Enterasys SecureStack C3
Page
Page
Enterasys Networks, Inc. Firmware License Agreement
Iii
Page
Contents
Page
Activating Licensed Features
Configuring System Power and PoE
Discovery Protocol Configuration
Port Configuration
Show port broadcast Set port broadcast Clear port broadcast
Snmp Configuration
Spanning Tree Configuration
Configuring Spanning Tree Port Parameters Purpose Commands
802.1Q Vlan Configuration
Policy Classification Configuration
Port Priority Configuration
Igmp Configuration
Logging and Network Management
14-3
Rmon Configuration
Dhcp Server Configuration
Preparing for Router Mode
IP Configuration
Dhcp Snooping and Dynamic ARP Inspection
IPv4 Routing Protocol Configuration
20-11
IPv6 Configuration
IPv6 Management
DHCPv6 Configuration
IPv6 Proxy Routing
OSPFv3 Configuration
Authentication and Authorization Configuration
26-37
TACACS+ Configuration
Index
SFlow Configuration
Appendix a Policy and Authentication Capacities
Tables
10-4
22-26
Xxxii
Structure of This Guide
Using This Guide
About This Guide
Important Notice
Structure of This Guide
SecureStack C3 Installation Guides
Related Documents
Conventions Used in This Guide
Following conventions are used in the text of this document
Following icons are used in this guide
Getting Help
Support@enterasys.com
Getting Help Xxxviii About This Guide
Switch Management Methods
Introduction
SecureStack C3 CLI Overview
Factory Default Settings
Default Settings for Basic Switch Operation
Feature Default Setting
Default Settings for Router Operation
Sntp
Dvmrp
Using the Command Line Interface
Connecting Using the Console Port
Starting a CLI Session
Using an Administratively Configured User Account
Connecting Using Telnet
Using a Default User Account
Logging
CLI Command Modes
Navigating the Command Line Interface
CLI Command Defaults Descriptions
Getting Help with CLI Syntax
Abbreviating and Completing Commands
Displaying Scrolling Screens
Basic Line Editing Commands
Basic Line Editing Commands
Configuring Switches in a Stack
About SecureStack C3 Switch Operation in a Stack
Installing a New Stackable System of Up to Eight Units
Installing Previously-Configured Systems in a Stack
Creating a Virtual Switch Configuration
Adding a New Unit to an Existing Stack
SID
Feature Support
Considerations About Using Clear Config in a Stack
Issues Related to Mixed Type Stacks
Configuration
Commands
Stacking Configuration and Management Commands
Show switch
Purpose
Show switch switchtype
Examples
Show switch stack-ports
None
Example
Set switch
Switch command, read‐write
Priority value
This example shows how to assign priority 3 to switch
Set switch copy-fw
Set switch description
This example shows how to renumber switch 5 to switch
Set switch movemanagement
Set switch member
Clear switch member
Use this command to remove a member entry from the stack
Basic Configuration
Quick Start Setup Commands
Required CLI Setup Commands
Setting User Accounts and Passwords
Optional CLI Setup Commands
Show system login
Show system login Output Details
Parameters
Use this command to remove a local login user account
Set system login
Clear system login
Super‐user read‐write read‐only
Set password
This example shows how to remove the netops user account
Switch command, read‐write Switch command, super‐user
Set system password length
Set system password aging
Set system password history
Disable
Show system lockout
Attempts attempts
Set system lockout
Show system lockout Output Details
Time time
Setting Basic Switch Properties
Show ip address
Use this command to clear the system IP address
Set ip address
Clear ip address
This example shows how to clear the system IP address
Show ip protocol
Set ip protocol
This example shows how to display system information
Show system
Show system hardware
Show system Output Details
Show system utilization
Slot Hardware Information
Default threshold value is 80%
Set system utilization
This example sets the CPU utilization threshold to 75%
Clear system utilization
Show system enhancedbuffermode
This example shows how to enable enhanced buffer mode
Set system temperature
Enable disable Enables or disables enhanced buffer mode
Set system enhancedbuffermode
Disable
Clear system temperature
Syslog enable
Trap enable disable
Show time
Set time
This example shows how to set the system clock to 750 a.m
Use this command to display daylight savings time settings
Show summertime
If a zone name is not specified, none will be applied
Set summertime
Set summertime date
If an offset is not specified, none will be applied
Set summertime recurring
Clear summertime
Use this command to modify the command prompt
This example shows how to set the command prompt to Switch
Set prompt
Show banner motd
Set banner motd
Clear banner motd
Show version
Set system name
‐5 provides an explanation of the command output
Use this command to configure a name for the system
Show version Output Details
Set system location
Use this command to identify the location of the system
This example shows how to set the system location string
Set system contact
Set width
This example shows how to set the system contact string
This example shows how to set the terminal columns to
Set length
Show logout
This example shows how to set the terminal length to
This example shows how to display the CLI logout setting
Set logout
Use this command to set the console port baud rate
Use this command to display console settings
This example shows how to display all console settings
Show console
Downloading from a Tftp Server
This example shows how to set the console port baud rate to
Downloading a Firmware Image
Downloading via the Serial Port
Type 2. The following baud rate selection screen displays
Reverting to a Previous Image
Reviewing and Selecting a Boot Firmware Image
Show boot system
Reboot the system using the reset command page 3‐50
Set boot system
Compatibility platform specific
Use this command to enable or disable Telnet on the switch
Starting and Configuring Telnet
This example shows how to display Telnet status
Show telnet
Inbound
Enable disable
Telnet
Outbound all
Managing Switch Configuration and Files
Configuration Persistence Mode
Show snmp persistmode
Set snmp persistmode
Auto
Save config
Dir
Manual
Use this command to display the contents of a file
Show file
Show config
Configure
All
Outfile
Copy
Append
Systemimage
Show tftp settings
This example shows how to download an image via Tftp
Delete
This example shows the output of this command
Set tftp timeout
Clear tftp timeout
This example sets the timeout period to 4 seconds
Set tftp retry
Clear tftp retry
This example sets the retry count to
Cls clear screen
This example shows how to clear the CLI screen
Clearing and Closing the CLI
To clear the CLI screen or to close your CLI session
Use either of these commands to leave a CLI session
Resetting the Switch
Reset
This example shows how to exit a CLI session
This example shows how to reset the system
Clear config
If no unit ID is specified, the entire system will be reset
This example shows how to reset unit
Using and Configuring WebView
Use this command to display WebView status
Show webview
Set webview
Show ssl
This example shows how to display SSL status
This example shows how to enable SSL
Set ssl
Show support
Command
Gathering Technical Support Information
To gather common technical support information
Show system hostprotect
Configuring Hostprotect
Hostprotect is enabled by default
Set system hostprotect
Default state is enabled
This feature is disabled by default
This example disables hostprotect
Clear system hostprotect
Usage
Activating Licensed Features
Licensing Procedure in a Stack Environment
License Key Field Descriptions
Clearing, Showing, and Applying Licenses
Adding a New Member to a Licensed Stack
Set license
Usage
Show license
Use this command to clear the license key settings
FeatureID feature The name of the feature being cleared
Clear license
C3rw-clear license featureId advrouter
Clear license Activating Licensed Features
Show inlinepower
Configuring System Power and PoE
Commands
Use this command to display system power properties
Set inlinepower threshold
This example shows how to display system power properties
Show inlinepower Output Details
Set inlinepower trap
Set inlinepower detectionmode
Sending of traps is disabled by default
Show port inlinepower
Ieee
Priority critical
Set port inlinepower
Admin off auto
High low
Set port inlinepower Configuring System Power and PoE
Discovery Protocol Configuration
Configuring CDP
Show cdp
Show cdp Output Details
Auto disable
Enable
Set cdp state
Use this command to set a global CDP authentication code
Set cdp auth
Set cdp interval
Set cdp hold-time
Clear cdp
Show neighbors
Configuring Cisco Discovery Protocol
Show ciscodp
Show ciscodp port info
‐2 provides an explanation of the command output
‐3 provides an explanation of the command output
Show ciscodp Output Details
Set ciscodp status
Set ciscodp timer
This example shows how to globally enable CiscoDP
Show ciscodp port info Output Details
Set ciscodp holdtime
Set ciscodp port
Untagged
Vvid
Dot1p
Trusted
Clear ciscodp
Configuring Link Layer Discovery Protocol and LLDP-MED
To review and configure Llpd and LLPD‐MED
Overview
Configuration Tasks
Use this command to display Lldp configuration information
Show lldp
Show lldp port status
Show lldp port trap
Show lldp port tx-tlv
Show lldp port location-info
Show lldp port tx‐tlv port‐string
Show lldp port local-info
Show lldp port local-info Output Details
1000BASE-TFD
ECS Elin
Show lldp port remote-info
Show lldp port network-policy
Voice‐signaling
Guest‐voice‐signaling
Voice
Softphone‐voice
Video‐signaling
Set lldp tx-interval
Video‐conferencing
Set lldp hold-multiplier
Set lldp trap-interval
This example sets the transmit interval to 20 seconds
Set lldp med-fast-repeat
Set lldp port status
Tx‐enable
Rx‐enable
Set lldp port trap
Set lldp port med-trap
Set lldp port location-info
Elin
Set lldp port tx-tlv
Poe
Gvrp
Mac‐phy
Link‐aggr
Tag tagged untagged
State enable disable
Set lldp port network-policy
Vid vlan‐id dot1p
Hold‐multiplier
Clear lldp
Tx‐interval
Trap‐interval
Clear lldp port status
Clear lldp port trap
Clear lldp port med-trap
Clear lldp port location-info
Cleared
Vid
Clear lldp port network-policy
Tag
Dscp
Clear lldp port tx-tlv
Disables the LLDP‐MED Location Identification TLV from being
Disables the LLDP‐MED Extended Power via MDI TLV from being
Port String Syntax Used in the CLI
Port Configuration
Port Configuration Summary
Port type.unitorslot number.port number
Reviewing Port Status
Port Slot/Unit Parameters Used in the CLI
Show port
Show port status
Switch mib2
Show port counters
Show port status Output Details
Show port counters Output Details
Clear port counters
Show port cablestatus
This example clears the port counters for ge.3.1
Disabling / Enabling and Naming Ports
This example shows the cable status for 1 GE port ge.1.31
Show port cablestatus Output Details
This example shows how to disable ge.1.1
Set port disable
Set port enable
This example shows how to enable ge.1.3
Use this command to assign an alias name to a port
Show port alias
Set port alias
This example shows how to assign the alias Admin to ge.3.3
This example shows how to clear the alias for ge.3.3
Setting Speed and Duplex Mode
Show port speed
10 100
Set port speed
Show port duplex
Mbps
This example shows how to set ge.1.17 to full duplex
Set port duplex
Full half
Enabling / Disabling Jumbo Frame Support
Show port jumbo
Enables or disables jumbo frame support
Set port jumbo
Clear port jumbo
Setting Auto-Negotiation and Advertised Ability
Show port negotiation
Enable disable
Set port negotiation
Show port advertise
Set port advertise
Clear port advertise
Forced‐auto
Show port mdix
Set port mdix
Mdi
Configure ports to use MDI mode only
Configure ports to use Mdix mode only
Optional Specify the port or ports to configure
Setting Flow Control
Show flowcontrol
Set flowcontrol
This example shows how to enable flow control
Setting Port Link Traps and Link Flap Detection
Show port trap
Following example disables sending trap on ge.3.1
Set port trap
Show linkflap
Parameters
Globalstate
Portstate
Metrics
Show linkflap parameters Output Details
Show linkflap metrics Output Details
Set linkflap globalstate
Disable enable
Disables or enables the link flap detection function
Set linkflap portstate
Set linkflap interval
Set linkflap action
Use this command to set the link flap action trigger count
Clear linkflap action
Set linkflap threshold
Set linkflap downtime
Clear linkflap down
Parameter
Clear linkflap
All stats
Threshold interval
Configuring Broadcast Suppression
Show port broadcast
Set port broadcast
Clear port broadcast
Syntax Used in the CLI on page 7‐1
Mirroring Features
Port Mirroring
Remote Port Mirroring
Configuring Smon MIB Port Mirroring
Procedures
Overview
To review and configure port mirroring on the device
Show port mirroring
Create disable
Can be configured per stack, if applicable
Set port mirroring
Use this command to clear a port mirroring relationship
Clear port mirroring
Set mirror vlan
Clear mirror vlan
Link Aggregation Control Protocol Lacp
Lacp Operation
SecureStack C3 Usage Considerations
‐6 defines key terminology used in Lacp configuration
Lacp Terminology
Lacp Terms and Definitions
Commands
‐7 provides an explanation of the command output
Show lacp
Set lacp
Disable enable Disables or enables Lacp
This example shows how to disable Lacp
Show lacp Output Details
Set lacp aadminkey
Set lacp asyspri
Asyspri
Disable enable Disables or enables static link aggregation
Clear lacp
Set lacp static
Clear lacp static
This example enables the formation of single port LAGs
Set lacp singleportlag
Clear lacp singleportlag
Show port lacp
Status detail
Summary Counters
Aadminkey
Set port lacp
Padminkey
Aadminstate
Lacptimeout
Padminport
Clear port lacp
C3su-clear port lacp port ge.3.16
Configuring Protected Ports
Set port protected
Protected Port Operation
Show port protected
Clear port protected
Read‐only
Set port protected name
Show port protected name
Use this command to clear the name of a protected group
Clear port protected name
Clear port protected name Port Configuration
Snmp Configuration
Snmp Configuration Summary
SNMPv1 and SNMPv2c
SNMPv3
About Snmp Security Models and Levels
Reviewing Snmp Statistics
Using Snmp Contexts to Access Specific MIBs
Configuration Considerations
Snmp Security Levels
This example shows how to display Snmp engine properties
Show snmp engineid
Show snmp engineid Output Details
Use this command to display Snmp traffic counter values
This example shows how to display Snmp counter values
Show snmp counters
Show snmp counters Output Details
Engine or otherwise unavailable
Configuring Snmp Users, Groups, and Communities
Show snmp user
Use this command to create a new SNMPv3 user
This example shows how to display an Snmp user list
‐4 provides an explanation of the command output
Set snmp user
Volatile
Aes
Sha
Nonvolatile
Clear snmp user
Show snmp group
Remote remote
Security‐model
Set snmp group
User user
V2c usm Volatile
Clear snmp group
Show snmp community
V2c usm
Securityname
Use this command to configure an Snmp community group
Set snmp community
Context context
This example shows how to delete the community name vip
Configuring Snmp Access Rights
Use this command to delete an Snmp community name
Clear snmp community
Authentication Privacy Context context
Show snmp access
Noauthentication
Nonvolatile read‐ Only
This example shows how to display Snmp access information
‐6 provides an explanation of the command output
Show snmp access Output Details
Set snmp access
Clear snmp access
Configuring Snmp MIB Views
Show snmp view
Show snmp context
Set snmp view
Show snmp view Output Details
Clear snmp view
Volatile nonvolatile
Configuring Snmp Target Parameters
Show snmp targetparams
Read‐only
Show snmp targetparams Output Details
‐8 provides an explanation of the command output
Set snmp targetparams
Message‐
Privacy
Authentication
Clear snmp targetparams
Protected from disclosure
Configuring Snmp Target Addresses
Use this command to display Snmp target address information
Show snmp targetaddr
Param param
Timeout timeout
Set snmp targetaddr
Udpport udpport
Taglist taglist
Use this command to delete an Snmp target address entry
Clear snmp targetaddr
Tag 1 tag
Configuring Snmp Notification Parameters
About Snmp Notify Filters
By default, this function is disabled globally and per port
Show newaddrtrap
Set newaddrtrap
Show snmp notify
10 show snmp notify Output Details
‐10 provides an explanation of the command output
Set snmp notify
Trap inform
Use this command to clear an Snmp notify configuration
Clear snmp notify
Show snmp notifyfilter
Set snmp notifyfilter
Subtree oid‐or‐
Clear snmp notifyfilter
Show snmp notifyprofile
Set snmp notifyprofile
Targetparam
Creating a Basic Snmp Trap Configuration
This example shows how to delete Snmp notify profile area51
Clear snmp notifyprofile
11 Basic Snmp Trap Configuration
Example
Configuring the Snmp Management Interface
How Snmp Will Use This Configuration
Show snmp interface
Set snmp interface
Loopback loop‐ID
Clear snmp interface
Clear snmp interface Snmp Configuration
Spanning Tree Configuration
Spanning Tree Configuration Summary
Spanning Tree Features
Loop Protect
Configuring Spanning Tree Bridge Parameters
For information about
Show spantree stats
Sid sid
Active
‐1 shows a detailed explanation of command output
Show spantree Output Details
Disable enable Globally disables or enables Spanning Tree
Set spantree
Show spantree version
Set spantree version
This example shows how to reset the Spanning Tree version
Clear spantree version
Show spantree bpdu-forwarding
This example shows how to enable Bpdu forwarding
Disable enable Disables or enables Bpdu forwarding
By default Bpdu forwarding is disabled
Set spantree bpdu-forwarding
8021d
Set spantree bridgeprioritymode
Clear spantree bridgeprioritymode
8021t
Show spantree mstilist
Set spantree msti
Create delete
Clear spantree msti
Show spantree mstmap
Fid fid
Set spantree mstmap
This example shows how to map FID 3 to SID
Use this command to map a FID back to SID
Clear spantree mstmap
This example shows how to map FID 2 back to SID
Show spantree vlanlist
Show spantree mstcfgid
Cfgname name Specifies an MST configuration name
Set spantree mstcfgid
Clear spantree mstcfgid
Use this command to set the device’s Spanning Tree priority
Set spantree priority
Clear spantree priority
This example shows how to reset the bridge priority on SID
Set spantree hello
Clear spantree hello
Use this command to set the bridge maximum aging time
Set spantree maxage
Set spantree fwddelay
Use this command to set the Spanning Tree forward delay
Clear spantree maxage
Clear spantree fwddelay
Show spantree backuproot
Set spantree backuproot
Clear spantree backuproot
Show spantree tctrapsuppress
Set spantree tctrapsuppress
Clear spantree tctrapsuppress
Set spantree protomigration
Enable disable Enables or disables the SpanGuard function
Show spantree spanguard
Set spantree spanguard
This example shows how to enable the SpanGuard function
Clear spantree spanguard
Show spantree spanguardtimeout
Set spantree spanguardtimeout
Clear spantree spanguardtimeout
Show spantree spanguardlock
Show spantree spanguardtrapenable
This example shows how to unlock port ge.1.16
Clear / set spantree spanguardlock
Set spantree spanguardtrapenable
Clear spantree spanguardtrapenable
Is enabled
Show spantree legacypathcost
Set spantree legacypathcost
Set spantree autoedge
Clear spantree legacypathcost
Show spantree autoedge
This example clears the legacy path cost to 802.1t values
Clear spantree autoedge
Disable enable
Configuring Spanning Tree Port Parameters
Set spantree portadmin
To display and set Spanning Tree port parameters
Clear spantree portadmin
Show spantree portadmin
This example shows how to disable Spanning Tree on ge.1.5
Use this command to set a port’s Spanning Tree priority
Show spantree portpri
Set spantree portpri
Clear spantree portpri
Show spantree adminpathcost
Set spantree adminpathcost
Clear spantree adminpathcost
Show spantree adminedge
This example shows how to set ge.1.11 as an edge port
Set spantree adminedge
Clear spantree adminedge
True false
This example shows how to reset ge.1.11 as a non‐edge port
Show spantree operedge
Configuring Spanning Tree Loop Protect Parameters
Show spantree lp
This example shows how to enable Loop Protect on ge.2.3
Set spantree lp
If no SID is specified, SID 0 is assumed
Clear spantree lp
Show spantree lplock
Clear spantree lplock
SID Locked
Set spantree lpcapablepartner
Show spantree lpcapablepartner
Use this command to set the Loop Protect event threshold
Clear spantree lpcapablepartner
Set spantree lpthreshold
None. The default event threshold is
Show spantree lpthreshold
Clear spantree lpthreshold
Set spantree lpwindow
Show spantree lpwindow
Set spantree lptrapenable
Disabled
Clear spantree lpwindow
Show spantree lptrapenable
Clear spantree lptrapenable
Set spantree disputedbpduthreshold
Show spantree disputedbpduthreshold
Clear spantree disputedbpduthreshold
Show spantree nonforwardingreason
802.1Q Vlan Configuration
Vlan Configuration Summary
Command Set for Creating a Secure Management Vlan
Creating a Secure Management Vlan
Static
Viewing VLANs
Show vlan
Portinfo
Show vlan Output Details
Vlan Vlan ID Name
Creating and Naming Static VLANs
Create enable Creates, enables or disables VLANs. disable
This example shows how to create Vlan
Set vlan
This example shows how to set the name for Vlan 7 to green
Set vlan name
Clear vlan
This example shows how to clear the name for Vlan
Clear vlan name
Assigning Port Vlan IDs PVIDs and Ingress Filtering
Show port vlan
Modify‐egress
Set port vlan
Clear port vlan
No‐modify‐egress
Show port ingress filter
Set port ingress filter
Show port discard
Set port discard
Tagged untagged both none
Configuring the Vlan Egress List
Show port egress
Set vlan forbidden
Clear vlan egress
Use this command to remove ports from a VLAN’s egress list
Set vlan egress
Untagged forbidden tagged
Show vlan dynamicegress
Forbidden
Enable disable Enables or disables dynamic egress
This example shows how to enable dynamic egress on Vlan
Set vlan dynamicegress
Setting the Host Vlan
Show host vlan
Set host vlan
This example shows how to set Vlan 7 as the host Vlan
Clear host vlan
Enabling/Disabling Gvrp Garp Vlan Registration Protocol
About Garp Vlan Registration Protocol Gvrp
How It Works
Example of Vlan Propagation via Gvrp
Show garp timer
Use this command to display Gvrp configuration information
Show gvrp
Show gvrp configuration Output Details
Disables or enables Gvrp on the device
Set gvrp
Set garp timer
This example shows how to enable Gvrp on ge.1.3
Clear gvrp
Join
Clear garp timer
Leaveall timer‐
Leave
C3su-clear garp timer leave ge.1.1
Policy Classification Configuration
Policy Classification Configuration Summary
Show policy profile
Configuring Policy Profiles
Use this command to display policy profile information
‐verbose
Show policy profile Output Details
Set policy profile
Use this command to delete a policy profile entry
This example shows how to delete policy profile
Clear policy profile
Configuring Classification Rules
All admin‐ profile profile‐ index
Show policy rule
Tcpsourceport
Not‐in‐service Not‐ready Storage‐type non‐
Admin‐pid
Udpdestport
Show policy capability
Show policy rule Output Details
Vlan
Admin‐profile
Set policy rule
Vlantag data
Ipdestsocket
Ether
Ipproto
Ipsourcesocket
Valid Values for Policy Classification Rules
Data value Mask bits
Range from 1 to 4094 or 0xFFF
Following parameters apply to deleting an admin rule
Clear policy rule
All‐pid‐entries
Use this command to remove all policy classification rules
Clear policy all-rules
Set policy port
Use this command to assign ports to a policy profile
Assigning Ports to Policy Profiles
To assign and unassign ports to policy profiles
Clear policy port
Configuring Policy Class of Service CoS
About Policy-Based CoS Configurations
Procedure 11-1 User-Defined CoS Configuration
Configuring Policy Class of Service CoS
Procedure
About CoS-Based Flood Control
Use this command to enable or disable Class of Service
Set cos state
This example shows how to enable Class of Service
Show cos state
Clear cos state
Tos‐value tos‐value
Set cos settings
Priority priority
Irl‐reference
Priority
Clear cos settings
Show cos settings
Tos‐value
Set cos port-config
Show cos port-config
Should be displayed
Name
Clear cos port-config
Entry
Ports
Set cos port-resource irl
Unicast
Set cos port-resource flood-ctrl
Group#.port‐type
Multicast
Show cos port-resource
Group#.port‐type
Rate
Clear cos port-resource irl
Unit
Type
Unicast
Clear cos port-resource flood-ctrl
Set cos reference
Multicast
IRL reference number associated with this entry
Specifies that an IRL reference is being configured
Show cos reference
Rate‐limit irl‐index
Clear cos reference
Kbps
Show cos unit
Port‐typ e index
Pps
Clear cos all-entries
Show cos port-type
This example shows flood control information for port type
Port Priority Configuration
Port Priority Configuration Summary
Configuring Port Priority
Show port priority
Set port priority
Clear port priority
Configuring Priority to Transmit Queue Mapping
Show port priority-queue
Set port priority-queue
Clear port priority-queue
Configuring Quality of Service QoS
Show port txq
Set port txq
By default, transmit queues are defined as follows
Clear port txq
Clear port txq Port Priority Configuration
Igmp Configuration
Igmp Overview
About IP Multicast Group Management
Configuring Igmp at Layer
To configure Igmp snooping from the switch CLI
About Multicasting
This example shows how to display Igmp snooping information
Set igmpsnooping adminmode
Use this command to display Igmp snooping information
Use this command to enable or disable Igmp on the system
This example shows how to enable Igmp on port ge.1.10
This example shows how to enable Igmp on the system
Enable disable Enables or disables Igmp
Set igmpsnooping interfacemode
Set igmpsnooping maxresponse
Modify
Set igmpsnooping mcrtrexpiretime
Set igmpsnooping add-static
If no ports are specified, all ports are added to the entry
Set igmpsnooping remove-static
Show igmpsnooping static
If modify is not specified, a new entry is created
This example displays the static Igmp ports for Vlan
Show igmpsnooping mfdb
Group group
Stats Optional Displays Mfdb statistics
Use this command to clear all Igmp snooping entries
This example shows how to clear all Igmp snooping entries
Clear igmpsnooping
Global configuration C3su‐routerConfig#
Configuring Igmp on Routing Interfaces
To configure Igmp on routing interfaces
Ip igmp
Interface configuration C3su‐routerConfig‐ifVlan 1#
Ip igmp enable
This example shows how to enable Igmp on the router
Ip igmp version
Any router mode
Show ip igmp interface
Show ip igmp groups
Ip igmp query-interval
Ip igmp query-max-response-time
Ip igmp startup-query-interval
Ip igmp startup-query-count
Ip igmp last-member-query-interval
Ip igmp last-member-query-count
Ip igmp robustness
Interface configuration C3 su‐routerConfig‐ifVlan 1#
Ip igmp robustness Igmp Configuration
Configuring System Logging
Logging and Network Management
Show logging server
Set logging server
Show logging default
Clear logging server
Set logging default
Use this command to set logging default values
Facility
Clear logging default
Show logging application
Severity
Set logging application
Show logging application Output Details
Level level
If level is not specified, none will be applied
Clear logging application
Show logging local
Set logging local
Clear logging local
This example shows how to clear local logging
Show logging buffer
Show logging interface
Set logging interface
Clear logging interface
Monitoring Network Events and Status
History
Show history
Use this command to set the size of the history buffer
Default
Set history
Ping
Show users
This example, the host at IP address is not responding
Disconnect
Show netstat
Console
Following example shows the output of this command
Following table describes the output of this command
Show netstat Output Details
Managing Switch Network Addresses and Routes
Use this command to display the switch’s ARP table
Show arp
This example shows how to display the ARP table
Set arp
Show arp Output Details
Clear arp
Traceroute
Type other learned
Show mac
Each response
Self mgmt
Show mac agetime
Show mac Output Details
Set mac agetime
This example shows how to display the MAC timeout period
This example shows how to set the MAC timeout period
Clear mac agetime
Default MAC algorithm is mac‐crc16‐upperbits
Set mac algorithm
Show mac algorithm
Clear mac algorithm
Set mac multicast
Use this command to remove a multicast MAC address
Clear mac address
Append clear
Show mac unreserved-flood
Set mac unreserved-flood
Use this command to display Sntp client settings
Configuring Simple Network Time Protocol Sntp
This example enables multicast flood protection
Show sntp
This example shows how to display Sntp client settings
Show sntp Output Details
Set sntp client
Clear sntp client
Set sntp server
Clear sntp server
If precedence is not specified, 1 will be applied
Set sntp poll-interval
Clear sntp poll-interval
This example shows how to clear the Sntp poll interval
Set sntp poll-retry
Clear sntp poll-retry
Use this command to clear the Sntp poll timeout
Set sntp poll-timeout
Clear sntp poll-timeout
This example shows how to clear the Sntp poll timeout
Set timezone
Show sntp interface
Set sntp interface
Clear sntp interface
C3rw-show sntp interface Vlan 100 C3rw-clear sntp interface
Configuring Node Aliases
Show nodealias config
Show nodealias config Output Details
Set nodealias
Maxentries maxentries
Clear nodealias config
Rmon Configuration
Rmon Monitoring Group Functions and Commands
Rmon Monitoring Group Functions
Group What It Does What It Monitors CLI Commands
Design Considerations
Statistics Group Commands
To display, configure, and clear Rmon statistics
Use this command to configure an Rmon statistics entry
Show rmon stats
Set rmon stats
Clear rmon stats
To‐defaults
This example shows how to delete Rmon statistics entry
If owner is not specified, monitor will be applied
History Group Commands
Show rmon history
Buckets buckets
Set rmon history
Clear rmon history
Interval interval
This example shows how to delete Rmon history entry
Alarm Group Commands
Show rmon alarm
This example shows how to display Rmon alarm entry
Object object
Set rmon alarm properties
Show rmon alarm Output Details
Type absolute
Set rmon alarm status
This example shows how to enable Rmon alarm entry
Clear rmon alarm
Enable
Use this command to delete an Rmon alarm entry
This example shows how to display Rmon event entry
Event Group Commands
Use this command to display Rmon event entry properties
Show rmon event
Type none log
Set rmon event properties
Description
Trap both
This example shows how to enable Rmon event entry
Set rmon event status
Clear rmon event
This example shows how to clear Rmon event
Filter Group Commands
Show rmon channel
Accept matched
Use this command to configure an Rmon channel entry
Set rmon channel
Failed
Index index
Clear rmon channel
Show rmon filter
Channel channel
Set rmon filter
Use this command to clear an Rmon filter entry
This example shows how to clear Rmon filter entry
Clear rmon filter
Packet Capture Commands
Show rmon capture
Nodata
Slice slice
Set rmon capture
Action lock
Loadsize loadsize
Use this command to clears an Rmon capture entry
This example shows how to clear Rmon capture entry
Clear rmon capture
Dhcp Relay Agent
Dhcp Server Configuration
Dhcp Overview
Dhcp Server
Configuring a Dhcp Server
Configuring General Dhcp Server Parameters
Set dhcp bootp
This example enables Dhcp server functionality
Set dhcp
Set dhcp conflict logging
This example enables address allocation for Bootp clients
This example enables Dhcp conflict logging
Show dhcp conflict
Clear dhcp conflict
Logging Disables conflict logging
This example disables Dhcp conflict logging
Clears the conflict information for all IP addresses
100, with the set dhcp exclude command
Set dhcp exclude
Clear dhcp exclude
Set dhcp ping
Clear dhcp ping
This example sets the number of ping packets sent to
Show dhcp binding
Clear dhcp binding
Show dhcp server statistics
Use this command to display Dhcp server statistics
Use this command to clear all Dhcp server counters
Clear dhcp server statistics
This example clears all Dhcp server counters
Configuring IP Address Pools
Manual Pool Configuration Considerations
Set dhcp pool
This example creates an address pool named auto1
Set dhcp pool network
Use this command to delete a Dhcp server pool of addresses
Clear dhcp pool
This example deletes the address pool named auto1
Clear dhcp pool network
Set dhcp pool hardware-address
Clear dhcp pool hardware-address
Set dhcp pool host
If no type is specified, Ethernet is assumed
Clear dhcp pool host
Set dhcp pool client-identifier
Clear dhcp pool client-identifier
Set dhcp pool client-name
Clear dhcp pool client-name
Set dhcp pool bootfile
Clear dhcp pool bootfile
Set dhcp pool next-server
Clear dhcp pool next-server
Set dhcp pool lease
Clear dhcp pool lease
Infinite
Set dhcp pool default-router
Clear dhcp pool default-router
Set dhcp pool dns-server
Clear dhcp pool dns-server
Set dhcp pool domain-name
Clear dhcp pool domain-name
Set dhcp pool netbios-name-server
Clear dhcp pool netbios-name-server
Set dhcp pool netbios-node-type
Clear dhcp pool netbios-node-type
‐node
Set dhcp pool option
Ascii string
Show dhcp pool configuration
Clear dhcp pool option
This example removes option 19 from address pool auto1
Show dhcp pool configuration
Dhcp Snooping Dynamic ARP Inspection
Dhcp Snooping Overview
Dhcp Message Processing
Building and Maintaining the Database
Procedure 17-1 Basic Configuration for Dhcp Snooping
Basic Configuration
Configuration Notes
Rate Limiting
Dhcp Snooping Commands
Disabled globally
Set dhcpsnooping
Set dhcpsnooping database write-delay
Set dhcpsnooping vlan
By default, ports are untrusted
Set dhcpsnooping trust
This example configures port ge.1.1 as a trusted port
Set dhcpsnooping binding
Set dhcpsnooping verify
Source MAC address verification is enabled by default
Set dhcpsnooping log-invalid
Against the client hardware address
Rate pps
Set dhcpsnooping limit
None
Burst interval secs
This example configures rate limit parameters on port ge.1.1
Show dhcpsnooping database
Show dhcpsnooping port
Show dhcpsnooping binding
Dynamic static
Entry, either dynamic or static
Show dhcpsnooping statistics
Clear dhcpsnooping binding
Clear dhcpsnooping statistics
Clear dhcpsnooping database
Clear dhcpsnooping limit
Write‐delay
Default value of 300 seconds
Dynamic ARP Inspection Overview
Functional Description
Static Mappings
Optional ARP Packet Validation
Rate Limiting
Logging Invalid Packets
Packet Forwarding
Eligible Interfaces
Procedure 17-2 Basic Dynamic ARP Inspection Configuration
Step Task Commands
Example Configuration
Router Configuration
Vlan Configuration
Dhcp Snooping Configuration
Dynamic ARP Inspection Commands
Set arpinspection vlan
Dynamic ARP Inspection Configuration
By default, all physical ports and LAGs are untrusted
Set arpinspection trust
Logging is disabled by default
Logging
Set arpinspection validate
Src‐mac
Dst‐mac
Set arpinspection limit
Permit
Set arpinspection filter
Show arpinspection access-list
Mac host
Show arpinspection ports
This example displays the ARP configuration of lag.0.1
Show arpinspection vlan
Show arpinspection statistics
Clear arpinspection validate
With an invalid address
This example removes all 3 additional validation conditions
Clear arpinspection vlan
Clear arpinspection filter
Clear arpinspection limit
This example removes the ARP ACL named staticARP from Vlan
Clear arpinspection statistics
This example clears all DAI statistics from the switch
Page
Preparing for Router Mode
Pre-Routing Configuration Tasks
Enabling Router Configuration Modes
Enabling the Switch for Routing
Router CLI Configuration Modes
Router CLI Configuration Modes
Page
IP Configuration
Configuring Routing Interface Settings
Show interface
Vlan vlan ‐id
Interface
Use this command to configure interfaces for IP routing
Router global configuration mode C3su‐routerConfig#
Vlan vlan‐ id
This example shows how to enter configuration mode for Vlan
Show ip interface
Show ip interface Output Details
Router interface configuration C3su‐routerConfig‐ifVlan 1#
Ip address
Secondary
Show running-config
No shutdown
This example shows how to enable Vlan 1 for IP routing
No ip routing
Configuring Tunnel Interfaces
Use this command to configure a tunnel interface
Interface tunnel
This example creates a configured tunnel interface
Router interface configuration C3su‐routerConfig‐ifTnnl 1#
Tunnel source
Ipv6ip Specifies that the tunnel mode is IPv6 over IPv4
Tunnel mode
This command specifies the mode of the tunnel interface
No form of this command removes the mode of the tunnel
This example sets the tunnel mode to IPv6 over IPv4
Show interface tunnel
Reviewing and Configuring the ARP Table
Show ip arp
This example shows how to use the show ip arp command
Arp
Show ip arp Output Details
This example shows how to enable proxy ARP on Vlan
Ip proxy-arp
14,400 seconds
Arp timeout
Clear arp-cache
Privileged Exec C3su‐router#
Configuring Broadcast Settings
Interface configuration C3su‐Router1Config‐ifVlan 1#
Ip directed-broadcast
Specifies UDP as the IP forwarding protocol
Ip forward-protocol
Udp
Are forwarded
Ip helper-address
Reviewing IP Traffic and Configuring Routes
Show ip route
OSPF, IA
Ip route
Ping
Preference in route selection
This command is also available in switch mode
There is also a traceroute command available in switch mode
Traceroute
Configuring Icmp Redirects
Ip icmp redirect enable
Show ip icmp redirect
Interface
IPv4 Routing Protocol Configuration
Activating Advanced Routing Features
RIP Configuration Task List and Commands
Configuring RIP
RIP Configuration Task List and Commands
Router rip
Ip rip enable
This example shows how to enable RIP
Distance
Ip rip send version
R1compatible
Ip rip receive version
Ip rip authentication-key
Specifies RIP version 1. This is the default setting
Specifies RIP version
Ip rip message-digest-key
Md5
No auto-summary
Use this command to disable automatic route summarization
Router configuration C3su‐routerConfig‐router#
Split-horizon poison
Passive-interface
Connected
Receive-interface
Redistribute
Ospf
Subnets
Command detailed in ip route on page 19‐21
Protocol
Subnetted will be redistributed
Ospf Configuration Task List and Commands
Configuring Ospf
Ospf Configuration Task List and Commands
Advanced License Required
Router id
Routes
This example shows how to enable routing for Ospf process
Router ospf
1583compatibility
Ip ospf enable
This example shows how to enable RFC 1583 compatibility
Ip ospf areaid
Ip ospf cost
Ip ospf priority
Timers spf
Ip ospf transmit-delay
Ip ospf retransmit-interval
Ip ospf hello-interval
Ip ospf dead-interval
65535
Ip ospf authentication-key
Ip ospf message digest key md5
Distance ospf
Area intra‐area
Area range
External inter‐
Intra‐area routes
Advertise no‐
If not specified, advertise mode will be set
Area stub
Advertise
Area default cost
Area nssa
Area virtual-link
Default‐
This example shows how to configure area 10 as an Nssa area
Information‐
Key key
Authentication‐
Transmit‐delay
Dead‐interval
Show ip ospf
Rip
Metric‐type type
This example shows how to display Ospf information
Use this command to display the Ospf link state database
Show ip ospf database
Show ip ospf interface
Show ip ospf database Output Details
Show ip ospf interface Output Details
Show ip ospf neighbor
Show ip ospf neighbor Output Details
Show ip ospf virtual-links
Clear ip ospf process
Show ip ospf virtual links Output Details
This example shows how to reset Ospf process
Configuring Dvmrp
Enabling Dvmrp on an Interface
This example shows how to enable the Dvmrp process
Ip dvmrp enable
Commands to Enable Dvmrp on an Interface
Ip dvmrp
Use this command to display Dvmrp routing information
Ip dvmrp metric
Show ip dvmrp
This example shows how to display Dvmrp status information
Configuring Irdp
Ip irdp enable
Ip irdp maxadvertinterval
Ip irdp minadvertinterval
Ip irdp holdtime
Ip irdp preference
9000
Use this command to display Irdp information
Ip irdp broadcast
Show ip irdp
Configuration Tasks on page 18‐1
Configuring Vrrp
Router vrrp
This example shows how enable Vrrp configuration mode
Create
Address
Priority
Advertise-interval
Described in Pre‐Routing Configuration Tasks on page 18‐1
Preempt
Enable
This example shows how to display Vrrp information
Ip vrrp authentication-key
Use this command to display Vrrp routing information
Show ip vrrp
Configuring PIM-SM
Design Considerations
Ip pimsm
Global router configuration C3su‐routerConfig#
This example shows how to globally enable and disable PIM
Ip pimsm staticrp
Ip pimsm enable
This example shows how to display PIM information
Ip pimsm query-interval
Show ip pimsm
This example shows how to display PIM router information
Show ip pimsm componenttable
Show ip pimsm Output Details
Show ip pimsm componenettable Output Details
This example shows how to display PIM interface information
Show ip pimsm interface
Stats
Show ip pimsm interface vlan Output Details
This example shows how to display PIM interface statistics
Show ip pimsm neighbor
10 show ip pimsm interface stats Output Details
11 show ip pimsm neighbor Output Details
‐11 provides an explanation of the command output
Show ip pimsm rp
Candidate
‐12 provides an explanation of the command output
Show ip pimsm rphash
12 show ip pimsm rp Output Details
‐13 provides an explanation of the command output
Show ip pimsm staticrp
Display the PIM‐SM static Rendezvous Point information
Use this command to display the IP multicast routing table
Show ip mroute
13 show ip pimsm staticrp Output Details
20-60 IPv4 Routing Protocol Configuration
IPv6 Management
Show ipv6 status
By default, IPv6 management is disabled
This example shows how to enable IPv6 management
Set ipv6
No global unicast IPv6 address is defined by default
Set ipv6 address
Eui64
Use this command to clear IPv6 global addresses
Show ipv6 address
Clear ipv6 address
Set ipv6 gateway
Use this command to clear an IPv6 gateway address
Clear ipv6 gateway
Show ipv6 neighbors
This example shows example output of this command
Use this command to display IPv6 netstat information
Show ipv6 netstat
This command is also available in router mode
Ping ipv6
Size num
Traceroute ipv6
Traceroute ipv6 21-10 IPv6 Management
IPv6 Configuration
Overview
IPv6 Routing License Required
Default Conditions
Following table lists the default IPv6 conditions
General Configuration Commands
Ipv6 forwarding
Ipv6 hop-limit
Ipv6 route
Default maximum number of IPv6 hops is
This command configures static IPv6 routes
This example sets the hop limit to
Default preference or administrative distance is
Ipv6 route distance
This command sets the default distance value to
Ipv6 unicast-routing
Ping ipv6 interface
Link‐local‐address
Router privileged exec C3 su‐router#
20010db8123455551
Interface Configuration Commands
Ipv6 address
No IPv6 addresses are defined for any interface
Ipv6 enable
IPv6 is disabled
Ipv6 mtu
Bytes
This example sets the MTU value to 1500 bytes
Neighbor Cache and Neighbor Discovery Commands
Clear ipv6 neighbors
This example clears all dynamically learned cache entries
Duplicate address detection enabled, for 1 attempt
Ipv6 nd dad attempts
Ipv6 nd ns-interval
Ipv6 nd reachable-time
By default, a value of 0 is advertised in RA messages
Router interface configurationC3su‐routerConfig‐ifVlan 1#
This example sets the NS interval to 2 seconds
Router interface configuration C3su‐routerConfig‐if Vlan 1#
Ipv6 nd other-config-flag
Flag is set to false by default
This example sets the reachable time to 60 seconds
Ipv6 nd ra-interval
Ipv6 nd ra-lifetime
Ipv6 nd suppress-ra
Suppression disabled
This example disables router advertisement transmission
Ipv6 nd prefix
No‐autoconfig
Router interface configurationC3su‐routerConfig‐if Vlan 1#
Off‐link
Example
Show ipv6 interface
Query Commands
Show ipv6
Router privileged execution C3su‐router#
This example displays information about IPv6 interface Vlan
This command displays IPv6 Neighbor Cache information
This example displays the neighbors in the cache
Show ipv6 neighbor Output Details
This command displays the IPv6 routing table
Show ipv6 route
Interface interface
This example displays all active IPv6 routes
Show ipv6 route Output Details
Show ipv6 route preferences
Show ipv6 route preferences Output Details
This command displays the summary of the routing table
Show ipv6 route summary
Non‐best routes
Following example displays the output of this command
Show ipv6 traffic
Show ipv6 summary Output Details
Show ipv6 traffic Output Details
Options, etc
Counter would include datagrams counted
Send. Note that this counter includes all those counted by
Clear ipv6 statistics
Router privileged executionC3su‐router#
This example clears the statistics for Vlan
IPv6 Proxy Routing
Preparing a Mixed Stack for IPv6 Proxy Routing
Limitations
This example enables IPv6 proxy routing
IPv6 proxy routing is disabled by default
Router global configuration C2su‐routerConfig#
Ipv6 proxy-routing
Any routing mode
DHCPv6 Configuration
Following table lists the default DHCPv6 conditions
Global Configuration Commands
Ipv6 dhcp enable
This command enables DHCPv6 on the router
By default, DHCPv6 is disabled
This example enables DHCPv6
Ipv6 dhcp relay-agent-info-opt
Ipv6 dhcp relay-agent-info-remote-id-subopt
Ipv6 dhcp pool
Ipv6 dhcp pool
Address Pool Configuration Commands
Domain-name
Dns-server
Prefix-delegation
Valid‐lifetime secs
Preferred‐lifetime
Secs infinite
C3su-routerConfig-dhcp6s-pool# exit C3su-routerConfig#
Rapid‐commit
By default, DHCPv6 functionality is disabled
Ipv6 dhcp server
Preference pref
Interface intf
Ipv6 dhcp relay
Destination dest‐addr
Remote‐id duid‐ifid
Examples
DHCPv6 Show Commands
Show ipv6 dhcp
Show ipv6 dhcp interface
Statistics
Output of show ipv6 dhcp interface Command
This example displays the DHCPv6 statistics for Vlan
This example displays the output of this command
Output of show ipv6 dhcp statistics Command
Show ipv6 dhcp statistics
Clear ipv6 dhcp statistics
This example clears DHCPv6 statistics for Vlan
This command displays information about DHCPv6 bindings
Show ipv6 dhcp pool
Show ipv6 dhcp binding
If no IPv6 address is specified, all bindings are displayed
Show ipv6 dhcp binding DHCPv6 Configuration
OSPFv3 Configuration
Following table lists the default OSPFv3 conditions
Global OSPFv3 Configuration Commands
Use this command to configure the OSPFv3 router ID
Ipv6 router id
Always
Default-information originate
Ipv6 router ospf
Metric value
No default metric is configured
Default-metric
Router OSPFv3 configuration C3su‐routerConfig‐router#
Router OSPFv3 configuration C3su-routerConfig-router#
Inter
Exit-overflow-interval
Intra
Type1
External-lsdb-limit
This command configures the external Lsdb limit for OSPFv3
Default value is ‐1
This example sets the exit overflow interval to 10 seconds
Maximum-paths
Connected static
Tag tag
Metric = unspecified Metric type = Type Tag =
Area Configuration Commands
Area default-cost
These commands are used to configure area parameters
This example sets the default route cost to 50 for area
This example shows how to configure area 20 as an Nssa
Area nssa no-redistribute
Area nssa default-info-originate
Default metric value is
Comparable
Area nssa no-summary
Area nssa translator role
This command configures the translator role of the router
By default, the translator role is disabled
Area nssa translator-stab-intv
Summarylink
Default interval is 40 seconds
Area address ranges are not configured by default
Nssaexternallink
This command creates a stub area for the specified area ID
Example disables the import of summary LSAs into stub area
Area stub no-summary
This example creates a stub area with the ID
Default dead interval is 40 seconds
Area virtual-link dead-interval
Default hello interval is 10 seconds
Area virtual-link hello-interval
Area virtual-link retransmit-interval
Area virtual-link transmit-delay
Default retransmit interval is 5 seconds
Default transmit delay is 1 second
Ipv6 ospf enable
OSPFv3 is disabled by default
Ipv6 ospf areaid
Ipv6 ospf cost
Default dead interval value is 40 seconds
Ipv6 ospf dead-interval
Ipv6 ospf hello-interval
Ipv6 ospf mtu-ignore
By default, MTU mismatch detection is enabled
Default network type is broadcast
Ipv6 ospf network
Default priority value is
Ipv6 ospf priority
Ipv6 ospf retransmit-interval
Ipv6 ospf transmit-delay
Default value is 4 seconds
Default value is 1 second
Ipv6 ospf transmit-delay
This example shows how to display OSPFv3 router information
OSPFv3 Show Commands
This command displays OSPFv3 router information
Show ipv6 ospf
Show ipv6 ospf Output Details
Show ipv6 ospf area
Show ipv6 ospf area Output Details
Show ipv6 ospf abr
Show ipv6 ospf abr Output Details
Show ipv6 ospf asbr
Show ipv6 ospf asbr Output Details
Show ipv6 ospf database
Adv Router Link Id Age Sequence Csum Options Rtr Opt
Show ipv6 ospf database Output Details
Show ipv6 ospf database database-summary Output Details
This command displays information about OSPFv3 interfaces
Show ipv6 ospf interface
Loopback loopid
Show ipv6 ospf interface Command Output Details
This example shows how to display statistics for Vlan
Show ipv6 ospf interface stats
Show ipv6 ospf interface stats Output Details
Specify the Vlan interface to display information about
This command displays information about OSPFv3 neighbors
Show ipv6 ospf neighbor
Specify the tunnel interface to display
Show ipv6 ospf neighbor Output Details
Show ipv6 ospf range
10 show ipv6 ospf neighbor routerid Output Details
This example displays range information for area
This example displays the OSPFv3 stub table information
Show ipv6 ospf stub table
11 show ipv6 ospf range Output Details
12 show ipv6 ospf stub table Output Details
Show ipv6 ospf virtual-link
13 show ipv6 ospf virtual-link Output Details
Show ipv6 ospf virtual-link
Show ipv6 ospf virtual-link OSPFv3 Configuration
Authentication and Authorization Configuration
Overview of Authentication and Authorization Methods
Overview of Authentication and Authorization Methods
Filter-ID Attribute Formats
Set authentication login
Setting the Authentication Login Method
Show authentication login
Use this command to set the authentication login method
Local
Clear authentication login
Any
Radius
Show radius
Configuring Radius
Timeout
Retries
Server
Optional Displays Radius server configuration information
Set radius
Servers or a specific Radius server as defined by an index
Timeout timeout
Realm management‐ access any network‐access
Server index
Clear radius
Realm
Show radius accounting
Set radius accounting
Retries retries
Clear radius accounting
This example shows how to set Radius accounting retries to
Timeout
Retries
Show radius interface
Set radius interface
Clear radius interface
Example
Auth‐diag
Configuring 802.1X Authentication
Show dot1x
Auth‐stats
This example shows how to display 802.1X status
Show dot1x auth-config
Set dot1x
Init reauth
True false
Set dot1x auth-config
Clear dot1x auth-config
Portcontrol Maxreq
Show eapol
Connecting state, via disconnected
Show eapol Output Details
Auth‐mode
Set eapol
Clear eapol
Forced‐auth
Optional Globally clears the Eapol authentication mode
Configuring MAC Authentication
Show macauthentication
Show macauthentication Output Details
Nopassword
Show macauthentication session
This example shows how to display MAC session information
Show macauthentication session Output Details
Set macauthentication
Set macauthentication password
Use this command to set a MAC authentication password
Use this command to clear the MAC authentication password
Clear macauthentication password
Set macauthentication port
Enables or disables MAC authentication
Set macauthentication portinitialize
Set macauthentication portquietperiod
Clear macauthentication portquietperiod
Set macauthentication macinitialize
This example resets the default quiet period on port
Set macauthentication reauthentication
Set macauthentication portreauthenticate
Enables or disables MAC reauthentication
Set macauthentication macreauthenticate
Set macauthentication reauthperiod
Clear macauthentication reauthperiod
Set macauthentication significant-bits
Clear macauthentication significant-bits
C3su-clear macauthentication significant-bits
Configuring Multiple Authentication Methods
About Multiple Authentication Types
About Multi-User Authentication
Show multiauth
Multi
Set multiauth mode
Clear multiauth mode
Strict
Default precedence order is dot1x, pwa, mac
Set multiauth precedence
Clear multiauth precedence
Show multiauth port
Set multiauth port
Clear multiauth port
Show multiauth station
Show multiauth session
Show multiauth idle-timeout
Agent dot1x mac
Which to set the timeout value
Set multiauth idle-timeout
Authentication method for which to set the timeout value
Idle timeout value is provided by the authenticating server
Default
Clear multiauth idle-timeout
Show multiauth session-timeout
Which to reset the timeout value to its default
Set multiauth session-timeout
Which to set the session timeout value
Clear multiauth session-timeout
Configuring User + IP Phone Authentication
Configuring Vlan Authorization RFC
Set vlanauthorization
Set vlanauthorization egress
Tagged
Clear vlanauthorization
Show vlanauthorization
By default, administrative egress is set to untagged
Configuring Policy Maptable Response
Show vlanauthorization Output Details
When Policy Maptable Response is Both
Operational Description
When Policy Maptable Response is Policy
When Policy Maptable Response is Tunnel
Show policy maptable
Both
Set policy maptable
Response
Policy
Clear policy maptable
Configuring MAC Locking
To review, disable, enable, and configure MAC locking
Show maclock
Firstarrival
Show maclock stations
Show maclock Output Details
Connected to MAC locked ports
Set maclock enable
Set maclock enable port‐string
Show maclock stations Output Details
This example shows how to disable MAC locking on ge.2.3
Set maclock disable
This example shows how to enable MAC locking on ge.2.3
Set maclock
Clear maclock
Create
Specified MAC address and port
Set maclock static
Clear maclock static
Set maclock firstarrival
Clear maclock firstarrival
Set maclock agefirstarrival
Clear maclock agefirstarrival
This example enables first arrival aging on port ge.1.1
This example disables first arrival aging on port ge.1.1
Set maclock move
Set maclock trap
Configuring Port Web Authentication PWA
About PWA
Show pwa
Show pwa Output Details
Enable disable Enables or disables port web authentication
This example shows how to enable port web authentication
Set pwa
This example shows how to display the PWA login banner
Show pwa banner
Set pwa banner
Set pwa displaylogo
This example shows how to hide the Enterasys Networks logo
Clear pwa banner
Display hide
Set pwa ipaddress
Set pwa protocol
Chap pap
Set pwa guestname
Use this command to clear the PWA guest user name
This example shows how to clear the PWA guest user name
Clear pwa guestname
Authnone
Set pwa guestpassword
Set pwa gueststatus
Authradius
This example shows how to initialize ports ge.1.5‐7
Set pwa initialize
Set pwa quietperiod
Set pwa maxrequest
Set pwa portcontrol
This example shows how to display PWA session information
Enables or disables PWA on specified ports
This example shows how to enable PWA on ports 1‐22
Show pwa session
Enable disable Enables or disables PWA enhancedmode
This example shows how to enable PWA enhancedmode
Set pwa enhancedmode
Show ssh status
Configuring Secure Shell SSH
This example shows how to display SSH status on the switch
Set ssh
This example shows how to disable SSH
This example shows how to regenerate SSH keys
Set ssh hostkey
Configuring Access Lists
Show access-lists
Show access‐lists number
Access-list standard
Deny permit
Access-list extended
Insert replace
This example moves entry 16 to the beginning of ACL
Insert replace
Ip access-group
Interface configuration C3su‐routerConfig‐ifVlan vlanid#
Filters inbound frames
Example
Page
TACACS+ Configuration
Show tacacs
State Optional Displays only the TACACS+ client status
Show tacacs Output Details
This example shows how to enable the TACACS+ client
Use this command to enable or disable the TACACS+ client
Enable disable Enables or disables the Tacacs client
Set tacacs
Timeout seconds
Set tacacs server
Clear tacacs server
Specifies one TACACS+ server to be affected
Show tacacs session
This example removes TACACS+ server
Set tacacs session
Read‐write
Service
Clear tacacs session
Super‐user
Show tacacs command
Set tacacs command
Show tacacs singleconnect
Set tacacs singleconnect
Connection
Show tacacs interface
Set tacacs interface
Clear tacacs interface
Clear tacacs interface TACACS+ Configuration
27-14
SFlow Configuration
Using sFlow in Your Network
Advantages of using sFlow include
Sampling Mechanisms
Definitions
SFlow Agent Functionality
SFlow Definitions
Packet Flow Sampling
Counter Sampling
Usage Notes
28-5
Contents of the sFlow Receivers Table is displayed
Show sflow receivers
This example displays the sFlow Receivers Table
Following table describes the output fields
Show sflow receivers Output Descriptions
Set sflow receiver owner
Set sflow receiver ip
Set sflow receiver maxdatagram
Default IP address is
Default maximum datagram size is 1400 bytes
Maxdatagram bytes
Clear sflow receiver
Default port value is
Set sflow receiver port
Maxdatagram
Set sflow port poller
Owner
Port port
Show sflow pollers
Interval
Clear sflow port poller
Set sflow port sampler
This example removes the poller instance on port ge.1.1
Show sflow samplers
Maxheadersize
Clear sflow port sampler
Set sflow interface
Rate
Show sflow interface
Clear sflow interface
Show sflow agent
28-18
Policy and Authentication Capacities
Policy Capacities
Table A-1 Policy Capacities
Authentication Capacities
Table A-2 Authentication Capacities
Index
Numerics
Ospf 20-30Network Management
Tftp
Index
