority for the queue used for iSCSI traffic The downside of strict priority is that in certain circumstances under heavy h...

Page 563: ...ning config to enable flow control on all interfaces Monitoring for EqualLogic Storage arrays via LLDP is also enabled by this command Upon detection of an EQL array the specific interface involved will have spanning tree portfast enabled and unicast storm control disabled These changes appear in the running config Disabling iSCSI Optimization does not disable flow control portfast or storm contro...

Page 564: ...CSI port s or target ports use the no form of this command Syntax iscsi target port tcp port 1 tcp port 2 tcp port 16 address ip address name targetname no iscsi target port tcp port 1 tcp port 2 tcp port 16 address ip address Parameter Description Parameter Description tcp port TCP port number or list of TCP port numbers on which iSCSI target s listen to requests Up to 16 TCP ports can be defined...

Page 565: ...orm of the command and then add it again this time together with the relevant IP address Target names are only for display when using the show iscsi command These names are not used to match or for doing any sanity check with the iSCSI session information acquired by snooping A maximum of 16 TCP ports can be configured either bound to IP or not targetname iSCSI name of the iSCSI target The name ca...

Page 566: ...tion Syntax show iscsi Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the iSCSI configuration console show iscsi iSCSI enabled iSCSI CoS enabled iSCSI vpt is 5 Session aging time 10 min Maximum number of sessions is 192 iSCSI Targets and T...

Page 567: ...ions command in Privileged EXEC mode to display the iSCSI status Syntax show iscsi sessions detailed detailed Displayed list has additional data when this option is used Default Configuration If not specified sessions are displayed in short mode not detailed Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following examples show summary a...

Page 568: ... vendor sn 43338 storage tape sys1 xyz Session 3 Initiator iqn 1992 04 com os vendor plan9 cdrom 12 Session 4 Initiator iqn 1995 05 com os vendor plan9 cdrom 10 Console show iscsi sessions detailed Target iqn 1993 11 com disk vendor diskarrays sn 45678 Session 1 Initiator iqn 1992 04 com os vendor plan9 cdrom 12 storage sys1 xyz Time started 17 Jul 2008 10 04 50 Time for aging out 10 min ISID 11 2...

Page 569: ...1 172 16 1 5 49156 172 16 1 22 30001 Session 2 Initiator iqn 1995 05 com os vendor plan9 cdrom 10 Time started 17 Aug 2008 21 04 50 Time for aging out 2 min ISID 22 Initiator Initiator Target Target IP address TCP port IP address IP port 172 16 1 30 49200 172 16 1 20 30001 172 16 1 30 49201 172 16 1 21 30001 2CSPC4 XCT SWUM2XX1 book Page 569 Monday October 3 2011 11 05 AM ...

Page 570: ...570 iSCSI Optimization Commands 2CSPC4 XCT SWUM2XX1 book Page 570 Monday October 3 2011 11 05 AM ...

Page 571: ...pter This chapter explains the following commands action Use the action command in Link Dependency mode to indicate if the link dependency group should mirror or invert the status of the depended on interfaces Syntax action down up Parameter Description action add port channel link dependency group depends on add gigabitethernet show link dependency add tengigabitethernet Parameter Description dow...

Page 572: ...ncy group Use the link dependency group command to enter the link dependency mode to configure a link dependency group Syntax link dependency group GroupId no link dependency group GroupId GroupId Link dependency group identifier Range 1 72 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The preference of a group is to remain i...

Page 573: ...e ports with a comma and no spaces Use a hyphen to designate the range of ports Range Valid Ethernet interface list or range Default Configuration This command has no default configuration Command Mode Link Dependency mode User Guidelines No specific guidelines Example console config depend 1 add gigabitethernet 1 0 1 add tengigabitethernet Use this command to add member ten gigabit Ethernet port ...

Page 574: ...his command to add member port channels to the dependency list Syntax add port channel intf list no add port channel port channel list intf list List of port channel numbers Separate nonconsecutive port channels with a comma and no spaces Use a hyphen to designate the range of port channels Range Valid port channel list or range port channel list List of port channel interfaces Separate nonconsecu...

Page 575: ...depends on gigabitethernet port channel tengigabitethernet intf list intf list List of ports in unit slot port format or port channel numbers Separate nonconsecutive items with a comma and no spaces Use a hyphen to designate the range of ports or port channel numbers Range Valid Ethernet interface or port channel list or range Default Configuration This command has no default configuration Command...

Page 576: ...ndency groups are displayed Syntax show link dependency group GroupId detail Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines No specific guidelines Example The following command shows link dependencies for all groups Parameter Description GroupID Link dependency group identifier Range Valid Group Id 1 16 detail...

Page 577: ...dency group 1 GroupId Member Ports Ports Depended On Link Action Group State 1 Gi4 0 2 3 Gi4 0 5 Gi4 0 10 12 Link Up Up Down The following command shows detailed information for group 1 console show link dependency group 1 detail GroupId 1 Link Action Link UpGroup State Up Ports Depended On State Link Up Gi4 0 10 Link Down Gi4 0 11 12 Member Ports State Link Up Gi4 0 2 3 Link Down Gi4 0 5 2CSPC4 X...

Page 578: ...578 Link Dependency Commands 2CSPC4 XCT SWUM2XX1 book Page 578 Monday October 3 2011 11 05 AM ...

Page 579: ...abled separately by the network manager PowerConnect supports both the transmit and receive functions in order to support device discovery The LLDP component transmit and receive functions can be enabled disabled separately per physical port By default both transmit and receive functions are disabled on all ports The application starts each transmit and receive state machine appropriately based on...

Page 580: ...definitions Commands in this Chapter This chapter explains the following commands clear lldp remote data Use the clear lldp remote data command in Privileged EXEC mode to delete all LLDP information from the remote data table Syntax clear lldp remote data clear lldp remote data lldp receive show lldp med clear lldp statistics lldp timers show lldp med interface lldp med lldp transmit show lldp med...

Page 581: ... clear lldp statistics Use the clear lldp statistics command in Privileged EXEC mode to reset all LLDP statistics Syntax clear lldp statistics Default Configuration By default the statistics are only cleared on a system reset Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays how to reset all LLDP statistics console clear ll...

Page 582: ...erface Ethernet Configuration Default Value LLDP MED is disabled on all supported interfaces Usage Guidelines No specific guidelines Example console config interface gigabitethernet 1 0 1 console config if 1 0 1 lldp med lldp med confignotification This command is used to enable sending the topology change notification Syntax Description lldp med confignotification no lldp med confignotification 2...

Page 583: ...d confignotification lldp med faststartrepeatcount This command is used to set the value of the fast start repeat count Syntax Description lldp med faststartrepeatcount count no lldp med faststartrepeatcount count Number of LLDPPDUs that are transmitted when the protocol is enabled Range 1 10 Command Mode Global Configuration Default Value 3 Usage Guidelines No specific guidelines 2CSPC4 XCT SWUM2...

Page 584: ...e on this interface Syntax Description lldp med transmit tlv capabilities network policy ex pse ex pd location inventory no med lldp transmit tlv capabilities network policy ex pse ex pd location inventory Parameter Description fParameter Ranges Not applicable Command accepts keywords only Command Mode Interface Ethernet Configuration Default Value By default the capabilities and network policy TL...

Page 585: ...et mode User Guidelines This command has no user guidelines Example The following example displays how to enable remote data change notifications console config if 1 0 3 lldp notification lldp notification interval Use the lldp notification interval command in Global Configuration mode to limit how frequently remote data change notifications are sent To return the notification interval to the fact...

Page 586: ...et the interval value to 10 seconds console config lldp notification interval 10 lldp receive Use the lldp receive command in Interface Configuration mode to enable the LLDP receive capability To disable reception of LLDPDUs use the no form of this command Syntax lldp receive no lldp receive Default Configuration The default lldp receive mode is enabled Command Mode Interface Configuration Etherne...

Page 587: ...reinit delay no lldp timers interval hold reinit transmit interval The interval in seconds at which to transmit local data LLDPDUs Range 5 32768 seconds hold multiplier Multiplier on the transmit interval used to set the TTL in local data LLDPDUs Range 2 10 reinit delay The delay in seconds before re initialization Range 1 10 seconds Default Configuration The default transmit interval is 30 second...

Page 588: ...lldp transmit Use the lldp transmit command in Interface Configuration mode to enable the LLDP advertise transmit capability To disable local data transmission use the no form of this command Syntax lldp transmit no lldp transmit Default Configuration LLDP is enabled on all supported interfaces Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines E...

Page 589: ...net mode User Guidelines This command has no user guidelines Example The following example displays how to include management information in the LLDPDU console config if 1 0 3 lldp transmit mgmt lldp transmit tlv Use the lldp transmit tlv command in Interface Configuration mode to specify which optional type length value settings TLVs in the 802 1AB basic management set will be transmitted in the ...

Page 590: ...et mode User Guidelines This command has no user guidelines Example The following example shows how to include the system description TLV in local data transmit console config if 1 0 3 lldp transmit tlv sys desc show lldp Use the show lldp command in Privileged EXEC mode to display the current LLDP configuration summary Syntax show lldp Default Configuration This command has no default configurati...

Page 591: ...seconds console show lldp LLDP transmit and receive disabled on all interfaces show lldp interface Use the show lldp interface command in Privileged EXEC mode to display the current LLDP interface state Syntax show lldp interface gigabitethernet unit slot port tengigabitethernet unit slot port all Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Use...

Page 592: ... 1 Up Enabled Enabled Enabled 0 1 2 3 Y TLV Codes 0 Port Description 1 System Name 2 System Description 3 System Capability show lldp local device Use the show lldp local device command in Privileged EXEC mode to display the advertised LLDP local data This command can display summary information or detail for each interface Syntax show lldp local device detail interface interface all detail includ...

Page 593: ... local device all LLDP Local Device Summary Interface Port ID Port Description 1 0 1 00 62 48 00 00 02 console show lldp local device detail 1 0 1 LLDP Local Device Detail Interface 1 0 1 Chassis ID Subtype MAC Address Chassis ID 00 62 48 00 00 00 Port ID Subtype MAC Address Port ID 00 62 48 00 00 02 System Name System Description Routing Port Description System Capabilities Supported bridge route...

Page 594: ...MED configuration Syntax Description show lldp med Parameter Ranges Not applicable Command Mode Privileged EXEC Default Value Not applicable Usage Guidelines No specific guidelines Example console config show lldp med LLDP MED Global Configuration Fast Start Repeat Count 3 Device Class Network Connectivity 2CSPC4 XCT SWUM2XX1 book Page 594 Monday October 3 2011 11 05 AM ...

Page 595: ...licable Command Mode Privileged EXEC Default Value Not applicable Example console show lldp med interface all LLDP MED Interface Configuration Interface Link configMED operMED ConfigNotify TLVsTx Gi1 0 1 Detach Enabled Enabled Enabled 0 1 Gi1 0 2 Detach Disabled Disabled Disabled 0 1 Gi1 0 3 Detach Disabled Disabled Disabled 0 1 Gi1 0 4 Detach Disabled Disabled Disabled 0 1 Gi1 0 5 Detach Disabled...

Page 596: ...entory show lldp med local device detail This command displays the advertised LLDP local data in detail Syntax Description show lldp med local device detail gigabitethernet unit slotport tengigabitethernet unit slotport Parameter Ranges Not applicable Command Mode Privileged EXEC Default Value Not applicable Example Console show lldp med local device detail 1 0 1 2CSPC4 XCT SWUM2XX1 book Page 596 ...

Page 597: ...False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Software Rev xxx xxx xxx Serial Num xxx xxx xxx Mfg Name xxx xxx xxx Model Name xxx xxx xxx Asset ID xxx xxx xxx 2CSPC4 XCT SWUM2XX1 book Page 597 Monday October 3 2011 11 05 AM ...

Page 598: ... lldp med remote device This command displays the current LLDP MED remote data This command can display summary information or detail for each interface Syntax Description show lldp med remote device gigabitethernet unit slotport tengigabitethernet unit slotport all show lldp med remote device detail gigabitethernet unit slotport tengigabitethernet unit slotport 2CSPC4 XCT SWUM2XX1 book Page 598 M...

Page 599: ...Mode Privileged EXEC Default Value Not applicable Example Console show lldp med remote device all LLDP MED Remote Device Summary Local InterfaceDevice Class 1 0 1Class I 1 0 2 Not Defined 1 0 3Class II 1 0 4Class III 1 0 5Network Con Console show lldp med remote device detail 1 0 1 LLDP MED Remote Device Detail 2CSPC4 XCT SWUM2XX1 book Page 599 Monday October 3 2011 11 05 AM ...

Page 600: ...ilities networkpolicy Device Class Endpoint Class I Network Policies Media Policy Application Type voice Vlan ID 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx 2CSPC4 XCT SWUM2XX1 book Page 600 Monday October 3 2011 11 05 AM ...

Page 601: ...Model Name xxx xxx xxx Asset ID xxx xxx xxx Location Subtype elin Info xxx xxx xxx Extended POE Device Type pseDevice Extended POE PSE Available 0 3 Watts Source primary Priority critical Extended POE PD Required 0 2 Watts Source local Priority low 2CSPC4 XCT SWUM2XX1 book Page 601 Monday October 3 2011 11 05 AM ...

Page 602: ...otport or tengigabitethernet unit slotport Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples These examples show current LLDP remote data including a detailed version console show lldp remote device Local Remote Interface Device ID Port ID TTL 1 0 1 01 23 45 67 89 AB 01 23 45 67 89 AC 60 se...

Page 603: ... Privileged EXEC mode to display the current LLDP traffic statistics Syntax show lldp statistics unit slot port all Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples shows an example of the display of current LLDP traffic statistics console show lldp statistics all LL...

Page 604: ...vice has been inserted into the table Total Deletes The number of times a complete set of information advertised by a remote device has been deleted from the table Total Drops Number of times a complete set of information advertised by a remote device could not be inserted due to insufficient resources Total Ageouts Number of times any remote data entry has been deleted due to time to live TTL exp...

Page 605: ... on the indicated port and discarded for any reason by the LLDP agent TLV Unknowns Number of LLDP TLVs received on the indicated port for a type not recognized by the LLDP agent TLV MED Number of OUI specific MED Media Endpoint Device TLVs received TLV 802 1 Number of OUI specific 802 1 specific TLVs received TLV 802 3 Number of OUI specific 802 3 specific TLVs received Fields Description 2CSPC4 X...

Page 606: ...606 LLDP Commands 2CSPC4 XCT SWUM2XX1 book Page 606 Monday October 3 2011 11 05 AM ...

Page 607: ...ssages only for groups configured statically All other groups are managed by IGMP snooping There are two types of MVR ports source and receiver Source port is the port to which the multicast traffic is flowing using the multicast VLAN Receiver port is the port where a listening host is connected to the switch It can utilize any or no VLAN except the multicast VLAN This implies that the MVR switch ...

Page 608: ...o mvr Parameter Description This command does not require a parameter description Default Configuration The default value is Disabled Command Mode Global Config Interface Config User Guidelines MVR can only be configured on physical interfaces mvr mvr type mvr group mvr vlan group mvr mode show mvr mvr querytime show mvr members mvr vlan show mvr interface mvr immediate show mvr traffic 2CSPC4 XCT...

Page 609: ... Command Mode Global Config User Guidelines The following table lists the completion messages Example console config mvr Parameter Description A B C D Specify a multicast group count Specifies the number of multicast groups to configure Groups are configured contiguously by incrementing the first group specified Message Type Message Description Successful Completion Message None Error Completion M...

Page 610: ...iguration The default mode is compatible Command Mode Global Config User Guidelines This command has no user guidelines mvr querytime Use the mvr querytime command in Global Config mode to set the MVR query response time Use the no form of the command to set the MVR query response time to the default value Parameter Description compatible Do not allow membership joins on source ports dynamic Send ...

Page 611: ...onsole config if Gi1 0 1 mvr type receiver console config if Gi1 0 1 mvr mode dynamic console config if Gi1 0 1 mvr querytime 10 Parameter Description querytime The query time is a maximum time to wait for an IGMP membership report on a receiver port before removing the port from the multicast group The query time only applies to receiver ports The query time is specified in tenths of a second Mes...

Page 612: ...ages mvr immediate Use the mvr immediate command in Interface Config mode to enable MVR Immediate Leave mode Use the no form of this command to set the MVR multicast VLAN to the default value Parameter Description vlan The VLAN specifies the port on which multicast data is expected to be received Source ports should belong to this VLAN Message Type Message Description Successful Completion Message...

Page 613: ...of a leave message Without immediate leave upon receipt of a leave message the port sends an IGMP query and waits for an IGMP membership report Example console config interface Gi1 0 1 console config if Gi1 0 1 switchport access vlan 10 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver console config if Gi1 0 1 mvr mode dynamic console config if Gi1 0 1 mvr immediate mvr ty...

Page 614: ...itchport access vlan 10 console config if Gi1 0 1 mvr console config if Gi1 0 1 mvr type receiver Parameter Description receiver Configure the port as a receiver port Receiver ports are ports over which multicast data will be sent but not received source Configure the port as a source port Source ports are ports over which multicast data is received or sent Message Type Message Description Success...

Page 615: ...d in Interface Config mode to participate in the specific MVR group Use the no form of this command to remove the port participation from the specific MVR group Syntax mvr vlan mVLAN group A B C D no mvr vlan mVLAN group A B C D Parameter Description Default Configuration This command has no default configuration Command Mode Interface Config Parameter Description VLAN The VLAN over which multicas...

Page 616: ...ole config if Gi1 0 24 switchport trunk native vlan 2000 console config if Gi1 0 24 switchport trunk allowed vlan add 2000 console config if Gi1 0 24 mvr console config if Gi1 0 24 mvr type source console config if Gi1 0 24 mvr vlan 2000 group 239 1 1 1 show mvr Use the show mvr command in Privileged EXEC mode to display global MVR settings Syntax show mvr Parameter Description The following table...

Page 617: ...al query response time 10 tenths of sec MVR Mode compatible MVR Max Multicast Groups The maximum number of multicast groups that is supported by MVR MVR Current Multicast groups The current number of MVR groups allocated MVR Query Response Time The current MVR query response time MVR Mode The current MVR mode It can be compatible or dynamic Message Type Message Description Successful Completion Me...

Page 618: ...on This command has no default configuration Command Mode Privileged EXEC User Guidelines The following table lists the completion messages Examples console show mvr members Parameter Description MVR Group IP MVR group multicast IP address Status The status of the specific MVR group It can be active or inactive Members The list of ports which participates in the specific MVR group Message Type Mes...

Page 619: ... interface interface id members vlan vid Parameter Description The following table explains the output parameters Parameter Description Interface id Identifies a specific interface VID VLAN identifier Parameter Description Port Interface number Type The MVR port type It can be None Receiver or Source type Status The interface status It consists of two characteristics 1 active or inactive indicatin...

Page 620: ...e show mvr interface 1 0 9 Type RECEIVER Status ACTIVE Immediate Leave DISABLED console show mvr interface Fa1 0 23 members 235 0 0 1 STATIC ACTIVE console show mvr interface Fa1 0 23 members vlan 12 235 0 0 1 STATIC ACTIVE 235 1 1 1 STATIC ACTIVE Immediate Leave The state of immediate mode It can be enabled or disabled Message Type Message Description Successful Completion Message None Error Comp...

Page 621: ...ng table lists the completion messages Examples The following table explains the output parameters Message Type Message Description Successful Completion Message None Error Completion Message MVR disabled Parameter Description IGMP Query Received Number of received IGMP Queries IGMP Report V1 Received Number of received IGMP Reports V1 IGMP Report V2 Received Number of received IGMP Reports V2 IGM...

Page 622: ...Receive Failures 0 IGMP Packet Transmit Failures 0 IGMP Report V1 Transmitted Number of transmitted IGMP Reports V1 IGMP Report V2 Transmitted Number of transmitted IGMP Reports V2 IGMP Leave Transmitted Number of transmitted IGMP Leaves IGMP Packet Receive Failures Number of failures on receiving the IGMP packets IGMP Packet Transmit Failures Number of failures on transmitting the IGMP packets Pa...

Page 623: ...ntil all the other active members see the new information When each of the other active members sees the new information they continue to drop out of the LAG When all the members have dropped out of the LAG they form an aggregate with the new information Static LAGS A static LAG is no different from a dynamically configured LAG All the requirements for the member ports hold true member ports must ...

Page 624: ...nt provides configurability for the minimum number of member links to be active to declare a LAG up Network administrators can also utilize this feature to automatically declare a LAG down when only some of the links have failed Port Channels Trunking which is also called Port Channels or Link Aggregation is initiated and maintained by the periodic exchanges of Link Aggregation Control PDUs LACPDU...

Page 625: ...hash algorithms utilizing the following attributes of a packet to determine the outgoing port Source MAC VLAN EtherType and incoming port associated with the packet Source IP and Source TCP UDP fields of the packet Destination MAC VLAN EtherType and incoming port associated with the packet Source MAC Destination MAC VLAN EtherType and incoming port associated with the packet Destination IP and Des...

Page 626: ... silicon support configuration of hashing algorithms for each LAG interface The hashing algorithm is used to distribute traffic load among the physical ports of the LAG while preserving the per flow packet order One limitation with earlier LAG hashing techniques is that the packet attributes were fixed for all type of packets Also there was no MODULO N operation involved which can result in poor l...

Page 627: ...ect switching supports the manual addition and deletion of links to aggregates Flexible Assignment of Ports to LAGs Assignment of interfaces to dynamic LAGs is based upon a maximum of 144 interfaces assigned to dynamic LAGs a maximum of 128 dynamic LAGs and a maximum of 8 interfaces per dynamic LAG For example 128 LAGs may be assigned 2 interfaces each or 18 LAGs may be assigned 8 interfaces each ...

Page 628: ...s the port to join a channel with LACP dynamic LAG Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example shows how port 1 0 5 is configured to port channel 1 without LACP static LAG console config interface gigabitethernet 1 0 5 console config if 1 0 5 chan...

Page 629: ...ing example enters the context of port channel 1 console config interface port channel 1 console config if po1 interface range port channel Use the interface range port channel command in Global Configuration mode to execute a command on multiple port channels at the same time Syntax interface range port channel port channel range all port channel range List of port channels to configure Separate ...

Page 630: ...same command console config interface range port channel 1 2 8 console config if hashing mode Use the hashing mode command to set the hashing algorithm on trunk ports Use the no hashing mode command to set the hashing algorithm on Trunk ports to the default 3 Syntax hashing mode mode mode Mode value in the range of 1 to 7 Range 1 7 1 Source MAC VLAN EtherType source module and port ID 2 Destinatio...

Page 631: ... po1 hashing mode 4 console config if po1 no hashing mode lacp port priority Use the lacp port priority command in Interface Configuration mode to configure the priority value for physical ports To reset to default priority value use the no form of this command Syntax lacp port priority value no lacp port priority value Port priority value Range 1 65535 Default Configuration The default port prior...

Page 632: ...ion mode to configure the Link Aggregation system priority To reset to default use the no form of this command Syntax lacp system priority value no lacp system priority value Port priority value Range 1 65535 Default Configuration The default system priority value is 1 Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configure...

Page 633: ...guration Ethernet mode User Guidelines This command has no user guidelines Example The following example assigns an administrative LACP timeout for port 1 0 8 to a long timeout value console config interface gigabitethernet 1 0 8 console config if 1 0 8 lacp timeout long port channel min links Use the port channel min links command in Interface Configuration port channel mode to set the minimum nu...

Page 634: ...channel information Syntax Description show interfaces port channel port channel number index Number of the port channel to show This parameter is optional If the port channel number is not given all the channel groups are displayed Range Valid port channel number 1 to 48 Default Configuration This command has no default configuration Command Mode Privileged EXEC Parameter Description min links Th...

Page 635: ...DP port 4 Destination IP and destination TCP UDP port 5 Source Destination MAC VLAN Ethertype source MODID port 6 Source Destination IP and source destination TCP UDP port 7 Enhanced hasing mode show lacp Use this command in Privileged EXEC mode to display LACP information for Ethernet ports Syntax show lacp gigabitethernet unit slot port port channel port channel number tengigabitethernet unit sl...

Page 636: ...ctor system priority 1 system mac addr 00 00 12 34 56 78 port Admin key 30 port Oper key 30 port Oper priority 1 port Admin timeout LONG port Oper timeout LONG LACP Activity ACTIVE Aggregation AGGREGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE Partner system priority 0 system mac addr 00 00 00 00 00 00 port Admin key 0 port Oper key 0 2CSPC4 XCT SWUM2XX1 book Page...

Page 637: ...sent 2 LACP PDUs received 2 show statistics port channel Use the show statistics port channel command in Privileged EXEC mode to display statistics about a specific port channel Syntax show statistics port channel port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines 2CSPC4 XCT SWUM2...

Page 638: ...X and TX 512 1023 Octets 1 Packets RX and TX 1024 1518 Octets 0 Packets RX and TX 1519 1522 Octets 0 Packets RX and TX 1523 2047 Octets 0 Packets RX and TX 2048 4095 Octets 0 Packets RX and TX 4096 9216 Octets 0 Total Packets Received Without Errors 0 Unicast Packets Received 0 Multicast Packets Received 0 Broadcast Packets Received 0 Total Packets Received with MAC Errors 0 Jabbers Received 0 Fra...

Page 639: ... Transmitted Octets 263567 Max Frame Size 1518 Total Packets Transmitted Successfully 1824 Unicast Packets Transmitted 330 Multicast Packets Transmitted 737 Broadcast Packets Transmitted 757 Total Transmit Errors 0 FCS Errors 0 More or q uit Tx Oversized 0 Underrun Errors 0 Total Transmit Packets Discarded 0 Single Collision Frames 0 Multiple Collision Frames 0 Excessive Collision Frames 0 Port Me...

Page 640: ...x Pause Frames Transmitted 0 GVRP PDUs received 0 GVRP PDUs Transmitted 0 GVRP Failed Registrations 0 Time Since Counters Last Cleared 0 day 0 hr 17 min 52 sec console 2CSPC4 XCT SWUM2XX1 book Page 640 Monday October 3 2011 11 05 AM ...

Page 641: ...traffic analyzer can be attached to destination ports to analyze the traffic patterns of source ports A session is operationally active only if both a destination port and at least one source port are configured If neither is true the session is inactive A port configured as a destination port acts as a mirroring port when the session is operationally active If it is not the port acts as a normal ...

Page 642: ...ived and transmitted on the physical monitored port Use the no form of the command to remove the monitoring session Syntax monitor session session_number source interface interface id rx tx destination interface interface id no monitor session session _number Session identification number interface id Ethernet interface Range Any valid Ethernet Port CPU interface CPU interface is not supported as ...

Page 643: ...on interface 1 0 10 console config monitor session 1 mode show monitor session Use the show monitor session command in Privileged EXEC mode to display status of port monitoring Syntax show monitor session session_number session _number Session identification number Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This comm...

Page 644: ...644 Port Monitor Commands Session ID Admin Mode Probe Port Mirrored Port Type 1 Enable 1 0 10 1 0 8 Rx Tx 2CSPC4 XCT SWUM2XX1 book Page 644 Monday October 3 2011 11 05 AM ...

Page 645: ...t predictable data delivery by distinguishing between packets that have strict timing requirements from those that are more tolerant of delay Packets with strict timing requirements are given special treatment in a QoS capable network To accomplish this all elements of the network must be QoS capable If one node is unable to meet the necessary timing requirements this creates a deficiency in the n...

Page 646: ...traffic and whether the traffic flow is to be redirected to a specific outgoing interface MAC access lists are identified by a user specified name instead of a number Layer 3 4 IPv4 ACLs The Layer 3 4 ACL feature supports IP access lists both standard and extended These lists check the Layer 3 portion of a packet looking specifically at information contained in the IP header and in certain cases t...

Page 647: ...tion the ingress port can be configured to use its default priority to specify the CoS queue CoS queue mappings use the concept of trusted and untrusted ports A trusted port is one that takes at face value a certain priority designation within arriving packets Specifically a port may be configured to trust one of the following packet fields 802 1p User Priority IP Precedence IP DSCP Packets arrivi...

Page 648: ...diffserv classofservice dot1p mapping match cos match srcip6 show diffserv service interface classofservice ip dscp mapping match destination address mac match srcl4port show diffserv service interface port channel classofservice trust match dstip match vlan show diffserv service brief conform color match dstip6 mirror show interfaces cos queue cos queue min bandwidth match dstl4port police simple...

Page 649: ...nd has no user guidelines Example The following example displays how to change the queue ID to 4 for the associated traffic stream console config policy classmap assign queue 4 class Use the class command in Policy Map Class Configuration mode to create an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent policy...

Page 650: ...L console config policy map DELL1 console config classmap class DELL class map Use the class map command in Global Configuration mode to define a new DiffServ class of type match all To delete the existing class use the no form of this command Syntax class map match all class map name ipv4 ipv6 no class map match all class map name class map name a case sensitive alphanumeric string from 1 to 31 c...

Page 651: ...ntax class map rename classname newclassname classname The name of an existing DiffServ class Range 1 31 characters newclassname A case sensitive alphanumeric string Range 1 31 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to change the ...

Page 652: ...t1p mapping 802 1ppriority trafficclass no classofservice dot1p mapping 802 1ppriority Specifies the user priority mapped to the specified traffic class for this switch Range 0 7 trafficclass Specifies the traffic class for this switch Range 0 6 Default Configuration This command has no default configuration Command Mode Global Configuration or Interface Configuration Ethernet Port channel mode Us...

Page 653: ...pecifies the traffic class for this value mapping Range 0 6 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays mapping for IP DSCP 1 and traffic class 2 console config classofservice ip dscp mapping 1 2 classofservice trust Use the classofservice trust comm...

Page 654: ... command has no user guidelines Examples The following example displays how you set the class of service trust mode of an interface to trust dot1p 802 1p packet markings when in Global Configuration mode console config classofservice trust dot1p The following example displays how you set the class of service trust mode of an interface to trust IP Precedence packet mark console config classofservic...

Page 655: ...icy classmap conform color test_class test_class is class map name cos queue min bandwidth Use the cos queue min bandwidth command in either Global Configuration mode or Interface Configuration mode to specify the minimum transmission bandwidth for each interface queue To restore the default for each queue s minimum bandwidth value use the no form of this command Syntax cos queue min bandwidth bw ...

Page 656: ... 0 0 5 5 10 10 10 cos queue random detect Use the cos queue random detect command in Interface Configuration mode to configure WRED queue management policy on an interface CoS queue Use the no form of the command to disable WRED policy for a CoS queue on an interface Syntax cos queue random detect queue id1 queue id2 queue idn no cos queue random detect queue id1 queue id2 queue idn Parameter Desc...

Page 657: ...nfiguration Example Enable WRED on the default CoS queue for unmarked packets and set the green yellow red and non TCP packet thresholds to utilize WRED at 98 of port bandwidth with a drop probability of 1 console config cos queue random detect 1 console config random detect queue parms 1 min thresh 98 98 98 98 max thresh 100 100 100 100 drop prob scale 1 1 1 1 cos queue strict Use the cos queue s...

Page 658: ...mple The following example displays how to activate the strict priority scheduler mode for two queues console config cos queue strict 1 2 The following example displays how to activate the strict priority scheduler mode for three queues console config cos queue strict 1 2 4 diffserv Use the diffserv command in Global Configuration mode to set the DiffServ operational mode to active While disabled ...

Page 659: ... drop command in Policy Class Map Configuration mode to specify that all packets for the associated traffic stream are to be dropped at ingress Syntax drop Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to specify that matching packets are...

Page 660: ...eger Range 0 7 Default Configuration There is no default cos value for this command Packets are not remarked by default Command Mode Policy Class Map Configuration mode User Guidelines This command has no user guidelines Example The following example displays how to mark all packets with a CoS value console config policy classmap mark cos 7 mark ip dscp Use the mark ip dscp command in Policy Class...

Page 661: ...he following example displays how to mark all packets with an IP DSCP value of cs4 console config policy classmap mark ip dscp cs4 mark ip precedence Use the mark ip precedence command in Policy Class Map Configuration mode to mark all packets for the associated traffic stream with the specified IP precedence value Syntax mark ip precedence prec value prec value Specifies the IP precedence value a...

Page 662: ... of this command to remove from the specified class definition the set of match conditions defined for another class Syntax match class map refclassname no match class map refclassname refclassname The name of an existing DiffServ class whose match conditions are being referenced by the specified class definition Default Configuration This command has no default configuration Command Mode Class Ma...

Page 663: ... in the class definition by one Example The following example adds match conditions defined for the Dell class to the class currently being configured console config classmap match class map Dell The following example deletes the match conditions defined for the Dell class from the class currently being configured console config classmap no match class map Dell match cos Use the match cos command ...

Page 664: ...on the destination MAC address of a packet Syntax match destination address mac macaddr macmask macaddr Specifies any valid layer 2 MAC address formatted as six two digit hexadecimal numbers separated by colons macmask Specifies a valid layer 2 MAC address bit mask formatted as six two digit hexadecimal numbers separated by colons This address bit mask does not need to be contiguous Default Config...

Page 665: ...atch dstip ipaddr ipmask ipaddr Specifies a valid IP address ipmask Specifies a valid IP address bit mask Note that even though this parameter is similar to a standard subnet mask it does not need to be contiguous Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines This command has no user guidelines Example The following exampl...

Page 666: ...nes for this command Example console config classmap match dstip6 2001 DB8 32 match dstl4port Use the match dstl4port command in Class Map Configuration mode to add to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or a numeric notation Syntax match dstl4port portkey port number portkey Specifies one of the supported port n...

Page 667: ...ype command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the ethertype Syntax match ethertype keyword 0x0600 0xffff keyword Specifies either a valid keyword or a valid hexadecimal number The supported keywords are appletalk arp ibmsna ipv4 ipv6 ipx mplsmcast mplsucast netbios novell pppoe rarp Range 0x0600 0xFFFF Default Configura...

Page 668: ...ax match ip6flowlbl label label The value to match in the Flow Label field of the IPv6 header Range 0 1048575 Default Configuration There is no default configuration for this command Command Mode Ipv6 Class Map Configuration mode User Guidelines There are no user guidelines for this command Example The following example adds a rule to match packets whose IPv6 Flow Label equals 32312 console config...

Page 669: ...3 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef Default Configuration This command has no default configuration Command Mode Class Map Configuration mode User Guidelines The ip dscp ip precedence and ip tos match conditions are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation To specify ...

Page 670: ...ons are alternative ways to specify a match criterion for the same Service Type field in the IP header but with a slightly different user notation To specify a match on all precedence values use the match ip tos tosbits tosmask command with tosbits set to 0 zero and tosmask set to hex 1F Example The following example displays adding a match condition based on the value of the IP precedence field c...

Page 671: ...ld in the IP header but with a slightly different user notation This specification is the free form version of the IP DSCP Precedence TOS match specification in that you have complete control of specifying which bits of the IP Service Type field are checked Example The following example displays adding a match condition based on the value of the IP TOS field in a packet console config classmap mat...

Page 672: ...g classmap match protocol ip match source address mac Use the match source address mac command in Class Map Configuration mode to add to the specified class definition a match condition based on the source MAC address of the packet Syntax match source address mac address macmask macaddr Specifies any valid layer 2 MAC address formatted as six two digit hexadecimal numbers separated by colons macma...

Page 673: ...Class Map Configuration mode to add to the specified class definition a match condition based on the source IP address of a packet Syntax match srcip ipaddr ipmask ipaddr Specifies a valid IP address ipmask Specifies a valid IP address bit mask Note that although this IP address bit mask is similar to a subnet mask it does not need to be contiguous Default Configuration This command has no default...

Page 674: ...prefix in IPv6 global address format prefix length IPv6 prefix length value Default Configuration There is no default configuration for this command Command Mode Ipv6 Class Map Configuration mode User Guidelines There are no user guidelines for this command Example console config classmap match srcip6 2001 DB8 32 match srcl4port Use the match srcl4port command in Class Map Configuration mode to ad...

Page 675: ...e User Guidelines This command has no user guidelines Example The following example displays how to add a match condition using the snmp port name keyword console config classmap match srcl4port snmp match vlan Use the match vlan command in Class Map Configuration mode to add to the specified class definition a match condition based on the value of the layer 2 VLAN Identifier field This field is t...

Page 676: ...ommand in Policy Class Map Configuration mode to mirror all the data that matches the class defined to the destination port specified Syntax mirror interface interface Specifies the Ethernet port to which data needs to be copied Default Configuration This command has no default configuration Command Mode Policy Class Map Configuration mode User Guidelines The port identified in this command is ide...

Page 677: ...ransmit dscpval transmit datarate Data rate in kilobits per second kbps Range 1 4294967295 burstsize Burst size in Kbps Range 1 128 conform action Indicates what happens when the packet is conforming to the policing rule it could be dropped it could have its COS modified it could have its IP precedence modified or it could have its DSCP modified The same actions are available for packets that do n...

Page 678: ...orm of this command Syntax policy map policyname in out no policy map policyname Parameter Description Default Configuration This command has no default configuration Parameter Description policyname Specifies the DiffServ policy name as a unique case sensitive alphanumeric string of characters Range 1 31 alphanumeric characters in The policy is applied on ingress Must be specified to create new D...

Page 679: ...ole config policy classmap redirect Use the redirect command in Policy Class Map Configuration mode to specify that all incoming packets for the associated traffic stream are redirected to a specific egress interface physical port or port channel Syntax redirect interface interface Specifies any valid interface Interface is Ethernet port or port channel Range po1 po32 or gi1 0 1 gi1 0 24 Default C...

Page 680: ...his command Syntax service policy in out policymapname no service policy in out policymapname Parameter Description Default Configuration This command has no default configuration Command Mode Global Configuration mode for all system interfaces Interface Configuration Ethernet Port channel mode for a specific interface Parameter Description policymapname Specifies the DiffServ policy name as a uni...

Page 681: ...nterface capabilities causes the policy change attempt to fail ACLs and DiffServ policies may not both exist on the same interface in the same direction Example The following example shows how to attach a service policy named DELL to all interfaces console config service policy DELL show class map Use the show class map command in Privileged EXEC mode to display all configuration information for t...

Page 682: ... stop_http_class All ipv6 match_icmp6 All ipv6 console show class map ipv4 Class Name ipv4 Class Type All Class Layer3 Protocol ipv4 Match Criteria Values Source IP Address 2 2 2 2 255 255 255 0 console show class map stop_http_class Class Name stop_http_class Class Type All Class Layer3 Protocol ipv6 Match Criteria Values Source IP Address 2001 DB8 32 2CSPC4 XCT SWUM2XX1 book Page 682 Monday Octo...

Page 683: ...nnel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the interface is specified the 802 1p mapping table of the interface is displayed If omitted the most recent global configuration settings are displayed Example The following example displays the dot1p traffic class mapping and user prio...

Page 684: ...for a specific interface Syntax show classofservice ip dscp mapping Command is supported only globally Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Example console show classofservice ip dscp mapping Parameter Description User Priority The 802 1p user priority value Traffic Class The traffic class internal queue identifier to whi...

Page 685: ...Class 0 be cs0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 cs1 0 9 0 10 af11 0 11 0 12 af12 0 13 0 14 af13 0 15 0 16 cs2 0 17 0 18 af21 0 19 0 More or q uit 20 af22 0 21 0 22 af23 0 2CSPC4 XCT SWUM2XX1 book Page 685 Monday October 3 2011 11 05 AM ...

Page 686: ...5 1 26 af31 1 27 1 28 af32 1 29 1 30 af33 1 31 1 32 cs4 2 33 2 34 af41 2 35 2 36 af42 2 37 2 38 af43 2 39 2 40 cs5 2 41 2 42 2 More or q uit 43 2 44 2 45 2 46 ef 2 47 2 2CSPC4 XCT SWUM2XX1 book Page 686 Monday October 3 2011 11 05 AM ...

Page 687: ...e trust command in Privileged EXEC mode to display the current trust mode setting for a specific interface Syntax show classofservice trust gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration 2CSPC4 XCT SWUM2XX1 book Page 687 Monday October 3 2011 11 05 AM ...

Page 688: ...Service Trust Mode Dot1P show diffserv Use the show diffserv command in Privileged EXEC mode to display the DiffServ general information which includes the current administrative mode setting as well as the current and maximum number of DiffServ components Syntax show diffserv Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This com...

Page 689: ...4 show diffserv service interface Use this command in Privileged EXEC mode to display policy service information for the specified interface Syntax show diffserv service interface gigabitethernet unit slot port tengigabitethernet unit slot port in out Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC Parameter Description in Show ing...

Page 690: ...rection show diffserv service interface port channel Syntax Description show diffserv service interface port channel channel group in out Parameter Description Default Configuration This command has no default configuration Command Mode Privileged EXEC Parameter Description channel group A valid port channel in the system Range 1 18 in Show ingress policies out Show engress policies 2CSPC4 XCT SWU...

Page 691: ...lay all interfaces in the system to which a DiffServ policy has been attached Syntax show diffserv service brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows how to display all interfaces in the system to which a DiffServ policy has been attached console show...

Page 692: ...mand has no default configuration Command Mode Privileged EXEC mode User Guidelines If the interface is specified the class of service queue configuration of the interface is displayed If omitted the most recent global configuration settings are displayed Examples The following example displays the COS configuration with no unit slot port or port channel parameter console show interfaces cos queue...

Page 693: ... Rate 0 Queue Id Min Bandwidth Scheduler Type Queue Management Type 0 0 Weighted Tail Drop 1 0 Weighted Tail Drop 2 0 Weighted Tail Drop 3 0 Weighted Tail Drop 4 0 Weighted Tail Drop 5 0 Weighted Tail Drop 6 0 Weighted Tail Drop The following table lists the parameters in the examples and gives a description of each Parameter Description Interface The port of the interface If displaying the global...

Page 694: ...queues on this interface Queue An interface supports n queues numbered 0 to n 1 The specific n value is platform dependent Internal egress queue of the interface queues 0 6 are available Minimum Bandwidth The minimum transmission bandwidth guarantee for the queue expressed as a percentage A value of 0 means bandwidth is not guaranteed and the queue operates using best effort This value is a config...

Page 695: ... specified policy Syntax show policy map policyname policyname Specifies the name of a valid existing DiffServ policy Range 1 31 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the DiffServ information console show policy map Policy Name Policy Type Class Mem...

Page 696: ... This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the statistics information for port 1 0 1 console show policy map interface 1 0 1 in Interface 1 0 1 Operational Status Down Policy Name DELL Interface Summary Class Name murali In Discarded Packets 0 Parameter Description in Show i...

Page 697: ...ented statistics information for all interfaces Syntax show service policy Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a summary of policy oriented statistics information console show service policy Oper Policy Intf Stat Name 1 0 1 Down DELL 2CSPC4 XCT SW...

Page 698: ... rate shaping has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded To restore the default interface shaping rate value use the no form of this command Syntax traffic shape bw kbps no traffic shape bw Maximum transmission bandwidth value expressed in Kbps Range 64 4294967295 Default Configuration This command has no default configuration Com...

Page 699: ...and has no user guidelines Example The following example displays the setting of traffic shape to a maximum bandwidth of 1024 Kbps console config if 1 0 1 traffic shape 1024 kbps 2CSPC4 XCT SWUM2XX1 book Page 699 Monday October 3 2011 11 05 AM ...

Page 700: ...700 QoS Commands 2CSPC4 XCT SWUM2XX1 book Page 700 Monday October 3 2011 11 05 AM ...

Page 701: ...ications using UDP as a transport protocol It is extremely flexible supporting a variety of methods to authenticate and statistically track users It is very extensible allowing for new methods of authentication to be added without disrupting existing network functionality PowerConnect supports a RADIUS client in conformance with RFC 2865 and accounting functions in conformance with RFC2866 The RAD...

Page 702: ... STATION ID Yes No No 32 NAS IDENTIFIER Yes No No 40 ACCT STATUS TYPE Set by RADIUS client for Accounting No No 42 ACCT INPUT OCTETS Yes No No 43 ACCT OUTPUT OCTETS Yes No No 44 ACCT SESSION ID Set by RADIUS client for Accounting No No 46 ACCT SESSION TIME Yes No No 49 ACCT TERMINATE CAUSE Yes No No 52 ACCT INPUT GIGAWORDS Yes No No 53 ACCT OUTPUT GIGAWORDS Yes No No Table 32 1 RADIUS Attributes S...

Page 703: ...Portal TERMINATION ACTION Indication as to the action taken when the service is completed EAP MESSAGE Contains an EAP message to be sent to the user This is typically used for MAB clients VENDOR SPECIFIC No actions configured at this time 61 NAS PORT TYPE Yes No No 64 TUNNEL TYPE Yes No No 65 TUNNEL MEDIUM TYPE Yes No No 79 EAP MESSAGE Yes No No 80 MESSAGE AUTHENTICATOR Set by RADIUS client for Ac...

Page 704: ...h matches a preconfigured VLAN name or a VLAN id If a VLAN id is given the string must only contain decimal digits Commands in this Chapter This chapter explains the following commands aaa accounting network default start stop group radius primary radius server timeout acct port priority retransmit auth port radius server deadtime show aaa servers deadtime radius server host show radius statistics...

Page 705: ...efault Configuration RADIUS accounting is disabled by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example console config aaa accounting network default start stop group radius acct port Use the acct port command to set the port that connects to the RADIUS accounting server Use the no form of this command to reset the port to the defa...

Page 706: ...ort Use the auth port command in Radius mode to set the port number for authentication requests of the designated Radius server Syntax auth port auth port number auth port number Port number for authentication requests Range 1 65535 Default Configuration The default value of the port number is 1812 Command Mode Radius mode User Guidelines The host is not used for authentication if set to 0 User mu...

Page 707: ...ds RADIUS servers whose deadtime interval has not expired are skipped when searching for a new RADIUS server to contact Syntax deadtime deadtime deadtime The amount of time that the unavailable server is skipped over Range 0 2000 minutes Default Configuration The default deadtime interval is 0 minutes Command Mode Radius mode User Guidelines If only one RADIUS server is configured it is recommende...

Page 708: ...r Guidelines There are no user guidelines for this command Example The following example specifies an authentication and encryption key of lion king console config radius server host acct 3 2 3 2 console Config acct radius key keyacct msgauth Use the msgauth command to enable the message authenticator attribute to be used for the RADIUS Authenticating server being configured Use the no form of thi...

Page 709: ...o a RADIUS server Use the no form of the command to return the name to the default unspecified The no form of the command does not require the user to enter the configured name Syntax name servername no name Parameter Description Default Configuration The default RADIUS server name is Default RADIUS Server Command Mode Radius Config mode Parameter Description servername The name for the RADIUS ser...

Page 710: ...me name list From the multiple secondary servers the one with the lowest priority value would be tried For a different named server list the server name would be based on lexicographic order For e g if name9 name1 name6 are configured in this order name1 then name6 then name9 would be tried Example console config radius server host 44 44 44 44 console Config auth radius name NAME console Config au...

Page 711: ... the priority command in Radius mode to specify the order in which the servers are to be used with 0 being the highest priority Syntax priority priority priority Sets server priority level Range 0 65535 Default Configuration The default priority is 0 Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command 2CSPC4 XCT ...

Page 712: ... expired are skipped when searching for a new RADIUS server to contact To set the deadtime to 0 use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime deadtime Length of time in minutes for which a Radius server is skipped over by transaction requests Range 0 2000 minutes Deadtime is used to mark an unavailable Radius server as dead until this user configu...

Page 713: ...r host acct auth ip address hostname Parameter Description Default Configuration The default server type is authentication The default server name is Default RADIUS Server The default port number is 1812 for an authentication server and 1813 for an accounting server Command Mode Global Configuration mode User Guidelines Radius servers are keyed by the host name therefore it is advisable to use uni...

Page 714: ...erver key key string no radius server key key string Specifies the authentication and encryption key for all Radius communications between the switch and the Radius server This key must match the encryption used on the Radius server Range 1 128 characters Default Configuration The default is an empty string Command Mode Global Configuration mode User Guidelines This command has no user guidelines ...

Page 715: ...guration mode User Guidelines This command has no user guidelines Example The following example configures the number of times the Radius client attempts to retransmit requests to the Radius server to 5 attempts console config radius server retransmit 5 radius server source ip Use the radius server source ip command in Global Configuration mode to specify the source IP address used for communicati...

Page 716: ...rs to 10 1 1 1 console config radius server source ip 10 1 1 1 radius server timeout Use the radius server timeout command in Global Configuration mode to set the interval for which a switch waits for a server host to reply To restore the default use the no form of this command Syntax radius server timeout timeout no radius server timeout timeout Specifies the timeout value in seconds Range 1 30 D...

Page 717: ...requests to the Radius server Syntax retransmit retries retries Specifies the retransmit value Range 1 10 attempts Default Configuration The default number for attempts is 3 Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example of the retransmit command specifies five retries console c...

Page 718: ...meter Description accounting This optional parameter will cause accounting servers to be displayed authentication This optional parameter will cause authentication servers to be displayed name This optional parameter will cause the server names to be displayed instead of the server configuration parameters servername Will cause only the server s with server name name to be displayed There are no g...

Page 719: ...The number of configured named RADIUS server groups Named Accounting Server Groups The number of configured named RADIUS server groups Timeout The configured timeout value in seconds for request retransmissions Retransmit The configured value of the maximum number of times a request packet is retransmitted Deadtime The length of time an unavailable RADIUS server is skipped RADIUS Accounting Mode A...

Page 720: ...t Configured Default RADIUS Server 4 4 4 4 1812 No test 6 6 6 6 1812 No console show radius servers IP address Type Port TimeOut Retran DeadTime Source IP Prio Usage 10 27 5 157 Auth 1812 Global Global Global 10 27 65 13 0 all Global values Configured Authentication Servers 1 Configured Accounting Servers 0 Named Authentication Server Groups 1 Named Accounting Server Groups 0 Timeout 3 Retransmit ...

Page 721: ...ut 5 Deadtime 0 Port 1812 Source IP 0 0 0 0 Secret Configured No Message Authenticator Enable show radius statistics Use the show radius statistics command to show the statistics for an authentication or accounting server Syntax show radius statistics accounting authentication ipaddress hostname name servername Parameter Description Parameter Description accounting authentication The type of serve...

Page 722: ...r Field Description RADIUS Accounting Server Name Name of the accounting server Server Host Address IP address of the host Round Trip Time The time interval in hundredths of a second between the most recent Accounting Response and the Accounting Request that matched it from this RADIUS accounting server Requests The number of RADIUS Accounting Request packets sent to this server not including the ...

Page 723: ...ounting port Packets Dropped The number of RADIUS packets received from this server on accounting port and dropped for some other reason Field Description RADIUS Server Name Name of the authenticating server Server Host Address IP address of the host Access Requests The number of RADIUS Access Request packets sent to this server This number does not include retransmissions Access Retransmissions T...

Page 724: ...nknown types are not included as malformed access responses Bad Authenticators The number of RADIUS Access Response packets containing invalid authenticators or signature attributes received from this server Pending Requests The number of RADIUS Access Request packets destined for this server that have not yet timed out or received a response Timeouts The number of authentication timeouts to this ...

Page 725: ...s 0 Bad Authenticators 0 Pending Requests 0 Timeouts 0 Unknown Types 0 Packets Dropped 0 source ip Use the source ip command in Radius mode to specify the source IP address to be used for communication with Radius servers 0 0 0 0 is interpreted as a request to use the IP address of the outgoing IP interface Syntax source ip source source A valid source IP address Default Configuration The IP addre...

Page 726: ... radius source ip 10 240 1 23 timeout Use the timeout command in Radius mode to set the timeout value in seconds for the designated Radius server Syntax timeout timeout timeout Timeout value in seconds for the specified server Range 1 30 seconds Default Configuration The default value is 3 seconds Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius ...

Page 727: ...ax usage type type Variable can be one of the following values login 802 1x or all Default Configuration The default variable setting is all Command Mode Radius mode User Guidelines User must enter the mode corresponding to a specific Radius server before executing this command Example The following example specifies usage type login console config radius server host 192 143 120 123 console config...

Page 728: ...728 RADIUS Commands 2CSPC4 XCT SWUM2XX1 book Page 728 Monday October 3 2011 11 05 AM ...

Page 729: ...nduced by BPDU packet loss It can be configured to prevent a blocked port from transitioning to the forwarding state when the port stops receiving BPDUs for some reason such as a uni directional link failure STP BPDU Guard The STP BPDU guard allows the network administrator to enforce the STP domain borders and keep the active topology consistent and predictable The switches behind the edge ports ...

Page 730: ...g on a port STP should be disabled on the switch administratively When this feature is enabled on the switch it floods all the ports with the BPDU flood feature enabled on it Commands in this Chapter This chapter explains the following commands clear spanning tree detected protocols spanning tree auto portfast spanning tree max age spanning tree portfast bpdufilter default exit mst spanning treebp...

Page 731: ...t unit slot port Default Configuration This command has no default setting Command Mode Privileged EXEC mode User Guidelines This feature is used only when working in RSTP or MSTP mode Example The following example restarts the protocol migration process forces the renegotiation with neighboring switches on 1 0 1 console clear spanning tree detected protocols gigabitethernet 1 0 1 exit mst Use the...

Page 732: ...instance instance id add remove vlan vlan range instance ID ID of the MST instance Range 1 15 vlan range VLANs to be added to the existing MST instance To specify a range of VLANs use a hyphen To specify a series of VLANs use a comma Range 1 4093 Default Configuration VLANs are mapped to the common and internal spanning tree CIST instance instance 0 Command Mode MST mode User Guidelines Before map...

Page 733: ...he VLANs mapped to MST instances console config spanning tree mode mst console config spanning tree mst 1 priority 8192 console config spanning tree mst 2 priority 28672 console config spanning tree mst configuration console config mst instance 1 add vlan 2 199 console config mst instance 1 add vlan 350 console config mst instance 1 add vlan 400 449 console config mst instance 1 add vlan 500 1999 ...

Page 734: ...f Te1 1 2 switchport trunk allowed vlan add 200 349 console config if Te1 1 2 spanning tree mst 2 port priority 16 console config if Te1 1 2 exit name mst Use the name command in MST mode to define the configuration name To return to the default setting use the no form of this command Syntax name string string Case sensitive MST configuration name Range 1 32 characters Default Configuration Bridge...

Page 735: ...d Syntax revision version no revision version Configuration revision number Range 0 65535 Default Configuration Revision number is 0 Command Mode MST mode User Guidelines This command has no user guidelines Example The following example sets the configuration revision to 1 console config spanning tree mst configuration console config mst revision 1 show spanning tree Use the show spanning tree com...

Page 736: ...o user guidelines Examples The following examples display spanning tree information console show spanning tree Spanning tree Enabled BPDU Flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53 Path Cost 20000 Parameter Description detail Displays detailed information active Displ...

Page 737: ...arding Role Root Port id 128 1 Port Cost 20000 Port Fast No Root Protection No Designated bridge Priority 32768 Address 0010 1882 1C53 Designated port id 128 48 Designated path cost 0 CST Regional Root 80 00 00 10 18 82 1C 53 CST Port Cost 0 Root Guard FALSE Loop Guard FALSE TCN Guard FALSE Auto Portfast TRUE Port Up Time Since Counters Last Cleared 0 day 0 hr 17 min 1 sec BPDU sent 24 received 49...

Page 738: ... 18 82 1C 53 CST Port Cost 0 BPDU sent 24 received 500 console show spanning tree detail active Spanning tree Enabled BPDU flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53 Path Cost 20000 Root Port Gi1 0 1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Prior...

Page 739: ...sole show spanning tree detail blockedports Spanning tree Enabled BPDU flooding Disabled Portfast BPDU filtering Disabled mode rstp CST Regional Root 80 00 00 1E C9 AA AD 1B Regional Root Path Cost 0 ROOT ID Priority 32768 Address 0010 1882 1C53 Path Cost 20000 Root Port Gi1 0 1 Hello Time 2 Sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32768 Address 001E C9AA AD1B Hello Time 2 Sec Ma...

Page 740: ...BPDU Protection Mode Enabled or disabled BPDU Filter Mode Enabled or disabled BPDU Flooding Mode Enabled or disabled Configuration Name Identifier used to identify the configuration currently being used Configuration Revision Level Identifier used to identify the configuration currently being used Configuration Digest Key A generated Key used in the exchange of the BPDUs Configuration Format Selec...

Page 741: ...al Configuration mode to enable spanning tree functionality To disable spanning tree functionality use the no form of this command Syntax spanning tree no spanning tree Default Configuration Spanning tree is enabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables spanning tree functionality console config spanning tre...

Page 742: ...ace Configuration Ethernet Port Channel mode Usage Guidelines There are no user guidelines for this command Example The following example enables spanning tree functionality on gigabit ethernet interface 4 0 1 console config console config interface gigabitethernet 4 0 1 console config if 4 0 1 spanning tree auto portfast spanning tree bpdu flooding The spanning tree bpdu flooding command allows f...

Page 743: ...ter or file server directly and configured as an edge port to implement the fast transition When the port receives a BPDU packet the system sets it to non edge port and recalculates the spanning tree which causes network topology flapping In normal cases these ports do not receive any BPDU packets However someone may forge BPDU to maliciously attack the switch and cause network flapping RSTP provi...

Page 744: ... Configuration mode to configure the external spanning tree path cost for a port To return to the default port path cost use the no form of this command Syntax spanning tree cost cost no spanning tree cost cost The port path cost Range 0 200 000 000 Default Configuration The default cost is 0 which signifies that the cost is automatically calculated based on port speed 10G Port path cost 2000 Port...

Page 745: ...o 35000 console config interface gigabitethernet 1 0 5 console config if 1 0 5 spanning tree cost 35000 spanning tree disable Use the spanning tree disable command in Interface Configuration mode to disable spanning tree on a specific port To enable spanning tree on a port use the no form of this command Syntax spanning tree disable no spanning tree disable Default Configuration By default all por...

Page 746: ...ng state To reset the default forward time use the no form of this command Syntax spanning tree forward time seconds no spanning tree forward time seconds Time in seconds Range 4 30 Default Configuration The default forwarding time for IEEE Spanning tree Protocol STP is 15 seconds Command Mode Global Configuration mode User Guidelines When configuring the Forward Time the following relationship sh...

Page 747: ...p guard Default Configuration Neither root nor loop guard is enabled Command Mode Interface Configuration Ethernet Port Channel mode User Guidelines There are no user guidelines for this command Example The following example disables spanning tree guard functionality on gigabit ethernet interface 4 0 1 console config console config interface gigabitethernet 4 0 1 console config if 4 0 1 spanning t...

Page 748: ...y on all ports console config spanning tree loopguard default spanning tree max age Use the spanning tree max age command in Global Configuration mode to configure the spanning tree bridge maximum age To reset the default maximum age use the no form of this command Syntax spanning tree max age seconds no spanning tree max age seconds Time in seconds Range 6 40 Default Configuration The default max...

Page 749: ...mand to set the MSTP Max Hops parameter to a new value for the common and internal spanning tree Use the no form of this command to reset the Max Hops to the default Syntax spanning tree max hops hops no spanning tree max hops hops The maximum number of hops to use Range 1 127 Default Configuration The Maximum number of hops is 20 by default Command Mode Global Configuration mode User Guidelines T...

Page 750: ...ee Protocol RSTP is supported Command Mode Global Configuration mode User Guidelines In RSTP mode the switch would use STP when the neighbor switch is using STP In MSTP mode the switch would use RSTP when the neighbor switch is using RSTP and would use STP when the neighbor switch is using STP Example The following example configures the spanning tree protocol to MSTP console config spanning tree ...

Page 751: ... instance 1 add vlan 10 20 console config mst name region1 console config mst revision 1 spanning tree mst cost Use the spanning tree mst cost command in Interface Configuration mode to configure the internal path cost for multiple spanning tree MST calculations If a loop occurs the spanning tree considers path cost when selecting an interface to put in the forwarding state To return to the defaul...

Page 752: ...s MST instance id 0 is the common internal spanning tree instance CIST Example The following example configures the MSTP instance 1 path cost for interface 1 0 9 to 4 console config interface gigabitethernet 1 0 9 console config if 1 0 9 spanning tree mst 1 cost 4 spanning tree mst port priority Use the spanning tree mst port priority command in Interface Configuration mode to configure port prior...

Page 753: ...onfig interface gigabitethernet 1 0 5 console config if spanning tree mst 1 port priority 144 spanning tree mst priority Use the spanning tree mst priority command in Global Configuration mode to set the switch priority for the specified spanning tree instance To return to the default setting use the no form of this command Syntax spanning tree mst instance id priority priority no spanning tree ms...

Page 754: ...portfast Use the spanning tree portfast command in Interface Configuration mode to enable PortFast mode In PortFast mode the interface is immediately put into the forwarding state upon linkup without waiting for the timer to expire To disable PortFast mode use the no form of this command Syntax spanning tree portfast no spanning tree portfast Parameter Description instance id ID of the spanning tr...

Page 755: ...anning tree forwarding state when linkup occurs without waiting the standard forward time delay Example The following example enables PortFast on 1 0 5 console config interface gigabitethernet 1 0 5 console config if 1 0 5 spanning tree portfast spanning tree portfast bpdufilter default The spanning tree portfast bpdufilter default command discards BPDUs received on spanning tree ports in portfast...

Page 756: ...n all ports Syntax spanning tree portfast default no spanning tree portfast default Default Configuration Portfast mode is disabled by default Command Mode Global Configuration mode Usage Guidelines This command only applies to access ports NOTE This command should be used with care An interface with PortFast mode enabled is moved directly to the spanning tree forwarding state when linkup occurs w...

Page 757: ...tree port priority priority no spanning tree port priority priority The port priority Range 0 240 Default Configuration The default port priority for IEEE STP is 128 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The priority value must be a multiple of 16 Example The following example configures the spanning priority on 1 0 5 to 96 consol...

Page 758: ...tion The default bridge priority for IEEE STP is 32768 Command Mode Global Configuration mode User Guidelines The priority value must be a multiple of 4096 The switch with the lowest priority is the root of the spanning tree Example The following example configures spanning tree priority to 12288 console config spanning tree priority 12288 spanning tree tcnguard Use the spanning tree tcnguard comm...

Page 759: ...anning tree transmit hold count command to set the maximum number of BPDUs that a bridge is allowed to send within a hello time window 2 seconds Use the no form of this command to reset the hold count to the default value Syntax spanning tree transmit hold count value no spanning tree transmit hold count value The maximum number of BPDUs to send Range 1 10 Default Configuration The default hold co...

Page 760: ...nning Tree Commands Example The following example sets the maximum number of BPDUs sent to 6 console config spanning tree transmit hold count 6 2CSPC4 XCT SWUM2XX1 book Page 760 Monday October 3 2011 11 05 AM ...

Page 761: ...r login type CLI HTTP HTTPS the NAS will prompt for the user login credentials and request services from the FASTPATH TACACS client the client will then use the configured list of servers for authentication and provide results back to the NAS The TACACS server list is configured with one or more hosts defined via their network IP address each can be assigned a priority to determine the order in wh...

Page 762: ...key key string key string To specify the key name Range 1 128 characters Default Configuration If left unspecified the key string parameter defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example The following example specifies an encryption and authentication key of 12 console tacacs key 12 key tacacs server host port tacacs ...

Page 763: ...his command has no user guidelines Example The following example displays how to specify server port number 1200 console tacacs port 1200 priority Use the priority command in TACACS Configuration mode to specify the order in which servers are used where 0 zero is the highest priority Syntax priority priority priority Specifies the priority for servers 0 zero is the highest priority Range 0 65535 D...

Page 764: ...leged EXEC mode to display the configuration and statistics of a TACACS server Syntax show tacacs ip address ip address The name or IP address of the host Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following example displays TACACS server settings console show tacacs Global Timeo...

Page 765: ...ess hostname no tacacs server host ip address hostname ip address The IP address of the TACACS server hostname The hostname of the TACACS server Range 1 255 characters Default Configuration No TACACS host is specified Command Mode Global Configuration mode User Guidelines To specify multiple hosts multiple tacacs server host commands can be used TACACS servers are keyed by the host name therefore ...

Page 766: ...he TACACS daemon Range 0 128 printable characters except for question marks and double quotes Default Configuration The default is an empty string Command Mode Global Configuration mode User Guidelines The tacacs server key command accepts any printable characters for the key except a double quote or question mark Enclose the string in double quotes to include spaces within the key The surrounding...

Page 767: ...timeout The timeout value in seconds Range 1 30 Default Configuration The default value is 5 seconds Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the timeout value as 30 console config tacacs server timeout 30 timeout Use the timeout command in TACACS Configuration mode to specify the timeout value in seconds If no ti...

Page 768: ...ft unspecified the timeout defaults to the global value Command Mode TACACS Configuration mode User Guidelines This command has no user guidelines Example This example shows how to specify the timeout value console tacacs timeout 23 2CSPC4 XCT SWUM2XX1 book Page 768 Monday October 3 2011 11 05 AM ...

Page 769: ...in the network PowerConnect switching supports up to 1024 VLANs for forwarding VLANs can be allocated by subnet and netmask pairs thus allowing overlapping subnets For example subnet 10 10 128 0 with Mask 255 255 128 0 and subnet 10 10 0 0 with Mask 255 255 0 0 can have different VLAN associations Double VLAN Mode An incoming frame is identified as tagged or untagged based on Tag Protocol Identifi...

Page 770: ...entries Each VLAN is associated with its own forwarding database Hence the number of forwarding databases equals the number of VLANs supported The MAC address stored is supplemented by a 2 byte VLAN ID The first 2 bytes of a forwarding database entry contain the VLAN ID associated and the next 6 bytes contain the MAC address There is a one to one relationship between VLAN ID and FID forwarding dat...

Page 771: ...n addition to the PVID to determine the VLAN to which the packet belongs This approach requires one VID on each port for each protocol for which the filter is desired IP Subnet Based VLANs This feature allows an untagged packet to be placed in a configured VLAN based upon its IP address MAC Based VLANs This feature allows an untagged packet to be placed in a configured VLAN based upon its MAC addr...

Page 772: ... protocol group show vlan association subnet vlan vlan protocol group remove protocol vlan group switchport access vlan vlan Global Config vlan routing protocol vlan group all switchport forbidden vlan vlan association mac show dvlan tunnel switchport general acceptable frame type tagged only vlan association subnet Parameter Description 802 1Q Configures the EtherType as 0x8100 vman Configures th...

Page 773: ...of the ethertype on the specific interface The ethertype used in the interface form of the command must use the same ethertype as specified in the global configuration form of the command The inner vlan tag C TAG is configured using the switchport command in interface configuration mode Example The following example displays configuring Double VLAN tunnel for vman EtherType console config dvlan tu...

Page 774: ...27 255 255 255 0 interface range vlan Use the interface range vlan command in Global Configuration mode to execute a command on multiple VLANs at the same time Syntax interface range vlan vlan range all vlan range A list of valid VLAN IDs to add Separate nonconsecutive VLAN IDs with a comma and no spaces use a hyphen to designate a range of IDs Range 2 4093 all All existing static VLANs Default Co...

Page 775: ...nge vlan 221 228 889 console config if mode dvlan tunnel Use the mode dvlan tunnel command in Interface Configuration mode to enable Double VLAN Tunneling on the specified interface To disable Double VLAN Tunneling on the specified interface use the no form of this command Syntax mode dvlan tunnel no mode dvlan tunnel Default Configuration By default Double VLAN Tunneling is disabled Command Mode ...

Page 776: ...name Parameter Description Default Configuration The default VLAN name is default Command Mode Interface VLAN Configuration mode User Guidelines The VLAN name may include any alphanumeric characters including a space underscore or dash Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal charac...

Page 777: ...n GVRP is expected to create the VLAN To detach the VLAN from this protocol based group identified by this groupid use the no form of this command Syntax protocol group groupid vlanid no protocol group groupid vlanid groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command To see the group ID associat...

Page 778: ...t added to the group Ensure that the referenced VLAN is created prior to the creation of the protocol based group except when GVRP is expected to create the VLAN To remove the interface from this protocol based VLAN group that is identified by this groupid use the no form of this command If you select all all ports are removed from this protocol group Syntax protocol vlan group groupid no protocol...

Page 779: ...p this command fails and the interface s are not added to the group Ensure that the referenced VLAN is created prior to the creation of the protocol based group except when GVRP is expected to create the VLAN To remove all interfaces from this protocol based group that is identified by this groupid use the no form of the command Syntax protocol vlan group all groupid no protocol vlan group all gro...

Page 780: ...nd in Privileged EXEC mode to display all interfaces enabled for Double VLAN Tunneling Syntax show dvlan tunnel Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows how to display all interfaces for Double VLAN Tunneling console show dvlan tunnel Interfaces Enabled f...

Page 781: ...o default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays detailed information for port 1 0 1 console show dvlan tunnel interface 1 0 1 Interface Mode EtherType 1 0 1 Enable vMAN The following table describes the significant fields shown in the example Field Description Mode This field specifies the administ...

Page 782: ...ollowing example displays switchport configuration individually for gi1 0 1 console show interface switchport gigabitethernet 1 0 1 Port 1 0 1 VLAN Membership mode General Operating parameters EtherType This field represents a 2 byte hex EtherType to be used as the first 16 bits of the DVLAN tunnel The three different EtherType tags are 1 802 1Q which represents the commonly used value of 0x8100 2...

Page 783: ...LAN008 tagged Dynamic 11 VLAN0011 tagged Static 19 IPv6 VLAN untagged Static 72 VLAN0072 untagged Static Static configuration PVID 1 default Ingress Filtering Enabled Acceptable Frame Type All Port 1 0 1 is statically configured to VLAN Name Egress rule 11 VLAN0011 tagged 19 IPv6 VLAN untagged 72 VLAN0072 untagged Forbidden VLANS VLAN Name 2CSPC4 XCT SWUM2XX1 book Page 783 Monday October 3 2011 11...

Page 784: ... 4095 discard vlan Ingress Filtering Enabled Acceptable Frame Type All Port 1 0 1 is member in VLAN Name Egress rule Type 91 IP Telephony tagged Static Static configuration PVID 8 Ingress Filtering Disabled Acceptable Frame Type All Port 1 0 2 is statically configured to VLAN Name Egress rule 8 VLAN0072 untagged 91 IP Telephony tagged Forbidden VLANS VLAN Name 2CSPC4 XCT SWUM2XX1 book Page 784 Mon...

Page 785: ...led Acceptable Frame Type Untagged GVRP status Disabled Port 2 0 19 is member in VLAN Name Egress rule Type 2921 Primary A untagged Static 2922 Community A1 untagged Static Static configuration PVID 2922 Ingress Filtering Enabled Acceptable Frame Type Untagged GVRP status Disabled Port 2 0 19 is member in VLAN Name Egress rule Type 2921 Primary A untagged Static 2CSPC4 XCT SWUM2XX1 book Page 785 M...

Page 786: ...erated when you create a protocol based VLAN group with the vlan protocol group command all Enter all to show all interfaces Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the Protocol Based VLAN information for either the entire system console show port pro...

Page 787: ...t Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information for VLAN id 1 2 and 3 console show vlan id 1 VLAN Name Ports Type 1 default Po1 48 Default Gi1 0 1 10 console show vlan id 2 VLAN Name Ports Type Parameter Description vlanid VLAN identifier vlan name A va...

Page 788: ...AN associations of all the configured MAC addresses are displayed Syntax show vlan association mac mac address mac address Specifies the MAC address to be entered in the list Range Any valid MAC address Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows no entry in...

Page 789: ...ured IP subnets are displayed Syntax show vlan association subnet ip address ip mask ip address Specifies IP address to be shown ip mask Specifies IP mask to be shown Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The command has no user guidelines Example The following example shows the case if no IP Subnet to VLAN association exi...

Page 790: ...LAN to which the port is configured Default Configuration The default value for the vlan id parameter is 1 Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines The command automatically removes the port from the previous VLAN and adds it to the new VLAN Example The following example configures a VLAN ID of interface 1 0 8 to become an access mem...

Page 791: ...se a hyphen to designate a range of IDs remove vlan list List of valid VLAN IDs to remove from the forbidden list Separate nonconsecutive VLAN IDs with a comma and no spaces Use a hyphen to designate a range of IDs Default Configuration All VLANs allowed Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Exa...

Page 792: ...ress Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines This command has no user guidelines Example The following example configures 1 0 8 to discard untagged frames at ingress console config interface gigabitethernet 1 0 8 console config if 1 0 8 switchport general acceptable frame type tagged only switchport general allowed vlan Use the swit...

Page 793: ...kets for the VLANs Default Configuration Untagged Command Mode Interface Configuration gigabitethernet port channel tengigabitethernet mode User Guidelines You can use this command to change the egress rule for example from tagged to untagged without first removing the VLAN from the list Example The following example shows how to add VLANs 1 2 5 and 8 to the allowed list console config if 1 0 8 sw...

Page 794: ...terface gigabitethernet 1 0 8 console config if 1 0 8 switchport general ingress filtering disable switchport general pvid Use the switchport general pvid command in Interface Configuration mode to configure the Port VLAN ID PVID when the interface is in general mode Use the switchport mode general command to set the VLAN membership mode of a port to general To configure the default value use the ...

Page 795: ...eral pvid 234 switchport mode Use the switchport mode command in Interface Configuration mode to configure the VLAN membership mode of a port To reset the mode to the appropriate default for the switch use the no form of this command Syntax switchport mode access trunk general no switchport mode Parameter Description Parameter Description access An access port connects to a single end station belo...

Page 796: ... PVID for an interface in Trunk Mode Syntax switchport trunk allowed vlan vlan list native vlan vlan id trunk A trunk port connects two switches A trunk port may belong to multiple VLANs A trunk port accepts only packets tagged with the VLAN IDs of the VLANs to which the trunk is a member or untagged packets if configured with a PVID A trunk only transmits tagged packets general Full 802 1q suppor...

Page 797: ...d is not allowed on commands that do not permit all VLANs in the list to be set at the same time add adds the defined list of VLANs to those currently set instead of replacing the list remove removes the defined list of VLANs from those currently set instead of replacing the list Valid IDs are from 1 to 4093 extended range VLAN IDs of the form X Y or X Y Z are valid in this command except lists th...

Page 798: ...o be added List separate non consecutive VLAN IDs separated by commas without spaces use a hyphen to designate a range of IDs Range 2 4093 Default Configuration This command has no default configuration Command Mode VLAN Database mode User Guidelines Deleting the VLAN for an access port will cause that port to become unusable until it is assigned a VLAN that exists Example The following example sh...

Page 799: ...mand Mode Global Configuration Config User Guidelines This command has no user guidelines Example The following example shows how to create add VLAN of IDs 22 23 and 56 console config vlan 22 23 56 console config vlan Parameter Description vlan id A valid VLAN ID Range 2 4093 vlan range A list of valid VLAN IDs List separate non consecutive VLAN IDs separated by commas without spaces Use a hyphen ...

Page 800: ... subnet Range 1 4093 Default Configuration No assigned MAC address Command Mode VLAN Database mode User Guidelines This command has no user guidelines Example The following example associates MAC address with VLAN ID 1 console config vlan vlan association mac 0001 0001 0001 1 vlan association subnet Use the vlan association subnet command in VLAN Database mode to associate a VLAN to a specific IP ...

Page 801: ... Example The following example associates IP address with VLAN ID 100 console config vlan vlan association subnet 192 245 23 45 255 255 255 0 100 vlan database Use the vlan database command in Global Configuration mode to enter the VLAN database configuration mode Syntax vlan database Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidel...

Page 802: ...mber VLAN range is 2 4093 Syntax vlan makestatic vlan id vlan id Valid vlan ID Range is 2 4093 Default Configuration This command has no default configuration Command Mode VLAN Database Mode User Guidelines The dynamic VLAN created via GRVP should exist prior to executing this command See the Type column in output from the show vlan command to determine that the VLAN is dynamic Example The followi...

Page 803: ...otocol group groupname is updated to vlan protocol group groupid so that groupid is used for both configuration and script generation NOTE If an attempt is made to migrate to the latest implementation with any of the groupnames deleted prior to saving configuration on the pre code applicable only for platforms the problem on the latest code will remain Syntax vlan protocol group groupid no vlan pr...

Page 804: ...otocol group add protocol groupid ethertype value no vlan protocol group add protocol groupid ethertype value groupid The protocol based VLAN group ID which is automatically generated when you create a protocol based VLAN group with the vlan protocol group command To see the group ID associated with the name of a protocol group use the show port protocol all command ethertype value The protocol yo...

Page 805: ...ated with the name of a protocol group use the show port protocol all command groupName The group name you want to add The group name can be up to 16 characters length It can be any valid alpha numeric characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config vlan prot...

Page 806: ...default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays the removal of the protocol based VLAN group identified as 2 console config vlan protocol group remove 2 vlan routing Use the vlan routing command to enable routing on a VLAN Use the no form of this command to disable routing on a VLAN Syntax vlan ...

Page 807: ...lan routing 10 1 index Internal interface ID This optional parameter is listed in the configuration file for all VLAN routing interfaces When a nonstop forwarding failover occurs this information enables the system to correlate checkpointed state information with the proper interfaces and their configuration Parameter Description 2CSPC4 XCT SWUM2XX1 book Page 807 Monday October 3 2011 11 05 AM ...

Page 808: ...808 VLAN Commands 2CSPC4 XCT SWUM2XX1 book Page 808 Monday October 3 2011 11 05 AM ...

Page 809: ... phone is tagged with the exchanged VLAN ID thus regular data arriving on the switch is given the default PVID of the port and the voice traffic is received on a predefined VLAN The two types of traffic are therefore segregated so that better service can be provided to the voice traffic When a dot1p priority is associated with the voice VLAN port instead of VLAN ID then the priority information is...

Page 810: ...Not applicable Command Mode Global Configuration Usage Guidelines Not applicable Default Value This feature is disabled by default Example console config voice vlan console config no voice vlan voice vlan Interface This command is used to enable the voice vlan capability on the interface voice vlan voice vlan data priority voice vlan Interface show voice vlan 2CSPC4 XCT SWUM2XX1 book Page 810 Mond...

Page 811: ... traffic trusted mode dot1p Configure Voice VLAN 802 1p priority tagging for voice traffic dscp Configure DSCP value for voice traffic on the voice vlan port Range 0 64 none Allow the IP phone to use its own configuration to send untagged voice traffic priority The Dot1p priority for the voice VLAN on the port trust Trust the dot1p priority or DSCP values contained in packets arriving on the voice...

Page 812: ...t untrust trust Trust the dot1p priority or DSCP values contained in packets arriving on the voice vlan port untrust Do not trust the dot1p priority or DSCP values contained in packets arriving on the voice vlan port Command Mode Interface Configuration Default Value trust Example console config if 1 0 1 voice vlan data priority untrust console config if 1 0 1 voice vlan data priority trust show v...

Page 813: ...LAN COS Override False Voice VLAN Port Status Disabled When the interface parameter is specified Voice VLAN Mode The admin mode of the voice VLAN on the interface Voice VLAN ID The voice VLAN ID Voice VLAN Priority The Dot1p priority for the voice VLAN on the port Voice VLAN Untagged The tagging option for the voice VLAN traffic Voice VLAN COS Override The Override option for the voice traffic arr...

Page 814: ...814 Voice VLAN Commands 2CSPC4 XCT SWUM2XX1 book Page 814 Monday October 3 2011 11 05 AM ...

Page 815: ... remote RADIUS or TACACS servers Supported security methods for communication with remote servers include MD5 PEAP EAP TTL EAP TTLS and EAP TLS Local 802 1X Authentication Server The PowerConnect switch supports a dedicated database for local authentication of users for network access through the Dot1x feature This functionality is distinct from management access for the switch This feature suppor...

Page 816: ...from a central location using a TFTP server MAC Authentication Bypass Today 802 1x has become the recommended port based authentication method at the access layer in enterprise networks However there may be 802 1x unaware devices such as printers fax machines etc that would require access to the network without 802 1x authentication MAC Authentication Bypass MAB is a supplemental authentication me...

Page 817: ...ogs the results of the authentication process for diagnostic purposes The exact details are described in the below sections The main aim of the monitor mode is to provide a mechanism to the operator to be able to identify the short comings in the configuration of a Dot1x authentication on the switch without affecting the network access to the users of the switch There are three important aspects t...

Page 818: ... any port and be assigned to the appropriate VLAN This gives flexibility for clients to move around the network with out requiring the operator to perform additional provisioning for each network interface Commands in this Chapter This chapter explains the following commands dot1x dynamic vlan enable dot1x timeout guest vlan period show dot1x clients dot1x mac auth bypass dot1x timeout quiet perio...

Page 819: ... the no form of the command to disable this capability Syntax dot1x dynamic vlan enable no dot1x dynamic vlan enable Parameter Description This command does not require a parameter description Default Configuration The default value is Disabled Command Mode Global Configuration User Guidelines This command has no user guidelines dot1x guest vlan dot1x unauth vlan show dot1x advanced radius server ...

Page 820: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command dot1x mac auth bypass Use the dot1x mac auth bypass command to enable MAB on an interface Use the no form of this command to disable MAB on an interface Syntax dot1x mac auth bypass no dot1x mac auth bypass Default Configuration MAC Authentication Bypass...

Page 821: ...to the client before restarting the authentication process To return to the default setting use the no form of this command Syntax dot1x max req count no dot1x max req count Number of times that the switch sends an EAP request identity frame before restarting the authentication process Range 1 10 Default Configuration The default value for the count parameter is 2 Command Mode Interface Configurat...

Page 822: ... the maximum number of clients supported on the port when MAC based 802 1X authentication is enabled on the port The value would be reset to 8 Syntax dot1x max users users no dot1x max users users The number of users the port supports for MAC based 802 1X authentication Range 1 16 Default Configuration The default number of clients supported on a port with MAC based 802 1X authentication is 8 Comm...

Page 823: ...e port to transition to the authorized state without any authentication exchange required The port sends and receives normal traffic without 802 1x based authentication of the client force unauthorized Denies all access through this interface by forcing the port to transition to the unauthorized state ignoring all attempts by the client to authenticate The switch cannot provide authentication serv...

Page 824: ...nsole config interface gigabitethernet 1 0 2 console config if 1 0 2 dot1x port control mac based dot1x re authenticate Use the dot1x re authenticate command in Privileged EXEC mode to enable manually initiating a re authentication of all 802 1x enabled ports or the specified 802 1x enabled port Syntax dot1x re authenticate gigabitethernet unit slot port Default Configuration This command has no d...

Page 825: ...nterface Configuration Ethernet mode User Guidelines This command has no user guidelines Example The following example enables periodic re authentication of the client console config interface gigabitethernet 1 0 16 console config if 1 0 16 dot1x reauthentication dot1x system auth control monitor Use the dot1x system auth control monitor command in Global Configuration mode to enable 802 1x monito...

Page 826: ...riod Use the dot1x timeout guest vlan period command in Interface Configuration mode to set the number of seconds that the switch waits before authorizing the client if the client is a dot1x unaware client Syntax dot1x timeout guest vlan period seconds seconds Time in seconds that the switch waits before authorizing the client if the client is a dot1x unaware client Default Configuration The switc...

Page 827: ...that the switch remains in the quiet state following a failed authentication exchange for example the client provided an invalid password To return to the default setting use the no form of this command Syntax dot1x timeout quiet period seconds no dot1x timeout quiet period seconds Time in seconds that the switch remains in the quiet state following a failed authentication exchange with the client...

Page 828: ...t 1 0 16 console config if 1 0 16 dot1x timeout quiet period 3600 dot1x timeout re authperiod Use the dot1x timeout re authperiod command in Interface Configuration mode to set the number of seconds between re authentication attempts To return to the default setting use the no form of this command Syntax dot1x timeout re authperiod seconds no dot1x timeout re authperiod seconds Number of seconds b...

Page 829: ...g use the no form of this command Syntax dot1x timeout server timeout seconds no dot1x timeout server timeout seconds Time in seconds that the switch waits for a response from the authentication server Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The actual timeout is this parameter or the product of ...

Page 830: ...s that the switch should wait for a response to an EAP request frame from the client before resending the request Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines Change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with...

Page 831: ...equest identity frame from the client before resending the request Range 1 65535 Default Configuration The period of time is set to 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines Change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers Exa...

Page 832: ...is command has no default configuration Command Mode Privileged EXEC mode User Guidelines If you do not use the optional parameters the command displays the global dot1x mode and the VLAN Assignment mode Parameter Description interface id Any valid interface See Interface Naming Conventions for interface representation Field Description Administrative Mode Indicates whether authentication control ...

Page 833: ...x show dot1x authentication history interface id all failed auth only detail Parameter Description The following table explains the output parameters Monitor Mode Indicates whether the Dot1x Monitor mode on the switch is enabled or disabled Parameter Description Time Stamp Exact time at which the event occurs Interface Physical Port on which the event occurs MAC Address Supplicant Client MAC Addre...

Page 834: ...5 VLAN Assigned 111 VLAN Assigned Reason Guest VLAN Auth Status Authorized Reason Dot1x Authentication due to Guest VLAN Timer Expiry console show dot1x authentication history all Time Stamp Interface MAC Address VLANID Auth Status Mar 22 2010 01 16 31 gi1 0 2 00 01 02 03 04 05 111 Authorized Mar 22 2010 01 20 33 gi1 0 7 00 00 0D 00 00 00 222 Authorized Reason Actual reason behind the successful o...

Page 835: ...1x clients Use the show dot1x clients command in Privileged EXEC mode to display 802 1x client information The client information is displayed in summary or in detail The command also displays the statistics of the number of clients that are authenticated using Monitor Mode and using 802 1x Syntax show dot1x clients interface id all Parameter Description Default Configuration This command has no d...

Page 836: ...me representing the identity of the Supplicant This field shows the username when the port control is auto or mac based If the port is Authorized it shows the username of the current user If the port is unauthorized it shows the last user that was authenticated successfully Supp MAC Address The MAC address of the supplicant Session Time The amount of time in seconds since the client was authentica...

Page 837: ...A Session Time 67 VLAN Id 1 VLAN Assigned Monitor Mode Session Timeout 0 Session Termination Action Default show dot1x interface This command shows the status of MAC Authentication Bypass This feature is an extension of Dot1x Option 81 feature added in Power Connect Release 2 1 to accept a VLAN name as an alternative to a number when RADIUS indicates the Tunnel Private Group ID for a supplicant Sy...

Page 838: ... this command Example console show dot1x interface gigabitethernet 1 0 10 Administrative Mode Disabled Dynamic VLAN Creation Mode Disabled Monitor Mode Disabled Port Admin Oper Reauth Reauth Mode Mode Control Period Gi1 0 10 auto N A FALSE 3600 Quiet Period 60 Transmit Period 30 Maximum Requests 2 Max Users 16 2CSPC4 XCT SWUM2XX1 book Page 838 Monday October 3 2011 11 05 AM ...

Page 839: ...ics command in Privileged EXEC mode to display 802 1x statistics for the specified interface Syntax show dot1x statistics gigabitethernet unit slot port tengigabitethernetunit slot port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays 802 1x statistics for the...

Page 840: ... 0 The following table describes the significant fields shown in the display Field Description EapolFramesRx The number of valid EAPOL frames of any type that have been received by this Authenticator EapolFramesTx The number of EAPOL frames of any type that have been transmitted by this Authenticator EapolStartFramesRx The number of EAPOL Start frames that have been received by this Authenticator ...

Page 841: ... have been transmitted by this Authenticator EapolReqFramesTx The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator InvalidEapolFramesRx The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized EapLengthErrorFramesRx The number of EAPOL frames that have been received by this Authenticator ...

Page 842: ...ficant fields shown in the display clear dot1x authentication history Use the clear dot1x authentication history command in Privileged EXEC mode to clear the authentication history table captured during successful and unsuccessful authentication Syntax show dot1x authentication history interface id Field Description Username The username representing the identity of the Supplicant Port The port th...

Page 843: ...tries for the specified interface from the log 802 1x Advanced Features dot1x guest vlan Use the dot1x guest vlan command in Interface Configuration mode to set the guest VLAN on a port The VLAN must already have been defined The no form of this command sets the guest VLAN id to zero which disables the guest VLAN on a port Syntax dot1x guest vlan vlan id Parameter Description interface id Any vali...

Page 844: ...f 1 0 2 dot1x guest vlan 10 dot1x unauth vlan Use the dot1x unauth vlan command in Interface Configuration mode to specify the unauthenticated VLAN on a port The unauthenticated VLAN is the VLAN to which supplicants that fail 802 1X authentication are assigned Syntax dot1x unauth vlan vlan id no dot1x unauth vlan vlan id The ID of a valid VLAN to use for unauthenticated clients Range 0 4093 Defaul...

Page 845: ...column and add an Unauthenticated VLAN column which indicates whether an unauthenticated VLAN is configured on a port The command has also been updated to show the Guest VLAN ID instead of the status since it is now configurable per port Syntax show dot1x advanced gigabitethernet unit slot port tengigabitethernetunit slot port Default Configuration This command has no default configuration Command...

Page 846: ...1x Option 81 radius server attribute 4 Use the radius server attribute 4 command in Global Configuration mode to set the network access server NAS IP address for the RADIUS server Use the no version of the command to set the value to the default Syntax radius server attribute 4 ip address no dot1x guest vlan ip address Specifies the IP address to be used as the RADIUS attribute 4 the NAS IP addres...

Page 847: ...he RADIUS server IP address Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example sets the NAS IP address in RADIUS attribute 4 to 192 168 10 22 console config radius server attribute 4 192 168 10 22 2CSPC4 XCT SWUM2XX1 book Page 847 Monday October 3 2011 11 05 AM ...

Page 848: ...848 802 1x Commands 2CSPC4 XCT SWUM2XX1 book Page 848 Monday October 3 2011 11 05 AM ...

Page 849: ...he document contains the following Layer 3 topics ARP Commands IPv6 Routing Commands DHCP Server and Relay Agent Commands Loopback Interface Commands DHCPv6 Commands Multicast Commands DVMRP Commands OSPF Commands GMRP Commands OSPFv3 Commands IGMP Commands Router Discovery Protocol Commands IGMP Proxy Commands Routing Information Protocol Commands IP Helper DHCP Relay Commands Tunnel Interface Co...

Page 850: ...850 Layer 3 Commands 2CSPC4 XCT SWUM2XX1 book Page 850 Monday October 3 2011 11 05 AM ...

Page 851: ... discovery protocol is one method that enables hosts to learn a default gateway If a host does not know a default gateway it can learn the first hop to the destination through proxy ARP Proxy ARP RFC 1027 is a technique used to make a machine physically located on one network appear to be logically part of a different physical network connected to the same router may also be a firewall Typically P...

Page 852: ...ts age is reset to 0 By enabling the dynamic renew option the system administrator can configure ARP to attempt to renew aged ARP entries regardless of their use for forwarding If the system learns a new ARP entry but the hardware does not have space to add the new ARP entry the system attempts to remove entries that have not been used for forwarding recently This action may create space for new e...

Page 853: ...guidelines Example The following example creates an ARP entry consisting of an IP address and a MAC address console config arp 192 168 1 2 00A2 64B3 A245 arp cachesize Use the arp cachesize command in Global Configuration mode to configure the maximum number of entries in the ARP cache To return the maximum number ARP cache entries to the default value use the no form of this command Syntax arp ca...

Page 854: ...y age out To disable the automatic renewal of dynamic ARP entries when they age out use the no form of the command Syntax arp dynamicrenew no arp dynamicrenew Default Configuration The default state is disabled Command Mode Global Configuration mode User Guidelines When an ARP entry reaches its maximum age the system must decide whether to retain or delete the entry If the entry has recently been ...

Page 855: ... of enabling dynamic renew is that once an ARP cache entry is created that cache entry continues to take space in the ARP cache as long as the neighbor continues to respond to ARP requests even if no traffic is being forwarded to the neighbor In a network where the number of potential neighbors is greater than the ARP cache capacity enabling dynamic renew could prevent some neighbors from communic...

Page 856: ...t response timeout To return the response timeout to the default value use the no form of this command Syntax arp resptime integer no arp resptime integer IP ARP entry response time out Range 1 10 seconds Default Configuration The default value is 1 second Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a response tim...

Page 857: ...e is 4 retries Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines 6 as the maximum number of retries console config arp retries 6 arp timeout Use the arp timeout command in Global Configuration mode to configure the ARP entry ageout time Use the no form of the command to set the ageout time to the default Syntax arp time...

Page 858: ... command in Privileged EXEC mode to remove all ARP entries of type dynamic from the ARP cache Syntax clear arp cache gateway gateway Removes the dynamic entries of type gateway as well Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example clears all entries ARP of type dyna...

Page 859: ...o default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example In the example below out of band management entries are shown i e those from the service port console show arp Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 6144 Dynamic Renew Mode Disable Total Entry Count Current Peak 0 0 Static Entry Count Configured Active ...

Page 860: ...l proxy arp no ip local proxy arp Default Configuration Proxy arp is disabled by default Command Mode Interface Configuration User Guidelines This command has no user guidelines ip proxy arp Use the ip proxy arp command in Interface Configuration mode to enable proxy ARP on a router interface Without proxy ARP a device only responds to an ARP request if the target IP address is an address configur...

Page 861: ...mode User Guidelines This command has no user guidelines Example The following example enables proxy arp for VLAN 15 config interface vlan 15 console config if vlan15 ip proxy arp show arp Use the show arp command in Privileged EXEC mode to display all entries in the Address Resolution Protocol ARP cache The displayed results are not the total ARP entries To view the total ARP entries the operator...

Page 862: ...ple The following example shows show arp command output console show arp Static ARP entries are only active when the IP address is reachable on a local subnet Age Time seconds 1200 Response Time seconds 1 Retries 4 Cache Size 6144 Dynamic Renew Mode Disable Total Entry Count Current Peak 0 0 Static Entry Count Configured Active Max 1 0 128 IP Address MAC Address Interface Type Age 1 1 1 3 0000 000...

Page 863: ...ses to hosts DHCP offers the following features and benefits It supports the definition of pools of IP addresses that can be allocated to clients by the server Many implementations use the term scope instead of pool Configuration settings like the subnet mask default router DNS server that are required to make TCP IP work correctly can be passed to the client using DHCP DHCP is supported by most T...

Page 864: ...ess pool that can be used to supply addressing information to DHCP clients Upon successful completion this command puts the user into DHCP Pool Configuration mode Use the no form of the command to remove an address pool definition ip dhcp pool dns server IP DHCP Pool Config ip dhcp ping packets service dhcp bootfile domain name IP DHCP Pool Config lease sntp clear ip dhcp binding hardware address ...

Page 865: ...s space and other parameters to be supplied to DHCP clients By default the DHCP server assumes that all addresses specified are available for assignment to clients Use the ip dhcp excluded address command in Global Configuration mode to specify addresses that should never be assigned to DHCP clients To configure a dynamic DHCP address pool configure the following pool properties using the listed D...

Page 866: ... address binding configure the pool properties using the DHCP pool commands listed below It is only necessary to configure a DHCP client identifier or a BOOTP client MAC address for a manual binding To configure a manual binding the client identifier or hardware address must be specified before specifying the host address DHCP client identifier client identifier BOOTP client MAC address hardware a...

Page 867: ...2 12 console config dhcp pool default router 192 168 22 1 192 168 23 1 bootfile Use the bootfile command in DHCP Pool Configuration mode to set the name of the image for the DHCP client to load Use the no form of the command to remove the bootfile configuration Use the show ip dhcp pool command to display pool configuration parameters Syntax bootfile filename no bootfile Parameter Description Defa...

Page 868: ...C mode to remove automatic DHCP server bindings Syntax clear ip dhcp binding ip address Parameter Description Default Configuration The command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console clear ip dhcp binding 1 2 3 4 Parameter Description Clear all automatic dhcp bindings ip address Clear a specific binding 2CS...

Page 869: ...lt configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console clear ip dhcp conflict client identifier Use the client identifier command in DHCP Pool Configuration mode to identify a Microsoft DHCP client to be manually assigned an address Use the no form of the command to remove the client identifier configuration Syntax client identifier u...

Page 870: ...configuration parameters Example console config dhcp pool client identifier 01 03 13 18 22 33 11 console config dhcp pool host 192 168 21 34 32 client name Use the client name command in DHCP Pool Configuration mode to specify the host name of a DHCP client Use the no form of the command to remove the client name configuration Syntax client name name Parameter Description unique identifier The ide...

Page 871: ...cp pool client identifier 01 03 13 18 22 33 11 console config dhcp pool host 192 168 21 34 32 console config dhcp pool client name Line_Printer_Hallway default router Use the default router command in DHCP Pool Configuration mode to set the IPv4 address of one or more routers for the DHCP client to use Use the no form of the command to remove the default router configuration Use the show ip dhcp p...

Page 872: ...IP DHCP Pool Config Use the dns server command in IP DHCP Pool Configuration mode to set the IP DNS server address which is provided to a DHCP client by the DHCP server DNS server address is configured for stateless server support Syntax dns server ip address1 no dns server Parameter Description ip address1 The IPv4 address of the first default router for the DHCP client ip address2 The IPv4 addre...

Page 873: ...et the DNS domain name which is provided to a DHCP client by the DHCP server The DNS name is an alphanumeric string up to 255 characters in length Use the no form of the command to remove the domain name Syntax domain name domain no domain name domain domain DHCP domain name Range 1 255 characters Default Configuration This command has no default configuration Command Mode IP DHCP Pool Configurati...

Page 874: ... manual bindings Command Mode DHCP Pool Configuration mode User Guidelines Use the show ip dhcp pool command to display pool configuration parameters It may be necessary to use the no host command prior to executing the no hardware address command Example console config dhcp pool hardware address 00 23 12 43 23 54 console config dhcp pool host 192 168 21 131 32 Parameter Description hardware addre...

Page 875: ...t identifier or hardware address command prior to using this command for an address pool Use the show ip dhcp pool command to display pool configuration parameters Example console config dhcp pool client identifier 00 23 12 43 23 54 console config dhcp pool host 192 168 21 131 32 Parameter Description ip address IPv4 address to be manually assigned to the host identified by the client identifier n...

Page 876: ...ent configuration Syntax ip dhcp bootp automatic no ip dhcp bootp automatic Parameter Description This command does not require a parameter description Default Configuration Automatic BOOTP client address assignment is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console ip dhcp bootp automatic ip dhcp conflict logging Use t...

Page 877: ...he ip dhcp excluded address command in Global Configuration mode to exclude one or more DHCP addresses from automatic assignment Use the no form of the command to allow automatic address assignment for the specified address or address range Syntax ip dhcp excluded address low address high address no ip dhcp excluded address low address high address Parameter Description Parameter Description Low a...

Page 878: ...Global Configuration mode to configure the number of pings sent to detect if an address is in use prior to assigning an address from the DHCP pool If neither ping is answered the DHCP server presumes the address is not in use and assigns the selected IP address Syntax ip dhcp ping packets 0 2 10 no ip dhcp ping packets High address An IPv4 address indicating the ending range for exclusion from aut...

Page 879: ...ses are to be automatically assigned Use the no form of the command to return the lease configuration to the default Use the show ip dhcp pool command to display pool configuration parameters Use the show ip dhcp binding command to display the expiration time of the leased IP address Syntax lease days hours minutes infinite no lease Parameter Description count The number of ping packets sent to de...

Page 880: ...ndows Internet Naming Service WINS for a Microsoft DHCP client Use the no form of the command to remove the NetBIOS name server configuration Syntax netbios name server ip address ip address2 ip address8 no netbios name server Parameter Description days The number of days for the lease duration Range 0 59 Default is 1 hours The number of hours for the lease duration Range 0 23 There is no default ...

Page 881: ...eyed in the Option 44 TLV of the DHCP OFFER DCHP ACK DHCP INFORM ACK and DHCP BOOTREPLY messages Example console config dhcp pool netbios name server 192 168 21 1 192 168 22 1 netbios node type Use the netbios node type command in DHCP Pool Configuration mode to set the NetBIOS node type for a Microsoft DHCP client Use the no form of the command to remove the netbios node configuration Syntax netb...

Page 882: ...P OFFER DHCP ACK DHCP INFORM ACK and DHCP BOOTREPLY messages Supported NetBIOS node types are broadcast b node peer to peer p node mixed m node hybrid h node Example console config dhcp pool netbios node type h node network Use the network command in IP DHCP Pool Configuration mode to define a pool of IPv4 addresses for distributing to clients Syntax network network number mask prefix length Param...

Page 883: ...ntax next server ip address no next server Parameter Description Default Configuration There is no default IPv4 next server configured Command Mode DHCP Pool Configuration mode Parameter Description network number A valid IPv4 address mask A valid IPv4 network mask with contiguous left aligned bits prefix length An integer indicating the number of leftmost bits in the network number to use as a pr...

Page 884: ...ol command to display pool configuration parameters Syntax option code ascii string1 hex string1 string8 ip ip address1 ip address8 no option code Parameter Description Default Configuration There is no default option configured Parameter Description code The DHCP TLV option code ascii string1 An ASCII character string Strings with embedded blanks must be wholly contained in quotes hex string1 A h...

Page 885: ...e 40 1 lists the options that can be configured and their fixed length minimum length and length multiple requirements Figure 40 1 Option Codes and Lengths Option Code Fixed Length Minimum Length Multiple Of 2 Time Offset 4 4 Time Server 4 4 7 Log Server 4 4 8 Cookie Server 4 4 9 LPR Server 4 4 10 Impress Server 4 4 11 Resource Location Server 4 4 12 Host Name 1 13 Boot File Size 2 14 Merit File D...

Page 886: ...m Router Discovery 1 32 Router Solicitation Address 4 33 Static Router Option 8 8 34 Trailer Encapsulation 1 35 ARP Cache Timeout 4 36 Ethernet Encapsulation 1 37 TCP TTL 1 38 TCP Keepalive Interval 4 39 TCP Keepalive Garbage 1 40 Network Information Service 1 41 Network Information Servers 4 4 Figure 40 1 Option Codes and Lengths continued Option Code Fixed Length Minimum Length Multiple Of 2CSPC...

Page 887: ...Manager 4 4 58 Renewal Time T1 4 59 Rebinding Time T2 4 60 Vendor Class 1 64 NIS Domain 1 65 NIS Servers 4 4 66 TFTP Server 1 68 Mobile IP Home Agent 0 4 69 SMTP Server 4 4 70 POP3 Server 4 4 71 NNTP Server 4 4 72 WWW Server 4 4 73 Finger Server 4 4 74 IRC Server 4 4 75 Streettalk Server 4 4 76 STDA Server 4 4 Figure 40 1 Option Codes and Lengths continued Option Code Fixed Length Minimum Length M...

Page 888: ...able local IPv4 DHCP server on the switch Use the no form of the command to disable the DHCPv4 service Syntax service dhcp no service dhcp Default Configuration The service is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines sntp Use the sntp command in DHCP Pool Configuration mode to set the IPv4 address of the NTP server to be used fo...

Page 889: ...IPv4 address of the NTP server is conveyed in the Option 42 TLV of the DHCP OFFER DHCP ACK DHCP INFORM ACK and DHCP BOOTREPLY messages Example console config dhcp pool sntp 192 168 21 2 show ip dhcp binding Use the show ip dhcp binding command in Privileged EXEC mode to display the configured DHCP bindings Syntax show ip dhcp binding address Parameter Description ip address The IPv4 address of the...

Page 890: ...0 3 00 0e c6 88 0e 98 00 23 56 Auto 00 01 01 02 03 04 05 06 00 0e c6 88 0e 98 show ip dhcp conflict Use the show ip dhcp conflict command in User EXEC mode to display DHCP address conflicts for all relevant interfaces or a specified interface If an interface is specified the optional statistics parameter is available to view statistics for the specified interface Syntax show ip dhcp conflict addre...

Page 891: ...and in Privileged EXEC mode to display the DHCP global configuration Syntax show ip dhcp server statistics Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description address A valid IPv4 address for which the co...

Page 892: ...poolname Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines show ip dhcp server statistics Use the show ip dhcp server statistics command in Privileged EXEC mode to display the DHCP server binding and message counters Syntax show ip dhcp server statistics Parameter De...

Page 893: ...mand Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip dhcp server statistics Automatic Bindings 100 Expired Bindings 32 Malformed Bindings 0 Messages Received DHCP DISCOVER 132 DHCP REQUEST 132 DHCP DECLINE 0 DHCP RELEASE 32 DHCP INFORM 0 Messages Sent DHCP OFFER 132 2CSPC4 XCT SWUM2XX1 book Page 893 Monday October 3 2011 11 05 AM ...

Page 894: ...894 DHCP Server and Relay Agent Commands DHCP ACK 132 DHCP NACK 0 2CSPC4 XCT SWUM2XX1 book Page 894 Monday October 3 2011 11 05 AM ...

Page 895: ... if VLAN is specified Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines clear ipv6 dhcp service dhcpv6 dns server IPv6 DHCP Pool Config show ipv6 dhcp domain name IPv6 DHCP Pool Config show ipv6 dhcp binding ipv6 dhcp pool show ipv6 dhcp interface User EXEC ipv6 dhcp relay show ipv6 dhcp interface P...

Page 896: ...ax dns server ipv6 address no dns server ipv6 address Parameter Description Default Configuration This command has no default configuration Command Mode IPv6 DHCP Pool Configuration mode User Guidelines This command has no user guidelines domain name IPv6 DHCP Pool Config Use the domain name command in IPv6 DHCP Pool Configuration mode to set the DNS domain name which is provided to a DHCPv6 clien...

Page 897: ...Pv6 client by the DHCPv6 server console config ipv6 dhcp pool addrpool console config dhcp6s pool domain name test console config dhcp6s pool no domain name test ipv6 dhcp pool Use the ipv6 dhcp pool command in Global Configuration mode to enter IPv6 DHCP Pool Configuration mode DHCPv6 pools are used to specify information for DHCPv6 server to distribute to DHCPv6 clients These pools are shared be...

Page 898: ...tax ipv6 dhcp relay destination relay address interface vlan vlan id interface vlan vlan id remote id duid ifid user defined string destination Keyword that sets the relay server IPv6 address relay address An IPv6 address of a DHCPv6 relay server interface Sets the relay server interface vlan id A valid VLAN ID remote id duid ifid user defined string The Relay Agent Information Option remote ID su...

Page 899: ...iguring an interface in DHCP relay mode overwrites the DHCP server mode and vice versa An IP interface configured in relay mode cannot be configured as a DHCP client ip address dhcp Example The following example configures VLAN 15 for DHCPv6 relay functionality console config interface vlan 15 console config if vlan15 ipv6 dhcp relay destination 2020 1 1 ipv6 dhcp server Use the ipv6 dhcp server c...

Page 900: ... relay mode configuration and vice versa An interface in server mode cannot be configured as a DHCP client ip address dhcp Example The following example configures DHCPv6 server functionality console config interface vlan 15 console config if vlan15 ipv6 dhcp server pool prefix delegation Use the prefix delegation command in IPv6 DHCP Pool Configuration mode to define multiple IPv6 prefixes within...

Page 901: ...3 43 76 Parameter Description prefix prefix length Delegated IPv6 prefix client DUID Client DUID e g 00 01 00 09 f8 79 4e 00 04 76 73 43 76 hostname Client hostname used for logging and tracing Range 0 31 characters The command allows spaces in the host name when specified in double quotes For example console config snmp server host host name valid lifetime Valid lifetime for delegated prefix Rang...

Page 902: ...n Global Configuration mode to enable local IPv6 DHCP server on the switch Use the no form of the command to disable the DHCPv6 service Syntax service dhcpv6 no service dhcpv6 Default Configuration The service dhcpv6 is disabled by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables DHCPv6 globally console configu...

Page 903: ...ommand Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays the DHCPv6 server name and status console show ipv6 dhcp DHCPv6 is disabled Server DUID show ipv6 dhcp binding Use the show ipv6 dhcp binding command in Privileged EXEC mode to display the configured DHCP pool Syntax show ipv6 dhcp binding ipv6 address ipv6 address...

Page 904: ...mmand in User EXEC mode to display DHCPv6 information for all relevant interfaces or for the specified interface If an interface is specified the optional statistics parameter is available to view statistics for the specified interface Syntax show ipv6 dhcp interface type number statistics Syntax Description Default Configuration This command has no default configuration Parameter Description type...

Page 905: ... Relay Interface Number Relay Relay Remote ID Option Flags console show ipv6 dhcp interface vlan 11 statistics DHCPv6 Interface vlan11 Statistics DHCPv6 Solicit Packets Received 0 DHCPv6 Request Packets Received 0 DHCPv6 Confirm Packets Received 0 DHCPv6 Renew Packets Received 0 DHCPv6 Rebind Packets Received 0 DHCPv6 Release Packets Received 0 DHCPv6 Decline Packets Received 0 DHCPv6 Inform Packe...

Page 906: ...d 0 show ipv6 dhcp interface Privileged EXEC Use the show ipv6 dhcp interface command in Privileged EXEC mode to display configuration and status information about an IPv6 DHCP interface or all interfaces Syntax show ipv6 dhcp interface interface id statistics Syntax Description Default Configuration This command has no default configuration Command Mode Privileged EXEC Parameter Description inter...

Page 907: ...er which the address is requested for renewal T2 Time The T2 in seconds time as indicated by the DHCPv6 Server T2 value indicates the time interval after which the Client sends Rebind message to the Server in case there are no replies to the Renew messages Interface IAID An identifier for an identity association chosen by this Client Leased Address The IPv6 address leased by the DHCPv6 Server for ...

Page 908: ...sed Address 2017 309D 161 4EF1 DBB1 128 Preferred Lifetime 1 days 0 hrs 0 mins 0 secs Valid Lifetime 2 days 0 hrs 0 mins 0 secs Renew Time 0 days 11 hrs 55 mins 28 secs Expiry Time 1 days 23 hrs 55 mins 28 secs console show ipv6 dhcp interface vlan 10 IPv6 Interface Vl10 Mode Relay Relay Address 3030 3 Relay Interface Number Relay Relay Remote ID Option Flags console show ipv6 dhcp interface vlan ...

Page 909: ... Transmitted 0 DHCPv6 Relay forward Packets Transmitted 0 Total DHCPv6 Packets Transmitted 0 console show ipv6 dhcp interface vlan 10 statistics DHCPv6 Client Interface Vl10 Statistics DHCPv6 Advertisement Packets Received 0 DHCPv6 Reply Packets Received 0 Received DHCPv6 Advertisement Packets Discarded 0 Received DHCPv6 Reply Packets Discarded 0 DHCPv6 Malformed Packets Received 0 Total DHCPv6 Pa...

Page 910: ...owing example displays the configured DHCP pool console show ipv6 dhcp pool test DHCPv6 Pool test show ipv6 dhcp statistics Use the show ipv6 dhcp statistics command in User EXEC mode to display the global DHCPv6 server and relay statistics Syntax show ipv6 dhcp statistics Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has n...

Page 911: ...eived 0 DHCPv6 Decline Packets Received 0 DHCPv6 Inform Packets Received 0 DHCPv6 Relay forward Packets Received 0 DHCPv6 Relay reply Packets Received 0 DHCPv6 Malformed Packets Received 0 Received DHCPv6 Packets Discarded 0 Total DHCPv6 Packets Received 0 DHCPv6 Advertisement Packets Transmitted 0 DHCPv6 Reply Packets Transmitted 0 DHCPv6 Reconfig Packets Transmitted 0 DHCPv6 Relay reply Packets ...

Page 912: ...912 DHCPv6 Commands 2CSPC4 XCT SWUM2XX1 book Page 912 Monday October 3 2011 11 05 AM ...

Page 913: ... to build per source group multicast trees It is also called Broadcast and Prune Multicasting protocol It dynamically generates per source group multicast trees using Reverse Path Multicasting Trees are calculated and updated dynamically to track membership of individual groups Commands in this Chapter This chapter explains the following commands ip dvmrp Use the ip dvmrp command to set the admini...

Page 914: ...ig interface vlan 15 console config if vlan15 ip dvmrp ip dvmrp metric Use the ip dvmrp metric command in Interface Configuration mode to configure the metric for an interface This value is used in the DVMRP messages as the cost to reach this network Syntax ip dvmrp metric metric no ip dvmrp metric metric Cost to reach the network Range 1 31 Default Configuration 1 the default value Command Mode I...

Page 915: ...ged EXEC mode to display the system wide information for DVMRP Syntax show ip dvmrp Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays system wide information for DVMRP console config show ip dvmrp Admin Mode Disable Version 3 Total Number of Routes 0 Reachable Rout...

Page 916: ...lt Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays interface information for VLAN 11 DVMRP console config show ip dvmrp interface vlan 11 Interface Mode Disable show ip dvmrp neighbor Use the show ip dvmrp neighbor command in Privileged EXEC mode to display the neighbor ...

Page 917: ...ow ip dvmrp neighbor No neighbors available show ip dvmrp nexthop Use the show ip dvmrp nexthop command in Privileged EXEC mode to display the next hop information on outgoing interfaces for routing multicast datagrams Syntax show ip dvmrp nexthop Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines 2CSPC4...

Page 918: ...mode to display the table that lists the router s upstream prune information Syntax show ip dvmrp prune Default Configuration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the table that lists the router s upstream prune information console config show ip dvmrp prune Expiry Group IP...

Page 919: ...onfiguration This command has no default condition Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the multicast routing information for DVMRP console show ip dvmrp route Upstream Expiry Up Time Source Address Neighbor Interface Metric Time secs secs 2CSPC4 XCT SWUM2XX1 book Page 919 Monday October 3 2011 11 05 AM ...

Page 920: ...920 DVMRP Commands 2CSPC4 XCT SWUM2XX1 book Page 920 Monday October 3 2011 11 05 AM ...

Page 921: ... Group service requirements information This indicates that one or more GMRP participants require Forward all Groups or Forward Unregistered to be the default filtering behavior NOTE The Group Service requirement is not supported Registration of group membership information allow networking devices to be made aware that frames destined for that group MAC address concerned should be forwarded in th...

Page 922: ...are in the path through the active topology between the sources of the frames and the registered group members Commands in this Chapter This chapter explains the following commands gmrp enable Use the gmrp enable command in Global Configuration mode to enable GMRP globally or Interface Configuration mode to enable GMRP on a port Syntax gmrp enable no gmrp enable Parameter Description This command ...

Page 923: ...er Description This command does not require a parameter description Default Configuration GMRP is disabled by default Command Mode Global Configuration and Interface Configuration modes User Guidelines This command has no user guidelines Example console show gmrp configuration Global GMRP Mode Disabled Join Leave LeaveAll Port Interface Timer Timer Timer GMRP Mode centisecs centisecs centisecs Gi...

Page 924: ...ommands Gi1 0 2 20 60 1000 Disabled Gi1 0 3 20 60 1000 Disabled Gi1 0 4 20 60 1000 Disabled Gi1 0 5 20 60 1000 Disabled Gi1 0 6 20 60 1000 Disabled 2CSPC4 XCT SWUM2XX1 book Page 924 Monday October 3 2011 11 05 AM ...

Page 925: ...on It is backward compatible with IGMPv1 and IGMPv2 One router periodically broadcasts IGMP Query messages onto the network Hosts respond to the Query messages by sending IGMP Report messages indicating their group memberships All routers receive the Report messages and note the memberships of hosts on the network If a router does not receive a Report message for a particular group for a period of...

Page 926: ...rces are of interest to neighboring systems for packets sent to any particular multicast address This information gathered by IGMP is provided to the multicast routing protocol that is DVMRP PIM DM and PIM SM that is currently active on the router in order to ensure multicast packets are delivered to all networks where there are interested receivers Commands in this Chapter This chapter explains t...

Page 927: ...ount Use the ip igmp last member query count command in Interface Configuration mode to set the number of Group Specific Queries sent before the router assumes that there are no local members on the interface Syntax ip igmp last member query count Imqc no ip igmp last member query count Imqc Query count Range 1 20 Default Configuration The default last member query count is 2 Command Mode Interfac...

Page 928: ...nterval command in Interface Configuration mode to configure the Maximum Response Time inserted in Group Specific Queries which are sent in response to Leave Group messages Syntax ip igmp last member query interval tenthsofseconds no ip igmp last member query interval tenthsofseconds Maximum Response Time in tenths of a second Range 0 255 Default Configuration The default Maximum Response Time val...

Page 929: ...The query interval determines how fast IGMP Host Query packets are transmitted on this interface Syntax ip igmp query interval seconds no ip igmp query interval seconds Query interval Range 1 3600 Default Configuration The default query interval value is 125 seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example conf...

Page 930: ... response time value is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures a maximum response time interval of one second for VLAN 15 console config interface vlan 15 console config if vlan15 ip igmp query max response time 10 ip igmp robustness Use the ip igmp robustness command in Interface Config...

Page 931: ...r VLAN 15 console config interface vlan 15 console config if vlan15 ip igmp robustness 10 ip igmp startup query count Use the ip igmp startup query count command in Interface Configuration mode to set the number of queries sent out on startup at intervals equal to the startup query interval for the interface Syntax ip igmp startup query count count no ip igmp startup query count count The number o...

Page 932: ... interval Use the ip igmp startup query interval command in Interface Configuration mode to set the interval between general queries sent at startup on the interface Syntax ip igmp startup query interval seconds no ip igmp startup query interval seconds Startup query interval Range 1 300 seconds Default Configuration The default interval value is 31 seconds Command Mode Interface Configuration VLA...

Page 933: ...P for an interface Syntax ip igmp version version version IGMP version Range 1 3 Default Configuration The default version is 3 Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures version 2 of IGMP for VLAN 15 console interface vlan 15 console config if vlan15 ip igmp version 2 show ip igmp Use the show ip igmp...

Page 934: ... IGMP Admin Mode Enabled IGMP Router Alert check Disabled IGMP INTERFACE STATUS Interface Interface Mode Operational Status vlan 3 Enabled Non Operational show ip igmp groups Use the show ip igmp groups command in User EXEC or Privileged EXEC modes to display the registered multicast groups on the interface If detail is specified this command displays the registered multicast groups on the interfa...

Page 935: ...ce vlan 3 detail REGISTERED MULTICAST GROUP DETAILS Version1 Version2 Group Multicast Last Up Expiry Host Host Compat IP Address Reporter Time Time Timer Timer Mode 225 0 0 5 1 1 1 5 00 00 05 00 04 15 00 04 15 v2 show ip igmp interface Use the show ip igmp interface command in Privileged EXEC mode to display the IGMP information for the specified interface Syntax show ip igmp interface interface t...

Page 936: ...nsole show ip igmp vlan 11 Interface 11 IGMP Admin Mode Enable Interface Mode Enable IGMP Version 3 Query Interval secs 125 Query Max Response Time 1 10 of a second 100 Robustness 2 Startup Query Interval secs 31 Startup Query Count 2 Last Member Query Interval 1 10 of a second 10 Last Member Query Count 2 Parameter Description interface type interface number Interface type of VLAN and a valid VLA...

Page 937: ...er Guidelines This command has no user guidelines Examples The following examples display the list of interfaces that have registered in the multicast group at IP address 224 5 5 5 the latter in detail mode console show ip igmp interface membership 224 5 5 5 console config show ip igmp interface membership 224 5 5 5 detail show ip igmp interface stats Use the show ip igmp interface stats command i...

Page 938: ...ser guidelines Examples The following example displays the IGMP statistical information for VLAN 7 console show ip igmp interface stats vlan 7 Querier Status Querier Querier IP Address 7 7 7 7 Querier Up Time secs 55372 Querier Expiry Time secs 0 Wrong Version Queries 0 Number of Joins 7 Number of Groups 1 2CSPC4 XCT SWUM2XX1 book Page 938 Monday October 3 2011 11 05 AM ...

Page 939: ...be quickly reported to overcome leave latency and is designed to be interoperable with Version 1 Commands in this Chapter This chapter explains the following commands ip igmp proxy Use the ip igmp proxy command in Interface Configuration mode to enable the IGMP Proxy on the router To enable the IGMP Proxy on the router multicast forwarding must be enabled and there must be no multicast routing pro...

Page 940: ...p igmp proxy ip igmp proxy reset status Use the ip igmp proxy reset status command in Interface Configuration mode to reset the host interface status parameters of the IGMP Proxy router This command is valid only when IGMP Proxy is enabled on the interface Syntax ip igmp proxy reset status Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mod...

Page 941: ... command is valid only if IGMP Proxy on the interface is enabled Syntax ip igmp proxy unsolicited report interval seconds seconds Unsolicited report interval Range 1 260 seconds Default Configuration The default configuration is 1 second Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets 10 seconds as the unsolicite...

Page 942: ... Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a summary of the host interface status parameters console show ip igmp proxy Interface Index vlan13 Admin Mode Enable Operational Mode Enable Version 3 Number of Multicast Groups 0 Unsolicited Report Interval 1 Querier IP Address on Proxy Interface 0 0 0 0 Older Version 1 Q...

Page 943: ... ip igmp proxy interface Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example fails to display status parameters because IGMP Proxy is not enabled console show ip igmp proxy interface Interface Index vlan13 Ver Query Rcvd Report Rcvd Report Sent Leave Rcvd Leave Sent 1 0 0...

Page 944: ...ines Example The following example attempts to display a table of information about multicast groups that IGMP Proxy reported console show ip igmp proxy groups Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 7 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 48 DELAY MEMBER Exclude 0 show ip igmp proxy groups detail Use the show ip igmp p...

Page 945: ...llowing example displays complete information about multicast groups that IGMP Proxy has reported console show ip igmp proxy groups detail Interface Index vlan13 Group Address Last Reporter Up Time Member State Filter Mode Sources 225 0 1 1 13 13 13 1 26 DELAY MEMBER Exclude 0 225 0 1 2 13 13 13 1 67 DELAY MEMBER Exclude 0 2CSPC4 XCT SWUM2XX1 book Page 945 Monday October 3 2011 11 05 AM ...

Page 946: ...946 IGMP Proxy Commands 2CSPC4 XCT SWUM2XX1 book Page 946 Monday October 3 2011 11 05 AM ...

Page 947: ...on If the destination UDP port for a packet matches any entry on the ingress interface the packet is handled according to the interface configuration If the packet does not match any entry on the ingress interface the packet is handled according to the global IP helper configuration Network administrators can configure discard relay entries Discard entries are used to discard packets received on a...

Page 948: ...f relayed DHCP client packets When a switch receives a broadcast UDP packet on a routing interface the relay agent verifies that the interface is configured to relay to the destination UDP port If so the relay agent unicasts the packet to the configured server IP addresses Otherwise the relay agent verifies that there is a global configuration for the destination UDP port If so the relay agent uni...

Page 949: ...o form of the command to set the maximum hop count to the default value Syntax bootpdhcprelay maxhopcount integer no bootpdhcprelay maxhopcount integer Maximum allowable relay agent hops for BootP DHCP Relay on the system Range 1 16 Default Configuration The default integer configuration is 4 bootpdhcprelay maxhopcount ip helper address global configuration bootpdhcprelay minwaittime ip helper add...

Page 950: ... relay agent receives a BOOTREQUEST message it might use the seconds sinceclient began booting field of the request as a factor in deciding whether to relay the request or not Use the no form of the command to set the minimum wait time to the default value Syntax bootpdhcprelay minwaittime integer no bootpdhcprelay minwaittime integer Minimum wait time for BootP DHCP Relay on the system Range 0 10...

Page 951: ...mode User Guidelines There are no user guidelines for this command Example console clear ip helper statistics ip dhcp relay information check Use the ip dhcp relay information check command to enable DHCP Relay to check that the relay agent information option in forwarded BOOTREPLY messages is valid If an invalid message is received the relay agent drops it This information check will take effect ...

Page 952: ...insert option 82 fields and no other device near the client has the facility to insert options Example The following example enables relay information check globally console config ip dhcp relay information check ip dhcp relay information check reply Use the ip dhcp relay information check reply command to enable DHCP Relay to check that the relay agent information option in forwarded BOOTREPLY me...

Page 953: ...P information options Example The following example enables relay information check on the interface console config interface vlan 10 console config if vlan10 ip dhcp relay information check ip dhcp relay information option Use the ip dhcp relay information option command in Global Configuration mode to enable the circuit ID option and remote agent ID mode for BootP DHCP Relay on the system also c...

Page 954: ...ion insert command in Interface Configuration mode to enable the circuit ID option and remote agent ID mode for BootP DHCP Relay on the interface also called option 82 Use the no form of the command to return the option insert configuration to the default Syntax ip dhcp relay information option insert none no ip dhcp relay information option insert Parameter Description Default Configuration Disab...

Page 955: ...an IP helper entry use the no form of this command Syntax ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time no ip helper address server address dest udp port dhcp domain isakmp mobile ip nameserver netbios dgm netbios ns ntp pim auto rp rip tacacs tftp time server address The IPv4 unicast or directed b...

Page 956: ...for a given port number or to specify multiple port numbers handled by a specific server The command no ip helper address with no arguments clears all global IP helper addresses Example To relay DHCP packets received on any interface to two DHCP servers 10 1 1 1 and 10 1 2 1 use the following commands console config console config ip helper address 10 1 1 1 dhcp console config ip helper address 10...

Page 957: ...kets are sent The server address cannot be an IP address configured on any interface of the local router discard Matching packets should be discarded rather than relayed even if a global ip helper address configuration matches the packet dest udp port A destination UDP port number from 0 to 65535 port name The destination UDP port may be optionally specified by its name Whether a port is specified...

Page 958: ...g interface vlan 5 console config if vlan5 ip helper address 192 168 10 1 dhcp console config if vlan5 ip helper address 192 168 20 1 dhcp To relay both DHCP and DNS packets to 192 168 30 1 use the following commands console config console config interface vlan 5 console config if vlan5 ip helper address 192 168 30 1 dhcp console config if vlan5 ip helper address 192 168 30 1 dns This command take...

Page 959: ...g if vlan5 ip helper address 192 168 40 2 domain console config if vlan5 exit console config interface 2 6 console config if vlan6 ip helper address 192 168 23 1 162 console config if vlan6 ip helper address discard dhcp ip helper enable Use the ip helper enable command to enable relay of UDP packets To disable relay of all UDP packets use the no form of this command Syntax ip helper enable no ip ...

Page 960: ...he show ip helper address command to display the IP helper address configuration Syntax show ip helper address interface interface Optionally specify an interface to limit the output to the configuration of a single interface The interface is identified as vlan vlan id Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Field Descriptio...

Page 961: ...figuration is applied to packets whose destination UDP port is this port Entries whose UDP port is identified as any are applied to packets with the destination UDP ports listed in Table 47 1 Discard If Yes packets arriving on the given interface with the given destination UDP port are discarded rather than relayed Discard entries are used to override global IP helper address entries which otherwi...

Page 962: ...dhcp relay Maximum Hop Count 4 Minimum Wait Time Seconds 0 Circuit Id Option Mode Disable Circuit Id Option Check Mode Enable show ip helper statistics Use the show ip helper statistics command to display the number of DHCP and other UDP packets processed and relayed by the UDP relay agent Syntax show ip helper statistics Default Configuration This command has no default configuration Command Mode...

Page 963: ...essages relayed The number of UDP packets relayed This count includes DHCP messages relayed as well as all other protocols The count is incremented for each server to which a packet is sent DHCP message hop count exceeded max The number of DHCP client messages received whose hop count is larger than the maximum allowed The maximum hop count is a configurable value listed in show ip dhcp relay A lo...

Page 964: ...count exceeded max 0 DHCP message with secs field below min 0 DHCP message with giaddr set to local address 0 Packets with expired TTL 0 Packets that matched a discard entry 0 Packets with expired TTL The number of packets received with TTL of 0 or 1 that might otherwise have been relayed Packets that matched a discard entry The number of packets ignored by the relay agent because they match a dis...

Page 965: ...veral options for the PowerConnect network operator 1 The operator configures multiple next hops to a given destination intending for the router to load share across the next hops 2 The operator configures multiple next hops to a given destination intending for the router to use the primary next hops and only use the other next hops if the primary next hops are unusable The operator distinguishes ...

Page 966: ...h traffic is discarded and the ICMP destination unreachable message is sent back to the source Static reject routes are typically used to prevent routing loops Default Routes PowerConnect routing provides a preference option for the configuration of default routes A configured default route is treated exactly like a static route Therefore default routes and static routes have the same default pref...

Page 967: ...e User Guidelines This command has no user guidelines Example The following example applies SNAP encapsulation for VLAN 15 console config interface vlan 15 console config if vlan15 encapsulation snap ip address Use the ip address command in Interface Configuration mode to configure an IP address on an interface Also use this command to configure one or more secondary IP addresses on the interface ...

Page 968: ...ode User Guidelines This command also implicitly enables the VLAN or loopback interface for routing i e as if the user had issued the routing interface command By default configuring an IP address on a VLAN enables in band management for interfaces configured with that VLAN Setting up an IP address on VLAN 1 enables switch management on all in band interfaces except for those where VLAN 1 is speci...

Page 969: ...P MTU and ignores the value set using the ip mtu command OSPF advertises the IP MTU in the Database Description packets it sends to its neighbors during database exchange If two OSPF neighbors advertise different IP MTUs they will not form an adjacency unless OSPF has been instructed to ignore differences in IP MTU with the ip ospf mtuignore command Syntax ip mtu bytes no ip mtu Parameter Descript...

Page 970: ...oadcasts are forwarded When disabled they are dropped Use the no form of the command to disable the broadcasts Syntax ip netdirbcast no ip netdirbcast Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example defines the IP address and subnet mask for VLAN 15 console c...

Page 971: ...ame destination Syntax ip route ip addr subnetmask prefix length nextHopRtr preference no ip route ip addr subnetmask prefix length nextHopRtr preference ip address IP address of destination interface subnet mask Subnet mask of destination interface prefix length Length of prefix Must be preceded with a forward slash Range 0 32 bits nextHopRtr IP address of the next hop router preference Specifies...

Page 972: ...preference Specifies the preference value a k a administrative distance of an individual static route Range 1 255 Default Configuration Default value of preference is 1 Command Mode Global Configuration mode User Guidelines For routed management traffic 1 Router entries are checked for applicable destinations 2 The globally assigned default gateway is consulted If DHCP is enabled on multiple in ba...

Page 973: ...e of 200 console config ip route default 192 168 10 1 200 ip route distance Use the ip route distance command in Global Configuration mode to set the default distance preference for static routes Lower route preference values are preferred when determining the best route The ip route and ip route default commands allow optional setting of the distance of an individual static route The default dist...

Page 974: ...se the ip routing command in Global Configuration mode To disable IPv4 routing globally use the no form of this command NOTE Enabling or disabling routing will cause in band management connections to be reset Syntax ip routing no ip routing Default Configuration The ip routing default configuration is disabled Command Mode Global Configuration mode User Guidelines Use this command to globally enab...

Page 975: ...ace Syntax routing no routing Default Configuration Disabled is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example enables IPv4 and IPv6 routing for VLAN 15 console config interface vlan 15 console config if vlan15 routing show ip brief Use the show ip brief command in Privileged EXEC mode to di...

Page 976: ...de Disabled IP Forwarding Mode Enabled Maximum Next Hops 2 show ip interface Use the show ip interface command in Privileged EXEC mode to display information about one or more IP interfaces The output shows how each IP address was assigned Syntax show ip interface type number Syntax Description Parameter Description type Interface type loopback out of band or vlan number Interface number Valid onl...

Page 977: ... console show ip interface Default Gateway 0 0 0 0 Burned In MAC Address 001E C9AA AC84 Routing Interfaces Interface State IP Address IP Mask Method Vl1 Down 0 0 0 0 0 0 0 0 None The Method field contains one of the following values DHCP The address is leased from a DHCP server Manual The address is manually configured Field Description DHCP The address is leased from a DHCP server Manual The addr...

Page 978: ...dcasts Disable Proxy ARP Enable Local Proxy ARP Disable Active State Active Link Speed Data Rate 100 Half MAC address 00 11 88 2A 3C B3 Encapsulation Type Ethernet IP MTU 1500 Bandwidth 100000 kbps Destination Unreachables Enabled ICMP Redirects Enabled console show ip interface out of band IP Address 10 131 11 66 Subnet Mask 255 255 255 0 Default Gateway 10 131 11 1 Configured IPv4 Protocol DHCP ...

Page 979: ...o default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays parameters and current state of active routing protocols console show ip protocols Routing Protocol is rip Sending updates every 30 seconds Invalid after 180 seconds hold down 120 flushed after 300 Redistributing RIP Static OSPF Default ver...

Page 980: ...Routing Information Sources Gateway State 176 1 1 2 Full External Preference 60 Internal Preference 20 show ip route Use the show ip route command in Privileged EXEC mode to display the current state of the routing table The output of the command also displays the IPv4 address of the default gateway and the default route associated with the gateway Syntax show ip route ip address mask prefix lengt...

Page 981: ...2 OSPF External Type 2 N1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 Parameter Description ip address Specifies the network for which the route is to be displayed and displays the best matching best route for the address mask Subnet mask of the IP address prefix length Length of prefix in bits Must be preceded with a forward slash Range 0 32 bits longer prefixes Indicates that the ip a...

Page 982: ...hey are reachable or not Syntax show ip route configured Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip route configured Route Codes R RIP Derived O OSPF Derived C Connected S Static B BGP Derived IA OSPF Inter Area E1 OSPF External Type 1 E2 OSPF External Type 2 N1 OSPF N...

Page 983: ...al default gateway using the ip default gateway command creating a default route with a preference of 253 The show ip route preferences command lists the new preference value The show command also displays the preference of default routes learned from a DHCP server Syntax show ip route preferences Default Configuration This command has no default configuration Command Mode Privileged EXEC mode Use...

Page 984: ... table summary including best and non best routes Syntax show ip route summary best Parameter Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Parameter Description best Shows the number of best routes To include the number of all routes do not use this optional parameter 2CS...

Page 985: ...outes 0 Total routes 0 show ip traffic Use the show ip traffic command in User EXEC mode to display IP statistical information Refer to RFC 1213 for more information about the fields that are displayed Syntax show ip traffic Syntax Description This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes 2CSPC...

Page 986: ...rErrors 1 IpInAddrErrors 925 IpForwDatagrams 0 IpInUnknownProtos 0 IpInDiscards 0 IpInDelivers 18467 IpOutRequests 295 IpOutDiscards 0 IpOutNoRoutes 0 IpReasmTimeout 0 IpReasmReqds 0 IpReasmOKs 0 IpReasmFails 0 IpFragOKs 0 IpFragFails 0 IpFragCreates 0 IpRoutingDiscards 0 IcmpInMsgs 3 IcmpInErrors 0 IcmpInDestUnreachs 0 2CSPC4 XCT SWUM2XX1 book Page 986 Monday October 3 2011 11 05 AM ...

Page 987: ...s 3 IcmpOutErrors 0 IcmpOutDestUnreachs 0 IcmpOutTimeExcds 0 IcmpOutParmProbs 0 IcmpOutSrcQuenchs 0 IcmpOutRedirects 0 IcmpOutEchos 3 IcmpOutEchoReps 3 IcmpOutTimestamps 0 IcmpOutTimestampReps 0 IcmpOutAddrMasks 0 show ip vlan Use the show ip vlan command in Privileged EXEC mode to display the VLAN routing information for all VLANs with routing enabled 2CSPC4 XCT SWUM2XX1 book Page 987 Monday Octo...

Page 988: ... EXEC mode User Guidelines This command has no user guidelines Example The following example displays VLAN routing information console show ip vlan MAC Address used by Routing VLANs 00 00 00 01 00 02 VLAN ID IP Address Subnet Mask 10 0 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 0 2CSPC4 XCT SWUM2XX1 book Page 988 Monday October 3 2011 11 05 AM ...

Page 989: ...e Interface VLAN Configuration mode User Guidelines There are no user guidelines for this command ipv6 pim ipv6 pim join prune interval show ipv6 pim bsr router ipv6 pim sparse Global config ipv6 pim register rate limit show ipv6 pim interface ipv6 pim dense ipv6 pim rp address show ipv6 pim neighbor ipv6 pim bsr border ipv6 pim rp candidate show ipv6 pim rp hash ipv6 pim bsr candidate ipv6 pim sp...

Page 990: ...ration IPv6 PIM is disabled by default Command Mode Global Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router Example console config ipv6 pim sparse ipv6 pim dense Use the ipv6 pim dense command in Global configuration mode to administratively configure PIM dense mode for IPv6 multicast routing Use the no form of this command to disable PIM dense mode...

Page 991: ...ter BSR messages from being sent or received through an interface Use the no form of this command to return the configuration to the default Syntax ipv6 pim bsr border no ipv6 pim bsr border Default Configuration BSR messages are enabled on the interface by default Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower values ...

Page 992: ... candidate Command Mode Global Configuration mode User Guidelines All multicast groups with the same hash value correspond to the same RP Lower priority values are preferred Parameter Description vlan id A valid VLAN identifier with multicast routing enabled hash mask len The length of the BSR hash to be AND ed with the multicast group address Range 0 32 Default 0 bsr priority The advertised prior...

Page 993: ...lt Syntax ipv6 pim dr priority priority no ipv6 pim dr priority Parameter Description Default Configuration The default election priority is 1 Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower values are preferred Example console if vlan 10 ipv6 pim dr priority 32768 Parameter Description priority The administratively con...

Page 994: ...terface VLAN Configuration mode User Guidelines There are no user guidelines for this command Example console if vlan 10 ipv6 pim hello interval 20 ipv6 pim join prune interval Use the ipv6 pim join prune interval command to administratively configure the frequency of join prune messages on the specified interface Use the no form of this command to return the join prune interval to the default Syn...

Page 995: ... to set a limit on the maximum number of PIM register messages sent per second for each S G entry Use the no form of this command to return the limit to its default value 0 Syntax ipv6 pim register rate limit register rate limit no ipv6 pim register rate limit Parameter Description Parameter Description interval The number of seconds between successive join prune transmissions Range 0 18000 second...

Page 996: ... RP Syntax ipv6 pim rp address rp address group address group mask override no ipv6 pim rp address rp address group address group mask Parameter Description Default Configuration None There are no static multicast groups configured for an RP Parameter Description rp address The valid IPv6 address for the Rendezvous Point group address A valid multicast group address to be sourced from the Rendezvo...

Page 997: ... pim rp candidate vlan vlan id group address group mask interval interval no ipv6 pim rp candidate vlan vlan id group address group mask Parameter Description Default Configuration None The router does not advertise itself as an RP candidate by default Parameter Description vlan id A valid VLAN identifier with multicast routing enabled group address A valid Multicast group address group mask A mas...

Page 998: ...ortest path on the router Use the no form of this command to return the threshold to its default value 0 Syntax ipv6 pim spt threshold spt threshold no ipv6 pim spt threshold Parameter Description Default Configuration The default threshold rate is 0 This indicates that the multicast router should always switch to the multicast source tree Command Mode Global Configuration mode Parameter Descripti...

Page 999: ...of addresses from the router Syntax ipv6 pim ssm default group address group mask no ipv6 pim ssm default group address group mask Parameter Description Default Configuration There are no group addresses configured by default Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Parameter Description default Defines the SSM range access list to 232 8 ...

Page 1000: ...how ipv6 pimsm Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show ipv6 pimsm Admin Mode Enabled Data Threshold Rate Kbps 1000 Register Threshold Rate Kbps 250 SSM RANGE TABLE Group Address Prefix Length 2CSPC4 XCT SWUM2XX1 book Page 1000 Monday October 3 2011 1...

Page 1001: ...r BSR information Syntax show ipv6 pimsm bsr Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the following table Field Description BSR Address Address of the BSR BSR Priority Configured BSR priority BSR Hash Mask Length Configured hash ...

Page 1002: ... the PIM interface status parameters If the interface number is not specified this command displays the status parameters of all the PIM enabled interfaces Syntax show ipv6 pim interface vlan vlan id Parameter Description Default Configuration There is no default configuration for this command Next Bootstrap Message Remaining time until a BSR message is sent Next Candidate RP Advertisement Time re...

Page 1003: ...r Count 1 Designated Router 2001 db8 85a3 0 0 8a2e 370 7334 Field Description Mode Active PIM protocol Interface Interface number Hello Interval Hello interval value Join prune Interval Join prune interval value DR Priority DR priority configured on this interface BSR Border Whether or not this interface is configured as a BSR border Neighbor Count Number of PIM neighbors learned on this interface...

Page 1004: ... neighbor Use the show ipv6 pim neighbor command to display IPv6 PIM neighbors discovered by PIMv2 Hello messages If the interface number is not specified this command displays the neighbors discovered on all the PIM enabled interfaces Syntax show ipv6 pim neighbor vlan vlan id Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes Par...

Page 1005: ...nterface Uptime Expiry Time HH MM SS HH MM SS 2001 db8 85a3 0 0 8a2e 370 7334 VLAN0001 00 02 55 00 01 15 2001 db8 85a3 0 0 8a2e 370 7334 VLAN0010 00 03 50 00 02 10 If no neighbors are learned on any of the interfaces the following message is displayed No neighbors are learned on any interface Field Description Neighbor Addr IPv6 address of the PIM neighbor Interface Interface number Uptime Time si...

Page 1006: ...Command Mode User EXEC Privileged EXEC modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the following table Example console show ipv6 pim rp hash ff1e abcd fed1 0 RP Address 2001 0db8 0 abcd 1 Type Static Parameter Description group address A valid group IP address supported by RP Field Description RP Address Address of the RP Type Origin from whe...

Page 1007: ...ption Default Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes User Guidelines There are no user guidelines for this command Field descriptions are shown in the following table Example console show ipv6 pim rp mapping candidate Parameter Description rp address IP address of the RP Field Description RP Address Address of the RP Group Addr...

Page 1008: ... Group Mask 24 Origin BSR C RP Advertisement Interval secs 60 Next Candidate RP Advertisement hh mm ss 00 00 15 If no RP Group mapping exist on the router the following message is displayed No RP Group mappings exist on this router 2CSPC4 XCT SWUM2XX1 book Page 1008 Monday October 3 2011 11 05 AM ...

Page 1009: ... does not support stateful address configuration Automated router renumbering is not supported IPv6 is not supported on the service port Commands in this Chapter This chapter explains the following commands clear ipv6 neighbors ipv6 mld query max response time ipv6 route show ipv6 mld proxy groups detail clear ipv6 statistics ipv6 mld router ipv6 route distance show ipv6 mld proxy interface ipv6 a...

Page 1010: ...ent statistics show ipv6 traffic ipv6 mld proxy ipv6 nd ra interval show ipv6 mld groups show ipv6 vlan ipv6 mld proxy reset status ipv6 nd ra lifetime show ipv6 mld interface traceroute ipv6 ipv6 mld proxy unsolicit rprt interval ipv6 nd reachable time show ipv6 mld proxy ipv6 mld query interval ipv6 nd suppress ra show ipv6 mld proxy groups 2CSPC4 XCT SWUM2XX1 book Page 1010 Monday October 3 201...

Page 1011: ...e following example clears all entries in the IPv6 neighbor table console config clear ipv6 neighbors clear ipv6 statistics Use the clear ipv6 statistics command in Privileged EXEC mode to clear IPv6 statistics for all interfaces or for a specific interface including loopback and tunnel interfaces IPv6 statistics display in the output of the show ipv6 traffic command Syntax clear ipv6 statistics v...

Page 1012: ...one is automatically created IPv6 addresses can be expressed in eight blocks Also of note is that instead of a period a colon separates each block For simplification leading zeros of each 16 bit block can be omitted One sequence of 16 bit blocks containing only zeros can be replaced with a double colon but not more than one at a time otherwise it is no longer a unique representation Dropping zeros...

Page 1013: ...AN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example configures an IPv6 address and enables IPv6 processing console config interface vlan 15 console config if vlan15 ipv6 address 2020 1 1 64 ipv6 enable Use the ipv6 enable command in Interface Configuration mode to enable IPv6 routing on an interface including tunnel and loopback interfaces that...

Page 1014: ...config interface vlan 15 console config if vlan15 ipv6 enable ipv6 hop limit Use the ipv6 hop limit command to configure the hop limit used in IPv6 PDUs originated by the router Use the no form of the command to return the hop limit to the default setting Syntax ipv6 hop limit count no ipv6 hop limit Parameter Description Default Configuration The default count is 64 hops Parameter Description cou...

Page 1015: ...obal Configuration mode User Guidelines This command has no user guidelines Example console config ipv6 host Dell 2001 DB8 32 ipv6 mld last member query count The ipv6 mld last member query count command sets the number of listener specific queries sent before the router assumes that there are no local members on the interface Use the no form of this command to set the last member query count to t...

Page 1016: ...ets the last member query interval for the MLD interface which is the value of the maximum response time parameter in the group specific queries sent out of this interface Use the no form of this command to set the last member query interval to the default Syntax ipv6 mld last member query interval last member query interval no ipv6 mld last member query interval last member query interval The las...

Page 1017: ... the router Use the no form of this command to disable MLD Proxy Syntax ipv6 mld proxy no ipv6 mld proxy Default Configuration MLD Proxy is disabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld proxy ipv6 mld proxy reset status Use the ipv6 mld proxy reset status command to reset the...

Page 1018: ... the unsolicited report interval for the MLD Proxy router This command is only valid when MLD Proxy is enabled on the interface Use the no form of this command to reset the MLD Proxy router s unsolicited report interval to the default value Syntax ipv6 mld proxy unsolicited report interval interval no ipv6 mld proxy unsolicited report interval interval The interval between unsolicited reports Rang...

Page 1019: ...sent when the router is querying on that interface Use the no form of this command to set the query interval to the default Syntax ipv6 mld query interval query interval no ipv6 mld query interval query interval Query interval Range 1 3600 Default Configuration The default query interval is 125 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for ...

Page 1020: ...onse time query max response time Maximum query response time Range 1 65535 milliseconds Default Configuration The default query maximum response time is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan3 ipv6 mld query max response time 4500 ipv6 mld router The ipv6 mld router command is used to e...

Page 1021: ... in Interface Configuration mode to set the maximum transmission unit MTU size in bytes of IPv6 packets on an interface This command replaces the default MTU with a new MTU value The IPv6 MTU is only observed for packets originating on the switch Packets forwarded by the hardware ignore the IPv6 MTU Syntax ipv6 mtu bytes no ipv6 mtu Parameter Description Parameter Description bytes The maximum tra...

Page 1022: ...pv6 mtu 1300 ipv6 nd dad attempts Use the ipv6 nd dad attempts command in Interface Configuration mode to set the number of duplicate address detection probes transmitted while doing neighbor discovery Duplicate address detection verifies that an IPv6 address on an interface is unique Syntax ipv6 nd dad attempts value no ipv6 nd dad attempts Parameter Description Default Configuration The default ...

Page 1023: ...config flag Use the ipv6 nd managed config flag command in Interface Configuration mode to set the managed address configuration flag in router advertisements When the value is true end nodes use DHCPv6 When the value is false end nodes automatically configure addresses Syntax ipv6 nd managed config flag no ipv6 nd managed config flag Default Configuration False is the default configuration Comman...

Page 1024: ...val is unspecified Syntax ipv6 nd ns interval milliseconds no ipv6 nd ns interval milliseconds Interval duration Range 0 1000 4294967295 Default Configuration 0 is the default value for milliseconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the interval between router advertisements for adve...

Page 1025: ...lines This command has no user guidelines Example The following example sets to true the other stateful configuration flag in router advertisements console config interface vlan 15 console config if vlan15 ipv6 nd other config flag ipv6 nd prefix Use the ipv6 nd prefix command to configure parameters associated with prefixes that the router advertises in its router advertisements Syntax ipv6 nd pr...

Page 1026: ...command to configure these values The ipv6 nd prefix command will allow you to preconfigure RA prefix values before you configure the associated interface address In order for the prefix to be included in RAs you must configure an address that matches the prefix using the ipv6 address command Prefixes specified using ipv6 nd prefix without an associated interface address will not be included in RA...

Page 1027: ...6 nd ra interval maximum The maximum interval duration Range 4 1800 seconds minimum The minimum interval duration Range 3 0 75 maximum seconds Default Configuration 600 is the default value for seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines The minimum interval cannot be larger than 75 of the maximum interval Example The following example sets the transmissi...

Page 1028: ...ed as the default router Range 0 9000 Default Configuration 1800 is the default value for seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets at 1000 seconds the value that is placed in the Router Lifetime field of the router advertisements console config interface vlan 15 console config if vl...

Page 1029: ...is command has no user guidelines Example The following example sets the router advertisement time at 5000 milliseconds to consider a neighbor reachable after neighbor discovery confirmation console config interface vlan 15 console config if vlan15 ipv6 nd reachable time 5000 ipv6 nd suppress ra Use the ipv6 nd suppress ra command in Interface Configuration mode to suppress router advertisement tr...

Page 1030: ...or a route Using the no ipv6 route distance form causes the system to use the system default administrative distance Syntax ipv6 route distance ipv6 route ipv6 prefix prefix length ipv6 address interface type ipv6 address preference no ipv6 route ipv6 prefix prefix length ipv6 address preference no ipv6 route ipv6 prefix prefix length interface type ipv6 address no ipv6 route ipv6 prefix prefix le...

Page 1031: ...ands Changing the default distance does not update prefix length The length of the IPv6 prefix a decimal value usually 0 64 that shows how many of the high order contiguous bits of the address comprise the prefix the network portion of the address A slash mark must separate the prefix from the prefix length with no spaces on either side of the slash mark interface type Distinguishes direct static ...

Page 1032: ...lt Configuration Default value of integer is 1 Command Mode Global Configuration mode User Guidelines Lower route distance values are preferred when determining the best route Example The following example sets the default distance to 80 console config ipv6 route distance 80 ipv6 unicast routing Use the ipv6 unicast routing command in Global Configuration mode to enable forwarding of IPv6 unicast ...

Page 1033: ...nd running on top of TCP IP The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN VLAN 1 as long as there is a physical path between the switch and the workstation The terminal interface sends three pings to the target station Syntax ping ipv6 ip address hostname size size ipv6 address Target IPv6 address to ping hostname Hostname to ping cont...

Page 1034: ...op of TCP IP The switch can be pinged from any IP workstation with which the switch is connected through the default VLAN VLAN 1 as long as there is a physical path between the switch and the workstation The terminal interface sends three pings to the target station Use the interface keyword to ping an interface by using the link local address or the global IPv6 address of the interface The source...

Page 1035: ...ace loopback 1 FE80 202 BCFF FE00 3068 128 Send count 3 Receive count 0 from FE80 202 BCFF FE00 3068 128 Average round trip time 0 00 ms show ipv6 brief Use the show ipv6 brief command in Privileged EXEC mode to display the IPv6 status of forwarding mode and IPv6 unicast routing mode Syntax show ipv6 brief Default Configuration This command has no default configuration Command Mode Privileged EXEC...

Page 1036: ...f the command includes the method of assignment for each IPv6 address that is either autoconfigured or leased from a DHCP server Global addresses with no annotation are assumed to be manually configured Syntax show ipv6 interface brief loopback loopback id tunnel tunnel id vlan vlan id prefix Syntax Description Default Configuration Displays all IPv6 interfaces Command Mode User EXEC Privileged EX...

Page 1037: ...abled FE80 211 88FF FE2A 3E3C 128 2033 211 88FF FE2A 3E3C 64 Vl5 Enabled FE80 211 88FF FE2A 3E3C 128 2017 A42A 26DB 1049 43DD 128 DHCP Vl7 Enabled FE80 211 88FF FE2A 3E3C 128 2001 211 88FF FE2A 3E3C 64 AUTO Vl9 Disabled FE80 211 88FF FE2A 3E3C 128 TENT The Method column shows one of the following values Auto The IPv6 address was automatically generated using IPv6 auto address configuration RFC 246...

Page 1038: ...t Unit 1500 Router Duplicate Address Detection Transmits 1 Address Autoconfigure Mode Disabled Address DHCP Mode Enabled Router Advertisement NS Interval 0 Router Advertisement Lifetime 1800 Router Advertisement Reachable Time 0 Router Advertisement Interval 600 Router Advertisement Managed Config Flag Disabled Router Advertisement Other Config Flag Disabled Router Advertisement Router Preference ...

Page 1039: ...nsole show ipv6 interface management statistics DHCPv6 Client Statistics DHCPv6 Advertisement Packets Received 0 DHCPv6 Reply Packets Received 0 Received DHCPv6 Advertisement Packets Discard 0 Received DHCPv6 Reply Packets Discarded 0 DHCPv6 Malformed Packets Received 0 Total DHCPv6 Packets Received 0 DHCPv6 Solicit Packets Transmitted 0 DHCPv6 Request Packets Transmitted 0 DHCPv6 Renew Packets Tr...

Page 1040: ... display vlan id A valid VLAN id Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The following fields are displayed as a table when vlan vlan id is specified Field Description Number of G entries Displays the number of groups present in the MLD Table Number of S G entries Displays the number of include and exclude mode sour...

Page 1041: ...s removed from the MLD membership table of this interface Last Reporter The IP Address of the source of the last membership report received for this multicast group address on that interface Filter Mode The filter mode of the multicast group on this interface The values it can take are INCLUDE and EXCLUDE Compatibility Mode The compatibility mode of the multicast group on this interface The values...

Page 1042: ...Host Timer Group compat mode v2 Source Address ExpiryTime 4001 6 00 03 15 4001 7 00 03 15 4001 8 00 03 15 console show ipv6 mld groups vlan 6 Group Address FF1E 1 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss Group Address FF1E 2 Interface vlan 6 Up Time hh mm ss 00 04 23 Expiry Time hh mm ss 2CSPC4 XCT SWUM2XX1 book Page 1042 Monday October 3 2011 11 05 AM ...

Page 1043: ...s used to display MLD related information for an interface Syntax show ipv6 mld interface vlan vlan id all vlan id A valid VLAN id Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines The following information is displayed for the specified interface Field Description Interface The interface number in unit slot port format 2CSPC...

Page 1044: ...tached to the interface Startup Query Interval This value indicates the configured interval between General Queries sent by a Querier on startup Startup Query Count This value indicates the configured number of Queries sent out on startup separated by the Startup Query Interval Last Member Query Interval This value indicates the configured Maximum Response Time inserted into Group Specific Queries...

Page 1045: ...show ipv6 mld proxy command to display a summary of the host interface status parameters Querier Expiry Time Time left in seconds before the Querier losses its title as querier Wrong Version Queries Indicates the number of queries received whose MLD version does not match the MLD version of the interface Number of Joins The number of times a group membership has been added on this interface Number...

Page 1046: ...or disabled This is a status parameter Version The present MLD host version that is operational on the proxy interface Number of Multicast Groups The number of multicast groups that are associated with the MLD Proxy interface UnsolicitedReport Interval The time interval at which the MLD Proxy interface sends unsolicited group membership reports Querier IP Address on Proxy Interface The IP address ...

Page 1047: ...oups Use the show ipv6 mld proxy groups command to display information about multicast groups that the MLD Proxy reported Syntax show ipv6 mld proxy groups Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines The following parameters are displayed by this command Field Description Interface The MLD Proxy interface Group Address The I...

Page 1048: ... groups detail Default Configuration There is no default configuration for this command Last Reporter The IP address of the host that last sent a membership report for the current group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the l...

Page 1049: ...nt group on the network attached to the MLD Proxy interface upstream interface Up Time in secs The time elapsed in seconds since last created Member State Possible values are Idle_Member The interface has responded to the latest group membership query for this group Delay_Member The interface is going to send a group membership report to respond to a group membership query for this group Filter Mo...

Page 1050: ...iry Time 4001 1 00 03 40 5002 2 00 03 40 4001 2 00 03 40 5002 2 00 03 40 show ipv6 mld proxy interface Use the show ipv6 mld proxy interface command to display a detailed list of the host interface status parameters Syntax show ipv6 mld proxy interface Default Configuration There is no default configuration for this command Command Mode Privileged EXEC User Guidelines The following parameters are ...

Page 1051: ...or the router Syntax show ipv6 mld traffic Default Configuration There is no default configuration for this command Parameter Description Interface The MLD Proxy interface Parameter Description Ver The MLD version Query Rcvd Number of MLD queries received Report Rcvd Number of MLD reports received Report Sent Number of MLD reports sent Leaves Rcvd Number of MLD leaves received Valid for version 2 ...

Page 1052: ...ueries Received The number of valid MLD queries received by the router Queries Sent The number of valid MLD queries sent by the router Reports Received The number of valid MLD reports received by the router Reports Sent The number of valid MLD reports sent by the router Leaves Received The number of valid MLD leaves received by the router Leaves Sent The number of valid MLD leaves sent by the rout...

Page 1053: ... This command has no arguments or keywords Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays information about the IPv6 neighbors console config show ipv6 neighbors Neighbor Last IPv6 Address MAC Address isRtr State Updated Interface 2CSPC4 XCT SWUM2...

Page 1054: ...meter Description ipv6 address Specifies an IPv6 address for which the best matching route would be displayed protocol Specifies the protocol that installed the routes Is one of the following keywords connected ospf static ipv6 prefix prefix length Specifies an IPv6 network for which the matching route would be displayed interface type interface number Valid IPv6 interface Specifies that the route...

Page 1055: ...ype 2 Default gateway is 10 1 20 1 S 0 0 0 0 0 254 0 via 10 1 20 1 C 10 1 20 0 24 0 1 directly connected vlan2 C 20 1 20 0 24 0 1 directly connected vlan4 show ipv6 route preferences Use the show ipv6 route preferences command in Privileged EXEC mode to show the preference value associated with the type of route Lower numbers have a greater preference Syntax show ipv6 route preferences Default Con...

Page 1056: ...se the show ipv6 route summary command in Privileged EXEC mode to display a summary of the routing table for all routes including best and non best routes Use best to display the count summary for only best routes Syntax show ipv6 route summary best best Displays the count summary for only best routes Default Configuration This command has no default configuration Command Mode User EXEC Privileged...

Page 1057: ...raffic Use the show ipv6 traffic command in User EXEC mode to show traffic and statistics for IPv6 and ICMPv6 Syntax show ipv6 traffic vlan vlan id tunnel tunnel id loopback loopback id vlan id Valid VLAN ID shows information about traffic on a specific interface or without the optional parameter shows information about traffic on all interfaces tunnel Tunnel identifier Range 0 7 loopback Loopback...

Page 1058: ...der Errors 0 Received Datagrams Discarded Due To MTU 0 Received Datagrams Discarded Due To No Route 0 Received Datagrams With Unknown Protocol 0 Received Datagrams Discarded Due To Invalid Address 0 Received Datagrams Discarded Due To Truncated Data 0 Received Datagrams Discarded Other 0 Received Datagrams Reassembly Required 0 Datagrams Successfully Reassembled 0 Datagrams Failed To Reassemble 0 ...

Page 1059: ... Datagrams Discarded Due To No Route 0 Received Datagrams With Unknown Protocol 0 Received Datagrams Discarded Due To Invalid Address 0 Received Datagrams Discarded Due To Truncated Data 0 Received Datagrams Discarded Other 0 Received Datagrams Reassembly Required 0 Datagrams Successfully Reassembled 0 Datagrams Failed To Reassemble 0 Datagrams Forwarded 0 Datagrams Locally Transmitted 0 Datagrams...

Page 1060: ...ed EXEC mode User Guidelines This command has no user guidelines Example The following example displays IPv6 VLAN routing interface addresses console show ipv6 vlan MAC Address used by Routing VLANs 00 02 BC 00 30 68 VLAN ID IPv6 Address Prefix Length 1 traceroute ipv6 Use the traceroute ipv6 command in Privileged EXEC mode to discover the routes that packets actually take when traveling to their ...

Page 1061: ... used as the destination of packets sent as part of the traceroute This port should be an unused port on the destination system Range 0 65535 Default Configuration 33434 is the default port value Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example discovers the packet routes on a hop by hop basis console traceroute ipv6 2020 1 1 Traci...

Page 1062: ...1062 IPv6 Routing Commands 2CSPC4 XCT SWUM2XX1 book Page 1062 Monday October 3 2011 11 05 AM ...

Page 1063: ...is typically expected to be used by routing protocols Support for the internal loopback address if present is limited to testing the IP stack Commands in this Chapter This chapter explains the following commands interface loopback Use the interface loopback command in Global Configuration mode to enter the Interface Loopback configuration mode Syntax interface loopback loopback id no interface loo...

Page 1064: ...es of data Reply From 192 168 22 1 icmp_seq 0 time 10 msec Reply From 192 168 22 1 icmp_seq 1 time 10 msec Reply From 192 168 22 1 icmp_seq 2 time 10 msec Reply From 192 168 22 1 icmp_seq 3 time 10 msec show interfaces loopback Use the show interfaces loopback command in Privileged EXEC mode to display information about one or all configured loopback interfaces Syntax show interfaces loopback loop...

Page 1065: ... display information about configured loopback interfaces console show interfaces loopback Loopback Id Interface IP Address Received Packets Sent Packets 1 loopback 1 0 0 0 0 0 0 console show interfaces loopback 1 Interface Link Status Up IP Address 0 0 0 0 0 0 0 0 MTU size 1500 bytes 2CSPC4 XCT SWUM2XX1 book Page 1065 Monday October 3 2011 11 05 AM ...

Page 1066: ...1066 Loopback Interface Commands 2CSPC4 XCT SWUM2XX1 book Page 1066 Monday October 3 2011 11 05 AM ...

Page 1067: ...umber of applications are required to transmit packets to hundreds of stations The packets transmitted to these stations share a group of links on their paths to their destinations Multicast transmission can conserve much needed network bandwidth since multicasting transmission requires the transmission of only a single packet by the source and replicates this packet only if it is necessary at for...

Page 1068: ...le membership maintenance is managed efficiently through multicasting Commands in this Chapter This chapter explains the following commands ip mcast boundary ip pim dr priority ip pim spt threshold show ip mcast mroute static ip mroute ip pim hello interval show bridge multicast address table count show ip pim bsr router ip multicast ip pim join prune interval show ip multicast show ip pim interfa...

Page 1069: ...Valid range is 239 0 0 0 to 239 255 255 255 mask IP mask of multicast group Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example adds an administrative scope multicast boundary console config interface vlan 15 console config if vlan15 ip mcast boundary 239 5 5...

Page 1070: ...e no user guidelines for this command Example console config console config ip mroute 1 1 1 1 255 255 0 0 192 168 20 1 34 ip multicast Use the ip multicast command in Global Configuration mode to set the administrative mode of the IP multicast forwarder in the router to active For multicast routing to become operational IGMP must be currently enabled An error message is displayed on the CLI if mul...

Page 1071: ...lticast ttl threshold Use the ip multicast ttl threshold command in Interface Configuration mode to apply a ttlvalue to a routing interface ttlvalue is the TTL threshold which is applied to the multicast Data packets forwarded through the interface Syntax ip multicast ttl threshold ttlvalue no ip multicast ttl threshold ttlvalue Specifies TTL threshold Range 0 255 Default Configuration This comman...

Page 1072: ...n mode to administratively configure PIM mode for IP multicast routing on a VLAN interface Use the no form of the command to disable PIM on the interface Syntax ip pim no ip pim Default Configuration PIM is not enabled on interfaces by default Command Mode Interface VLAN Configuration mode User Guidelines PIM requires that routing multicast and IGMP be enabled Example console config ip routing con...

Page 1073: ... enabled on the interface by default Command Mode Interface VLAN Configuration mode User Guidelines This command only has an effect if sparse mode is enabled Lower values are preferred Example console if vlan 10 ip pim bsr border ip pim bsr candidate The ip pim bsr candidate command is used to configure the router to advertise itself as a bootstrap router BSR Use the no form of this command to ret...

Page 1074: ...Lower priority values are preferred Example console config ip pim bsr candidate vlan 10 16 0 interval 30 Parameter Description vlan id A valid VLAN identifier with multicast routing enabled hash mask length Length of the BSR hash to be ANDed with the multicast group address Range 0 32 bits Default 0 bsr priority The advertised priority of the BSR candidate Range 0 255 Default 0 interval Optional I...

Page 1075: ...bal Configuration mode User Guidelines Only one of sparse or dense mode can be configured on a router Example console config ip pim dense ip pim dr priority The ip pim dr priority command in Interface VLAN Configuration mode to administratively configure the advertised designated router DR priority value Use the no form of this command to return the configuration to the default Syntax ip pim dr pr...

Page 1076: ... the frequency of PIM Hello messages on the specified interface Use the no form of this command to return the configuration to the default This command deprecates the ip pimsm query interval the ip pimsm hello interval and the ip pimdm hello interval commands Syntax ip pim hello interval interval no ip pim hello interval interval The number of seconds between successive hello transmissions Range 0...

Page 1077: ...o the default This command deprecates the ip pimsm message interval and ip pimsm join prune interval commands Syntax ip pim join prune interval interval no ip pim join prune interval interval The number of seconds between successive join prune transmissions Range 0 18000 seconds Default is 60 Default Configuration The default join prune interval is 60 seconds Command Mode Interface VLAN Configurat...

Page 1078: ...efault threshold is 0 This indicates that the register limit is infinite Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console config ip pim register rate limit 10 ip pim rp address Use the ip pim rp address command in Global Configuration mode to define the address of a PIM Rendezvous point RP for a specific multicast group range Use the no for...

Page 1079: ...e to configure the router to advertise itself to the bootstrap router BSR router as a PIM candidate rendezvous point RP for a specific multicast group range Use the no form of this command to return to the default configuration This command replaces the ip pimsm rp candidate command Parameter Description rp address The valid IPv4 address for the rendezvous point group address A valid multicast gro...

Page 1080: ...se the ip pim sparse command in Global Configuration mode to administratively configure PIM sparse mode for IP multicast routing Use the no form of this command to disable PIM sparse mode This command replaces the ip pimsm command Parameter Description vlan id A valid VLAN identifier with multicast routing enabled group address A valid multicast group address group mask A mask indicating the range...

Page 1081: ...y configure PIM source specific multicast range of addresses for IP multicast routing Use the no form of this command to remove configured ranges of addresses from the router Syntax ip pim ssm default group address group mask no ip pim ssm default group address group mask Parameter Description Parameter Description default Defines the SSM range access list to 232 8 group address An IP multicast gr...

Page 1082: ... the last hop router to switch to the shortest path on the router Use the no form of this command to return the threshold to its default value 0 Syntax ip pim spt threshold spt threshold no ip pim spt threshold Parameter Description Default Configuration The default threshold is 0 This indicates that the multicast router should always switch to the multicast source tree Command Mode Global Configu...

Page 1083: ...ulticast address table Syntax show bridge multicast address table count Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following command shows information about the entries in the multicast address table console show bridge multicast address table count Capacity 1024 Used 4 Static add...

Page 1084: ...ed EXEC modes User Guidelines This command has no user guidelines Field Description Capacity The maximum number of addresses that can be stored in the multicast address table Used The total number of addresses in the multicast address table Static addresses The number of addresses in the multicast address table that are static IP addresses Dynamic addresses The number of addresses in the multicast...

Page 1085: ...d EXEC mode to display all the configured administrative scoped multicast boundaries Syntax show ip mcast boundary vlan vlan id all vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all the configured administrative scoped multicast bounda...

Page 1086: ... Show information for all multicast interfaces Command Mode User EXEC Privileged EXEC modes User Guidelines This command has no user guidelines Example The following example displays the multicast information for VLAN 15 console show ip mcast interface vlan 15 Interface TTL Parameter Description type number Interface type and number for which to display IP multicast information VLAN Vlan ID is the...

Page 1087: ...all the details of the multicast table console show ip mcast mroute summary console show ip mcast mroute detail show ip mcast mroute group Use the show ip mcast mroute group command in Privileged EXEC mode to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mro...

Page 1088: ...se the show ip mcast mroute source command in Privileged EXEC mode to display the multicast configuration settings such as flags timer settings incoming and outgoing interfaces RPF neighboring routers and expiration times of all the entries in the multicast mroute table containing the sourceipaddr or sourceipaddr groupipaddr pair value s Syntax show ip mcast mroute source sourceipaddr summary grou...

Page 1089: ...e static routes configured in the static mcast table if it is specified or display the static route associated with the particular sourceipaddr Syntax show ip mcast mroute static sourceipaddr sourceipaddr IP address of source Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following ex...

Page 1090: ... no default configuration for this command Command Mode User EXEC Privileged EXEC mode User Guidelines The following information is displayed Field Description BSR address IP address of the BSR BSR Priority The configured BSR priority BSR Hash Mask Length The configured hash mask length 32 bits maximum Next Bootstrap Message in Time remaining in hours minutes and seconds until a BSR message is sen...

Page 1091: ...he interface number is not is specified the command displays the status parameters of all the PIM enabled interfaces This command deprecates the show ip pimsm interface stats show ip pimsm interface and show ip pimdm interface commands Syntax show ip pimsm interface vlan vlan id vlan id A valid VLAN ID for which multicast routing has been enabled Field Descriptions Field Description Mode Active PI...

Page 1092: ...Hello Interval secs 30 Join Prune Interval secs 60 DR Priority 1 BSR Border Disabled Neighbor Count1 Designated Router 192 168 10 1 Interface VLAN0001 Mode Sparse Hello Interval secs 30 BSR Border Whether or not this interface is configured as a BSR Border Neighbor Count Number of PIM Neighbors learnt on this interface Designated Router IP address of the elected DR on the interface Field Descripti...

Page 1093: ...ghbors discovered by PIMv2 Hello messages If the interface number is not specified this command displays the neighbors discovered on all the PIM enabled interfaces Syntax show ip pim neighbor vlan vlan id vlan id A valid VLAN ID for which multicast routing has been enabled Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC modes User Guidelines T...

Page 1094: ...0 00 03 50 00 02 10 If no neighbors are learned on any of the interfaces the following message is displayed No neighbors are learned on any interface show ip pim rp hash The show ip pim rp hash command displays the rendezvous point RP selected for the specified group address Syntax show ip pim rp hash group address Interface Interface number Uptime Time since the neighbor is learned Expiry Time Ti...

Page 1095: ...wing message is displayed No RP Group mappings exist learned on this router ny interface show ip pim rp mapping The show ip pim rp mapping command is used in User EXEC and Privileged EXEC modes to display the mappings for the PIM group to the active rendezvous points This command deprecates the show ip pimsm rp candidate show ip pimsm staticrp show ip pimsm rp mapping commands Syntax show ip pim r...

Page 1096: ...0 1 Group Address 224 1 2 1 Group Mask 255 255 0 0 Origin BSR C RP Advertisement Interval secs 60 Next Candidate RP Advertisement hh mm ss 00 00 15 If no RP Group mapping exists on the router the following message is displayed No RP Group mappings exist on this router Field Description RP Address Address of the RP Group Address Address of the multicast group Group Mask Mask for the group address O...

Page 1097: ...ing occurs if a source and destination are in the same area Inter area routing occurs when a source and destination are in different areas An OSPF backbone distributes information between areas For IPv4 networks PowerConnect routing supports OSPF version 2 in accordance with RFC 2328 The PowerConnect routing also provides a compatibility mode for the RFC 1583 OSPF specification which allows intero...

Page 1098: ...The RIP preference is not used in IPv6 routing OSPF Equal Cost Multipath ECMP A device running the IP routing protocol OSPF maintains multiple equal cost routes to all destinations The multiple routes are of the same type intra area inter area type 1 external or type 2 external cost and have the same associated area However each route is defined by a separate advertising router and next hop With E...

Page 1099: ...oute to 20 0 0 0 8 with two next hops All next hops within an ECMP route must be provided by the same source On StrataXGS IV platforms the ECMP hashing support is extended to Enhanced hashing mode which provides improved load balancing performance ECMP hashing on these platforms has the following features MODULO N operation based on the number N of next hops in the route Packet attributes selectio...

Page 1100: ...ckets through the restarting router The restarting router relearns the network topology from its helpful neighbors PowerConnect implements both the restarting router and helpful neighbor features described in RFC 3623 Commands in this Chapter This chapter explains the following commands area default cost Router OSPF bandwidth ip ospf network show ip ospf area area nssa Router OSPF capability opaqu...

Page 1101: ...rea stub enable nsf helper strict lsa checking show ip ospf range area stub no summary exit overflow interval nsf restart interval show ip ospf statistics area virtual link external lsdb limit passive interface default show ip ospf stub table area virtual link authentication ip ospf area passive interface show ip ospf virtual link area virtual link dead interval ip ospf authentication redistribute...

Page 1102: ...command creates the area and then applies the NSSA distinction If the area already exists the NSSA distinction is added or modified Use the no form of the command to remove the NSSA distinction from the specified area ID Syntax area area id nssa no redistribution default information originate metric metric value metric type metric type value no summary translator role role translator stab intv int...

Page 1103: ...ry LSAs are not advertised into the NSSA metric value Specifies the metric of the default route advertised to the NSSA Range 1 16777214 metric type value The metric type can be one of the following 1 A metric type of nssa external 1 2 A metric type of nssa external 2 default role The translator role where role is one of the following always The router assumes the role of the translator when it bec...

Page 1104: ... info originate integer comparable non comparable no area area id nssa default info originate area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 integer Specifies the metric of the default route advertised to the NSSA Range 1 16777214 comparable A metric type of nssa external 1 non comparable A metric type of nssa external 2 Default Configuration If no metr...

Page 1105: ...rea id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 Default Configuration This command has no default configuration Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the NSSA ABR console config router area 20 nssa no redistribute area nssa no summary Use the area nssa no su...

Page 1106: ...nfig router area 20 nssa no summary area nssa translator role Use the area nssa translator role command in Router OSPF Configuration mode to configure the translator role of the NSSA Syntax area area id nssa translator role always candidate no area area id nssa translator role area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 always The router assumes the ...

Page 1107: ...mode to configure the translator stability interval of the NSSA Syntax area area id nssa translator stab intv integer no area area id nssa translator stab intv area id Identifies the OSPF NSSA to configure Range IP address or decimal from 0 4294967295 integer The period of time that an elected translator continues to perform its duties after it determines that its translator status has been depose...

Page 1108: ...LSA Also an area range can be configured at the edge of an NSSA to summarize external routes reachable within the NSSA The range is advertised as a type 5 external LSA Syntax area area id range ip address subnet mask summarylink nssaexternallink advertise not advertise no area area id range ip address subnet mask summarylink nssaexternallink Parameter Description Parameter Description area id Iden...

Page 1109: ...cified area ID A stub area is characterized by the fact that AS External LSAs are not propagated into the area Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area Use the no form of the command to remove the stub area Syntax area area id stub no area area id stub area id Identifies the area identifier of the OSPF stub Range IP...

Page 1110: ...SPF Configuration mode to prevent Summary LSAs from being advertised into the NSSA Use the no form of the command to return the Summary LSA mode to the default value Syntax area area id stub no summary no area area id stub no summary area id Identifies the OSPF area to configure Range IP address or decimal from 0 4294967295 Default Configuration Disabled is the default configuration Command Mode R...

Page 1111: ...tax area area id virtual link router id authentication message digest null hello interval seconds retransmit interval seconds transmit delay seconds dead interval seconds authentication key key message digest key key id md5 key no area area id virtual link router id authentication message digest null hello interval retransmit interval transmit delay dead interval authentication key message digest ...

Page 1112: ...me it takes to transmit from the interface Range 0 3600 md5 Use MD5 Encryption for an OSPF Virtual Link key Authentication key for the specified interface Range 8 bytes or less if the authentication type is simple and 16 bytes or less if the type is encrypt key id Authentication key identifier for the authentication type encrypt Range 0 255 Parameter Default area id No area ID is predefined router...

Page 1113: ...h MD5 authentication router ospf network 10 50 50 0 0 0 0 255 area 10 area 10 0 0 0 virtual link 10 3 4 5 message digest key 100 md5 test123 area virtual link authentication Use the area virtual link authentication command in Router OSPF Configuration mode to configure the authentication type and key for the OSPF virtual interface identified by the area ID and neighbor ID Use the no form of the co...

Page 1114: ...meters are specified after the authentication keyword then plain text password authentication is used Example The following example configures the authentication type and key for the area 10 OSPF virtual interface and neighbor ID console config router area 10 virtual link 192 168 2 7 authentication console config router area 10 virtual link 192 168 2 7 authentication encrypt test123 1001010 area v...

Page 1115: ...er Guidelines This command has no user guidelines Example The following example configures the dead interval for the area 10 OSPF virtual interface on the virtual interface and neighbor router console config router area 10 virtual link 192 168 2 2 dead interval 655555 area virtual link hello interval Use the area virtual link hello interval command in Router OSPF Configuration mode to configure th...

Page 1116: ...second wait interval console config router area 10 virtual link 192 168 2 2 hello interval 50 area virtual link retransmit interval Use the area virtual link retransmit interval command in Router OSPF Configuration mode to configure the retransmit interval for the OSPF virtual interface on the virtual interface identified by the area ID and neighbor ID Use the no form of the command to return the ...

Page 1117: ...a virtual link transmit delay command in Router OSPF Configuration mode to configure the transmit delay for the OSPF virtual interface identified by the area ID and neighbor ID Use the no form of the command to return the transmit delay to the default value Syntax area area id virtual link neighbor id transmit delay seconds no area area id virtual link neighbor id transmit delay area id Identifies...

Page 1118: ...interface bandwidth where interface bandwidth is defined by the bandwidth command Because the default reference bandwidth is 100 Mbps OSPF uses the same default link cost for all interfaces whose bandwidth is 100 Mbps or greater To change the reference bandwidth use the auto cost command specifying the reference bandwidth in megabits per second The different reference bandwidth can be independentl...

Page 1119: ...dth The bandwidth is specified in kilobits per second If no bandwidth is configured the bandwidth defaults to the actual interface bandwidth for port based routing interfaces and to 10 Mbps for VLAN routing interfaces This command does not affect the actual speed of an interface Syntax bandwidth bw bw Interface bandwidth in Kbps Range 1 10000000 Default Configuration The default reference bandwidt...

Page 1120: ...onsole config router capability opaque clear ip ospf Use the clear ip ospf command to reset specific OSPF states If no parameters are specified OSPF is disabled and then re enabled Syntax clear ip ospf configuration redistribution counters neighbor interface vlan vlan id neighbor id configuration Reset the OSPF configuration to factory defaults redistribution Flush all self originated external LSA...

Page 1121: ...ed EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows the options for the clear ip ospf command console clear ip ospf cr Press enter to execute the command configuration Restore OSPF configuration to defaults counters Clear OSPF counters neighbor Bounce all OSPF neighbors redistribution Flush and reoriginate external LSAs compatible rfc1583 ...

Page 1122: ...abled Example The following example enables 1583 compatibility console config router compatible rfc1583 default information originate Use the default information originate command in Router OSPF Configuration mode to control the advertisement of default routes Use the no form of the command to return the default route advertisement settings to the default value Syntax default information originate...

Page 1123: ...iguration mode to set a default for the metric of distributed routes Use the no form of the command to remove the metric from the distributed routes If the area has not been previously created it is created by this command If the area already exists the default metric information is added or modified Syntax default metric metric value no default metric Parameter Description always Always advertise...

Page 1124: ...router Lower route preference values are preferred when determining the best route The type of OSPF route can be intra inter external All the external type routes are given the same preference value Use the no form of this command to reset the preference values to the default Syntax distance ospf intra area dist1 inter area dist2 external dist3 no distance ospf intra area inter area external Synta...

Page 1125: ... to filter routes received from the source protocol Use the no form of the command to remove the specified source protocol from the access list Syntax distribute list name out rip static connected no distribute list name out rip static connected inter area dist2 Used to select the best path from one area to another area when there are two or more routes to the same destination from two different r...

Page 1126: ...Router OSPF Configuration mode to reset the default administrative mode of OSPF in the router active Use the no form of the command to disable the administrative mode for OSPF Syntax enable Parameter Description name The name used to identify an existing ACL The range is 1 31 characters rip Apply the specified access list when RIP is the source protocol static Apply the specified access list when ...

Page 1127: ...F When a router leaves the overflow state it can originate non default AS external LSAs When set to 0 the router will not leave Overflow State until restarted Use the no form of the command to return the interval to the default value Syntax exit overflow interval seconds no exit overflow interval seconds Number of seconds after entering overflow state that a router will wait before attempting to l...

Page 1128: ...limit the router enters overflow state The router never holds more than the external LSDB limit non default AS external LSAs in it database Use the no form of the command to return the limit to the default value Syntax external lsdb limit integer no external lsdb limit integer Maximum number of non default AS external LSAs allowed in the router s link state database Range 1 to 2147483647 Default C...

Page 1129: ...dary addresses on this interface into OSPFv2 domain Use the no form of this command to disable OSPFv2 on an interface Syntax ip ospf area area id secondaries none no ip ospf area secondaries none area id The ID of the area Range IP address or decimal from 0 4294967295 Default Configuration OSPFv2 is disabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no use...

Page 1130: ... specified interface Range 8 bytes or less if the authentication type is simple and 16 bytes or less if the type is encrypt key id Authentication key identifier for the authentication type encrypt Range 0 25 Default Configuration This command has no default configuration Command Mode Interface Configuration VLAN mode User Guidelines Unauthenticated interfaces do not need an authentication key or a...

Page 1131: ... state metric configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example configures the cost on the OSPF interface at 5 console config if vlan15 ip ospf cost 5 ip ospf dead interval Use the ip ospf dead interval command in Interface Configuration to set the OSPF dead interval for the specified interface Use the no ...

Page 1132: ...val i e 4 Example The following example sets the dead interval at 30 seconds console config if vlan15 ip ospf dead interval 30 ip ospf hello interval Use the ip ospf hello interval command in Interface Configuration mode to set the OSPF hello interval for the specified interface Use the no form of the command to return the interval to the default value Syntax ip ospf hello interval seconds no ip o...

Page 1133: ...of the largest IP packet that can be sent without fragmentation on the interface When a router receives a Database Description packet it examines the MTU advertised by the neighbor By default if the MTU is larger than the router can accept the Database Description packet is rejected and the OSPF adjacency is not established Use the no form of the command to enable OSPF maximum transmission unit MT...

Page 1134: ...erate in broadcast mode by default Command Mode Interface Configuration VLAN mode Usage Guidelines OSPF treats interfaces as broadcast interfaces by default Loopback interfaces have a special loopback network type which cannot be changed When there are only two routers on the network OSPF can operate more efficiently by treating the network as a point to point network For point to point networks O...

Page 1135: ...t Configuration 1 is the default integer value Command Mode Interface Configuration VLAN mode User Guidelines A value of 1 is the highest router priority A value of 0 indicates that the interface is not eligible to become the designated router on this network Example The following example sets the OSPF priority for the VLAN 15 router at 100 console config if vlan15 ip ospf priority 100 ip ospf ret...

Page 1136: ...nes A value of 1 is the highest router priority A value of 0 indicates that the interface is not eligible to become the designated router on this network Example The following example sets the OSPF retransmit Interval for VLAN 15 at 50 seconds console config if vlan15 ip ospf retransmit interval 50 ip ospf transmit delay Use the ip ospf transmit delay command in Interface Configuration mode to set...

Page 1137: ...15 at 20 seconds console config if vlan15 ip ospf transmit delay 20 maximum paths Use the maximum paths command in Router OSPF Configuration mode to set the number of paths that OSPF can report for a given destination Use the no form of the command to reset the number to the default value Syntax maximum paths integer no maximum paths integer Number of paths that OSPF can report for a given destina...

Page 1138: ... command is deleted matching interfaces are reevaluated against all remaining network area commands Example The following example sets the number of paths at 2 that OSPF can report for a given destination console config router maximum paths 2 network area The network area command enables OSPFv2 on an interface and sets its area ID if the ip address of an interface is covered by this network comman...

Page 1139: ... as the primary address on the same interface When a network area command is deleted matching interfaces are reevaluated against all remaining network area commands Example console config router network 10 50 50 0 0 0 0 255 area 4 nsf Use this command to enable OSPF graceful restart Use the no form of this command to disable graceful restart Syntax nsf ietf planned only no nsf ietf ietf This keywo...

Page 1140: ... goes with that i e flooding of LSAs SPF runs Helpful neighbors continue to forward packets through the restarting router The restarting router relearns the network topology from its helpful neighbors This implementation of graceful restart restarting router behavior is only useful with a router stack Graceful restart does not work on a standalone single unit router nsf helper Use the nsf helper t...

Page 1141: ...no form of this command to allow OSPF to continue as a helpful neighbor in spite of topology changes Syntax nsf ietf helper strict lsa checking no nsf ietf helper strict lsa checking ietf This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations Since the IETF implementation is the only one supported this keyword is optional Default Configu...

Page 1142: ...restart interval ietf This keyword is used to distinguish the IETF standard implementation of graceful restart from other implementations Since the IETF implementation is the only one supported this keyword is optional seconds The number of seconds that the restarting router asks its neighbors to wait before exiting helper mode The restarting router includes the restart interval in its grace LSAs ...

Page 1143: ...default Default Configuration Global passive mode is disabled by default Command Mode Router OSPF Configuration mode User Guidelines There are no user guidelines for this command Example console config router passive interface passive interface Use the passive interface command to set the interface as passive It overrides the global passive mode that is currently effective on the interface Use the...

Page 1144: ... the command to disable redistribution from the selected source or to reset options to their default values Syntax redistribute protocol metric metric value metric type type value tag tag value subnets no redistribute protocol metric metric type tag subnets Parameter Description Parameter Description protocol rip Specifies RIP as the source protocol static Specifies that the source is a static rou...

Page 1145: ...n Router OSPF Configuration mode to set a 4 digit dotted decimal number uniquely identifying the router OSPF ID Syntax router id ip address ip address IP address that uniquely identifies the router OSPF ID metric value Specifies the metric to use when redistributing the route Range 0 16777214 type value Type 1 external route Type 2 external route tag value Value attached to each external route whi...

Page 1146: ... 5 5 5 5 console config router ospf console config router router id 5 5 5 5 router ospf Use the router ospf command in Global Configuration mode to enter Router OSPF mode Syntax router ospf Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The command prompt changes when the router ospf command executes 2CSPC4 XCT SWUM2XX1 book P...

Page 1147: ...fault Configuration There is no default configuration for this command Command Mode User EXEC Privileged EXEC modes User Guidelines Some of the information below displays only if you enable OSPF and configure certain features The following fields may be displayed Field Description Router ID A 32 bit integer in dotted decimal format identifying the router about which information is displayed This i...

Page 1148: ...of seconds between routing table calculations Opaque Capability Shows whether router is capable of sending Opaque LSAs AutoCost Ref BW The configured autocost reference bandwidth This value is used to determine the OSPF metric on its interfaces The reference bandwidth is divided by the interface speed to compute the metric Default Passive Setting When enabled OSPF interfaces are passive by default...

Page 1149: ... compute routes to destinations attached to the stub router To restore OSPF to normal operation resolve the condition that caused the resource overload then disable and re enable OSPF globally External LSDB Overflow OSPF enters this state when the number of external LSAs exceeds a configured limit as described in RFC 1765 External LSA Count Shows the number of external LS type 5 link state adverti...

Page 1150: ...urrently performing a graceful restart NSF Restart Age The number of seconds until a graceful restart expires Only non zero when the router is in graceful restart NSF Restart Exit Reason The reason the previous graceful restart ended Possible values are Not attempted In progress Completed Timed out Topology change and Manual clear NSF Helper Support Whether this router is configured to act as a gr...

Page 1151: ...pf Hold Time 10 Opaque Capability Disable AutoCost Ref BW 100 Mbps Default Passive Setting Disabled Maximum Paths 4 Default Metric Not configured Default Route Advertise Disabled Always FALSE Metric Not configured Metric Type External Type 2 Number of Active Areas 1 1 normal 0 stub 0 nssa ABR Status Disable Distribute List Shows the access list used to filter redistributed routes 2CSPC4 XCT SWUM2X...

Page 1152: ... Maximum Number of Retransmit Entries 72800 Retransmit Entries High Water Mark 2 NSF Support Disabled NSF Restart Interval 120 NSF Restart Status Not Restarting NSF Restart Age 0 seconds NSF Restart Exit Reason Not Attempted NSF Helper Support Always NSF Helper Strict LSA Checking Enabled show ip ospf abr The show ip ospf abr command displays the internal OSPF routing table entries to Area Border ...

Page 1153: ...Next Hop Intf INTRA 3 3 3 3 1 0 0 0 1 10 1 23 3 vlan11 INTRA 4 4 4 4 10 0 0 0 1 10 1 24 4 vlan12 show ip ospf area Use the show ip ospf area command in Privileged EXEC mode to display information about the identified OSPF area Syntax show ip ospf area area id area id Identifies the OSPF area whose ranges are being displayed Range 0 4294967295 Default Configuration This command has no default confi...

Page 1154: ... Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 Import Summary LSAs Enable console show ip ospf area 20 AreaID 0 0 0 20 External Routing Import NSSAs Spf Runs 0 Area Border Router Count 0 Area LSA Count 0 Area LSA Checksum 0 OSPF NSSA Specific Information Import Summary LSAs Enable Redistribute into NSSA Enable Default Information Originate TRUE Default Metric 250 2CSPC4 XC...

Page 1155: ... Boundary Routes ASBR This command takes no options Syntax show ip ospf asbr Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ip ospf asbr Type Router Id Cost Area ID Next Hop Next Hop Intf INTRA 1 1 1 1 1 0 0 0 1 10 1 12 1 vlan10 INTRA 4 4 4 4 10 0 0 0 1 10 1 24 4 vlan12 2CSPC...

Page 1156: ...mmary Display the autonomous system boundary router ASBR summary LSAs external Display the external LSAs network Display the network LSAs nssa external Display NSSA external LSAs router Display router LSAs summary Display the LSA database summary information ls id Specifies the link state ID LSID Range IP address or an integer in the range of 0 4294967295 adv router Display the LSAs that are restr...

Page 1157: ...5 2 0 0 1360 80000009 a47e E 20 20 20 20 20 20 20 20 1165 8000000b 0f80 E Network Link States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 2 2 2 2 20 20 20 20 1165 80000005 f86d E O Network Summary States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1360 80000007 242e Summary ASBR States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm ...

Page 1158: ...States Area 0 0 0 0 Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1362 80000005 e166 AS External States Link Id Adv Router Age Sequence Chksm Options Rtr Opt 6 0 0 0 5 2 0 0 1364 80000008 e35d AS Opaque States Link Id Adv Router Age Sequence Chksm Options Rtr Opt 5 2 0 0 0 0 0 0 1364 80000005 d373 2CSPC4 XCT SWUM2XX1 book Page 1158 Monday October 3 2011 11 05 AM ...

Page 1159: ...umber of router LSAs in the OSPF link state database Network Shows Total number of network LSAs in the OSPF link state database Summary Net Shows Total number of summary network LSAs in the database Summary ASBR Shows Number of summary ASBR LSAs in the database Type 7 Ext Shows Total number of Type 7 external LSAs in the database Self Originated Type 7 Shows Total number of self originated AS exte...

Page 1160: ...a 0 0 0 0 database summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Self Originated Type 7 0 Opaque Link 0 Opaque Area 0 Subtotal 0 Area 0 0 0 10 database summary Router 0 Network 0 Summary Net 0 Summary ASBR 0 Type 7 Ext 0 Self Originated Type 7 0 Opaque Link 0 Opaque Area 0 Subtotal 0 Total Shows Number of entries for all areas 2CSPC4 XCT SWUM2XX1 book Page 1160 Monday Octobe...

Page 1161: ... interface command in Privileged EXEC mode to display the information for the VLAN or loopback interface Syntax show ip ospf interface interface type interface number Syntax Description Default Configuration This command has no default configuration Parameter Description interface type Vlan or loopback interface number Valid VLAN ID or loopback interface number Range 0 7 2CSPC4 XCT SWUM2XX1 book P...

Page 1162: ...255 255 255 0 Secondary IP Address es OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 OSPF Network Type Broadcast Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 10 computed Passive Status Non passive interface OSPF Mtu ignore Disable State designated router Designated Router 1 1 1 1 Backup De...

Page 1163: ... IFO object or virtual interface tables console show ip ospf interface brief Router Hello Dead Retrax Retrax LSAAck Interface AdminMode Area ID Priority Intval Intval Intval Delay Intval vlan1 Enable 0 0 0 10 1 10 40 5 1 1 vlan2 Disable 0 0 0 0 1 10 40 5 1 1 vlan3 Disable 0 0 0 0 1 10 40 5 1 1 loopback2 Disable 0 0 0 0 1 10 40 5 1 1 show ip ospf interface stats Use the show ip ospf interface stats...

Page 1164: ... 0 Area Border Router Count 0 AS Border Router Count 0 Area LSA Count 1 IP Address 2 2 2 2 OSPF Interface Events 1 Virtual Events 0 Neighbor Events 0 External LSA Count 0 show ip ospf neighbor Use the show ip ospf neighbor command in Privileged EXEC mode to display information about OSPF neighbors The information below only displays if OSPF is enabled and the interface has a neighbor Syntax show i...

Page 1165: ...nterfaces console show ip ospf neighbor 99 9 9 9 Interface Vl12 Neighbor IP Address 5 5 5 5 Interface Index 723 Area Id 0 0 0 0 Options 0x42 Router Priority 1 Dead timer due in secs 31 Up Time 0 days 0 hrs 2 mins 17 secs State Full DR Events 5 Retransmission Queue Length 0 Parameter Description interface type Interface type only supported type is vlan interface number A valid interface number neig...

Page 1166: ...ented for the following events A DD is received from the neighbor with an MTU mismatch The neighbor sent an ACK for an LSA not on the neighbor s retransmit list The state of the adjacency changed Retransmission Queue Length The number of LSAs on the neighbor s retransmit queue waiting for the neighbor to acknowledge Restart Helper Status One of two values Helping This router is acting as a helpful...

Page 1167: ...Reason to Software Restart on a planned warm restart when the initiate failover command is invoked and to Unknown on an unplanned warm restart Remaining Grace Time The number of seconds remaining in the current graceful restart interval This row is only included if the router is currently acting as a restart helper for the neighbor Restart Exit Reason One of the following None graceful restart has...

Page 1168: ...ip ospf range 20 Area ID IP Address Subnet Mask Lsdb Type Advertisement 0 0 0 20 192 168 6 0 255 255 255 0 Summary Link Enabled show ip ospf statistics This command displays information about recent Shortest Path First SPF calculations The SPF is the OSPF routing table calculation The output lists the number of times the SPF has run for each OSPF area A table follows this information For each of t...

Page 1169: ...how ip ospf statistics Area 0 0 0 0 SPF algorithm executed 0 times Delta T SPF Duration msec Reason 26 01 45 0 23 15 05 0 R 23 14 22 0 R N 23 14 12 0 R 23 10 04 0 show ip ospf stub table Use the show ip ospf stub table command in Privileged EXEC mode to display the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch Syntax show ip ospf stub table 2CSPC...

Page 1170: ...ospf virtual link Use the show ip ospf virtual link command in Privileged EXEC mode to display the OSPF Virtual Interface information for a specific area and neighbor or for all Syntax show ip ospf virtual link area id neighbor id area id Identifies the OSPF area whose ranges are being displayed Range IP address or decimal from 0 4294967295 neighbor id Identifies the neighbor s router ID Range Val...

Page 1171: ...2 2 Hello Interval 10 Dead Interval 655555 Iftransit Delay Interval 1 Retransmit Interval 5 State down Metric 0 Neighbor State down Authentication Type MD5 Authentication Key test123 Authentication Key ID 100 show ip ospf virtual links brief Use the show ip ospf virtual link brief command in Privileged EXEC mode to display the OSPF Virtual Interface information for all areas in the system in table...

Page 1172: ...e show ipv6 ospf virtual link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay 0 0 0 2 5 5 5 5 10 40 5 1 timers spf Use the timers spf command in Router OSPF Configuration mode to configure the SPF delay and hold time Use the no form of the command to reset the numbers to the default value Syntax timers spf delay time hold time no timers spf delay time SPF dela...

Page 1173: ...alue for hold time is 10 Command Mode Router OSPF Configuration mode User Guidelines This command has no user guidelines Example The following example configures the SPF delay and hold time console config router timers spf 20 30 2CSPC4 XCT SWUM2XX1 book Page 1173 Monday October 3 2011 11 05 AM ...

Page 1174: ...1174 OSPF Commands 2CSPC4 XCT SWUM2XX1 book Page 1174 Monday October 3 2011 11 05 AM ...

Page 1175: ...sa translator role exit overflow interval nsf show ipv6 ospf interface area nssa translator stab intv external lsdb limit nsf helper show ipv6 ospf interface brief area range Router OSPFv3 ipv6 ospf nsf helper strict lsa checking show ipv6 ospf interface stats area stub ipv6 ospf area nsf restart interval show ipv6 ospf interface vlan area stub no summary ipv6 ospf cost passive interface show ipv6...

Page 1176: ...cost Syntax area area id default cost cost no area area id default cost areaid Valid area identifier cost Default cost Range 1 16777215 Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the monetary default cost at 100 for stub area 1 console conf...

Page 1177: ...tor stab intv Parameter Description Parameter Description area id Identifies the OSPFv3 stub area to configure Range IP address or decimal from 0 4294967295 metric value Specifies the metric of the default route advertised to the NSSA Range 1 16777214 metric type value The metric type can be one of the following 1 A metric type of nssa external 1 comparable 2 A metric type of nssa external 2 non c...

Page 1178: ...e config router area 20 nssa default info originate metric 250 metric type 2 no summary area nssa default info originate Use the area nssa default info originate command in Router OSPFv3 Configuration mode to configure the metric value and type for the default route advertised into the NSSA The optional metric parameter specifies the metric of the default route The metric type can be comparable ns...

Page 1179: ... route advertised into the NSSA console config ipv6 router ospf console config rtr area 1 nssa default info originate area nssa no redistribute Use the area nssa no redistribute command in Router OSPFv3 Configuration mode to configure the NSSA ABR so that learned external routes will not be redistributed to the NSSA Use the no form of the command to remove the configuration Syntax area areaid nssa...

Page 1180: ...summary Use the area nssa no summary command in Router OSPFv3 Configuration mode to configure the NSSA so that summary LSAs are not advertised into the NSSA Use the no form of the command to remove the configuration Syntax area areaid nssa no summary no area area id nssa no summary areaid Valid OSPF area identifier Default Configuration This command has no default configuration Command Mode Router...

Page 1181: ...le always candidate no area areaid nssa translator role areaid Valid OSPF area identifier always Causes the router to assume the role of the translator the instant it becomes a border router candidate Causes the router to participate in the translator election process when it attains border router status Default Configuration This command has no default configuration Command Mode Router OSPFv3 Con...

Page 1182: ...router Syntax area areaid nssa translator stab intv seconds no area areaid nssa translator stab intv areaid Valid OSPF area identifier seconds Translator stability interval of the NSSA Range 0 3600 seconds Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example co...

Page 1183: ... range is advertised as a type 5 external LSA Use the no form of the command to remove the summary prefix configuration for routes learned in the specified area Syntax area area id range ipv6 prefix prefix length summarylink nssaexternallink advertise not advertise no area area id range ipv6 prefix prefix length summarylink nssaexternallink Parameter Description Default Configuration This command ...

Page 1184: ... this command creates the area and then applies the stub distinction A stub area is characterized by the fact that AS External LSAs are not propagated into the area Removing AS External LSAs and Summary LSAs can significantly reduce the size of the link state database of routers within the stub area Syntax area area id stub no summary no area area id stub no summary area id Valid OSPFv3 area ident...

Page 1185: ...Fv3 Configuration mode disable the import of Summary LSAs for the stub area identified by area id Syntax area area id stub no summary no area area id stub no summary area id Valid OSPFv3 area identifier so summary Disable the import of Summary LSAs for the stub area identified by area id Default Configuration This command has no default configuration Command Mode Router OSPFv3 Configuration mode U...

Page 1186: ...ay seconds dead interval seconds no area area id virtual link router id id hello interval retransmit interval transmit delay dead interval Parameter Description area id Valid OSPFv3 area identifier or decimal value in the range of 0 4294967295 router id Identifies the Router ID or valid IP address of the neighbor hello interval seconds Number of seconds to wait before sending hello packets to the ...

Page 1187: ...ds a retransmit interval of 20 seconds and a 20 second transmit delay for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 dead interval 20 hello interval 20 retransmit interval 20 transmit delay 20 Parameter Default area id No area ID is predefined router id No router ID is predefined...

Page 1188: ...ion 40 is the default value for seconds Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures a 20 second dead interval for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 dead interval 20 area virtua...

Page 1189: ...s for the OSPF virtual interface on the virtual interface identified by area 1 and its neighbor console config ipv6 router ospf console config rtr area 1 virtual link 2 hello interval 20 area virtual link retransmit interval Use the area virtual link retransmit interval command in Router OSPFv3 Configuration mode to configure the retransmit interval for the OSPF virtual interface on the virtual in...

Page 1190: ...hbor config ipv6 router ospf config rtr area 1 virtual link 2 retransmit interval 20 area virtual link transmit delay Use the area virtual link transmit delay command in Router OSPFv3 Configuration mode to configure the transmit delay for the OSPF virtual interface on the virtual interface identified by areaid and neighbor Syntax area areaid virtual link neighbor transmit delay seconds no area are...

Page 1191: ... default information originate Use the default information originate command in Router OSPFv3 Configuration mode to control the advertisement of default routes Use the no form of the command to return the default route advertisement settings to the default value Syntax default information originate always metric metric value metric type type value no default information originate metric metric typ...

Page 1192: ...riginate metric 100 metric type 2 default metric Use the default metric command in Router OSPFv3 Configuration mode to set a default for the metric of distributed routes Use the no form of the command to remove the metric from the distributed routes Syntax default metric metric value no default metric metric value The metric or preference value of the default route Range 1 16777214 Default Configu...

Page 1193: ...The type of OSPF route can be intra inter external All the external type routes are given the same preference value Use the no form of this command to reset the preference values to the default Syntax distance ospf external inter area intra area distance no distance ospf external inter area intra area distance distance Used to select the best path when there are two or more routes to the same dest...

Page 1194: ...and in Router OSPFv3 Configuration mode to enable administrative mode of OSPF in the router active Syntax enable no enable Default Configuration Enabled is the default state Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example enables administrative mode of OSPF in the router active console config ipv6 router ospf console c...

Page 1195: ...erval for OSPF Range 0 2147483647 Default Configuration 0 is the default value for seconds Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the exit overflow interval for OSPF at 100 seconds console config ipv6 router ospf console config rtr exit overflow interval 100 external lsdb limit Use the external lsdb...

Page 1196: ...SPF Range 1 2147483647 Default Configuration 1 is the default value for limit Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example sets the external LSDB limit at 100 for OSPF console config ipv6 router ospf console config rtr external lsdb limit 100 ipv6 ospf Use the ipv6 ospf command in Interface Configuration mode to ena...

Page 1197: ...ode to set the OSPF area to which the specified router interface belongs Syntax ipv6 ospf area areaid no ipv6 ospf area areaid areaid Is a 32 bit integer formatted as a 4 digit dotted decimal number or a decimal value It uniquely identifies the area to which the interface connects Assigning an area id which does not exist on an interface causes the area to be created with default values Range 0 42...

Page 1198: ...of the command to return the cost to the default value Syntax ipv6 ospf cost interface cost no ipv6 ospf cost interface cost Specifies the cost link state metric of the OSPF interface Range 1 65535 Default Configuration 10 is the default link state metric configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example c...

Page 1199: ...or all routers attached to a common network This value should be some multiple of the Hello Interval i e 4 Range 1 65535 Default Configuration 40 seconds is the default value of seconds Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF dead interval at 100 seconds console config interface v...

Page 1200: ...idelines This command has no user guidelines Example The following example sets the OSPF hello interval at 15 seconds console config interface vlan 15 console config if vlan15 ipv6 ospf hello interval 15 ipv6 ospf mtu ignore Use the ipv6 ospf mtu ignore command in Interface Configuration mode to disable OSPF maximum transmission unit MTU mismatch detection Use the no form of the command to reset m...

Page 1201: ...sables OSPF maximum transmission unit MTU mismatch detection console config interface vlan 15 console config if vlan15 ipv6 ospf mtu ignore ipv6 ospf network Use the ipv6 ospf network command in Interface Configuration mode to change the default OSPF network type for the interface Use the no form of the command to return the network setting to the default value Syntax ipv6 ospf network broadcast p...

Page 1202: ...ault OSPF network type to point to point console config interface vlan 15 console config if vlan15 ipv6 ospf network point to point ipv6 ospf priority Use the ipv6 ospf priority command in Interface Configuration mode to set the OSPF priority for the specified router interface Use the no form of the command to return the priority to the default value Syntax ipv6 ospf priority number value no ipv6 ...

Page 1203: ...econds no ipv6 ospf retransmit interval seconds The number of seconds between link state advertisement retransmissions for adjacencies belonging to this router interface This value is also used when retransmitting database description and link state request packets Range 0 to 3600 seconds Default Configuration 5 seconds is the default value Command Mode Interface Configuration VLAN Tunnel Loopback...

Page 1204: ...onds it takes to transmit a link state update packet over this interface Range 1 to 3600 seconds Default Configuration No default value Command Mode Interface Configuration VLAN Tunnel Loopback mode User Guidelines This command has no user guidelines Example The following example sets the OSPF Transmit Delay at 100 seconds for VLAN 15 console config interface vlan 15 console config if vlan15 ipv6 ...

Page 1205: ...spf maximum paths Use the maximum paths command in Router OSPFv3 Configuration mode to set the number of paths that OSPF can report for a given destination Syntax maximum paths maxpaths no maximum paths maxpaths Number of paths that can be reported Range 1 2 Default Configuration 2 is the default value for maxpaths Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no u...

Page 1206: ... graceful restart when the restart is planned i e when the restart is a result of the initiate failover command Default Configuration Graceful restart is disabled by default Command Mode Router OSPFv3 Configuration mode User Guidelines Graceful restart works in concert with nonstop forwarding to enable the hardware to continue forwarding IPv6 packets using OSPFv3 routes while a backup unit takes o...

Page 1207: ...lpful neighbor Syntax nsf helper planned only no nsf helper planned only This keyword indicates that OSPF should only help a restarting router performing a planned restart Default Configuration OSPF may act as a helpful neighbor for both planned and unplanned restarts Command Mode Router OSPFv3 Configuration mode User Guidelines The grace LSA announcing the graceful restart includes a restart reas...

Page 1208: ...r OSPFv3 Configuration mode User Guidelines The restarting router is unable to react to topology changes In particular the restarting router will not immediately update its forwarding table therefore a topology change may introduce forwarding loops or black holes that persist until the graceful restart completes By exiting the graceful restart on a topology change a router tries to eliminate the l...

Page 1209: ... 120 seconds Command Mode Router OSPFv3 Configuration mode User Guidelines The grace period must be set long enough to allow the restarting router to reestablish all of its adjacencies and complete a full database exchange with each of those neighbors passive interface Use the passive interface command to set the interface or tunnel as passive It overrides the global passive mode that is currently...

Page 1210: ...es It overrides any interface level passive mode Use the no form of this command to disable the global passive mode by default for all interfaces Any interface previously configured to be passive reverts to non passive mode Syntax passive interface default no passive interface default Default Configuration Global passive mode is disabled by default Command Mode Router OSPFv3 Configuration mode Use...

Page 1211: ...ge 0 4294967295 Default Configuration 2 is the default value for metric type 0 for tag Command Mode Router OSPFv3 Configuration mode User Guidelines This command has no user guidelines Example The following example configures the OSPFv3 protocol to allow redistribution of routes from the specified source protocol routers console config ipv6 router ospf console config rtr redistribute connected rou...

Page 1212: ...otted decimal number identifying the Router OSPF ID as 2 3 4 5 console config ipv6 router ospf console config rtr router id 2 3 4 5 show ipv6 ospf Use the show ipv6 ospf command in Privileged EXEC mode to display information relevant to the OSPF router Syntax show ipv6 ospf area id area id Identifier for the OSPF area being displayed Default Configuration This command has no default configuration ...

Page 1213: ...e the OSPF metric on its interfaces The reference bandwidth is divided by the interface speed to compute the metric Default Passive Setting When enabled OSPF interfaces are passive by default Maximum Paths Shows the maximum number of paths that OSPF can report for a given destination Default Metric Default metric for redistributed routes Default Route Advertise When enabled OSPF originates a type ...

Page 1214: ...to normal operation resolve the condition that caused the resource overload then disable and re enable OSPF globally External LSDB Overflow OSPF enters this state when the number of external LSAs exceeds a configured limit as described in RFC 1765 External LSA Count Shows the number of external LS type 5 link state advertisements in the link state database External LSA Checksum Shows the sum of th...

Page 1215: ...y non zero when the router is in graceful restart NSF Restart Exit Reason The reason the previous graceful restart ended Possible values are Not attempted In progress Completed Timed out Topology change and Manual clear NSF Helper Support Whether this router is configured to act as a graceful restart helpful neighbor Possible values are Helper Support Always Disabled or Planned NSF Helper Strict L...

Page 1216: ...m Paths 2 Default Route Advertise Disabled Always FALSE Metric Metric Type External Type 2 NSF Support Disabled NSF Restart Interval 120 seconds NSF Helper Support Always NSF Helper Strict LSA Checking Enabled show ipv6 ospf abr This command displays the internal OSPFv3 routes to reach Area Border Routers ABR This command takes no options Syntax show ipv6 ospf abr Default Configuration This comman...

Page 1217: ...0 0 0 0 1 FE80 210 18FF FE82 8E1 vlan12 show ipv6 ospf area Use the show ipv6 ospf area command in Privileged EXEC mode to display information about the area Syntax show ipv6 ospf area areaid areaid Identifier for the OSPF area being displayed Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines 2CSPC4...

Page 1218: ...v6 ospf asbr command displays the internal OSPFv3 routes to reach Autonomous System Boundary Routes ASBR This command takes no options Syntax show ipv6 ospf asbr Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show ipv6 ospf asbr Type Router Id Cost Area ID Next Hop Next Hop Intf I...

Page 1219: ...ut the link state database when OSPFv3 is enabled If no parameters are entered the command displays the LSA headers Optional parameters specify the type of link state advertisements to display The information below is only displayed if OSPF is enabled Syntax show ipv6 ospf area id database external inter area prefix router link network nssaexternal prefix router unknown area as link link state id ...

Page 1220: ...Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information about the link state database when OSPFv3 is enabled console show ipv6 ospf database Router Link States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 4 80000034 54BD V...

Page 1221: ...634 689 8000000A 6F82 V6E R 2 2 2 2 635 590 80000001 7782 V6E R Intra Prefix States Area 0 0 0 0 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 1 8000003C 9F31 2 2 2 2 0 2 8000004D 9126 Router Link States Area 0 0 0 1 Adv Router Link Id Age Sequence Csum Options Rtr Opt 1 1 1 1 0 1 8000002E 35AD V6E R V B 2 2 2 2 0 0 8000004A D2F3 V6E R B Network Link States Area 0 0 0 1 Adv Router...

Page 1222: ...ence Csum Options Rtr Opt 1 1 1 1 0 6 8000003A 37C4 2 2 2 2 0 1 8000004F 439A 1 1 1 1 10634 434 80000002 440A show ipv6 ospf database database summary Use the show ipv6 ospf database database summary command in Privileged EXEC mode to display the number of each type of LSA in the database and the total number of LSAs in the database Syntax show ipv6 ospf database database summary Syntax Descriptio...

Page 1223: ...base summary OSPF Router with ID 0 0 0 2 Router database summary Router 0 Network 0 Inter area Prefix 0 Inter area Router 0 Type 7 Ext 0 Link 0 Intra area Prefix 0 Link Unknown 0 Area Unknown 0 AS Unknown 0 Type 5 Ext 0 Self Originated Type 5 Ext 0 Total 0 show ipv6 ospf interface Use the show ipv6 ospf interface command in Privileged EXEC mode to display the information for the IFO object or virt...

Page 1224: ...ation in VLAN 11 s virtual interface tables console show ipv6 ospf interface vlan 11 IP Address Err ifIndex 1 OSPF Admin Mode Enable OSPF Area ID 0 0 0 0 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Parameter Description interface type The interface type VLAN tunnel or loopback interface number The valid interface number a valid VLAN ID tunnel ident...

Page 1225: ...ect or virtual interface tables Syntax show ipv6 ospf interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays brief ospf interface information console show ipv6 ospf interface brief Hello Dead Retrax LSA Admin Router Int Int Int Retrax Ack Interface M...

Page 1226: ... has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the interface statistics for VLAN 5 console show ipv6 ospf interface stats vlan 5 OSPFv3 Area ID 0 0 0 1 Spf Runs 265 Area Border Router Count 1 AS Border Router Count 0 Area LSA Count 6 IPv6 Address FE80 202 BCFF FE00 3146 1283FFE 2 64 OSPF Interface...

Page 1227: ...tion 10 14 LS Request 4 4 LS Update 521 398 LS Acknowledgement 209 282 show ipv6 ospf interface vlan Use the show ipv6 ospf interface vlan command in Privileged EXEC mode to display OSPFv3 configuration and status information for a specific vlan Syntax show ipv6 ospf interface vlan vlan id brief vlan id Valid VLAN ID Range is 1 4093 brief Displays a snapshot of configured interfaces Default Config...

Page 1228: ...Index 634 OSPF Admin Mode Enable OSPF Area ID 0 0 0 1 Router Priority 1 Retransmit Interval 5 Hello Interval 10 Dead Interval 40 LSA Ack Interval 1 Iftransit Delay Interval 1 Authentication Type None Metric Cost 10 computed OSPF Mtu ignore Disable OSPF Interface Type broadcast State backup designated router Designated Router 1 1 1 1 Backup Designated Router 2 2 2 2 Number of Link Events 46 2CSPC4 ...

Page 1229: ...Description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Examples The following examples display information about OSPF neighbors in the first case in a summary table and in the second in a table specific to tunnel 1 console show ipv6 ospf neighbor Router ID Priority Intf Interface St...

Page 1230: ...pe None Metric Cost 1 computed OSPF Mtu ignore Disable OSPF cannot be initialized on this interface show ipv6 ospf range Use the show ipv6 ospf range command in Privileged EXEC mode to display information about the area ranges for the specified area identifier Syntax show ipv6 ospf range areaid areaid Identifies the OSPF area whose ranges are being displayed Default Configuration This command has ...

Page 1231: ...le command in Privileged EXEC mode to display the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch Syntax show ipv6 ospf stub table Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF stub table console sh...

Page 1232: ...ormation is being displayed neighbor id Router ID of neighbor Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF Virtual Interface information for area 1 and its neighbor console show ipv6 ospf virtual link 1 1 1 1 1 Area ID 1 Neighbor Router ...

Page 1233: ...ntax show ipv6 ospf virtual link brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the OSPF stub table console config show ipv6 ospf virtual link brief Hello Dead Retransmit Transit Area ID Neighbor Interval Interval Interval Delay 2CSPC4 XCT SWUM2XX1 boo...

Page 1234: ...1234 OSPFv3 Commands 2CSPC4 XCT SWUM2XX1 book Page 1234 Monday October 3 2011 11 05 AM ...

Page 1235: ...ry enables hosts to select from among multiple default gateways and switch to a different default gateway if an initially designated gateway goes down Commands in this Chapter This chapter explains the following commands ip irdp Use the ip irdp command in Interface Configuration mode to enable Router Discovery on an interface Use the no form of the command to disable Router Discovery Syntax ip ird...

Page 1236: ...ds Integer value in seconds of the the holdtime field of the router advertisement sent from this interface Range 4 9000 seconds maxadvertinterval seconds Maximum time in seconds allowed between sending router advertisements from the interface Range 4 or the minimum advertisement interval whichever is greater and 1800 seconds minadvertinterval seconds Minimum time in seconds allowed between sending...

Page 1237: ...and to return the address to the default Syntax ip irdp address ip address no ip irdp address ip address IP address for router discovery advertisements Range 224 0 0 1 all hosts IP multicast address or 255 255 255 255 limited broadcast address Default Configuration IP address 224 0 0 1 is the default configuration Command Mode Interface Configuration VLAN mode User Guidelines This command has no u...

Page 1238: ...holdtime integer no ip irdp holdtime integer Integer value in seconds of the the holdtime field of the router advertisement sent from this interface The holdtime must be no less than the maximum advertisement interval and cannot be greater than 9000 seconds Default Configuration The holdtime defaults to 3 times the maximum advertisement interval Command Mode Interface Configuration VLAN mode User ...

Page 1239: ...Configuration 600 seconds is the default value Command Mode Interface Configuration VLAN mode User Guidelines The default values of the minimum advertisement interval and the holdtime depend on the value of the maximum advertisement interval Setting the maximum advertisement interval changes the minimum advertisement interval and holdtime if those values are at their defaults so the maximum advert...

Page 1240: ...ommand to set the time to the default value Syntax ip irdp minadvertinterval integer no ip irdp minadvertinterval integer Minimum time in seconds allowed between sending router advertisements from the interface Range 3 to value of maximum advertisement interval in seconds Default Configuration The default value is 0 75 times the maximum advertisement interval Command Mode Interface Configuration V...

Page 1241: ... Router discovery packets are sent to the all hosts IP multicast address 224 0 0 1 by default Command Mode Interface Configuration VLAN mode User Guidelines If a subnet includes any hosts that do not accept IP multicast packets send router advertisements to the limited broadcast address Example The following example configures router discovery to send to the limited broadcast address console confi...

Page 1242: ...relative to other router addresses on the same subnet Range 2147483648 to 2147483647 Default Configuration 0 is the default value Command Mode Interface Configuration VLAN mode User Guidelines This command has no user guidelines Example The following example sets the ip irdp preference to 1000 for VLAN 15 console config interface vlan 15 console config if vlan15 ip irdp preference 1000 show ip ird...

Page 1243: ...vileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows router discovery information for VLAN 15 console show ip irdp vlan 15 Interface Ad Mode Advertise Address Max Int Min Int Hold Time Preference vlan15 Enable 224 0 0 1 600 450 1800 0 2CSPC4 XCT SWUM2XX1 book Page 1243 Monday October 3 2011 11 05 AM ...

Page 1244: ...1244 Router Discovery Protocol Commands 2CSPC4 XCT SWUM2XX1 book Page 1244 Monday October 3 2011 11 05 AM ...

Page 1245: ...ose physical interconnections are of similar type and speed PowerConnect routing supports RIPv2 as specified in RFC 2453 Commands in this Chapter This chapter explains the following commands auto summary Use the auto summary command in Router RIP Configuration mode to enable the RIP auto summarization mode Use the no form of the command to disable auto summarization mode Syntax auto summary auto s...

Page 1246: ...ate Use the default information originate command in Router RIP Configuration mode to control the advertisement of default routes Syntax default information originate no default information originate Default Configuration This command has no default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example console config router default inf...

Page 1247: ...fault Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example sets a default of 12 for the metric of distributed routes console config router default metric 12 distance rip Use the distance rip command in Router RIP Configuration mode to set the route preference value of RIP in the router Lower route preference values are preferr...

Page 1248: ...cess list to filter routes received from the source protocol Use the no form of the command to remove the access list from the specified source protocol Syntax distribute list accesslistname out ospf static connected no distribute list accesslistname out ospf static connected accesslistname The name used to identify the existing ACL The range is 1 31 characters ospf Apply the specific access list ...

Page 1249: ...ol console config router distribute list ACL40 out static enable Use the enable command in Router RIP Configuration mode to reset the default administrative mode of RIP in the router active Use the no form of the command to disable the administrative mode for RIP Syntax enable no enable Default Configuration Enabled is the default configuration Command Mode Router RIP Configuration mode User Guide...

Page 1250: ...stroutesaccept no hostroutesaccept Default Configuration Enabled is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example console config router hostroutesaccept ip rip Use the ip rip command in Interface Configuration mode to enable RIP on a router interface Use the no form of the command to disable RIP on the interface Syn...

Page 1251: ... and Key for the specified VLAN Use the no form of the command to return the authentication to the default value Syntax ip rip authentication none simple key encrypt key key id no ip rip authentication none Do not use RIP authentication on the VLAN simple Use simple authentication on the VLAN key Authentication key for the VLAN Range 16 bytes or less encrypt Use MD5 encryption for the RIP interfac...

Page 1252: ...gure the interface to allow RIP control packets of the specified version s to be received Use the no form of the command to return the version to the default value Syntax ip rip receive version rip1 rip2 both none no ip rip receive version rip1 Receive only RIP version 1 formatted packets rip2 Receive only RIP version 2 formatted packets both Receive packets from either format none Do not allow an...

Page 1253: ...e sent Use the no form of the command to return the version to the default value Syntax ip rip send version rip1 rip1c rip2 none no ip rip send version rip1 Send RIP version 1 formatted packets rip1c Send RIP version 1 compatibility mode which sends RIP version 2 formatted packets via broadcast rip2 Send RIP version 2 using multicast none Do not allow any RIP control packets to be sent Default Con...

Page 1254: ...0 15 match internal Adds internal matches to any match types presently being redistributed match external 1 Adds routes imported into OSPF as Type 1 external routes into any match types presently being redistributed match external 2 Adds routes imported into OSPF as Type 2 external routes into any match types presently being redistributed match nssa external 1 Adds routes imported into OSPF as NSS...

Page 1255: ...e connected metric 1 router rip Use the router rip command in Global Configuration mode to enter Router RIP mode Syntax router rip Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enters Router RIP mode console config router rip console config router 2CSPC4 XCT SW...

Page 1256: ...s This command has no user guidelines Example The following example displays information relevant to the RIP router console show ip rip RIP Admin Mode Enable Split Horizon Mode Simple Auto Summary Mode Enable Host Routes Accept Mode Enable Global route changes 0 Global queries 0 Default Metric 12 Default Route Advertise 0 Redistributing Source Connected Metric 2 Distribute List Not configured Redi...

Page 1257: ...vlan id vlan id Valid VLAN ID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays information related to the VLAN 15 RIP interface console show ip rip interface vlan 15 Interface 15 IP Address Send version RIP 2 Receive version Both RIP Admin Mode Disable Link St...

Page 1258: ...must be enabled per interface i e ip rip Syntax show ip rip interface brief Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays general information for each RIP interface console show ip rip interface brief Send Receive RIP Link Interface IP Address Version Versi...

Page 1259: ...t use split horizon to avoid routing loops simple RIP uses split horizon to avoid routing loops poison RIP uses split horizon with poison reverse increases routing packet update size Default Configuration Simple is the default configuration Command Mode Router RIP Configuration mode User Guidelines This command has no user guidelines Example The following example does not use split horizon console...

Page 1260: ...1260 Routing Information Protocol Commands 2CSPC4 XCT SWUM2XX1 book Page 1260 Monday October 3 2011 11 05 AM ...

Page 1261: ... available to the entire system To support IPv4 to IPv6 transition PowerConnect supports configured tunnels RFC 4213 and automatic 6to4 tunnels RFC 3056 6to4 tunnels are automatically formed for IPv4 tunnels carrying IPv6 traffic The automatic tunnels IPv4 destination address is derived from the 6to4 IPv6 address of the tunnel s next hop PowerConnect can act as a 6to4 border router that connects a...

Page 1262: ...iguration mode User Guidelines This command has no user guidelines Example The following example enables the interface configuration mode for tunnel 1 console config interface tunnel 1 console config if tunnel1 show interfaces tunnel Use the show interfaces tunnel command in Privileged EXEC mode to display the parameters related to tunnel such as tunnel mode tunnel source address and tunnel destin...

Page 1263: ...TU size 1480 bytes console show interfaces tunnel TunnelId Interface TunnelMode SourceAddress DestinationAddress 1 tunnel 1 IPv6OVER4 10 254 25 14 10 254 25 10 2 tunnel 2 IPv6OVER4 10 254 20 10 tunnel destination Use the tunnel destination command in Interface Configuration mode to specify the destination transport address of the tunnel Syntax tunnel destination ip address no tunnel destination ip...

Page 1264: ...1 1 tunnel mode ipv6ip Use the tunnel mode ipv6ip command in Interface Configuration mode to specify the mode of the tunnel Syntax tunnel mode ipv6ip 6to4 no tunnel mode 6to4 Sets the tunnel mode to automatic Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guidelines Example The following exam...

Page 1265: ...ip address interface type interface number no tunnel source Syntax Description Default Configuration This command has no default configuration Command Mode Interface Configuration Tunnel mode User Guidelines This command has no user guidelines Example The following example specifies VLAN 11 as the source transport address of the tunnel Parameter Description ip address Valid IPv4 address interface ...

Page 1266: ...1266 Tunnel Interface Commands console config interface tunnel 1 console config if tunnel1 tunnel source vlan 11 2CSPC4 XCT SWUM2XX1 book Page 1266 Monday October 3 2011 11 05 AM ...

Page 1267: ... to the address This change is transparent to end stations VRRP increases the availability of the default path without requiring configuration of dynamic routing or router discovery protocols on every end station Multiple virtual routers can be defined on a single router interface Pingable VRRP Interface RFC 3768 specifies that a router may only accept IP packets sent to the virtual router s IP ad...

Page 1268: ...cho Replies are disabled using that option the VRRP master does not respond to Echo Requests even if this new option is enabled VRRP Route Interface Tracking The VRRP Route Interface Tracking feature extends the capability of the Virtual Router Redundancy Protocol VRRP to allow tracking of specific route interface IP states within the router that can alter the priority level of a virtual router fo...

Page 1269: ...d the route is accessible For route tracking make VRRP a best route client of RTO When a tracked route is added or deleted change the priority For simplicity routes are not distinguished with the next hop interface that has VRRP enabled So VRRP Route Tracking can ignore route modifications Commands in this Chapter This chapter explains the following commands Virtual Router Redundancy Protocol Comm...

Page 1270: ... by default Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables VRRP protocol on the router console config ip vrrp vrrp accept mode Use the vrrp accept mode command in Interface VLAN Configuration mode to enable the VRRP Master to accept ping packets sent to one of the virtual router s IP addresses Use the no form of the ...

Page 1271: ...or the virtual router configured on a specified interface Use the no form of the command to return the authentication type to the default value Syntax vrrp group authentication none simple key no vrrp group authentication Syntax Description Default Configuration None is the default configuration Parameter Description group The virtual router identifier Range 1 255 none Indicates authentication typ...

Page 1272: ...e vrrp description command in Interface Configuration mode to assign a description to the Virtual Router Redundancy Protocol VRRP group To remove the description use the no form of the command Syntax vrrp group description text no vrrp group description Syntax Description Default Configuration No description is present Command Mode Interface Configuration VLAN mode Parameter Description group The ...

Page 1273: ...irtual router IP address value for an interface Use the no form of the command remove the secondary IP address It is not possible to remove the primary IP address once assigned Remove the VRRP group instead Syntax vrrp group ip ip address secondary no vrrp group ip ip address vlan secondary Syntax Description Default Configuration VRRP is not configured on the interface Parameter Description group...

Page 1274: ... command Example The following example configures VRRP on VLAN 15 console configure console config ip routing console config ip vrrp console config vlan database console config vlan vlan 15 console config vlan vlan routing 15 console config vlan exit console config interface vlan 15 console config if vlan15 ip address 192 168 5 1 255 255 255 0 console config if vlan15 vrrp 20 console config if vla...

Page 1275: ...e virtual router for VLAN 15 console config interface vlan 15 console config if vlan15 vrrp 5 mode vrrp preempt Use the vrrp preempt command in Interface Configuration mode to set the preemption mode value for the virtual router configured on a specified interface Use the no form of the command to disable preemption mode Syntax vrrp group preempt delay seconds no vrrp group preempt Syntax Descript...

Page 1276: ...ore issuing an advertisement claiming master ownership Example The following example sets the preemption mode value for the virtual router for VLAN 15 console config interface vlan 15 console config if vlan15 vrrp 5 preempt vrrp priority Use the vrrp priority command in Interface Configuration mode to set the priority value for the virtual router configured on a specified interface Use the no form...

Page 1277: ...ise command in Interface Configuration mode to set the frequency in seconds that an interface on the specified virtual router sends a virtual router advertisement Use the no form of the command to return the advertisement frequency to the default value Syntax vrrp group timers advertise interval no vrrp group timers advertise interval group The virtual router identifier Range 1 255 interval The fr...

Page 1278: ...as backup virtual router for a Virtual Router Redundancy Protocol VRRP group to learn the advertisement interval used by the master virtual router Use the no form of the command to prevent the router from learning the advertisement interval from the master virtual router Syntax vrrp group timers learn no vrrp group timers learn group The virtual router identifier Range 1 255 Default Configuration ...

Page 1279: ...rotocol the priority will be incremented by the priority value A VRRP configured interface can track more than one interface When a tracked interface goes down then the priority of the router will be decreased by 10 default priority decrement for each downed interface The default priority decrement is changed using the priority argument The default priority of the virtual router is 100 and the def...

Page 1280: ...eted the priority of the VRRP router is decremented by the value specified in the priority argument When the tracked route is added the priority is incremented by the same A VRRP configured interface can track more than one route When a tracked route goes down the priority of the router is decreased by 10 default priority decrement for each downed route By default no routes are tracked If we speci...

Page 1281: ...Default Configuration There are no routes tracked by default The default decrement priority is 10 Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example The following example adds the route 2 2 2 0 24 to the virtual router tracked list with a priority decrement value of 20 console config if vlan10 vrrp 1 track ip route 2 2 2 0 24 decrem...

Page 1282: ...ration Show information on all VRRP groups Command Mode User EXEC Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays detailed VRRP status console show vrrp Admin Mode Enable Router Checksum Errors 0 Router Version Errors 0 Router VRID Errors 0 Parameter Description group The virtual router group identifier Range 1 255 brief Provide a sum...

Page 1283: ...Priority 100 Advertisement Interval secs 10 Accept Mode Enable Pre empt Mode Enable Pre empt Delay Enable Administrative Mode Enable State Initialized Timers Learn Mode Enable Description Track Interface vlan 3 Track Interface State Down Track Interface DecrementPriority 20 Track Route pfx len 10 10 10 0 24 2CSPC4 XCT SWUM2XX1 book Page 1283 Monday October 3 2011 11 05 AM ...

Page 1284: ... Authentication Type None Priority 60 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Enable Pre empt Mode Enable Pre empt Delay 0 Administrative Mode Enable State Initialized Timers Learn Mode Disable Description Track Interface vlan 3 Track Interface State Down Track Interface DecrementPriority 20 2CSPC4 XCT SWUM2XX1 book Page 1284 Monday October 3 2011 11 05 AM ...

Page 1285: ... VRRP router statistics of a virtual router configured on a specific interface Syntax show vrrp interface brief vlan vlan id stats Syntax Description Default Configuration Show information for each group in the specified interface Parameter Description brief Display summary information about each virtual router configured on the switch stats Display the statistical information about each virtual r...

Page 1286: ... 0000 5E00 0101 Authentication Type None Priority 100 Configured Priority 100 Advertisement Interval secs 10 Accept Mode Disable Pre empt Mode Enable Pre empt Delay 0 Administrative Mode Enable State Initialized Timers Learn Mode Disable Description GoodStuff The following example displays all configuration information about the virtual router on the selected interface console show vrrp interface ...

Page 1287: ...0 IP TTL Errors 0 Zero Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 show vrrp interface brief Use the show vrrp interface brief command in Privileged EXEC mode to display information about each virtual router configured on the switch It displays info...

Page 1288: ...lize vlan2 5 192 168 5 55 Enable Initialize show vrrp interface stats Use the show vrrp interface stats command in User EXEC mode to display the statistical information about each virtual router configured on the switch Syntax show vrrp interface stats vlan vlan id vr id vlan id Valid VLAN ID vr id The virtual router identifier Range 1 255 Default Configuration This command has no default configur...

Page 1289: ...Priority Packets Received 0 Zero Priority Packets Sent 0 Invalid Type Packets Received 0 Address List Errors 0 Invalid Authentication Type 0 Authentication Type Mismatch 0 Packet Length Errors 0 Pingable VRRP Commands ip vrrp accept mode Use the ip vrrp accept mode command in Interface VLAN Configuration mode to enable the VRRP Master to accept ping packets sent to one of the virtual router s IP a...

Page 1290: ... vrrp interface command in User EXEC or Privileged EXEC mode to display the configured value for Accept Mode Syntax show ip vrrp interface interface id vrid Syntax Description Default Configuration The command has no default configuration Command Mode User EXEC Privileged EXEC mode Parameter Description interface id Any valid routing interface See Interface Naming Conventions for interface represe...

Page 1291: ...ess 00 00 5E 00 01 01 Authentication Type None Priority 100 Configured Priority 100 Advertisement Interval secs 1 Pre empt Mode Enable Administrative Mode Disable Accept Mode Enable State Initialized Track Interface State Decrement Priority No interfaces are tracked for this vrid and interface combination Track Route pfx len Reachable Decrement Priority No routes are tracked for this vrid and inte...

Page 1292: ...1292 Virtual Router Redundancy Protocol Commands 2CSPC4 XCT SWUM2XX1 book Page 1292 Monday October 3 2011 11 05 AM ...

Page 1293: ...ommands CLI Macro Commands Mode Commands Sflow Commands Time Ranges Commands Clock Commands Password Management Commands SNMP Commands USB Flash Drive Commands Command Line Configuration Scripting Commands PHY Diagnostics Commands SSH Commands User Interface Commands Configuration and Image File Commands Power Over Ethernet Commands Syslog Commands Web Server Commands Denial of Service Commands RM...

Page 1294: ...1294 Utility Commands 2CSPC4 XCT SWUM2XX1 book Page 1294 Monday October 3 2011 11 05 AM ...

Page 1295: ...as per the specification listed below Auto Install features in this release include 1 Support download of image from TFTP server using DHCP option 125 The image update can result in a downgrade or upgrade of the firmware on the switch or stack of switches 2 Support for automatic download of a configuration file from a TFTP server when the device is booted with no saved configuration file located i...

Page 1296: ...to enable or disable Stack Firmware Synchronization Use the no form of the command to disable Stack Firmware Synchronization Syntax boot auto copy sw no boot auto copy sw Parameter Description This command does not require a parameter description Default Configuration Stack firmware synchronization is disabled by default boot auto copy sw boot auto copy sw allow downgrade boot auto copy sw allow d...

Page 1297: ...e version on the manager is older than the firmware version on the member Use the no form of the command to disable downgrading the image Syntax boot auto copy sw allow downgrade no boot auto copy sw allow downgrade Parameter Description This command does not require a parameter description Default Configuration The default value is Enable Command Mode Global Configuration User Guidelines This com...

Page 1298: ... intervention when the auto image is successfully downloaded Syntax boot host autoreboot no boot host autoreboot Parameter Description This command does not require a parameter description Default Configuration The default value is enabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console console configure console config boot host autoreboot...

Page 1299: ...s not require a parameter description Default Configuration The default value is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example console console configure console config boot host auto save console config no boot host auto save boot host dhcp Use the boot host dhcp command in Global Configuration mode to enable Auto Install and Auto Confi...

Page 1300: ...no boot host dhcp Parameter Description This command does not require a parameter description Default Configuration The default value is Enabled Command Mode Global Configuration User Guidelines This command has no user guidelines Example console console configure console config boot host dhcp console config no boot host dhcp boot host retrycount The boot host retrycount command sets the number of...

Page 1301: ...mode User Guidelines This command has no user guidelines Example console console configure console config boot host retrycount 5 console config no boot host retrycount show auto copy sw Use the show auto copy sw command in Privileged EXEC mode to display Stack Firmware Synchronization configuration status Syntax show auto copy sw Parameter Description This command does not require a parameter desc...

Page 1302: ...opy sw Stack Firmware Synchronization Synchronization Enabled SNMP Trap status Enabled Allow Downgrade Enabled show boot Use the show boot command in Privileged EXEC mode to display the auto install configuration and the status Syntax show boot Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration 2CSPC4 XCT SWUM...

Page 1303: ...es This command has no user guidelines Example console show boot AutoInstall Mode Started AutoSave Mode Enabled AutoReboot Mode Enabled AutoInstall Retry Count 3 AutoInstall State Waiting for boot options 2CSPC4 XCT SWUM2XX1 book Page 1303 Monday October 3 2011 11 05 AM ...

Page 1304: ...1304 Auto Install Commands 2CSPC4 XCT SWUM2XX1 book Page 1304 Monday October 3 2011 11 05 AM ...

Page 1305: ...n support of HTTP Proxy networks or an optional HTTPS port If configured this additional port or ports are then used exclusively by Captive Portal NOTE This optional HTTP port is in addition to the standard HTTP port 80 which is currently being used for all other web traffic and the optional HTTPS port is in addition to the standard HTTPS port 443 used for secure web traffic Commands in this Chapt...

Page 1306: ...al client status show captive portal interface configuration status show captive portal configuration client status clear captive portal users user logout no user user name show captive portal user user password user group user session timeout show captive portal configuration show captive portal configuration locales show captive portal configuration interface show captive portal configuration st...

Page 1307: ...ication timeout to the default Syntax authentication timeout timeout no authentication timeout timeout The authentication timeout Range 60 600 seconds Default Configuration The default authentication timeout is 300 seconds Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP authentication timeout 600 console config ...

Page 1308: ...onsole config captive portal console config CP enable Use the enable command to globally enable captive portal Use the no form of this command to globally disable captive portal Syntax enable no enable Default Configuration Captive Portal is disabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command 2CSPC4 XCT SWUM2XX1 book Page...

Page 1309: ...535 Default Configuration Captive portal only monitors port 80 by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP http port 81 console config CP no http port https port Use the https port command to configure an additional HTTPS port for captive portal to monitor Use the no form of this command to remove...

Page 1310: ...or this command Example console config CP https port 1443 console config CP no https port show captive portal Use the show captive portal command to display the status of the captive portal feature Syntax show captive portal Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command 2CSPC4...

Page 1311: ... status of all captive portal instances in the system Syntax show captive portal status Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal status Additional HTTP Port 81 Additional HTTP Secure Port 1443 Authentication Timeout 300 Supported Captiv...

Page 1312: ...related to captive portal configurations block Use the block command to block all traffic for a captive portal configuration Use the no form of this command to unblock traffic Syntax block no block Default Configuration Traffic is not blocked by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 block 2CSPC4 X...

Page 1313: ...t be deleted Syntax configuration cp id no configuration cp id cp id Captive Portal ID Range 1 10 Default Configuration Configuration 1 is enabled by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP configuration 2 console config CP 2 enable Use the enable command to enable a captive portal configuration ...

Page 1314: ...gured the user entry Local or RADIUS must be configured with the same name and the group to authenticate to this captive portal instance Use the no form of this command to reset the group number to the default Syntax group group number no group group number The number of the group to associate with this configuration Range 1 10 Default Configuration The default group number is 1 Command Mode Capti...

Page 1315: ...iguration by default Command Mode Captive Portal Instance Config mode User Guidelines There are no user guidelines for this command Example console config CP 2 interface 1 0 2 locale The locale command is not intended to be a user command The administrator must use the Web UI to create and customize captive portal web content This command is primarily used by the show running config command and pr...

Page 1316: ...ame for a captive portal configuration Use the no form of this command to remove a configuration name Syntax name cp name no name cp name CP configuration name Range 1 32 characters Default Configuration Configuration 1 has the name Default by default All other configurations have no name by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this com...

Page 1317: ...de User Guidelines There are no user guidelines for this command Example console config CP 2 protocol http redirect Use the redirect command to enable the redirect mode for a captive portal configuration Use the no form of this command to disable redirect mode Syntax redirect no redirect Default Configuration Redirect mode is disabled by default Command Mode Captive Portal Instance mode 2CSPC4 XCT...

Page 1318: ...fault Configuration There is no redirect URL configured by default Command Mode Captive Portal Instance mode User Guidelines There are no user guidelines for this command Example console config CP 2 redirect url www dell com session timeout Use the session timeout command to configure the session timeout for a captive portal configuration Use the no form of this command to reset the session timeou...

Page 1319: ... 2 no session timeout verification Use the verification command to configure the verification mode for a captive portal configuration Syntax verification guest local radius guest Allows access for unauthenticated users users that do not have assigned user names and passwords local Authenticates users against a local user database radius Authenticates users against a remote RADIUS database Default ...

Page 1320: ...al client deauthenticate macaddr macaddr Client MAC address Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console captive portal client deauthenticate 0002 BC00 1290 show captive portal client status Use the show captive portal client status command to display client c...

Page 1321: ...4 96 48 https Local 0d 00 05 20 0002 BC00 1292 10 254 96 49 https Radius 0d 00 00 20 console show captive portal client 0002 BC00 1290 status Client MAC Address 0002 BC00 1290 Client IP Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User Name user123 Session Time 0d 00 00 13 show captive ...

Page 1322: ...0002 BC00 1291 10 254 96 48 1 0 2 2 cp2 0002 BC00 1292 10 254 96 49 1 0 3 3 cp3 0002 BC00 1293 10 254 96 50 1 0 4 console show captive portal configuration 1 client status CP ID 1 CP Name cp1 Client Client MAC Address IP Address Interface Interface Description 0002 BC00 1290 10 254 96 47 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit show captive ...

Page 1323: ...cription MAC Address IP Address 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1290 10 254 96 47 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit 0002 BC00 1292 10 254 96 49 1 0 3 Unit 1 Slot 0 Port 3 Gigabit 0002 BC00 1293 10 254 96 50 console show captive portal interface 1 0 1 client status Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Client Client MAC Address ...

Page 1324: ...ve Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal interface configuration status CP ID CP Name Interface Interface Description Type 1 Default 1 0 1 Unit 1 Slot 0 Port 1 Gigabit Physical console show captive portal interface configur...

Page 1325: ...his command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console clear captive portal users no user Use the no user command to delete a user from the local user database If the user has an existing session it is disconnected Syntax no user user id user id User ID Range 1 128 Default Configuration There is no default configuration for this ...

Page 1326: ...d users or a specific user in the captive portal local user database Syntax show captive portal user user id user id User ID Range 1 128 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal user Session User ID User Name Timeout Group ID Group Name...

Page 1327: ...associate a group with a captive portal user Use the no form of this command to disassociate a group and user A user must be associated with at least one group so the last group cannot be disassociated Syntax user user id group group id user id User ID Range 1 128 group id Group ID Range 1 10 Default Configuration A user is associated with group 1 by default Command Mode Captive Portal Configurati...

Page 1328: ...t configuration to the default Syntax user logout no user logout Parameter Description This command does not require a parameter description Default Configuration User logout is disabled by default Command Mode Captive portal Instance mode User Guidelines There are no user guidelines for this command Example In this example all classes of entries in the mac address table are displayed console conf...

Page 1329: ...guration There is no name for a user by default Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines Example console config CP user 1 name johnsmith user password Use the user password command to create a local user or change the password for an existing user Syntax user user id password password encrypted enc password user id User ID Range 1 128 password Use...

Page 1330: ...ion timeout Use the user session timeout command to set the session timeout value for a captive portal user Use the no form of this command to reset the session timeout to the default Syntax user user id session timeout timeout no user user id session timeout user id User ID Range 1 128 timeout Session timeout 0 indicates use global configuration Range 0 86400 seconds Default Configuration The glo...

Page 1331: ...erational status of each captive portal configuration Syntax show captive portal configuration cp id cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 CP ID 1 CP Name cp1 Operational Status Disabled Disabl...

Page 1332: ...tal configuration cp id interface gigabitethernet unit slot port tengigabitethernet unit slot port cp id Captive Portal ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration 1 interface CP ID 1 CP Name cp1 Operational Block Interfac...

Page 1333: ...e the show captive portal configuration locales command to display locales associated with a specific captive portal configuration Syntax show captive portal configuration cp id locales cp id Captive Portal Configuration ID Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example...

Page 1334: ...ault Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show captive portal configuration status CP ID CP Name Mode Protocol Verification 1 cp1 Enable https Guest 2 cp2 Enable http Local 3 cp3 Disable https Guest console show captive portal configuration 1 status CP ID 1 CP...

Page 1335: ...ete a user group The default user group 1 cannot be deleted Syntax user group group id no user group group id group id Group ID Range 1 10 Default Configuration User group 1 is created by default and cannot be deleted Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user group 2 console config CP no user group 2 ...

Page 1336: ...t configuration for this command Command Mode Captive Portal Configuration mode User Guidelines The new group id must already exist Example console config CP user group 2 moveusers 3 user group name Use the user group name command to configure a group name Syntax user group group id name name group id Group ID Range 1 10 name Group name Range 1 32 characters Default Configuration User groups have ...

Page 1337: ...37 Command Mode Captive Portal Configuration mode User Guidelines There are no user guidelines for this command Example console config CP user group 2 name group2 2CSPC4 XCT SWUM2XX1 book Page 1337 Monday October 3 2011 11 05 AM ...

Page 1338: ...1338 Captive Portal Commands 2CSPC4 XCT SWUM2XX1 book Page 1338 Monday October 3 2011 11 05 AM ...

Page 1339: ...eleted User Defined Macros or Custom Macros the macros which allow the operator to bundle some pre requisites or global configurations as a macro and then apply them to one or more interfaces at a time which can then be copied or used by other switches Up to 50 user defined macros are supported The software includes 6 built in macros profile global the global configuration used to enable RSTP and ...

Page 1340: ...a macro Syntax macro name name no macro name name Parameter Description Default Configuration The following macros are defined by default and may not be deleted or altered macro name macro apply macro global apply macro trace macro global trace macro description macro global description show parser macro Parameter Description name The name of the macro A macro name can consist of any printable cha...

Page 1341: ... be applied to a specific interface a range of interfaces or to the global configuration Up to 50 user defined macros may be configured macro global apply Use the macro global apply command in Global Configuration mode to apply a macro Syntax macro global apply macro name parameter value parameter value parameter value Macro Default Definition default global profile global default interface profil...

Page 1342: ...ch line of the macro as it is executed and list any errors encountered Syntax macro global trace macro name parameter value parameter value parameter value Parameter Description Parameter Description macro name The name of the macro parameter The name of the parameter recognized by the macro The parameter must begin with a dollar sign value The string to be substituted within the macro for the spe...

Page 1343: ...global description Use the macro global description command in Global Configuration mode to append a line to the global macro description Use the no form of the command to clear the description Syntax macro global description line Parameter Description Default Configuration There is no description by default value The string to be substituted within the macro for the specified parameter name Param...

Page 1344: ... value parameter value parameter value Parameter Description Default Configuration No parameters are substituted unless supplied on the command line Command Mode Interface Configuration mode User Guidelines Commands applied are additive in nature That is they do not remove existing configuration information by default Parameter Description macro name The name of the macro parameter The name of the...

Page 1345: ...ied on the command line Command Mode Interface Configuration mode User Guidelines The line number of the first error encountered is printed The script is aborted after the first error Commands applied are additive in nature That is they do not remove existing configuration information by default Parameter Description macro name The name of the macro parameter The name of the parameter recognized b...

Page 1346: ...is intended to give the administrator an easy way to remember which macros have been applied to an interface All text up to the new line is included in the description The line is appended to the interface description show parser macro Use the show parser macro command in Privileged EXEC mode to display information about defined macros Syntax show parser macro brief description interface interface...

Page 1347: ...here are no user guidelines for this command Parameter Description brief Shows the list of defined macros and their type description Shows the macro descriptions name Shows an individual macro including its contents macro The name of the macro to display interface id The interface for which to show the macro description 2CSPC4 XCT SWUM2XX1 book Page 1347 Monday October 3 2011 11 05 AM ...

Page 1348: ...1348 CLI Macro Commands 2CSPC4 XCT SWUM2XX1 book Page 1348 Monday October 3 2011 11 05 AM ...

Page 1349: ...rate as either a client or a server To an NTP or SNTP server NTP and SNTP clients are indistinguishable Likewise to an NTP or SNTP client NTP and SNTP servers are indistinguishable Furthermore any version of NTP is compatible with any other version of NTP PowerConnect SNTP implements the client side of SNTP Support for IPv6 address configuration is provided to the existing SNTP client The end user...

Page 1350: ...rk Time Protocol SNTP Syntax show sntp configuration Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines show sntp configuration sntp trusted key show sntp server sntp unicast client enable show sntp status clock timezone hours offset sntp authenticate no clock timezone sntp authentication key clock s...

Page 1351: ...isable Unicast servers Server Key Polling Priority 10 27 128 21 Disabled Enabled 1 show sntp server Use the show sntp server command in Privileged EXEC mode to display the pre configured SNTP servers The configured servers can be either IPv4 or IPv6 format Syntax show sntp server Parameter Description This command does not require a parameter description Default Configuration This command has no d...

Page 1352: ...rver Type IPv6 Server Stratum 2 Server Reference Id NTP Srv 158 108 96 32 Server Mode Server Server Maximum Entries 3 Server Current Entries 2 SNTP Servers Host Address 2001 01 Address Type IPv6 Priority 1 Version 4 Port 123 Last Update Time Dec 22 11 10 00 2009 Last Attempt Time Dec 22 11 10 00 2009 2CSPC4 XCT SWUM2XX1 book Page 1352 Monday October 3 2011 11 05 AM ...

Page 1353: ...ttempt Time Dec 22 07 32 41 2009 Last Update Status Server Unsynchronized Total Unicast Requests 157 Failed Unicast Requests 2 show sntp status Use the show sntp status command in Privileged EXEC mode to show the status of the Simple Network Time Protocol SNTP Syntax show sntp status Default Configuration This command has no default configuration Command Mode Privileged EXEC mode 2CSPC4 XCT SWUM2X...

Page 1354: ...r 30 2009 sntp authenticate Use the sntp authenticate command in Global Configuration mode to require server authentication for received Network Time Protocol NTP traffic To disable the feature use the no form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User Guidelines The command is relevant for both ...

Page 1355: ...ol SNTP To remove the authentication key for SNTP use the no form of this command Syntax sntp authentication key key number md5 value no sntp authentication key number key number number Range 1 4294967295 value value Range 1 8 characters Default value No authentication is defined Command Mode Global Configuration mode User Guidelines This command has no user guidelines Examples The following examp...

Page 1356: ...ent is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enables a Simple Network Time Protocol SNTP Broadcast client console config sntp broadcast client enable sntp client poll timer Use the sntp client poll timer command in Global Configuration mode to set the polling time for the Simple Network Time Protocol SNTP c...

Page 1357: ...tp client poll timer 1024 sntp server Use the sntp server command in Global Configuration mode to configure an SNTP server address or a host name The server address can be either an IPv4 address or an IPv6 address Use the no form of this command to unconfigure an SNTP server address or a host name Syntax sntp server ip address ipv6 address hostname no sntp server ip address ipv6 address hostname i...

Page 1358: ...sntp trusted key Use the sntp trusted key command in Global Configuration mode to authenticate the identity of a system to which Simple Network Time Protocol SNTP will synchronize To disable authentication of the identity of the system use the no form of this command Syntax sntp trusted key key number no sntp trusted key key number key number Key number of authentication key to be trusted Range 1 ...

Page 1359: ...le Network Time Protocol SNTP predefined Unicast clients To disable an SNTP Unicast client use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP Unicast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp server command to define SNTP servers Examples The following example enables the device...

Page 1360: ...urs difference from UTC Range 12 to 13 minutes offset Minutes difference from UTC Range 0 59 acronym The acronym for the time zone Range Up to four characters Command Mode Global Configuration Default Value No default setting User Guidelines No specific guidelines Example console config clock timezone 5 minutes 30 zone IST no clock timezone Use the no clock timezone command to reset the time zone ...

Page 1361: ...riate Syntax clock summer time recurring usa eu week day month hh mm week day month hh mm offset offset zone acronym week Week of the month Range 1 5 first last day Day of the week Range The first three letters by name sun for example month Month Range The first three letters by name jan for example hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm 0 59 offset Number of minutes to...

Page 1362: ...her 0 or 0 as appropriate Syntax clock summer time date date month month date year hh mm date month month date year hh mm offset offset zone acronym date Day of the month Range 1 31 month Month Range The first three letters by name jan for example year Year Range 2000 2097 hh mm Time in 24 hour format in hours and minutes Range hh 0 23 mm 0 59 offset Number of minutes to add during the summertime ...

Page 1363: ...Apr 1 2007 02 00 Oct 28 2007 offset 90 zone EST no clock summer time Use the no clock summer time command to reset the summertime configuration Syntax Description no clock summer time Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config no clock summer time 2CSPC4 XCT SWUM2XX1 book Page 1363 ...

Page 1364: ...fault configuration Command Mode User EXEC Privileged EXEC User Guidelines This command has no user guidelines Example The following example shows the time and date only console show clock 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP The following example shows the time date timezone and summertime configuration console show clock detail 15 29 03 PDT UTC 7 Jun 17 2005 Time source is SNTP Tim...

Page 1365: ...day of April at 2 00 Ends at last Sunday of October at 2 00 Offset is 60 minutes The following example displays the time and date from the system clock console show clock 15 29 03 Jun 17 2002 Time source is SNTP 2CSPC4 XCT SWUM2XX1 book Page 1365 Monday October 3 2011 11 05 AM ...

Page 1366: ...1366 Clock Commands 2CSPC4 XCT SWUM2XX1 book Page 1366 Monday October 3 2011 11 05 AM ...

Page 1367: ...rom a script are additive in nature That is they modify but do not automatically replace the current configuration Any valid command can be placed in a script including show commands Scripts execute in Privileged EXEC mode The script author must add a command configure in order to enter Global Configuration mode Commands in this Chapter This chapter explains the following commands script apply Use...

Page 1368: ... config scr script delete Use the script delete command in Privileged EXEC mode to delete a specified script Syntax script delete scriptname all scriptname Script name of the file being deleted Range 1 31 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example dele...

Page 1369: ...default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays all scripts present on the switch console script list Configuration Script Name Size Bytes 0 configuration script s found 2048 Kbytes free script show Use the script show command in Privileged EXEC mode to display the contents of a script file Syntax sc...

Page 1370: ...thernet 1 0 1 ip address 176 242 100 100 255 255 255 0 exit script validate Use the script validate command in Privileged EXEC mode to validate a script file by parsing each line in the script file The validate option is intended for use as a tool in script development Validation identifies potential problems though it may not identify all problems with a given script Syntax script validate script...

Page 1371: ...Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example validates the contents of the script file config scr console script validate config scr 2CSPC4 XCT SWUM2XX1 book Page 1371 Monday October 3 2011 11 05 AM ...

Page 1372: ...1372 Command Line Configuration Scripting Commands 2CSPC4 XCT SWUM2XX1 book Page 1372 Monday October 3 2011 11 05 AM ...

Page 1373: ...figuration scripting feature allows the user to save the current PowerConnect configuration in text format To modify the configuration script file follow these procedures 1 Upload the file to a personal computer 2 Edit the file 3 Download the file to a PowerConnect switch 4 Apply it to the PowerConnect system With this feature in place the PowerConnect administrator has the flexibility of creating...

Page 1374: ...d Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image delete backup config show running config delete backup image show startup config delete startup config dir write erase Parameter Description image1 Marks the given image as active for subsequent reboots image2 Marks the given image as active for subsequent reboots unit Unit to be us...

Page 1375: ...Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example restores the switch to its default configuration console clear config copy Use the copy command in Privileged EXEC mode to copy files within the switch and to upload and download files from and to the switch Syntax copy ...

Page 1376: ...rational log Uploads Operational Log file running config Copies system config file script Uploads Configuration Script file startup config Uploads Startup Config file startup log Uploads Startup Log file Valid source URLs for downloading to the switch xmodem tftp ipaddress hostname filepath filename scp user ipaddresss hostname filepath filename sftp user ipaddress hostname filepath filename ftp u...

Page 1377: ... the remote server via SSH destination url The URL or reserved keyword of the destination file Range 1 160 characters List of valid destination parameters for downloading to the switch backup config Downloads config file using xmodem sftp or tftp image Downloads code file by xmodem ftp sftp or tftp script Downloads configuration script by xmodem sftp or tftp startup config Downloads config file us...

Page 1378: ... copy command it refers to the active image If this is destination the file will be distributed to all units in the stack ftp Source or destination URL for an FTP network server The syntax for this alias is ftp ipaddr filepath filename image tftp Source or destination URL for a TFTP network server The syntax for this alias is tftp location directory filename An out of band IP address can be specif...

Page 1379: ... Example Backing up the running config console copy running config backup config This operation may take a few minutes Management interfaces will not be available during this time Are you sure you want to save y n y Configuration saved Example Downloading new code to the switch console copy tftp 10 27 65 61 PC7000v20100911_2 stk image Transfer Mode TFTP Server IP Address 10 27 65 61 File Path File...

Page 1380: ...ble on Flash unit image1 image2 current active next active 1 M 9 11 2 M 9 11 3 image1 image1 After the file transfer completes use the boot system command to select the new image to run Example Downloading and applying ias users file console copy tftp 10 131 17 104 aaa_users txt ias users Transfer Mode TFTP Server IP Address 10 131 17 104 File Path File Name aaa_users txt Data Type IAS Users 2CSPC...

Page 1381: ...py usb start config startup config console copy operational log usb olog txt console copy usb backup config txt backup config console copy image usb image1 stk console copy flash crashdump 0 usb crashdump 0 delete Use the delete command to delete files from flash Syntax delete file file Name of the file to be deleted Default Configuration This command has no default configuration Command Mode Priv...

Page 1382: ...n This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example deletes the backup config file console delete backup config Delete backup config Y N y delete backup image Use the delete backup image command in Privileged EXEC mode to delete a file from a flash memory device Syntax delete backup image 2C...

Page 1383: ...e image2 y n delete startup config Use the delete startup config command in Privileged EXEC mode to delete the startup config file Syntax delete startup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If the startup config file is not present when system reboots it reboots with default settings Example The following example d...

Page 1384: ...his command has no user guidelines Example console dir 0 drwx 2048 Jan 13 2031 17 19 54 0 drwx 2048 Jan 10 2031 15 58 10 0 rwx 256 Jan 22 2005 08 00 48 vpd bin 0 rwx 16380 Jan 10 2031 15 58 18 log2 bin 0 rwx 72 Jan 10 2031 15 58 14 boot dim 0 rwx 0 Jan 10 2031 15 58 18 slog2 txt 0 rwx 53205 Jan 22 2005 09 45 04 rc soc 0 rwx 148 Jan 10 2031 15 58 22 hpc_broad cfg 0 rwx 11224 Jan 22 2005 09 45 04 he...

Page 1385: ...ines filedescr Use the filedescr command in Privileged EXEC mode to add a description to a file Use the no version of this command to remove the description from the filename Syntax filedescr image 1 image2 description no filedescr image 1 image2 image1 image2 Image file description Block of descriptive text Range 0 128 characters Parameter Description startup config Erases the contents of the sta...

Page 1386: ...es not filter illegal combinations of characters on entry and may accept entries up to the first illegal character or reject the entry entirely Example The following example attaches a file description to image2 console filedescr image2 backedup on 03 22 05 rename Use the rename command in Privileged EXEC mode to rename a file present in flash Syntax rename source dest source Source file name dest...

Page 1387: ...ion file Syntax show backup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example shows backup config data console show backup config software version 1 1 hostname device interface gigabitethernet 1 0 1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 ...

Page 1388: ...hat the device loads at startup Syntax show bootvar unit unit Unit number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the active system image file that the device loads at startup console show bootvar Image Descriptions image1 default image image2 2CSPC4 XCT SW...

Page 1389: ...pt files or by using the all mode for the show running config command In addition please note that this non readable data is contained and displayed at the end of the script files Syntax show running config all scriptname all To display or capture the commands with settings and configuration that are equal to the default value include the all option scriptname If the optional scriptname is provide...

Page 1390: ...er exit banner exec exec banner login login banner motd motd exit show startup config Use the show startup config command in Privileged EXEC mode to display the startup configuration file contents Syntax show startup config Default Configuration This command has no default configuration Command Mode Privileged EXEC mode 2CSPC4 XCT SWUM2XX1 book Page 1390 Monday October 3 2011 11 05 AM ...

Page 1391: ...rConnect 7048R 10 0 0 0 VxWorks 6 6 System Software Version 10 0 0 0 System Operational Mode Normal configure vlan database vlan routing 1 1 exit slot 1 0 7 PowerConnect 7048R slot 1 1 11 SFP Card slot 1 2 9 CX4 Card stack member 1 7 PCT7048R exit logging console informational logging cli command logging file informational interface vlan 1 exit snmp server community public su exit 2CSPC4 XCT SWUM2...

Page 1392: ...pdate bootcode unit unit Unit number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines If unit is not specified all units are updated Example The following example updates the bootcode on unit 2 console update bootcode 2 write Use the write command to copy the running configuration image to the startup configuration Syntax write 2CSPC...

Page 1393: ...ommand has no default configuration Command Mode Privileged EXEC mode Usage Guidelines This command is equivalent to the copy running config startup config command functionally Example console write console 2CSPC4 XCT SWUM2XX1 book Page 1393 Monday October 3 2011 11 05 AM ...

Page 1394: ...1394 Configuration and Image File Commands 2CSPC4 XCT SWUM2XX1 book Page 1394 Monday October 3 2011 11 05 AM ...

Page 1395: ...gment IP Fragment Offset 1 TCP Flag TCP Flag SYN set and Source Port 1024 or TCP Control Flags 0 and TCP Sequence Number 0 or TCP Flags FIN URG and PSH set and TCP Sequence Number 0 or TCP Flags SYN and FIN set L4 Port Source TCP UDP Port Destination TCP UDP Port ICMP Limiting the size of ICMP Ping packets SMAC DMAC Source MAC address Destination MAC address TCP Port Source TCP Port Destination TC...

Page 1396: ...ags FIN and URG and PSH set and TCP Sequence Number 0 ICMP V6 Limiting the size of ICMPv6 Ping packets ICMP Fragment Checks for fragmented ICMP packets Commands in this Chapter This chapter explains the following commands dos control firstfrag ip icmp error interval dos control icmp ip unreachables dos control l4port ip redirects dos control sipdip ipv6 icmp error interval dos control tcpflag ipv6...

Page 1397: ...12 Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example defines a minimum TCP header size of 20 Packets entering with a smaller header size are dropped console config dos control firstfrag 20 dos control icmp Use the dos control icmp command in Global Configuration mode to enable...

Page 1398: ...vice protection with a maximum packet size of 1023 console config dos control icmp 1023 dos control l4port Use the dos control l4port command in Global Configuration mode to enable L4 Port Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress having Source TCP UDP Port Number equal to Destination TCP UDP Port Number th...

Page 1399: ... SIP DIP Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets is dropped if the mode is enabled Syntax dos control sipdip no dos control sipdip Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example...

Page 1400: ... are dropped Syntax dos control tcpflag no dos control tcpflag Default Configuration Denial of Service is disabled Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example activates TCP Flag Denial of Service protections console config dos control tcpflag dos control tcpfrag Use the dos control tcpfrag command in Global Configuration ...

Page 1401: ...s control tcpfrag ip icmp echo reply Use the ip icmp echo reply command to enable or disable the generation of ICMP Echo Reply messages Use the no form of this command to prevent the generation of ICMP Echo Replies Syntax ip icmp echo reply no ip icmp echo reply Default Configuration ICMP Echo Reply messages are enabled by default Command Mode Global Configuration mode User Guidelines There are no...

Page 1402: ...default values Syntax ip icmp error interval burst interval burst size no ip icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can be sent during a burst interval Range 1 200 Default Configuration Rate limiting is enabled by default The default burst interval is 1000 milliseconds The default b...

Page 1403: ...VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ip icmp unreachables ip redirects Use the ip redirects command to enable the generation of ICMP Redirect messages Use the no form of this command to prevent the sending of ICMP Redirect Messages In global configuration mode this command affects all interfaces In interface configuration mode it ...

Page 1404: ...and to return burst interval and burst size to their default values To disable ICMP rate limiting set burst interval to zero Syntax ipv6 icmp error interval burst interval burst size no ipv6 icmp error interval burst interval How often the token bucket is initialized Range 0 2147483647 milliseconds burst size The maximum number of messages that can be sent during a burst interval Range 1 200 Defau...

Page 1405: ...estination Unreachable messages Syntax ipv6 unreachables no ipv6 unreachables Default Configuration ICMPv6 Destination Unreachable messages are enabled by default Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example console config if vlan10 ipv6 unreachables show dos control Use the show dos control command in Privileged EXEC mode to ...

Page 1406: ... user guidelines Example The following example displays Denial of Service configuration information console show dos control SIPDIP Mode Disable First Fragment Mode Disable Min TCP Hdr Size 20 TCP Fragment Mode Disable TCP Flag Mode Disable L4 Port Mode Disable ICMP Mode Disable Max ICMP Pkt Size 512 2CSPC4 XCT SWUM2XX1 book Page 1406 Monday October 3 2011 11 05 AM ...

Page 1407: ... command is also used by the web for timing out web sessions To restore the default setting use the no form of this command Syntax exec timeout minutes seconds no exec timeout minutes Integer that specifies the number of minutes Range 0 65535 seconds Additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line Configuration mode ex...

Page 1408: ...ine Configuration mode to enable the command history function To disable the command history function use the no form of this command Syntax history no history Default Configuration The default value for this command is enabled Command Mode Line Interface mode User Guidelines This command has no user guidelines Example The following example disables the command history function for the current ter...

Page 1409: ...ommand Mode Line Configuration mode User Guidelines This command has no user guidelines Example The following example configures the command history buffer size to 20 commands for the current terminal session console config line history size 20 line Use the line command in Global Configuration mode to identify a specific line for configuration and enter the line configuration command mode Paramete...

Page 1410: ...sing the switch via telnet or SSH must have an enable password defined in order to access privileged mode Alternatively the administrator can set the telnet and ssh lists to enableList which has the enable and none methods defined Examples The following example sets the telnet authentication list to enableList console config line telnet console config telnet enable authentication enableList The fo...

Page 1411: ...fault configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays the line configuration console show line Console configuration Interactive timeout Disabled History 10 Baudrate 9600 Databits 8 Parity none Stopbits 1 Telnet configuration Interactive timeout 10 minutes 10 seconds History 10 SSH configuration 2CSPC4 XCT SWUM2XX...

Page 1412: ...ps no speed bps Baud rate in bits per second bps The options are 2400 9600 19200 38400 57600 and 115200 Default Configuration This default speed is 9600 Command Mode Line Interface console mode User Guidelines This configuration applies only to the current session Example The following example configures the console baud rate to 9600 console config line speed 9600 2CSPC4 XCT SWUM2XX1 book Page 141...

Page 1413: ...tes such as incoming port or port channel and VLAN ID can be used to determine if the traffic should be allowed to the management interface When the component is disabled incoming TCP UDP packets are not filtered and are processed normally There is also an option to restrict all the above packets from the network interface This is done by specifying console only in the MACAL component If this is e...

Page 1414: ...t channel port channel number A valid routed port channel number tengigabitethernet unit slot port A valid 10 gigabit Ethernet routed port number ip address Source IP address mask mask Specifies the network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash Range 0 32 service...

Page 1415: ... deny management access class Use the management access class command in Global Configuration mode to restrict management connections To disable restriction use the no form of this command Syntax management access class console only name no management access class name A valid access list name Range 1 32 characters console only The switch can be managed only from the console Default Configuration ...

Page 1416: ... Syntax management access list name no management access list name name The access list name Range 1 32 printable characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines This command enters the access list configuration mode where the denied or permitted access conditions with the deny and permit commands must be defined If ...

Page 1417: ...e config management access list mlist console config macal deny gigabitethernet 1 0 1 priority 1 console config macal deny gigabitethernet 2 0 9 priority 2 console config macal permit priority 2 console config macal exit console config management access class mlist permit management Use the permit command in Management Access List configuration mode to set conditions for the management access list...

Page 1418: ...yword indicates that the service match for the ACL is effectively don t care priority priority value Priority for the rule Range 1 64 Default Configuration This command has no default configuration Command Mode Management Access list Configuration mode User Guidelines Rules with gigabitethernet tengigabitethernet vlan and port channel parameters are valid only if an IP address is defined on the ap...

Page 1419: ...macal exit console config management access class mlist show management access class Use the show management access class command in Privileged EXEC mode to display information about the active management access list Syntax show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelin...

Page 1420: ...s Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the active management access list console show management access list mlist permit priority 1 gigabitethernet 1 0 1 permit priority 2 gigabitethernet 2 0 1 Note all other access implicitly denied 2CSPC4 XCT SW...

Page 1421: ...uration This command has no default configuration Command Mode Privileged EXEC mode Example console conf t console config console configure terminal console config do Use the do command to execute commands available in Privileged EXEC mode from Global Configuration and other modes Command completion using the space bar is not available when using this command When in configure terminal do 2CSPC4 X...

Page 1422: ...de Commands such as configure devshell and hidden commands are forbidden Default Configuration This command has no default configuration Command Mode All except Privileged EXEC and User EXEC modes Example console config do show ip interface Default Gateway 192 168 21 0 Burned In MAC Address 001E C9AA AF51 Routing Interfaces Interface State IP Address IP Mask Method Vl1 Down 192 168 21 1 255 255 25...

Page 1423: ...story is stored Password Aging The switch can implement an aging process on passwords and require users to change them when they expire The administrator can configure the switch to force a password change between 1 and 365 days By default password aging is disabled When a password expires the user must enter a new password before continuing User Lockout The administrator may choose to strengthen ...

Page 1424: ...rd ages out Password Strength is only enforced when a user is configuring a new password or changing their existing password The default action is Disabled in FP and is independent of any platform The network operator has to take care that the Password Strength check is Disabled before downloading scripts containing old users to avoid password configuration failure for such users Password Strength...

Page 1425: ... To change a password use the passwords command which is described in AAA Commands passwords aging passwords strength minimum special characters passwords history passwords strength max limit consecutive characters passwords lock out passwords strength max limit repeated characters passwords min length passwords strength minimum character classes passwords strength check passwords strength exclude...

Page 1426: ...bal Configuration mode User Guidelines A value of 0 days disables password aging Example The following example sets the password age limit to 100 days console config passwords aging 100 passwords history As administrator use the passwords history command in Global Configuration mode to set the number of previous passwords that are stored for each user account When a local user changes his or her p...

Page 1427: ...lock out command in Global Configuration mode to strengthen the security of the switch by locking user accounts that have failed login due to wrong passwords When a lockout count is configured a user who is logging in must enter the correct password within that count Otherwise that user is locked out from further switch access Only a user with read write access can reactivate a locked user account...

Page 1428: ...the number of user attempts before lockout at 2 console config passwords lock out 2 passwords min length Use the passwords min length command in Global Configuration mode to enforce a minimum length password length for local users The value also applies to the enable password The valid range is 8 64 The default is 8 Use the no version of this command to set the minimum password length to 8 Syntax ...

Page 1429: ...The command is used to enable the checking of password strength during user configuration Use the no form of the command to disable the Password Strength feature Syntax passwords strength check no passwords strength check Parameter Description This command does not require parameter descriptions Default Behavior The password strength feature is disabled by default Command Mode Global Configuration...

Page 1430: ...e a minimum number of uppercase letters that a password must contain The valid range is 0 16 The default is 1 A minimum of 0 means no restriction on that set of characters Use the no form of the command to reset the minimum uppercase letters to the default value Syntax passwords strength minimum uppercase letters 0 16 no passwords strength minimum uppercase letters Parameter Description This comma...

Page 1431: ...he no form of this command to reset the minimum lowercase letters to the default value Syntax passwords strength minimum lowercase letters 0 16 no passwords strength minimum lowercase letters Parameter Description This command does not require parameter descriptions Default Behavior The default value is 1 Command Mode Global Configuration User Guidelines This command has no user guidelines Example...

Page 1432: ...nd to reset the minimum numeric characters to the default value Syntax passwords strength minimum numeric characters 0 16 no passwords strength minimum numeric characters Parameter Description This command does not require parameter descriptions Default Behavior The default value is 1 Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config passw...

Page 1433: ...cial characters Parameter Description This command does not require parameter descriptions Default Behavior The default value is 1 Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config passwords strength minimum special characters 6 passwords strength max limit consecutive characters Use this command to enforce a maximum number of consecutive ...

Page 1434: ...ior The default value is 0 Command Mode Global Configuration User Guidelines This command has no user guidelines Example console config passwords strength max limit consecutive characters 3 passwords strength max limit repeated characters Use this command to enforce a maximum repeated characters that a password should contain If password has repetition of characters more than the configured max li...

Page 1435: ... a minimum number of character classes that a password should contain Character classes are uppercase letters lowercase letters numeric characters and special characters The valid range is 0 4 The default is 0 If a value of 0 is configured then no character class checking is performed i e for special characters uppercase characters lower case characters etc Use the no form of this command to reset...

Page 1436: ...keyword in any form inbetween the string case insensitive and reverse as a substring You can configure up to a maximum of three keywords Use the no form of this command to reset the restriction for a given string or all the strings configured Syntax passwords strength exclude keyword string no passwords strength exclude keyword string Parameter Description This command does not require parameter d...

Page 1437: ...28 hexadecimal characters Syntax enable password encrypted password Parameter Description This command does not require parameter descriptions Default Behavior This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines show passwords configuration Use the show passwords configuration command in Privileged EXEC mode to display the...

Page 1438: ...ters required when configuring passwords Minimum Password Numeric Characters Minimum number of numeric characters required when configuring passwords Maximum Password Consecutive Characters Maximum number of consecutive characters required that the password should contain when configuring passwords Maximum Password Repeated Characters Maximum number of repetition of characters that the password sh...

Page 1439: ...ys 0 Lockout Attempts 0 Password Strength Check Enable Minimum Password Uppercase Letters 4 Minimum Password Lowercase Letters 4 Minimum Password Numeric Characters 3 Minimum Password Special Characters 3 Maximum Password Consecutive Characters 3 Maximum Password Repeated Characters 3 Minimum Password Character Classes 4 Password Exclude Keywords brcm brcm1 brcm2 show passwords result Use the show...

Page 1440: ...rivileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the command output console show passwords result Last User whose password is set brcm Password strength check Enable Last Password Set Result Reason for failure Could not set user password Password should contain at least 4 uppercase letters 2CSPC4 XCT SWUM2XX1 book Page 1440 Monday Octob...

Page 1441: ...t port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The copper related commands do not apply to the stacking CX 4 or 10GBaseT ports associated with these plug in modules The maximum length of the cable for the Time Domain Reflectometry TDR test is 120 meters Disable green mode on the port in order to obtain accurate results show ...

Page 1442: ... show fiber ports optical transceiver command in Privileged EXEC mode to display the optical transceiver diagnostics Syntax show fiber ports optical transceiver interface interface A valid Ethernet port The full syntax is unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The show fiber ports command is only applicable to the...

Page 1443: ...easured RX received power in milliWatts TX Fault Transmitter fault LOS Loss of signal test copper port tdr Use the test copper port tdr command in Privileged EXEC mode to diagnose with Time Domain Reflectometry TDR technology the quality and characteristics of a copper cable attached to a port Syntax test copper port tdr interface interface A valid Ethernet port The full syntax is unit port Defaul...

Page 1444: ...report on the cable attached to port 1 0 3 console test copper port tdr 1 0 3 Cable is open at 64 meters The following example results in a failure to report on the cable attached to port 2 0 3 console test copper port tdr 2 0 3 Can t perform the test on fiber ports 2CSPC4 XCT SWUM2XX1 book Page 1444 Monday October 3 2011 11 05 AM ...

Page 1445: ...in order to provide power to higher priority ports The Static Power Management feature allows operator to reserve a guaranteed amount of power for a PoE port This is useful for powering up devices which draw variable amount of power and provide them an assured power range to operate with in In the Dynamic Power Management feature power is not reserved for a given port at any point of time The powe...

Page 1446: ...the device Command Mode Interface Configuration Ethernet Usage Guidelines No specific guidelines Default Value auto Examples console config interface gigabitethernet 1 0 1 power inline power inline priority enable power inline detection power inline reset power inline high power power inline usage threshold power inline limit clear power inline statistics power inline management show power inline ...

Page 1447: ...ine detection Parameter Description Default Value Default value is dot3af Command Mode Interface Configuration User Guidelines This command has no user guidelines power inline high power Use this command to configure the port high power mode Use the no form of this command to disable high power mode In high power mode the switch PSE negotiates the power budget with the powered device PD via LLDP P...

Page 1448: ... configure the type of power limit Use the no form of this command to set the power limit type to the default Syntax power inline limit class none user defined limit no power inline limit Parameter Description Parameter Description Class Allows the port to draw up to advertised class maximum power None Allows port to draw up to class 0 maximum power in low power mode and class 4 maximum power in h...

Page 1449: ...er in how the available power is calculated Static Power Management Available Power Power limit of the Source Total Allocated Power where Total Allocated Power is calculated as the power limit configured on the port Dynamic Power Management Available Power Power limit of the Source Total Allocated Power where Total Allocated Power is calculated as the amount of power consumed by the port There are...

Page 1450: ... Default Value Default management is dynamic Command Mode Global Configuration power inline powered device The power inline powered device Interface Configuration Ethernet mode command adds a comment or description of the powered device type to enable the user to remember what is attached to the interface To remove the description use the no form of this command Syntax Description power inline pow...

Page 1451: ...evice The switch may not be able to supply power to all connected devices so the port priority is used to determine which ports will supply power if adequate power capacity is not available for all enabled ports For ports that have the same priority level the lower numbered port has higher priority For a system delivering peak power to a certain number of devices if a new device is attached to a h...

Page 1452: ...ufficient power to supply the PD and there is a lower priority port delivering power it is turned off If priority is disabled power is delivered to ports on a first come first served basis Use the no form of this command to disable the priority The default threshold for determining if insufficient power is available is 96 of available power Syntax Description power inline priority enable no power ...

Page 1453: ...shold command configures the system power usage threshold level at which lower priority ports are disconnected The threshold is configured as a percentage of the total available power Use the no form of the command to set the threshold to the default value Syntax Description power inline usage threshold threshold no power inline usage threshold Parameter Description Default Configuration The defau...

Page 1454: ...ted due to the threshold being exceeded a trap is generated Examples console config power inline usage threshold 90 clear power inline statistics Use this command to clear the PoE statistics Syntax clear power inline statistics unit slot port Parameter Description This command does not require parameter description Default Behavior This command has no default configuration Command Modes Privileged...

Page 1455: ...ode for the interface Syntax Description show power inline interface id detailed Parameter Description Command Mode Privileged EXEC Usage Guidelines No specific guidelines Examples In the following example no port is specified so the command displays global configuration and status of all the ports console show power inline Unit Status Unit1 Power On Nominal Power 150 watt Consumed Power 120 watts...

Page 1456: ...44 12 95 1 0 2Wireless AP ModelAutoLowOn0 44 3 84 In the next example the port is specified and the command displays the details for the single port console show power inline gigabitethernet 1 0 13 Port Powered Device State Priority Status Class W Power mW 1 0 13 auto Low On 3 84 6 49 5000 Overload Counter 0 Short Counter 0 Denied Counter 0 Absent Counter 0 Invalid Signature Counter 0 console 2CSP...

Page 1457: ...mand in Privileged EXEC mode to display the version of the PoE controller firmware present on the switch file system Syntax Description show power inline firmware version Command Mode Privileged EXEC User Guidelines This command has no user guidelines 2CSPC4 XCT SWUM2XX1 book Page 1457 Monday October 3 2011 11 05 AM ...

Page 1458: ...1458 Power Over Ethernet Commands 2CSPC4 XCT SWUM2XX1 book Page 1458 Monday October 3 2011 11 05 AM ...

Page 1459: ...thering and reporting the RMON data is referred to as an RMON probe or RMON Agent An RMON probe provides RMON data to an RMON Manager for analysis and presentation to the user An RMON probe may be embedded in an existing network device or stand alone Commands in this Chapter This chapter explains the following commands rmon alarm Use the rmon alarm command in Global Configuration mode to configure...

Page 1460: ...47483647 falling threshold value Falling Threshold value Range 2147483648 2147483647 event number The index of the Event that is used when a rising or falling threshold is crossed Range 1 65535 delta The sampling method for the selected variable and calculating the value to be compared against the thresholds If the method is delta the selected variable value at the last sample is subtracted from t...

Page 1461: ...0 50000 10 1 1 startup direction The alarm that may be sent when this entry is first set to valid If the first sample after this entry becomes valid is greater than or equal to the rising threshold and direction is equal to rising or rising falling then a single rising alarm is generated If the first sample after this entry becomes valid is less than or equal to the falling threshold and direction...

Page 1462: ...ing buckets bucket number A value associated with the number of buckets specified for the RMON collection history group of statistics If unspecified defaults to 50 Range 1 65535 interval seconds The number of seconds in each polling cycle If unspecified defaults to 1800 Range 1 3600 Default Configuration The buckets configuration is 50 The interval configuration is 1800 seconds Command Mode Interf...

Page 1463: ...iguration This command has no default configuration Command Mode Global Configuration mode Parameter Description number The event index Range 1 65535 log An entry is made in the log table for each event trap An SNMP trap is sent to one or more management stations community If an SNMP trap is to be sent it is sent to the SNMP community specified by this octet string Range 0 127 characters descripti...

Page 1464: ...arm configuration Also see the rmon alarm command Syntax show rmon alarm number number Alarm index Range 1 65535 Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays RMON 1 alarms console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 10 1 Last sample Value 878128 2CSP...

Page 1465: ...nd falling thresholds Sample Type The method of sampling the variable and calculating the value compared against the thresholds If the value is absolute the value of the variable is compared directly with the thresholds at the end of the sampling interval If the value is delta the value of the variable at the last sample is subtracted from the current value and the difference compared with the thr...

Page 1466: ...hen the current sampled value is greater than or equal to this threshold and the value at the last sampling interval is less than this threshold a single event is generated Falling Threshold A sampled statistic threshold When the current sampled value is less than or equal to this threshold and the value at the last sampling interval is greater than this threshold a single event is generated Risin...

Page 1467: ...y command Syntax show rmon collection history gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines This command has no user guidelines Example The following example displays all RMON group statistics Field Description Index An index that uniquely ...

Page 1468: ...he RMON event table Also see the rmon event command Syntax show rmon events Default Configuration This command has no default configuration Field Description Index An index that uniquely identifies the entry Interface The sampled Ethernet interface Interval The interval in seconds between samples Requested Samples The requested number of samples to be saved Granted Samples The granted number of sa...

Page 1469: ... collection history command Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the case of trap an SNMP trap is sent to one or more management...

Page 1470: ...C mode User Guidelines This command has no user guidelines Examples The following example displays RMON Ethernet Statistics history for throughput on index number 1 console show rmon history 1 throughput Sample Set 1 Owner CLI Interface 1 0 1 interval 1800 Requested samples 50 Granted samples 50 Maximum table size 270 Time Octets Packets Broadcast Multicast 09 Mar 2005 18 29 32 303595962 357568 32...

Page 1471: ...005 1 1 0 27 0 18 29 42 The following example displays RMON Ethernet Statistics history for other on index number 1 console show rmon history 1 other Sample Set 1 Owner Me Interface 1 0 1 Interval 1800 Requested samples 50 Granted samples 50 Maximum table size 270 Time Dropped Collisions 10 Mar 2005 22 06 00 3 0 10 Mar 2005 22 06 20 3 0 The following table describes the significant fields shown in...

Page 1472: ...S octets between 64 and 1518 octets inclusive but had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Undersize The number of packets received during this sampling interval that were less than 64 octets long excluding framing bits but including FCS octets and were otherwise well formed Oversize The ...

Page 1473: ...hat were longer than 1518 octets excluding framing bits but including FCS octets and had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Dropped The total number of events in which packets were dropped by the probe due to lack of resources during this sampling interval This number is not necessarily...

Page 1474: ...he following table describes the significant fields shown in the display show rmon statistics Use the show rmon statistics command in User EXEC mode to display RMON Ethernet Statistics Syntax show rmon statistics gigabitethernet unit slot port port channel port channel number tengigabitethernet unit slot port Field Description Event An index that uniquely identifies the event Description A comment...

Page 1475: ...gn Errors 0 Collisions 0 Undersize Pkts 0 Oversize Pkts 0 Fragments 0 Jabbers 0 64 Octets 98 65 to 127 Octets 0 128 to 255 Octets 0 256 to 511 Octets 0 512 to 1023 Octets 491 1024 to 1518 Octets 389 The following table describes the significant fields shown in the display Field Description Dropped The total number of events in which packets are dropped by the probe due to lack of resources This nu...

Page 1476: ...eceived less than 64 octets long excluding framing bits but including FCS octets and otherwise well formed Oversize Pkts The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and otherwise well formed Fragments The total number of packets received less than 64 octets in length excluding framing bits but including FCS octets and either a bad Fr...

Page 1477: ...l number of packets including bad packets received that are between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets 512 to 1023 Octets The total number of packets including bad packets received that are between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets 1024 to 1518 Octets The total number of packets including bad ...

Page 1478: ...1478 RMON Commands 2CSPC4 XCT SWUM2XX1 book Page 1478 Monday October 3 2011 11 05 AM ...

Page 1479: ...ding on the how the switch is used in the network at runtime The operator can choose between Ipv4 only where all the routing table entries are reserved for IPv4 Routes or IPv4 IPv6 Default mode Commands in this Chapter This chapter explains the following commands sdm prefer Use the sdm prefer command in Global Config mode to change the template that will be active after the next reboot To revert t...

Page 1480: ...The following table lists the completion messages Parameter Description dual ipv4 and ipv6 This keyword filters subsequent template choices to those that support both IPv4 and IPv6 There is only one such template It is selected using the keyword default ipv4 routing This keyword filters subsequent template choices to those that support IPv4 and not IPv6 The default IPv4 only template maximizes the...

Page 1481: ...s for the IPv4 only template maximizing the number of unicast routes ipv4 routing data center List the scaling parameters for the IPv4 only template supporting more ECMP next hops Parameter Description ARP Entries The maximum number of entries in the IPv4 Address Resolution Protocol ARP cache for routing interfaces IPv4 Unicast Routes The maximum number of IPv4 unicast forwarding table entries IPv...

Page 1482: ... list the scaling parameters of a specific template use that template s keyword as an argument to the command The following table lists the completion messages Examples This example shows the current SDM template The user has not changed the next active SDM template IPv4 Multicast Routes The maximum number of IPv4 multicast forwarding table entries IPv6 Multicast Routes The maximum number of IPv6 ...

Page 1483: ...2 Now the user sets the next active SDM template for optimal performance for IPv4 routing console configure console config sdm prefer ipv4 routing default Changes to the running SDM preferences have been stored but cannot take effect until the next reload Use show sdm prefer to see what SDM preference is currently active config show sdm prefer The current template is the Dual IPv4 and IPv6 templat...

Page 1484: ...t template To list the scaling parameters for the data center template invoke the command with the ipv4 routing data center keywords config show sdm prefer ipv4 routing data center Scaling parameters for the IPv4 data center template ARP Entries 6144 IPv4 Unicast Routes 8160 IPv6 NDP Entries 0 IPv6 Unicast Routes 0 ECMP Next Hops 16 IPv4 Multicast Routes 2048 IPv6 Multicast Routes 0 2CSPC4 XCT SWU...

Page 1485: ...not required in order to view the output of debug traces Debug commands are provided in the normal CLI tree Debug settings are not persistent and are not visible in the running configuration To view the current debug settings use the show debug command The output of debug commands can be large and may adversely affect system performance Enabling debug for all IP packets can cause a serious impact ...

Page 1486: ...ion ARP packet tracing is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug arp debug console debug ip pimsm packet debug lacp debug vrrp debug dot1x debug ip vrrp debug mldsnooping show debugging debug igmpsnooping debug ipv6 dhcp debug ospf debug ip acl debug ipv6 mcache debug ospfv3 debug ip dvmrp debug ipv...

Page 1487: ...23 SCCP SIP no debug auto voip H323 SCCP SIP Default Configuration Auto VOIP tracing is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug auto voip debug clear Use the debug clear command to disable all debug traces Syntax debug clear Default Configuration There is no default configuration for this command Com...

Page 1488: ...r which debug console has been enabled The configuration of this command remains in effect for the life of the login session The effect of this command is not persistent across resets Syntax debug console Default Configuration Display of debug traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug console...

Page 1489: ...et debug igmpsnooping Use the debug igmpsnooping to enable tracing of IGMP Snooping packets transmitted and or received by the switch IGMP Snooping should be enabled on the device and the interface in order to monitor packets for a particular interface Syntax debug igmpsnooping packet receive transmit no debug igmpsnooping packet receive transmit Default Configuration Display of IGMP Snooping trac...

Page 1490: ... of the IP ACL to debug Default Configuration Display of IP ACL traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Example console debug ip acl 1 debug ip dvmrp Use the debug ip dvmrp to trace DVMRP packet reception and transmission The receive option traces only received DVMRP packets and the transmit option traces only t...

Page 1491: ...g ip dvmrp packet debug ip igmp Use the debug ip igmp command to trace IGMP packet reception and transmission The receive option traces only received IGMP packets and the transmit option traces only transmitted IGMP packets When neither keyword is used in the command then all IGMP packet traces are dumped Vital information such as source address destination address control packet type packet lengt...

Page 1492: ...ed data packets When neither keyword is used in the command then all data packet traces are dumped Vital information such as source address destination address packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable MDATA tracing Syntax debug ip mcache packet receive transmit no debug ip mcache packet rec...

Page 1493: ...source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable debug tracing of PIMDM packet reception and transmission Syntax debug ip pimdm packet receive transmit no debug ip pimdm packet receive transmit Default Configuration Display of PIMDM traces is d...

Page 1494: ...or transmitted is displayed on the console Use the no form of this command to disable debug tracing of PIMSM packet reception and transmission Syntax debug ip pimsm packet receive transmit no debug ip pimsm packet receive transmit Default Configuration Display of PIMSM traces is disabled by default Command Mode Privileged EXEC mode User Guidelines There are no usage guidelines for this command Exa...

Page 1495: ...out DHCPv6 client activities and to trace DHCPv6 packets to and from the local DHCPv6 client To disable debugging use the no form of the command Syntax debug ipv6 dhcp no debug ipv6 dhcp Parameter Description This command does not require a parameter description Default Configuration Debugging for the DHCP for IPv6 is disabled by default Command Mode Privileged EXEC User Guidelines DHCPv6 client a...

Page 1496: ...terface on which the packet is received or transmitted is displayed on the console Syntax debug ipv6 mcache packet receive transmit no debug ipv6 mcache packet receive transmit Default Configuration Display of MDATA traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console debug ipv6 mcache packet debug ipv6 mld Use the debu...

Page 1497: ... There are no usage guidelines for this command Example console debug ipv6 mld packet debug ipv6 pimdm Use the debug ipv6 pimdm command to trace PIMDMv6 packet reception and transmission The receive option traces only received PIMDMv6 packets and the transmit option traces only transmitted PIMDMv6 packets When neither keyword is used in the command then all PIMDMv6 packet traces are dumped Vital i...

Page 1498: ...d the transmit option traces only transmitted PIMSMv6 packets When neither keyword is used in the command then all PIMSMv6 packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable PIMSMv6 tracing Synta...

Page 1499: ...ket traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displayed on the console Use the no form of this command to disable ISDP tracing Syntax debug isdp packet receive transmit no debug isdp packet receive transmit Default Configuration Display of ISDP traces is disabl...

Page 1500: ...Use the debug mldsnooping command to trace MLD snooping packet reception and transmission The receive option traces only received MLD snooping packets and the transmit option traces only transmitted MLD snooping packets When neither keyword is used in the command then all MLD snooping packet traces are dumped Vital information such as source address destination address control packet type packet l...

Page 1501: ...ping debug ospf Use the debug ospf command to enable tracing of OSPF packets received and transmitted by the switch Use the no form of this command to disable tracing of OSPF packets Syntax debug ospf packet no debug ospf packet Default Configuration Display of OSPF traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Examp...

Page 1502: ...e Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug ospfv3 packet debug ping Use the debug ping command to enable tracing of ICMP echo requests and responses This command traces pings on the network port and on the routing interfaces Use the no form of this command to disable tracing of ICMP echo requests and responses Syntax debug ping pack...

Page 1503: ...and to enable tracing of RIP requests and responses Use the no form of this command to disable tracing of RIP requests and responses Syntax debug rip packet no debug rip packet Default Configuration Display of RIP traces is disabled by default Command Mode Privileged EXEC mode Usage Guidelines There are no usage guidelines for this command Example console debug rip packet 2CSPC4 XCT SWUM2XX1 book ...

Page 1504: ...and to trace spanning tree BPDU packet reception and transmission The receive option traces only received spanning tree BPDUs and the transmit option traces only transmitted BPDUs When neither keyword is used in the command all spanning tree BPDU traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is...

Page 1505: ...p command in Privileged EXEC mode to enable VRRP debug protocol messages Use the no form of this command to disable VRRP debug protocol messages Syntax debug vrrp all no debug vrrp all Default Configuration The display of VRRP traces is disabled by default Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines show debugging Use the show debugging command to display ...

Page 1506: ...s command has no default configuration Command Mode Privileged EXEC mode Usage Guidelines Enabled packet tracing configurations are displayed Example console debug arp Arp packet tracing enabled console show debugging Arp packet tracing enabled 2CSPC4 XCT SWUM2XX1 book Page 1506 Monday October 3 2011 11 05 AM ...

Page 1507: ...statistics immediately to an sFlow Collector for analysis The sFlow Agent supports two forms of sampling statistical packet based sampling of switched or routed Packet Flows and time based sampling of counters Commands in this Chapter This chapter explains the following commands sflow destination Use the sflow destination command to configure the sFlow collector parameters owner string receiver ti...

Page 1508: ...to the default values An entity wishing to claim an sFlowRcvrTable entry must ensure that the entry is unclaimed before trying to claim it The entry is claimed by setting the owner string to a non null value The entry must be claimed before assigning a receiver to a sampler or poller Range 1 127 characters rcvr_timeout The time in seconds remaining before the sampler or poller is released and stop...

Page 1509: ...flow poller instance for this data source if rcvr_idx is valid Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling gigabitethernet tengigabitethernet interface list poll interval no sflow rcvr index polling gigabitethernet tengigabitethernet interfaces rcvr index The sFlow Receiver associated with the poller Range 1 8 interface list The list o...

Page 1510: ..._idx is valid Use the no form of this command to reset poller parameters to the defaults Syntax sflow rcvr index polling poll interval no sflow rcvr index polling rcvr index The sFlow Receiver associated with the poller Range 1 8 poll interval The sFlow instance polling interval A poll interval of 0 disables counter sampling A value of n means once in n seconds a counter sample is generated Range ...

Page 1511: ... no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver expires then all samplers associated with the receiver will also expire Range 1 8 interface list The list of interfaces to poll in unit slot port format sampling rate The statistical sampling rate for packet sampling from this source A sampling rate of 1 counts all packets A rate of 0 disables...

Page 1512: ...flow samples are to be sent If no receiver is configured then no packets will be sampled Only active receivers can be set If a receiver expires then all samplers associated with the receiver will also expire Range 1 8 sampling rate The statistical sampling rate for packet sampling from this source A sampling rate of 1 counts all packets A rate of 0 disables sampling A value of n means that out of ...

Page 1513: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed sFlow Version Uniquely identifies the version and implementation of this MIB The version string must have the following structure MIB Version Organization Software Revision where MIB Version 1 3 the version of this MIB Organization Dell Corp Revision 1 0 IP Address...

Page 1514: ... Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Example console show sflow 2 destination Receiver Index The sFlow Receiver associated with the sampler poller Owner String The identity string for receiver the entity making use of this sFlowRcvrTable entry Time Out The time in seconds remaining before the receiver is released and stops sending samples to sFlow r...

Page 1515: ...of interfaces to poll in unit slot port format Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Example console show sflow 1 polling Poller Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver associated wi...

Page 1516: ...sampled Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The following fields are displayed Sampler Data Source The sFlowDataSource unit slot port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver configured for this sFlow sampler Packet Sampling Rate The statistical sampling rate for...

Page 1517: ...w Commands 1517 Example console show sflow 1 sampling Sampler Receiver Packet Max Header Data Source Index Sampling Rate Size 1 0 1 1 0 128 2CSPC4 XCT SWUM2XX1 book Page 1517 Monday October 3 2011 11 05 AM ...

Page 1518: ...1518 Sflow Commands 2CSPC4 XCT SWUM2XX1 book Page 1518 Monday October 3 2011 11 05 AM ...

Page 1519: ...etwork control station to retrieve reports from the networked device These reports are based upon the defined objects in the MIB The agent queries reports and sets MIB variables based upon directions from the network control station or upon preset conditions Commands in this Chapter This chapter explains the following commands show snmp Use the show snmp command in Privileged EXEC mode to display ...

Page 1520: ...us Console show snmp Community String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su DefaultSuper 172 17 1 1 Community String Group name IP address public user group All Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Community Version UDP Filter TO Retries Port name Sec 2CSPC4 XCT...

Page 1521: ... engineID Use the show snmp engineID command in Privileged EXEC mode to display the ID of the local Simple Network Management Protocol SNMP engine Syntax show snmp engineID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the SNMP engine ID console show snmp e...

Page 1522: ...ion Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples display the configuration of filters with and without a filter name specification console show snmp filters Name OID Tree Type user filter1 1 3 6 1 2 1 1 Included user filter1 1 3 6 1 2 1 1 7 Excluded user filter2 1 3 6 1 2 1 2 2 1 1 Included console show snmp filters user filte...

Page 1523: ...r Guidelines The group name accepts any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following examples display the co...

Page 1524: ...y Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet with encryption Applicable only to SNMP Version 3 security model Views Read A string that is the name of the view that enables you only to view the contents of the agent If unspecified all the objects except the community table and SNMPv3 user and access tables are available Write A string that is the name of the view ...

Page 1525: ...d as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following example displays the configuration of users with the user name specified Console show snmp user Name Group Name Auth Priv Meth Meth Remote Engine ID bob user group MD5 DES 800002a20300fce3900106 john user group SHA DES 800002a2...

Page 1526: ...mand has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following examples display the configuration of views with and without a view name specified console show snmp views Name OID Tree Type user view1 1 3 6 1 2 1 1 Included user view1 1 3 6 1 2 1 1 7 Excluded user view2 1 3 6 1 2 1 2 2 1 1 Included 2CSPC4 XCT SWUM2XX1 bo...

Page 1527: ... no other arguments shows the trap status for all components Use the more specific form to display the trap status for an individual component Only one component argument may be given Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example console show trapflags Authentication Flag Enable...

Page 1528: ...abled authentication failure Enabled bad packet Enabled config error Enabled virt authentication failure Disabled virt bad packet Disabled virt config error Disabled if rx if rxpacket Disabled lsa lsamaxage Disabled lsaoriginate Disabled overflow lsdboverflow Enabled lsdb approaching overflow Enabled retransmit packets Disabled virtpackets Disabled 2CSPC4 XCT SWUM2XX1 book Page 1528 Monday October...

Page 1529: ...p server community string ro rw su view view name ipaddress ipaddress no snmp server community string Parameter Description Parameter Description string Permits access to the SNMP protocol Range 1 20 characters ro Indicates read only access rw Indicates read write access su Indicates SNMP administrator access ipaddress Specifies the IP address of the management station If no IP address is specifie...

Page 1530: ...ecified then read view and notify view are mapped If rw is specified then read view notify view and write view are mapped The community name may include any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal characters and may accept...

Page 1531: ... group defines the objects available to the community Range 1 30 characters ip address Management station IP address Default is all IP addresses Default Configuration No community group is defined Command Mode Global Configuration mode User Guidelines The group name parameter can be used to restrict the access rights of a community string When it is specified the software Generates an internal sec...

Page 1532: ...o default configuration Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example displays setting up the system contact point as Dell_Technical_Support console config snmp server contact Dell_Technical_Support snmp server enable traps Use the snmp server enable traps command in Global Configuration mode to enable sending SNMP traps gl...

Page 1533: ...erflow lsdbapproaching overflow retransmit all packets virt packets state change all if state change neighbor state change virtifstate change virtneighbor state change ospfv3type all errors all bad packet config error virt bad packet virt config error lsa all lsa maxage lsa originate overflow all lsdb overflow lsdb approaching overflow retransmit all packets virt packets state change all if state ...

Page 1534: ...ess enter to execute the command acl acl all Enable Disable all Traps authentication To enable the device to send SNMP traps when ospf Enable OSPF event traps ospfv3 Enable OSPFv3 event traps pim Enable pim traps pim sm and pim dm poe Enable poe traps port aggregator lag failover Enable traps for LAG failover on port aggregator links snmp authentication Enable snmp authentication traps spanning tr...

Page 1535: ...rotocol SNMP engine ID on the local device To remove the configured engine ID use the no form of this command Syntax snmp server engineID local engineid string default no snmp server engineID local engineid string The character string that identifies the engine ID The engine ID is a concatenated hexadecimal string Each byte in hexadecimal character strings is two hexadecimal digits Each byte can b...

Page 1536: ...nt side effects A user s password entered on the command line is converted to an MD5 or SHA security digest This digest is based on both the password and the local engine ID The command line password is then destroyed as required by RFC 2274 Because of this deletion if the local value of engineID changes the security digests of SNMPv3 users will be invalid and the users will have to be reconfigure...

Page 1537: ...ommand Mode Global Configuration mode User Guidelines This command can be entered multiple times for the same filter record Later lines take precedence when an object identifier is included in two or more lines The filter name may include any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are ...

Page 1538: ...oup Range 1 30 characters v1 Indicates the SNMP Version 1 security model v2 Indicates the SNMP Version 2 security model v3 Indicates the SNMP Version 3 security model noauth Indicates no authentication of a packet Applicable only to the SNMP Version 3 security model auth Indicates authentication of a packet without encrypting it Applicable only to the SNMP Version 3 security model priv Indicates a...

Page 1539: ...ed groups Command Mode Global Configuration Mode User Guidelines View name should be an existing view created using the snmp server view command If there are multiple records with the same view name then the argument specified in this command points to first view name in the table Example The following example attaches a group called user group to SNMPv3 and assigns to the group the privacy securi...

Page 1540: ...8 characters community string Specifies a password like community string sent with the notification operation Range 1 20 characters traps Indicates that SNMP traps are sent to this host version 1 Indicates that SNMPv1 traps will be used version 2 Indicates that SNMPv2 traps will be used informs Indicates that SNMPv2 informs are sent to this host seconds Number of seconds to wait for an acknowledgm...

Page 1541: ...config snmp server host 192 16 12 143 Dell_powerconnect traps v2 snmp server location Use the snmp server location command in Global Configuration mode to set the system location string To remove the location string use the no form of this command Syntax snmp server location text no snmp server location text Character string describing the system location Range 1 to 255 characters Default Configur...

Page 1542: ...er belongs Range 1 30 characters engineid string Specifies the engine ID of the remote SNMP entity to which the user belongs The engine ID is a concatenated hexadecimal string Each byte in the hexadecimal character string is two hexadecimal digits The remote engine id designates the remote management station and should be defined to enable the device to receive acknowledgements to informs Range 5 ...

Page 1543: ...nd Mode Global Configuration mode User Guidelines If the SNMP local engine ID is changed configured users will no longer be able to connect and will need to be reconfigured Example The following example configures an SNMPv3 user John in group user group console config snmp server user John user group snmp server view Use the snmp server view command in Global Configuration mode to create or update...

Page 1544: ...obal Configuration mode User Guidelines This command can be entered multiple times for the same view record The view name accepts any printable characters except a double quote or question mark Enclose the string in double quotes to include spaces within the name The surrounding quotes are not used as part of the name The CLI does not filter illegal combinations of characters on entry and may acce...

Page 1545: ...cters The command allows spaces in the host name when specified in double quotes For example snmp server v3 host host name username Specifies user name used to generate the notification Range 1 30 characters traps Indicates that SNMP traps are sent to this host informs Indicates that SNMPv2 informs are sent to this host noauth Specifies sending of a packet without authentication auth Specifies aut...

Page 1546: ...or question mark Enclose the string in double quotes to include spaces within the key The surrounding quotes are not used as part of the key The CLI does not filter illegal characters but may accept entries up to the first illegal character or reject the entry entirely Example The following example identifies an SNMPv3 host console config snmp server v3 host 192 168 0 20 The following example show...

Page 1547: ... key generate dsa Use the crypto key generate dsa command in Global Configuration mode to generate DSA key pairs for your switch A key pair is one public DSA key and one private DSA key Use the no form of the command to remove the generated key from the local file system Syntax crypto key generate dsa no crypto key generate dsa Default Configuration DSA key pairs do not exist crypto key generate d...

Page 1548: ... following example generates DSA key pairs console config crypto key generate dsa crypto key generate rsa Use the crypto key generate rsa command in Global Configuration mode to generate RSA key pairs Use the no form of the command to delete the key from the local file system Syntax crypto key generate rsa no crypto key generate rsa Default Configuration RSA key pairs do not exist Command Mode Glo...

Page 1549: ...iguration mode to enter public key configuration mode in order to manually specify public keys such as SSH client public keys Syntax crypto key pubkey chain ssh Default Configuration By default this command has no public keys configured Command Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example enters the SSH Public Key chain configurat...

Page 1550: ... key exit ip ssh port Use the ip ssh port command in Global Configuration mode to specify the TCP port to be used by the SSH server To use the default port use the no form of this command Syntax ip ssh port port number no ip ssh port port number Port number for use by the SSH server Range 1 65535 Default Configuration The default value is 22 Command Mode Global Configuration mode User Guidelines T...

Page 1551: ...Command Mode Global Configuration mode User Guidelines AAA authentication is independent from this configuration Example The following example enables public key authentication for incoming SSH sessions console config ip ssh pubkey auth ip ssh server Use the ip ssh server command in Global Configuration mode to enable the switch to be configured from SSH To disable this function use the no form of...

Page 1552: ...H console config ip ssh server key string Use the key string SSH Public Key Configuration mode to specify an SSH public key manually Syntax key string key string key string row key string row To specify the SSH public key row by row key string The UU encoded DER format is the same format as the authorized keys file used by OpenSSH Default Configuration By default the key string is empty Command Mo...

Page 1553: ...AAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQWu08licglk02LYciz Z4TrEU 9FJxwPiVQOjc KBXuR0juNg5nFYsY 0ZCk0N W9a tnkm1shRE7Di71 w3fNiOA 6w9o44t6 AINEICBCCA4YcF6zMzaT1wefWwX6f Rmt5nhhqdAtN 4oJfce166DqVX1gWmN zNR4DYDvSzg0lDnwCAC8Qh Fingerprint a4 16 46 23...

Page 1554: ...ion Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Example The following example displays the SSH public keys on the switch console show crypto key mypubkey rsa rsa key data ssh rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu7WHtjQDUygjSQXHVgyqdUby dxUXEAiDHXcWHVr0R ak1HDQitBzeEv1vVEToEn5ddLmRhtIgRdKU JHgBHJV R2VaSN WC0IK53j9re4B11AE O3qAxwJs0KD7cTkvF9I YdiXeOM8 VE4skkw Ai...

Page 1555: ...command in Privileged EXEC mode to display SSH public keys stored on the switch Syntax show crypto key pubkey chain ssh username username fingerprint bubble babble hex username Specifies the remote SSH client username Range 1 48 characters bubble babble Fingerprints in Bubble Babble format hex Fingerprint in Hex format If fingerprint is unspecified it defaults to Hex format Default Configuration T...

Page 1556: ...ername dana rsa key data ssh rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAywqRKTRnexccxVUVTeMl Gkh imyUDhcTkgEfssLPMsgoXlTwzCE5 97UIIsSRKQQWR pBNl45tCYd75LUofV 4LP6Lj1Q5Q0w5lBgiqC2MZ iBHGSsHMAE0lpYtelZprDu4uiZHMuWezmdQp9 a1PU4jwQ22TlcfaUq3sqC3FMUoU Fingerprint 2f 09 e7 6f c9 bf ab 04 d4 6f a0 eb e8 df 7a 11 show ip ssh Use the show ip ssh command in Privileged EXEC mode to display the SSH server configuration ...

Page 1557: ... 1 122 John 00 00 00 00 00 08 user key Use the user key command in SSH Public Key Chain Configuration mode to specify which SSH public key you are configuring manually To remove a SSH public key use the no form of this command Syntax user key username rsa dsa no user key username username Specifies the remote SSH client username Range 1 48 characters rsa RSA key dsa DSA key Default Configuration B...

Page 1558: ...llowing example enables a SSH public key to be manually configured for the SSH public key chain called bob console config crypto key pubkey chain ssh console config pubkey chain user key bob rsa console config pubkey key 2CSPC4 XCT SWUM2XX1 book Page 1558 Monday October 3 2011 11 05 AM ...

Page 1559: ...File and Syslog Server The PowerConnect Command Logging component logs all command line interface commands issued on the system The command log messages are stored with the other system logs and provide the system operators with a detailed log of the commands executed CLI command logging is configured through any of the PowerConnect management interfaces When the feature is enabled all CLI command...

Page 1560: ...d in 190 JAN 10 18 58 56 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 362 CLI admin 10 27 21 22 User has successfully logged in The CLI command log subsystem also logs all user log out instances The format of the log message is 190 JAN 10 19 01 04 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 382 CLI admin 10 27 21 22 User has logged out Commands in this Chapter This chapter explain...

Page 1561: ... This command has no user guidelines Example The following example clears messages from the internal syslog message logging buffer console clear logging Clear logging buffer y n clear logging file Use the clear logging file command in Privileged EXEC mode to clear messages from the logging file Syntax clear logging file Default Configuration There is no default configuration for the command loggin...

Page 1562: ... server Syntax description description description Sets the description of the syslog server Range 1 64 characters Default Configuration This command has no default value Command Mode Logging mode User Guidelines After entering the view corresponding to a specific syslog server the command can be executed to set the description of the server Example The following example sets the syslog server des...

Page 1563: ... the view corresponding to a specific syslog server the command can be executed to set the severity level for syslog messages Example The following example sets the syslog message severity level to alert console config logging level alert logging cli command Use the logging cli command in Global Configuration mode to enable CLI command logging Parameter Description level The severity level for sys...

Page 1564: ...ffer Messages 71 Logged File Logging level notActive File Messages 385 Dropped CLI Command Logging enabled Switch Auditing enabled Web Session Logging disabled SNMP Set Command Logging disabled Syslog server hostname logging informational Messages 0 dropped Syslog server a12345678901234567890123456789012345678901234567890123456789012 logging informational Messages 0 dropped 170 Messages dropped du...

Page 1565: ...api c 260 374 CLI admin 10 27 21 22 User has successfully logged in 190 JAN 10 18 59 28 10 27 21 22 2 CLI_WEB 209809328 cmd_logger_api c 260 375 CLI admin 10 27 21 22 User admin logged in to enable mode logging Use the logging command in Global Configuration mode to log messages to a syslog server To delete the syslog server with the specified address from the list of syslogs use the no form of th...

Page 1566: ...er File Name Thread ID Component Name Stack ID Host IP Address Timestamp PRI PRI This consists of the facility code see RFC 3164 multiplied by 8 and added to the severity See below for more information on severity Timestamp The system up time For systems that use SNTP this is UTC When time zones are enabled local time will be used Host IP Address The IP address of the local system Stack ID The ass...

Page 1567: ...he logging component Components must use the new APIs in order to enable identification of the logging component Component UNKN is substituted for components that do not use the new logging APIs Thread ID The thread ID of the logging component File Name The name of the file containing the invoking macro Line Number The line number which contains the invoking macro Sequence Number The message seque...

Page 1568: ... Description Default Configuration The default value for level is info Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the commands displayed to the user Parameter Description severity level Optional The number or name of the desired severity level Range 0 emergencies 1 alerts 2 critical 3 errors 4 warnings 5 noti...

Page 1569: ...o disable logging to the console terminal use the no form of this command Syntax logging console severity level no logging console Parameter Description Default Configuration The default value for level is warnings Command Mode Global Configuration mode Parameter Description severity level Optional The number or name of the desired severity level Range 0 emergencies 1 alerts 2 critical 3 errors 4 ...

Page 1570: ...nt to the logging file based on severity To cancel the buffer use the no form of this command Syntax logging file severity level number type no logging file Parameter Description Default Configuration The default severity level is error Parameter Description severity level number Optional The number or name of the desired severity level Range 0 emergencies 1 alerts 2 critical 3 errors 4 warnings 5...

Page 1571: ... messages to the currently configured locations To disable the sending of log messages use the no form of this command Syntax logging on no logging on Default Configuration Logging is enabled Command Mode Global Configuration mode User Guidelines The logging process controls the distribution of logging messages to the various destinations such as the logging buffer logging file or syslog server Lo...

Page 1572: ...figuration mode to enable SNMP Set command logging To disable use the no form of this command Syntax logging snmp no logging snmp Default Configuration Disabled Command Mode Global Configuration mode User Guidelines To see SNMP Set command logs use the show logging command Example console config logging snmp logging web session Use the logging web session command in Global Configuration mode to en...

Page 1573: ...07 10 131 7 165 2 UNKN 83102768 cmd_logger_api c 140 764 WEB 10 131 7 67 UNKNOWN EwaSessionLookup session 0 created 133 MAR 24 07 46 07 10 131 7 165 2 UNKN 83102768 cmd_logger_api c 140 765 WEB 10 131 7 67 admin User admin logged in port Use the port command in Logging mode to specify the port number of syslog messages To reset to the default value use the no form of the command Syntax port port n...

Page 1574: ...s the syslog message port to 300 console config logging port 300 show logging Use the show logging command in Privileged EXEC mode to display all logging information including auditing status Syntax show logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines Parameter Description port The port nu...

Page 1575: ...NMP Set Command Logging disabled 1141 Messages dropped due to lack of resources Buffer Log 190 JAN 10 16 26 53 0 0 0 0 1 NIM 177745344 nim_intf_map_api c 381 985 nimCheckIfNumber incorrect phase for operation 190 JAN 10 16 26 53 0 0 0 0 1 NIM 177745344 nim_intf_map_api c 381 986 nimCheckIfNumber incorrect phase for operation show logging file Use the show logging file command in Privileged EXEC mo...

Page 1576: ...led Persistent Log Count 1 186 JAN 01 00 00 05 0 0 0 0 1 UNKN 268434928 bootos c 382 3 Event 0xaaaaaaaa show syslog servers Use the show syslog servers command in Privileged EXEC mode to display the syslog servers settings Syntax show syslog servers Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command has no user guidelines ...

Page 1577: ...ample displays the syslog server settings console show syslog servers IP address Port Severity Facility Description 192 180 2 275 14 Info local7 7 192 180 2 285 14 Warning local7 7 2CSPC4 XCT SWUM2XX1 book Page 1577 Monday October 3 2011 11 05 AM ...

Page 1578: ...1578 Syslog Commands 2CSPC4 XCT SWUM2XX1 book Page 1578 Monday October 3 2011 11 05 AM ...

Page 1579: ...stem id banner login member show system temperature banner motd motd banner show memory cpu show tech support banner motd acknowledge nsf show nsf show users clear checkpoint statistics reload show power usage history show version cut through mode set description show process cpu stack exec banner slot show sessions stack port hostname show banner show slot standby show boot version show supported...

Page 1580: ...are not used as part of the name The CLI does not filter illegal characters and may accept entries up to the first illegal character or reject the entry entirely Example The following example specifies the switch asset tag as 1qwepot Because the unit parameter is not specified the command defaults to the master switch number console config asset tag 1qwepot banner exec Use the banner exec command ...

Page 1581: ...entered will consume an extra two characters to account for the carriage return and line feed Example console config banner exec banner text banner login Use the banner login command to set the message that is displayed just before the login prompt Use no banner login command to remove the message Syntax banner login MESSAGE no banner login MESSAGE Quoted text Default Configuration This command ha...

Page 1582: ...he message that is displayed on logging into the switch Use no banner motd command to remove the message Syntax banner motd MESSAGE no banner motd MESSAGE Quoted text Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines The motd banner can consist of multiple lines Enter a quote to end the banner text and return to the configuration prom...

Page 1583: ... entered the session is terminated and no further communication is allowed on that session However serial connection will not get terminated if y is not entered Use the no banner motd acknowledge command to disable banner acknowledge Syntax banner motd acknowledge no banner motd acknowledge Default Configuration This command has no default configuration Command Mode Global Configuration mode User ...

Page 1584: ...cess Syntax clear checkpoint statistics Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines When nonstop forwarding is enabled on a stack the stack s management unit checkpoints operational data to the backup unit If the backup unit takes over as the management unit the control plane on the new management unit uses the checkpoint data w...

Page 1585: ...ode Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines No specific guidelines Example console config cut through mode The mode enable is effective from the next reload of Switch Stack exec banner Use the exec banner command to enable exec banner on the console telnet or SSH connection To disable use the no form of the command Syntax ex...

Page 1586: ...me Use the hostname command in Global Configuration mode to specify or modify the switch host name To restore the default host name use the no form of the command Syntax hostname name no hostname name The name of the host Range 1 255 characters The command allows spaces in the host name when specified in double quotes For example snmp server v3 host host name Default Configuration Host name not co...

Page 1587: ...backup unit in a stack use the initiate failover command in Stack Configuration mode Syntax This command has no user guidelines Default Configuration There is no default configuration Command Mode Stack Configuration mode User Guidelines This command forces a warm restart of the stack The backup unit takes over as the new management unit without clearing the hardware state on any of the stack memb...

Page 1588: ...ult value is 20 seconds Command Mode Privileged EXEC User Guidelines The LED will blink green until it times out The user may select a new time value while the LED is blinking The last value selected takes effect immediately The locate command does not persist across reboots Example console locate switch 1 time 555 Parameter Description switch unit If multiple devices are stacked you can choose wh...

Page 1589: ...ine Configuration User Guidelines This command has no user guidelines Example console config telnet no login banner media type Select the media type command for the interface This command is only valid on combo ports Syntax media type auto select rj45 sfp rj45 sfp Parameter Description Parameter Description auto select rj45 Utilize RJ45 media when both media types are active auto select sfp Utiliz...

Page 1590: ...t the RJ45 port and power off the SFP port console config if Te1 0 24 media type rj45 Prefer the RJ45 port and leave the SFP port powered on console config if Te1 0 24 media type auto select rj45 member Use the member command in Stack Global Configuration mode to pre configure a switch stack member Execute this command on the Management Switch To remove a stack member configuration from the stack ...

Page 1591: ...Stack Global Configuration User Guidelines The switch index SID can be obtained by executing the show supported switchtype command in User Exec mode When removing a unit from a stack use the no member command to remove the stack member configuration after physically removing the unit Example The following example displays how to add to stack switch number 2 with index 1 console config stack consol...

Page 1592: ...forwarding The no form of the command will disable NSF Syntax nsf no nsf Default Configuration Non stop forwarding is enabled by default Command Mode Stack Global Configuration mode User Guidelines Nonstop forwarding allows the forwarding plane of stack units to continue to forward packets while the control and management planes restart as a result of a power failure hardware failure or software f...

Page 1593: ...when specified in double quotes even though host names may only consist of letters numbers and the hyphen character count Number of packets to send Range 1 15 packets interval The time between Echo Requests in seconds Range 1 60 seconds size Number of data bytes in a packet Range 0 65507 bytes Default Configuration The default count is 4 The default interval is 3 seconds The default size is 0 data...

Page 1594: ...cs 4 packets transmitted 4 packets received 0 packet loss round trip msec min avg max 10 10 10 console The following example displays a ping to yahoo com console ping yahoo com Pinging yahoo com 66 217 71 198 with 64 bytes of data 64 bytes from 10 1 1 1 icmp_seq 0 time 11 ms 64 bytes from 10 1 1 1 icmp_seq 1 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 2 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 3 ti...

Page 1595: ...e User Guidelines If no unit is specified all units are reloaded Example The following example displays how to reload the stack console reload 1 Management switch has unsaved changes Would you like to save them now y n n Configuration Not Saved Are you sure you want to reload the switch y n y Reloading management switch 1 Parameter Description stack member number The stack member to be reloaded 2C...

Page 1596: ...ple displays console config stack console config stack set description 1 unit 1 slot Use the slot command to configure a slot in the system The unit slot is the slot identifier of the slot located in the specified unit The cardindex is the index to the database of the supported card types see the command show supported cardtype indicating the type of card being preconfigured in the specified slot ...

Page 1597: ...index no slot unit slot unit slot The slot identifier of the slot cardindex The index into the database of the supported card types see show supported cardtype indicating the type of card being preconfigured in the specified slot The card index is a 32 bit integer Default Configuration This command has no default configuration Command Mode Global Configuration User Guidelines The card index CID ca...

Page 1598: ...nd has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Example console show banner Banner Exec Line Console Enable Line SSH Disable Line Telnet Enable exec Banner Login Line Console Enable Line SSH Enable Line Telnet Disable login 2CSPC4 XCT SWUM2XX1 book Page 1598 Monday October 3 2011 11 05 AM ...

Page 1599: ...ilable to the user include the build date and time Syntax show boot version unit unit The switch identifier Range 1 12 Default Configuration This command has no default configuration Command Mode User EXEC or Privileged EXEC User Guidelines No specific guidelines Example console show boot version unit Boot Image Version 1 Thu Aug 30 12 01 04 2007 2CSPC4 XCT SWUM2XX1 book Page 1599 Monday October 3...

Page 1600: ...al data to the backup unit If the backup unit takes over as the management unit the control plane on the new management unit uses the checkpointed data when initializing its state Checkpoint statistics track the amount of data checkpointed from the management unit to the backup unit Example console show checkpoint statistics Messages Checkpointed 6708 Bytes Checkpointed 894305 Time Since Counters ...

Page 1601: ...fic guidelines Example Console show cut through mode Current mode Enable Configured mode Disable This mode is effective on next reload show interfaces advanced firmware Use the show interfaces advanced firmware command to display the firmware revision of the PHY for a port Syntax show interfaces advanced firmware interface Parameter Description Parameter Description interface A 10G non stacking ph...

Page 1602: ...CM8727 Te1 0 3 0x411 BCM8727 Te1 0 4 0x411 BCM8727 Te1 0 5 0x411 BCM8727 show interfaces media type Use the show interfaces media type command in Privileged EXEC mode to display the configured and active media type for the combo ports Syntax show interfaces media type Parameter Description Parameter Description auto select rj45 Utilize RJ45 media when both media types are active auto select sfp Ut...

Page 1603: ...SFP preferred SFP Te1 0 22 auto select SFP preferred SFP Te1 0 23 auto select SFP preferred Down Te1 0 24 auto select SFP preferred Down show memory cpu Use the show memory cpu command to check the total and available RAM space on the switch Syntax show memory cpu rj45 Force connection on the RJ45 port Power off SFP media port sfp Force connection on the SFP port Power off RJ45 media port Paramete...

Page 1604: ...l Memory 262144 KBytes Available Memory Space 121181 KBytes show nsf Use the show nsf command to show the status of non stop forwarding Syntax show nsf Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example console show nsf 2CSPC4 XCT SWUM2XX1 book Page 1604 Monday October 3 2011 11 05 ...

Page 1605: ...ext Copy 28 seconds Unit NSF Support 1 Yes 2 Yes 3 Yes show power usage history Use the show power usage history command in Privileged EXEC mode to display the history of unit power consumption for the unit specified in the command and total stack power consumption Historical samples are not saved across switch reboots reloads Syntax show power usage history unit id Parameter Description Parameter...

Page 1606: ...30 Total No of Samples to Keep 168 Current Power Consumption mWatts 56172 Sample Time Since Power Power No The Sample Consumption Consumption Was Recorded On This Unit Per Stack mWatts mWatts 3 0d 00 00 13 56172 56172 2 0d 00 00 43 56172 56172 1 0d 00 01 12 54360 54360 show process cpu Use the show process cpu command to check the CPU utilization for each process currently running on the switch 2C...

Page 1607: ...elines Example console show process cpu Memory Utilization Report status bytes free 64022608 alloc 151568112 CPU Utilization PID Name 5 Sec 1 Min 5 Min 328bb20 tTffsPTask 0 00 0 00 0 02 3291820 tNetTask 0 00 0 00 0 01 3295410 tXbdService 0 00 0 00 0 03 347dcd0 ipnetd 0 00 0 00 0 01 348a440 osapiTimer 1 20 1 43 1 21 2CSPC4 XCT SWUM2XX1 book Page 1607 Monday October 3 2011 11 05 AM ...

Page 1608: ...10 DHCP snoop 0 00 0 00 0 06 58e9bc0 Dynamic ARP Inspection 0 00 0 06 0 03 62038a0 dot1s_timer_task 0 00 0 00 0 03 687f360 dot1xTimerTask 0 00 0 06 0 07 6e23370 radius_task 0 00 0 00 0 01 6e2c870 radius_rx_task 0 00 0 06 0 03 7bc9030 spmTask 0 00 0 09 0 01 7c58730 ipMapForwardingTask 0 00 0 06 0 03 7f6eee0 tRtrDiscProcessingTask 0 00 0 00 0 01 b1516d0 dnsRxTask 0 00 0 00 0 01 b194d60 tCptvPrtl 0 0...

Page 1609: ...eged EXEC mode User Guidelines This command has no user guidelines Example The following example displays a list of open telnet sessions to remote hosts console show sessions User Name Connection from Idle Session Session Time Time Type EIA 232 00 00 00 00 07 37 Serial admin 192 168 1 248 00 00 17 00 00 26 Telnet admin 192 168 1 248 00 00 16 00 00 32 HTTP console The following table describes the ...

Page 1610: ... is connected through a Telnet session Address IP address of the remote host Port Telnet TCP port number Parameter Description Slot The slot identifier in a slot port format Slot Status The slot is empty full or has encountered an error Admin State The slot administrative mode is enabled or disabled Power State The slot power mode is enabled or disabled Configured Card Model Identifier The model i...

Page 1611: ...n index to display all the card types for a product family Syntax show supported cardtype cardindex cardindex Displays the index into the database of the supported card types This index is used when preconfiguring a slot The following table explains the output parameters Parameter Description Inserted Card Model Identifier The model identifier of the card inserted in the slot Model identifier is a...

Page 1612: ...tchtype command in User EXEC mode to display information about all supported switch types Parameter Description Card Index CID The index into the database of the supported card types This index is used when preconfiguring a slot Card Model Identifier The model identifier for the supported card type Parameter Description Card Type The 32 bit numeric card type for the supported card Model Identifier...

Page 1613: ...ack using the member command in config stack mode Example The following example displays the information for supported switch types console show supported switchtype Mgmt Code SID Switch Model ID Pref Type 1 0x100b000 2 PCT6248 1 0x100b000 The following table describes the fields in the example Field Description Switch Index SID This field displays the index into the database of supported switch t...

Page 1614: ...g table describes the fields in the example Management Preference This field indicates the management preference value of the switch type Code Version This field displays the code load target identifier of the switch type Field Description Switch Type This field displays the 32 bit numeric switch type for the supported switch Model Identifier This field displays the model identifier for the suppor...

Page 1615: ...FS last attempt status for the specified unit The show switch command may show an SDM Mismatch value in the Switch Status field This value indicates that the unit joined the stack but is running a different SDM template than the management unit This status should be temporary the stack unit should automatically reload using the template running on the stack manager Use the show supported switchtyp...

Page 1616: ...n Management Preference 4 Switch Type 0x73950001 Preconfigured Model Identifier PCM8024 Plugged in Model Identifier PCM8024 Switch Status OK Switch Description PCM8024 stack member number The stack member number stack ports Display summary stack port information for all interfaces counters Display summary data counter information for all interfaces diag Display front panel stacking diagnostics for...

Page 1617: ...trative management preference value assigned to the switch This preference value indicates how likely the switch is to be chosen as the Management Switch Switch Type This field displays the 32 bit numeric switch type Model Identifier This field displays the model identifier for this switch Model Identifier is a 32 character field assigned by the switch manufacturer to identify the switch Switch St...

Page 1618: ...ory on the switch This code will execute after the switch is reset If the switch is not present and the data is from pre configuration then the code version is None Boot Code Version This field displays the version of the boot strapping code Up Time This field displays the system up time Unit Description Switch This field displays the unit identifier assigned to the switch Management Status This f...

Page 1619: ...ch manufacturer to identify the switch Switch Status This field indicates the switch status Possible values for this state are OK Unsupported CodeMismatch ConfigMismatch or NotPresent Code Version This field indicates the detected version of code on this switch Parameter Description Range Default NSF Administrative Status Whether nonstop forwarding is administratively enabled or disabled Enabled D...

Page 1620: ...s unable to maintain user data traffic This is usually caused by multiple failures occurring close together Power On Administrative Move Warm Auto Restart Cold Auto Restart None Time Since Last Restart Time since the current management card became the active management card For the backup manager the value is set to 0d 00 00 00 Time Stamp 0d 00 00 00 Restart in progress Whether a restart is in pro...

Page 1621: ... Copy 0 days 4 hrs 53 mins 22 secs Time Until Next Copy 28 seconds Time Since Last Copy When the running configuration was last copied from the management unit to the backup unit Time Stamp Time Until Next Copy The number of seconds until the running configuration will be copied to the backup unit This line only appears when the running configuration on the backup unit is Stale 0 L7_UNITMGR_ CONFI...

Page 1622: ...ebolt 48 OK 4 12 17 37 2 Stack Mbr ANFirebolt 24 ANFirebolt 24 Updating Code 13 4 8 42 console show switch 1 Switch 1 Management Status Management Switch Hardware Management Preference Unassigned Admin Management Preference Unassigned Switch Type 0xb6340001 Preconfigured Model Identifier PCT7048 Plugged in Model Identifier PCT7048 Switch Status OK Switch Description PowerConnect 7048 Expected Code...

Page 1623: ... in Switch Code SW Switch Status Model ID Model ID Status Version 1 Mgmt Sw ANFirebolt 48 ANFirebolt 48 OK 2 24 17 48 2 ANFirebolt 48 ANFirebolt 48 SDM Mismatch 2 24 17 48 show system Use the show system command in User EXEC mode command to display system information Syntax show system unit unit The unit number Default Configuration This command has no default configuration Command Mode User EXEC ...

Page 1624: ...14s System Contact System Name System Location Burned In MAC Address 00FF F2A3 8888 System Object ID 1 3 6 1 4 1 674 10895 3011 System Model ID PCT6248 Machine Type Dell 48 Port Gigabit Ethernet Temperature Sensors Unit Temperature Celsius Status 1 25 OK Fans Unit Description Status 1 Fan 1 OK 1 Fan 2 OK 1 Fan 3 OK 2CSPC4 XCT SWUM2XX1 book Page 1624 Monday October 3 2011 11 05 AM ...

Page 1625: ... to display the system identity information Syntax show system id unit unit The unit number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines The tag information is on a switch by switch basis Example The following example displays the system service tag information 2CSPC4 XCT SWUM2XX1 book Page 1625 Monday October 3 2011 11 05 AM ...

Page 1626: ...EXEC or Privileged EXEC mode to display information about the system level power consumption Syntax show system power Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC User Guidelines This command has no user guidelines Examples console show system power console show sys...

Page 1627: ... or Privileged EXEC mode to display information about the system temperature and fan status Syntax show system temperature Parameter Description This command does not require a parameter description Default Configuration This command has no default configuration Command Mode User EXEC Privileged EXEC User Guidelines Temperature status is indicated as per the following table Status Degrees Celsius ...

Page 1628: ...K 1 Fan 2 OK 1 Fan 3 OK show tech support Use the show tech support command to display system and configuration information for use in debugging or contacting technical support The output of the show tech support command combines the output of the following commands show version show sysinfo show port all show isdp neighbors show logging 2CSPC4 XCT SWUM2XX1 book Page 1628 Monday October 3 2011 11 ...

Page 1629: ...mmand Mode Privileged EXEC mode Usage Guidelines Not applicable Default Value Not applicable Example console show tech support Show Version Switch 2 System Description PowerConnect 6248P 1 23 0 33 VxWorks 6 5 Machine Type PowerConnect 6248P Machine Model PCT6248P Serial Number CN0PK4632829881C0067 2CSPC4 XCT SWUM2XX1 book Page 1629 Monday October 3 2011 11 05 AM ...

Page 1630: ...ast Stacking Routing Show SysInfo System Location System Contact System Object ID 1 3 6 1 4 1 674 10895 3013 System Up Time 0 days 0 hrs 11 mins 47 secs 10 100 Ethernet 802 3 interface s 4 Gig Ethernet 802 3 interface s 1 10Gig Ethernet 802 3 interface s 0 Virtual Ethernet 802 3 interface s 0 MIBs Supported More or q uit Selecting More m continues the display of output for the show tech support co...

Page 1631: ...ed EXEC mode User Guidelines This command has no user guidelines Example The following example displays a list of active users and the information about them console show users Username Protocol Location Bob Serial John SSH 172 16 0 1 Robert HTTP 172 16 0 8 Betty Telnet 172 16 1 7 show version Use the show version command in User EXEC mode to displays the system version information 2CSPC4 XCT SWUM...

Page 1632: ... a system version this version number is only for demonstration purposes console show version Image Descriptions image1 default image image2 Images currently available on Flash unit image1 image2 current active next active 1 K 3 9 1 0 0 0 0 image1 image1 2 K 3 9 1 0 0 0 0 image1 image1 stack Use the stack command in Global Configuration mode to set the mode to Stack Global Config Syntax stack 2CSP...

Page 1633: ...Use the stack port command in Stack Configuration mode to configure Stack ports as either Stacking ports or as Ethernet ports This command is used to configure CX 4 ports to be either stacking or Ethernet ports By default CX 4 ports are Ethernet ports Syntax stack port tengigabitethernet unit slot port ethernet stack Default Configuration By default these ports are configured as stacking ports Com...

Page 1634: ...Example console config stack stack port tengigabitethernet 1 0 3 stack console config stack standby Use the standby command to configure the standby in the stack This unit comes up as the master when the stack failover occurs Use the no form of this command to reset to default in which case a standby is automatically selected from the existing stack units if there no preconfiguration Syntax standb...

Page 1635: ...n is retained however the old switch will be operationally unplugged Syntax switch oldunit renumber newunit oldunit The current switch identifier Range 1 12 newunit The updated value of the switch identifier Range 1 12 Command Mode Global Configuration mode User Guidelines This command is executed on the Management Switch Example The following example displays how to reconfigure switch number 1 to...

Page 1636: ...ber or one of the keywords from the port table in the usage guidelines see Port Table below keyword One or more keywords from the keywords table in the user guidelines see Keywords Table below Options Description debug Enable telnet debugging mode line Enable telnet linemode localecho Enable telnet localecho cr Press ENTER to execute the command port Enter the port number Refer to the following ta...

Page 1637: ...4 login Login 513 lpd Printer service 515 nntp Network News Transport Protocol 119 pim auto rp PIM Auto RP 496 pop2 Post Office Protocol v2 109 pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunrpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control System 49 talk Talk 517 telnet Telnet 23 time Time 37 uucp Unix to Unix Copy Program 540 whois Nickname...

Page 1638: ...ctually take when traveling to their destinations You can use traceroute command in either of two formats You can specify the IP address and hostname in the command The traceroute ipaddress hostname command sets the parameters to their default values You can enter traceroute to without specifying the IP address and hostname and specify values for the traceroute parameters Syntax traceroute ip ipv6...

Page 1639: ... time then traceroute considers that probe a failure printing and sends the next probe If traceroute does receive a response to a probe then it sends the next probe immediately Range 1 60 seconds count The number of probes to be sent at each TTL level Range 1 10 port The destination UDP port of the probe This should be an unused port on the remote destination system Range 1 65535 size The size in ...

Page 1640: ... command parameters and displays the routes that packets actually take when traveling to their destination console traceroute traceroute Enter the ip address hostname 192 168 77 171 traceroute Packet size default 40 bytes 30 traceroute Max ttl value default 20 10 traceroute Number of probes to send at each level default 3 traceroute Timeout default 3 seconds 6 traceroute Source ip address default ...

Page 1641: ...System Management Commands 1641 2 3 4 5 2CSPC4 XCT SWUM2XX1 book Page 1641 Monday October 3 2011 11 05 AM ...

Page 1642: ...1642 System Management Commands 2CSPC4 XCT SWUM2XX1 book Page 1642 Monday October 3 2011 11 05 AM ...

Page 1643: ...egotiate old options at any time In general each end of the Telnet connection attempts to implement all options that maximize performance for the systems involved When a Telnet connection is initiated each side of the connection is assumed to originate and terminate at a Network Virtual Terminal or NVT Therefore the server and user hosts do not maintain information about the characteristics of eac...

Page 1644: ...able console config no ip telnet server disable ip telnet port The ip telnet port command is used to configure the Telnet service port number on the switch Syntax ip telnet port port number port number Telnet service port number Range 1 65535 Default Configuration This command has no default configuration Command Mode Global Configuration Usage Guidelines No specific guidelines 2CSPC4 XCT SWUM2XX1...

Page 1645: ...lnet command displays the status of the Telnet server and the Telnet service port number Syntax show ip telnet Default Configuration This command has no default configuration Command Mode Privileged EXEC Example console show ip telnet Telnet Server is Enabled Port 23 2CSPC4 XCT SWUM2XX1 book Page 1645 Monday October 3 2011 11 05 AM ...

Page 1646: ...1646 Telnet Server Commands 2CSPC4 XCT SWUM2XX1 book Page 1646 Monday October 3 2011 11 05 AM ...

Page 1647: ...ivileged EXEC mode User Guidelines Setting the terminal length to 0 disables paging altogether It is recommended that the terminal length either be set to 0 or a value larger than 4 as terminal lengths in the range of 1 to 4 may give odd output due to prompting The terminal length command is specific to the current session Logging out rebooting or otherwise ending the current session will require ...

Page 1648: ...1648 Terminal Length Commands 2CSPC4 XCT SWUM2XX1 book Page 1648 Monday October 3 2011 11 05 AM ...

Page 1649: ...ommand enters Time Range Configuration mode to allow updating the time range entries Use the no form of this command to delete a time range identified by name Syntax time range name no time range name Parameter Description Default Configuration This command has no default configuration time range periodic absolute show time range Parameter Description name A case sensitive alphanumeric string from...

Page 1650: ...ate Time and date at which the configuration that referenced the time range is in effect The time is expressed in a 24 hour clock in the form of hours minutes For example 8 00 is 8 00 am and 20 00 is 8 00 pm The date is expressed in the format day month year If no start time and date are specified the configuration statement is in effect immediately End time date Time and date at which the configu...

Page 1651: ...e Example console time range timeRange_1 console Config time range absolute end 12 00 16 Dec 2010 periodic Use the periodic command to add a periodic time entry to a time range The time parameter is based off of the currently configured time zone Use the no form of this command to delete a periodic time entry from a time range Syntax periodic days of the week time to days of the week time no perio...

Page 1652: ...er in effect If the end days of the week are the same as the start they can be omitted This argument can be any single day or combinations of days Monday Tuesday Wednesday Thursday Friday Saturday Sunday Other possible values are daily Monday through Sunday weekdays Monday through Friday weekend Saturday and Sunday If the ending days of the week are the same as the starting days of the week they c...

Page 1653: ...sday Wednesday Thursday Friday but with after work hours 9pm to 11pm The administrator wants to permit deny HTTP traffic for this time range but the entire time range is invalid due to conflicting entries The absolute entry is forced to inactive because the periodic entry time is not yet in effect Examples console time range timeRange_2 console Config time range periodic monday 00 00 to tuesday 12...

Page 1654: ...er 1 Parameter Description Number of Time Ranges Number of time ranges configured in the system Time Range Name Name of the time range Time Range Status Status of the time range active inactive Absolute start Start time and day for absolute time entry Absolute end End time and day for absolute time entry Periodic Entries Number of periodic entries in a time range Periodic start Start time and day ...

Page 1655: ...Start Time TUE 13 00 Periodic End Time WED 12 00 Entry Number 4 Periodic Start Time WED 12 30 Periodic End Time THU 20 00 Entry Number 5 Periodic Start Time SUN SAT 18 00 More or q uit Periodic End Time SUN SAT 20 00 console show time range Current number of all Time Ranges 5 Maximum number of all Time Ranges 100 2CSPC4 XCT SWUM2XX1 book Page 1655 Monday October 3 2011 11 05 AM ...

Page 1656: ...e Status Entry count Absolute Entry timeRange_1 Inactive 4 Exists timeRange_2 Inactive 4 Exists timeRange_3 Inactive 4 Exists timeRange_4 Inactive 4 Exists timeRange_5 Inactive 4 Exists 2CSPC4 XCT SWUM2XX1 book Page 1656 Monday October 3 2011 11 05 AM ...

Page 1657: ... copy configuration and image files from one switch to other Files from the switch can be copied to a USB flash device and can be used to deploy on other switches in the network Validation of Files Downloaded Uploaded from USB Device Files are validated before downloading files from USB flash drive to switch and uploading files from switch to USB flash drive Downloaded image files from USB flash d...

Page 1658: ...ding and Uploading of Files After the file validations are successful switch proceeds with downloading of files from the USB flash device to the switch and uploading of files from the switch to the USB flash drive The status of file download upload is shown on the console Detailed messages are logged in the system log for further reference Commands in this Chapter This chapter explains the followi...

Page 1659: ...e Parameter Description The following table explains the output parameters Parameter Description Device Status This field specifies the current status of device Active if device is plugged in and the device is recognized by the switch Inactive if device is not mounted Invalid if device is not present or invalid device is plugged in Manufacturer Manufacturer details Serial Number Serial number of t...

Page 1660: ...onsole show usb device Device Status Active Manufacturer xxxx Serial Number yyyyy USB Version Compliance 2 0 Class Code abc Subclass Code acb Protocol 0x0 Vendor ID zzzzz Product ID aaaaa Class Code Device Class Subclass Code Device SubClass Protocol Device Protocol Vendor ID Vendor specific details of device Vendor ID Product ID Vendor specific details of device Product ID Parameter Description 2...

Page 1661: ...usb Parameter Description The following table explains the output parameters Default Configuration This command has no default configuration Command Mode Privileged EXEC User Guidelines This command has no user guidelines Parameter Description Filename File name Filesize File size Total Size USB flash device storage size Bytes Used Indicates size of memory used on the device Bytes Free Indicates s...

Page 1662: ...09 14 58 36 Stuff 4096 11 27 2009 14 59 32 Austin 4096 09 11 2010 18 43 16 running config 819 05 13 2000 20 40 44 PC7000v20101108_1 stk 12567304 11 08 2010 16 13 54 PCM6348v10 29 16 43 stk 12444340 11 01 2010 13 55 40 Total Size 3708858368 Bytes Used 218435911 Bytes Free 3490422457 2CSPC4 XCT SWUM2XX1 book Page 1662 Monday October 3 2011 11 05 AM ...

Page 1663: ...able Default Configuration The default privilege level is 15 Command Mode User EXEC mode User Guidelines If there is no authentication method defined for enable then a level 1 user is not allowed to execute this command Example The following example shows how to enter privileged mode console enable console enable end exit quit 2CSPC4 XCT SWUM2XX1 book Page 1663 Monday October 3 2011 11 05 AM ...

Page 1664: ...ation Command Mode All command modes User Guidelines No specific guidelines Example console config end console end console exit Use the exit command to go to the next lower command prompt or in User EXEC mode to close an active terminal session by logging off the switch Syntax exit Default Configuration This command has no default configuration 2CSPC4 XCT SWUM2XX1 book Page 1664 Monday October 3 2...

Page 1665: ...uration mode to User EXEC mode to the login prompt console config if Gi1 0 1 exit console config exit console exit console exit User quit Use the quit command in User EXEC mode to close an active terminal session by logging off the switch Syntax quit Default Configuration This command has no default configuration Command Mode User EXEC command mode User Guidelines There are no user guidelines for ...

Page 1666: ...1666 User Interface Commands Example The following example closes an active terminal session console quit 2CSPC4 XCT SWUM2XX1 book Page 1666 Monday October 3 2011 11 05 AM ...

Page 1667: ...r The Set Cookie directive is sent only once at initiation of the session With the introduction of Web Sessions the client connections can be monitored and controlled Web Sessions put the authentication control in the PowerConnect instead of the client browser resulting in a more efficient implementation that allows web access while using Radius or TACACS for authentication The web login is implem...

Page 1668: ...rtificate generate key generate crypto certificate import location crypto certificate request organization unit duration show crypto certificate mycertificate ip http port show ip http server status ip http server show ip http server secure status ip http secure certificate state Parameter Description common name Specifies the fully qualified URL or IP address of the switch If left unspecified thi...

Page 1669: ...t common name router gm com country Use the country command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the country Syntax country country country Specifies the country name Range 2 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This command m...

Page 1670: ...in the router switch configuration however the certificate and keys generated by this command are saved in the private configuration This saved information is never displayed to the user or backed up to another switch If the RSA keys do not exist the generate parameter must be used To save the generated certificate and keys on the local switch and distribute the certificate across a stack save the...

Page 1671: ... certificate import Use the crypto certificate import command in Global Configuration mode to import a certificate signed by the Certification Authority for HTTPS Syntax crypto certificate number import number Specifies the certificate number Range 1 2 Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Use this command to enter an...

Page 1672: ...by the Certification Authority for HTTPS console config crypto certificate 1 import BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhkiG9w0BAQEFAANLADBI AkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0km fhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYe BABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4 MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc gg...

Page 1673: ... The certificate request is generated in Base64 encoded X 509 format Before generating a certificate request you must first generate a self signed certificate using the crypto certificate generate command in Global Configuration mode in order to generate the keys Make sure to re enter values in the certificate fields After receiving the certificate from the Certification Authority use the crypto c...

Page 1674: ...e Generation mode User Guidelines This command mode is entered using the crypto certificate generate command Example The following example displays how specify a duration of 50 days that a certification is valid console config crypto cert duration 50 ip http port Use the ip http port command in Global Configuration mode to specify the TCP port for use by a web browser to configure the switch To us...

Page 1675: ...example shows how the http port number is configured to 100 console config ip http port 100 ip http server Use the ip http server command in Global Configuration mode to enable the switch to be configured monitored or modified from a browser To disable this function use the no form of this command Syntax ip http server no ip http server Default Configuration The default mode is enabled Command Mod...

Page 1676: ...ure certificate number no ip http secure certificate Parameter Description Default Configuration The default value of the certificate number is 1 Command Mode Global Configuration mode User Guidelines The HTTPS certificate is generated using the crypto certificate generate command in Global Configuration mode Example The following example configures the active certificate for HTTPS console config ...

Page 1677: ...ommand Mode Global Configuration mode User Guidelines This command has no user guidelines Example The following example configures the https port number to 100 console config ip http secure port 2 ip http secure server Use the ip http secure server command in Global Configuration mode to enable the switch to be configured monitored or modified securely from a browser To disable this function use t...

Page 1678: ... following example enables the switch to be configured from a browser console config ip http secure server key generate Use the key generate command in Crypto Certificate Generation mode to specify the key generate Syntax key generate length length Specifies the length of the SSL RSA key If left unspecified this parameter defaults to 1024 Range 512 2048 Default Configuration This command has no de...

Page 1679: ...to specify the location or city name Syntax location location location Specifies the location or city name Range 1 64 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command Example ...

Page 1680: ... Certificate Request mode User Guidelines This command mode is entered using the crypto certificate request or crypto certificate generate command Example The following example displays how to specify the generalmotors organization unit console config crypto cert organization unit generalmotors show crypto certificate mycertificate Use the show crypto certificate mycertificate command in Privilege...

Page 1681: ...ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0km fhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYe BABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4 MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCASkwgdKggc ggcyGgcls ZGFwOi8v L0VByb3h5JTIwU29mdHdhcmUlMjBSb290JTIwQ2VydGlmaWVyLENO PXNlcnZl END CERTIFICATE Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm...

Page 1682: ...r EXEC Privileged EXEC User Guidelines This command has no user guidelines Example The following example displays the HTTP server configuration console show ip http server status HTTP server enabled Port 80 show ip http server secure status Use the show ip http server secure status command in User EXEC or Privileged EXEC mode to display the HTTP secure server status information Syntax show ip http...

Page 1683: ...ertificate 1 is active Issued by www verisign com Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 2003 to 8 9 2004 Subject CN router gm com 0 General Motors C US Finger print 1873B936 88DC3411 BC8932EF 782134BA The following example displays the HTTPS serve...

Page 1684: ...ger print 1873B936 88DC3411 BC8932EF 782134BA state Use the state command in Crypto Certificate Generation or Crypto Certificate Request mode to specify the state or province name Syntax state state state Specifies the state or province name Range 1 64 characters Default Configuration This command has no default configuration Command Mode Crypto Certificate Generation or Crypto Certificate Request...

Page 1685: ...Web Server Commands 1685 Example The following example shows how to specify the state of texas console config crypto cert state texas 2CSPC4 XCT SWUM2XX1 book Page 1685 Monday October 3 2011 11 05 AM ...

Page 1686: ...1686 Web Server Commands 2CSPC4 XCT SWUM2XX1 book Page 1686 Monday October 3 2011 11 05 AM ...

Page 1687: ...orization network default radius 245 AAA Commands 239 aaa ias user username 246 aaa new model 247 absolute 1650 Access Control Lists 645 access list 270 acct port 705 ACL Commands 267 ACL Logging 267 action 571 add gigabitethernet 573 add port channel 574 add tengigabitethernet 573 Address Table Commands 285 Appendix A List of Commands 1687 area default cost Router OSPF 1101 area default cost Rout...

Page 1688: ...ary 1185 area stub 1109 area stub 1184 area virtual link authentication 1113 area virtual link dead interval 1114 area virtual link dead interval 1188 area virtual link hello interval 1115 area virtual link hello interval 1188 area virtual link retransmit interval 1116 area virtual link retransmit interval 1189 area virtual link transmit delay 1117 area virtual link transmit delay 1190 area virtua...

Page 1689: ... boot auto copy sw allow downgrade 1297 boot auto copy sw 1296 boot host autoreboot 1298 boot host autosave 1299 boot host dhcp 1299 boot host retrycount 1300 boot system 1374 bootfile 867 bootpdhcprelay maxhopcount 949 bootpdhcprelay minwaittime 950 capability opaque 1120 Captive Portal Client Connection Commands 1320 Captive Portal Commands 1305 Captive Portal Configuration Commands 1312 Captive...

Page 1690: ...che management 859 clear arp cache 858 clear captive portal users 1325 clear checkpoint statistics 1584 clear config 1375 clear counters 400 clear dhcp l2relay statistics interface 342 clear dot1x authentication history 842 clear green mode statistics 458 clear gvrp statistics 469 clear host 502 clear ip address conflict detect 502 clear ip arp inspection statistics 370 clear ip dhcp binding 868 c...

Page 1691: ... 175 CLI Logged to Local File and Syslog Server 1559 CLI Macro Commands 1339 client identifier 869 client name 870 Clock Commands 1349 clock summer time date 1362 clock summer time recurring 1361 clock timezone hours offset 1360 Command Groups 75 Command Groups 76 Command Line Configuration Scripting Commands 1367 Command Line Interface Scripting 1373 common name 1668 compatible rfc1583 1121 Confi...

Page 1692: ...h 1549 cut through mode 1585 deadtime 707 debug arp 1486 debug auto voip 1487 debug cfm 451 debug clear 1487 debug console 1488 debug dhcp packet 348 debug dot1x 1488 debug igmpsnooping 1489 debug ip acl 1490 debug ip dvmrp 1490 debug ip igmp 1491 debug ip mcache 1492 debug ip pimdm packet 1493 debug ip pimsm packet 1494 debug ip vrrp 1494 debug ipv6 dhcp 1495 debug ipv6 mcache 1496 debug ipv6 mld...

Page 1693: ...efault metric 1123 default metric 1192 default metric 1247 default router 871 delete backup config 1382 delete backup image 1382 delete startup config 1383 delete 1381 Denial of Service Commands 1395 deny management 1414 deny permit IP ACL 272 deny permit Mac Access List Configuration 274 depends on 575 description 1562 description 401 dhcp l2relay Global Configuration 329 dhcp l2relay Interface C...

Page 1694: ...5 distribute list out 1248 dns server IP DHCP Pool Config 872 dns server IPv6 DHCP Pool Config 896 do 1421 domain name IP DHCP Pool Config 873 domain name IPv6 DHCP Pool Config 896 dos control firstfrag 1397 dos control icmp 1397 dos control l4port 1398 dos control sipdip 1399 dos control tcpflag 1400 dos control tcpfrag 1400 dot1x dynamic vlan enable 819 dot1x guest vlan 843 dot1x initialize 820 ...

Page 1695: ...an 844 Double VLAN Mode 769 Downloading and Uploading of Files 1658 drop 659 duplex 402 duration 1674 dvlan tunnel ethertype 772 DVMRP Commands 913 Dynamic ARP Inspection Commands 369 Email Alerting Commands 383 enable authentication 248 enable password encrypted 1437 enable password 249 enable 1126 enable 1194 enable 1249 enable 1308 enable 1313 enable 1663 encapsulation 967 end 1664 Energy Effic...

Page 1696: ...imeout 1407 exit mst 731 exit 1664 exit overflow interval 1127 exit overflow interval 1195 external lsdb limit 1128 external lsdb limit 1195 File System Commands 1373 filedescr 1385 Flexible Assignment of Ports to LAGs 627 Flexible Power Management 1445 flowcontrol 403 Forwarding of OSPF Opaque LSAs Enabled by Default 1099 garp timer 470 GMRP Commands 921 gmrp enable 922 Graceful Restart 1100 Gree...

Page 1697: ...250 http port 1309 https port 1309 IGMP Commands 925 IGMP Proxy Commands 939 IGMP Snooping Commands 479 IGMP Snooping Querier Commands 493 Independent VLAN Learning 770 initiate failover 1587 instance mst 732 interface loopback 1063 interface port channel 629 interface range port channel 629 interface range vlan 774 interface range 404 Interface Tracking 1269 interface tunnel 1262 interface vlan 7...

Page 1698: ... 876 ip dhcp conflict logging 876 ip dhcp excluded address 877 ip dhcp ping packets 878 ip dhcp pool 864 ip dhcp relay information check 951 ip dhcp relay information check reply 952 ip dhcp relay information option 953 ip dhcp relay information option insert 954 ip dhcp snooping binding 356 ip dhcp snooping database write delay 358 ip dhcp snooping database 357 ip dhcp snooping limit 359 ip dhcp ...

Page 1699: ...mp last member query count 927 ip igmp last member query interval 928 ip igmp query interval 929 ip igmp query max response time 930 ip igmp robustness 930 ip igmp snooping global 480 ip igmp snooping interface 481 ip igmp snooping VLAN 487 ip igmp snooping fast leave 488 ip igmp snooping groupmembership interval 489 ip igmp snooping host time out 482 ip igmp snooping leave time out 482 ip igmp sn...

Page 1700: ... ip irdp holdtime 1238 ip irdp maxadvertinterval 1239 ip irdp minadvertinterval 1240 ip irdp multicast 1241 ip irdp preference 1242 ip irdp 1235 ip local proxy arp 860 ip mcast boundary 1069 ip mroute 1069 ip mtu 969 ip multicast ttl threshold 1071 ip multicast 1070 ip name server 510 ip netdirbcast 970 ip ospf area 1129 ip ospf authentication 1130 ip ospf cost 1131 ip ospf dead interval 1131 ip o...

Page 1701: ...ip pim sparse 1080 ip pim spt threshold 1082 ip pim ssm 1081 ip pim 1072 ip proxy arp 860 ip redirects 1403 ip rip authentication 1251 ip rip receive version 1252 ip rip send version 1253 ip rip 1250 ip route default 972 ip route distance 973 ip route 971 IP Routing Commands 965 ip routing 974 IP Source Guard Commands 553 ip ssh port 1550 ip ssh pubkey auth 1551 ip ssh server 1551 IP Subnet Based ...

Page 1702: ...y 898 ipv6 dhcp server 899 ipv6 enable Interface Config 515 ipv6 enable OOB Config 515 ipv6 enable 1013 ipv6 gateway OOB Config 516 ipv6 hop limit 1014 ipv6 host 1015 ipv6 icmp error interval 1404 IPv6 Limitations Restrictions 1009 ipv6 mld last member query count 1015 ipv6 mld last member query interval 1016 ipv6 mld query interval 1019 ipv6 mld query max response time 1020 ipv6 mld router 1020 i...

Page 1703: ... querier 546 ipv6 mld proxy reset status 1017 ipv6 mld proxy unsolicit rprt interval 1018 ipv6 mld proxy 1017 ipv6 mtu 1021 ipv6 nd dad attempts 1022 ipv6 nd managed config flag 1023 ipv6 nd ns interval 1024 ipv6 nd other config flag 1025 ipv6 nd prefix 1025 ipv6 nd ra interval 1027 ipv6 nd ra lifetime 1028 ipv6 nd reachable time 1028 ipv6 nd suppress ra 1029 ipv6 ospf area 1197 ipv6 ospf cost 119...

Page 1704: ...pv6 pim sparse Global config 990 ipv6 pim spt threshold 998 ipv6 pim ssm 999 ipv6 pim 989 ipv6 route distance 1031 ipv6 route 1030 ipv6 router ospf 1204 IPv6 Routing Commands 1009 ipv6 traffic filter 528 ipv6 unicast routing 1032 ipv6 unreachables 1405 iscsi aging time 560 iscsi cos 561 iscsi enable 563 iSCSI Optimization Commands 559 iscsi target port 564 isdp advertise v2 318 isdp enable 319 isd...

Page 1705: ... 646 lease 879 level 1563 Line Commands 1407 line 1409 Link Dependency Commands 571 link dependency group 572 LLDP Commands 579 lldp med confignotification 582 lldp med faststartrepeatcount 583 lldp med transmit tlv 584 lldp med 582 lldp notification 585 lldp notification interval 585 lldp receive 586 lldp timers 587 lldp transmit 588 lldp transmit mgmt 589 lldp transmit tlv 589 Local 802 1X Authe...

Page 1706: ... 387 logging web session 1572 logging 1565 login authentication 252 login banner 1589 Loopback Interface Commands 1063 mac access group 277 mac access list extended rename 279 mac access list extended 278 mac address table aging time 287 mac address table multicast filtering 288 mac address table multicast forbidden address 289 mac address table multicast forbidden forward unregistered 290 mac add...

Page 1707: ...ist 1416 Management ACL Commands 1413 Manual Aggregation of LAGs 627 Manual Aggregation of LAGs 627 mark cos 660 mark ip dscp 660 mark ip precedence 661 match class map 662 match cos 663 match destination address mac 664 match dstip 665 match dstip6 666 match dstl4port 666 match ethertype 667 match ip dscp 669 match ip precedence 670 match ip tos 670 match ip6flowlbl 668 match protocol 671 match s...

Page 1708: ...uth 708 mtu 406 Multicast Commands 1067 Multicast VLAN Registration Commands 607 mvr group 609 mvr immediate 612 mvr mode 610 mvr querytime 610 mvr type 613 mvr vlan group 615 mvr vlan 612 mvr 608 name Captive Portal 1316 name mst 734 name RADIUS server 709 name VLAN Configuration 776 netbios name server 880 netbios node type 881 network area 1138 network 882 next server 883 2CSPC4 XCT SWUM2XX1 bo...

Page 1709: ...7 OSPF Equal Cost Multipath ECMP 1098 OSPFv3 Commands 1175 Passive Interfaces 1099 passive interface default 1143 passive interface default 1210 passive interface 1143 passive interface 1209 password aaa IAS User Configuration 253 password Line Configuration 254 password Mail Server Configuration Mode 396 password User EXEC 255 Password Aging 1423 Password History 1423 Password Management Commands...

Page 1710: ... 1433 passwords strength minimum uppercase letters 1430 passwords strength check 1429 periodic 1651 permit management 1417 permit ip host mac host 375 PHY Diagnostics Commands 1441 ping ethernet cfm 443 ping ipv6 interface 1034 ping ipv6 1033 ping 1593 Pingable VRRP Commands 1289 Pingable VRRP Interface 1267 police simple 677 policy map 678 port Mail Server Configuration Mode 395 Port Channel Comm...

Page 1711: ...0 primary 710 priority 711 priority 763 Protocol Based VLANs 770 protocol group 777 protocol vlan group all 779 protocol vlan group 778 protocol 1317 QoS Commands 645 Queue Mapping 647 quit 1665 RADIUS Commands 701 RADIUS based Dynamic VLAN Assignment 818 radius server attribute 4 846 radius server deadtime 712 radius server host 713 radius server key 714 radius server retransmit 715 radius server...

Page 1712: ...mmands 1459 rmon event 1463 Route Preferences 1098 Route Tracking 1269 Router Discovery Protocol Commands 1235 router ospf 1146 router rip 1255 router id 1145 router id 1211 Routing Information Protocol Commands 1245 routing 975 script apply 1367 script delete 1368 script list 1369 script show 1369 script validate 1370 sdm prefer 1479 SDM Templates Commands 1479 security 393 service dhcp 888 2CSPC...

Page 1713: ...hentication methods 257 show auto copy sw 1301 show backup config 1387 show banner 1598 show boot 1302 show bootvar 1388 show boot version 1599 show bridge multicast address table count 1083 show captive portal client status 1320 show captive portal configuration client status 1321 show captive portal configuration interface 1332 show captive portal configuration locales 1333 show captive portal c...

Page 1714: ...01 show debugging 1505 show dhcp l2relay agent option vlan 338 show dhcp l2relay all 334 show dhcp l2relay circuit id vlan 340 show dhcp l2relay interface 335 show dhcp l2relay remote id vlan 341 show dhcp l2relay stats interface 336 show dhcp l2relay subscription interface 337 show dhcp l2relay vlan 339 show dhcp lease 349 show diffserv service brief 691 show diffserv service interface port chann...

Page 1715: ...show green mode interface id 460 show green mode 464 show gvrp configuration 474 show gvrp error statistics 476 show gvrp statistics 477 show hosts 517 show interfaces advanced firmware 1601 show interfaces advertise 407 show interfaces configuration 408 show interfaces cos queue 692 show interfaces counters 409 show interfaces description 413 show interfaces detail 414 show interfaces loopback 10...

Page 1716: ...interfaces 365 show ip dhcp snooping statistics 366 show ip dhcp snooping 362 show ip dvmrp interface 916 show ip dvmrp neighbor 916 show ip dvmrp nexthop 917 show ip dvmrp prune 918 show ip dvmrp route 919 show ip dvmrp 915 show ip helper statistics 962 show ip helper address 519 show ip helper address 960 show ip http server secure status 1682 show ip http server status 1682 show ip igmp groups ...

Page 1717: ...e static 1089 show ip mcast mroute 1087 show ip multicast interface 1086 show ip multicast 1084 show ip ospf abr 1152 show ip ospf area 1153 show ip ospf asbr 1155 show ip ospf database database summary 1159 show ip ospf database 1156 show ip ospf interface brief 1163 show ip ospf interface stats 1163 show ip ospf interface 1161 show ip ospf neighbor 1164 show ip ospf range 1167 show ip ospf stati...

Page 1718: ...w ip traffic 985 show ip verify interface 555 show ip verify source interface 556 show ip vlan 987 show ip vrrp interface 1290 show ipv6 access lists 529 show ipv6 brief 1035 show ipv6 dhcp binding 903 show ipv6 dhcp interface Privileged EXEC 906 show ipv6 dhcp interface User EXEC 904 show ipv6 dhcp interface out of band statistics 520 show ipv6 dhcp pool 909 show ipv6 dhcp statistics 910 show ipv...

Page 1719: ...how ipv6 ospf database database summary 1222 show ipv6 ospf database 1219 show ipv6 ospf interface brief 1225 show ipv6 ospf interface stats 1226 show ipv6 ospf interface vlan 1227 show ipv6 ospf interface 1223 show ipv6 ospf neighbor 1229 show ipv6 ospf range 1230 show ipv6 ospf stub table 1231 show ipv6 ospf virtual link brief 1233 show ipv6 ospf virtual links 1232 show ipv6 ospf 1212 show ipv6 ...

Page 1720: ...ce 592 show lldp med interface 595 show lldp med local device detail 596 show lldp med remote device 598 show lldp med 594 show lldp remote device 602 show lldp statistics 603 show lldp 590 show logging email statistics 392 show logging file 1575 show logging 1574 show mac access list 283 show mac address table address 301 show mac address table count 302 show mac address table dynamic 303 show ma...

Page 1721: ... configuration 1437 show passwords result 1439 show policy map interface 696 show policy map 695 show port protocol 786 show ports security addresses 309 show ports security 308 show power inline firmware version 1457 show power inline 1455 show power usage history 1605 show process cpu 1606 show radius statistics 721 show rmon alarm 1464 show rmon alarms 1466 show rmon collection history 1467 sho...

Page 1722: ... 1526 show snmp 1519 show sntp configuration 1350 show sntp server 1351 show sntp status 1353 show spanning tree summary 739 show spanning tree 735 show startup config 1390 show statistics port channel 637 show statistics switchport 423 show statistics 418 show storm control 425 show supported cardtype 1611 show supported switchtype 1612 show switch 1615 show switchport protected 432 show switchpo...

Page 1723: ...n 787 show voice vlan 812 show vrrp interface brief 1287 show vrrp interface stats 1288 show vrrp interface 1285 show vrrp 1282 shutdown 426 Simple Network Time Protocol 1349 slot 1596 SNMP Commands 1519 snmp server community 1529 snmp server community group 1531 snmp server contact 1532 snmp server enable traps 1532 snmp server engineID local 1535 snmp server filter 1536 snmp server group 1538 sn...

Page 1724: ...tion 743 spanning tree cost 744 spanning tree disable 745 spanning tree forward time 746 spanning tree guard 747 spanning tree loopguard 747 spanning tree max age 748 spanning tree max hops 749 spanning tree mode 750 spanning tree mst configuration 750 spanning tree mst cost 751 spanning tree mst port priority 752 spanning tree mst priority 753 spanning tree portfast bpdufilter default 755 spannin...

Page 1725: ... control unicast 430 switchport access vlan 790 switchport forbidden vlan 791 switchport general acceptable frame type tagged only 792 switchport general allowed vlan 792 switchport general ingress filtering disable 793 switchport general pvid 794 switchport mode 795 switchport protected name 432 switchport protected 431 switchport trunk 796 switchport voice detect auto 314 Syslog Commands 1559 Sy...

Page 1726: ...eroute ipv6 1060 traceroute 1638 traffic shape 698 tunnel destination 1263 Tunnel Interface Commands 1261 tunnel mode ipv6ip 1264 tunnel source 1265 unmount usb 1658 update bootcode 1392 usage 727 USB Flash Drive Commands 1657 user group moveusers 1336 user group name 1336 user group 1327 user group 1335 User Interface Commands 1663 User Lockout 1423 user name 1329 user password 1329 user session ...

Page 1727: ...cation 1319 Virtual Router Redundancy Protocol Commands 1267 Virtual Router Redundancy Protocol Commands 1270 vlan Global Config 799 vlan association mac 800 vlan association subnet 800 VLAN Commands 769 vlan database 801 vlan makestatic 802 vlan protocol group add protocol 804 vlan protocol group name 805 vlan protocol group remove 805 vlan protocol group 803 vlan routing 806 vlan 798 VLANs and L...

Page 1728: ...ode 1274 vrrp preempt 1275 vrrp priority 1276 VRRP Route Interface Tracking 1268 vrrp timers advertise 1277 vrrp timers learn 1278 vrrp track interface 1279 vrrp track ip route 1280 Web Server Commands 1667 Web Sessions 1667 write 1392 2CSPC4 XCT SWUM2XX1 book Page 1728 Monday October 3 2011 11 05 AM ...

Page 1729: ...2CSPC4 XCT SWUM2XX1 book Page 1 Monday October 3 2011 11 05 AM ...

Page 1730: ...www dell com support dell com Printed in the U S A 2CSPC4 XCT SWUM2XX1 book Page 2 Monday October 3 2011 11 05 AM ...

Search results

Summary of Contents for PowerConnect 7000 Series

Reviews:

Brands by name

Popular brands

Dell PowerConnect 7000 Series, Reference Manual

Search results

Summary of Contents for PowerConnect 7000 Series

Reviews:

Brands by name

Popular brands