Network-access mac-filter | Accton Technology ES3526XA, ES3552XA

4 Command Line Interface

Command Mode

Interface Configuration

Command Usage

The maximum number of MAC addresses per port is 1024, and the maximum number of secure MAC addresses supported for the switch system is 1024. When the limit is reached, all new MAC addresses are treated as authentication failed.

Example

Console(config-if)#network-access max-mac-count 5

Console(config-if)#

network-access mac-filter

Use this command to define MAC address filters for network access. The MAC address filters are used to specify MAC addresses to be excluded from network access authentication. Use the no form of this command to remove existing MAC address filters.

Syntax

[no] network-access mac-filter filter-idmac-address

•filter-id- The number that identifies the filter. (Range: 1-64)

•mac-address- A MAC address to be excluded from authentication. (Must be in the format: xx-xx-xx-xx-xx-xx.)

Default Setting

None

Command Mode

Global Configuration

Command Usage

•Enter this command more than once with the same filter ID to add multiple MAC addresses to a filter.

•Once created, filters must be applied to a port interface using the network-accessport-mac-filtercommand. Only one filter can be applied to a port.

•MAC addresses in a filter are not authenticated by a RADIUS server when seen on a port, the addresses are immediately added to the secure MAC address table.

4-96

Image 338

Accton Technology ES3526XA, ES3552XA Network-access mac-filter, Syntax No network-access mac-filter filter-idmac-address

Contents

Powered by Accton Page Fast Ethernet Switch ES3526XA ES3552XA F2.2.6.3 E122006-CS-R02 149100005500H Contents Page Iii Page Command Line Interface Page Vii Viii Contents Page Contents Xii Glossary Index Appendix a Software SpecificationsAppendix B Troubleshooting Xiii Xiv Tables Xvi Xvii Xviii Figures Xix Figures Xxi Xxii Feature Description Key FeaturesKey Features Supports standard STP and Rapid Spanning Tree Protocol Rstp Description of Software Features Description of Software Features Introduction Function Parameter Default System DefaultsSystem Defaults Password super System Defaults Function Parameter Client Enabled Clock Synchronization Disabled Introduction Connecting to the Switch Configuration Options Initial Configuration Required Connections Console Connection Basic ConfigurationRemote Connections Manual Configuration Setting PasswordsSetting an IP Address Dynamic Configuration Enabling Snmp Management Access Community Strings for Snmp version 1 and 2c clients 120 Trap Receivers118 125 Saving Configuration SettingsConfiguring Access for Snmp Version 3 Clients 126 Managing System Files Initial Configuration Configuring the Switch Using the Web Interface Navigating the Web Browser Interface Home Configuration Options Panel Display Main Menu ConfigurationMain Menu Menu Description System System Information Menu Description ACL 143 139Current Table 148 164 Class-of-service value IP Dscp Priority155 Dscp Priority Status Both IP Precedence Priority Configuration Settings Igmp Filter/Throttling Trunk Menu Description Igmp Snooping 170 Igmp ConfigurationQuery Igmp Filter Configuration Configuration Settings Main Menu Displaying System Information Field Attributes Management Software Displaying Switch Hardware/Software VersionsMain Board Expansion Slot Displaying Switch Information Bridge Extension Configuration Displaying Bridge Extension Capabilities Command Attributes Setting the Switch’s IP AddressCLI Enter the following command 195 245 131244 Using DHCP/BOOTP 246 Command Usage Dhcp Relay and Option 82 Information 241 242 Managing Firmware Downloading System Software from a Server Operation Code Image File Transfer 11 Deleting Files Saving or Restoring Configuration Settings Downloading Configuration Settings from a Server 12 Copy Configuration Settings Console Port Settings 14 Console Port Settings Telnet Settings 15 Enabling Telnet Configuring Event Logging System Log Configuration Logging Levels Level Severity Name Description Remote Log Configuration 17 Remote Logs Displaying Log Messages CLI This example shows the event message stored in RAM Sending Simple Mail Transfer Protocol Alerts 19 Enabling and Configuring Smtp Alerts Resetting the System 20 Resetting the System Setting the System Clock Configuring Sntp Configuring NTP 22 NTP Client Configuration Setting the Time Zone Simple Network Management Protocol User defined SNMPv3 Security Models and LevelsLevel Group Read View Write View Notify View Security Enabling the Snmp Agent Setting Community Access StringsCLI The following example enables Snmp on the switch 117 25 Configuring Snmp Community Strings Specifying Trap Managers and Trap Types Configuring the Switch Configuring SNMPv3 Management Access 122 CLI This example sets an SNMPv3 engine ID Setting a Local Engine IDSpecifying a Remote Engine ID 123 Configuring SNMPv3 Users CLI This example specifies a remote SNMPv3 engine ID 29 Configuring SNMPv3 Users Configuring Remote SNMPv3 Users 130 30 Configuring Remote SNMPv3 Users Configuring SNMPv3 Groups Supported Notification Messages SwFanRecoverTrap Private Traps SwPowerStatusThis trap is sent when the fan fails This trap is sent when the fan failure has 31 Configuring SNMPv3 Groups 127 Setting SNMPv3 Views 32 Configuring SNMPv3 Views User Authentication Configuring User Accounts 33 Access Levels Configuring Local/Remote Logon Authentication Radius Settings Tacacs Settings 34 Authentication Settings Configuring Https Https System Support Replacing the Default Secure-site Certificate Address server ip-address Configuring the Secure Shell Configuring the Switch Generating the Host Key Pair 36 SSH Host-Key Settings Configuring the SSH Server SSH server includes basic settings for authentication Configuring Port Security 38 Configuring Port Security Configuring 802.1X Port Authentication CLI This example shows the default global setting for Displaying 802.1X Global Settings802.1X protocol provides client authentication Web Click Security, 802.1X, Information CLI This example enables 802.1X globally for the switch Configuring 802.1X Global SettingsConfiguring Port Settings for 41 802.1X Port Configuration Authorized Consoleconfig#interface ethernet 1/2 Displaying 802.1X Statistics 802.1X Statistics MAC Address Authentication CLI This example displays the 802.1X statistics for port Configuring the MAC Authentication Reauthentication Time Configuring MAC Authentication for Ports Web Click Security, Network Access, Configuration Displaying Secure MAC Address Information Web Click Security, Network Access, Port ConfigurationCLI This example configures MAC authentication for port 45 Network Access MAC Address Information Configuring MAC Address Filters 100 Filtering Addresses for Management Access CLI This example allows Snmp access for a specific client 47 Creating a Web IP Filter List Access Control Lists Configuring Access Control Lists 103 Setting the ACL Name and TypeCLI This example creates a standard IP ACL named david Configuring a Standard IP ACL 104 Configuring an Extended IP ACL 50 ACL Configuration Extended IP 105 Configuring a MAC ACL 111 Binding a Port to an Access Control List 52 Binding a Port to an ACL Field Attributes Web Port ConfigurationDisplaying Connection Status 107 Basic Information ConfigurationWeb Click Port, Port Information or Trunk Information 138 Configuring Interface ConnectionsCurrent Status 54 Port/Trunk Configuration 135 Creating Trunk Groups136 Statically Configuring a Trunk 55 Configuring Port Trunks Enabling Lacp on Selected Ports 147 56 Lacp Configuration 148 Configuring Lacp Parameters Dynamically Creating a Port Channel 57 Lacp Aggregation Port Lacp Port Counters Displaying Lacp Port CountersYou can display statistics for Lacp protocol messages Protocols Ethernet Type LACPDUs Illegal Pkts Field Description Displaying Lacp Settings and Status for the Local SideLacp Internal Configuration Information 59 Lacp Port Internal Information Displaying Lacp Settings and Status for the Remote Side 10 Lacp Neighbor Configuration Information Console#show lacp 1 neighbors Setting Broadcast Storm Thresholds 61 Port Broadcast Control 140 Configuring Port Mirroring137 142 Configuring Rate LimitsRate Limit Granularity Rate Limit Configuration 145 Showing Port Statistics 144 FCS Errors Transmit ErrorsErrors Protocol Rmon Statistics 11 Port StatisticsParameter Description Or alignment error Fragments 65 Port Statistics CLI This example shows statistics for port Address Table SettingsSetting Static Addresses 139 Displaying the Address Table 157 67 Dynamic Addresses 158 CLI This example sets the aging time to 300 seconds Spanning Tree Algorithm ConfigurationChanging the Aging Time 159 Designated Root Port Bridge Displaying Global Settings For this Region 120 69 STA Information 176 Mstp Basic Configuration of Global Settings Configuring Global SettingsGlobal settings apply to the entire switch Root Device Configuration Configuration Settings for Rstp Configuration Settings for Mstp 70 STA Global Configuration Displaying Interface Settings AD B 71 STA Port Information Configuring Interface Settings CLI This example shows the STA attributes for port 131 Configuring Multiple Spanning Trees CLI This example sets STA attributes for port 133 73 Mstp Vlan Configuration 178 167 Displaying Interface Settings for Mstp 74 Mstp Port Information Configuring Interface Settings for Mstp 174 CLI This example sets the Mstp attributes for port175 Assigning Ports to VLANs Vlan ConfigurationIeee 802.1Q VLANs VA Vlan Aware VU Vlan Unaware Forwarding Tagged/Untagged Frames Displaying Basic Vlan Information Enabling or Disabling Gvrp Global SettingCLI This example enables Gvrp for the switch 194 Command Attributes Web Displaying Current VLANs 78 Vlan Current Table Command Attributes CLI Creating VLANs 187 180 CLI This example creates a new Vlan179 Adding Static Members to VLANs Vlan Index Adding Static Members to VLANs Port Index 185 81 Vlan Static Membership by Port Configuring Vlan Behavior for Interfaces 82 Vlan Port Configuration 183 Private VLANs182 184 Displaying Current Private VLANs 153 189 Configuring Private VLANsAssociating VLANs Displaying Private Vlan Interface Information 190 Configuring Private Vlan Interfaces 193 87 Private Vlan Port Configuration 191 Setting the Default Priority for Interfaces Class of Service ConfigurationLayer 2 Queue Settings 88 Port Priority Configuration CLI This example assigns a default priority of 5 to port 13 CoS Priority Levels Mapping CoS Values to Egress Queues12 Egress Queue Priority Mapping 201 203 Selecting the Queue Mode 90 Queue Mode 202 Setting the Service Weight for Traffic Classes200 Selecting IP Precedence/DSCP Priority Layer 3/4 Priority SettingsMapping Layer 3/4 Priorities to CoS Values 204 Mapping IP Precedence 14 Mapping IP Precedence 206 Mapping Dscp Priority15 Mapping Dscp Priority Values 209 207 210 Mapping IP Port Priority 95 IP Port Priority Status 205 Mapping CoS Values to ACLs16 Egress Queue Priority Mapping Multicast Filtering 108 Configuring Igmp Snooping and Query Parameters Layer 2 Igmp Snooping and Query 98 Igmp Configuration Enabling Igmp Immediate Leave Displaying Interfaces Attached to a Multicast Router 100 Displaying Multicast Router Port Information 219 Specifying Static Interfaces for a Multicast Router220 Displaying Port Members of Multicast Services 215 Assigning Ports to Multicast Services 103 Igmp Member Port Table Igmp Filtering and Throttling Enabling Igmp Filtering and Throttling Configuring Igmp Filter Profiles 104 Enabling Igmp Filtering and Throttling 105 Igmp Profile Configuration Configuring Igmp Filtering and Throttling for Interfaces 106 Igmp Filter and Throttling Port Configuration General Configuration Guidelines for MVR Multicast Vlan Registration Configuring Global MVR Settings 107 MVR Global Configuration Displaying MVR Interface Status 108 MVR Port Information Displaying Port Members of Multicast Groups 109 MVR Group IP Information Configuring MVR Interface Status MVR Vlan Web Click MVR, Port or Trunk Configuration Assigning Static Multicast Groups to Interfaces Configuring Domain Name Service Configuring General DNS Service Parameters 190 236 234235 237 Configuring Static DNS Host to Address Entries 113 DNS Static Host Table 238 Displaying the DNS Cache233 Switch Clustering Cluster Configuration 249 Cluster Member ConfigurationAdds Candidate switches to the cluster as Members 250 Cluster Member Information Web Click Cluster, Member ConfigurationDisplays current cluster Member switch information Cluster Candidate Information 253 Configuring the Switch 198 Telnet Connection Using the Command Line InterfaceAccessing the CLI Command Line Interface Getting Help on Commands Entering CommandsCommand Completion Keywords and Arguments Showing Commands CLIMSGPRIVILEGEEXECCMDW2SHOWMVR Understanding Command Modes Negating the Effect of CommandsUsing Command History Partial Keyword Lookup Exec Commands Command Modes Consoleconfig-if# 131 Configuration CommandsConfiguration Modes Command Prompt Spanning-tree mst-configuration Consoleconfig-mstp# 160 Keystroke Function Command Line ProcessingCommand Line Processing Command Groups Command Groups Description Command Line Interface Line Commands Line Syntax Login local no login LoginRelated Commands Example Syntax Password 0 7 password no password PasswordUsername 4-27 password No password is specified Syntax Exec-timeout seconds no exec-timeout Timeout login responseExec-timeout Syntax Password-thresh threshold no password-thresh Password-threshSilent-time4-16 Timeout login response Default value is three attempts Syntax Silent-time seconds no silent-time Silent-timeDatabits Syntax Databits 7 8 no databits Parity Syntax Parity none even odd no parity Syntax Speed bps no speed SpeedStopbits Syntax Stopbits 1 Syntax Disconnect session-id DisconnectShow line Syntax Show line console vty To show all lines, enter this command General CommandsEnable General Commands Function Mode Enable DisableDisable Enable password Level Configure Show history Reload End Exit This command exits the configuration programThis example shows how to quit a CLI session Quit Prompt System Management CommandsDevice Designation Commands Hostname User Access CommandsUser Access Commands Function Mode Syntax Hostname name no hostname Username 10 Default Login Settings Username Access-level PasswordGuest Admin Enable 4-20 authentication enable Enable passwordDefault is level Default password is super Management IP Filter Commands11 IP Filter Commands Function Mode Management Show management Ip http server Web Server CommandsIp http port Ip http port Syntax No ip http secure-server Default SettingIp http secure-server 13 Https System Support Web Browser Operating System Portnumber The UDP port used for HTTPS/SSL. Range Ip http secure-portIp http secure-port4-33 Copy tftp https-certificate Ip http secure-server4-32 Ip telnet server Telnet Server CommandsIp telnet port Ip telnet port Secure Shell Commands15 SSH Commands Function Mode Sets the SSH server key size Copy tftp public-key Command Line Interface Ip ssh crypto host-key generate 4-40 show ssh Syntax No ip ssh server Default SettingIp ssh server Syntax Ip ssh timeout seconds no ip ssh timeout Ip ssh timeoutIp ssh authentication-retries Exec-timeout4-14 show ip ssh Syntax Delete public-key username dsa rsa Ip ssh server-key sizeDelete public-key Syntax Ip ssh crypto host-key generate dsa rsa Ip ssh crypto host-key generateIp ssh crypto zeroize Syntax Ip ssh crypto zeroize dsa rsa Syntax Ip ssh save host-key dsa rsa Ip ssh save host-keyShow ip ssh Terminology Show ssh16 show ssh display description Username Name of an SSH user. Range 1-8 characters Show public-keySyntax Show public-key user username host Shows all public keys Syntax No logging on Default Setting Event Logging Commands17 Event Logging Commands Function Mode Logging on 18 Logging Levels Flash errors level 3 RAM warnings level 6Logging history Syntax No logging host hostipaddress Logging hostLogging facility Hostipaddress The IP address of a syslog server Syntax Logging trap level no logging trap Logging trapClear logging Syntax Clear logging flash ram 19 show logging flash/ram display description Show loggingSyntax Show logging flash ram sendmail trap Syntax Show log flash ram login tail Facility commandLogging trap command Show log Logging sendmail host Smtp Alert Commands21 Smtp Alert Commands Function Mode Following example shows sample messages stored in RAM Logging sendmail level Syntax Logging sendmail level level Syntax No logging sendmail source-email email-address Logging sendmail source-emailLogging sendmail destination-email This example will set the source email john@acme.com Show logging sendmail Syntax No logging sendmail Default SettingLogging sendmail Syntax No sntp client Default Setting Time Commands22 Time Commands Function Mode Sntp client Syntax Sntp server ip1 ip2 ip3 Sntp serverSntp server 4-55 sntp poll 4-56 show sntp Ip IP address of an NTP time server. Range 1-3 addresses Syntax Sntp poll seconds no sntp poll Sntp pollShow sntp Ntp server Syntax No ntp client Default SettingNtp client Sntp client 4-54 ntp poll 4-58 ntp server Ntp client 4-57 ntp poll 4-58 show ntp Ntp pollVersion number Syntax Ntp poll seconds no ntp poll Syntax No ntp authenticate Default Setting Ntp authenticateNtp authentication-key Ntp authentication-key4-59 Show ntp Clock timezone Show calendar This command displays the system clockCalendar set Calendar set hour min sec day month year month day year 23 System Status Commands Function Mode System Status CommandsShow startup-config Show running-config4-65 Show running-config Show startup-config4-63 Show users This command displays system informationShow system Show version Jumbo frame Enables support for jumbo frames Frame Size Commands24 Frame Size Commands Syntax No jumbo frame Default Setting Command Function Mode Copy Flash/File Commands25 Flash/File Commands Flash/File Commands Following example shows how to download a configuration file Dir Syntax Dir boot-rom config opcode filenameDelete Delete filename 26 File Directory Information WhichbootSyntax whichboot Default Setting Column Heading Description Dir 4-73 whichboot Boot systemSyntax Boot system boot-romconfig opcode filename Authentication login Authentication CommandsAuthentication Sequence 27 Authentication Commands Command Group Function Authentication enable Username for setting the local user names and passwords Radius Client 29 Radius Client Commands Function ModeShow radius-server Shows the current Radius settings Radius-server host Radius-server port Radius-server key Radius-server timeout Radius-server retransmit Show radius-server 30 Tacacs Commands Function ModeTACACS+ Client Tacacs-server key Tacacs-server hostTacacs-server port Syntax Tacacs-server port portnumber no tacacs-server port Show tacacs-server Syntax Tacacs-server key keystring no tacacs-server key Status Disabled Action None Maximum Addresses Port Security Commands31 Port Security Commands Function Mode Interface Configuration Ethernet 802.1X Port Authentication 32 802.1X Port Authentication Command Function Mode Be re-authenticated Dot1x timeout tx-period Dot1x defaultAcquire a new client Dot1x timeout re-authperiod Syntax No system-auth-control Default Setting Dot1x port-control Default Command ModeDot1x max-req Syntax Dot1x max-req count no dot1x max-req Dot1x operation-mode Dot1x re-authenticateSyntax Dot1x re-authenticate interface Interface Syntax No dot1x re-authentication Command Mode Dot1x re-authenticationDot1x timeout quiet-period Seconds The number of seconds. Range Show dot1x Dot1x timeout re-authperiodDot1x timeout tx-period Syntax Show dot1x statistics interface interface Statistics Displays dot1x status for each port State Current state including initialize, reauthenticate Authenticator State MachineReauthentication State Machine Backend State Machine Example 33 Network Access Command Function Mode Network AccessNetwork-access mode Network-access max-mac-count 1024 Network-access mac-filter Syntax No network-access mac-filter filter-idmac-address Syntax No network-access dynamic-vlan Default Setting Network-access port-mac-filterNetwork-access dynamic-vlan Filter-id- The number that identifies the filter. Range 1800 Mac-authentication reauth-timeFollowing example enables dynamic Vlan assignment on port Syntax Show network-access interface interface Clear network-accessShow network-access Displays the settings for all interfaces Use this command to display MAC authentication filters Show network-access mac-filterShow network-access mac-address-table Displays all filters 101 Access Control List Commands Access Control Lists 35 IP ACLs Command Function Mode Access-list ip34 Access Control Lists Command Groups Function Syntax No access-list ip standard extended aclname Standard ACL Permit, deny Ip access-group4-107 show ip access-list4-107Syntax No permit deny any source bitmask host source Access-list ip No permit deny tcp Extended ACL Syntax Show ip access-list standard extended aclname Show ip access-listIp access-group Syntax No ip access-group aclname Show ip access-list4-107 Show ip access-groupMap access-list ip This command shows the ports assigned to IP ACLs Syntax Show map access-list ip interface Show map access-list ipQueue cos-map4-201 Show map access-list ip 36 Egress Queue Priority Mapping Example Syntax No access-list mac aclname Access-list mac37 MAC ACLs Command Function Mode MAC ACLs Permit, deny MAC ACL Syntax No permit deny Syntax Show mac access-list aclname Show mac access-listMac access-group Syntax Mac access-group aclname Show mac access-list4-112 Show mac access-groupMap access-list mac This command shows the ports assigned to MAC ACLs Syntax Show map access-list mac interface Show map access-list macQueue cos-map4-201 Show map access-list mac 38 Egress Queue Priority Mapping 39 ACL Information Command Function Mode Show access-listShow access-group ACL Information Snmp Commands 40 Snmp Commands Function Mode Show snmp Syntax No snmp-server Default SettingSnmp-server Snmp-server community Syntax Snmp-server contact string no snmp-server contact Snmp-server contactSnmp-server location Syntax Snmp-server location text no snmp-server location Snmp-server host Host Address None Notification Type Traps Snmp Version UDP Port Issue authentication and link-up-down traps Snmp-server enable trapsSnmp-server enable traps Snmp-server engine-id Show snmp engine-id This command shows the Snmp engine IDThis example shows the default engine ID Examples Defaultview includes access to the entire MIB treeSnmp-server view This view includes MIB-2 Snmp-server group This command shows information on the Snmp viewsShow snmp view 42 show snmp view display description Show snmp group Snmp-server user 43 show snmp group display description 129 44 show snmp user display description This command shows information on Snmp usersShow snmp user Interface Interface Commands45 Interface Commands Function Mode Port-channel channel-idRange Syntax Description string no description DescriptionSpeed-duplex Negotiation 4-133 capabilities Syntax No negotiation Default SettingNegotiation Capabilities 4-134speed-duplex4-132 Following example configures port 11 to use autonegotiationCapabilities Negotiation 4-133speed-duplex4-132 flowcontrol Syntax No flowcontrol Default SettingFlowcontrol Syntax No shutdown Default Setting Shutdown Port-channel channel-idRange Default Setting Switchport broadcast packet-rateThis command clears statistics on an interface Clear counters Following example clears statistics on port This command displays the status for an interfaceShow interfaces status Syntax Show interfaces status interface Syntax Show interfaces counters interface This command displays interface statisticsShow interfaces counters Shows the counters for all interfaces Shows all interfaces Show interfaces switchportSyntax Show interfaces switchport interface Interfaces Switchport Statistics Port monitor Mirror Port Commands47 Mirror Port Commands Function Mode Interface ethernet unit/port source port Show port monitor This command displays mirror informationFollowing shows mirroring configured from port 6 to port Syntax Show port monitor interface Rate-limit Rate Limit Commands48 Rate Limit Commands Function Mode Fast Ethernet255 Gigabit Ethernet30 Rate-limit granularity Global Configuration Ethernet, Port ChannelUse this command to display the rate limit granularity Show rate-limit 151 Link Aggregation Commands49 Link Aggregation Commands 138 General Guidelines Channel-groupGuidelines for Creating Trunks Dynamically Creating a Port Channel Following example creates trunk 1 and then adds port Syntax No lacp Default SettingLacp Lacp system-priority 32768 Lacp admin-keyEthernet Interface Lacp admin-key Port Channel Interface Configuration Port Channel Show lacp This command displays Lacp informationLacp port-priority Type Port Channel all50 show lacp counters display description Badly formed PDU or an illegal value of Protocol Subtype 51 show lacp internal display description 52 show lacp neighbors display description 53 show lacp sysid display description Address Table Commands54 Address Table Commands Function Mode Vlan-id- Vlan ID Range Mac-address-table staticMac-address- MAC address Action Mac-address- MAC address Mask Bits to match in the address Clear mac-address-table dynamicShow mac-address-table Mac-address-table aging-time Show mac-address-table aging-time Spanning Tree Commands 55 Spanning Tree Commands Function Mode Spanning tree is enabled Spanning-tree modeSyntax No spanning-tree Default Setting Spanning-tree Spanning-tree forward-time Spanning-tree hello-time Spanning-tree forward-time 4-162spanning-tree max-age Spanning-tree forward-time 4-162spanning-tree hello-time Spanning-tree max-ageSpanning-tree priority Spanning-tree pathcost method Long method Spanning-tree transmission-limit Spanning-tree mst-configurationThis command limits the maximum transmission rate for BPDUs Count The transmission limit in seconds. Range No mst instanceid vlan vlan-range MST ConfigurationMst vlan Mst instanceid priority priority no mst instanceid priority Mst priorityName Syntax Name name Syntax Revision number RevisionMax-hops Max-hopshop-number This example disables the spanning tree algorithm for port Spanning-tree spanning-disabledSyntax No spanning-tree spanning-disabled Default Setting Spanning-tree cost Spanning-tree port-priority Priority The priority for a port. Range 0-240, in steps Syntax No spanning-tree edge-port Default Setting Spanning-tree edge-port Spanning-tree link-type Syntax No spanning-tree portfast Default SettingSpanning-tree portfast Spanning-treeedge-port4-172 Spanning-tree mst cost Auto Spanning-tree mst port-priority Spanning-tree mst port-priority4-175 Show spanning-tree Port-channel channel-idRange Command ModeSpanning-tree protocol-migration Syntax Spanning-tree protocol-migration interface 177 Show spanning-tree mst configuration 57 Editing Vlan Groups Command Function Mode Vlan Commands56 VLANs Command Groups Function Editing Vlan Groups Vlan By default only Vlan 1 exists and is activeVlan Database Configuration Show vlan Interface vlan Configuring Vlan Interfaces58 Configuring Vlan Interfaces Command Function Mode Interface vlan All ports are in hybrid mode with the Pvid set to Vlan Switchport modeSwitchport acceptable-frame-types Switchport acceptable-frame-types4-182 Switchport ingress-filtering Syntax No switchport ingress-filtering Default Setting Switchport native vlan Switchport allowed vlan Displaying Vlan Information Switchport forbidden vlan59 Show Vlan Commands Function Mode Show vlan This command shows Vlan informationFollowing example shows how to display information for Vlan Shows all VLANs Configuring Private VLANs 60 Private Vlan Commands Vlan Configuration Private-vlan Private vlan association No private-vlan primary-vlan-idassociation Normal Vlan Switchport mode private-vlanSwitchport private-vlan host-association Secondary-vlan-id- ID of secondary VLAN. Range Switchport private-vlan isolated Isolated-vlan-id- ID of isolated VLAN. Range Syntax Show vlan private-vlan community isolated primary Switchport private-vlan mappingShow vlan private-vlan Syntax No bridge-ext gvrp Default Setting Gvrp and Bridge Extension Commands61 Gvrp and Bridge Extension Commands Function Mode Bridge-ext gvrp Show bridge-ext Switchport gvrpSyntax No switchport gvrp Default Setting This command shows if Gvrp is enabled Show gvrp configurationGarp timer Syntax Show gvrp configuration interface Shows all Garp timers Show garp timerSyntax Show garp timer interface 62 Priority Commands Command Groups Function Priority CommandsPriority Commands Layer 63 Priority Commands Layer Function Mode Syntax Queue mode strict wrr no queue mode Queue modeSwitchport priority default Queue bandwidth weight1...weight4 no queue bandwidth Queue bandwidth Queue cos-map Queue cos-mapqueueid cos1 ... cosn no queue cos-map Show queue bandwidth Show queue modeThis command shows the current queue mode Show queue cos-map4-203 Syntax Show queue cos-map interface This command shows the class of service priority mapShow queue cos-map Syntax No map ip port Default Setting Priority Commands Layer 365 Priority Commands Layer 3 Function Mode Following example shows how to map Http traffic to CoS value Syntax No map ip precedence Default Setting List below shows the default priority mapping 66 Mapping IP Precedence Values CoS Value Command Mode Syntax No map ip dscp Default Setting Map ip dscp dscp-value cos cos-value no map ip dscp 67 IP Dscp to CoS Vales IP Dscp Value CoS Value Use this command to show the IP port priority mapShow map ip port 10, 12, 14 18, 20, 22 26, 28, 30, 32, 34 38, 40 Syntax Show map ip precedence interface This command shows the IP precedence priority mapShow map ip precedence Syntax Show map ip dscp interface This command shows the IP Dscp priority mapShow map ip dscp 68 Multicast Filtering Commands Command Groups Function Multicast Filtering CommandsIgmp Snooping Commands 69 Igmp Snooping Commands Function Mode Ip igmp snooping Syntax No ip igmp snooping Default SettingFollowing example enables Igmp snooping Ip igmp snooping vlan static Ip igmp snooping immediate-leave Following configures the switch to use Igmp VersionIp igmp snooping version Igmp Version Show ip igmp snooping Show mac-address-table multicast 215 Syntax No ip igmp snooping querier Default Setting Igmp Query Commands Layer70 Igmp Query Commands Layer Function Mode Ip igmp snooping querier Times Following shows how to configure the query count toIp igmp snooping query-interval Ip igmp snooping query-max-response-time4-218 Ip igmp snooping router-port-expire-time Seconds The report delay advertised in Igmp queries. RangeIp igmp snooping query-max-response-time Ip igmp snooping vlan mrouter Static Multicast Routing Commands71 Static Multicast Routing Commands Function Mode Syntax No ip igmp snooping vlan vlan-idmrouter interface Syntax Show ip igmp snooping mrouter vlan vlan-id Displays multicast router ports for all configured VLANsShow ip igmp snooping mrouter Multicast router port types displayed include Static Syntax No ip igmp filter Default Setting Igmp Filtering and Throttling Commands72 Igmp Filtering and Throttling Commands Function Mode 223 Permit, deny Syntax Permit deny Default SettingIp igmp profile Syntax No ip igmp profile profile-number Syntax No ip igmp filter profile-number RangeNo range low-ip-address high-ip-address Ip igmp max-groups Syntax Ip igmp max-groups number No ip igmp max-groups Syntax Ip igmp max-groups action replace deny Ip igmp max-groups actionShow ip igmp filter Syntax Show ip igmp filter interface Syntax Show ip igmp profile profile-number Show ip igmp profileShow ip igmp throttle interface Syntax Show ip igmp throttle interface interface 229 Multicast Vlan Registration Commands73 Multicast Vlan Registration Commands Function Mode Multicast groups assigned to the MVR Vlan Command Line Interface Mvr Global Configuration No mvr group ip-address count vlan vlan-id Multicast Filtering Commands Mvr Interface Configuration Unit Stack unit. Range Port Port number. Range Show mvrSyntax Show mvr interface interface members ip-address Are satisfied Following shows the global MVR settings74 show mvr display description 75 show mvr interface display description 76 show mvr members display description Domain Name Service Commands77 DNS Commands Function Mode No ip host name address1 address2 … address8 Ip hostClear host Syntax Clear host name This example clears all static entries from the DNS table Ip domain-nameRemoves all entries Syntax Ip domain-name name no ip domain-name Ip domain-name4-234 Ip domain-listSyntax No ip domain-list name Server-address1- IP address of domain-name server Ip name-serverIp domain-lookup Ip domain-name4-234 ip domain-lookup4-236 Show hosts Ip domain-name4-234 ip name-server4-236 78 show dns cache display description Show dnsShow dns cache This command clears all entries in the DNS cache Clear dns cache Syntax No ip dhcp relay information option Default Setting Dhcp Commands79 Dhcp Commands Function Mode Ip dhcp relay information option Syntax Ip dhcp relay information policy drop keep replace Ip dhcp relay information policyIp dhcp relay server Ip dhcp relay server address1 address2 address3 Show ip dhcp-relay Usage Guidelines Ip address IP Interface Commands80 IP Interface Commands Function Mode Gateway IP address of the default gateway Ip default-gatewaySyntax Ip default-gateway gateway no ip default-gateway No static route is established Ip dhcp restart Show ip interface Show ip redirects Ip default-gateway4-244This command has no default for the host Ping 247 Syntax No cluster Default Setting Switch Cluster Commands81 Switch Cluster Commands Function Mode Cluster Cluster ip-pool Cluster commanderSyntax No cluster commander Default Setting Syntax Cluster ip-pool ip-addressno cluster ip-pool Member-id- The ID number of the Member switch. Range RcommandSyntax Rcommand id member-id Cluster member Show cluster This command shows the switch clustering configurationThis command shows the current switch cluster members Show cluster members Show cluster candidates Appendix a Software Specifications Software Features Standards Management FeaturesGroups 1, 2, 3, 9 Statistics, History, Alarm, Event Management Information Bases Software Specifications Table B-1 Troubleshooting Chart Symptom Action Using System Logs Class of Service CoS Access Control List ACLBoot Protocol Bootp Differentiated Services Code Point Service Dscp Generic Multicast Registration Protocol Gmrp Garp Vlan Registration Protocol GvrpGeneric Attribute Registration Protocol Garp Group Attribute Registration Protocol Garp Internet Group Management Protocol Igmp Igmp SnoopingIgmp Query In-Band Management Remote Authentication Dial-in User Service Radius Multicast SwitchingPort Authentication MD5 Message-Digest Algorithm Secure Shell SSH Remote Monitoring RmonRapid Spanning Tree Protocol Rstp Simple Network Management Protocol Snmp XModem User Datagram Protocol UDPVirtual LAN Vlan Index Numerics Gateway, default 3-14,4-245 Garp Vlan Registration Protocol See Index-3 Index-4 Page ES3526XA ES3552XA E122006-CS-R02D 149100005500H