Ip access extended, Ip access standard | Accton Technology ES4710BD

ES4710BD 10 Slots L2/L3/L4 Chassis Switch

Command: firewall default {permit deny}

Function: sets firewall default action.

Parameters: “permit” allows packets to pass through; “deny” blocks packets.

Command mode: Global Mode

Default: The default action is “permit”.

Usage Guide: This command affects incoming IP packets on the port only, other packets are allowed to pass through the switch.

Example: setting firewall default action to block packets. Switch(Config)#firewall default deny

12.2.2.5ip access extended

Command: ip access extended <name> no ip access extended <name>

Function: Creates a name-based extended IP access list; the “no ip access extended <name>” command delete the name-based extended IP access list

Parameters: <name> is the name for access list, the character string length is 1 – 8, a pure digit sequence is not allowed.

Command mode: Global Mode

Default: No IP address is configured by default.

Usage Guide: When this command is run for the first time, only an empty access list with no entry will be created.

Example: Creating an extensive IP access list named “tcpFlow”. Switch(Config)#ip access list extended tcpFlow

12.2.2.6ip access standard

Command: ip access standard <name> no ip access standard <name>

Function: Creates a name-based standard IP access list; the “no ip access standard <name>” command delete the name-based standard IP access list (including all entries).

Parameters: <name> is the name for access list, the character string length is 1 – 8.

Command mode: Global Mode

Default: No IP address is configured by default.

Usage Guide: When this command is run for the first time, only an empty access list with no entry will be created.

Example: Creating a standard IP access list named “ipFlow”. Switch(Config)#ip access list standard ipFlow

12.2.2.7ip access-group

273

Image 274

Accton Technology ES4710BD Ip access extended, Ip access standard, Ip access-group, Command firewall default permit deny

Contents

Slots L2/L3/L4 Chassis Switch User’s Guide ES4710BD Preface Content Chapter Hardware Installation Chapter Setup Configuration Main Module Front Panel Basic Switch Configuration Configuring Switch Ipaddresses Switch Upgrade Chapter Device Management Port Configuration MAC Table Configuration MAC Address Function Extension Chapter Vlan Configuration Mstp Configuration Mstp Example Chapter ACL Configuration Chapter Port Channel Configuration Chapter Dhcp Configuration Sntp Configuration Commands 15.4 IP Forwarding Route Table 18.2.4 Ospf 404 18.4.1 445 Chapter Multicast Protocol Configuration 19.5 501 802.1X Configuration Vrrp Configuration 21.4.10 Configure Authentication String For Vrrp 546 Product Overview Product BriefIntroduction Features „ Layer 3 Routing Protocols „ IEEE802.1x Access Authentication„ Layer 3 Forwarding „ QoS Main Features „ Management Protocols and Methods Technical specifications„ Protocols and Standards „ MIB Library Hardware Components Physical SpecificationsChassis Board Rack Ventilation and Cooling System Power SupplyIntroduction to ES4710BD cards 2.1 EM4710BD-AGENT Front Panel IndicatorPanel Symbol Status Description Front Panel Front Panel Console Port Property SpecificationFront Panel Management Port 2.2 EM4700BD-12GT-RJ45 Front Panel Reset ButtonPanel Status Description Symbol Front Panel Swap Button Front Panel Port Description Port Type Specification2.3 EM4700BD-12GX-SFP EM4700BD-12GX-SFP Front Panel view 2.4 EM4700BD-2XG-XENPAK Panel Status Description Indicator Symbol Xenpak 2.5 EM-7600-ES and EM-7600-ES-2GB SFP 3 EM4710BD-AC and EM-7608-DC Power module Front Panel 3.1 EM4710BD-AC Alternating Current Power Module3.2 EM-7608-DC Direct Current Power Module Power Distribution Box Fan Tray System BackplaneDust Gauze Rear Panel Side Panels System Features Flash Safety Warning Safety InformationHardware Installation Hot Line Work Safety Guidelines ES4710BD 10 Slots L2/L3/L4 Chassis Switch Temperature and Humidity Requirements Site Requirements Dust and Particles Preventing Electrostatic Discharge Damage Rack ConfigurationAnti-interference Requirements Power Supply Requirements Preparing for InstallationChecking Switch Hardware Configuration and Accessories Required Tools and Utilities Hardware InstallationItem No Part name Number Memo ES4710BD 10 Slots L2/L3/L4 Chassis Switch Installation Steps Switch Installation Desktop installationRack-mounting ES4710BD Switch grounding Wearing an ESD Wrist Strap Lightning protection grounding Card and module installationProper grounding Electromagnetic compliance grounding Removing and installing the Dust Gauze Removing and Installing the CardsRemoving and Installing the Fan Tray Removing and Installing Power Supply Modules Connecting to the console SFP transceiver installation Connecting to the Management PortXenpak transceiver installation Copper Cable/Fiber Cable Connection Power supply connectionConnection procedure for fibers are listed below Ethernet cable connection ES4710BD 10 Slots L2/L3/L4 Chassis Switch Setup Configuration Setup ConfigurationMain Setup Menu Setup Submenu Configuring switch hostname Configuring Vlan1 Interface Telnet Server Configuration 器的状 Configuring Web Server Configuring Snmp 配置 Traps 主机 IP 地址和 Exiting Setup Configuration Mode Out-of-band Management Switch ManagementManagement Options Device Name Description Type a name for opening HyperTerminal, such as Switch 5The HyperTerminal window appears SWITCH# In-band Management Management via Telnet Connect with Ethernet cable Switch#config SwitchConfig#telnet-user test password 0 test Telnet-user user password 07 password Managing the Switch through ECview Management Interface User Mode Configuration ModesCLI Interface Global Mode Admin ModeInterface Mode Route Mode Vlan ModeDhcp Address Pool Mode ACL Mode Extended Configuration SyntaxShortcut Key Support Cmdtxt variable enum1 … enumN option Input verification Returned Information errorHelp function Returned Information success Fuzzy match support Web Management Main Module Front Panel Config Basic Switch Configuration CommandsBasic Switch Configuration Enable Enable password Exec timeout Help ExitIp host Hostname Set defaultReload Language Maintenance and Debug CommandsSetup Write Telnet Introduction to Telnet Telnet Task Sequence PasswordIp-addr Monitor Telnet CommandsTelnet Telnet-server securityip Telnet-server enableTelnet-user Traceroute Related command ip hostCommand show clock Show Show flash Show debuggingShow history Command show running-config Show running-configCommand show memory Show memory Command show startup-config Show startup-configShow switchport interface Command show switchport interface ethernet interface-list Show tcp Show telnet loginShow udp Show version Show telnet userDebug Secondary Command deletes Configuring Switch IP AddressesConfiguring Switch IP Addresses Task Sequence No ip address ipaddress mask Ip bootp-client enable Commands for Configuring Switch IP Addresses Ip addressCommand ip bootp-client enable no ip bootp-client enable Ip dhcp-client enable Configuring SnmpIntroduction to Snmp Introduction to MIB Introduction to Rmon Configuring Snmp Snmp Configuration Task Sequence Snmp-server community Snmp Configuration CommandsRmon Host-addr Snmp-server enable Snmp-server enable traps Snmp-server host Typical Snmp Configuration ExamplesCommand snmp-server host host-addr community-string Snmp-server securityip Command show snmp Snmp Troubleshooting Help Monitor and Debug CommandsShow snmp Total number of Snmp packet inputs Show snmp status Command show snmp statusSystem name Command debug snmp packet no debug snmp packet Switch UpgradeSnmp Troubleshooting Help Debug snmp packet BootROM Upgrade Step 192.168.1.66 2 FTP/TFTP Upgrade Introduction to FTP/TFTP Other commands in BootROM mode 124 2.2 FTP/TFTP Configuration 2.2.1 FTP/TFTP Configuration Task Sequence Copy source-url destination-url ascii Dir ftpServerUrl Number 2.2.2 FTP/TFTP Configuration Commands Copy（FTP）Command copy source-urldestination-urlascii binary Interval 2.2.4 dir Related command writeCommand dir ftp-server-url Ftp server ip address Related command ip ftp Ftp-server enableFtp-server timeout Command ftp-server timeout seconds Ip ftp Copy（TFTP） Tftp-server enable Related command tftp-server timeout Command tftp-server retransmission-number number 2.3 FTP/TFTP Configuration ExamplesTftp-server transmission-timeout Command tftp-server transmission-timeout seconds 133 134 135 FTP Configuration 2.4 FTP/TFTP Troubleshooting HelpMonitor and Debug Commands Show ftp Command show ftp Show tftp Command show tftp FTP Troubleshooting Help Tftp Troubleshooting Help Switch basic configuration Basicconfig Snmp configuration Configure exec timeoutSnmp manager configuration Trap manager configuration Configure IP address of Snmp manager Rmon and trap configuration Snmp statistics Tftp client configuration Switch upgradeTftp server configuration FTP client configuration FTP server configuration Maintenance and debug command Debug command Show vlan port property Basic introduction to switch Others Switch Maintenance Switch on-off informationWeb server user configuration Reboot Exit current web configurationSave current running-config Reboot with the default configuration Telnet security IP Device Management Device Management ConfigurationDevice Management Brief Show slot Command show power Show fan Command show fanShow power Parameters N/A Card Hot-Remove Card Hot-Swap OperationCard Hot-Insertion Debug devsm Configuration Recover Rules Active-Standby Alternation Reset specific module Show slot Show fan Show powerShow module in slot Port Configuration Introduction to Port Name string Port ConfigurationNames or cancels the name of specified ports No name Ethernet Port Configuration Commands Bandwidth Combo-forced-mode Command flow control no flow control Flow control Loopback Interface ethernet1.2.6 mdi Name Command name string no nameCommand negotiation onoff Negotiation Rate-suppression Command shutdown no shutdownShutdown Enter Vlan Mode Speed-duplex Interface vlan Vlan Interface Configuration CommandsVlan-id command Ip address Enter the network management port configuration mode Network Management Port Configuration Commands Duplex Command interface ethernet interface-name Command speed auto force10 force100 Port Mirroring Configuration Introduction to Port MirroringSpeed Port Mirroring Configuration Port Mirroring Configuration Task SequenceMonitor session source interface Port Mirroring Examples Device Mirroring Troubleshooting HelpMonitor and Debug Commands Show monitor Monitor session destination interface Port Configuration Example Device Mirroring Troubleshooting Help Monitor and Debug Commands Clear counters Port Troubleshooting HelpPort-channel-number interface-name Port Troubleshooting Help Show interface Physical port configuration Ethernet port configurationBandwidth control Vlan interface configuration Allocate IP address for L3 port 2.2 L3 port IP addr mode configuration Mirror configuration Port debug and maintenance Show port information MAC Table Configuration Introduction to MAC Table Obtaining MAC Table PC1 PC2 PC3 PC4 Forward or Filter Mac-address-table static MAC Table ConfigurationMac-address-table aging-time Interface-name Typical Configuration Examples Mac-address-table blackhole Troubleshooting Help Command show mac-address-table aging-time Show mac-address-table static Troubleshooting HelpShow mac-address-table blackhole Enable MAC address binding function for the ports MAC Address Binding ConfigurationMAC Address Binding Configuration Task Sequence MAC Address Function Extension Command deletes static secure MAC address Switchport port-security mac-addressNo switchport port-security Mac-address Mac-address Switchport port-security lock Switchport port-security convertCommand switchport port-security convert Switchport port-security timeout Switchport port-security mac-address Switchport port-security maximum Clear port-security dynamic Switchport port-security violation Mac Address Binding Troubleshooting HelpCommand show port-security Command show port-security interface interface-id Show port-security interface Command show port-security address interface interface-id Show port-security address Unicast address configuration Mac address table configurationMAC Address Binding Troubleshooting Help Delete unicast address MAC address query Show MAC address table Lock port Enable port MAC-BindingEnable port MAC-Binding Lock port Binding MAC Enable port security timeoutClearing port MAC Maximum port security IP number configuration MAC binding attribution configurationPort violation mode MAC binding debug Show MAC binding security address Vlan Configuration Introduction to Vlan Vlan vlan-id Vlan ConfigurationVlan Configuration Task Sequence Name vlan-name Vlan Configuration Commands Command mode Vlan Mode Switchport access vlanCommand name vlan-nameno name Name Switchport trunk allowed vlan Switchport interfaceSwitchport mode Command switchport mode trunkaccess Vlan ingress disable Switchport trunk native vlanCommand vlan ingress disable no vlan ingress disable Configuration Configuration description Typical Vlan Application Switch a Switch B Gvrp Configuration Gvrp Configuration Task Sequence Gvrp Commands Garp timer join Garp timer leave Command garp timer hold timer-valueno garp timer hold Garp timer holdGarp timer leaveall Command gvrp no gvrp Typical Gvrp Application Global Gvrp Command show vlan brief summary id vlan-id name vlan-name Vlan Troubleshooting HelpMonitor and Debug Information Show vlan Show gvrp Show garpDebug gvrp Create/remove Vlan Vlan Troubleshooting HelpVID allocation Allocate port for Vlan VID attribution configurationAllocate port for Vlan Port type configuration Set port modetrunk/access Trunk port configuration Vlan setting for trunk port Vlan setting for access port Enable/Disable Vlan ingress ruleSet allow Vlan Enable port Gvrp Gvrp configurationEnable global Gvrp Disable Vlan ingress rule Vlan debug and maintenance Mstp Configuration Introduction to Mstp Mstp field MST field operation MST inter-field operation Port role Mstp Configuration Mstp configuration task sequence No instance instance-id vlan vlan-list Creates a Instance and configuresInstance instance-id vlan vlan-list Mapping between a Vlan and Instance Command abort Introduction to Mstp configuration commands AbortInstance vlan Command name name no name Revision-level Spanning-tree forward-time Command spanning-tree no spanning-treeSpanning-tree Spanning-tree hello-time Spanning-tree link-type p2p Spanning-tree maxage Spanning-tree max-hop Command spanning-tree mcheckSpanning-tree mcheck Spanning-tree mode Spanning-tree mst configuration Spanning-tree mst cost Spanning-tree mst port-priority Spanning-tree mst priority Command spanning-tree portfast no spanning-tree portfastSpanning-tree portfast Mstp Example SW4 Configurations adjustment Switch SW2 Switch SW3 Switch SW4 Instance0 topology after Mstp change Mstp Troubleshooting Help Monitor and Debug Command Show spanning-tree FWD Mstr Root Id Bridge informationInstance Information Ext.RootPathCost Command show mst-pending Show mst configurationCommand show spanning-tree mst config Show mst-pending Command debug spanning-tree no debug spanning-tree Mstp Troubleshooting HelpDebug spanning-tree Field operation Instance configurationMstp field operation Revision level control Port route cost setting Edge port settingPort priority setting Mstp mode Mstp global control Set the max age time for Bpdu information in the switch Set switch to spanning tree mode Show Mstp setting Instance information Mstp field information Igmp Snooping Configuration Task Igmp Snooping ConfigurationIgmp Snooping Configuration Introduction to Igmp Snooping Igmp Snooping Configuration Command Ip igmp snooping Ip igmp snooping vlan Ip igmp snooping vlan mrouter Ip igmp snooping vlan query Ip igmp snooping vlan staticIp igmp snooping vlan immediate-leave No ip igmp snooping vlan vlan-idstatic multicast-ip-addr Ip igmp snooping vlan query interval Ip igmp snooping vlan query robustnessIp igmp snooping vlan query max-response-time Configuration steps are listed below Igmp Snooping Example Igmp Snooping listening result Multicast ConfigurationScenario 2. Igmp Query Monitor and Debug Commands Show ip igmp snooping Igmp Snooping Troubleshooting HelpCommand show ip igmp snooping vlan vlan-id 259 260 Show mac-address-table multicast Command show mac-address-table multicast vlan vlan-idCommand debug ip igmp snooping no debug ip igmp snooping Debug igmp snooping Igmp Snooping Troubleshooting Help Turning on the Igmp snooping function Snooping configuration Query configurationConfiguration display Igmp snooping static multicast configuration Igmp snooping display 265 Access-group ACL ConfigurationAccess list Access list Action and Global Default Action ACL configuration ACL Configuration Task Sequence DIpAddr DMask SMaskSIpAddr DIpAddr Icmp-type DIpAddr Icmp-type Icmp-code Tos Host-source sIpAddr dIpAddr dMask ACL Configuration Commands Access-listextended Port the no ip access-group name Command firewall enable disable Access liststandardFirewall default Firewall Ip access-group Ip access extendedIp access standard Command firewall default permit deny Permit denyextended Permit denystandard ACL ExampleScenario Configuration result ACL Troubleshooting HelpACL Debug and Monitor Commands Show access lists Command show access lists numacl-name Command show firewall Show access-groupCommand show access-group interface name Parameters N/A Default N/A ACL Troubleshooting Help Command mode Admin Mode Usage Guide Example Configure the numeric extended ACL Numeric standard ACL configurationDelete numeric IP ACL 280 281 Configure extended ACL name configuration Firewall configuration ACL port binding Port Channel Configuration Introduction to Port Channel Port Channel Configuration Port Channel Configuration Task Sequence Their mode Port Channel Configuration Commands Port-groupPort-group mode No port-groupport-group-number Command mode Global Mode Default Command port-group port-group-numbermode activepassiveonCommand interface port-channel port-channel-number Interface port-channel Scenario 1 Configuring Port Channel in Lacp Port Channel Example Switch2 Config-If-Port-Channel2# Port Channel Troubleshooting Help Monitor and Debug Commands Show port-group 291 Machine state and port state of the port are as follows 293 Command debug lacp no debug lacp Debug lacp Port Channel Troubleshooting Help Lacp port group configuration Lacp port configuration Display port member Dhcp Configuration Introduction to Dhcp Dhcp Sever Configuration Task Sequence Dhcp Server ConfigurationNetwork-number Option code ascii string hex hex Bootfile filenameMber｝ High-address Client-identifier Dhcp Server Configuration Commands BootfileClient-identifierunique-identifier Command dns-serveraddress1address2…address8 Default-routerCommand default-routeraddress1address2…address8 Client-name Hardware-address Command host address mask prefix-lengthDomain-name Host Ip dhcp conflict logging Related command hardware-address, client-identifierRelated command clear ip dhcp conflict Ip dhcp excluded-address Ip dhcp pool Command ip dhcp pool name no ip dhcp pool nameCommand loghost dhcp ip-address port no loghost dhcp Loghost dhcp Netbios-node-type Netbios-name-serverCommand lease days hoursminutes infinite no lease Network-address Command network-addressnetwork-number mask prefix-lengthCommand next-serveraddress1address2…address8 Next-server Service dhcp Dhcp Relay ConfigurationCommand service dhcp no service dhcp Dhcp Relay Configuration Task Sequence Enable Dhcp relay Ip helper-address Dhcp Relay Configuration Command Ip forward-protocol udpDrop Information policy drop command allows Ip dhcp relay information policy drop Dhcp Configuration Example Ip dhcp relay information policy drop 311 312 Monitor and Debug Commands Clear ip dhcp binding Dhcp Troubleshooting HelpClear ip dhcp conflict Clear ip dhcp server statistics Command clear ip dhcp server statisticsRelated command show ip dhcp server statistics Show ip dhcp binding Show ip dhcp conflict Command show ip dhcp conflictCommand show ip dhcp server statistics Show ip dhcp server statistics Debug ip dhcp server Dhcpforward Enable Dhcp Dhcp Troubleshooting HelpDhcp server configuration Web management Address pool configuration Client’s default gateway configuration Client dns server configuration Client wins server configuration Dhcp file server address configuration Dhcp network parameter configuration Manual address pool configuration Excluded address configuration Dhcp relay configuration Dhcp packet statistics Dhcp debugging Delete binding log Show IP-Mac binding Delete conflict logDelete Dhcp server statistics log Show conflict-logging Sntp Configuration Sntp server Sntp Configuration CommandsCommand sntp timezone name add subtract timedifference Sntp polltime Typical Sntp Configuration Examples SNMP/NTP server configuration Sntp Troubleshooting HelpMonitor and Debug Commands Show sntp Debug sntp Time difference Request interval configurationShow Snmp Introduction to QoS QoS ConfigurationQoS Terms QoS Implementation Basic QoS Model Ingress actions Star Finish Start QoS Configuration QoS Configuration Task Sequence Dscp-list Class-mapclass-map-nameNo class-mapclass-map-name Ip-precedence-list vlan vlan-list Policy-mappolicy-map-name No class class-map-name commandAggregate-policer-name command No policy-mappolicy-map-name Policy-map-name Weight3 weight4 weight5 weight6 weight7Weight8 Policy-map-name Policy-map-name output Match QoS Configuration Commands Mls qosClass-map Qos map cos-dscp dscp-cos Policy-map Command policy-map policy-map-nameCommand class class-map-nameno class class-map-name Class 16.2.2.6 set Police Mls qos aggregate-policer No mls qos aggregate-policer aggregate-policer-name Mls qos trust Default No trust Command mode Interface ModePolice aggregate Parameters aggregate-policer-name is the policy set name Command mode Interface Mode Usage Guide Service-policyCommand mls qos cos default-cos no mls qos cos Mls qos cos Wrr-queue bandwidth Command priority-queue out no priority-queue outMls qos dscp-mutation Priority-queue out Mls qos map Default CoS-to-Egress-Queue Map when QoS is EnabledWrr-queue cos-map Parameters QoS Example SWITCH#CONFIG Scenario QoS domain Command show mls-qos QoS Troubleshooting HelpQoS Debug and Monitor Commands Show mls-qos Parameters N/A Default N/A Command mode Admin Mode Show mls qos interface WFQ Show mls qos maps Show class-map Command show class-map class-map-nameCommand show policy-map policy-map-name Show policy-map QoS Troubleshooting Help Enable QoS Class-map configuration 16.5.2.1 Add/Remove class-Map Policy-map priority configuration 16.5.3.1 Add/Remove policy-map Policy-map bandwidth configuration 16.5.3.4 Add/Remove aggregate policy Apply aggregate policy Port trust mode configuration Apply QoS to port Apply policy-map to port Port default CoS configurationApply Dscp mutation mapping Egress-queue configuration Egress-queue WRR weight configuration Egress-queue Work mode configuration Mapping CoS values to egress queue QoS mapping configuration CoS-to-DSCP mapping DSCP-to-CoS mapping Dscp mutation mapping IP-precedence-to-DSCP mapping Dscp mark down mapping Introduction to Layer 3 Interface L3 Forward ConfigurationLayer 3 Interface Create Layer 3 Interface IP Forwarding Layer 3 Interface Configuration CommandsCommand interface vlan vlan-idno interface vlan vlan-id Introduction to IP Forwarding Ip fib optimize IP Route Aggregation Configuration CommandShow ip traffic Fragmented, 0 couldnt fragment, 0 fragment sent Introduction to ARP 17.3 ARPDebug ip packet 17.3.2.2.1 Arp ARP configuration ARP Configuration Task SequenceARP Forwarding Configuration Commands Ipaddress Macaddress Ip proxy-arp Command ip proxy-arp no ip proxy-arpShow arp Debug arp Command debug arp no debug arpClear arp-cache Example： IP route aggregation configuration ARP Troubleshooting Help17.4.1 L3 port configuration ARP configuration Clear ARP Configure static ARPProxy ARP configuration Show ARP Routing Protocol Configuration Route Table Static Route Introduction to Static Route Static Route Configuration Commands Introduction to Default RouteIp route Show ip route Configuration Scenario Troubleshooting Help Monitor and Debug Commands 18.3 RIP Introduction to RIP 385 Configure RIP protocol parameters RIP Configuration RIP Configuration Task SequenceEnable RIP No router rip Value Name-of-chain Update InvalidHolddown No ip rip input RIP Configuration CommandsDisable RIP No ip rip output Ip rip authentication key-chain Default-metricAuto-summary Related command ip rip authentication key-chain Ip rip authentication modeRelated command ip rip authentication Command ip rip metricin value no ip rip metricin Ip rip output Ip rip metricoutIp rip input Ip rip receive version Ip rip work Ip rip send versionIp split-horizon Redistribute Command rip broadcast no rip broadcastCommand rip checkzero no rip checkzero Rip broadcast Rip preference Timer basicCommand timer basic update invalid holddown Router rip Version Command version 1 2 no versionCommand show ip protocols Show ip protocols Vlan4 Command show ip ripShow ip rip V12 Command debug ip rip packet no debug ip rip packet Debug ip rip packet Debug ip rip recv Command debug ip rip recv no debug ip rip recvCommand debug ip rip send no debug ip rip send Debug ip rip send Typical RIP Scenario Vl an2 401 No debug ip rip packet RIP Troubleshooting HelpShow ip rip No debug ip rip recv Total route items is 2, the matched route items is （2）show ip route（3）show ip protocols Ospf RIP TroubleshootingIntroduction to Ospf 405 406 Ospf Configuration Configuration Task Sequence Authkey Router id routeridScope the no network network mask area Keyid Metric costvalue Ospf Configuration Commands Routerid Default redistribute cost Default redistribute limit Default redistribute intervalDefault redistribute tag Command ip ospf cost cost no ip ospf cost Default redistribute typeIp ospf authentication Ip ospf cost Command ip ospf enable area areaid no ip ospf enable area Ospf enable areaCommand ip ospf dead-interval time no ip ospf dead-interval Ip ospf dead-interval Ip ospf passive-interface Related command ip ospf dead-intervalCommand ip ospf priority priority no ip ospf priority Ip ospf priority Network Ip ospf transmit-delayIp ospf retransmit-interval No network network mask area areaid Redistribute ospfase Command preference ase preference no preference asePreference No redistribute ospfase bgp connected static rip Router id Command router id routerid no router idCommand router ospf no router ospf Router ospf Virtuallink neighborid Command stub cost cost area areaid no stub area areaidStub cost Show ip ospf Command show ip ospf ase Command show ip ospfShow ip ospf ase Command show ip ospf cumulative Show ip ospf cumulative Show ip ospf database Lsrtr 3 Lsnet 3 Lssumnet Lssumasb Lsase RouteTag Command show ip ospf interface interface Show ip ospf interface Command show ip ospf neighbor Show ip ospf neighbor Show ip ospf routing Command show ip ospf routingCommand show ip ospf virtual-links Show ip ospf virtual-links Switch#show ip ospf virtual-links no virtual-link Debug ip ospf lsa Debug ip ospf eventDebug ip ospf packet Typical Ospf Scenario Command debug ip ospf spf no debug ip ospf spfDebug ip ospf spf 430 431 Typical complex Ospf autonomous system 433 434 435 Ospf Troubleshooting Help Monitor and Debugging Commands （1）show ip ospf Example （3）show ip ospf ase （4）show ip ospf cumulative （5）show ip ospf database Cost Checksum Router ID 11.11.2.1 （6）show ip ospf interface （7）show ip ospf neighbor （9）show ip ospf virtual-links （8）show ip ospf routing（10）show ip protocols Ase perference=150 RIP configuration Static route configurationStatic route Enable port to receive/transmit RIP packet RIP configuration Enable RIPRIP parameter configuration Enable imported route Metricin/out configuration RIP imported route Global RIP configuration Enable/Disable Ospf protocol Set RIP timerEnable Ospf protocol Ospf Router-ID configuration Ospf network range configuration Ospf TX-parameter configuration Configure Ospf area for portConfigure Ospf authentication parameter configuration Passive interface configuration Sending packet cost configuration Imported route parameter configuration Ospf imported route parameter configurationImport external routing information Ospf priority configuration Other parameter configurationOspf Stub area and default route cost configuration Port DR priority configuration Ospf virtual link configurationOspf debug Display routing table Introduction to Multicast Multicast protocol ConfigurationMulticast Protocol Overview Multicast Address IP Multicast Packets Forwarding Application of Multicast Common Multicast ConfigurationsCommon Multicast Configuration Commands Show ip mroute Incoming interfaces PIM-DM Introduction to PIM-DM Ip pim dense-mode PIM-DM Configuration PIM-DM Configuration Task SequencePIM-DM Configuration Commands Interval Ip pim query-interval Typical PIM-DM Scenario PIM-DM Troubleshooting Help Command show ip pim mroute dm Show ip pim mroute dm Show ip pim neighbor Command show ip pim neighbor ifnameCommand show ip pim interface ifname Show ip pim interface Parameters N/A Default Disabled Command mode Admin Mode Command debug ip pimDebug ip pim PIM-SM Introduction to PIM-SM PIM-SM Configuration PIM-SM Configuration Task Sequence Ip pim sparse-mode PIM-SM Configuration CommandsHashlength Priority Ip pim bsr-border Command ip pim sparse-mode no ip pim sparse-modeCommand ip pim bsr-border no ip pim bsr-border Ip pim query-interval Ip pim bsr-candidate Ip pim rp-candidate Typical PIM-SM Scenario Command show ip pim bsr-router PIM-SM Troubleshooting Help Monitor and Debug CommandsShow ip pim bsr-router Show ip pim interface Show ip pim mroute sm Command show ip pim mroute smShow ip pim neighbor Show ip pim rp Command show ip pim rp mapping group-addressDebug ip pim Command debug ip pim bsr PIM-SM TroubleshootingDebug ip pim bsr Dvmrp Introduction to Dvmrp Dvmrp configuration Configuration Task Sequence Enable Dvmrp C.D Dvmrp Configuration Commands Metricval Ip dvmrp cisco-compatible Ip dvmrp enableCommand ip dvmrp enable no ip dvmrp enable Ip dvmrp graft-interval Command ip dvmrp metric metricval no ip dvmrp metric Ip dvmrp nbr-timeoutIp dvmrp metric Ip dvmrp probe-interval Ip dvmrp route-timeoutIp dvmrp report-interval Typical Dvmrp Scenario Ip dvmrp tunnel Command show ip dvmrp mroute Dvmrp Troubleshooting HelpShow ip dvmrp mroute Show ip dvmrp neighbor Command show ip dvmrp neighbor ifnameCommand show ip dvmrp route Show ip dvmrp route Command show ip dvmrp tunnel ifname Show ip dvmrp tunnel Debug ip dvmrp detail Command debug ip dvmrp detailCommand debug ip dvmrp pruning no debug ip dvmrp pruning Debug ip dvmrp pruning Igmp Dvmrp TroubleshootingIntroduction to Igmp Igmp configuration Configuration Task Sequence Interface the no ip igmp access-group Enable IgmpIp dvmrp enable ip pim dense-mode Aclname No ip igmp query-interval Igmp Configuration CommandsIgmp query interval Timeval Ip igmp static-group command Ip igmp access-groupIp igmp join-group Ip igmp query-interval Ip igmp query-timeoutIp igmp query-max-response-time Ip igmp static-group Command ip igmp version version no ip igmp versionTypical Igmp Scenario Ip igmp version Command show ip igmp groups ifname groupaddr Igmp Troubleshooting HelpShow ip igmp groups Show ip igmp interface Command show ip igmp interface ifnameCommand debug ip igmp event Debug ip igmp event Command debug ip igmp packet Igmp TroubleshootingDebug ip igmp packet PIM-DM configuration Enable PIM-DM Multicast public monitor commandPIM-DM parameter configuration PIM-SM parameter configuration PIM-SM configuration Enable PIM-SMSet interface as PIM-SM BSR border Set router as BSR candidate Dvmrp configuration Enable DvmrpSet router as RP candidate Dvmrp parameter configuration Cisco-compatible configurationDvmrp global parameter configuration Dvmrp tunnel configuration Igmp configuration Igmp additive parameter configuration Igmp version configuration Multicast monitor configuration Show ip pim interface Show ip pim rp Show ip pim bsr-routerShow ip pim mroute sm Show ip dvmrp mroute 802.1x Configuration Introduction to 20.2.1 802.1x Configuration Task Sequence 20.2 802.1x ConfigurationEnable 802.1x function of the switch Aaa-accounting enable Aaa enableNo aaa enable No aaa-accounting enable Seconds Interface interface-name Host IPaddress 20.2.2 802.1x Configuration Commands Aaa enableHost IPaddress port Minutes Command mode Global Mode Default N/A Aaa-accounting enableCommand aaa-accounting enable no aaa-accounting enable 20.2.2.3 dot1x accept-mac 20.2.2.6 dot1x privateclient enable 20.2.2.4 dot1x eapor enable20.2.2.5 dot1x enable Command dot1x eapor enable no dot1x eapor enable Command dot1x max-req count no dot1x max-req 20.2.2.7 dot1x macfilter enableCommand dot1x macfilter enable no dot1x macfilter enable 20.2.2.8 dot1x max-req 20.2.2.10 dot1x port-control 20.2.2.12 dot1x re-authenticateCommand dot1x re-authenticate interface interface-name 20.2.2.11 dot1x port-method 20.2.2.15 dot1x timeout re-authperiod 20.2.2.13 dot1x re-authentication20.2.2.14 dot1x timeout quiet-period Command dot1x re-authentication no dot1x re-authentication 20.2.2.16 dot1x timeout tx-period Radius-server accounting host Radius-server authentication host Radius-server dead-time Radius-server key Radius-server timeoutRadius-server retransmit 20.3 802.1x Application Example Radi us Ser v er 10 2o.4.1 802.1x Debug and Monitor Commands Show aaa config 20.4 802.1x TroubleshootingCommand show aaa config Show aaa authenticated-user Command show aaa authenticated-user Command show radius authencated-userauthencating-user count Show aaa authenticating-userCommand show aaa authenticating-user Show radius count Command show dot1x interface interface-list Show dot1x Command mode Admin Mode Parameters N/A Command debug aaa no debug aaaDebug aaa Command debug dot1x no debug dot1x 20.4.2 802.1x TroubleshootingDebug dot1x Radius client configuration Radius global configuration Radius authentication configuration 20.5.2 802.1X configuration Radius accounting configuration20.5.2.1 802.1X configuration 20.5.2.2 802.1X port authentication configuration 20.5.2.3 802.1X port mac configuration 20.5.2.4 802.1X port status list 533 Vrrp Configuration Introduction to Vrrp 535 Vrrp Configuration Commands Router vrrp Virtual-ip Commands enable Commands virtual-ip A.B.C.D master backup no virtual-ipCommands interfaceIFNAME Vlan ID no interface Interface Vrrp authentication string DisableVrrp authentication mode Commands disable Preempt Commands preempt-modetrue falseCommands priority value no priority Priority Advertisement-interval Circuit-failover Vrrp Troubleshooting Help Typical Vrrp Scenario Command mode All Modes Example Monitor and Debug Commands Show vrrpCommands show vrrp vrid Debug vrrp Vrrp Troubleshooting Help Create Vrrp Number Configure Preemptive Mode For Vrrp Configure Vrrp Dummy IPConfigure Vrrp Port Activate Virtual Router Configure Vrrp Interface Monitor Configure Vrrp priorityConfigure Vrrp Timer interval Configure Authentication Mode For Vrrp Configure Authentication String For Vrrp