Asante Technologies 40240/40480-10G 802.1X Port Authentication

Example

The following example enables port security for port 5, and sets the respons e to a

security violation to issue a trap message:

Console(config)#interface ethernet 1/5

Console(config-if)#port security action trap

Related Commands

shutdown (27-7)

mac-address-table static (31-1)

802.1X Port Authentication

The switch supports IEEE 802.1X (dot1x) port-based access co ntrol tha t prevents

unauthorized access to the network by requiring users to first submit c redenti als for

authentication. Client authentication is controlled centrally by a RADIUS server

using EAP (Extensible Authentication Protocol).

Table 25-13 802.1X Port Authentication Commands

Command

dot1x system-auth-control

dot1x default

dot1x max-req

dot1x port-control

dot1x operation-mode

dot1x re-authenticate

dot1x re-authentication

dot1x timeout quiet-period

dot1x timeout re-authperiod

dot1x timeout tx-period

show dot1x

25-26

Function

Enables dot1x globally on the switch.

Resets all dot1x parameters to their default values

Sets the maximum number of times that the switch

retransmits an EAP request/identity packet to the client

before it times out the authentication session

Sets dot1x mode for a port interface

Allows single or multiple hosts on an dot1x port

Forces re-authentication on specific ports

Enables re-authentication for all ports

Sets the time that a switch port waits after the Max

Request Count has been exceeded before attempting to

acquire a new client

Sets the time period after which a connected client must

be re-authenticated

Sets the time period during an authentication session that

the switch waits before re-transmitting an EAP packet

Shows a

l

dot1x related information

Mode Page

GC 25-27

GC 25-27

IC 25-27

IC 25-28

IC 25-29

PE 25-30

IC 25-30

IC 25-31

IC 25-31

IC 25-32

PE 25-32

User Authentication Commands

25

Contents

Main Layer 3 Gigabit Stackable Ethernet Switch IC40240-10G/IC40480-10G Management Guide IntraCore 40240-10G Gigabit Ethernet Switch IntraCore 40480-10G Gigabit Ethernet Switch 2 Stacking Ports Page About This Manual Page Contents Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Tables Page Page Page Figures Page Page Page Page 1-1 Chapter 1: Introduction Key Features Table 1-1 Key Features Description of Software Features 1-2 1-3 Description of Software Features 1-4 1-5 Description of Software Features 1-6 1-7 System Defaults System Defaults Introduction 1-8 1-9 System Defaults Page Chapter 2: Initial Configuration Connecting to the Switch 2-1 Configuration Options Required Connections 2-2 Remote Connections Stack Operations 2-3 Selecting the Stack Master Stack Operations Selecting the Backup Unit Recovering from Stack Failure or Topology Change 2-4 Broken Link for Line and Wrap-around Topologies Renumbering the Stack Ensuring Consistent Code is Used Across the Stack Stack Operations Basic Configuration Console Connection 2-6 Setting Passwords Setting an IP Address 2-7 Manual Configuration 2-8 2-9 2-10 Dynamic Configuration 2-11 2-12 Enabling SNMP Management Access Community Strings (for SNMP version 1 and 2c clients) 2-13 Trap Receivers 2-14 Managing System Files 2-15 Managing System Files Configuring Access for SNMP Version 3 Clients Saving Configuration Settings 2-16 Page Page Section II: Switch Management Page Chapter 3: Configuring the Switch Using the Web Interface 3-1 Navigating the Web Browser Interface Home Page 3-2 Configuration Options Panel Display 3-3 Main Menu 3-4 3-5 3-6 3-7 3-8 3-9 3-10 Navigating the Web Browser Interface 3-11 Page Chapter 4: Basic Management Tasks Displaying System Information 4-1 Web 4-2 Figure 4-1 System Information Specify the hostname, location and contact information. Displaying Switch Hardware/Software Versions 4-3 Displaying Switch Hardware/Software Versions Displaying Bridge Extension Capabilities 4-4 Setting the Switchs IP Address (IP Version 4) Setting the Switchs IP Address (IP Version 4) 4-5 4-6 Manual Configuration 4-7 Setting the Switchs IP Address (IP Version 4) Using DHCP/BOOTP 4-8 Setting the Switchs IP Address (IP Version 6) 4-9 Configuring an IPv6 Address 4-10 4-11 4-12 4-13 Page Setting the Switchs IP Address (IP Version 6) Configuring an IPv6 General Network Prefix 4-15 4-16 Configuring Neighbor Detection Protocol and Static Entries 4-17 4-18 Page 4-20 This example maps a static entry for a global unicast address to a MAC address. Configuring Support for Jumbo Frames Configuring Support for Jumbo Frames Managing Firmware 4-21 Downloading System Software from a Server 4-22 Page Saving or Restoring Configuration Settings 4-24 Downloading Configuration Settings from a Server 4-25 Saving or Restoring Configuration Settings Console Port Settings 4-26 4-27 Console Port Settings Telnet Settings 4-28 Telnet Settings 4-29 Configuring Event Logging System Log Configuration 4-30 Remote Log Configuration 4-31 Configuring Event Logging 4-32 Figure 4-19 Remote Logs Displaying Log Messages Configuring Event Logging Sending Simple Mail Transfer Protocol Alerts 4-33 4-34 Renumbering the Stack 4-35 Renumbering the Stack Resetting the System Setting the System Clock 4-36 Setting the Current Time Configuring SNTP 4-37 4-38 Setting the Time Zone 4-39 Configuring Summer Time 4-40 4-41 Page Chapter 5: Simple Network Management Protocol 5-1 Note: Enabling the SNMP Agent The following example enables SNMP on the switch. Enables SNMP on the switch. 5-2 Simple Network Management Protocol Setting Community Access Strings Setting Community Access Strings 5-3 Specifying Trap Managers and Trap Types 5-4 5-5 Specifying Trap Managers and Trap Types 5-6 Configuring SNMPv3 Management Access Setting a Local Engine ID 5-7 Specifying a Remote Engine ID 5-8 Configuring SNMPv3 Users 5-9 5-10 Configuring Remote SNMPv3 Users 5-11 5-12 Configuring SNMPv3 Groups 5-13 5-14 5-15 5-16 Setting SNMPv3 Views 5-17 5-18 snmp-server view Use the Chapter 6: User Authentication Configuring User Accounts 6-1 Configuring Local/Remote Logon Authentication 6-2 6-3 Configuring Local/Remote Logon Authentication 6-4 6-5 Configuring HTTPS Configuring HTTPS 6-6 6-7 Configuring HTTPS Replacing the Default Secure-site Certificate Configuring the Secure Shell 6-8 6-9 Configuring the Secure She Generating the Host Key Pair 6-10 6-11 Configuring the Secure She Importing User Public Keys 6-12 6-13 Configuring the Secure She Configuring the SSH Server 6-14 Configuring the Secure She 6-15 Configuring Port Security 6-16 Page 6-18 Configuring 802.1X Port Authentication Displaying 802.1X Global Settings 6-19 Configuring Port Settings for 802.1X 6-20 Configuring 802.1X Global Settings 6-21 Page 6-23 Displaying 802.1X Statistics This switch can display statistics for dot1x protocol exchanges for any port. 6-24 6-25 Filtering IP Addresses for Management Access 6-26 Web CLI Filtering IP Addresses for Management Access 6-27 Page Chapter 7: Access Control Lists Configuring Access Control Lists 7-1 Setting the ACL Name and Type Configuring a Standard IPv4 ACL 7-2 Configuring an Extended IPv4 ACL 7-3 7-4 7-5 Configuring a MAC ACL 7-6 Configuring a Standard IPv6 ACL 7-7 Configuring an Extended IPv6 ACL 7-8 7-9 7-10 Binding a Port to an Access Control List Binding a Port to an Access Control List 7-11 Page Chapter 8: Port Configuration Displaying Connection Status 8-1 8-2 Configuring Interface Connections 8-3 Configuring Interface Connections 8-4 Figure 8-2 Port - Port Configuration Select the interface, and then enter the required settings. 8-5 Configuring Interface Connections Creating Trunk Groups 8-6 Statically Configuring a Trunk Enabling LACP on Selected Ports 8-8 8-9 Configuring LACP Parameters 8-10 Page 8-12 Displaying LACP Port Counters You can display statistics for LACP protocol messages. The following example displays LACP counters for port channel 1. 8-13 Displaying LACP Settings and Status for the Local Side 8-14 Figure 8-7 LACP - Port Internal Information 8-15 Displaying LACP Settings and Status for the Remote Side 8-16 Setting Broadcast Storm Thresholds 8-17 Setting Broadcast Storm Thresholds 8-18 Figure 8-9 Port Broadcast Control 8-19 Configuring Port Mirroring Configuring Port Mirroring Configuring Rate Limits 8-20 Page Showing Port Statistics 8-22 8-23 Showing Port Statistics 8-24 Page This example shows statistics for port 12. 8-26 Chapter 9: Address Table Settings Setting Static Addresses 9-1 Displaying the Address Table 9-2 Address Table Settings Displaying the Address Table 9-3 Changing the Aging Time 9-4 Address Table Settings Chapter 10: Spanning Tree Algorithm 10-1 Region R 10-2 Displaying Global Settings 10-3 Displaying Global Settings 10-4 This command displays global STA settings, followed by settings for each port. Displaying Global Settings Note: 10-5 Configuring Global Settings 10-6 10-7 Configuring Global Settings 10-8 Page Displaying Interface Settings 10-10 x x 10-11 Displaying Interface Settings 10-12 Configuring Interface Settings 10-13 Configuring Interface Settings 10-14 10-15 Configuring Interface Settings Configuring Multiple Spanning Trees 10-16 Figure 10-7 MSTP VLAN Configuration This displays STA settings for instance 1, followed by settings f or each port . 10-17 Configuring Multiple Spanning Trees 10-18 CLI This example sets the priority for MSTI 1, and adds VLANs 1- 5 to this MSTI. Displaying Interface Settings for MSTP 10-19 Displaying Interface Settings for MSTP Configuring Interface Settings for MSTP 10-20 10-21 Configuring Interface Settings for MSTP Page Chapter 11: VLAN Configuration IEEE 802.1Q VLANs 11-1 Assigning Ports to VLANs 11-2 Forwarding Tagged/Untagged Frames 11-3 Displaying Basic VLAN Information 11-4 Enabling or Disabling GVRP (Global Setting) Displaying Current VLANs 11-5 Creating VLANs 11-6 Adding Static Members to VLANs 2. A Figure 11-4 VLAN Static List - Creating VLANs 11-8 Adding Static Members to VLANs (Port Index) 11-9 Configuring VLAN Behavior for Interfaces 11-10 11-11 Configuring IEEE 802.1Q Tunneling 11-12 11-13 11-14 11-15 Enabling QinQ Tunneling on the Switch 11-16 Adding an Interface to a QinQ Tunnel 11-17 Figure 11-2 Tunnel Port Configuration 17 x 11-18 Configuring Private VLANs Uplink Ports Primary VLAN (promiscuous ports) Configuring Uplink and Downlink Ports 11-19 Enabling Private VLANs Configuring Private VLANs Configuring Protocol-Based VLANs Mapping Protocols to VLANs 11-21 Configuring Protocol-Based VLANs 11-22 Chapter 12: Link Layer Discovery Protocol Setting Basic LLDP Timing Attributes 12-1 12-2 Configuring LLDP Interface Attributes 12-3 Configuring LLDP Interface Attributes 12-4 Displaying LLDP Local Device Information 12-5 Displaying LLDP Local Device Information 12-6 Figure 12-6 LLDP Local Device Information This example displays LLDP information for the local switch. 12-7 Displaying LLDP Local Device Information Click LLDP, Local Information. Displaying LLDP Remote Port Information 12-8 Displaying LLDP Remote Information Details 12-9 Displaying LLDP Remote Information Details Page Displaying Device Statistics 12-11 Displaying Device Statistics 12-12 Displaying Detailed Device Statistics 12-13 Displaying Detailed Device Statistics Page Chapter 13: Class of Service Layer 2 Queue Settings 13-1 Setting the Default Priority for Interfaces 13-2 Figure 13-1 Default Port Priority This example assigns a default priority of 5 to port 3. 13-3 Mapping CoS Values to Egress Queues Layer 2 Queue Settings Figure 13-2 Traffic Classes 13-4 The following example shows how to change the CoS assignments to a one-to-one mapping. Selecting the Queue Mode 13-5 Layer 2 Queue Settings Setting the Service Weight for Traffic Classes 13-6 Layer 3/4 Priority Settings Mapping Layer 3/4 Priorities to CoS Values 13-7 Selecting IP Precedence/DSCP Priority Mapping IP Precedence 13-8 Figure 13-6 IP Precedence Priority 13-9 Mapping DSCP Priority 13-10 Mapping IP Port Priority 13-11 13-12 Chapter 14: Quality of Service Configuring Quality of Service Parameters 14-1 Configuring a Class Map 14-2 Quality of Service Page Creating QoS Policies 14-4 Quality of Service 14-5 Configuring Quality of Service Parameters Page Attaching a Policy Map to Ingress Queues 14-7 Configuring Quality of Service Parameters Page 15-1 Chapter 15: Multicast Filtering Layer 2 IGMP (Snooping and Query) 15-2 Configuring IGMP Snooping and Query Parameters 15-3 15-4 Enabling IGMP Immediate Leave 15-5 Displaying Interfaces Attached to a Multicast Router 15-6 Specifying Static Interfaces for a Multicast Router 15-7 Displaying Port Members of Multicast Services 15-8 Assigning Ports to Multicast Services 15-9 Page Chapter 16: Domain Name Service Configuring General DNS Service Parameters 16-1 16-2 Domain Name Service Configuring Static DNS Host to Address Entries 16-3 Configuring Static DNS Host to Address Entries 16-4 Domain Name Service Displaying the DNS Cache 16-5 Displaying the DNS Cache Page Chapter 17: Dynamic Host Configuration Protocol Configuring DHCP Relay Service 17-1 Configuring the DHCP Server 17-2 Enabling the Server, Setting Excluded Addresses 17-3 Configuring Address Pools 17-4 17-5 Page 17-7 17-8 Displaying Address Bindings 17-9 Page Chapter 18: Configuring Router Redundancy Master Router Backup Router 18-1 Virtual Router Redundancy Protocol Configuring VRRP Groups 18-2 18-3 18-4 Page Page Displaying VRRP Global Statistics 18-7 Displaying VRRP Group Statistics 18-8 18-9 Page Chapter 19: IP Routing Overview 19-1 Initial Configuration IP Switching 19-2 Routing Path Management 19-3 IP Switching Routing Protocols Basic IP Interface Configuration 19-4 Configuring IP Routing Interfaces 19-5 Configuring IP Routing Interfaces 19-6 Page Address Resolution Protocol 19-8 19-9 Basic ARP Configuration 19-10 Configuring Static ARP Addresses 19-11 Displaying Dynamically Learned ARP Entries 19-12 Displaying Local ARP Entries 19-13 Click IP, ARP, Other Addresses. Figure 19-6 ARP Other Addresses Displaying ARP Statistics You can display statistics for ARP messages crossing all interfaces on this router. 19-14 Table 19-2 ARP Statistics Parameter Received Request Address Resolution Protocol Click IP, ARP, Statistics. Figure 19-7 ARP Statistics This example provides detailed statistics on common IP-related protocols. 19-15 Displaying Statistics for IP Protocols IP Statistics 19-16 ICMP Statistics 19-17 Displaying Statistics for IP Protocols Click IP, Statistics, ICMP. 19-18 CLI - See the example on page 19-14. UDP Statistics 19-19 Displaying Statistics for IP Protocols TCP Statistics 19-20 Click IP, Statistics, TCP. CLI - See the example on page 19-14. Configuring Static Routes 19-21 Configuring Static Routes Displaying the Routing Table 19-22 Click IP, Routing, Routing Table. Figure 19-13 IP Routing Table 19-23 Displaying the Routing Table Page Chapter 20: Unicast Routing 20-1 20-2 Configuring the Routing Information Protocol Configuring General Protocol Settings 20-3 20-4 Specifying Network Interfaces for RIP 20-5 Configuring Network Interfaces for RIP 20-6 20-7 20-8 Redistributing Routing Information from Other Domains 20-9 20-10 20-11 Displaying RIP Information and Statistics Page 20-13 Configuring the Open Shortest Path First Protocol 20-14 Configuring General Protocol Settings 20-15 20-16 20-17 20-18 Configuring OSPF Areas 20-19 20-20 20-21 20-22 Configuring Area Ranges 20-23 (Route Summarization for ABRs) 20-24 Configuring OSPF Interfaces 20-25 20-26 20-27 Page 20-29 Configuring Virtual Links 20-30 Configuring Network Area Addresses 20-31 Page Configuring Summary Addresses (for External AS Routes) 20-33 Page 20-35 Redistributing External Routes 20-36 Configuring NSSA Settings 20-37 20-38 Displaying Link State Database Information Page 20-40 Displaying Information on Border Routers 20-41 Displaying Information on Neighbor Routers Page Section III:Command Line Interface Page Chapter 21: Overview of the Command Line Interface Using the Command Line Interface 21-1 Accessing the CLI Console Connection 21-2 Entering Commands Keywords and Arguments 21-3 Minimum Abbreviation Command Completion 21-4 Showing Commands displays a list of possible show commands: Negating the Effect of Commands Using Command History 21-5 Partial Keyword Lookup Exec Commands 21-6 Understanding Command Modes Configuration Commands 21-7 21-8 end or command to return to the Privileged Exec mode. Table 21-2 Configuration Command Modes Command Line Processing 21-9 Command Groups The system commands can be broken down into the functional g roups shown belo w 21-10 Table 21-4 Command Group Index Page Page enable 22-1 Chapter 22: General Commands disable configure 22-2 General Commands show history 22-3 show history reload prompt 22-4 end General Commands exit quit 22-5 exit Page Device Designation Commands Chapter 23: System Management Commands hostname 23-1 switch renumber 23-2 show startup-config 23-3 System Status Commands Example 23-4 Related Commands show running-config (23-5) 23-5 show running-config Example 23-6 Related Commands show startup-config (23-3) show system 23-7 show version 23-8 show users Frame Size Commands jumbo frame 23-9 Frame Size Commands File Management Commands 23-10 copy 23-11 23-12 delete 23-13 dir 23-14 whichboot 23-15 boot system 23-16 line Line Commands login 23-18 password 23-19 timeout login response exec-timeout 23-20 password-thresh 23-21 silent-time databits 23-22 parity speed 23-23 stopbits disconnect 23-24 show line 23-25 logging on 23-26 Event Logging Commands 23-27 logging history logging host logging facility 23-28 logging trap clear log 23-29 show logging 23-30 show log 23-31 logging sendmail host 23-32 SMTP Alert Commands logging sendmail level logging sendmail source-email 23-33 SMTP Alert Commands logging sendmail destination-email logging sendmail 23-34 Command Mode Global Configuration Example Time Commands 23-35 sntp client 23-36 sntp server sntp poll 23-37 sntp update-time show sntp 23-38 clock timezone clock timezone-predefined 23-39 clock summer-time (date) 23-40 clock summer-time (predefined) 23-41 clock summer-time (recurring) 23-42 show clock 23-43 calendar set show calendar 23-44 Chapter 24: SNMP Commands 24-1 snmp-server show snmp 24-2 snmp-server community 24-3 snmp-server community snmp-server contact snmp-server location 24-4 snmp-server host 24-5 snmp-server host 24-6 snmp-server enable traps 24-7 snmp-server enable traps snmp-server engine-id 24-8 show snmp engine-id 24-9 show snmp engine-id snmp-server view 24-10 snmp-server group 24-11 show snmp view show snmp view show snmp group 24-12 show snmp group Table 24-4 show snmp group - display description 24-13 snmp-server user 24-14 show snmp user 24-15 show snmp user Page User Account Commands 25-1 Chapter 25: User Authentication Commands username 25-2 enable password 25-3 User Account Commands authentication login Authentication Sequence authentication enable 25-5 Authentication Sequence RADIUS Client radius-server host 25-6 radius-server port radius-server key 25-7 RADIUS Client radius-server retransmit radius-server timeout 25-8 show radius-server TACACS+ Client 25-9 tacacs-server host TACACS+ Client tacacs-server port tacacs-server key 25-10 Web Server Commands ip http port 25-11 Web Server Commands ip http server ip http secure-server 25-12 ip http secure-port 25-13 Web Server Commands ip telnet server Telnet Server Commands 25-15 Secure Shell Commands Secure She l 25-16 ip ssh server 25-17 Secure She l ip ssh timeout 25-18 ip ssh authentication-retries ip ssh server-key size 25-19 Secure She l delete public-key ip ssh crypto host-key generate 25-20 ip ssh crypto zeroize ip ssh save host-key 25-21 Secure She l l d Comm 25-22 t show public-key 25-23 Secure She l Port Security Commands port security 25-25 Port Security Commands Related Commands shutdown (27-7) mac-address-table static (31-1) 802.1X Port Authentication 25-26 dot1x system-auth-control dot1x default 25-27 dot1x max-req dot1x port-control 25-28 dot1x operation-mode 25-29 dot1x re-authenticate dot1x re-authentication 25-30 dot1x timeout quiet-period dot1x timeout re-authperiod 25-31 dot1x timeout tx-period show dot1x 25-32 25-33 25-34 Management IP Filter Commands management 25-35 Management IP Filter Commands show management 25-36 Chapter 26: Access Control List Commands IPv4 ACLs 26-1 access-list ip permit, deny (Standard IPv4 ACL) 26-2 permit, deny (Extended IPv4 ACL) 26-3 IPv4 ACLs 26-4 show ip access-list 26-5 IPv4 ACLs ip access-group show ip access-group 26-6 access-list ipv6 IPv6 ACLs permit, deny (Standard IPv6 ACL) 26-8 permit, deny (Extended IPv6 ACL) 26-9 26-10 show ipv6 access-list ipv6 access-group 26-11 show ipv6 access-group MAC ACLs 26-12 access-list mac permit, deny (MAC ACL) 26-13 MAC ACLs 26-14 show mac access-list mac access-group 26-15 MAC ACLs ACL Information 26-16 show access-list Page Page interface This command configures an interface type and ente r i nterface confi gura tion m ode . Use the 27-1 port-channel Chapter 27: Interface Commands description 27-2 speed-duplex 27-3 speed-duplex negotiation capabilities 27-4 flowcontrol 27-5 flowcontrol media-type 27-6 shutdown switchport broadcast packet-rate 27-7 shutdown clear counters 27-8 show interfaces status 27-9 show interfaces status show interfaces counters 27-10 show interfaces switchport 27-11 show interfaces switchport 27-12 Interface Commands Table 27-2 show interfaces switchport - display description (Continued) Chapter 28: Link Aggregation Commands channel-group 28-2 lacp 28-3 lacp lacp system-priority 28-4 lacp admin-key (Ethernet Interface) 28-5 lacp admin-key (Ethernet Interface) lacp admin-key (Port Channel) lacp port-priority 28-6 show lacp 28-7 Table 28-2 show lacp counters - display description 28-8 Example Table 28-3 show lacp internal - display description Table 28-3 show lacp internal - display description 28-9 28-10 Table 28-4 show lacp neighbors - display description (Continued) Chapter 29: Mirror Port Commands show port monitor 29-2 Mirror Port Commands Chapter 30: Rate Limit Commands rate-limit 30-1 Page mac-address-table static 31-1 Chapter 31: Address Table Commands clear mac-address-table dynamic 31-2 Address Table Commands show mac-address-table 31-3 show mac-address-table mac-address-table aging-time show mac-address-table aging-time 31-4 Address Table Commands Chapter 32: LLDP Commands A 32-1 lldp This command enables LLDP globally on the switch. Use the 32-2 ] lldp holdtime-multiplier lldp notification-interval 32-3 lldp holdtime-multiplier lldp refresh-interval 32-4 lldp reinit-delay lldp tx-delay 32-5 tx lldp reinit-delay lldp admin-status lldp notification 32-6 lldp basic-tlv management-ip-address 32-7 lldp basic-tlv management-ip-address lldp basic-tlv port-description lldp basic-tlv system-capabilities 32-8 lldp basic-tlv system-description lldp basic-tlv system-name 32-9 lldp basic-tlv system-description lldp dot1-tlv proto-ident lldp dot1-tlv proto-vid 32-10 lldp dot1-tlv pvid lldp dot1-tlv vlan-name 32-11 lldp dot1-tlv pvid lldp dot3-tlv link-agg lldp dot3-tlv mac-phy 32-12 lldp dot3-tlv max-frame lldp dot3-tlv poe 32-13 lldp dot3-tlv max-frame show lldp config 32-14 show lldp info local-device 32-15 show lldp info local-device show lldp info remote-device 32-16 32-17 show lldp info remote-device show lldp info statistics 32-18 33-1 Chapter 33: Spanning Tree Commands spanning-tree spanning-tree mode 33-2 | 33-3 spanning-tree mode spanning-tree forward-time spanning-tree hello-time 33-4 spanning-tree max-age 33-5 spanning-tree max-age spanning-tree priority spanning-tree pathcost method 33-6 spanning-tree transmission-limit spanning-tree mst-configuration 33-7 spanning-tree transmission-limit mst vlan 33-8 mst priority name 33-9 mst priority revision 33-10 max-hops spanning-tree spanning-disabled 33-11 max-hops spanning-tree cost 33-12 spanning-tree port-priority spanning-tree edge-port 33-13 spanning-tree port-priority spanning-tree portfast 33-14 spanning-tree link-type 33-15 spanning-tree link-type spanning-tree mst cost 33-16 spanning-tree mst port-priority spanning-tree protocol-migration 33-17 spanning-tree mst port-priority show spanning-tree 33-18 displayed for specific interfaces, see Displaying Interface Settings on page 10-10. Example 33-19 show spanning-tree Page Chapter 34: VLAN Commands GVRP and Bridge Extension Commands 34-1 bridge-ext gvrp show bridge-ext 34-2 GVRP and Bridge Extension Commands switchport gvrp show gvrp configuration 34-3 garp timer 34-4 Editing VLAN Groups vlan database 34-5 Editing VLAN Groups vlan 34-6 interface vlan 34-7 Configuring VLAN Interfaces switchport mode 34-8 switchport acceptable-frame-types switchport ingress-filtering 34-9 switchport native vlan 34-10 switchport allowed vlan 34-11 switchport forbidden vlan Displaying VLAN Information 34-12 show vlan 34-13 Displaying VLAN Information 34-14 Configuring IEEE 802.1Q Tunneling dot1q-tunnel system-tunnel-control switchport dot1q-tunnel mode 34-15 switchport dot1q-tunnel tpid 34-16 show dot1q-tunnel 34-17 Configuring Private VLANs pvlan 34-18 show pvlan 34-19 Configuring Private VLANs protocol-vlan protocol-group (Configuring Groups) Configuring Protocol-based VLANs protocol-vlan protocol-group (Configuring Interfaces) 34-21 Configuring Protocol-based VLANs show protocol-vlan protocol-group show interfaces protocol-vlan protocol-group 34-22 Page Page Chapter 35: Class of Service Commands Priority Commands (Layer 2) 35-1 queue mode 35-2 switchport priority default 35-3 Priority Commands (Layer 2) queue bandwidth queue cos-map 35-4 show queue mode 35-5 Priority Commands (Layer 2) show queue bandwidth show queue cos-map 35-6 Priority Commands map ip port (Global Configuration) 35-7 (Layer 3 and 4) map ip port (Interface Configuration) map ip precedence (Global Configuration) 35-8 35-9 map ip precedence (Interface Configuration) map ip dscp (Global Configuration) map ip dscp (Interface Configuration) 35-10 show map ip port 35-11 show map ip precedence 35-12 Priority Commands (Layer 3 and 4) show map ip dscp 35-13 Page Chapter 36: Quality of Service Commands 36-1 class-map 36-2 match 36-3 match rename description 36-4 policy-map class 36-5 policy-map set 36-6 police Page service-policy 36-8 show class-map show policy-map 36-9 show class-map show policy-map interface 36-10 ip igmp snooping 37-1 Chapter 37: Multicast Filtering Commands IGMP Snooping Commands ip igmp snooping vlan static ip igmp snooping version 37-2 ip igmp snooping immediate-leave 37-3 IGMP Snooping Commands show ip igmp snooping show mac-address-table multicast 37-4 IGMP Query Commands ip igmp snooping querier 37-5 IGMP Query Commands ip igmp snooping query-count 37-6 ip igmp snooping query-interval ip igmp snooping query-max-response-time 37-7 IGMP Query Commands ip igmp snooping router-port-expire-time 37-8 ip igmp snooping vlan mrouter 37-9 Static Multicast Routing Commands Static Multicast Routing Commands show ip igmp snooping mrouter 37-10 ip host 38-1 Chapter 38: Domain Name Service Commands clear host 38-2 ip domain-name ip domain-list 38-3 ip domain-name ip name-server 38-4 ip domain-lookup 38-5 ip domain-lookup show hosts 38-6 show dns Table 38-2 show dns cache - display description show dns cache Page ip dhcp client-identifier 39-1 Chapter 39: DHCP Commands DHCP Client ip dhcp restart client 39-2 ip dhcp restart relay 39-3 DHCP Relay DHCP Relay ip dhcp relay server 39-4 service dhcp This command enables the DHCP server on this switch. Use the DHCP Server Table 39-4 DHCP Server Commands ip dhcp excluded-address ip dhcp pool 39-6 network 39-7 default-router domain-name 39-8 dns-server next-server 39-9 bootfile netbios-name-server 39-10 netbios-node-type lease 39-11 host 39-12 client-identifier 39-13 hardware-address clear ip dhcp binding 39-14 show ip dhcp binding 39-15 Page Chapter 40: Router Redundancy Commands Virtual Router Redundancy Protocol Commands 40-1 vrrp ip 40-2 vrrp authentication vrrp priority 40-3 vrrp timers advertise 40-4 vrrp preempt 40-5 show vrrp 40-6 Table 40-3 show vrrp - display description This example displays the brief listing of status information for all groups. 40-7 Example This example displays the full listing of status information for all groups. show vrrp interface 40-8 Router Redundancy Commands Table 40-4 show vrrp brief - display description show vrrp router counters show vrrp interface counters 40-9 Page Chapter 41: IP Interface Commands 41-1 Basic IP Configuration 41-2 Table 41-2 Basic IP Configuration Commands (Continued) ip address 41-3 ip default-gateway 41-4 Basic IP Configuration show ip interface show ip redirects 41-5 ping 41-6 ipv6 enable 41-7 ipv6 general-prefix 41-8 show ipv6 general-prefix ipv6 address 41-9 ipv6 address autoconfig 41-10 41-11 ipv6 address eui-64 41-12 ipv6 address link-local 41-13 show ipv6 interface 41-14 41-15 Table 41-3 show ipv6 interface - display description 41-16 (Continued) This example displays a brief summary of IPv6 addresses confi gured on the route r. Related Commands show ip interface (41-5) ipv6 default-gateway show ipv6 default-gateway 41-17 ipv6 mtu 41-18 show ipv6 mtu show ipv6 traffic 41-19 41-20 41-21 41-22 IP Interface Commands 41-23 41-24 IP Interface Commands clear ipv6 traffic ping ipv6 41-25 ipv6 neighbor 41-26 ipv6 nd dad attempts 41-27 41-28 ipv6 nd ns interval 41-29 show ipv6 neighbors 41-30 Table 41-6 show ipv6 neighbors - display description 41-31 Related Commands show mac-address-table (31-3) Example The following shows all known IPv6 neighbors for this router: arp Address Resolution Protocol (ARP) arp timeout 41-33 Address Resolution Protocol (ARP) clear arp-cache show arp 41-34 ip proxy-arp 41-35 Address Resolution Protocol (ARP) Page Chapter 42: IP Routing Commands Global Routing Configuration ip routing 42-1 ip route 42-2 clear ip route show ip route 42-3 Global Routing Configuration show ip host-route This command displays the interface associated with known routes. Command Mode Privileged Exec 42-4 Table 42-4 show ip host-route - display description Routing Information Protocol (RIP) 42-5 router rip 42-6 IP Routing Commands default-metric 42-7 timers basic 42-8 network neighbor 42-9 version 42-10 redistribute 42-11 ip rip receive version 42-12 ip rip send version 42-13 ip split-horizon ip rip authentication key 42-14 ip rip authentication mode 42-15 show rip globals show ip rip 42-16 Table 42-7 show ip rip - display description 42-17 , MD5, Example Open Shortest Path First (OSPF) 42-18 router ospf 42-19 router-id compatible rfc1583 42-20 default-information originate 42-21 timers spf 42-22 area range 42-23 area default-cost summary-address 42-24 redistribute 42-25 network area 42-26 area stub 42-27 area nssa 42-28 42-29 area virtual-link 42-30 42-31 ip ospf authentication 42-32 ip ospf authentication-key 42-33 ip ospf message-digest-key 42-34 ip ospf cost 42-35 ip ospf dead-interval ip ospf hello-interval 42-36 ip ospf priority 42-37 ip ospf retransmit-interval ip ospf transmit-delay 42-38 show ip ospf 42-39 show ip ospf border-routers 42-40 Table 42-10 show ip ospf border-routers - display description IP Routing Commands show ip ospf database 42-41 Table 42-11 show ip ospf database - display description 42-42 Command Mode Privileged Exec Examples The following shows output for the show ip ospf database command. Open Shortest Path First (OSPF) asbr-summary The following shows output when using the keyword. Table 42-12 show ip ospf asbr-summary - display description 42-44 keyword. The following shows output when using the 42-45 external keyword. Table 42-14 show ip ospf external - display description 42-46 network keyword. Table 42-15 show ip ospf network - display description Open Shortest Path First (OSPF) router The following shows output when using the keyword. Table 42-16 show ip ospf router - display description 42-48 (Continued) summary The following shows output when using the keyword. 42-49 show ip ospf interface This command displays summary information for OSPF interfaces. Syntax show ip ospf neighbor 42-50 Open Shortest Path First (OSPF) show ip ospf summary-address show ip ospf virtual-links 42-51 Page Page Page Appendix A: Software Specifications Software Features A-1 Management Features Standards A-2 Software Specifications Management Information Bases A-3 A-4 Software Specifications B-1 Appendix B: Troubleshooting Problems Accessing the Management Interface Table B-1 Troubleshooting Chart Using System Logs B Glossary Page Page Page Page Page Page Page Index Numerics A B C Index E F G H J K L M Index P Index-4 Q R T U V Index-5