Configuring Private VLANs, 189 | Accton Technology ES3526XA specs

3 Configuring the Switch

Configuring Private VLANs

The Private VLAN Configuration page is used to create/remove primary, community, or isolated VLANs.

Command Attributes

•VLAN ID – ID of configured VLAN (1-4094).

•Type – There are three types of VLANs within a private VLAN:

-Primary VLANs – Conveys traffic between promiscuous ports, and to community ports within secondary (or community) VLANs.

-Community VLANs - Conveys traffic between community ports, and to their promiscuous ports in the associated primary VLAN.

-Isolated VLANs – Conveys traffic only between the VLAN’s isolated ports and the promiscuous port. Traffic between isolated ports within the VLAN is blocked.

•Current – Displays a list of the currently configured VLANs.

Web – Click VLAN, Private VLAN, Configuration. Enter the VLAN ID number, select Primary, Isolated or Community type, then click Add. To remove a private VLAN from the switch, highlight an entry in the Current list box and then click Remove. Note that all member ports must be removed from the VLAN before it can be deleted.

Figure 3-84 Private VLAN Configuration

CLI – This example configures VLAN 5 as a primary VLAN, and VLAN 6 as a community VLAN and VLAN 7 as an isolated VLAN.

Console(config)#vlan database		4-179
Console(config-vlan)#private-vlan 5 primary		4-189
Console(config-vlan)#private-vlan 6	community
Console(config-vlan)#private-vlan 7	isolated
Console(config-vlan)#

Associating VLANs

Each community or isolated VLAN must be associated with a primary VLAN.

Command Attributes

•Primary VLAN ID – ID of primary VLAN (1-4094).

•Association – Community VLANs associated with the selected primary VLAN.

•Non-Association– Community VLANs not associated with the selected VLAN.

3-154

Image 198

Accton Technology ES3526XA, ES3552XA manual Configuring Private VLANs, Associating VLANs, 189

Contents

Powered by Accton Page Fast Ethernet Switch ES3526XA ES3552XA F2.2.6.3 E122006-CS-R02 149100005500H Contents Page Iii Page Command Line Interface Page Vii Viii Contents Page Contents Xii Glossary Index Appendix a Software SpecificationsAppendix B Troubleshooting Xiii Xiv Tables Xvi Xvii Xviii Figures Xix Figures Xxi Xxii Feature Description Key FeaturesKey Features Supports standard STP and Rapid Spanning Tree Protocol Rstp Description of Software Features Description of Software Features Introduction Function Parameter Default System DefaultsSystem Defaults Password super System Defaults Function Parameter Client Enabled Clock Synchronization Disabled Introduction Connecting to the Switch Configuration Options Initial Configuration Required Connections Basic Configuration Remote ConnectionsConsole Connection Setting Passwords Setting an IP AddressManual Configuration Dynamic Configuration Enabling Snmp Management Access Community Strings for Snmp version 1 and 2c clients Trap Receivers 118120 125 Saving Configuration SettingsConfiguring Access for Snmp Version 3 Clients 126 Managing System Files Initial Configuration Configuring the Switch Using the Web Interface Navigating the Web Browser Interface Home Configuration Options Panel Display Main Menu ConfigurationMain Menu Menu Description System System Information Menu Description ACL 143 139Current Table 148 164 Class-of-service value IP Dscp Priority155 Dscp Priority Status Both IP Precedence Priority Configuration Settings Igmp Filter/Throttling Trunk Menu Description Igmp Snooping 170 Igmp ConfigurationQuery Igmp Filter Configuration Configuration Settings Main Menu Displaying System Information Field Attributes Management Software Displaying Switch Hardware/Software VersionsMain Board Expansion Slot Displaying Switch Information Bridge Extension Configuration Displaying Bridge Extension Capabilities Command Attributes Setting the Switch’s IP AddressCLI Enter the following command 195 131 244245 Using DHCP/BOOTP 246 Command Usage Dhcp Relay and Option 82 Information 241 242 Managing Firmware Downloading System Software from a Server Operation Code Image File Transfer 11 Deleting Files Saving or Restoring Configuration Settings Downloading Configuration Settings from a Server 12 Copy Configuration Settings Console Port Settings 14 Console Port Settings Telnet Settings 15 Enabling Telnet Configuring Event Logging System Log Configuration Logging Levels Level Severity Name Description Remote Log Configuration 17 Remote Logs Displaying Log Messages CLI This example shows the event message stored in RAM Sending Simple Mail Transfer Protocol Alerts 19 Enabling and Configuring Smtp Alerts Resetting the System 20 Resetting the System Setting the System Clock Configuring Sntp Configuring NTP 22 NTP Client Configuration Setting the Time Zone Simple Network Management Protocol SNMPv3 Security Models and Levels Level Group Read View Write View Notify View SecurityUser defined Enabling the Snmp Agent Setting Community Access StringsCLI The following example enables Snmp on the switch 117 25 Configuring Snmp Community Strings Specifying Trap Managers and Trap Types Configuring the Switch Configuring SNMPv3 Management Access 122 CLI This example sets an SNMPv3 engine ID Setting a Local Engine IDSpecifying a Remote Engine ID 123 Configuring SNMPv3 Users CLI This example specifies a remote SNMPv3 engine ID 29 Configuring SNMPv3 Users Configuring Remote SNMPv3 Users 130 30 Configuring Remote SNMPv3 Users Configuring SNMPv3 Groups Supported Notification Messages SwFanRecoverTrap Private Traps SwPowerStatusThis trap is sent when the fan fails This trap is sent when the fan failure has 31 Configuring SNMPv3 Groups 127 Setting SNMPv3 Views 32 Configuring SNMPv3 Views User Authentication Configuring User Accounts 33 Access Levels Configuring Local/Remote Logon Authentication Radius Settings Tacacs Settings 34 Authentication Settings Configuring Https Https System Support Replacing the Default Secure-site Certificate Address server ip-address Configuring the Secure Shell Configuring the Switch Generating the Host Key Pair 36 SSH Host-Key Settings Configuring the SSH Server SSH server includes basic settings for authentication Configuring Port Security 38 Configuring Port Security Configuring 802.1X Port Authentication CLI This example shows the default global setting for Displaying 802.1X Global Settings802.1X protocol provides client authentication Web Click Security, 802.1X, Information Configuring 802.1X Global Settings Configuring Port Settings forCLI This example enables 802.1X globally for the switch 41 802.1X Port Configuration Authorized Consoleconfig#interface ethernet 1/2 Displaying 802.1X Statistics 802.1X Statistics MAC Address Authentication CLI This example displays the 802.1X statistics for port Configuring the MAC Authentication Reauthentication Time Configuring MAC Authentication for Ports Web Click Security, Network Access, Configuration Web Click Security, Network Access, Port Configuration CLI This example configures MAC authentication for portDisplaying Secure MAC Address Information 45 Network Access MAC Address Information Configuring MAC Address Filters 100 Filtering Addresses for Management Access CLI This example allows Snmp access for a specific client 47 Creating a Web IP Filter List Access Control Lists Configuring Access Control Lists Setting the ACL Name and Type CLI This example creates a standard IP ACL named david103 Configuring a Standard IP ACL 104 Configuring an Extended IP ACL 50 ACL Configuration Extended IP 105 Configuring a MAC ACL 111 Binding a Port to an Access Control List 52 Binding a Port to an ACL Field Attributes Web Port ConfigurationDisplaying Connection Status 107 Configuration Web Click Port, Port Information or Trunk InformationBasic Information Configuring Interface Connections Current Status138 54 Port/Trunk Configuration Creating Trunk Groups 136135 Statically Configuring a Trunk 55 Configuring Port Trunks Enabling Lacp on Selected Ports 147 56 Lacp Configuration 148 Configuring Lacp Parameters Dynamically Creating a Port Channel 57 Lacp Aggregation Port Displaying Lacp Port Counters You can display statistics for Lacp protocol messagesLacp Port Counters Protocols Ethernet Type LACPDUs Illegal Pkts Displaying Lacp Settings and Status for the Local Side Lacp Internal Configuration InformationField Description 59 Lacp Port Internal Information Displaying Lacp Settings and Status for the Remote Side 10 Lacp Neighbor Configuration Information Console#show lacp 1 neighbors Setting Broadcast Storm Thresholds 61 Port Broadcast Control Configuring Port Mirroring 137140 Configuring Rate Limits Rate Limit Granularity142 Rate Limit Configuration 145 Showing Port Statistics 144 FCS Errors Transmit ErrorsErrors Protocol 11 Port Statistics Parameter DescriptionRmon Statistics Or alignment error Fragments 65 Port Statistics CLI This example shows statistics for port Address Table SettingsSetting Static Addresses 139 Displaying the Address Table 157 67 Dynamic Addresses 158 CLI This example sets the aging time to 300 seconds Spanning Tree Algorithm ConfigurationChanging the Aging Time 159 Designated Root Port Bridge Displaying Global Settings For this Region 120 69 STA Information 176 Mstp Configuring Global Settings Global settings apply to the entire switchBasic Configuration of Global Settings Root Device Configuration Configuration Settings for Rstp Configuration Settings for Mstp 70 STA Global Configuration Displaying Interface Settings AD B 71 STA Port Information Configuring Interface Settings CLI This example shows the STA attributes for port 131 Configuring Multiple Spanning Trees CLI This example sets STA attributes for port 133 73 Mstp Vlan Configuration 178 167 Displaying Interface Settings for Mstp 74 Mstp Port Information Configuring Interface Settings for Mstp CLI This example sets the Mstp attributes for port 175174 Vlan Configuration Ieee 802.1Q VLANsAssigning Ports to VLANs VA Vlan Aware VU Vlan Unaware Forwarding Tagged/Untagged Frames Displaying Basic Vlan Information Enabling or Disabling Gvrp Global SettingCLI This example enables Gvrp for the switch 194 Command Attributes Web Displaying Current VLANs 78 Vlan Current Table Command Attributes CLI Creating VLANs 187 CLI This example creates a new Vlan 179180 Adding Static Members to VLANs Vlan Index Adding Static Members to VLANs Port Index 185 81 Vlan Static Membership by Port Configuring Vlan Behavior for Interfaces 82 Vlan Port Configuration 183 Private VLANs182 184 Displaying Current Private VLANs 153 Configuring Private VLANs Associating VLANs189 Displaying Private Vlan Interface Information 190 Configuring Private Vlan Interfaces 193 87 Private Vlan Port Configuration 191 Class of Service Configuration Layer 2 Queue SettingsSetting the Default Priority for Interfaces 88 Port Priority Configuration CLI This example assigns a default priority of 5 to port Mapping CoS Values to Egress Queues 12 Egress Queue Priority Mapping13 CoS Priority Levels 201 203 Selecting the Queue Mode 90 Queue Mode Setting the Service Weight for Traffic Classes 200202 Selecting IP Precedence/DSCP Priority Layer 3/4 Priority SettingsMapping Layer 3/4 Priorities to CoS Values 204 Mapping IP Precedence 14 Mapping IP Precedence 206 Mapping Dscp Priority15 Mapping Dscp Priority Values 209 207 210 Mapping IP Port Priority 95 IP Port Priority Status Mapping CoS Values to ACLs 16 Egress Queue Priority Mapping205 Multicast Filtering 108 Configuring Igmp Snooping and Query Parameters Layer 2 Igmp Snooping and Query 98 Igmp Configuration Enabling Igmp Immediate Leave Displaying Interfaces Attached to a Multicast Router 100 Displaying Multicast Router Port Information Specifying Static Interfaces for a Multicast Router 220219 Displaying Port Members of Multicast Services 215 Assigning Ports to Multicast Services 103 Igmp Member Port Table Igmp Filtering and Throttling Enabling Igmp Filtering and Throttling Configuring Igmp Filter Profiles 104 Enabling Igmp Filtering and Throttling 105 Igmp Profile Configuration Configuring Igmp Filtering and Throttling for Interfaces 106 Igmp Filter and Throttling Port Configuration General Configuration Guidelines for MVR Multicast Vlan Registration Configuring Global MVR Settings 107 MVR Global Configuration Displaying MVR Interface Status 108 MVR Port Information Displaying Port Members of Multicast Groups 109 MVR Group IP Information Configuring MVR Interface Status MVR Vlan Web Click MVR, Port or Trunk Configuration Assigning Static Multicast Groups to Interfaces Configuring Domain Name Service Configuring General DNS Service Parameters 190 236 234235 237 Configuring Static DNS Host to Address Entries 113 DNS Static Host Table Displaying the DNS Cache 233238 Switch Clustering Cluster Configuration 249 Cluster Member ConfigurationAdds Candidate switches to the cluster as Members 250 Web Click Cluster, Member Configuration Displays current cluster Member switch informationCluster Member Information Cluster Candidate Information 253 Configuring the Switch 198 Using the Command Line Interface Accessing the CLITelnet Connection Command Line Interface Getting Help on Commands Entering CommandsCommand Completion Keywords and Arguments Showing Commands CLIMSGPRIVILEGEEXECCMDW2SHOWMVR Understanding Command Modes Negating the Effect of CommandsUsing Command History Partial Keyword Lookup Exec Commands Command Modes Consoleconfig-if# 131 Configuration CommandsConfiguration Modes Command Prompt Spanning-tree mst-configuration Consoleconfig-mstp# 160 Command Line Processing Command Line ProcessingKeystroke Function Command Groups Command Groups Description Command Line Interface Line Commands Line Syntax Login local no login LoginRelated Commands Example Syntax Password 0 7 password no password PasswordUsername 4-27 password No password is specified Timeout login response Exec-timeoutSyntax Exec-timeout seconds no exec-timeout Syntax Password-thresh threshold no password-thresh Password-threshSilent-time4-16 Timeout login response Default value is three attempts Syntax Silent-time seconds no silent-time Silent-timeDatabits Syntax Databits 7 8 no databits Parity Syntax Parity none even odd no parity Syntax Speed bps no speed SpeedStopbits Syntax Stopbits 1 Syntax Disconnect session-id DisconnectShow line Syntax Show line console vty To show all lines, enter this command General CommandsEnable General Commands Function Mode Enable DisableDisable Enable password Level Configure Show history Reload End Exit This command exits the configuration programThis example shows how to quit a CLI session Quit System Management Commands Device Designation CommandsPrompt Hostname User Access CommandsUser Access Commands Function Mode Syntax Hostname name no hostname 10 Default Login Settings Username Access-level Password Guest AdminUsername Enable password Default is level Default password is superEnable 4-20 authentication enable Management IP Filter Commands11 IP Filter Commands Function Mode Management Show management Web Server Commands Ip http portIp http server Ip http port Syntax No ip http secure-server Default SettingIp http secure-server 13 Https System Support Web Browser Operating System Portnumber The UDP port used for HTTPS/SSL. Range Ip http secure-portIp http secure-port4-33 Copy tftp https-certificate Ip http secure-server4-32 Telnet Server Commands Ip telnet portIp telnet server Ip telnet port Secure Shell Commands15 SSH Commands Function Mode Sets the SSH server key size Copy tftp public-key Command Line Interface Syntax No ip ssh server Default Setting Ip ssh serverIp ssh crypto host-key generate 4-40 show ssh Syntax Ip ssh timeout seconds no ip ssh timeout Ip ssh timeoutIp ssh authentication-retries Exec-timeout4-14 show ip ssh Ip ssh server-key size Delete public-keySyntax Delete public-key username dsa rsa Syntax Ip ssh crypto host-key generate dsa rsa Ip ssh crypto host-key generateIp ssh crypto zeroize Syntax Ip ssh crypto zeroize dsa rsa Ip ssh save host-key Show ip sshSyntax Ip ssh save host-key dsa rsa Show ssh 16 show ssh display descriptionTerminology Username Name of an SSH user. Range 1-8 characters Show public-keySyntax Show public-key user username host Shows all public keys Syntax No logging on Default Setting Event Logging Commands17 Event Logging Commands Function Mode Logging on Flash errors level 3 RAM warnings level 6 Logging history18 Logging Levels Syntax No logging host hostipaddress Logging hostLogging facility Hostipaddress The IP address of a syslog server Syntax Logging trap level no logging trap Logging trapClear logging Syntax Clear logging flash ram Show logging Syntax Show logging flash ram sendmail trap19 show logging flash/ram display description Syntax Show log flash ram login tail Facility commandLogging trap command Show log Logging sendmail host Smtp Alert Commands21 Smtp Alert Commands Function Mode Following example shows sample messages stored in RAM Logging sendmail level Syntax Logging sendmail level level Syntax No logging sendmail source-email email-address Logging sendmail source-emailLogging sendmail destination-email This example will set the source email john@acme.com Syntax No logging sendmail Default Setting Logging sendmailShow logging sendmail Syntax No sntp client Default Setting Time Commands22 Time Commands Function Mode Sntp client Syntax Sntp server ip1 ip2 ip3 Sntp serverSntp server 4-55 sntp poll 4-56 show sntp Ip IP address of an NTP time server. Range 1-3 addresses Sntp poll Show sntpSyntax Sntp poll seconds no sntp poll Ntp server Syntax No ntp client Default SettingNtp client Sntp client 4-54 ntp poll 4-58 ntp server Ntp client 4-57 ntp poll 4-58 show ntp Ntp pollVersion number Syntax Ntp poll seconds no ntp poll Syntax No ntp authenticate Default Setting Ntp authenticateNtp authentication-key Ntp authentication-key4-59 Show ntp Clock timezone Show calendar This command displays the system clockCalendar set Calendar set hour min sec day month year month day year System Status Commands Show startup-config23 System Status Commands Function Mode Show running-config4-65 Show running-config Show startup-config4-63 This command displays system information Show systemShow users Show version Jumbo frame Enables support for jumbo frames Frame Size Commands24 Frame Size Commands Syntax No jumbo frame Default Setting Flash/File Commands 25 Flash/File CommandsCommand Function Mode Copy Flash/File Commands Following example shows how to download a configuration file Dir Syntax Dir boot-rom config opcode filenameDelete Delete filename 26 File Directory Information WhichbootSyntax whichboot Default Setting Column Heading Description Boot system Syntax Boot system boot-romconfig opcode filenameDir 4-73 whichboot Authentication login Authentication CommandsAuthentication Sequence 27 Authentication Commands Command Group Function Authentication enable Username for setting the local user names and passwords Radius Client 29 Radius Client Commands Function ModeShow radius-server Shows the current Radius settings Radius-server host Radius-server port Radius-server key Radius-server timeout Radius-server retransmit 30 Tacacs Commands Function Mode TACACS+ ClientShow radius-server Tacacs-server key Tacacs-server hostTacacs-server port Syntax Tacacs-server port portnumber no tacacs-server port Show tacacs-server Syntax Tacacs-server key keystring no tacacs-server key Status Disabled Action None Maximum Addresses Port Security Commands31 Port Security Commands Function Mode Interface Configuration Ethernet 802.1X Port Authentication 32 802.1X Port Authentication Command Function Mode Be re-authenticated Dot1x timeout tx-period Dot1x defaultAcquire a new client Dot1x timeout re-authperiod Syntax No system-auth-control Default Setting Dot1x port-control Default Command ModeDot1x max-req Syntax Dot1x max-req count no dot1x max-req Dot1x operation-mode Dot1x re-authenticateSyntax Dot1x re-authenticate interface Interface Syntax No dot1x re-authentication Command Mode Dot1x re-authenticationDot1x timeout quiet-period Seconds The number of seconds. Range Dot1x timeout re-authperiod Dot1x timeout tx-periodShow dot1x Syntax Show dot1x statistics interface interface Statistics Displays dot1x status for each port State Current state including initialize, reauthenticate Authenticator State MachineReauthentication State Machine Backend State Machine Example Network Access Network-access mode33 Network Access Command Function Mode Network-access max-mac-count 1024 Network-access mac-filter Syntax No network-access mac-filter filter-idmac-address Syntax No network-access dynamic-vlan Default Setting Network-access port-mac-filterNetwork-access dynamic-vlan Filter-id- The number that identifies the filter. Range Mac-authentication reauth-time Following example enables dynamic Vlan assignment on port1800 Syntax Show network-access interface interface Clear network-accessShow network-access Displays the settings for all interfaces Use this command to display MAC authentication filters Show network-access mac-filterShow network-access mac-address-table Displays all filters 101 Access Control List Commands Access Control Lists 35 IP ACLs Command Function Mode Access-list ip34 Access Control Lists Command Groups Function Syntax No access-list ip standard extended aclname Permit, deny Ip access-group4-107 show ip access-list4-107 Syntax No permit deny any source bitmask host sourceStandard ACL Access-list ip No permit deny tcp Extended ACL Syntax Show ip access-list standard extended aclname Show ip access-listIp access-group Syntax No ip access-group aclname Show ip access-list4-107 Show ip access-groupMap access-list ip This command shows the ports assigned to IP ACLs Syntax Show map access-list ip interface Show map access-list ipQueue cos-map4-201 Show map access-list ip 36 Egress Queue Priority Mapping Example Syntax No access-list mac aclname Access-list mac37 MAC ACLs Command Function Mode MAC ACLs Permit, deny MAC ACL Syntax No permit deny Syntax Show mac access-list aclname Show mac access-listMac access-group Syntax Mac access-group aclname Show mac access-list4-112 Show mac access-groupMap access-list mac This command shows the ports assigned to MAC ACLs Syntax Show map access-list mac interface Show map access-list macQueue cos-map4-201 Show map access-list mac 38 Egress Queue Priority Mapping 39 ACL Information Command Function Mode Show access-listShow access-group ACL Information Snmp Commands 40 Snmp Commands Function Mode Syntax No snmp-server Default Setting Snmp-serverShow snmp Snmp-server community Syntax Snmp-server contact string no snmp-server contact Snmp-server contactSnmp-server location Syntax Snmp-server location text no snmp-server location Snmp-server host Host Address None Notification Type Traps Snmp Version UDP Port Snmp-server enable traps Snmp-server enable trapsIssue authentication and link-up-down traps Snmp-server engine-id This command shows the Snmp engine ID This example shows the default engine IDShow snmp engine-id Examples Defaultview includes access to the entire MIB treeSnmp-server view This view includes MIB-2 Snmp-server group This command shows information on the Snmp viewsShow snmp view 42 show snmp view display description Show snmp group Snmp-server user 43 show snmp group display description 129 This command shows information on Snmp users Show snmp user44 show snmp user display description Interface Interface Commands45 Interface Commands Function Mode Port-channel channel-idRange Description Speed-duplexSyntax Description string no description Syntax No negotiation Default Setting NegotiationNegotiation 4-133 capabilities Following example configures port 11 to use autonegotiation CapabilitiesCapabilities 4-134speed-duplex4-132 Syntax No flowcontrol Default Setting FlowcontrolNegotiation 4-133speed-duplex4-132 flowcontrol Syntax No shutdown Default Setting Shutdown Port-channel channel-idRange Default Setting Switchport broadcast packet-rateThis command clears statistics on an interface Clear counters Following example clears statistics on port This command displays the status for an interfaceShow interfaces status Syntax Show interfaces status interface Syntax Show interfaces counters interface This command displays interface statisticsShow interfaces counters Shows the counters for all interfaces Show interfaces switchport Syntax Show interfaces switchport interfaceShows all interfaces Interfaces Switchport Statistics Port monitor Mirror Port Commands47 Mirror Port Commands Function Mode Interface ethernet unit/port source port Show port monitor This command displays mirror informationFollowing shows mirroring configured from port 6 to port Syntax Show port monitor interface Rate-limit Rate Limit Commands48 Rate Limit Commands Function Mode Fast Ethernet255 Gigabit Ethernet30 Rate-limit granularity Global Configuration Ethernet, Port ChannelUse this command to display the rate limit granularity Show rate-limit 151 Link Aggregation Commands49 Link Aggregation Commands 138 General Guidelines Channel-groupGuidelines for Creating Trunks Dynamically Creating a Port Channel Syntax No lacp Default Setting LacpFollowing example creates trunk 1 and then adds port Lacp system-priority 32768 Lacp admin-keyEthernet Interface Lacp admin-key Port Channel Interface Configuration Port Channel This command displays Lacp information Lacp port-priorityShow lacp Type Port Channel all50 show lacp counters display description Badly formed PDU or an illegal value of Protocol Subtype 51 show lacp internal display description 52 show lacp neighbors display description Address Table Commands 54 Address Table Commands Function Mode53 show lacp sysid display description Vlan-id- Vlan ID Range Mac-address-table staticMac-address- MAC address Action Clear mac-address-table dynamic Show mac-address-tableMac-address- MAC address Mask Bits to match in the address Mac-address-table aging-time Show mac-address-table aging-time Spanning Tree Commands 55 Spanning Tree Commands Function Mode Spanning tree is enabled Spanning-tree modeSyntax No spanning-tree Default Setting Spanning-tree Spanning-tree forward-time Spanning-tree hello-time Spanning-tree forward-time 4-162spanning-tree max-age Spanning-tree max-age Spanning-tree prioritySpanning-tree forward-time 4-162spanning-tree hello-time Spanning-tree pathcost method Long method Spanning-tree transmission-limit Spanning-tree mst-configurationThis command limits the maximum transmission rate for BPDUs Count The transmission limit in seconds. Range MST Configuration Mst vlanNo mst instanceid vlan vlan-range Mst instanceid priority priority no mst instanceid priority Mst priorityName Syntax Name name Syntax Revision number RevisionMax-hops Max-hopshop-number This example disables the spanning tree algorithm for port Spanning-tree spanning-disabledSyntax No spanning-tree spanning-disabled Default Setting Spanning-tree cost Spanning-tree port-priority Priority The priority for a port. Range 0-240, in steps Syntax No spanning-tree edge-port Default Setting Spanning-tree edge-port Spanning-tree link-type Syntax No spanning-tree portfast Default SettingSpanning-tree portfast Spanning-treeedge-port4-172 Spanning-tree mst cost Auto Spanning-tree mst port-priority Spanning-tree mst port-priority4-175 Show spanning-tree Port-channel channel-idRange Command ModeSpanning-tree protocol-migration Syntax Spanning-tree protocol-migration interface 177 Show spanning-tree mst configuration 57 Editing Vlan Groups Command Function Mode Vlan Commands56 VLANs Command Groups Function Editing Vlan Groups Vlan By default only Vlan 1 exists and is activeVlan Database Configuration Show vlan Interface vlan Configuring Vlan Interfaces58 Configuring Vlan Interfaces Command Function Mode Interface vlan All ports are in hybrid mode with the Pvid set to Vlan Switchport modeSwitchport acceptable-frame-types Switchport acceptable-frame-types4-182 Switchport ingress-filtering Syntax No switchport ingress-filtering Default Setting Switchport native vlan Switchport allowed vlan Switchport forbidden vlan 59 Show Vlan Commands Function ModeDisplaying Vlan Information Show vlan This command shows Vlan informationFollowing example shows how to display information for Vlan Shows all VLANs Configuring Private VLANs 60 Private Vlan Commands Vlan Configuration Private-vlan Private vlan association No private-vlan primary-vlan-idassociation Normal Vlan Switchport mode private-vlanSwitchport private-vlan host-association Secondary-vlan-id- ID of secondary VLAN. Range Switchport private-vlan isolated Isolated-vlan-id- ID of isolated VLAN. Range Switchport private-vlan mapping Show vlan private-vlanSyntax Show vlan private-vlan community isolated primary Syntax No bridge-ext gvrp Default Setting Gvrp and Bridge Extension Commands61 Gvrp and Bridge Extension Commands Function Mode Bridge-ext gvrp Switchport gvrp Syntax No switchport gvrp Default SettingShow bridge-ext This command shows if Gvrp is enabled Show gvrp configurationGarp timer Syntax Show gvrp configuration interface Show garp timer Syntax Show garp timer interfaceShows all Garp timers 62 Priority Commands Command Groups Function Priority CommandsPriority Commands Layer 63 Priority Commands Layer Function Mode Queue mode Switchport priority defaultSyntax Queue mode strict wrr no queue mode Queue bandwidth weight1...weight4 no queue bandwidth Queue bandwidth Queue cos-map Queue cos-mapqueueid cos1 ... cosn no queue cos-map Show queue bandwidth Show queue modeThis command shows the current queue mode Show queue cos-map4-203 This command shows the class of service priority map Show queue cos-mapSyntax Show queue cos-map interface Priority Commands Layer 3 65 Priority Commands Layer 3 Function ModeSyntax No map ip port Default Setting Following example shows how to map Http traffic to CoS value Syntax No map ip precedence Default Setting List below shows the default priority mapping 66 Mapping IP Precedence Values CoS Value Command Mode Syntax No map ip dscp Default Setting Map ip dscp dscp-value cos cos-value no map ip dscp 67 IP Dscp to CoS Vales IP Dscp Value CoS Value Use this command to show the IP port priority mapShow map ip port 10, 12, 14 18, 20, 22 26, 28, 30, 32, 34 38, 40 This command shows the IP precedence priority map Show map ip precedenceSyntax Show map ip precedence interface This command shows the IP Dscp priority map Show map ip dscpSyntax Show map ip dscp interface 68 Multicast Filtering Commands Command Groups Function Multicast Filtering CommandsIgmp Snooping Commands 69 Igmp Snooping Commands Function Mode Ip igmp snooping Syntax No ip igmp snooping Default SettingFollowing example enables Igmp snooping Ip igmp snooping vlan static Ip igmp snooping immediate-leave Following configures the switch to use Igmp VersionIp igmp snooping version Igmp Version Show ip igmp snooping Show mac-address-table multicast 215 Syntax No ip igmp snooping querier Default Setting Igmp Query Commands Layer70 Igmp Query Commands Layer Function Mode Ip igmp snooping querier Times Following shows how to configure the query count toIp igmp snooping query-interval Ip igmp snooping query-max-response-time4-218 Seconds The report delay advertised in Igmp queries. Range Ip igmp snooping query-max-response-timeIp igmp snooping router-port-expire-time Ip igmp snooping vlan mrouter Static Multicast Routing Commands71 Static Multicast Routing Commands Function Mode Syntax No ip igmp snooping vlan vlan-idmrouter interface Syntax Show ip igmp snooping mrouter vlan vlan-id Displays multicast router ports for all configured VLANsShow ip igmp snooping mrouter Multicast router port types displayed include Static Syntax No ip igmp filter Default Setting Igmp Filtering and Throttling Commands72 Igmp Filtering and Throttling Commands Function Mode 223 Permit, deny Syntax Permit deny Default SettingIp igmp profile Syntax No ip igmp profile profile-number Range No range low-ip-address high-ip-addressSyntax No ip igmp filter profile-number Ip igmp max-groups Syntax Ip igmp max-groups number No ip igmp max-groups Syntax Ip igmp max-groups action replace deny Ip igmp max-groups actionShow ip igmp filter Syntax Show ip igmp filter interface Syntax Show ip igmp profile profile-number Show ip igmp profileShow ip igmp throttle interface Syntax Show ip igmp throttle interface interface 229 Multicast Vlan Registration Commands73 Multicast Vlan Registration Commands Function Mode Multicast groups assigned to the MVR Vlan Command Line Interface Mvr Global Configuration No mvr group ip-address count vlan vlan-id Multicast Filtering Commands Mvr Interface Configuration Show mvr Syntax Show mvr interface interface members ip-addressUnit Stack unit. Range Port Port number. Range Are satisfied Following shows the global MVR settings74 show mvr display description 75 show mvr interface display description Domain Name Service Commands 77 DNS Commands Function Mode76 show mvr members display description No ip host name address1 address2 … address8 Ip hostClear host Syntax Clear host name This example clears all static entries from the DNS table Ip domain-nameRemoves all entries Syntax Ip domain-name name no ip domain-name Ip domain-list Syntax No ip domain-list nameIp domain-name4-234 Server-address1- IP address of domain-name server Ip name-serverIp domain-lookup Ip domain-name4-234 ip domain-lookup4-236 Show hosts Ip domain-name4-234 ip name-server4-236 Show dns Show dns cache78 show dns cache display description This command clears all entries in the DNS cache Clear dns cache Syntax No ip dhcp relay information option Default Setting Dhcp Commands79 Dhcp Commands Function Mode Ip dhcp relay information option Syntax Ip dhcp relay information policy drop keep replace Ip dhcp relay information policyIp dhcp relay server Ip dhcp relay server address1 address2 address3 Show ip dhcp-relay Usage Guidelines IP Interface Commands 80 IP Interface Commands Function ModeIp address Gateway IP address of the default gateway Ip default-gatewaySyntax Ip default-gateway gateway no ip default-gateway No static route is established Ip dhcp restart Show ip interface Show ip redirects Ip default-gateway4-244This command has no default for the host Ping 247 Syntax No cluster Default Setting Switch Cluster Commands81 Switch Cluster Commands Function Mode Cluster Cluster ip-pool Cluster commanderSyntax No cluster commander Default Setting Syntax Cluster ip-pool ip-addressno cluster ip-pool Member-id- The ID number of the Member switch. Range RcommandSyntax Rcommand id member-id Cluster member Show cluster This command shows the switch clustering configurationThis command shows the current switch cluster members Show cluster members Show cluster candidates Appendix a Software Specifications Software Features Management Features Groups 1, 2, 3, 9 Statistics, History, Alarm, EventStandards Management Information Bases Software Specifications Table B-1 Troubleshooting Chart Symptom Action Using System Logs Class of Service CoS Access Control List ACLBoot Protocol Bootp Differentiated Services Code Point Service Dscp Generic Multicast Registration Protocol Gmrp Garp Vlan Registration Protocol GvrpGeneric Attribute Registration Protocol Garp Group Attribute Registration Protocol Garp Internet Group Management Protocol Igmp Igmp SnoopingIgmp Query In-Band Management Remote Authentication Dial-in User Service Radius Multicast SwitchingPort Authentication MD5 Message-Digest Algorithm Secure Shell SSH Remote Monitoring RmonRapid Spanning Tree Protocol Rstp Simple Network Management Protocol Snmp User Datagram Protocol UDP Virtual LAN VlanXModem Index Numerics Gateway, default 3-14,4-245 Garp Vlan Registration Protocol See Index-3 Index-4 Page ES3526XA ES3552XA E122006-CS-R02D 149100005500H