Manuals / Accton Technology / Computer Equipment / Switch

Accton Technology ES4710BD manual Show access-group, Show firewall, Command show firewall

Models: ES4710BD

1 547

Page 278

ES4710BD 10 Slots L2/L3/L4 Chassis Switch

Displayed information	Explanation
access list 10(used 0 time(s))	Numbered ACL10, reference time: 1
access list 10 deny any-source	Denies all IP packets passage
access list 100(used 1 time(s))	Numbered ACL100, reference time: 1.
access list 100 deny ip any-source	Denies IP packets of any source addresses and
any-destination	destination addresses.
access list 100 deny tcp any-source	Denies TCP packets of any source IP addresses and
any-destination	destination IP addresses.

12.4.1.2show access-group

Command: show access-group [interface <name>]

Function: Displays ACL binding information for the port.

Parameters: <name> is the port name.

Default: N/A.

Command mode: Admin Mode

Usage Guide: If no port is specified, then ACL bound in all ports will be displayed.

Example:

Switch#show access-group interface name:Ethernet1/2

Ingress access-list used is 111. interface name:Ethernet1/1

Ingress access-list used is 10.

Displayed information	Explanation
interface name:Ethernet1/2	Binding information of Ethernet port 1/2.
Ingress access list used is 111.	Numbered extended ACL 111 bound to the incoming
	direction of Ethernet port 1/2.
interface name:Ethernet1/1	Binding information of Ethernet port 1/1.
Ingress access list used is 10.	Numbered standard ACL 10 bound to the incoming
	direction of Ethernet port 1/1.

12.4.1.3 show firewall

Command: show firewall

Function: Displays packet filtering configuration information.

Parameters: N/A.

Default: N/A.

277

Page 278

Image 278

Accton Technology ES4710BD manual Show access-group, Show firewall, Command show access-group interface name

Contents

Slots L2/L3/L4 Chassis Switch User’s Guide ES4710BDPreface Content Chapter Hardware Installation Chapter Setup Configuration Main Module Front Panel Basic Switch Configuration Configuring Switch Ipaddresses Switch Upgrade Chapter Device Management Port Configuration MAC Table Configuration MAC Address Function Extension Chapter Vlan Configuration Mstp Configuration Mstp Example Chapter ACL Configuration Chapter Port Channel Configuration Chapter Dhcp Configuration Sntp Configuration Commands 15.4 IP Forwarding Route Table 18.2.4 Ospf 404 18.4.1 445 Chapter Multicast Protocol Configuration 19.5 501 802.1X Configuration Vrrp Configuration 21.4.10 Configure Authentication String For Vrrp 546 Introduction Product BriefProduct Overview Features „ Layer 3 Routing Protocols „ IEEE802.1x Access Authentication„ Layer 3 Forwarding „ QoSMain Features „ Management Protocols and Methods Technical specifications„ Protocols and Standards „ MIB LibraryChassis Physical SpecificationsHardware Components Board Rack Introduction to ES4710BD cards Power SupplyVentilation and Cooling System 2.1 EM4710BD-AGENT Front Panel IndicatorPanel Symbol Status Description Front PanelFront Panel Management Port Property SpecificationFront Panel Console Port 2.2 EM4700BD-12GT-RJ45 Front Panel Reset ButtonPanel Status Description Symbol Front Panel Swap Button2.3 EM4700BD-12GX-SFP Port Type SpecificationFront Panel Port Description EM4700BD-12GX-SFP Front Panel view 2.4 EM4700BD-2XG-XENPAK Panel Status Description Indicator Symbol Xenpak2.5 EM-7600-ES and EM-7600-ES-2GB SFP 3 EM4710BD-AC and EM-7608-DC Power module Front Panel 3.1 EM4710BD-AC Alternating Current Power Module3.2 EM-7608-DC Direct Current Power Module Power Distribution BoxDust Gauze System BackplaneFan Tray Rear Panel Side PanelsSystem Features FlashSafety Warning Safety InformationHardware Installation Hot Line Work Safety GuidelinesES4710BD 10 Slots L2/L3/L4 Chassis Switch Temperature and Humidity Requirements Site RequirementsDust and Particles Anti-interference Requirements Rack ConfigurationPreventing Electrostatic Discharge Damage Checking Switch Hardware Configuration and Accessories Preparing for InstallationPower Supply Requirements Item No Part name Number Memo Hardware InstallationRequired Tools and Utilities ES4710BD 10 Slots L2/L3/L4 Chassis Switch Rack-mounting ES4710BD Switch Installation Desktop installationInstallation Steps Switch grounding Wearing an ESD Wrist StrapLightning protection grounding Card and module installationProper grounding Electromagnetic compliance groundingRemoving and Installing the Fan Tray Removing and Installing the CardsRemoving and installing the Dust Gauze Removing and Installing Power Supply Modules Connecting to the console Xenpak transceiver installation Connecting to the Management PortSFP transceiver installation Copper Cable/Fiber Cable Connection Power supply connectionConnection procedure for fibers are listed below Ethernet cable connectionES4710BD 10 Slots L2/L3/L4 Chassis Switch Main Setup Menu Setup ConfigurationSetup Configuration Setup Submenu Configuring switch hostname Configuring Vlan1 InterfaceTelnet Server Configuration 器的状 Configuring Web Server Configuring Snmp 配置 Traps 主机 IP 地址和 Exiting Setup Configuration Mode Out-of-band Management Switch ManagementManagement Options Device Name DescriptionType a name for opening HyperTerminal, such as Switch 5The HyperTerminal window appears SWITCH# In-band Management Management via TelnetConnect with Ethernet cable Switch#config SwitchConfig#telnet-user test password 0 test Telnet-user user password 07 passwordManaging the Switch through ECview Management InterfaceCLI Interface Configuration ModesUser Mode Interface Mode Admin ModeGlobal Mode Route Mode Vlan ModeDhcp Address Pool Mode ACL ModeExtended Configuration SyntaxShortcut Key Support Cmdtxt variable enum1 … enumN optionInput verification Returned Information errorHelp function Returned Information successFuzzy match support Web Management MainModule Front Panel Config Basic Switch Configuration CommandsBasic Switch Configuration EnableEnable password Exec timeoutIp host ExitHelp Reload Set defaultHostname Language Maintenance and Debug CommandsSetup WriteTelnet Introduction to Telnet Ip-addr PasswordTelnet Task Sequence Telnet Telnet CommandsMonitor Telnet-user Telnet-server enableTelnet-server securityip Traceroute Related command ip hostCommand show clock ShowShow history Show debuggingShow flash Command show running-config Show running-configCommand show memory Show memoryCommand show startup-config Show startup-configShow switchport interface Command show switchport interface ethernet interface-listShow udp Show telnet loginShow tcp Debug Show telnet userShow version Secondary Command deletes Configuring Switch IP AddressesConfiguring Switch IP Addresses Task Sequence No ip address ipaddress maskCommand ip bootp-client enable no ip bootp-client enable Commands for Configuring Switch IP Addresses Ip addressIp bootp-client enable Introduction to Snmp Configuring SnmpIp dhcp-client enable Introduction to MIB Introduction to Rmon Configuring Snmp Snmp Configuration Task Sequence Snmp-server community Snmp Configuration CommandsRmon Host-addrSnmp-server enable Snmp-server enable trapsSnmp-server host Typical Snmp Configuration ExamplesCommand snmp-server host host-addr community-string Snmp-server securityipShow snmp Snmp Troubleshooting Help Monitor and Debug CommandsCommand show snmp Total number of Snmp packet inputs System name Command show snmp statusShow snmp status Command debug snmp packet no debug snmp packet Switch UpgradeSnmp Troubleshooting Help Debug snmp packetBootROM Upgrade Step192.168.1.66 2 FTP/TFTP Upgrade Introduction to FTP/TFTP Other commands in BootROM mode124 2.2 FTP/TFTP Configuration 2.2.1 FTP/TFTP Configuration Task SequenceCopy source-url destination-url ascii Dir ftpServerUrlNumber 2.2.2 FTP/TFTP Configuration Commands Copy（FTP）Command copy source-urldestination-urlascii binary Interval2.2.4 dir Related command writeCommand dir ftp-server-url Ftp server ip addressRelated command ip ftp Ftp-server enableFtp-server timeout Command ftp-server timeout secondsIp ftp Copy（TFTP）Tftp-server enable Related command tftp-server timeoutCommand tftp-server retransmission-number number 2.3 FTP/TFTP Configuration ExamplesTftp-server transmission-timeout Command tftp-server transmission-timeout seconds133 134 135 FTP Configuration 2.4 FTP/TFTP Troubleshooting HelpMonitor and Debug Commands Show ftp Command show ftpShow tftp Command show tftp FTP Troubleshooting HelpTftp Troubleshooting Help Switch basic configuration BasicconfigSnmp manager configuration Configure exec timeoutSnmp configuration Trap manager configuration Configure IP address of Snmp managerRmon and trap configuration Snmp statisticsTftp server configuration Switch upgradeTftp client configuration FTP client configuration FTP server configurationMaintenance and debug command Debug command Show vlan port propertyBasic introduction to switch OthersWeb server user configuration Switch on-off informationSwitch Maintenance Reboot Exit current web configurationSave current running-config Reboot with the default configurationTelnet security IP Device Management Device Management ConfigurationDevice Management Brief Show slotCommand show power Show fan Command show fanShow power Parameters N/ACard Hot-Remove Card Hot-Swap OperationCard Hot-Insertion Debug devsmConfiguration Recover Rules Active-Standby AlternationReset specific module Show slotShow module in slot Show powerShow fan Port Configuration Introduction to PortName string Port ConfigurationNames or cancels the name of specified ports No nameEthernet Port Configuration Commands BandwidthCombo-forced-mode Command flow control no flow control Flow control1.2.6 mdi Interface ethernetLoopback Name Command name string no nameCommand negotiation onoff NegotiationShutdown Command shutdown no shutdownRate-suppression Enter Vlan Mode Speed-duplexInterface vlan Vlan Interface Configuration CommandsVlan-id command Ip addressEnter the network management port configuration mode Network Management Port Configuration Commands DuplexCommand interface ethernet interface-name Speed Port Mirroring Configuration Introduction to Port MirroringCommand speed auto force10 force100 Monitor session source interface Port Mirroring Configuration Task SequencePort Mirroring Configuration Port Mirroring Examples Device Mirroring Troubleshooting HelpMonitor and Debug Commands Show monitor Monitor session destination interfacePort Configuration Example Device Mirroring Troubleshooting HelpPort-channel-number interface-name Port Troubleshooting HelpMonitor and Debug Commands Clear counters Port Troubleshooting Help Show interfaceBandwidth control Ethernet port configurationPhysical port configuration Vlan interface configuration Allocate IP address for L3 port2.2 L3 port IP addr mode configuration Mirror configurationPort debug and maintenance Show port informationMAC Table Configuration Introduction to MAC TableObtaining MAC Table PC1 PC2 PC3 PC4Forward or Filter Mac-address-table static MAC Table ConfigurationMac-address-table aging-time Interface-nameTypical Configuration Examples Mac-address-table blackholeTroubleshooting Help Command show mac-address-table aging-timeShow mac-address-table blackhole Troubleshooting HelpShow mac-address-table static Enable MAC address binding function for the ports MAC Address Binding ConfigurationMAC Address Binding Configuration Task Sequence MAC Address Function ExtensionCommand deletes static secure MAC address Switchport port-security mac-addressNo switchport port-security Mac-address Mac-addressCommand switchport port-security convert Switchport port-security convertSwitchport port-security lock Switchport port-security timeout Switchport port-security mac-addressSwitchport port-security maximum Clear port-security dynamicCommand show port-security Mac Address Binding Troubleshooting HelpSwitchport port-security violation Command show port-security interface interface-id Show port-security interfaceCommand show port-security address interface interface-id Show port-security addressMAC Address Binding Troubleshooting Help Mac address table configurationUnicast address configuration Delete unicast address MAC address queryShow MAC address table Lock port Enable port MAC-BindingEnable port MAC-Binding Lock portClearing port MAC Enable port security timeoutBinding MAC Port violation mode MAC binding attribution configurationMaximum port security IP number configuration MAC binding debug Show MAC binding security addressVlan Configuration Introduction to VlanVlan vlan-id Vlan ConfigurationVlan Configuration Task Sequence Name vlan-nameVlan Configuration Commands Command mode Vlan Mode Switchport access vlanCommand name vlan-nameno name NameSwitchport trunk allowed vlan Switchport interfaceSwitchport mode Command switchport mode trunkaccessCommand vlan ingress disable no vlan ingress disable Switchport trunk native vlanVlan ingress disable Configuration Configuration description Typical Vlan ApplicationSwitch a Switch BGvrp Configuration Gvrp Configuration Task SequenceGvrp Commands Garp timer join Garp timer leaveCommand garp timer hold timer-valueno garp timer hold Garp timer holdGarp timer leaveall Command gvrp no gvrpTypical Gvrp Application Global Gvrp Monitor and Debug Information Show vlan Vlan Troubleshooting HelpCommand show vlan brief summary id vlan-id name vlan-name Debug gvrp Show garpShow gvrp VID allocation Vlan Troubleshooting HelpCreate/remove Vlan Allocate port for Vlan VID attribution configurationAllocate port for Vlan Port type configuration Set port modetrunk/accessTrunk port configuration Vlan setting for trunk portSet allow Vlan Enable/Disable Vlan ingress ruleVlan setting for access port Enable port Gvrp Gvrp configurationEnable global Gvrp Disable Vlan ingress ruleVlan debug and maintenance Mstp Configuration Introduction to MstpMstp field MST field operationMST inter-field operation Port roleMstp Configuration Mstp configuration task sequenceNo instance instance-id vlan vlan-list Creates a Instance and configuresInstance instance-id vlan vlan-list Mapping between a Vlan and InstanceInstance vlan Introduction to Mstp configuration commands AbortCommand abort Command name name no name Revision-levelSpanning-tree forward-time Command spanning-tree no spanning-treeSpanning-tree Spanning-tree hello-timeSpanning-tree link-type p2p Spanning-tree maxageSpanning-tree mcheck Command spanning-tree mcheckSpanning-tree max-hop Spanning-tree mode Spanning-tree mst configurationSpanning-tree mst cost Spanning-tree mst port-prioritySpanning-tree portfast Command spanning-tree portfast no spanning-tree portfastSpanning-tree mst priority Mstp Example SW4Configurations adjustment Switch SW2Switch SW3 Switch SW4Instance0 topology after Mstp change Mstp Troubleshooting Help Monitor and Debug Command Show spanning-treeFWD Mstr Root Id Bridge informationInstance Information Ext.RootPathCostCommand show mst-pending Show mst configurationCommand show spanning-tree mst config Show mst-pendingDebug spanning-tree Mstp Troubleshooting HelpCommand debug spanning-tree no debug spanning-tree Field operation Instance configurationMstp field operation Revision level controlPort route cost setting Edge port settingPort priority setting Mstp modeMstp global control Set the max age time for Bpdu information in the switch Set switch to spanning tree modeShow Mstp setting Instance information Mstp field informationIgmp Snooping Configuration Task Igmp Snooping ConfigurationIgmp Snooping Configuration Introduction to Igmp SnoopingIgmp Snooping Configuration Command Ip igmp snooping Ip igmp snooping vlan Ip igmp snooping vlan mrouterIp igmp snooping vlan query Ip igmp snooping vlan staticIp igmp snooping vlan immediate-leave No ip igmp snooping vlan vlan-idstatic multicast-ip-addrIp igmp snooping vlan query max-response-time Ip igmp snooping vlan query robustnessIp igmp snooping vlan query interval Configuration steps are listed below Igmp Snooping ExampleScenario 2. Igmp Query Multicast ConfigurationIgmp Snooping listening result Command show ip igmp snooping vlan vlan-id Igmp Snooping Troubleshooting HelpMonitor and Debug Commands Show ip igmp snooping 259 260 Show mac-address-table multicast Command show mac-address-table multicast vlan vlan-idCommand debug ip igmp snooping no debug ip igmp snooping Debug igmp snoopingIgmp Snooping Troubleshooting Help Turning on the Igmp snooping functionConfiguration display Query configurationSnooping configuration Igmp snooping static multicast configuration Igmp snooping display265 Access-group ACL ConfigurationAccess list Access list Action and Global Default ActionACL configuration ACL Configuration Task SequenceDIpAddr DMask SMaskSIpAddr DIpAddr Icmp-typeDIpAddr Icmp-type Icmp-code TosHost-source sIpAddr dIpAddr dMask ACL Configuration Commands Access-listextended Port the no ip access-group nameCommand firewall enable disable Access liststandardFirewall default FirewallIp access-group Ip access extendedIp access standard Command firewall default permit denyPermit denyextended Scenario ACL ExamplePermit denystandard Configuration result ACL Troubleshooting HelpACL Debug and Monitor Commands Show access lists Command show access lists numacl-nameCommand show firewall Show access-groupCommand show access-group interface name Parameters N/A Default N/AACL Troubleshooting Help Command mode Admin Mode Usage Guide ExampleDelete numeric IP ACL Numeric standard ACL configurationConfigure the numeric extended ACL 280 281 Configure extended ACL name configuration Firewall configurationACL port binding Port Channel Configuration Introduction to Port ChannelPort Channel Configuration Port Channel Configuration Task SequenceTheir mode Port Channel Configuration Commands Port-groupPort-group mode No port-groupport-group-numberCommand mode Global Mode Default Command port-group port-group-numbermode activepassiveonCommand interface port-channel port-channel-number Interface port-channelScenario 1 Configuring Port Channel in Lacp Port Channel ExampleSwitch2 Config-If-Port-Channel2# Port Channel Troubleshooting Help Monitor and Debug Commands Show port-group291 Machine state and port state of the port are as follows 293 Command debug lacp no debug lacp Debug lacpPort Channel Troubleshooting Help Lacp port group configurationLacp port configuration Display port memberDhcp Configuration Introduction to DhcpNetwork-number Dhcp Server ConfigurationDhcp Sever Configuration Task Sequence Option code ascii string hex hex Bootfile filenameMber｝ High-addressClient-identifierunique-identifier Dhcp Server Configuration Commands BootfileClient-identifier Command dns-serveraddress1address2…address8 Default-routerCommand default-routeraddress1address2…address8 Client-nameHardware-address Command host address mask prefix-lengthDomain-name HostIp dhcp conflict logging Related command hardware-address, client-identifierRelated command clear ip dhcp conflict Ip dhcp excluded-addressIp dhcp pool Command ip dhcp pool name no ip dhcp pool nameCommand loghost dhcp ip-address port no loghost dhcp Loghost dhcpCommand lease days hoursminutes infinite no lease Netbios-name-serverNetbios-node-type Network-address Command network-addressnetwork-number mask prefix-lengthCommand next-serveraddress1address2…address8 Next-serverCommand service dhcp no service dhcp Dhcp Relay ConfigurationService dhcp Dhcp Relay Configuration Task Sequence Enable Dhcp relayIp helper-address Dhcp Relay Configuration Command Ip forward-protocol udpDrop Information policy drop command allows Ip dhcp relay information policy dropDhcp Configuration Example Ip dhcp relay information policy drop311 312 Clear ip dhcp conflict Dhcp Troubleshooting HelpMonitor and Debug Commands Clear ip dhcp binding Clear ip dhcp server statistics Command clear ip dhcp server statisticsRelated command show ip dhcp server statistics Show ip dhcp bindingShow ip dhcp conflict Command show ip dhcp conflictCommand show ip dhcp server statistics Show ip dhcp server statisticsDebug ip dhcp server DhcpforwardEnable Dhcp Dhcp Troubleshooting HelpDhcp server configuration Web managementAddress pool configuration Client’s default gateway configuration Client dns server configurationClient wins server configuration Dhcp file server address configurationDhcp network parameter configuration Manual address pool configuration Excluded address configurationDhcp relay configuration Dhcp packet statisticsDhcp debugging Delete binding logShow IP-Mac binding Delete conflict logDelete Dhcp server statistics log Show conflict-loggingSntp Configuration Sntp server Sntp Configuration CommandsCommand sntp timezone name add subtract timedifference Sntp polltimeTypical Sntp Configuration Examples SNMP/NTP server configuration Sntp Troubleshooting HelpMonitor and Debug Commands Show sntp Debug sntpShow Snmp Request interval configurationTime difference QoS Terms QoS ConfigurationIntroduction to QoS QoS Implementation Basic QoS ModelIngress actions Star FinishStart QoS Configuration QoS Configuration Task SequenceDscp-list Class-mapclass-map-nameNo class-mapclass-map-name Ip-precedence-list vlan vlan-listPolicy-mappolicy-map-name No class class-map-name commandAggregate-policer-name command No policy-mappolicy-map-namePolicy-map-name Weight3 weight4 weight5 weight6 weight7Weight8 Policy-map-name Policy-map-name outputMatch QoS Configuration Commands Mls qosClass-map Qos map cos-dscp dscp-cosPolicy-map Command policy-map policy-map-nameCommand class class-map-nameno class class-map-name Class16.2.2.6 set PoliceMls qos aggregate-policer No mls qos aggregate-policer aggregate-policer-nameMls qos trust Default No trust Command mode Interface ModePolice aggregate Parameters aggregate-policer-name is the policy set nameCommand mode Interface Mode Usage Guide Service-policyCommand mls qos cos default-cos no mls qos cos Mls qos cosWrr-queue bandwidth Command priority-queue out no priority-queue outMls qos dscp-mutation Priority-queue outMls qos map Default CoS-to-Egress-Queue Map when QoS is EnabledWrr-queue cos-map ParametersQoS Example SWITCH#CONFIG Scenario QoS domain Command show mls-qos QoS Troubleshooting HelpQoS Debug and Monitor Commands Show mls-qos Parameters N/A Default N/A Command mode Admin ModeShow mls qos interface WFQ Show mls qos maps Show class-map Command show class-map class-map-nameCommand show policy-map policy-map-name Show policy-mapQoS Troubleshooting Help Enable QoSClass-map configuration 16.5.2.1 Add/Remove class-MapPolicy-map priority configuration 16.5.3.1 Add/Remove policy-mapPolicy-map bandwidth configuration 16.5.3.4 Add/Remove aggregate policy Apply aggregate policyPort trust mode configuration Apply QoS to portApply Dscp mutation mapping Port default CoS configurationApply policy-map to port Egress-queue configuration Egress-queue WRR weight configurationEgress-queue Work mode configuration Mapping CoS values to egress queueQoS mapping configuration CoS-to-DSCP mappingDSCP-to-CoS mapping Dscp mutation mappingIP-precedence-to-DSCP mapping Dscp mark down mappingIntroduction to Layer 3 Interface L3 Forward ConfigurationLayer 3 Interface Create Layer 3 InterfaceIP Forwarding Layer 3 Interface Configuration CommandsCommand interface vlan vlan-idno interface vlan vlan-id Introduction to IP ForwardingShow ip traffic IP Route Aggregation Configuration CommandIp fib optimize Fragmented, 0 couldnt fragment, 0 fragment sent Debug ip packet 17.3 ARPIntroduction to ARP 17.3.2.2.1 Arp ARP configuration ARP Configuration Task SequenceARP Forwarding Configuration Commands Ipaddress MacaddressShow arp Command ip proxy-arp no ip proxy-arpIp proxy-arp Debug arp Command debug arp no debug arpClear arp-cache Example：IP route aggregation configuration ARP Troubleshooting Help17.4.1 L3 port configuration ARP configurationClear ARP Configure static ARPProxy ARP configuration Show ARPRouting Protocol Configuration Route TableStatic Route Introduction to Static RouteIp route Introduction to Default RouteStatic Route Configuration Commands Show ip route Configuration Scenario Troubleshooting Help Monitor and Debug Commands 18.3 RIP Introduction to RIP385 Configure RIP protocol parameters RIP Configuration RIP Configuration Task SequenceEnable RIP No router ripValue Holddown Update InvalidName-of-chain No ip rip input RIP Configuration CommandsDisable RIP No ip rip outputAuto-summary Default-metricIp rip authentication key-chain Related command ip rip authentication key-chain Ip rip authentication modeRelated command ip rip authentication Command ip rip metricin value no ip rip metricinIp rip output Ip rip metricoutIp rip input Ip rip receive versionIp split-horizon Ip rip send versionIp rip work Redistribute Command rip broadcast no rip broadcastCommand rip checkzero no rip checkzero Rip broadcastRip preference Timer basicCommand timer basic update invalid holddown Router ripVersion Command version 1 2 no versionCommand show ip protocols Show ip protocolsVlan4 Command show ip ripShow ip rip V12Command debug ip rip packet no debug ip rip packet Debug ip rip packetDebug ip rip recv Command debug ip rip recv no debug ip rip recvCommand debug ip rip send no debug ip rip send Debug ip rip sendTypical RIP Scenario Vl an2401 No debug ip rip packet RIP Troubleshooting HelpShow ip rip No debug ip rip recv（3）show ip protocols （2）show ip routeTotal route items is 2, the matched route items is Introduction to Ospf RIP TroubleshootingOspf 405 406 Ospf Configuration Configuration Task SequenceAuthkey Router id routeridScope the no network network mask area KeyidMetric costvalue Ospf Configuration Commands RouteridDefault redistribute cost Default redistribute tag Default redistribute intervalDefault redistribute limit Command ip ospf cost cost no ip ospf cost Default redistribute typeIp ospf authentication Ip ospf costCommand ip ospf enable area areaid no ip ospf enable area Ospf enable areaCommand ip ospf dead-interval time no ip ospf dead-interval Ip ospf dead-intervalIp ospf passive-interface Related command ip ospf dead-intervalCommand ip ospf priority priority no ip ospf priority Ip ospf priorityNetwork Ip ospf transmit-delayIp ospf retransmit-interval No network network mask area areaidRedistribute ospfase Command preference ase preference no preference asePreference No redistribute ospfase bgp connected static ripRouter id Command router id routerid no router idCommand router ospf no router ospf Router ospfVirtuallink neighborid Command stub cost cost area areaid no stub area areaidStub cost Show ip ospfShow ip ospf ase Command show ip ospfCommand show ip ospf ase Command show ip ospf cumulative Show ip ospf cumulativeShow ip ospf database Lsrtr 3 Lsnet 3 Lssumnet Lssumasb LsaseRouteTag Command show ip ospf interface interface Show ip ospf interfaceCommand show ip ospf neighbor Show ip ospf neighborShow ip ospf routing Command show ip ospf routingCommand show ip ospf virtual-links Show ip ospf virtual-linksSwitch#show ip ospf virtual-links no virtual-link Debug ip ospf packet Debug ip ospf eventDebug ip ospf lsa Debug ip ospf spf Command debug ip ospf spf no debug ip ospf spfTypical Ospf Scenario 430 431 Typical complex Ospf autonomous system 433 434 435 Ospf Troubleshooting Help Monitor and Debugging Commands（1）show ip ospf Example （3）show ip ospf ase （4）show ip ospf cumulative（5）show ip ospf database Cost Checksum Router ID 11.11.2.1 （6）show ip ospf interface （7）show ip ospf neighbor （10）show ip protocols （8）show ip ospf routing（9）show ip ospf virtual-links Ase perference=150 Static route Static route configurationRIP configuration RIP parameter configuration Enable imported route RIP configuration Enable RIPEnable port to receive/transmit RIP packet Metricin/out configuration RIP imported routeGlobal RIP configuration Enable/Disable Ospf protocol Set RIP timerEnable Ospf protocol OspfRouter-ID configuration Ospf network range configurationConfigure Ospf authentication parameter configuration Configure Ospf area for portOspf TX-parameter configuration Passive interface configuration Sending packet cost configurationImport external routing information Ospf imported route parameter configurationImported route parameter configuration Ospf Stub area and default route cost configuration Other parameter configurationOspf priority configuration Ospf debug Ospf virtual link configurationPort DR priority configuration Display routing table Introduction to Multicast Multicast protocol ConfigurationMulticast Protocol Overview Multicast AddressIP Multicast Packets Forwarding Application of Multicast Common Multicast ConfigurationsCommon Multicast Configuration Commands Show ip mrouteIncoming interfaces PIM-DM Introduction to PIM-DMIp pim dense-mode PIM-DM Configuration PIM-DM Configuration Task SequencePIM-DM Configuration Commands IntervalIp pim query-interval Typical PIM-DM ScenarioPIM-DM Troubleshooting Help Command show ip pim mroute dm Show ip pim mroute dmShow ip pim neighbor Command show ip pim neighbor ifnameCommand show ip pim interface ifname Show ip pim interfaceDebug ip pim Command debug ip pimParameters N/A Default Disabled Command mode Admin Mode PIM-SM Introduction to PIM-SM PIM-SM Configuration PIM-SM Configuration Task Sequence Hashlength Priority PIM-SM Configuration CommandsIp pim sparse-mode Ip pim bsr-border Command ip pim sparse-mode no ip pim sparse-modeCommand ip pim bsr-border no ip pim bsr-border Ip pim query-intervalIp pim bsr-candidate Ip pim rp-candidateTypical PIM-SM Scenario Show ip pim bsr-router PIM-SM Troubleshooting Help Monitor and Debug CommandsCommand show ip pim bsr-router Show ip pim interface Show ip pim neighbor Command show ip pim mroute smShow ip pim mroute sm Debug ip pim Command show ip pim rp mapping group-addressShow ip pim rp Debug ip pim bsr PIM-SM TroubleshootingCommand debug ip pim bsr Dvmrp Introduction to DvmrpDvmrp configuration Configuration Task Sequence Enable DvmrpC.D Dvmrp Configuration Commands MetricvalIp dvmrp cisco-compatible Ip dvmrp enableCommand ip dvmrp enable no ip dvmrp enable Ip dvmrp graft-intervalIp dvmrp metric Ip dvmrp nbr-timeoutCommand ip dvmrp metric metricval no ip dvmrp metric Ip dvmrp report-interval Ip dvmrp route-timeoutIp dvmrp probe-interval Typical Dvmrp Scenario Ip dvmrp tunnelShow ip dvmrp mroute Dvmrp Troubleshooting HelpCommand show ip dvmrp mroute Show ip dvmrp neighbor Command show ip dvmrp neighbor ifnameCommand show ip dvmrp route Show ip dvmrp routeCommand show ip dvmrp tunnel ifname Show ip dvmrp tunnelDebug ip dvmrp detail Command debug ip dvmrp detailCommand debug ip dvmrp pruning no debug ip dvmrp pruning Debug ip dvmrp pruningIntroduction to Igmp Dvmrp TroubleshootingIgmp Igmp configuration Configuration Task Sequence Interface the no ip igmp access-group Enable IgmpIp dvmrp enable ip pim dense-mode AclnameNo ip igmp query-interval Igmp Configuration CommandsIgmp query interval TimevalIp igmp join-group Ip igmp access-groupIp igmp static-group command Ip igmp query-max-response-time Ip igmp query-timeoutIp igmp query-interval Ip igmp static-group Command ip igmp version version no ip igmp versionTypical Igmp Scenario Ip igmp versionShow ip igmp groups Igmp Troubleshooting HelpCommand show ip igmp groups ifname groupaddr Show ip igmp interface Command show ip igmp interface ifnameCommand debug ip igmp event Debug ip igmp eventDebug ip igmp packet Igmp TroubleshootingCommand debug ip igmp packet PIM-DM parameter configuration Multicast public monitor commandPIM-DM configuration Enable PIM-DM Set interface as PIM-SM BSR border PIM-SM configuration Enable PIM-SMPIM-SM parameter configuration Set router as RP candidate Dvmrp configuration Enable DvmrpSet router as BSR candidate Dvmrp global parameter configuration Cisco-compatible configurationDvmrp parameter configuration Dvmrp tunnel configuration Igmp configuration Igmp additive parameter configurationIgmp version configuration Multicast monitor configuration Show ip pim interfaceShow ip pim rp Show ip pim bsr-routerShow ip pim mroute sm Show ip dvmrp mroute802.1x Configuration Introduction toEnable 802.1x function of the switch 20.2 802.1x Configuration20.2.1 802.1x Configuration Task Sequence Aaa-accounting enable Aaa enableNo aaa enable No aaa-accounting enableSeconds Interface interface-nameHost IPaddress 20.2.2 802.1x Configuration Commands Aaa enableHost IPaddress port MinutesCommand mode Global Mode Default N/A Aaa-accounting enableCommand aaa-accounting enable no aaa-accounting enable 20.2.2.3 dot1x accept-mac20.2.2.6 dot1x privateclient enable 20.2.2.4 dot1x eapor enable20.2.2.5 dot1x enable Command dot1x eapor enable no dot1x eapor enableCommand dot1x max-req count no dot1x max-req 20.2.2.7 dot1x macfilter enableCommand dot1x macfilter enable no dot1x macfilter enable 20.2.2.8 dot1x max-req20.2.2.10 dot1x port-control 20.2.2.12 dot1x re-authenticateCommand dot1x re-authenticate interface interface-name 20.2.2.11 dot1x port-method20.2.2.15 dot1x timeout re-authperiod 20.2.2.13 dot1x re-authentication20.2.2.14 dot1x timeout quiet-period Command dot1x re-authentication no dot1x re-authentication20.2.2.16 dot1x timeout tx-period Radius-server accounting hostRadius-server authentication host Radius-server dead-timeRadius-server retransmit Radius-server timeoutRadius-server key 20.3 802.1x Application Example Radi us Ser v er 10Command show aaa config 20.4 802.1x Troubleshooting2o.4.1 802.1x Debug and Monitor Commands Show aaa config Show aaa authenticated-user Command show aaa authenticated-userCommand show radius authencated-userauthencating-user count Show aaa authenticating-userCommand show aaa authenticating-user Show radius countCommand show dot1x interface interface-list Show dot1xDebug aaa Command debug aaa no debug aaaCommand mode Admin Mode Parameters N/A Debug dot1x 20.4.2 802.1x TroubleshootingCommand debug dot1x no debug dot1x Radius client configuration Radius global configurationRadius authentication configuration 20.5.2.1 802.1X configuration Radius accounting configuration20.5.2 802.1X configuration 20.5.2.2 802.1X port authentication configuration 20.5.2.3 802.1X port mac configuration 20.5.2.4 802.1X port status list533 Vrrp Configuration Introduction to Vrrp535 Vrrp Configuration Commands Router vrrp Virtual-ipCommands enable Commands virtual-ip A.B.C.D master backup no virtual-ipCommands interfaceIFNAME Vlan ID no interface InterfaceVrrp authentication string DisableVrrp authentication mode Commands disablePreempt Commands preempt-modetrue falseCommands priority value no priority PriorityAdvertisement-interval Circuit-failoverVrrp Troubleshooting Help Typical Vrrp ScenarioCommand mode All Modes Example Monitor and Debug Commands Show vrrpCommands show vrrp vrid Debug vrrpVrrp Troubleshooting Help Create Vrrp NumberConfigure Preemptive Mode For Vrrp Configure Vrrp Dummy IPConfigure Vrrp Port Activate Virtual RouterConfigure Vrrp Interface Monitor Configure Vrrp priorityConfigure Vrrp Timer interval Configure Authentication Mode For VrrpConfigure Authentication String For Vrrp