N8406-023 GbE (L3) (ISCLI) 856-126757-303-00 2007 7
Copyright 2007 NEC Corporation NEC NEC Microsoft Windows Windows NT Microsoft Corporation SunOS Solaris Sun Microsystems Cisco Cisco Systems 856-126757-303-00 2007 7
ISCLI... 8... 8... 8... 8 IP...9 Telnet... 9 SSH... 10... 11... 11... 12 ISCLI... 13 ISCLI... 13 ISCLI... 13... 14 CLI... 15... 15 Tab... 15 Information Commands... 16 System Information commands... 17 SNMPv3 Information commands... 17 SNMPv3 USM User Table information... 18 SNMPv3 View Table information... 18 SNMPv3 Access Table information... 19 SNMPv3 Group information... 19 SNMPv3 Community Table information... 20 SNMPv3 Target Address Table information... 20 SNMPv3 Target Parameters Table information... 21 SNMPv3 Notify Table information... 21 SNMPv3 dump... 22 System information... 23 Show recent syslog messages... 24 System user information... 24 Layer 2 information... 25 FDB information commands... 26 Show all FDB information... 26 Clearing entries from the FDB... 26 Link Aggregation Control Protocol information... 27 LACP dump... 27 802.1x information... 28 Spanning Tree information... 29 Rapid Spanning Tree and Multiple Spanning Tree information... 31 Common Internal Spanning Tree information... 33 Trunk group information... 34 VLAN information... 35 Layer 3 information... 36 Route information... 36 Show all IP Route information... 37 ARP information... 38 Show all ARP entry information... 38 ARP address list information... 38 OSPF information... 39 OSPF general information... 39 OSPF interface information... 40 OSPF Database information... 40
OSPF router codes information... 41 Routing Information Protocol... 42 RIP Routes information... 42 RIP user information... 42 IP information... 43 IGMP multicast group information... 43 IGMP multicast router port information... 43 VRRP information... 44 802.1p information... 45 ACL information... 46 RMON information... 47 RMON history information... 47 RMON alarm information... 47 RMON event information... 49 Link status information... 50 Port information... 51 Logiral Port to GEA Port mapping... 52 Uplink Failure Detection information... 53 Information dump... 53 Statistics commands... 54 Port Statistics... 54 802.1x statistics... 55 Bridging statistics... 56 Ethernet statistics... 57 Interface statistics... 58 Internet Protocol (IP) statistics... 59 Link statistics... 59 Layer 2 statistics... 60 FDB statistics... 60 LACP statistics... 60 Layer 3 statistics... 61 IP statistics... 62 Route statistics... 62 ARP statistics... 63 DNS statistics... 63 ICMP statistics... 64 TCP statistics... 65 UDP statistics... 66 IGMP Multicast Group statistics... 66 OSPF statistics... 67 OSPF Global Statistics... 67 VRRP statistics... 69 RIP statistics... 70 GEA Layer 3 statistics... 71 GEA Layer 3 statistics... 71 Management Processor statistics... 72 Packet statistics... 72 TCP statistics... 73 UDP statistics... 73 CPU statistics... 73 ACL statistics... 74 SNMP statistics... 74 NTP statistics... 76 Uplink Failure Detection statistics... 77 Statistics dump... 77 Configuration Commands... 78... 78... 78 System configuration... 79 System host log configuration... 80 Secure Shell Server configuration... 81
RADIUS server configuration... 82 TACACS+server configuration... 83 NTP server configuration... 84 System SNMP configuration... 85 SNMPv3 configuration... 86 User Security Model configuration... 87 SNMPv3 View configuration... 87 View-based Access Control Model configuration... 88 SNMPv3 Group configuration... 88 SNMPv3 Community Table configuration... 89 SNMPv3 Target Address Table configuration... 89 SNMPv3 Target Parameters Table configuration... 90 SNMPv3 Notify Table configuration... 90 System Access configuration... 91 Management Network configuration... 91 User Access Control configuration... 92 User ID configuration... 92 HTTPS Access configuration... 93 Port configuration... 94 Temporarily disabling a port... 95 Port link configuration... 95 ACL Port configuration... 96 Layer 2 configuration... 96 802.1x configuration... 96 802.1x Global configuration... 97 802.1x Port configuration... 98 Rapid Spanning Tree Protocol/Multiple Spanning Tree Protocol configuration... 99 Common Internal Spanning Tree configuration... 101 CIST bridge configuration... 101 CIST port configuration... 102 Spanning Tree configuration... 103 Bridge Spanning Tree configuration... 104 Spanning Tree port configuration... 105 Fowarding Database configuration... 106 Static FDB configuration... 106 Trunk configuration... 106 Layer 2 IP Trunk Hash configuration... 107 Link Aggregation Control Protocol configuration... 107 LACP Port configuration... 108 VLAN configuration... 108 Layer 3 configuration... 110 IP interface configuration... 110 Default Gateway configuration... 111 IP Static Route configuration... 111 Address Resolution Protocol configuration... 112 IP Forwarding configuration... 112 Network Filter configuration... 112 Route Map configuration... 113 IP Access List configuration... 114 Routing Information Protocol configuration... 115 RIP Interface configration... 115 RIP Router Redistribution configuration... 116 Open Shortest Path First configuration... 117 OSPF Area Index configuration... 118 OSPF Summary Range configuration... 119 OSPF Interface configuration... 119 OSPF Virtual Link configuration... 120 OSPF Host Entry configuration... 120 OSPF Route Redistribution configuration... 121 OSPF MD5 Key configuration... 121 IGMP configuration... 122 IGMP snooping configuration... 122 IGMP static multicast router configuration... 123 IGMP filtering configuration... 123 IGMP filter definition... 123
IGMP filtering port configuration... 124 Domain Name System configuration... 124 Bootstrap Protocol Relay configuration... 124 Virtual Router Redundancy Protocol configuration... 125 VRRP Virtual Router configuration... 125 VRRP Virtual Router Priority Tracking configuration... 127 VRRP Virtual Router Group configuration... 128 VRRP Virtual Router Group Priority Tracking configuration... 129 VRRP Interface configuration... 129 VRRP Tracking configuration... 130 Quality of Service configuration... 130 QoS 802.1p configuration... 130 Access Control configuration... 131 Access Control List configuration... 131 ACL Ethernet Filter configuration... 131 ACL IP Version 4 Filter configuration... 132 ACL TCP/UDP Filter configuration... 132 ACL Packet Format configuration... 133 ACL Metering configuration... 133 ACL Re-mark configuration... 134 ACL Re-mark In-Profile configuration... 134 Re-mark Update User Priority configuration... 134 ACL Re-mark Out-of-Profile configuration... 135 ACL Group configuration... 135 Remote Monitoring configuration... 136 RMON history configuration... 136 RMON event configuration... 136 RMON alarm configuration... 137 Port mirroring... 138 Port-based port mirroring... 138 Uplink Failure Detection configuration... 139 Failure Detection Pair configuration... 139 Link to Monitor configuration... 139 Link to Disable configuration... 140 Configuration Dump... 141 Saving the active switch configuration... 141 Restoring the active switch configuration... 141 Operations Commands... 142 Operations-level port options... 142 Operations-level port 802.1x optioins... 143 Operations-level VRRP options... 143 Boot Options... 144 Updating the switch software image... 144 Downloading new software to the switch... 144 Selecting a software image to run... 145 Uploading a software image from the switch... 146 Selecting a configuration block... 146 Resetting the switch... 147 Accessing the AOS CLI... 147 Maintenance Commands... 148 System maintenance... 148 Fowarding Database maintenance... 148 Debugging options... 149 ARP cache maintenance... 149 IGMP Snooping maintenance... 150 IGMP Mrouter maintenance... 150 Technical support dump... 150 TFTP/FTP technical support dump put... 150 Uuencode flash dump... 151 TFTP/FTP system dump put... 151
Clearing dump information... 151 Panic command... 152 Unscheduled system dumps... 152
ISCLI GbE (L3) AOS CLI ISCLI Telnet (SSH) SNMP (Simple Network Management Protocol) NEC WebSAM NetvisorPro Web ISCLI ISCLI N8406-023 GbE (L3) N8406-023 GbE (L3) N8406-023 GbE (L3) (AOS) N8406-023 GbE (L3) Telnet SSH (DB-9) VT-100 ISCLI 8
1 9600 8 1 1. 2. 3. Enter 4. IP Telnet SSH IP DHCP /cfg/sys/dhcp enabled 256 DHCP IP /cfg/sys/dhcp enabled DHCP 256 IP 4 BOOTP 1 BOOTP IP BOOTP MAC BOOTP BOOTP MAC System Information ( Information Commands System Information commands) BOOTP DHCP MAC BOOTP IP Telnet Telnet 4 Telnet IP Telnet ISCLI Telnet Telnet Telnet IP telnet <GbE(L3) IP address> ISCLI 9
SSH Telnet SSH SSH SSH SSH Configuration Commands Secure Shell Server configuration 1 SSH/SCP SSH/SCP SSH RSA RSA AES256-CBC AES192-CBC AES128-CBC 3DES-CBC 3DES ARCFOUR RADIUS SSH Linux SSH 3.0.1 SecureCRT 4.1.8 (VanDyke Technologies, Inc.) Linux OpenSSH_3.9 (FC 3) Linux SCP (FC 3) Windows PuTTY 0.58 (Simon Tatham) SSH 1.5 2.0 1.0 2.0 SSH SSH SSH 1 2 SSH IP ISCLI SSH ssh IP SSH >> # ssh <user>@<gbe(l3) IP address> SSH "yes" ISCLI 10
CLI Web 3 Maintenance Menu Telnet SSH 2 user oper admin user admin admin 5 Telnet SSH idle timeout 1 60 Configuration Commands System configuration ISCLI 11
< > bold body text bold Courier text plain Courier text braces { } brackets [ ] italic text vertical line ping <IP address> ping 192.32.10.12 show ip arp configure terminal 1 show portchannel {<1-12> hash information} show portchannel <1-12> show portchannel hash show portchannel information show ip interface [<1-256>] show ip interface show ip interface 1 2 show spanning-tree stp <1-32> 1-32 1 32 1 show portchannel {<1-12> hash information} show portchannel <1-12> show portchannel hash show portchannel information ISCLI 12
ISCLI ISCLI ISCLI ISCLI ISCLI AOS CLI ISCLI Main# boot/mode iscli AOS CLI ISCLI Switch(config)# boot cli-mode aos CLI CLI ISCLI ISCLI 3 User EXEC Priviledged EXEC User EXEC Privileged EXEC Global Configuration ISCLI 3 ISCLI User EXEC Switch> Privileged EXEC Switch# Global configuration Switch(config)# Port configuration Switch(config-if)# VLAN configuration Switch(config-vlan)# exit logout User EXEC enable User EXEC disable ISCLI exit logout Privileged EXEC configure terminal Privileged EXEC end exit Global Configuration interface gigabitethernet <port number> Global Configuration exit Privileged EXEC end Global Configuration vlan <1-4095> Global Configuration exit Privileged EXEC end ISCLI 13
3 ISCLI Interface IP configuration Switch(config-ipif)# Global Configuration interface ip <1-256> Global Configuration exit Privileged EXEC end ISCLI help 4? exit 1 copy running-config startup-config exit or quit ping ping <host name> <IP address> [<number of tries>] [<msec delay>] <IP address> IP <number of tries>( ) (1 32) <msec delay>( ) traceroute traceroute <host name> <IP address> [<max-hops>] [<msec delay>] <IP address> IP <max-hops>( ) 1 16 <msec delay>( ) telnet Telnet telnet <host name> <IP address> [<port number>] show history 10 console-log who ISCLI 14
CLI Switch(config)# spanning-tree stp 1 bridge hello 2 Switch(config)# sp stp 1 br h 2 Tab Tab Tab 1 ISCLI 15
Information Commands ISCLI ISCLI Information 5 Information show sys-info show layer2 information show layer3 information show rmon show interface link show interface information show geaport show ufd show information-dump 2 3 RMON (10 Mb/s 100 Mb/s 1000 Mb/s any) (half full any) (no yes any) (up down) User EXEC VLAN VLAN ID (PVID) VLAN User EXEC GEA UFD (Uplink Failure Detection) Information 10K Information Commands 16
System Information commands System Information 6 System Information show snmp-server v3 show sys-info show logging messages show access user SNMPv3 Information commands SNMP v3 MAC IP #1 IP Configuration User EXEC SNMP 3 SNMPv3 SNMPv2 SNMP SNMP SNMP SNMPv3 RFC2271 RFC2276 SNMPv3 Information 7 SNMPv3 Information show snmp-server v3 user show snmp-server v3 view show snmp-server v3 access show snmp-server v3 group show snmp-server v3 community show snmp-server v3 target-address show snmp-server v3 targetparameters show snmp-server v3 notify show snmp-server v3 (USM) MIB SNMPv3 Information Commands 17
SNMPv3 USM User Table information SNMPv3 show snmp-server v3 user SNMPv3 (USM) USM ID USM SNMPv3 8 SNMPv3 User Name Protocol SNMPv3 View Table information SNMPv3 show snmp-server v3 view DES MD5 HMAC-SHA View Name Subtree Mask Type ------------------ -------------------------- -------- -------- iso 1 included v1v2only 1 included v1v2only 1.3.6.1.6.3.15 excluded v1v2only 1.3.6.1.6.3.16 excluded v1v2only 1.3.6.1.6.3.18 excluded MIB MIB SNMPv3 9 SNMPv3 View Name Subtree Mask Type MIB OID MIB Information Commands 18
SNMPv3 Access Table information SNMPv3 show snmp-server v3 access Group Name Model Level Match ReadV WriteV NotifyV ---------- ------- ------------ ------ --------- -------- ------- v1v2grp snmpv1 noauthnopriv exact iso iso v1v2only admingrp usm authpriv exact iso iso iso vacmacess Table (View-based Access Control Model Access Table) Read View Write View Notify View Read View Write View Notify View Read View Read MIB Write View Write MIB Notify View MIB SNMPv3 10 SNMPv3 Group Name Prefix Model Level Match ReadV WriteV NotifyV SNMPv1 SNMPv2 USM noauthnopriv authnopriv auth-priv exact prefix MIB MIB MIB SNMPv3 Group information SNMPv3 show snmp-server v3 group Sec Model User Name Group Name ---------- ----------------------------- -------------------------- snmpv1 v1v2only v1v2grp usm adminmd5 admingrp usm adminsha admingrp SNMPv3 11 SNMPv3 Sec Model User Name Group Name USM SNMPv1 SNMPv2 SNMPv3 Information Commands 19
SNMPv3 Community Table information SNMPv3 show snmp-server v3 community Index Name User Name Tag ---------- ---------- -------------------- ---------- trap1 public v1v2only v1v2trap SNMP SNMPv3 12 SNMPv3 Index Name User Name (USM) Tag SNMPv3 Target Address Table information SNMPv3 show snmp-server v3 target-address Name Transport Addr Port Taglist Params ---------- --------------- ---- ---------- --------------- trap1 47.81.25.66 162 v1v2trap v1v2param SNMP SNMPv3 SNMPv3 13 SNMPv3 Name Transport Addr Port Taglist Params SNMP SNMP UDP SNMP SNMP Information Commands 20
SNMPv3 Target Parameters Table information SNMPv3 show snmp-server v3 target-parameters Name MP Model User Name Sec Model Sec Level ----------------- -------- ------------------ --------- ----------- v1v2param snmpv2c v1v2only snmpv1 noauthnopriv SNMPv3 14 SNMPv3 Name MP Model User Name Sec Model Sec Level SNMP SNMP SNMP SNMP SNMPv3 Notify Table information SNMPv3 show snmp-server v3 notify Name Tag -------------------- -------------------- v1v2trap v1v2trap SNMPv3 15 SNMPv3 Field Name Tag SNMP SNMP SNMP Information Commands 21
SNMPv3 dump SNMPv3 show snmp-server v3 Engine ID = 80:00:07:50:03:00:0F:6A:F8:EF:00 usmuser Table: User Name Protocol -------------------------------- -------------------------------- admin NO AUTH, NO PRIVACY adminmd5 HMAC_MD5, DES PRIVACY adminsha HMAC_SHA, DES PRIVACY v1v2only NO AUTH, NO PRIVACY vacmaccess Table: Group Name Prefix Model Level Match ReadV WriteV NotifyV ---------- ------ ------- ------------ ------ ------ ------- ------ admin usm noauthnopriv exact org org org v1v2grp snmpv1 noauthnopriv exact org org v1v2only admingrp usm authpriv exact org org org vacmviewtreefamily Table: View Name Subtree Mask Type -------------------- --------------- ------------ -------------- org 1.3 included v1v2only 1.3 included v1v2only 1.3.6.1.6.3.15 excluded v1v2only 1.3.6.1.6.3.16 excluded v1v2only 1.3.6.1.6.3.18 excluded vacmsecuritytogroup Table: Sec Model User Name Group Name ---------- ------------------------------- ----------------------- snmpv1 v1v2only v1v2grp usm admin admin usm adminsha admingrp snmpcommunity Table: Index Name User Name Tag ---------- ---------- -------------------- ---------- snmpnotify Table: Name Tag -------------------- -------------------- snmptargetaddr Table: Name Transport Addr Port Taglist Params ---------- --------------- ---- ---------- --------------- snmptargetparams Table: Name MP Model User Name Sec Model Sec Level -------------------- -------- ------------------ --------- ------- Information Commands 22
System information show sys-info System Information at 6:56:22 Thu Jan 11, 2006 Time zone: Asia/Tokyo Blade Network Technologies 1Gb Intelligent L3 Switch sysname: syslocation: RackId: NEC01A 6X00125 RackName: Default_Rack_Name EnclosureSerialNumber: NEC01A 6X00125 EnclosureName: Default_Chassis_Name BayNumber: 1 Switch is up 0 days, 14 hours, 56 minutes and 22 seconds. Last boot: 17:25:38 Mon Jan 8, 2006 (software reset) MAC address: 00:10:00:01:00:01 IP (If 1) address: 10.14.4.16 Revision: Switch Serial No: Spare Part No: Software Version 1.0.0 (FLASH image2), active configuration. Rack MAC IP Configuration (active backup factory default) Information Commands 23
Show recent syslog messages show logging messages Date Time Severity level Message ---- ---- ----------------- ------- Jul 8 17:25:41 NOTICE system: link up on port 1 Jul 8 17:25:41 NOTICE system: link up on port 8 Jul 8 17:25:41 NOTICE system: link up on port 7 Jul 8 17:25:41 NOTICE system: link up on port 12 Jul 8 17:25:41 NOTICE system: link up on port 11 Jul 8 17:25:41 NOTICE system: link up on port 14 Jul 8 17:25:41 NOTICE system: link up on port 13 Jul 8 17:25:41 NOTICE system: link up on port 16 Jul 8 17:25:41 NOTICE system: link up on port 15 Jul 8 17:25:41 NOTICE system: link up on port 17 Jul 8 17:25:41 NOTICE system: link up on port 20 Jul 8 17:25:41 NOTICE system: link up on port 22 Jul 8 17:25:41 NOTICE system: link up on port 23 Jul 8 17:25:41 NOTICE system: link up on port 21 Jul 8 17:25:42 NOTICE system: link up on port 4 Jul 8 17:25:42 NOTICE system: link up on port 3 Jul 8 17:25:42 NOTICE system: link up on port 6 Jul 8 17:25:42 NOTICE system: link up on port 5 Jul 8 17:25:42 NOTICE system: link up on port 10 Jul 8 17:25:42 NOTICE system: link up on port 9 8 EMERG ALERT CRIT ERR WARNING NOTICE INFO DEBUG System user information show access user User EXEC Usernames: user - enabled oper - disabled admin - Always Enabled Current User ID table: 1: name tech1, ena, cos user, password valid, online 2: name tech2, ena, cos user, password valid, offline 16 user oper admin Information Commands 24
16 Current User ID Table User ID Layer 2 information 2 17 2 show mac-address-table show lacp information show qos transmit-queue information show dot1x information show spanning-tree <1-128> information show spanning-tree mstp cist information show portchannel information show vlan information show layer2 FDB LACP 802.1p 802.1x STP STP STP CIST CIST VLAN VLAN VLAN VLAN Layer2 information 10K Information Commands 25
FDB information commands FDB (Forwarding Database) MAC FDB MAC 8K 18 FDB show mac-address-table address <macaddress> show mac-address-table port <port number> show mac-address-table vlan <1-4095> show mac-address-table state {forward trunk unknown} show mac-address-table 1 MAC MAC MAC xx:xx:xx:xx:xx:xx 08:00:20:12:34:56 xxxxxxxxxxxx 080020123456 FDB VLAN FDB 1 4095 FDB FDB Show all FDB information FDB show mac-address-table MAC address VLAN Port Trnk State ----------------- ---- ---- ---- ----- 00:02:01:00:00:00 300 1 TRK 00:02:01:00:00:01 300 23 FWD 00:02:01:00:00:02 300 23 FWD 00:02:01:00:00:03 300 23 FWD 00:02:01:00:00:04 300 23 FWD 00:02:01:00:00:05 300 23 FWD 00:02:01:00:00:06 300 23 FWD 00:02:01:00:00:07 300 23 FWD 00:02:01:00:00:08 300 23 FWD 00:02:01:00:00:09 300 23 FWD 00:02:01:00:00:0a 300 23 FWD 00:02:01:00:00:0b 300 23 FWD 00:02:01:00:00:0c 300 23 FWD (FWD) (TRK) Trnk (UNK) MAC Clearing entries from the FDB MAC FDB Configuration Commands Static FDB configuration Information Commands 26
Link Aggregation Control Protocol information Link Aggregation Control Protocol information 19 LACP show interface gigabitethernet <port number> lacp information show lacp show lacp information LACP aggregator LACP LACP LACP dump LACP show lacp information >> LACP# dump port lacp adminkey operkey selected prio attached trunk aggr ---------------------------------------------------------------------- 1 off 1 1 n 32768 -- -- 2 off 2 2 n 32768 -- -- 3 off 3 3 n 32768 -- -- 4 off 4 4 n 32768 -- -- 5 off 5 5 n 32768 -- -- 6 off 6 6 n 32768 -- -- 7 off 7 7 n 32768 -- -- 8 off 8 8 n 32768 -- -- LACP LACP (active, passive, off) adminkey operkey LACP Information Commands 27
802.1x information 802.1x show dot1x information System capability : Authenticator System status : disabled Protocol version : 1 Authenticator Backend Port Auth Mode Auth Status PAE State Auth State ---- ------------ ------------ -------------- ---------- 1 force-auth unauthorized initialize initialize 2 force-auth unauthorized initialize initialize 3 force-auth unauthorized initialize initialize 4 force-auth unauthorized initialize initialize 5 force-auth unauthorized initialize initialize 6 force-auth unauthorized initialize initialize 7 force-auth unauthorized initialize initialize 8 force-auth unauthorized initialize initialize 9 force-auth unauthorized initialize initialize 10 force-auth unauthorized initialize initialize 11 force-auth unauthorized initialize initialize 12 force-auth unauthorized initialize initialize 13 force-auth unauthorized initialize initialize 14 force-auth unauthorized initialize initialize 15 force-auth unauthorized initialize initialize 16 force-auth unauthorized initialize initialize *17 force-auth unauthorized initialize initialize *18 force-auth unauthorized initialize initialize 19 force-auth unauthorized initialize initialize 20 force-auth unauthorized initialize initialize *21 force-auth unauthorized initialize initialize 22 force-auth unauthorized initialize initialize *23 force-auth unauthorized initialize initialize *24 force-auth unauthorized initialize initialize ------------------------------------------------------------------ * - Port down or disabled IEEE 802.1x 20 802.1x Port Auth Mode Auth Status Authenticator PAE State force-unauth auto force-auth authorized unauthorized Authenticator Port Access Entity initialize disconnected connecting authentication authenticated aborting held forceauth Information Commands 28
20 802.1x Backend Auth State request response success fail timeout idle Spanning Tree information Spanning Tree Protocol (STP) information 21 STP show spanning-tree stp <1-128> show spanning-tree stp <1-128> bridge show spanning-tree <1-128> information show spanning-tree stp <1-128> information STP bridge STP ------------------------------------------------------------------ upfast disabled, update 40 ------------------------------------------------------------------ Spanning Tree Group 1: On (STP/PVST+) VLANs: 1 Current Root: Path-Cost Port Hello MaxAge FwdDel Aging 8000 00:02:a5:d1:0f:ed 8 20 2 20 15 180 Parameters: Priority Hello MaxAge FwdDel Aging 32768 2 20 15 180 Port Priority Cost FastFwd State Designated Bridge Des Port ---- -------- ---- -------- ---------- -------------------- ------- 1 0 0 n FORWARDING * 2 0 0 n FORWARDING * 3 0 0 n FORWARDING * IEEE 802.1d (STP) RSTP/MSTP Rapid Spanning Tree and Multiple Spanning Tree information STP STP upfast (Uplink Fast) MAC STP Information Commands 29
STP 22 STP Current Root Path-Cost Port Priority (bridge) Hello MaxAge FwdDel Aging (16 ) MAC 0 STP BPDU Max Age ( ) MaxAge Forward Delay ( ) FwdDel FDB Aging Time ( ) Priority (port) Cost State Designated bridge Designated port 1 BLOCKING LISTENING LEARNING FORWARDING DISABLED 16 ) MAC ID Information Commands 30
Rapid Spanning Tree and Multiple Spanning Tree information RSTP/MSTP show spanning-tree stp <1-128> information ------------------------------------------------------------------ upfast disabled, update 40 ------------------------------------------------------------------ Spanning Tree Group 1: On (RSTP) VLANs: 1-3 4095 Current Root: Path-Cost Port Hello MaxAge FwdDel Aging 8000 00:00:01:00:19:00 0 0 9 20 15 300 Parameters: Priority Hello MaxAge FwdDel Aging 32768 9 20 15 300 Port Prio Cost State Role Designated Bridge Des Port Type ---- ---- ---- ------ ---- --------------------- -------- ---- 1 0 0 DSB 2 0 0 DSB 3 0 0 DSB 4 0 0 DSB 5 0 0 DSB 6 0 0 DSB 7 0 0 DSB 8 0 0 DSB 9 0 0 DSB 10 0 0 DISC 11 0 0 FWD DESG 8000-00:00:01:00:19:00 8017 P2P2,Edge 12 0 0 FWD DESG 8000-00:00:01:00:19:00 8018 P2P IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) RSTP/MSTP RSTP upfast (Uplink Fast) MAC RSTP RSTP MSTP STP 23 RSTP Current Root Path-Cost (16 ) MAC Information Commands 31
23 RSTP Port Priority (bridge) Hello MaxAge FwdDel Aging Priority (port) Cost State Role Designated bridge Designated port Type 0 STP BPDU ( ) Max Age ( ) Forward Delay ( ) FDB Aging Time ( ) 1 (0) RSTP/MSTP Discarding (DISC) Learning (LRN) Forwarding (FWD) Disabled (DSB) Designated (DESG) Root (ROOT) Alternate (ALTN) Backup (BKUP) Master (MAST) Unknown (UNK) (16 ) MAC ID AUTO P2P SHARED Information Commands 32
Common Internal Spanning Tree information Common Internal Spanning Tree (CIST) show spanning-tree mstp cist information Mstp Digest: 0xac36177f50283cd4b83821d8ab26de62 Common Internal Spanning Tree: VLANs: 1 3-4094 Current Root: Path-Cost Port MaxAge FwdDel 8000 00:03:42:fa:3b:80 11 1 20 15 CIST Regional Root: Path-Cost 8000 00:03:42:fa:3b:80 11 Parameters: Priority MaxAge FwdDel Hops 32768 20 15 20 Port Prio Cost State Role Designated Bridge Des Port Hello Type ---- ---- ---- ------ ---- --------------------- -------- ----- ---- 1 128 2000 FWD DESG 8000-00:03:42:fa:3b:80 8001 4 P2P, Edge 2 128 2000 FWD DESG 8000-00:03:42:fa:3b:80 8002 3 128 2000 DSB 4 128 2000 DSB 5 128 2000 DSB 6 128 2000 DSB 7 128 2000 DSB 8 128 2000 DSB 9 128 2000 DSB 10 128 0 DSB 11 128 2000 FWD DESG 8000-00:03:42:fa:3b:80 12 128 2000 DSB CIST CIST upfast (Uplink Fast) CIST CIST CIST Information Commands 33
CIST 24 CIST CIST Root CIST Regional Root Priority (bridge) MaxAge FwdDel Hops Priority (port) Cost State Role Designated Bridge Designated Port Hello Type CIST CIST MSTP Max Age ( ) Forward Delay ( ) 1 (0) Discarding (DISC) Learning (LRN) Forwarding (FWD) Disabled (DSB) Designated (DESG) Root (ROOT) Alternate (ALTN) Backup (BKUP) Master (MAST) Unknown (UNK) (16 ) MAC ID BPDU ( ) AUTO P2P SHARED Trunk group information show portchannel information Trunk group 1, Enabled port state: 17: STG 1 forwarding 18: STG 1 forwarding Information Commands 34
VLAN information VLAN information 25 VLAN show vlan show vlan information VLAN STP VLAN VLAN show vlan information VLAN Name Status Ports ---- -------------------------------- ------ ---------------- 1 Default VLAN ena 4 5 2 pc03p ena 2 7 pc07f ena 7 11 pc04u ena 11 14 8600-14 ena 14 15 8600-15 ena 15 16 8600-16 ena 16 17 8600-17 ena 17 18 35k-1 ena 18 20 35k-3 ena 20 21 35k-4 ena 21 22 pc07z ena 22 24 redlan ena 24 300 ixiatraffic ena 1 12 13 23 4000 bpsports ena 3-6 8-10 4095 Mgmt VLAN ena 19 VLAN VLAN VLAN VLAN VLAN Information Commands 35
Layer 3 information 3 26 3 show ip route show ip information show ip arp show ip ospf information show interface ip [<1-256>] rip show layer3 information show ip igmp groups show ip vrrp information show layer3 Route information 3 27 3 show ip route address <IP address> show ip route gateway <IP address> show ip route type {indirect direct local broa dcast martian multicast} show ip route tag {fixed static addr rip ospf broadcast multicast martia n} show ip route interface <1-256> show ip route User EXEC IP User EXEC (ARP) User EXEC OSPF User EXEC RIP User EXEC IP IP IP VLAN IP IP Enable Inet Imask User EXEC IGMP User EXEC VRRP User EXEC Layer 3 information 10K User EXEC IP User EXEC User EXEC User EXEC User EXEC User EXEC Information Commands 36
Show all IP Route information VLAN show ip route UserEXEC Status code: * - best Destination Mask Gateway Type Tag Metr If --------------- --------------- --------------- --------- --------- ---- -- * 11.0.0.0 255.0.0.0 11.0.0.1 direct fixed 211 * 11.0.0.1 255.255.255.255 11.0.0.1 local addr 211 * 11.255.255.255 255.255.255.255 11.255.255.255 broadcast broadcast 211 * 12.0.0.0 255.0.0.0 12.0.0.1 direct fixed 12 * 12.0.0.1 255.255.255.255 12.0.0.1 local addr 12 * 12.255.255.255 255.255.255.255 12.255.255.255 broadcast broadcast 12 * 13.0.0.0 255.0.0.0 11.0.0.2 indirect ospf 2 211 * 47.0.0.0 255.0.0.0 47.133.88.1 indirect static 24 * 47.133.88.0 255.255.255.0 47.133.88.46 direct fixed 24 * 172.30.52.223 255.255.255.255 172.30.52.223 broadcast broadcast 2 * 224.0.0.0 224.0.0.0 0.0.0.0 martian martian * 224.0.0.5 255.255.255.255 0.0.0.0 multicast addr Type 28 IP Routing Type information indirect Gateway direct local IP broadcast martian multicast Tag 29 IP Routing Tag information fixed static addr IP 1 rip RIP ospf OSPF broadcast multicast martian Information Commands 37
ARP information (ARP) IP MAC VLAN ARP 30 ARP show ip arp find <IP address> show ip arp interface <port number> show ip arp vlan <1-4095> show ip arp show ip arp reply IP ARP User EXEC ARP User EXEC VLAN ARP User EXEC ARP IP MAC VLAN IP User EXEC ARP IP IP MAC VLAN User EXEC Show all ARP entry information ARP show ip arp User EXEC IP address Flags MAC address VLAN Port --------------- ----- ----------------- ---- ---- 192.168.2.4 00:50:8b:b2:32:cb 1 18 192.168.2.19 00:0e:7f:25:89:b5 1 17 192.168.2.61 P 00:0f:6a:ed:46:00 1 Flags 31 ARP Flags P R U IP ARP MAC ARP address list information ARP show ip arp reply User EXEC IP address IP mask MAC address VLAN Flags --------------- --------------- ----------------- ---- ----- 205.178.18.66 255.255.255.255 00:70:cf:03:20:04 P 205.178.50.1 255.255.255.255 00:70:cf:03:20:06 1 205.178.18.64 255.255.255.255 00:70:cf:03:20:05 1 ARP Information Commands 38
OSPF information OSPF 32 OSPF show ip ospf general-information OSPF User EXEC show ip ospf area information [<0-2>] User EXEC show ip ospf interface [<1-256>] User EXEC show ip ospf area-virtual-link information User EXEC show ip ospf neighbor User EXEC show ip ospf summary-range <0-2> NSSA User EXEC show ip ospf summary-range-nssa <0-2> NSSA User EXEC show ip ospf routes OSPF User EXEC show ip ospf information OSPF User EXEC OSPF general information OSPF show ip ospf general-information User EXEC OSPF Version 2 Router ID: 10.10.10.1 Started at 1663 and the process uptime is 4626 Area Border Router: yes, AS Boundary Router: no LS types supported are 6 External LSA count 0 External LSA checksum sum 0x0 Number of interfaces in this router is 2 Number of virtual links in this router is 1 16 new lsa received and 34 lsa originated from this router Total number of entries in the LSDB 10 Database checksum sum 0x0 Total neighbors are 1, of which 2 are >=INIT state, 2 are >=EXCH state, 2 are =FULL state Number of areas is 2, of which 3-transit 0-nssa Area Id : 0.0.0.0 Authentication : none Import ASExtern : yes Number of times SPF ran : 8 Area Border Router count : 2 AS Boundary Router count : 0 LSA count : 5 LSA Checksum sum : 0x2237B Summary : no Summary Information Commands 39
OSPF interface information OSPF show ip ospf interface [<1-256>] User EXEC Ip Address 10.10.12.1, Area 0.0.0.1, Admin Status UP Router ID 10.10.10.1, State DR, Priority 1 Designated Router (ID) 10.10.10.1, Ip Address 10.10.12.1 Backup Designated Router (ID) 10.10.14.1, Ip Address 10.10.12.2 Timer intervals, Hello 10, Dead 40, Wait 1663, Retransmit 5, Transit delay 1 Neighbor count is 1 If Events 4, Authentication type none OSPF Database information OSPF Database information 33 OSPF Database information show ip ospf database advertising-router <router ID> show ip ospf database asbrsummary [advertising-router <router ID> link-state-id <A.B.C.D> self] show ip ospf database databasesummary show ip ospf database external [advertising-router <router ID> link-state-id <A.B.C.D> self] show ip ospf database network [advertising-router <router ID> link-state-id <A.B.C.D> self] show ip ospf database nssa [advertising-router <router ID> link-state-id <A.B.C.D> self] show ip ospf database router [advertising-router <router ID> link-state-id <A.B.C.D> self] show ip ospf database self ID 20.1.1.1 LSDB Link State Advertisement (LSA) User EXEC ASBR LSA a. show ip ospf database asbr-summary advertisingrouter 20.1.1.1 20.1.1.1 advertiseing router LSA b. show ip ospf database asbr-summary link-state-id 10.1.1.1 link state ID 10.1.1.1 LSA c. show ip ospf database asbr-summary self ASBR LSA d. ASBR LSA User EXEC LSDB a. LSA b. LSA c. LSA LSA d. LSA LSA User EXEC AS-external (type 5) LSA User EXEC network (type 2) LSA User EXEC NSSA (type 7) LSA User EXEC route (type 1) LSA User EXEC LSA User EXEC Information Commands 40
33 OSPF Database information show ip ospf database summary [advertising-router <router ID> linkstate-id <A.B.C.D> self] show ip ospf database network summary (type 3) LSA User EXEC LSA User EXEC OSPF router codes information OSPF route show ip ospf routes User EXEC Codes: IA - OSPF inter area, N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 IA 10.10.0.0/16 via 200.1.1.2 IA 40.1.1.0/28 via 20.1.1.2 IA 80.1.1.0/24 via 200.1.1.2 IA 100.1.1.0/24 via 20.1.1.2 IA 140.1.1.0/27 via 20.1.1.2 IA 150.1.1.0/28 via 200.1.1.2 E2 172.18.1.1/32 via 30.1.1.2 E2 172.18.1.2/32 via 30.1.1.2 E2 172.18.1.3/32 via 30.1.1.2 E2 172.18.1.4/32 via 30.1.1.2 E2 172.18.1.5/32 via 30.1.1.2 E2 172.18.1.6/32 via 30.1.1.2 E2 172.18.1.7/32 via 30.1.1.2 E2 172.18.1.8/32 via 30.1.1.2 Information Commands 41
Routing Information Protocol Routing Information Protocol (RIP) information 34 RIP information show ip rip routes show ip rip interface [<1-256>] show interface ip [<1-256>]rip RIP User EXEC RIP User EXEC RIP RIP Routes information RIP route show ip rip routes User EXEC >> IP Routing# /info/l3/rip/routes 3.0.0.0/8 via 30.1.1.11 metric 4 4.0.0.0/16 via 30.1.1.11 metric 16 10.0.0.0/8 via 30.1.1.2 metric 3 20.0.0.0/8 via 30.1.1.2 metric 2 16 RIP RIP user information RIP user show interface ip [<1-256>] rip RIP USER CONFIGURATION : RIP on updat 30 RIP Interface 2 : 102.1.1.1, enabled version 2, listen enabled, supply enabled, default none poison disabled, trigg enabled, mcast enabled, metric 1 auth none,key none RIP Interface 3 : 103.1.1.1, enabled version 2, listen enabled, supply enabled, default none poison disabled, trigg enabled, mcast enabled, metric 1 Information Commands 42
IP information 3 show layer3 information Interface information: 1: 47.80.23.243 255.255.254.0 47.80.23.255, vlan 1, up Default gateway information: metric strict 1: 47.80.22.1, up 2: 47.80.225.2, up IP IP IP IGMP multicast group information IGMP 35 IGMP show ip igmp groups address <IP address> show ip igmp groups vlan <1-4095> show ip igmp groups interface <port number> show ip igmp groups portchannel <1-40> show ip igmp groups IP IGMP User EXEC VLAN IGMP User EXEC IGMP User EXEC IGMP User EXEC User EXEC IGMP multicast router port information IGMP 36 IGMP show ip igmp mrouter vlan <1-4095> show ip igmp mrouter information VLAN User EXEC User EXEC Information Commands 43
VRRP information Virtual Router Redundancy Protocol (VRRP) LAN VRRP IP ID 1 IP 1 IP show ip vrrp information VRRP information: 1: vrid 2, 205.178.18.210, if 1, renter, prio 100, master, server 2: vrid 1, 205.178.18.202, if 1, renter, prio 100, backup 3: vrid 3, 205.178.18.204, if 1, renter, prio 100, master, proxy VRRP ID IP Owner IP IP owner Renter owner prio master backup init 255 IP server server proxy proxy IP IP IP IP Information Commands 44
802.1p information 802.1p show qos transmit-queue information Current priority to COS queue information: Priority COSq Weight -------- ---- ------ 0 0 1 1 0 1 2 0 1 3 0 1 4 1 2 5 1 2 6 1 2 7 1 2 Current port priority information: Port Priority COSq Weight ----- -------- ---- ------ 1 0 0 1 2 0 0 1 3 0 0 1 4 0 0 1 23 0 0 1 24 0 0 1 IEEE 802.1p priority to COS queue information 37 802.1p Priority to COS Queue information Priority Cosq Weight 802.1p Class of Service (COS) queue COS queue IEEE 802.1p port priority information 38 802.1p Port Priority information Port Priority Cosq Weight 802.1p Class of Service (COS) queue Information Commands 45
ACL information Access Control Lists and Groups 39 ACL information show access-control list <1-762> show access-control group <1-762> show access-control Access Control List show access-control Current ACL information: ------------------------ Filter 1 profile: Ethernet - VID : 1/0xfff Actions : Set COS to 0 Filter 2 profile: Ethernet - VID : 1/0xfff Actions : Permit No ACL groups configured. ACL User EXEC ACL Group User EXEC ACL Access Control List (ACL) information Access Control List ACL ACL Group Information Commands 46
RMON information RMON show rmon RMON history information RMON history information show rmon history RMON History group configuration: Index IFOID Interval Rbnum Gbnum ----- ------------------------------ -------- ----- ----- 1 1.3.6.1.2.1.2.2.1.1.24 30 5 5 2 1.3.6.1.2.1.2.2.1.1.24 30 5 5 3 1.3.6.1.2.1.2.2.1.1.18 30 5 5 4 1.3.6.1.2.1.2.2.1.1.19 30 5 5 5 1.3.6.1.2.1.2.2.1.1.24 1800 5 5 RMON history information 40 RMON history information Index IFOID Interval Rbnum Gbnum history MIB OID RMON alarm information RMON show rmon alarm Information Commands 47
RMON Alarm group configuration: Index Interval Type rlimit flimit revtidx fevtidx last value ----- -------- ---- -------- -------- ------- ------- ---------- 1 30 abs 10 0 1 0 0 2 900 abs 0 10 0 2 0 3 300 abs 10 20 0 0 0 4 1800 abs 10 0 1 0 0 5 1800 abs 10 0 1 0 0 8 1800 abs 10 0 1 0 56344540 10 1800 abs 10 0 1 0 0 11 1800 abs 10 0 1 0 0 15 1800 abs 10 0 1 0 0 18 1800 abs 10 0 1 0 0 100 1800 abs 10 0 1 0 0 Index OID ----- ------------------------------ 1 1.3.6.1.2.1.2.2.1.10.257 2 1.3.6.1.2.1.2.2.1.11.258 3 1.3.6.1.2.1.2.2.1.12.259 4 1.3.6.1.2.1.2.2.1.13.260 5 1.3.6.1.2.1.2.2.1.14.261 8 1.3.6.1.2.1.2.2.1.10.280 10 1.3.6.1.2.1.2.2.1.15.262 11 1.3.6.1.2.1.2.2.1.16.263 15 1.3.6.1.2.1.2.2.1.19.266 18 1.3.6.1.2.1.2.2.1.10.279 100 1.3.6.1.2.1.2.2.1.17.264 RMON alarm information 41 RMON alarm information Index Interval Type rlimit flimit revtidx fevtidx Last value OID abs delta MIB OID Information Commands 48
RMON event information RMON show rmon event RMON Event group configuration: Index Type Last Sent Description ----- ---- ---------------- --------------------------------- 1 both 0D: 0H: 1M:20S Event_1 2 none 0D: 0H: 0M: 0S Event_2 3 log 0D: 0H: 0M: 0S Event_3 4 trap 0D: 0H: 0M: 0S Event_4 5 both 0D: 0H: 0M: 0S Log and trap event for Link Down 10 both 0D: 0H: 0M: 0S Log and trap event for Link Up 11 both 0D: 0H: 0M: 0S Send log and trap for icmpinmsg 15 both 0D: 0H: 0M: 0S Send log and trap for icmpinechos 100 both 0D: 0H: 0M: 0S Event_100 RMON 42 RMON Index Type Last Sent Description None log trap both Information Commands 49
Link status information show interface link User EXEC ------------------------------------------------------------------ Port Speed Duplex Flow Ctrl Link ---- ----- -------- --TX-----RX-- ------ 1 1000 any yes yes down 2 1000 any yes yes down 3 1000 full yes yes down 4 1000 full yes yes down 5 1000 any yes yes down 6 1000 any yes yes down 7 1000 any yes yes down 8 1000 full yes yes up 9 1000 full yes yes down 10 1000 full yes yes down 11 1000 any yes yes down 12 1000 any yes yes down 13 1000 any yes yes down 14 1000 any yes yes down 15 1000 any yes yes down 16 1000 any yes yes down 17 1000 full yes yes up 18 1000 full yes yes up 19 100 full yes yes up 20 100 full yes yes down 21 1000 full yes yes down 22 1000 full no yes down 23 any any yes yes down 24 any any yes yes down 10Mb/s 100Mb/s 1000Mb/s any half full any no yes any up down Information Commands 50
Port information show interface information User EXEC Port Tag RMON PVID NAME VLAN(s) ---- --- ---- ---- -------------- ------------------------------- 1 n d 1 Downlink1 1 2 n d 1 Downlink2 1 3 n d 1 Downlink3 1 4 n d 1 Downlink4 1 5 n d 1 Downlink5 1 6 n d 1 Downlink6 1 7 n d 1 Downlink7 1 8 n d 1 Downlink8 1 9 n d 1 Downlink9 1 10 n d 1 Downlink10 1 11 n d 1 Downlink11 1 12 n d 1 Downlink12 1 13 n d 1 Downlink13 1 14 n d 1 Downlink14 1 15 n d 1 Downlink15 1 16 n d 1 Downlink16 1 17 n d 1 Xconnect1 1 18 n d 1 Xconnect2 1 19 n d 4095 Mgmt 4095 20 n d 1 Uplink1 1 21 n d 1 Uplink2 1 22 n d 1 Uplink3 1 23 n d 1 Uplink4 1 24 n d 1 Uplink5 1 VLAN y n RMON e d VLAN ID (PVID) VLAN Information Commands 51
Logiral Port to GEA Port mapping GEA show geaport Logical Port GEA Port(0-based) GEA Unit ------------ ----------------- --------- 1 1 0 2 2 0 3 4 0 4 7 0 5 8 0 6 12 0 7 13 0 8 14 0 9 0 0 10 3 0 11 5 0 12 6 0 13 9 0 14 10 0 15 11 0 16 15 0 17 16 0 18 17 0 19 18 0 20 19 0 21 23 0 22 22 0 23 21 0 24 20 0 GEA Information Commands 52
Uplink Failure Detection information UFD (Uplink Failure Detection) show ufd User EXEC Uplink Failure Detection 1: Enabled LtM status: Down Member STG STG State Link Status --------- --- ------------ ----------- port 24 down 1 DISABLED 10 DISABLED * 15 DISABLED * * = STP turned off for this port. LtD status: Auto Disabled Member Link Status --------- ----------- port 1 disabled port 2 disabled port 3 disabled port 4 disabled Uplink Failure Detection 2: Disabled Uplink Failure Detection 3: Disabled Uplink Failure Detection 4: Disabled UFD (Uplink Failure Detection) UFD enabled disabled LtM LtM LtD Information dump show information-dump 10K Information Commands 53
Statistics commands ISCLI 43 show layer3 counters show snmp-server counters show ntp counters clear ntp show ufd counters show counters 3 SNMP NTP clear NTP User EXEC UFD Port Statistics 44 show interface gigabitethernet <port number> dot1x counters show interface gigabitethernet <port number> bridging-counters show interface gigabitethernet <port number> ethernet-counters show interface gigabitethernet <port number> interface-counters show interface gigabitethernet <port number> ip-counters show interface gigabitethernet <port number> link-counters 802.1x ( dot1 ) ( dot3 ) Statistics commands 54
802.1x statistics 802.1x authenticator show interface gigabitethernet <port number> dot1x counters Authenticator Statistics: eapolframesrx = 0 eapolframestx = 0 eapolstartframesrx = 0 eapollogoffframesrx = 0 eapolrespidframesrx = 0 eapolrespframesrx = 0 eapolreqidframestx = 0 eapolreqframestx = 0 invalideapolframesrx = 0 eaplengtherrorframesrx = 0 lasteapolframeversion = 0 lasteapolframesource = 00:00:00:00:00:00 Authenticator Diagnostics: authentersconnecting = 0 autheaplogoffswhileconnecting = 0 authentersauthenticating = 0 authsuccesseswhileauthenticating = 0 authtimeoutswhileauthenticating = 0 authfailwhileauthenticating = 0 authreauthswhileauthenticating = 0 autheapstartswhileauthenticating = 0 autheaplogoffwhileauthenticating = 0 authreauthswhileauthenticated = 0 autheapstartswhileauthenticated = 0 autheaplogoffwhileauthenticated = 0 backendresponses = 0 backendaccesschallenges = 0 backendotherrequeststosupplicant = 0 backendnonnakresponsesfromsupplicant = 0 backendauthsuccesses = 0 backendauthfails = 0 802.1x 45 802.1x Authenticator Diagnostics authentersconnecting autheaplogoffswhileconnecting authentersauthenticating authsuccesseswhile Authenticating authtimeoutswhileauthenticating authfailwhileauthenticating authreauthswhileauthenticating autheapstartswhileauthenticating autheaplogoffwhileauthenticating CONNECTING EAPOL-Logoff CONNECTING DISCONNECTED EAP-Response/Identity CONNECTING AUTHENTICATING AUTHENTICATING AUTHENTICATED AUTHENTICATING ABORTING AUTHENTICATING HELD AUTHENTICATING ABORTING EAPOL-Start AUTHENTICATING ABORTING EAPOL-Logoff AUTHENTICATING ABORTING Statistics commands 55
45 802.1x authreauthswhileauthenticated autheapstartswhileauthenticated autheaplogoffwhileauthenticated backendresponses backendaccesschallenges backendotherrequeststosupplicant backendnonnakresponsesfrom Supplicant backendauthsuccesses backendauthfails AUTHENTICATED CONNECTING EAPOL-Start AUTENTICATED CONNECTING EAPOL-Logoff AUTHENTICATED DISCONNECTED Access-Request AccessChallenge EAP-Request (Identity, Notification, Failure, Success ) EAP-Request EAP-NAK Accept Reject Bridging statistics show interface gigabitethernet <port number> bridging-counters Bridging statistics for port 1: dot1portinframes: 63242584 dot1portoutframes: 63277826 dot1portindiscards: 0 dot1tplearnedentrydiscards: 0 dot1stpportforwardtransitions: 0 46 dot1portinframes dot1portoutframes dot1portindiscards dot1tplearnedentrydiscards dot1stpportforwardtransition s FDB FDB FDB Statistics commands 56
Ethernet statistics show interface gigabitethernet <port number> ethernet-counters Ethernet statistics for port 1: dot3statsalignmenterrors: 0 dot3statsfcserrors: 0 dot3statssinglecollisionframes: 0 dot3statsmultiplecollisionframes: 0 dot3statslatecollisions: 0 dot3statsexcessivecollisions: 0 dot3statsinternalmactransmiterrors: NA dot3statsframetoolongs: 0 dot3statsinternalmacreceiveerrors: 0 47 dot3statsalignmenterrors dot3statsfcserrors dot3statssinglecollisionframes dot3statsmultiplecollisionframes dot3statslatecollisions dot3statsexcessivecollisions 8 (FCS) MAC (LLC) IEEE 802.3 LLC 8 (FCS) MAC LLC IEEE 802.3 LLC ifoutucastpkts ifoutmulticastpkts ifoutbroadcastpkts dot3statsmultiplecollisionframe ifoutucastpkts ifoutmulticastpkts ifoutbroadcastpkts dot3statssinglecollisionframes 512 512 10M 51.2µsec Statistics commands 57
47 dot3statsinternalmactransmiterrors dot3statsframetoolongs dot3statsinternalmacreceiveerrors MAC dot3statslatecollisions dot3statsexcessivecollisions dot3statscarriersenseerrors MAC LLC frametoolong IEEE 802.3 LLC MAC dot3statsframetoolongs dot3statsalignmenterrors dot3statsfcserrors Interface statistics show interface gigabitethernet <port number> interface-counters Interface statistics for port 1: ifhcin Counters ifhcout Counters Octets: 51697080313 51721056808 UcastPkts: 65356399 65385714 BroadcastPkts: 0 6516 MulticastPkts: 0 0 Discards: 0 0 Errors: 0 21187 48 Octets IfHCIn UcastPkts IfHCIn BroadcastPkts IfHCIn MulticastPkts IfHCIn Discards IfHCIn Errors IfHCIn Octets IfHCOut UcastPkts IfHCOut BroadcastPkts IfHCOut MulticastPkts IfHCOut Discards IfHCOut Errors IfHCOut Statistics commands 58
Internet Protocol (IP) statistics show interface gigabitethernet <port number> ip-counters GEA IP statistics for port 1: ipinreceives : 0 ipinheadererror: 0 ipindiscards : 0 IP 49 IP ipinreceives ipinheadererror ipindiscards IP IP IP IP Link statistics show interface gigabitethernet <port number> link-counters Link statistics for port 1: linkstatechange: 2 50 linkstatechange Statistics commands 59
Layer 2 statistics 2 51 2 show mac-address-table counters show interface gigabitethernet <port number> lacp counters FDB Link Aggregation Control Protocol (LACP) FDB statistics FDB show mac-address-table counters FDB statistics: current: 91 hiwat: 91 FDB FDB 52 FDB current hiwat FDB FDB LACP statistics Link Aggregation Control Protocol (LACP) show interface gigabitethernet <port number> lacp counters Valid LACPDUs received - 0 Valid Marker PDUs received - 0 Valid Marker Rsp PDUs received - 0 Unknown version/tlv type - 0 Illegal subtype received - 0 LACPDUs transmitted - 0 Marker PDUs transmitted - 0 Marker Rsp PDUs transmitted - 0 Statistics commands 60
Layer 3 statistics 3 53 3 show ip counters clear ip counters show ip route counters show ip arp counters show ip dns counters show ip icmp counters show ip tcp counters show ip udp counters show ip igmp counters clear ip igmp vlan [<1-4095>] counters show ip ospf counters show ip vrrp counters show ip rip counters show ip gea show layer3 counters IP User EXEC IP IP User EXEC User EXEC ARP User EXEC DNS User EXEC ICMP User EXEC TCP User EXEC UDP clear UDP User EXEC IGMP User EXEC VLAN IGMP Priv EXEC OSPF Priv EXEC (vrrpinadvers) (vrrpoutadvers) (vrrpbadadvers Priv EXEC Routing information Protocol (RIP) Priv EXEC GEA Priv EXEC 3 User EXEC Statistics commands 61
IP statistics IP show ip counters User EXEC IP statistics: ipinreceives: 36475 ipinhdrerrors: 0 ipinaddrerrors: 905 ipinunknownprotos: 0 ipindiscards: 0 ipindelivers: 4103 ipoutrequests: 30974 ipoutdiscards: 0 ipdefaultttl: 255 IP 54 IP ipinreceives ipinhdrerrors ipinaddrerrors ipinunknownprotos ipindiscards ipindelivers ipoutrequests ipoutdiscards ipdefaultttl IP IP IP IP 0.0.0.0 E IP IP IP IP ICMP IP ipforwdatagrams IP IP ipforwdatagrams TTL IP Time-To-Live (TTL) Route statistics show ip route counters User EXEC Route statistics: iproutescur: 7 iprouteshighwater: 7 iproutesmax: 4096 55 iproutescur iproutesmax iprouteshighwater Statistics commands 62
ARP statistics ARP show ip arp counters User EXEC ARP statistics: arpentriescur: 2 arpentrieshighwater: 4 ARP 56 ARP arpentriescur arpentrieshighwater ARP ARP ARP ARP DNS statistics DNS show ip dns counters User EXEC DNS statistics: dnsinrequests: 0 dnsoutrequests: 0 dnsbadrequests: 0 DNS 57 DNS dnsinrequests dnsoutrequests dnsbadrequests DNS DNS DNS Statistics commands 63
ICMP statistics ICMP show ip icmp counters User EXEC ICMP statistics: icmpinmsgs: 245802 icmpinerrors: 1393 icmpindestunreachs: 41 icmpintimeexcds: 0 icmpinparmprobs: 0 icmpinsrcquenchs: 0 icmpinredirects: 0 icmpinechos: 18 icmpinechoreps: 244350 icmpintimestamps: 0 icmpintimestampreps: 0 icmpinaddrmasks: 0 icmpinaddrmaskreps: 0 icmpoutmsgs: 253810 icmpouterrors: 0 icmpoutdestunreachs: 15 icmpouttimeexcds: 0 icmpoutparmprobs: 0 icmpoutsrcquenchs: 0 icmpoutredirects: 0 icmpoutechos: 253777 icmpoutechoreps: 18 icmpouttimestamps: 0 icmpouttimestampreps: 0 icmpoutaddrmasks: 0 icmpoutaddrmaskreps: 0 ICMP 58 ICMP icmpinmsgs icmpinerrors icmpindestunreachs icmpintimeexcds icmpinparmprobs icmpinsrcquenchs icmpinredirects icmpinechos icmpinechoreps icmpintimestamps icmpintimestampreps icmpinaddrmasks icmpinaddrmaskreps icmpoutmsgs icmpouterrors icmpoutdestunreachs icmpouttimeexcds icmpoutparmprobs icmpoutsrcquenchs icmpoutredirects icmpoutechos icmpoutechoreps icmpouttimestamps icmpouttimestampreps icmpoutaddrmasks icmpoutaddrmaskreps ICMP icmpinerrors ICMP ICMP iength ICMP ICMP Destination Unreachable ICMP Time Exceeded ICMP Parameter Problem ICMP Source Quench ICMP Redirect ICMP Echo (request) ICMP Echo Reply ICMP Timestamp (request) ICMP Timestamp reply ICMP Address Mask Request ICMP Address Mask Reply ICMP icmpouterrors ICMP ICMP ICMP Destination Unreachable ICMP Time Exceeded ICMP Parameter Problem ICMP Source Quench ICMP Redirect Redirect ICMP Echo (request) ICMP Echo Reply ICMP Timestamp (request) ICMP Timestamp reply ICMP Address Mask Request ICMP Address Mask Reply Statistics commands 64
TCP statistics TCP show ip tcp counters User EXEC TCP statistics: tcprtoalgorithm: 4 tcprtomin: 0 tcprtomax: 240000 tcpmaxconn: 512 tcpactiveopens: 252214 tcppassiveopens: 7 tcpattemptfails: 528 tcpestabresets: 4 tcpinsegs: 756401 tcpoutsegs: 756655 tcpretranssegs: 0 tcpinerrs: 0 tcpcurbuff: 0 tcpcurconn: 3 tcpoutrsts: 417 TCP 59 TCP tcprtoalgorithm tcprtomin tcprtomax tcpmaxconn tcpactiveopens tcppassiveopens tcpattemptfails tcpestabresets tcpinsegs tcpoutsegs tcpretranssegs tcpinerrs tcpcurbuff tcpcurconn tcpoutrsts TCP TCP CLOSED SYN-SENT TCP LISTEN SYN-RCVD TCP SYN-SENT SYN-RCVD CLOSED SYN-RCVD LISTEN TCP ESTABLISHED CLOSE-WAIT CLOSED TCP TCP TCP RST TCP Statistics commands 65
UDP statistics UDP show ip udp counters User EXEC UDP statistics: udpindatagrams: 54 udpoutdatagrams: 43 udpinerrors: 0 udpnoports: 1578077 UDP 60 UDP udpindatagrams udpoutdatagrams udpinerrors udpnoports UDP. UDP udpnoports UDP UDP IGMP Multicast Group statistics IGMP show ip igmp counters User EXEC Enter VLAN number: (1-4095) 1 ------------------------------------------------------------ IGMP Snoop vlan 1 statistics: ------------------------------------------------------------ rxigmpvalidpkts: 0 rxigmpinvalidpkts: 0 rxigmpgenqueries: 0 rxigmpgrpspecificqueries: 0 rxigmpleaves: 0 rxigmpreports: 0 txigmpreports: 0 txigmpgrpspecificqueries: 0 txigmpleaves: 0 IGMP IGMP 61 IGMP rxigmpvalidpkts rxigmpinvalidpkts rxigmpgenqueries rxigmpgrpspecificqueries rxigmpleaves rxigmpreports txigmpreports txigmpgrpspecificqueries txigmpleaves IGMP General Membership Query Membership Query Leave Membership Report Membership Report Membership Query Leave Statistics commands 66
OSPF statistics OSPF 62 OSPF show ip ospf counters show ip ospf area [<0-2>] counters show ip ospf interface [<1-255>] counters OSPF User EXEC User EXEC User EXEC OSPF Global Statistics OSPF show ip ospf counters User EXEC OSPF stats ---------- Rx/Tx Stats: Rx Tx -------- -------- Pkts 0 0 hello 23 518 database 4 12 ls requests 3 1 ls acks 7 7 ls updates 9 7 Nbr change stats: Intf change Stats: hello 2 up 4 start 0 down 2 n2way 2 loop 0 adjoint ok 2 unloop 0 negotiation done 2 wait timer 2 exchange done 2 backup 0 bad requests 0 nbr change 5 bad sequence 0 loading done 2 n1way 0 rst_ad 0 down 1 Timers kickoff hello 514 retransmit 1028 lsa lock 0 lsa ack 0 dbage 0 summary 0 ase export 0 OSPF Global Statistics Menu 63 OSPF Global Statistics Rx Tx stats: Rx Pkts Tx Pkts Rx Hello Tx Hello Rx Database Tx Database OSPF OSPF OSPF OSPF OSPF Hello OSPF Hello OSPF Databese Description OSPF Databese Description Statistics commands 67
63 OSPF Global Statistics Rx ls Requests Tx ls Requests Rx ls Acks Tx ls Acks Rx ls Updates Tx ls Updates Nbr change stats: hello Start n2way adjoint ok negotiation done exchange done bad requests bad sequence loading done n1way rst down Intf Change Stats: up down loop unloop wait timer backup nbr change Timers Kickoff: hello retransmit OSPF Link State Request OSPF Link State Request OSPF Link State Acknowledgement OSPF Link State Acknowledgement OSPF Link State Update OSPF Link State Update OSPF neighbor Hello OSPF ( HelloInterval Hello ) neighbor neighbor OSPF adjacency neighbor / OSPF Master/Slave sequence number neighbor OSPF Database Description sequence ( adjacency )neighbor OSPF database link state advertisement Link State Request Database Description a) DD sequence number b) init bit c) Database Description OSPF link state update OSPF neighbor Hello OSPF Neighbor adjacency OSPF Neighbor OSPF up OSPF down OSPF OSPF Wait Timer OSPF OSPF OSPF neighbor OSPF OSPF Statistics commands 68
63 OSPF Global Statistics lsa lock lsa ack dbage summary ase export OSPF (LSA) OSPF LSA Ack (Dbage) (ASE) VRRP statistics Virtual Router Redundancy Protocol (VRRP) LAN VRRP IP ID 1 IP 1 IP VRRP (vrrpinadvers) (vrrpoutadvers) (vrrpbadadvers) VRRP show ip vrrp counters User EXEC VRRP statistics: vrrpinadvers: 0 vrrpbadadvers: 0 vrrpoutadvers: 0 vrrpbadversion: 0 vrrpbadvrid: 0 vrrpbadaddress: 0 vrrpbaddata: 0 vrrpbadpassword: 0 vrrpbadinterval: 0 VRRP 64 VRRP vrrpinadvers vrrpoutadvers vrrpbadversion vrrpbadaddress vrrpbadpassword vrrpbadadvers vrrpbadvrid vrrpbaddata vrrpbadinterval VRRP advertisement VRRP advertisement VRRP advertisement VRRP advertisement VRRP advertisement VRRP advertisement virtual router ID VRRP advertisement VRRP advertisement interval VRRP advertisement Statistics commands 69
RIP statistics RIP show ip rip counters User EXEC RIP ALL STATS INFORMATION: RIP packets received = 12 RIP packets sent = 75 RIP request received = 0 RIP response received = 12 RIP request sent = 3 RIP response sent = 72 RIP route timeout = 0 RIP bad size packet received = 0 RIP bad version received = 0 RIP bad zeros received = 0 RIP bad src port received = 0 RIP bad src IP received = 0 RIP packets from self received = 0 Routing Information Protocol (RIP) 65 RIP RIP packets received RIP packets sent RIP request received RIP response received RIP request sent RIP response sent RIP route timeout RIP bad size packet received RIP bad version received RIP bad zeros received RIP bad source port received RIP bad source IP received RIP packets from self received RIP RIP RIP request RIP response RIP request RIP response RIP timeout RIP RIP RIP RIPv1 RIP RIP IP RIP RIP Statistics commands 70
GEA Layer 3 statistics Layer 3 GEA 66 Layer 3 GEA show ip gea bucket <IP address> show ip gea GEA GEA GEA Layer 3 statistics GEA show ip gea User EXEC GEA L3 statistics: Max L3 table size : 4096 Number of L3 entries used : 9 Max LPM table size : 4097 Number of LPM entries used : 31 Max block in LPM table : 255 Number of blocks used in LPM table: 24 Statistics commands 71
Management Processor statistics MP 67 MP show mp packet show mp tcp-block show mp udp-block show mp cpu User EXEC TCP control block (TCB) User EXEC UDP control block (TCB) User EXEC 1 4 64 CPU User EXEC Packet statistics show mp packet User EXEC Packet counts: allocs: 36692 frees: 36692 mediums: 0 mediums hi-watermark: 3 jumbos: 0 jumbos hi-watermark: 0 smalls: 0 smalls hi-watermark: 2 failures: 0 68 MP specific packet allocs TCP/IP frees TCP/IP mediums TCP/IP 128-1536byte mediums hi-watermark TCP/IP 128-1536byte jumbos TCP/IP 1536byte jumbos hi-watermark TCP/IP 1536byte smalls TCP/IP 128 smalls hi-watermark TCP/IP 128 failures TCP/IP Statistics commands 72
TCP statistics TCP show mp tcp-block User EXEC All TCP allocated control blocks: 10ad41e8: 0.0.0.0 0 <=> 0.0.0.0 80 listen 10ad5790: 47.81.27.5 1171 <=> 47.80.23.243 23 established TCP control block (TCB) 69 TCP 10ad41e8/10ad5790 IP 0.0.0.0/47.81.27.5 0/1171 IP 0.0.0.0/47.80.23.243 80/23 listen/established UDP statistics UDP show mp udp-block User EXEC All UDP allocated control blocks: 161: listen UDP control block (UCB) 70 UDP 161 listen CPU statistics CPU show mp cpu User EXEC CPU utilization: cpuutil1second: 8% cpuutil4seconds: 9% cpuutil64seconds: 8% CPU 71 CPU cpuutil1second cpuutil4seconds cpuutil64seconds MP CPU 1 MP CPU 4 MP CPU 64 Statistics commands 73
ACL statistics Access Control List (ACL) show access-control counters User EXEC SNMP statistics Hits for ACL 1: 26057515 Hits for ACL 2: 26057497 SNMP show snmp-server counters User EXEC SNMP statistics: snmpinpkts: 54 snmpinbadversions: 0 snmpinbadc'tynames: 0 snmpinbadc'tyuses: 0 snmpinasnparseerrs: 0 snmpenableauthtraps: 0 snmpoutpkts: 54 snmpinbadtypes: 0 snmpintoobigs: 0 snmpinnosuchnames: 0 snmpinbadvalues: 0 snmpinreadonlys: 0 snmpingenerrs: 0 snmpintotalreqvars: 105 snmpintotalsetvars: 0 snmpingetrequests: 2 snmpingetnexts: 52 snmpinsetrequests: 0 snmpingetresponses: 0 snmpintraps: 0 snmpouttoobigs: 0 snmpoutnosuchnames: 2 snmpoutbadvalues: 0 snmpoutreadonlys: 0 snmpoutgenerrs: 0 snmpoutgetrequests: 0 snmpoutgetnexts: 0 snmpoutsetrequests: 0 snmpoutgetresponses: 54 snmpouttraps: 0 snmpsilentdrops: 0 snmpproxydrops: 0 SNMP 72 SNMP snmpinpkts snmpinbadversions snmpinbadc'tynames snmpinbadc'tyuses snmpinasnparseerrs snmpenableauthtraps snmpoutpkts snmpinbadtypes snmpintoobigs snmpinnosuchnames snmpinbadvalues snmpinreadonlys SNMP SNMP SNMP SNMP SNMP SNMP SNMP SNMP SNMP SNMP SNMP SNMP SNMP ASN.1 SNMP SNMP (PDU) PDU SNMP nosuchname SNMP (PDU) SNMP badvalue SNMP (PDU) SNMP read-only SNMP (PDU) Statistics commands 74
72 SNMP snmpingenerrs snmpintotalreqvars snmpintotalsetvars snmpingetrequests snmpingetnexts snmpinsetrequests snmpingetresponses snmpintraps snmpouttoobigs snmpoutnosuchnames snmpoutbadvalues snmpoutreadonlys snmpoutgenerrs snmpoutgetrequests snmpoutgetnexts snmpoutsetrequests snmpoutgetresponses snmpouttraps snmpsilentdrops snmpproxydrops SNMP generr SNMP (PDU) SNMP Get-Request Get-Next (PDU) SNMP MIB SNMP Set-Request (PDU) SNMP MIB SNMP SNMP Get- Request (PDU) SNMP SNMP Get-Next (PDU) SNMP SNMP Set- Request (PDU) SNMP SNMP Get- Response (PDU) SNMP SNMP (PDU) SNMP SNMP (PDU) SNMP nosuchname SNMP (PDU) SNMP badvalue SNMP (PDU) SNMP generr SNMP (PDU) SNMP SNMP Get-Request (PDU) SNMP SNMP Get-Next (PDU) SNMP SNMP Set-Request (PDU) SNMP SNMP Get-Response (PDU) SNMP SNMP (PDU) SNMP GetRequest-PDU GetNextRequest- PDU GetBulkRequest-PDU SetRequest-PDU InformRequest-PDU Response-PDU SNMP GetRequest-PDU GetNextRequest- PDU GetBulkRequest-PDU SetRequest-PDU InformRequest-PDU Statistics commands 75
NTP statistics NTP show ntp counters NTP statistics: Primary Server: Requests Sent: 17 Responses Received: 17 Updates: 1 Secondary Server: Requests Sent: 0 Responses Received: 0 Updates: 0 Last update based on response from primary server. Last update time: 18:04:16 Tue Mar 13, 2006 Current system time: 18:55:49 Tue Mar 13, 2006 NTP 3 NTP NTP NTP 73 NTP Primary Server Secondary Server Last update based on response from primary server Last update time Current system time Requests Sent NTP NTP Responses Received NTP NTP Updates NTP NTP Requests Sent NTP NTP Responses Received NTP NTP Updates NTP NTP NTP NTP /stats/ntp Statistics commands 76
Uplink Failure Detection statistics UFD show ufd counters Uplink Failure Detection statistics: Number of times LtM link failure: 1 Number of times LtM link in Blocking State: 0 Number of times LtD got auto disabled: 1 UFD 74 UFD Number of times LtM link failure Number of times LtM link in Blocking State Number of times LtD got auto disabled LtM LtM LtM LtD Statistics dump show counters 40K Statistics commands 77
Configuration Commands (NVRAM) 75 show running-config copy running-config {ftp tftp} copy {ftp tftp} running-config User EXEC FTP/TFTP User EXEC FTPTFTP User EXEC ISCLI Switch# copy running-config startup-config active Boot Options Selecting a configuration block Configuration Commands 78
System configuration Web 76 system date <yyyy> <mm> <dd> system time <hh>:<mm>:<ss> system timezone system idle <1-60> [no] system notice <1-1024 characters multi-line> < - to end> [no] banner <1-80 characters> [no] hostname <string> [no] system bootp [no] system dhcp [no] enable <string> show system Global configuration 24 Global configuration Global configuration CLI 1 60 5 Telnet Global configuration Enter password: 1024 Global configuration 80 Global configuration Global configuration BOOTP BOOTP IP IP 1 BOOTP IP 1 enabled Global configuration DHCP DHCP IP IP 256 DHCP IP 256 enabled Global configuration Privilege EXEC Privilege EXEC disabled Global configuration User EXEC Configuration Commands 79
System host log configuration 77 [no] logging host {<1-2>} address {<IP address>} logging host {<1-2>} severity {<1-7>} logging host {<1-2>} facility {<1-7>} [no] logging console [no] logging log {<feature>} show logging IP 100.10.1.1 Global configuration 7 Global configuration 0 Global configuration Global configuration console system management cli spanning-tree-group vlan ssh ntp ip web rmon ufd Global configuration Configuration Commands 80
Secure Shell Server configuration Telnet SSH SSH SSH SSH Telnet (BBI) SSH SSH 78 SSH ssh interval <0-24> ssh scp-password ssh generate-host-key ssh generate-server-key ssh port <TCP port number> ssh scp-enable no ssh scp-enable ssh enable no ssh enable show ssh RSA RSA 0 RSA Global configuration (SCP) SCP scpadmin SCP SCP Global configuration RSA (SSH) Global configuration RSA (SSH) Global configuration SSH Global configuration SCP Global configuration SCP SCP Global configuration SSH Global configuration SSH SSH Global configuration SSH User EXEC Configuration Commands 81
RADIUS server configuration RADIUS RADIUS 79 RADIUS [no] radius-server primary-host <IP address> key <1-32 characters> [no] radius-server secondaryhost <IP address> key <1-32 characters> radius-server port <UDP port number> radius-server retransmit <1-3> radius-server timeout <1-10> [no] radius-server telnetbackdoor [no] radius-server securebackdoor radius-server enable no radius-server enable show radius-server RADIUS -RADIUS Global configuration RADIUS -RADIUS Global configuration UDP 1500 3000 1645 Global configuration RADIUS 1 3 3 Global configuration RADIUS 1 10 3 Global configuration telnet/ssh/ HTTP/HTTPS RADIUS Global configuration telnet/ssh/ HTTP/HTTPS RADIUS Global configuration RADIUS Global configuration RADIUS Global configuration RADIUS User EXEC RADIUS Telnet/SSH/HTTP/HTTPS RADIUS (telnet) (secbd) noradius Telnet noradius RADIUS RADIUS noradius RADIUS RADIUS Configuration Commands 82
TACACS+server configuration TACACS+ (Terminal Access Controller Access Control System) TACACS+ RADIUS TACACS TACACS+ RFC 1492 TACACS+ RADIUS TACACS+ TCP RADIUS UDP RADIUS 1 TACACS+ 2 TACACS+ RADIUS TCP TACACS+ 80 TACACS+ [no] tacacs-server host <IP address> [no] tacacs-server host <IP address> key <1-32 characters> TACACS+ Global configuration TACACS+ Global configuration tacacs-server port <TCP port number> TCP 1 65000 49 Global configuration tacacs-server retransmit <1-3> TACACS+ 1 3 3 Global configuration tacacs-server timeout <4-15> TACACS+ 4 15 5 Global configuration [no] tacacs-server telnet-backdoor telnet/ssh/http/https TACACS+ Global configuration [no] tacacs-server secure-backdoor telnet/ssh/ HTTP/HTTPS TACACS+ Global configuration [no] tacacs-server privilege-mapping TACACS+ disabled Global configuration tacacs-server user-mapping {<0-15> TACACS+ user oper admin} TACACS+ (1 15) (user oper admin) Global configuration tacacs-server enable TACACS+ Global configuration no tacacs-server enable TACACS+ Global configuration show tacacs-server TACACS+ User EXEC TACACS+ Telnet/SSH/HTTP/HTTPS TACACS+ notacacs Configuration Commands 83
Telnet notacacs TACACS+ TACACS+ notacacs TACACS+ TACACS+ NTP server configuration NTP NTP 81 NTP [no] ntp primary-server <IP address> [no] ntp secondary-server <IP address> NTP IP 100.10.1.1 Global configuration NTP IP 100.10.1.1 Global configuration ntp interval <1-44640> NTP (1 44640) 1440 Global configuration system timezone NTP (GMT) HH:MM Global configuration [no] system daylight Global configuration ntp enable NTP Global configuration no ntp enable NTP Global configuration show ntp NTP Configuration Commands 84
System SNMP configuration SNMP SNMP MIB 1 SNMP SNMP MIB MIB II (RFC 1213) Ethernet MIB (RFC 1643) Bridge MIB (RFC 1493) SNMP UDP 161 SNMP SNMP SNMP SNMP Read Write SNMP 82 SNMP hostname <1-64 characters> snmp-server location <1-64 characters> snmp-server contact <1-64 characters> snmp-server read-community <1-32 characters> snmp-server write-community <1-32 characters> snmp-server timeout <1-30> [no] snmp-server authentication-trap enable [no] snmp-server link-trap <1-24> enable [no] snmp-server ufd-trap show snmp-server 64 Global configuration 64 Global configuration 64 Global configuration SNMP Read SNMP get 32 public Global configuration SNMP Write SNMP set get 32 private Global configuration SNMP 1 30 5 Global configuration Global configuration SNMP Global configuration Uplink Failure Detection (UFD) Global configuration SNMP Configuration Commands 85
SNMPv3 configuration SNMP 3 SNMPv3 SNMPv2 SNMP SNMP SNMP SNMPv3 RFC2271 RFC2275 SNMPv3 83 SNMPv3 snmp-server user <1-16> snmp-server view <1-128> snmp-server access <1-32> snmp-server group <1-16> snmp-server community <1-16> snmp-server target-address <1-16> snmp-server target-parameters <1-16> snmp-server notify <1-16> snmp-server version {v1v2v3 v3only} show snmp-server v3 (USM) SNMP 1 16 Global configuration MIB 1 128 Global configuration SNMP 1 32 Global configuration SNMP SNMP 1 16 Global configuration SNMP 1 16 Global configuration 1 16 Global configuration SNMP 1 SNMP 1 SNMP 1 16 Global configuration 1 16 Global configuration SNMP 1 2 Global configuration SNMPv3 Configuration Commands 86
User Security Model configuration USM USM USM 84 USM snmp-server user <1-16> name <1-32 characters> snmp-server user <1-16> authentication-protocol {md5 sha none} authentication-password <password> snmp-server user <1-16> privacy-protocol {des none} privacy-password <password> no snmp-server user <1-16> show snmp-server v3 user <1-16> 32 Global configuration HMAC-MD5-96 HMAC-SHA-96 none none Global configuration des CBC-DES none des MD5 HMAC-SHA-96 none Global configuration USM Global configuration USM SNMPv3 View configuration SNMPv3 85 SNMPv3 snmp-server view <1-128> name <1-32 characters> snmp-server view <1-128> tree <1-32 characters> snmp-server view <1-128> mask <1-32 characters> snmp-server view <1-128> type {included excluded} no snmp-server view <1-128> show snmp-server v3 view <1-128> 32 Global configuration (OID) 32 1.3.6.1.2.1.1.1.0 Global configuration 32 Global configuration MIB Global configuration vacmviewtreefamily Global configuration vacmviewtreefamily Configuration Commands 87
View-based Access Control Model configuration 86 snmp-server access <1-32> name <1-32 characters> snmp-server access <1-32> security {usm snmpv1 snmpv2} snmp-server access <1-32> level {noauthnopriv authno- Priv authpriv} snmp-server access <1-32> read-view <1-32 characters> snmp-server access <1-32> write-view <1-32 characters> snmp-server access <1-32 notify-view <1-32 characters> no snmp-server access <1-32> show snmp-server v3 access <1-32> 32 Global configuration Global configuration noauthnopriv SNMP authnopriv authpriv Global configuration MIB Read Read 32 MIB Global configuration MIB Write Write 32 MIB Global configuration MIB 32 Global configuration Global configuration SNMPv3 Group configuration SNMPv3 87 SNMPv3 snmp-server group <1-16> security {usm snmpv1 snmpv2} snmp-server group <1-16> user-name <1-32 characters> snmp-server group <1-16 group-name <1-32 characters> no snmp-server group <1-16> show snmp-server v3 group <1-16> Global configuration 32 Global configuration 32 Global configuration vacmsecuritytogroup Global configuration vacmsecuritytogroup Configuration Commands 88
SNMPv3 Community Table configuration SNMP SNMP (LCD) SNMPv3 88 SNMPv3 snmp-server community <1-16> index <1-32 characters> snmp-server community <1-16> name <1-32 characters> snmp-server community <1-16> user-name <1-32 characters> snmp-server community <1-16> tag <1-255 characters> no snmp-server community <1-16> show snmp-server v3 community <1-16> 32 Global configuration 32 Global configuration SNMP 32 Global configuration 255 SNMP 1 Global configuration Global configuration SNMPv3 Target Address Table configuration SNMP SNMPv3 89 SNMPv3 snmp-server targetaddress <1-16> address <IP address> name <1-32 characters> snmp-server targetaddress <1-16> name <1-32 characters> address <transport IP address> snmp-server targetaddress <1-16> port <transport address port> snmp-server targetaddress <1-16> taglist <1-255 characters> snmp-server targetaddress <1-16> parameters-name <1-32 characters> no snmp-server targetaddress <1-16> show snmp-server v3 target-address <1-16> Global configuration SNMP IP Global configuration SNMP Global configuration 255 ) Global configuration Global configuration Global configuration Configuration Commands 89
SNMPv3 Target Parameters Table configuration SNMP SNMPv3 SNMPv2c SNMPv1 USM noauthnopriv authnopriv authpriv SNMPv3 90 SNMPv3 snmp-server targetparameters <1-16> name <1-32 characters snmp-server targetparameters <1-16> message {snmpv1 snmpv2c snmpv3} snmp-server targetparameters <1-16> security {usm snmpv1 snmpv2} snmp-server targetparameters <1-16> user-name <1-32 characters> snmp-server targetparameters <1-16> level {noauthno- Priv authnopriv authpriv} no snmp-server targetparameters <1-16> show snmp-server v3 targetparameters <1-16> Global configuration SNMP Global configuration SNMP Global configuration USM SNMP Global configuration SNMP noauthnopriv SNMP authnopriv authpriv Global configuration targetparamstable Global configuration targetparamstable SNMPv3 Notify Table configuration SNMPv3 91 SNMPv3 snmp-server notify <1-16> name <1-32 characters> snmp-server notify <1-16> tag <1-255 characters> no snmp-server notify <1-16> show snmp-server v3 notify <1-16> SNMP Global configuration 255 snmptargetaddrtable Global configuration Global configuration Configuration Commands 90
System Access configuration 92 [no] access http enable access http port <TCP port number> [no] access snmp {readonly read-write} access telnet port <TCP port number> access tftp-port <TFTP port number> show access HTTP Global configuration Web HTTP 80 Global configuration read-only read-write SNMP Global configuration Telnet Telnet Global configuration TFTP Telnet Global configuration User EXEC Management Network configuration Management Newtork 10 93 Management Newtork access management-network <IP address> <IP mask> no access management-network <IP address> <IP mask> show access management-network Telnet SNMP RIP IP IP Global configuration Global configuration User EXEC Configuration Commands 91
User Access Control configuration 94 access user eject <1-10> access user userpassword access user operatorpassword access user administrator-password show access user Global configuration (user) 128 Global configuration (oper) 128 Global configuration (admin) 128 Global configuration User EXEC User ID configuration ID 95 ID access user <1-10> level {user operator administrator} access user <1-10> name <1-8 characters> access user <1-10> password access user <1-10> enable no access user <1-10> enable no access user <1-10> show access user Global configuration 8 Global configuration 128 Global configuration ID Global configuration ID Global configuration ID Global configuration ID User EXEC Configuration Commands 92
HTTPS Access configuration HTTPS 96 HTTPS [no] access https enable access https port <TCP port number> access https generatecertificate access https savecertificate show access HTTPS BBI disabled Global configuration HTTPS Global configuration SSL HTTPS 2 [ ]: JP [ ]: Tokyo [ ]: Fuchu [ ]: NEC [ ]: SIGMABLADE [ ]: Taro E [ ]: info@nec.com 30 SSL Global configuration Web Global configuration SSL User EXEC Configuration Commands 93
Port configuration 19 97 interface gigabitethernet {<port number>} dot1p <0-7> pvid {<1-4095>} name {<1-64 characters>} [no] rmon [no] tagging [no] tag-pvid copper fiber auto-mode broadcast-threshold {<0-262143>} multicast-threshold {<0-262143>} dest-lookup-threshold {<0-262143>} no shutdown shutdown Global configuration 802.1p Interface port VLAN VLAN 1 VLAN4095 Interface port 64 Interface port RMON RMON Interface port VLAN Interface port VLAN VLAN PVID VLAN Interface port Interface port Interface port Interface port (dis) Interface port (dis) Interface port (dis) Interface port Interface port Temporarily disabling a port Interface port Configuration Commands 94
97 show interface gigabitethernet {<port number>} Temporarily disabling a port Switch# interface gigabitethernet <port number> shutdown Port link configuration 98 speed {10 100 1000 auto} duplex {full half any} flowcontrol {receive send both} no flowcontrol [no] auto show interface gigabitethernet {<port number>} 110 10Mb/s 100 100Mb/s 1000 1000Mb/s auto 1 18 1000Mb/s Interface port full half any 1 18 Interface port receive send both Interface port none Interface port Interface port Configuration Commands 95
ACL Port configuration Access Control List 99 ACL Port [no] access-control list <1-762> [no] access-control group <1-762> show interface gigabitethernet [<port number>] access-control ACL Interface port ACL Group Interface port ACL Layer 2 configuration 2 100 2 vlan {<1-4095>} [no] spanning-tree uplinkfast spanning-tree uplinkfast max-update-rate <10-200> show layer2 802.1x configuration VLAN Global configuration RSTP convergence Fast Uplink Convergence STG 65500 STP 3000 Global configuration Uplink Fast 10 200 40 Global configuration 2 IEEE 802.1x Authenticator 802.1x 101 2 dot1x enable no dot1x enable show dot1x 802.1x Global configuration 802.1x Global configuration 802.1x Configuration Commands 96
802.1x Global configuration 802.1x Global Configuration 802.1x Global 102 802.1x Global dot1x mode {[forceunauthorized auto forceauthorized]} dot1x quiet-time {<0-65535>} dot1x transmit-interval {<1-65535>} dot1x supplicant-timeout {<1-65535>} dot1x server-timeout {<1-65535>} dot1x max-request {<1-10>} dot1x re-authenticationinterval {<1-604800>} [no] dot1x re-authenticate default dot1x show dot1x force-unauth auto RADIUS force-auth force-auth Global configuration EAP-Request/Identity 60 Global configuration EAP-Request/Identity EAP- Response/Identity 30 Global configuration EAP-Request EAP-Response 30 Global configuration RADIUS 30 Global configuration EAP-Request 2 Global configuration 3600 Global configuration Global configuration 802.1x Global configuration 802.1x Configuration Commands 97
802.1x Port configuration 802.1x Port Configuration 802.1x 103 802.1x Port dot1x mode {[forceunauthorized auto forceauthorized]} dot1x quiet-time {<0-65535>} dot1x transmit-interval {<1-65535>} dot1x supplicant-timeout {<1-65535>} dot1x server-timeout {<1-65535>} dot1x max-request {<1-10>} dot1x re-authenticationinterval {<1-604800>} [no] dot1x re-authenticate default dot1x show dot1x force-unauth auto RADIUS force-auth force-auth Interface port EAP-Request/Identity 60 Interface port EAP-Request/Identity EAP- Response/Identity 30 Interface port EAP-Request EAP-Response 30 Interface port RADIUS 30 Interface port EAP-Request 2 Interface port 3600 Interface port Interface port 802.1x Interface port 802.1x Configuration Commands 98
Rapid Spanning Tree Protocol/Multiple Spanning Tree Protocol configuration IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) MSTP VLAN 32 MRST MSTP VLAN 1 1 CIST MSTP 1 Multiple Spanning Tree 104 Multiple Spanning Tree [no] spanning-tree mstp name {<1-32 characters>} spanning-tree mstp version {<0-65535>} spanning-tree mstp maximum-hop <4-60> spanning-tree mode {mst rstp pvst} show spanning-tree mstp mrst MSTP 1 MSTP Global configuration MSTP 1 MSTP 0 65535 Global configuration 4 60 20 Global configuration Rapid Rapid Spanning Tree mode (rstp) Multiple Spanning Tree mode (mstp) Per VLAN Spanning Tree (pvst) rstp Global configuration RSTP/MSTP IEEE 802.1w RSTP 1 STG 1 'rstp' VLAN 1 VLAN 1 RSTP STG 1 'mstp' IEEE 802.1s MSTP VLAN IEEE 802.1s MSTP IEEE 802.1w RSTP rapid convergence PVST+ rapid convergence Configuration Commands 99
PVST+ Cisco Rapid PVST+ MSTP/RSTP 'mstp' 'rstp' Cisco Rapid PVST+ PVST+ Cisco PVST+ MSTP/RSTP 'mstp' Cisco MST/RSTP Configuration Commands 100
Common Internal Spanning Tree configuration CIST MSTP 0 CIST 105 CIST spanning-tree mstp cist-add-vlan <1-4095> default spanning-tree mstp cist show spanning-tree mstp cist VLAN CIST 1 1 VLAN Enter VLAN Global configuration CIST Global configuration CIST CIST bridge configuration CIST MSTP CIST STP/PVST CIST 106 CIST spanning-tree mstp cistbridge priority {<0-65535>} spanning-tree mstp cistbridge maximum-age {<6-40>} spanning-tree mstp cistbridge forward-delay {<4-30>} show spanning-tree mstp cist CIST STP 0 65535 32768 RSTP Bridge Spanning Tree configuration Global configuration CIST Max Age BPDU MSTP BPDU 6 40 20 RSTP Bridge Spanning Tree configuration Global configuration CIST Forward Delay 4 30 15 RSTP Bridge Spanning Tree configuration Global configuration CIST Configuration Commands 101
CIST port configuration CIST MRST CIST STP/PVST CIST MRST CIST 107 CIST spanning-tree mstp cist interface-priority {<0-240>} spanning-tree mstp cist pathcost {<1-200000000>} spanning-tree mstp cist hello {<1-10>} spanning-tree mstp cist linktype {auto p2p shared} [no] spanning-tree mst cist edge spanning-tree mst cist enable no spanning-tree mst cist enable show interface gigabitethernet {<port number>} spanning-tree mstp cist CIST 1 0 240 16 0 16 32... 128 Interface port CIST 20000 Interface port BPDU 1 10 2 Interface port auto p2p Point-to-Point protocol shared auto Interface port Interface port CIST Interface port CIST Interface port CIST Configuration Commands 102
Spanning Tree configuration IEEE 802.1d (STP) Cisco PVST PVST+ 127 STG 128 RSTP STP 1 108 spanning-tree stp {<1-128>} vlan {<1-4095>} no spanning-tree stp {<1-128>} vlan {<1-4095>} no spanning-tree stp {<1-128>} vlan all spanning-tree stp {<1-128>} enable no spanning-tree stp {<1-128>} enable default spanning-tree STP <1-128> show spanning-tree stp {<1-128>} VLAN VLAN ID Global configuration VLAN VLAN ID Global configuration VLAN Global configuration Global configuration Global configuration Global configuration Configuration Commands 103
Bridge Spanning Tree configuration STP 109 spanning-tree stp {<1-128>} bridge priority {<0-65535>} spanning-tree stp {<1-128>} bridge hello-time {<1-10>} spanning-tree stp {<1-128>} bridge maximum-age {<6-40>} spanning-tree stp {<1-128>} bridge forward-delay {<4-30>} show spanning-tree stp {<1-128>} bridge STP 0 65535 32768 RSTP/MSTP 0 61440 4096 0 4096 8192... 32768 MSTP Common Internal Spanning Tree configuration Global configuration Hello Time BPDU Hello Time 1 10 2 MSTP Common Internal Spanning Tree configuration Global configuration Max Age BPDU STP BPDU 6 40 20 MSTP Common Internal Spanning Tree configuration Global configuration Forward Delay 4 30 15 MSTP Common Internal Spanning Tree configuration Global configuration STP STP 2*(fwd-1) > mxage 2*(hello+1) < mxage fwd Forward Delay mxage Max Age hello Hello Time Configuration Commands 104
Spanning Tree port configuration STP/PVST+1 16 17 1820 24RSTP/MSTP 1 16 17 18 20 24 STP STP 110 spanning-tree stp {<1-128>} priority {<0-255>} spanning-tree stp {<1-128>} path-cost {<1-200000000>} spanning-tree stp {<1-128>} link {auto p2p shared} [no] spanning-tree stp {<1-128>} edge spanning-tree stp {<1-128>} fastforward spanning-tree stp {<1-128>} enable no spanning-tree stp {<1-128>} enable show interface gigabitethernet {<port number>} spanning-tree stp {<1-128>} 1 0 255 128 RSTP/MSTP 0 240 16 0 16 32... 128 Interface port 1 65535 100Mb/s 10 1 0 RSTP/MSTP 1 200000000 20000 Interface port auto p2p Point-to-Point protocol shared RSTP Common Internal Spanning Tree configuration Interface port RSTP Common Internal Spanning Tree configuration Interface port Interface port STP Interface port STP Interface port STP Configuration Commands 105
Fowarding Database configuration FDB 111 FDB aging <0-65535> FDB Aging Time 300 show mac-address-table FDB Static FDB configuration FDB 112 FDB mac-address-table static [<MAC address> <VLAN> <port>] no mac-address-table static [<MAC address> <VLAN>] mac-address-table static all [<VLAN> <port>] FDB Global configuration FDB Global configuration FDB FDB MAC VLAN All Global configuration Trunk configuration 1 12 1 6 1 Cisco EtherChannel 17 18 17 18 113 portchannel {<1-12>} member {<port number>} no portchannel {<1-12>} member {<port number>} portchannel {<1-12>} enable no portchannel {<1-12>} enable no portchannel {<1-12>} Global configuration Global configuration Global configuration Global configuration Global configuration Configuration Commands 106
113 show portchannel {<1-12>} Layer 2 IP Trunk Hash configuration Trunk Hash SMAC ( MAC ) DMAC ( MAC ) SIP ( IP ) DIP ( IP ) SIP + DIP ( IP IP) SMAC + DMAC ( MAC MAC) IP Trunk Hash 114 IP Trunk Hash portchannel hash source-macaddress portchannel hash destination-macaddress portchannel hash source-ipaddress portchannel hash destination-ipaddress portchannel hash sourcedestination-ip portchannel hash sourcedestination-mac show portchannel hash MAC Trunk Hash Global configuration MAC Trunk Hash Global configuration IP Trunk Hash Global configuration IP Trunk Hash Global configuration IP IP Trunk Hash Global configuration MAC MAC Trunk Hash Global configuration Trunk Hash Link Aggregation Control Protocol configuration LACP 115 LACP lacp system-priority {<1-65535>} lacp timeout {short long} (1 65535) 32768 Global configuration LACP short 3 long 90 long LACPDU long CPU 90 100% LACP Global configuration Configuration Commands 107
115 LACP show lacp LACP LACP Port configuration LACP Port 116 LACP Port lacp mode {off active passive} lacp priority {<1-65535>} lacp key {<1-65535>} show interface gigabitethernet {<port number>} lacp LACP off LACP off active LACP active active LACPDU passive LACP passive passive LACPDU active LACPDU Interface port 128 Interface port admin key admin key oper key LACP Interface port LACP VLAN configuration VLAN VLAN VLAN VLAN VLAN VLAN 1 1,000 VLAN VLAN 4095 VLAN VLAN 117 VLAN vlan name {<1-32 characters>} stg {<1-128>} member {<port number>} no member {<port number>} enable VLAN Global configuration VLAN VLAN VLAN configuration VLAN VLAN configuration VLAN VLAN configuration VLAN VLAN configuration VLAN VLAN configuration Configuration Commands 108
117 VLAN no enable no vlan {<1-4095>} show vlan [<1-4095>] VLAN VLAN configuration VLAN VLAN configuration VLAN 1 VLAN VLAN VLAN VLAN 1 VLAN 1 VLAN VLAN 1 VLAN VLAN Configuration Commands 109
Layer 3 configuration 3 3 118 3 interface ip {<1-256>} route-map <1-32> router rip router ospf router vrrp ip router-id <IP address> show layer3 IP Global configuration IP Route Map Global configuration Router RIP Global configuration Router OSPF Global configuration VRRP Global configuration ID Global configuration IP User EXEC IP interface configuration 256 IP IP IP IP IP 119 IP interface ip {<1-256>} ip address {<IP address>}{<ip netmask>} vlan {<1-4095>} Enable no enable no interface ip {<1-256>} show interface ip {<1-256>} IP Global configuration IP 10 Interface IP configuration VLAN 1 VLAN VLAN IP Interface IP configuration IP Interface IP configuration IP Interface IP configuration IP Interface IP configuration 1 IP BOOTP 256 Configuration Commands 110
Default Gateway configuration 4 1 2 3 4 IP 120 IP ip gateway {<1-4>} address {<IP address>} ip gateway {<1-4>} interval {<0-60>} ip gateway {<1-4>} retry {<1-120>} [no] ip gateway {<1-4>} arphealth-check ip gateway {<1-4>} enable no ip gateway {<1-4>} enable no ip gateway {<1-4>} show ip gateway {<1-4>} IP IP 10 Global configuration ping 0 60 2 Global configuration 1 120 8 Global configuration (ARP) Global configuration Global configuration Global configuration Global configuration User EXEC 4 IP Static Route configuration 121 ip route <IP subnet> <IP netmask> <IP nexthop> [<IP interface (1-256)>] no ip route {<IP subnet>}{<ip netmask>} show ip route static IP Global configuration Global configuration IP User EXEC Configuration Commands 111
Address Resolution Protocol configuration ARP TCP/IP IP IP IP IP ARP ARP 122 ARP ip arp rearp <2-120> show ip arp IP Forwarding configuration IP 123 IP [no] ip routing directbroadcasts ip routing no ip routing show ip routing Network Filter configuration Network Filter 124 Network Filter ip match-address <1-256> <IP address> <IP netmask> ip match-address <1-256> enable no ip match-address <1-256> enable no ip match-address <1-256> show ip match-address [<1-256>] ARP 2 120 Global configuration ARP User EXEC Global configuration IP Forwarding Global configuration IP Forwarding Global configuration IP User EXEC IP 0.0.0.0 Global configuration Network Filter Global configuration Network Filter Global configuration Network Filter Global configuration Network Filter User EXEC Configuration Commands 112
Route Map configuration Map Number 1 32 Route Map 125 Route Map route-map <1-32> [no] access-list <1-8> [no] metric <0-1677214> [no] metric-type {1 2} precedence <1-255> enable no enable no route-map <1-32> show route-map [<1-32>] Route Map configuration Global configuration Access List Route Map Route Map OSPF 1 Type 1 Type 2 no OSPF Route Map 10 Route Map Route Map Route Map Route Map Route Map Route Map Route Map route User EXEC Configuration Commands 113
IP Access List configuration Route Map Number 1 32 Access List Number 1 8 IP Access List IP Access List 126 IPAccess List [no] access-list <1-8> matchaddress <1-256> [no] access-list <1-8> metric <1-16777214> access-list <1-8> action {permit deny} access-list <1-8> enable no access-list <1-8> enable no access-list <1-8> show route-map <1-32> accesslist {<1-8>} Network Filter Number Route Map AS-External(ASE) LSA Route Map access list permit deny Route Map action list Route Map action list Route Map action list Route Map action list User EXEC Configuration Commands 114
Routing Information Protocol configuration RIP Routing Information Protocol RIP 127 RIP router rip timers update {<1-120>} enable no enable show ip rip RIP configuration Global configuration RIP 30 Router RIP RIP Router RIP RIP Router RIP RIP User EXEC RIP Interface configration RIP Routing Information Protocol RIPv2 RIPv1 RIP Interface 128 RIP Interface ip rip version {1 2 both} [no] ip rip supply [no] ip rip listen [no] ip rip poison [no] ip rip split-horizon [no] ip rip triggered [no] ip rip multicast-updates [no] ip rip default-action {both listen supply} RIP version 2 Interface IP Interface IP Interface IP Interface IP Interface IP Triggered Update Triggered Update Update Update Interface IP Update 224.0.0.9 Interface IP RIP RIP Interface IP Configuration Commands 115
128 RIP Interface ip rip metric {<1-15>} [no] ip rip authentication type {<password>} ip rip authentication key {<password>} ip rip enable no ip rip enable show interface ip [<1-256>] rip 1 Interface IP none Interface IP Interface IP RIP Interface IP RIP Interface IP RIP User EXEC RIP Router Redistribution configuration RIP Route Redistibute 129 RIP Route Redistribute redistribute {fixed static ospf eospf} <1-32> no redistribute {fixed static ospf eospf} <1-32> redistribute {fixed static ospf eospf} export metric <1-15> show ip rip redistribute RIP route redistribution route redistribution redistribution redistribute Global configuration RIP route redistribution Router RIP none Router RIP RIP Redistribute Router RIP Configuration Commands 116
Open Shortest Path First configuration Open Shortest Path First (OSPF) 130 OSPF router ospf area <0-2> area-range <0-16> area-virtual-link <1-3> message-digest-key <1-255> md5-key <key string> host <1-128> lsdb-limit <0-2000> [no] default-information <1-16777214> <as-value> enable no enable show ip ospf Router OSPF configuration Router OSPF OSPF Router OSPF Router OSPF Router OSPF MD5 Router OSPF OSPF 128 IP OSPF (ABR) ABR Router OSPF LSDB Router OSPF 1 Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF User EXEC Configuration Commands 117
OSPF Area Index configuration OSPF Area Index 131 OSPF Area Index area <0-2> area-id <A.B.C.D> area <0-2> type {transit stub nssa} area <0-2> stub-metric <1-65535> [no] area <0-2> authentication-type {password md5} area <0-2> spf-interval <1-255> area <0-2> enable no area <0-2> enable no area <0-2> show ip ospf area <0-2> OSPF ID Router OSPF transit transit /NSSA stub 1 NSSA NSSA Autonomous System (AS) NSSA Router OSPF Router OSPF none password MD5 MD5 Router OSPF shortest path tree 2 SPF(shortest path first) Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF User EXEC Configuration Commands 118
OSPF Summary Range configuration OSPF Summary Range 132 OSPF Summary Range area-range <1-16> address <IP address> <IP netmask> area-range <1-16> area <0-2> [no] area-range <1-16> hide area-range <1-16> enable no area-range <1-16> enable no area-range <1-16> show ip ospf area-range <1-16> IP Router OSPF Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF User EXEC OSPF Interface configuration OSPF Interface 133 OSPF Interface ip ospf area <0-2> ip ospf priority <0-255> ip ospf cost <1-65535> ip ospf hello-interval <1-65535> ip ospf dead-interval <1-65535> ip ospf transit-delay <1-3600> ip ospf retransmit-interval <1-3600> [no] ip ospf key <key string> [no] ip ospf message-digestkey <1-255> ip ospf enable no ip ospf enable no ip ospf Interface IP OSPF 127 1 0 Designated Router(DR) Backup Designated Router(BDR) Interface IP Interface IP hello Interface IP hello Interface IP Transit Delay Interface IP Interface IP Interface IP MD5 Interface IP OSPF Interface IP OSPF Interface IP OSPF Interface IP Configuration Commands 119
133 OSPF Interface show interface ip {<1-256>} ospf OSPF User EXEC OSPF Virtual Link configuration OSPF Virtual Link 134 OSPF Virtual Link area-virtual-link <1-3> area <0-2> area-virtual-link <1-3> hellointerval <1-65535> area-virtual-link <1-3> deadinterval <1-65535> area-virtual-link <1-3> transit-delay <1-3600> area-virtual-link <1-3> retransmit-interval <1-3600> area-virtual-link <1-3> neighbor-router <IP address> [no] area-virtual-link <1-3> key <key string> area-virtual-link <1-3> message-digest-key <1-255> area-virtual-link <1-3> enable no area-virtual-link <1-3> enable no area-virtual-link <1-3> show ip ospf area-virtual-link <1-3> Router OSPF hello Router OSPF hello 40 Router OSPF Transit Delay 1 Router OSPF 5 Router OSPF neighbor ID 0.0.0.0 Router OSPF 8 Router OSPF MD5 none Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF User EXEC OSPF Host Entry configuration OSPF Host Entry 135 OSPF Host Entry host <1-128> address <IP address> host <1-128> area <0-2> host <1-128> cost <1-65535> host <1-128> enable no host <1-128> enable no host <1-128> IP 100.10.1.1 Router OSPF OSPF Router OSPF Router OSPF OSPF Router OSPF OSPF Router OSPF OSPF Router OSPF Configuration Commands 120
135 OSPF Host Entry show ip ospf host {<1-128>} OSPF User EXEC OSPF Route Redistribution configuration OSPF Route Redistribution 136 OSPF Route Redistribution redistribute {fixed static rip} {<1-32>} no redistribute {fixed static rip} {<1-32>} [no] redistribute {fixed static rip} export metric <1-16777215> metrictype {1 2} show ip ospf redistribute rmap list route redistribution list Router OSPF route redistribution list rmap list Router OSPF external OSPF AS - external LSA Router OSPF OSPF route map User EXEC OSPF MD5 Key configuration OSPF MD5 Key 137 OSPF MD5 Key message-digest-key <1-255> md5-key <key string> no message-digest-key <1-255> show ip ospf message-digestkey <1-255> OSPF Router OSPF OSPF Router OSPF OSPF MD5 User EXEC Configuration Commands 121
IGMP configuration IGMP IGMP snooping configuration IGMP 138 IGMP ip igmp snoop timeout <1-255> ip igmp snoop mrouter-timeout <1-600> ip igmp snoop query-interval <1-600> ip igmp snoop robust <2-10> [no] ip igmp snoop aggregate ip igmp snoop source-ip <IP address> ip igmp snoop vlan <1-4095> no ip igmp snoop vlan <1-4095> no ip igmp snoop vlan all [no] ip igmp snoop vlan <1-4095> fast-leave ip igmp snoop enable no ip igmp snoop enable show ip igmp snoop IGMP (MRT) IGMP 1 1 255 10 Global configuration IGMP Mrouter Mrouter mrto Mrouter 1 600 255 Global configuration IGMP 1 600 125 Global configuration IGMP 2 Global configuration IGMP Membership Report aggregation Global configuration IGMP Group Specific Query Proxy IP Global configuration VLAN IGMP Global configuration VLAN IGMP Global configuration VLAN IGMP Global configuration Fast Leave Leave Fast Leave IGMP Global configuration IGMP Global configuration IGMP Global configuration IGMP User EXEC Configuration Commands 122
IGMP static multicast router configuration IGMP VLAN VLAN 139 IGMP ip igmp mrouter <port number> <1-4095> <1-2> no ip igmp mrouter <port number> <1-4095> <1-2> show ip igmp mrouter VLAN IGMP (1 2) (20 24) Global configuration VLAN Global configuration IGMP User EXEC IGMP filtering configuration IGMP 140 IGMP ip igmp profile <1-16> ip igmp filtering no ip igmp filtering show ip igmp filtering IGMP Global configuration IGMP Global configuration IGMP Global configuration IGMP User EXEC IGMP filter definition IGMP 141 IGMP ip igmp profile <1-16> range <IP multicast address> <IP multicast address> ip igmp profile <1-16> action {allow deny} ip igmp profile <1-16> enable no ip igmp profile <1-16> enable no ip igmp profile <1-16> show ip igmp profile <1-16> IP Global configuration IP Global configuration IGMP Global configuration IGMP Global configuration Global configuration IGMP User EXEC Configuration Commands 123
IGMP filtering port configuration IGMP 142 IGMP [no] ip igmp filtering ip igmp profile <1-16> no ip igmp profile <1-16> show interface gigabitethernet {<port number>} igmp-filtering IGMP Interface port IGMP Interface port IGMP Interface port IGMP User EXEC Domain Name System configuration DNS DNS ping traceroute tftp DNS DNS 143 DNS [no] ip dns primary-server <IP address> [no] ip dns secondary-server <IP address> [no] ip domain-name <string> show ip dns Bootstrap Protocol Relay configuration DNS IP Global configuration DNS IP DNS Global configuration mycompany.com Global configuration DNS User EXEC Bootpstrap Protocol (BOOTP) Relay DHCP IP 2 DHCP/BOOTP IP BOOTP Relay BOOTP 144 DNS [no] ip bootp-relay {server1 server2} <IP address> ip bootp-relay enable no ip bootp-relay enable show ip bootp-relay BOOTP IP Global configuration BOOTP Relay Global configuration BOOTP Relay Global configuration BOOTP Relay User EXEC Configuration Commands 124
Virtual Router Redundancy Protocol configuration Virtual Router Redundancy Protocol (VRRP) LAN VRRP IP ID 1 IP 1 IP VRRP VRRP N8406-023 GbE (L3) "High Availability" VRRP 145 VRRP router vrrp enable no enable show ip vrrpospf Router VRRP configuration Router VRRP VRRP Router VRRP VRRP Router VRRP VRRP User EXEC VRRP Virtual Router configuration 255 ID IP VRRP VRRP ID IP Virtual Router 146 VRRP virtual-router <1-255> virtual-router-id <1-255> virtual-router <1-255> address <IP address> virtual-router <1-255> interface <1-255> ID IP VRRP VRRP ID IP ID 1 255 1 IP VLAN ID Router VRRP IP ID VRRP 0.0.0.0 Router VRRP IP 1 255IP IP Address IP owner owner 255 Owner Preemption 1 Router VRRP Configuration Commands 125
146 VRRP virtual-router <1-255> priority <1-254> virtual-router <1-255> timers advertise <1-255> [no] virtual-router <1-255> preemption virtual-router <1-255> enable no virtual-router <1-255> enable no virtual-router <1-255> show ip vrrp virtual-router <1-255> 1 254 100 IP IP IP Address IP 255 Router VRRP VRRP 1 255 1 Router VRRP preemption backup owner IP IP Address preemption Router VRRP Router VRRP Router VRRP Router VRRP User EXEC Configuration Commands 126
VRRP Virtual Router Priority Tracking configuration VRRP Tracking peemption Virtual Router Priority Tracking 147 Virtual Router Priority Tracking [no] virtual-router <1-255> track virtual-routers [no] virtual-router <1-255> track interfaces [no] virtual-router <1-255> track ports show ip vrrp virtual-router <1-255> track Router VRRP IP VLAN 1 IP Router VRRP VLAN Router VRRP priority tracking User EXEC Configuration Commands 127
VRRP Virtual Router Group configuration ID IP VRRP VRRP ID IP Virtual Router Group 148 Virtual Router Group group virtual-router-id <1-255> ID ID 1 255 IP VLAN ID 1 Router VRRP group interface <1-255> IP 1 Router VRRP group priority <1-254> 1 254 100 IP IP IP Address IP 255 Router VRRP group advertisement <1-255> VRRP 1 255 1 Router VRRP [no] group preemption preemption backup owner IP IP Address preemption Router VRRP group enable Router VRRP no group enable Router VRRP no group Router VRRP show ip vrrp group User EXEC Configuration Commands 128
VRRP Virtual Router Group Priority Tracking configuration Virtual Router Group Priority Tracking 149 Virtual Router Group Priority Tracking [no] group track interfaces [no] group track ports show ip vrrp group track IP VLAN 1 IP Router VRRP VLAN Router VRRP priority tracking User EXEC Virtual Router Group Tracking Tracking group Tracking VRRP Interface configuration IP VRRP IP VRRP Interface 150 VRRP Interface interface <1-256> authentication {password none} interface <1-256> password <password> no interface <1-256> show ip vrrp interface <1-256> none password Router VRRP 8 VRRP Router VRRP IP IP Router VRRP IP User EXEC Configuration Commands 129
VRRP Tracking configuration VRRP Tracking 151 VRRP Tracking tracking-priority-increment virtual-routers <0-254> tracking-priority-increment interfaces <0-254> tracking-priority-increment ports <0-254> show ip vrrp trackingpriority-increment 1 254 2 Router VRRP IP 1 254 2 Router VRRP VLAN 1 254 2 Router VRRP Tracking User EXEC tracking priority VRRP Virtual Router Priority Tracking VRRP Quality of Service configuration Quality of Service (QoS) IEEE 802.1p QoS 802.1p configuration VLAN IEEE 802.1p IP 802.1p 802.1p 152 802.1p qos transmit-queue mapping <priority (0-7)> <queue (0-1)> qos transmit-queue weight-cos <queue (0-1)> <weight (0-15)> show qos transmit-queue show qos transmit-queue information 802.1p Class of Service queue (COSq) 802.1p 0-7 COSq 0-1 Global configuration COSq queue number 0-1 0-15 Global configuration 802.1p User EXEC 802.1p 802.1p User EXEC Configuration Commands 130
Access Control configuration Access Control List (ACL) ACL Group ACL IP QoS Access Control List configuration ACL ACL 153 ACL [no] access-control list <1-762> egress-port <port number> access-control list <1-762> action {permit deny setpriority <0-7>} access-control list <1-762> statistics default access-control list <1-762> show access-control list <1-762> egress ACL egress port ACL Layer 2 Global configuration ACL permit (pass) deny (drop) Class of Service queue Global configuration ACL Global configuration ACL Global configuration ACL User EXEC ACL Ethernet Filter configuration ACL Ethernet Ethernet Filter 154 Ethernet Filter access-control list <1-762> ethernet source-mac-address <MAC address> {<MAC mask>} access-control list <1-762> ethernet destination-macaddress <MAC address> {<MAC mask>} access-control list <1-762> ethernet vlan <1-4095> <mask> access-control list <1-762> ethernet ethernet-type {ARP IP IPv6 MPLS RARP any 0xXXXX} access-control list <1-762> ethernet priority <0-7> default access-control list <1-762> ethernet show access-control list {<1-762>} ethernet ACL MAC : 00:60:cf:40:56:00 ff:ff:ff:ff:ff:fc Global configuration ACL MAC : 00:60:cf:40:56:00 ff:ff:ff:ff:ff:fc Global configuration ACL VLAN Global configuration ACL Ethernet type Global configuration ACL Ethernet Global configuration ACL Ethernet Global configuration ACL Ethernet User EXEC Configuration Commands 131
ACL IP Version 4 Filter configuration ACL IPv4 IP version 4 Filter 155 IPv4 Filter access-control list <1-762> ipv4 source-ip-address <IP address> {<IP mask>} access-control list <1-762> ipv4 destination-ip-address <IP address> {<IP mask>} access-control list <1-762> ipv4 protocol <0-255> access-control list <1-762> ipv4 type-of-service <0-255> default access-control list <1-762> ipv4 show access-control list <1-762> ipv4 ACL IP Global configuration ACL IP Global configuration ACL IP Number Name 1 icmp 2 igmp 6 tcp 17 udp 89 ospf 112 vrrp Global configuration ACL Type of Service ToS RFC 1340, 1349 Global configuration ACL IPv4 Global configuration ACL IPv4 User EXEC ACL TCP/UDP Filter configuration ACL IPv4 IP version 4 Filter 156 IPv4 Filter access-control list <1-762> tcp-udp source-port <1-65535> {<port mask>} access-control list <1-762> tcp-udp destination-port <1-65535> {<port mask>} ACL TCP UDP Number Name 20 ftp-data 21 ftp 22 ssh 23 telnet 25 smtp 37 time 42 name 43 whois 53 domain 69 tftp 70 gopher 79 finger 80 http Global configuration ACL TCP UDP Global configuration Configuration Commands 132
156 IPv4 Filter access-control list <1-762> tcp-udp flags <value (0x0-0x3f)> default access-control list <1-762> tcp-udp show access-control list [<1-762>] tcp-udp ACL TCP/UDP flag Global configuration ACL TCP/UDP Global configuration ACL TCP/UDP User EXEC ACL Packet Format configuration Packet Format 157 Packet Format access-control list <1-762> packet-format ethernet {ethertype2 snap llc} [no] access-control list <1-762> packet-format tagged default access-control list <1-762> packet-format show access-control list <1-762> packet-format ACL Ethernet format Global configuration ACL tagging format Global configuration ACL Packet Format Global configuration ACL Packet Format User EXEC ACL Metering configuration ACL Metering 158 ACL Metering access-control list <1-762> meter committed-rate <64-1000000> access-control list <1-762> meter maximum-burst-size <32-4096> [no] access-control list <1-762> meter enable access-control list <1-762> meter action {drop pass} default access-control list <1-762> meter show access-control list <1-762> meter kb/s 64 Global configuration kb/s 32, 64, 128, 256, 512, 1024, 2048, 4096 Global configuration ACL metering Global configuration out-of-profile drop pass Global configuration ACL Metering Global configuration ACL Metering User EXEC Configuration Commands 133
ACL Re-mark configuration ACL IP ACL Metering In-Profile, Out-of-Profile ACL Re-mark 159 ACL Re-mark [no] access-control list <1-762> re-mark default access-control list <1-762> re-mark show access-control list <1-762> re-mark ACL DSCP Re-marking Global configuration ACL Re-mark Global configuration ACL re-mark User EXEC ACL Re-mark In-Profile configuration ACL Re-mark In-Profile 160 ACL Re-mark In-Profile access-control list <1-762> re-mark in-profile dscp <0-63> default access-control list <1-762> re-mark show access-control list <1-762> re-mark In-Profile DSCP 0-63 Global configuration ACL Re-mark Global configuration ACL re-mark User EXEC Re-mark Update User Priority configuration Update User Priority 161 Update User Priority access-control list <1-762> re-mark in-profile dot1p <0-7> [no] access-control list <1-762> re-mark in-profile usetos-precedence default access-control list <1-762> re-mark show access-control list <1-762> re-mark 802.1p Global configuration In-Profile 802.1p TOS TOS 802.1p Global configuration ACL Re-mark Global configuration ACL re-mark User EXEC Configuration Commands 134
ACL Re-mark Out-of-Profile configuration ACL Re-mark Out-of-Profile 162 ACL Re-mark Out-of-Profile access-control list <1-762> re-mark out-profile dscp <0-63> default access-control list <1-762> re-mark show access-control list <1-762> re-mark Out-of-Profile DSCP 0-63 Global configuration ACL Re-mark Global configuration ACL re-mark User EXEC ACL Group configuration ACL 1 ACL Group ACL Group ACL Group ACL Group 163 ACL Group access-control group <1-762> list <1-762> no access-control group <1-762> list <1-762> show access-control group <1-762> ACL ACL Group Global configuration ACL ACL Group Global configuration ACL group User EXEC Configuration Commands 135
Remote Monitoring configuration RMON RMON MIB RFC 1757 RMON 164 RMON show rmon RMON RMON history configuration history 5 RMON history 165 RMON history rmon history <1-65535> interface-oid <1-127 characters> rmon history <1-65535> requestedbuckets <1-65535> rmon history <1-65535> pollinginterval <1-3600> rmon history <1-65535> owner <1-127 characters> no rmon history <1-65535> show rmon history MIB (IFOID) 1.3.6.1.2.1.2.2.1.1.x OID 127 Global configuration 1 65535 30 50 Global configuration 1 3600 1800 Global configuration history 127 Global configuration history Global configuration RMON history RMON event configuration RMON 166 RMON rmon event <1-65535> description <1-127 characters> rmon event <1-65535> type <log trap both> rmon event <1-65535> owner <1-127 characters> no rmon event <1-65535> 127 Global configuration SNMP Global configuration 127 Global configuration Global configuration Configuration Commands 136
166 RMON show rmon event RMON RMON alarm configuration RMON MIB MIB RMON 167 RMON rmon alarm <1-65535> oid <1-127 characters> rmon alarm <1-65535> interval <1-65535> rmon alarm <1-65535> sample {abs delta} rmon alarm <1-65535> alarmtype {rising falling either} rmon alarm <1-65535> risinglimit <-2147483647 to 2147483647> rmon alarm <1-65535> falling-limit <-2147483647 to 2147483647> rmon alarm <1-65535> risingcrossing-index <0-65535> rmon alarm <1-65535> falling-crossing-index <0-65535> rmon alarm <1-65535> owner <1-127 characters> no rmon alarm <1-65535> show rmon alarm MIB 127 Global configuration 1 65535 1800 Global configuration abs delta Global configuration risingfallingeither Global configuration Global configuration Global configuration 0 65535 0 Global configuration 0 65535 0 Global configuration 127 Global configuration RMON Configuration Commands 137
Port mirroring 168 [no] port-mirroring enable show port-mirroring Global configuration User EXEC Port-based port mirroring 169 port-mirroring monitor-port <port number> mirroring-port <port number> {in out both} no port-mirroring monitor-port <port number> mirroring-port <port number> no port-mirroring monitor-port <port number> show port-mirroring ingress both ingress egress egress both Global configuration Global configuration Global configuration User EXEC Configuration Commands 138
Uplink Failure Detection configuration Uplink Failure Detection (UFD) LtM LtD Failure Detection Pair (FDP) FDP 4 UFD FDP LtM LtD LtM UFD 170 UFD ufd enable no ufd enable ufd fdp <fdp number> show ufd Uplink Failure Detection Global configuration Uplink Failure Detection Global configuration FDP FDP configuration Global configuration Uplink Failure Detection Failure Detection Pair configuration Link to Monitor (LtM) Link to Disable (LtD) LtM LtD FDP 171 FDP enable no enable FDP FDP configuration FDP FDP configuration Link to Monitor configuration LtM LtM 20 24 1 1 LACP LtM 172 LtM ltm port <port number> no ltm port <port number> ltm portchannel <1-12> no ltm portchannel <1-12> LtM LtM (20 24) FDP configuration LtM FDP configuration LtM LtM (20 24) FDPconfiguration LtM FDP configuration Configuration Commands 139
Link to Disable configuration LtD LtD 1 16 173 LtD ltd port <port number> no ltd port <port number> ltd portchannel <1-12> no ltd portchannel <1-12> LtD LtD (1 16) FDP configuration LtD FDP configuration LtD LtD (1 16) FDP configuration LtD FDP configuration Configuration Commands 140
Configuration Dump Switch(config)# show running-config FTP/TFTP Saving the active switch configuration copy running-config {tftp ftp}tftp Switch(config)# copy running-config {tftp ftp} Microsoft Notepad TFTP SunOS Solaris copy running-config tftp Restoring the active switch configuration copy {tftp ftp} running-config Switch(config)# copy {tftp ftp} running-config active backup factory 3 Configuration Boot Options Selecting a configuration block Configuration Commands 141
Operations Commands 174 password clear logging ntp send Privileged EXEC NTP Privileged EXEC Operations-level port options 175 [no] rmon no interface gigabitethernet <port number> shutdown interface gigabitethernet <port number> shutdown show interface gigabitethernet <port number> operation (RMON) RMON RMON Interface port E-keying mismatch error Privileged EXEC Privileged EXEC Privileged EXEC Operations Commands 142
Operations-level port 802.1x optioins 802.1x 176 Operations-level port 802.1x interface gigabitethernet <port number> dot1x init interface gigabitethernet <port number> dot1x reauthenticate 802.1x force-unauth auto unauthorized force-auth authorized Privileged EXEC 802.1x auto Privileged EXEC Operations-level VRRP options Operations-level VRRP options 177 Operations-level VRRP router vrrp backup <1-255> 0 ( IP IP ) preemption enabled Privileged EXEC Operations Commands 143
Boot Options Configuration FTP/TFTP Updating the switch software image FTP/TFTP FTP/TFTP Downloading new software to the switch boot 2 image1 image2 image1 image2 boot image1 image2 image1 FTP/TFTP FTP/TFTP IP FTP DNS Configuration Commands Domain name system configuration 1. Privileged EXEC Router# copy tftp {<image1 image2 boot-image>} Router# copy ftp {<image1 image2 boot-image>} 2. Enter name of switch software image to be replaced ["image1"/"image2"/"boot"]: <image> Boot Options 144
3. FTP/TFTP IP Address or name of remote host: <server name or IP address> 4. Source file name: <filename> TFTP TFTP 5. FTP TFTP <Enter> Enter username for FTP server or hit return for TFTP server: <userid> 6. FTP Enter passsword for username on FTP server: <password> 7. 8. image2 currently contains Software Version 1.0.0 that was downloaded at 15:46:36 Wed Apr 23, 2006. New download will replace image2 with file "1.1.0_OS.img" from TFTP server 192.168.2.4. Confirm download operation [y/n]: y Invoking TFTP over port 69... Starting download... File appears valid Download in progress... Image download complete (1333953 bytes) Writing to flash...this takes about 90 seconds. Please wait Write complete (1333953 bytes), now verifying FLASH... Verification of new image2 in FLASH successful. image2 now contains Software Version 1.1.0 Switch is currently set to boot software image1. Do you want to change that to the new image2? [y/n] y Next boot will use new software image2. Selecting a software image to run image1 image2 1. Global Configuration Switch(config)# boot image {image1 image2} 2. Currently set to use switch software "image1" on next reset. Specify new image to use on next reset ["image1"/"image2"]: Boot Options 145
Uploading a software image from the switch TFTP 1. Privileged EXEC Switch# copy {<image1 image2 boot-image>} tftp Router# copy {<image1 image2 boot-image>} ftp 2. Enter name of switch software image to be uploaded ["image1" "image2" "boot"]: <image> <hostname or server-ip-addr> <server-filename> 3. FTP/TFTP IP Address or name of remote host: <server name or IP address> 4. FTP/TFTP Destination file name: <filename> 5. FTP TFTP <Enter> Enter username for FTP server or hit return for TFTP server: <userid> 6. FTP Enter passsword for username on FTP server: <password> 7. "y" image2 currently contains Software Version 1.1.0 Upload will transfer image2 (1889411 bytes) to file "test" on TFTP server 192.1.1.1. Confirm upload operation [y/n]: y Selecting a configuration block (copy running-config startup-config) active backup factory configuration 1. Global Configuration Switch(config)# boot configuration-block {active backup factory} 2. configuration configuration Currently set to use active configuration block on next reset. Specify new block to use ["active"/"backup"/"factory"]: Boot Options 146
Resetting the switch configuration >> Switch# reload >> Switch# show boot Accessing the AOS CLI CLI AOS CLI ISCLI >> Switch# boot cli-mode aos AOS CLI ISCLI Main# boot/mode iscli CLI boot cli-mode prompt prompt prompt CLI CLI Boot Options 147
Maintenance Commands FDB ARP (Ctrl-Shift-6) System maintenance 178 debug debug-flags User EXEC Fowarding Database maintenance FDB FDB FDB MAC FDB MAC FDB 179 FDB show mac-address-table address {<MAC address>} show mac-address-table port {<port number>} show mac-address-table vlan {<1-4095>} show mac-address-table clear mac-address-table MAC MAC xx:xx:xx:xx:xx:xx format (for example: 08:00:20:12:34:56) xxxxxxxxxxxx format (for example: 080020123456). User EXEC FDB User EXEC VLAN FDB User EXEC FDB User EXEC FDB FDB User EXEC Maintenance Commands 148
Debugging options (MP) (MP) 180 debug mp-trace debug mp-snap clear flash-config MP trace buffer at 13:28:15 Fri May 25, 2002; mask: 0x2ffdf748 User EXEC User EXEC Configuration User EXEC ARP cache maintenance ARP 181 ARP commands show ip arp find <IP address> show ip arp interface <port number> show ip arp vlan <1-4095> show ip arp reply show ip arp clear ip arp-cache IP ARP User EXEC ARP User EXEC VLAN ARP User EXEC ARP IP User EXEC ARP User EXEC ARP User EXEC ARP Information Commands ARP information Maintenance Commands 149
IGMP Snooping maintenance IGMP 182 IGMP show ip igmp groups address <IP address> show ip igmp groups vlan <1-4095> show ip igmp groups interface <port number> show ip igmp groups clear ip igmp snoop IGMP User EXEC VLAN IGMP User EXEC IGMP User EXEC IGMP User EXEC IGMP User EXEC IGMP Mrouter maintenance IGMP 183 IGMP show ip igmp groups vlan <1-4095> show ip igmp mrouter clear ip igmp mrouter VLAN IGMP User EXEC IGMP User EXEC IGMP User EXEC Technical support dump show tech-support User EXEC Information Statistics Configuration TFTP/FTP technical support dump put technical support dump TFTP/FTP TFTP Switch# copy tech-support tftp <server> <filename> FTP Switch# copy tech-support ftp <server> TFTP IP <filename> Maintenance Commands 150
Uuencode flash dump show flash-dump-uuencode uuencode 23,300 Clearing dump information Switch# show flash-dump-uuencode No FLASH dump available. TFTP/FTP system dump put TFTP/FTP TFTP/FTP SunOS Solaris copy flash-dump tftp ( ftp)copy flash-dump tftp(copy flashdump ftp) TFTP Switch# copy flash-dump tftp <server> <filename> FTP Switch# copy flash-dump ftp <server> TFTP IP <filename> Clearing dump information Switch# clear flash-dump FLASH dump region cleared. FLASH dump region is already clear. Maintenance Commands 151
Panic command >> Switch# debug panic A FLASH dump already exists. Confirm replacing existing dump and reboot [y/n]: "y" Confirm dump and reboot [y/n]: y Starting system dump...done. Reboot at 11:54:08 Wednesday October 30, 2006................................................................... Rebooted because of console PANIC command. Booting complete Unscheduled system dumps Note: A system dump exists in FLASH. The dump was saved at 13:43:22 Wednesday October 30, 2006. Use show flash-dump uuencode to extract the dump for analysis and clear flash-dump to clear the FLASH region. The region must be cleared before another dump can be saved. Maintenance Commands 152