Enterasys SecureStack C3
Page
Page
Enterasys Networks, Inc. Firmware License Agreement
Iii
Page
Contents
Page
Activating Licensed Features
Configuring System Power and PoE
Discovery Protocol Configuration
Port Configuration
Show port broadcast Set port broadcast Clear port broadcast
Snmp Configuration
Spanning Tree Configuration
Configuring Spanning Tree Port Parameters Purpose Commands
802.1Q Vlan Configuration
Policy Classification Configuration
Port Priority Configuration
Igmp Configuration
Logging and Network Management
14-3
Rmon Configuration
Dhcp Server Configuration
Dhcp Snooping and Dynamic ARP Inspection
Preparing for Router Mode
IP Configuration
IPv4 Routing Protocol Configuration
20-11
IPv6 Configuration
IPv6 Management
DHCPv6 Configuration
IPv6 Proxy Routing
OSPFv3 Configuration
Authentication and Authorization Configuration
26-37
TACACS+ Configuration
SFlow Configuration
Appendix a Policy and Authentication Capacities
Index
Tables
10-4
22-26
Xxxii
Using This Guide
About This Guide
Structure of This Guide
Important Notice
Structure of This Guide
SecureStack C3 Installation Guides
Related Documents
Following icons are used in this guide
Conventions Used in This Guide
Following conventions are used in the text of this document
Getting Help
Support@enterasys.com
Getting Help Xxxviii About This Guide
SecureStack C3 CLI Overview
Switch Management Methods
Introduction
Factory Default Settings
Default Settings for Basic Switch Operation
Feature Default Setting
Default Settings for Router Operation
Sntp
Dvmrp
Starting a CLI Session
Using the Command Line Interface
Connecting Using the Console Port
Connecting Using Telnet
Using a Default User Account
Using an Administratively Configured User Account
Logging
Navigating the Command Line Interface
CLI Command Defaults Descriptions
CLI Command Modes
Getting Help with CLI Syntax
Abbreviating and Completing Commands
Displaying Scrolling Screens
Basic Line Editing Commands
Basic Line Editing Commands
Configuring Switches in a Stack
About SecureStack C3 Switch Operation in a Stack
Installing a New Stackable System of Up to Eight Units
Adding a New Unit to an Existing Stack
Installing Previously-Configured Systems in a Stack
Creating a Virtual Switch Configuration
SID
Considerations About Using Clear Config in a Stack
Issues Related to Mixed Type Stacks
Feature Support
Configuration
Stacking Configuration and Management Commands
Show switch
Commands
Purpose
Show switch switchtype
Examples
Show switch stack-ports
None
Set switch
Switch command, read‐write
Example
Priority value
Set switch copy-fw
Set switch description
This example shows how to assign priority 3 to switch
This example shows how to renumber switch 5 to switch
Set switch movemanagement
Set switch member
Clear switch member
Use this command to remove a member entry from the stack
Required CLI Setup Commands
Basic Configuration
Quick Start Setup Commands
Setting User Accounts and Passwords
Optional CLI Setup Commands
Parameters
Show system login
Show system login Output Details
Set system login
Clear system login
Use this command to remove a local login user account
Super‐user read‐write read‐only
Switch command, read‐write Switch command, super‐user
Set password
This example shows how to remove the netops user account
Set system password length
Set system password aging
Show system lockout
Set system password history
Disable
Set system lockout
Show system lockout Output Details
Attempts attempts
Time time
Setting Basic Switch Properties
Show ip address
Clear ip address
Use this command to clear the system IP address
Set ip address
Set ip protocol
This example shows how to clear the system IP address
Show ip protocol
This example shows how to display system information
Show system
Show system hardware
Show system Output Details
Show system utilization
Slot Hardware Information
This example sets the CPU utilization threshold to 75%
Default threshold value is 80%
Set system utilization
Clear system utilization
Show system enhancedbuffermode
Set system temperature
Enable disable Enables or disables enhanced buffer mode
This example shows how to enable enhanced buffer mode
Set system enhancedbuffermode
Clear system temperature
Syslog enable
Disable
Trap enable disable
Show time
Set time
Show summertime
This example shows how to set the system clock to 750 a.m
Use this command to display daylight savings time settings
Set summertime
Set summertime date
If a zone name is not specified, none will be applied
If an offset is not specified, none will be applied
Set summertime recurring
Use this command to modify the command prompt
This example shows how to set the command prompt to Switch
Clear summertime
Set prompt
Show banner motd
Set banner motd
Clear banner motd
Show version
‐5 provides an explanation of the command output
Use this command to configure a name for the system
Set system name
Show version Output Details
Use this command to identify the location of the system
This example shows how to set the system location string
Set system location
Set system contact
This example shows how to set the system contact string
This example shows how to set the terminal columns to
Set width
Set length
This example shows how to set the terminal length to
This example shows how to display the CLI logout setting
Show logout
Set logout
Use this command to display console settings
This example shows how to display all console settings
Use this command to set the console port baud rate
Show console
This example shows how to set the console port baud rate to
Downloading a Firmware Image
Downloading from a Tftp Server
Downloading via the Serial Port
Type 2. The following baud rate selection screen displays
Reverting to a Previous Image
Reboot the system using the reset command page 3‐50
Reviewing and Selecting a Boot Firmware Image
Show boot system
Set boot system
Compatibility platform specific
Starting and Configuring Telnet
This example shows how to display Telnet status
Use this command to enable or disable Telnet on the switch
Show telnet
Enable disable
Telnet
Inbound
Outbound all
Managing Switch Configuration and Files
Configuration Persistence Mode
Show snmp persistmode
Set snmp persistmode
Save config
Dir
Auto
Manual
Use this command to display the contents of a file
Show file
Show config
Outfile
Configure
All
Systemimage
Copy
Append
Delete
Show tftp settings
This example shows how to download an image via Tftp
Set tftp timeout
Clear tftp timeout
This example shows the output of this command
This example sets the timeout period to 4 seconds
This example sets the retry count to
Set tftp retry
Clear tftp retry
This example shows how to clear the CLI screen
Clearing and Closing the CLI
Cls clear screen
To clear the CLI screen or to close your CLI session
Resetting the Switch
Reset
Use either of these commands to leave a CLI session
This example shows how to exit a CLI session
Clear config
If no unit ID is specified, the entire system will be reset
This example shows how to reset the system
This example shows how to reset unit
Show webview
Using and Configuring WebView
Use this command to display WebView status
Set webview
Show ssl
Set ssl
This example shows how to display SSL status
This example shows how to enable SSL
Command
Gathering Technical Support Information
Show support
To gather common technical support information
Configuring Hostprotect
Hostprotect is enabled by default
Show system hostprotect
Set system hostprotect
This feature is disabled by default
This example disables hostprotect
Default state is enabled
Clear system hostprotect
Usage
License Key Field Descriptions
Activating Licensed Features
Licensing Procedure in a Stack Environment
Clearing, Showing, and Applying Licenses
Adding a New Member to a Licensed Stack
Set license
Usage
Use this command to clear the license key settings
FeatureID feature The name of the feature being cleared
Show license
Clear license
C3rw-clear license featureId advrouter
Clear license Activating Licensed Features
Configuring System Power and PoE
Commands
Show inlinepower
Use this command to display system power properties
Show inlinepower Output Details
Set inlinepower threshold
This example shows how to display system power properties
Sending of traps is disabled by default
Set inlinepower trap
Set inlinepower detectionmode
Show port inlinepower
Ieee
Set port inlinepower
Admin off auto
Priority critical
High low
Set port inlinepower Configuring System Power and PoE
Discovery Protocol Configuration
Configuring CDP
Show cdp
Show cdp Output Details
Set cdp state
Auto disable
Enable
Set cdp interval
Use this command to set a global CDP authentication code
Set cdp auth
Set cdp hold-time
Clear cdp
Show neighbors
Configuring Cisco Discovery Protocol
Show ciscodp
‐2 provides an explanation of the command output
‐3 provides an explanation of the command output
Show ciscodp port info
Show ciscodp Output Details
Set ciscodp timer
This example shows how to globally enable CiscoDP
Set ciscodp status
Show ciscodp port info Output Details
Set ciscodp holdtime
Set ciscodp port
Vvid
Dot1p
Untagged
Trusted
Clear ciscodp
Overview
Configuring Link Layer Discovery Protocol and LLDP-MED
To review and configure Llpd and LLPD‐MED
Configuration Tasks
Use this command to display Lldp configuration information
Show lldp
Show lldp port status
Show lldp port trap
Show lldp port tx‐tlv port‐string
Show lldp port tx-tlv
Show lldp port location-info
Show lldp port local-info
Show lldp port local-info Output Details
1000BASE-TFD
ECS Elin
Show lldp port remote-info
Voice‐signaling
Guest‐voice‐signaling
Show lldp port network-policy
Voice
Video‐signaling
Set lldp tx-interval
Softphone‐voice
Video‐conferencing
This example sets the transmit interval to 20 seconds
Set lldp hold-multiplier
Set lldp trap-interval
Set lldp med-fast-repeat
Tx‐enable
Rx‐enable
Set lldp port status
Set lldp port trap
Elin
Set lldp port med-trap
Set lldp port location-info
Set lldp port tx-tlv
Gvrp
Mac‐phy
Poe
Link‐aggr
State enable disable
Set lldp port network-policy
Tag tagged untagged
Vid vlan‐id dot1p
Clear lldp
Tx‐interval
Hold‐multiplier
Trap‐interval
Clear lldp port status
Clear lldp port trap
Cleared
Clear lldp port med-trap
Clear lldp port location-info
Clear lldp port network-policy
Tag
Vid
Dscp
Clear lldp port tx-tlv
Disables the LLDP‐MED Location Identification TLV from being
Disables the LLDP‐MED Extended Power via MDI TLV from being
Port Configuration
Port Configuration Summary
Port String Syntax Used in the CLI
Port type.unitorslot number.port number
Reviewing Port Status
Port Slot/Unit Parameters Used in the CLI
Show port
Show port status
Show port status Output Details
Switch mib2
Show port counters
Show port counters Output Details
This example clears the port counters for ge.3.1
Clear port counters
Show port cablestatus
Show port cablestatus Output Details
Disabling / Enabling and Naming Ports
This example shows the cable status for 1 GE port ge.1.31
Set port disable
Set port enable
This example shows how to disable ge.1.1
This example shows how to enable ge.1.3
Set port alias
Use this command to assign an alias name to a port
Show port alias
This example shows how to assign the alias Admin to ge.3.3
This example shows how to clear the alias for ge.3.3
Setting Speed and Duplex Mode
Show port speed
Set port speed
Show port duplex
10 100
Mbps
Full half
This example shows how to set ge.1.17 to full duplex
Set port duplex
Enabling / Disabling Jumbo Frame Support
Show port jumbo
Clear port jumbo
Enables or disables jumbo frame support
Set port jumbo
Setting Auto-Negotiation and Advertised Ability
Show port negotiation
Show port advertise
Enable disable
Set port negotiation
Set port advertise
Clear port advertise
Show port mdix
Set port mdix
Forced‐auto
Mdi
Optional Specify the port or ports to configure
Configure ports to use MDI mode only
Configure ports to use Mdix mode only
Set flowcontrol
Setting Flow Control
Show flowcontrol
This example shows how to enable flow control
Setting Port Link Traps and Link Flap Detection
Show port trap
Show linkflap
Following example disables sending trap on ge.3.1
Set port trap
Globalstate
Portstate
Parameters
Metrics
Show linkflap parameters Output Details
Show linkflap metrics Output Details
Disable enable
Disables or enables the link flap detection function
Set linkflap globalstate
Set linkflap portstate
Set linkflap interval
Set linkflap action
Set linkflap threshold
Use this command to set the link flap action trigger count
Clear linkflap action
Set linkflap downtime
Clear linkflap down
Clear linkflap
All stats
Parameter
Threshold interval
Configuring Broadcast Suppression
Show port broadcast
Set port broadcast
Clear port broadcast
Syntax Used in the CLI on page 7‐1
Remote Port Mirroring
Mirroring Features
Port Mirroring
Overview
Configuring Smon MIB Port Mirroring
Procedures
To review and configure port mirroring on the device
Show port mirroring
Set port mirroring
Create disable
Can be configured per stack, if applicable
Set mirror vlan
Use this command to clear a port mirroring relationship
Clear port mirroring
Clear mirror vlan
Link Aggregation Control Protocol Lacp
Lacp Operation
‐6 defines key terminology used in Lacp configuration
Lacp Terminology
SecureStack C3 Usage Considerations
Lacp Terms and Definitions
Commands
‐7 provides an explanation of the command output
Show lacp
Disable enable Disables or enables Lacp
This example shows how to disable Lacp
Set lacp
Show lacp Output Details
Asyspri
Set lacp aadminkey
Set lacp asyspri
Set lacp static
Disable enable Disables or enables static link aggregation
Clear lacp
Clear lacp static
Clear lacp singleportlag
This example enables the formation of single port LAGs
Set lacp singleportlag
Summary Counters
Show port lacp
Status detail
Aadminkey
Set port lacp
Aadminstate
Lacptimeout
Padminkey
Padminport
Clear port lacp
C3su-clear port lacp port ge.3.16
Protected Port Operation
Configuring Protected Ports
Set port protected
Read‐only
Show port protected
Clear port protected
Set port protected name
Show port protected name
Use this command to clear the name of a protected group
Clear port protected name
Clear port protected name Port Configuration
Snmp Configuration
Snmp Configuration Summary
About Snmp Security Models and Levels
SNMPv1 and SNMPv2c
SNMPv3
Using Snmp Contexts to Access Specific MIBs
Configuration Considerations
Reviewing Snmp Statistics
Snmp Security Levels
Show snmp engineid Output Details
This example shows how to display Snmp engine properties
Show snmp engineid
Show snmp counters
Use this command to display Snmp traffic counter values
This example shows how to display Snmp counter values
Show snmp counters Output Details
Engine or otherwise unavailable
Configuring Snmp Users, Groups, and Communities
Show snmp user
This example shows how to display an Snmp user list
‐4 provides an explanation of the command output
Use this command to create a new SNMPv3 user
Set snmp user
Aes
Sha
Volatile
Nonvolatile
Remote remote
Clear snmp user
Show snmp group
Set snmp group
User user
Security‐model
V2c usm Volatile
V2c usm
Clear snmp group
Show snmp community
Use this command to configure an Snmp community group
Set snmp community
Securityname
Context context
Configuring Snmp Access Rights
Use this command to delete an Snmp community name
This example shows how to delete the community name vip
Clear snmp community
Show snmp access
Noauthentication
Authentication Privacy Context context
Nonvolatile read‐ Only
Show snmp access Output Details
This example shows how to display Snmp access information
‐6 provides an explanation of the command output
Set snmp access
Clear snmp access
Configuring Snmp MIB Views
Show snmp view
Show snmp view Output Details
Show snmp context
Set snmp view
Clear snmp view
Configuring Snmp Target Parameters
Show snmp targetparams
Volatile nonvolatile
Read‐only
‐8 provides an explanation of the command output
Set snmp targetparams
Show snmp targetparams Output Details
Message‐
Authentication
Clear snmp targetparams
Privacy
Protected from disclosure
Show snmp targetaddr
Configuring Snmp Target Addresses
Use this command to display Snmp target address information
Timeout timeout
Set snmp targetaddr
Param param
Udpport udpport
Use this command to delete an Snmp target address entry
Clear snmp targetaddr
Taglist taglist
Tag 1 tag
Configuring Snmp Notification Parameters
About Snmp Notify Filters
Set newaddrtrap
By default, this function is disabled globally and per port
Show newaddrtrap
Show snmp notify
‐10 provides an explanation of the command output
Set snmp notify
10 show snmp notify Output Details
Trap inform
Show snmp notifyfilter
Use this command to clear an Snmp notify configuration
Clear snmp notify
Set snmp notifyfilter
Subtree oid‐or‐
Clear snmp notifyfilter
Targetparam
Show snmp notifyprofile
Set snmp notifyprofile
Clear snmp notifyprofile
Creating a Basic Snmp Trap Configuration
This example shows how to delete Snmp notify profile area51
11 Basic Snmp Trap Configuration
Example
Show snmp interface
Configuring the Snmp Management Interface
How Snmp Will Use This Configuration
Set snmp interface
Loopback loop‐ID
Clear snmp interface
Clear snmp interface Snmp Configuration
Spanning Tree Configuration
Spanning Tree Configuration Summary
Spanning Tree Features
Loop Protect
Configuring Spanning Tree Bridge Parameters
For information about
Active
Show spantree stats
Sid sid
‐1 shows a detailed explanation of command output
Show spantree Output Details
Show spantree version
Disable enable Globally disables or enables Spanning Tree
Set spantree
Set spantree version
Show spantree bpdu-forwarding
This example shows how to reset the Spanning Tree version
Clear spantree version
Disable enable Disables or enables Bpdu forwarding
By default Bpdu forwarding is disabled
This example shows how to enable Bpdu forwarding
Set spantree bpdu-forwarding
Set spantree bridgeprioritymode
Clear spantree bridgeprioritymode
8021d
8021t
Create delete
Show spantree mstilist
Set spantree msti
Fid fid
Clear spantree msti
Show spantree mstmap
This example shows how to map FID 3 to SID
Use this command to map a FID back to SID
Set spantree mstmap
Clear spantree mstmap
Show spantree mstcfgid
This example shows how to map FID 2 back to SID
Show spantree vlanlist
Clear spantree mstcfgid
Cfgname name Specifies an MST configuration name
Set spantree mstcfgid
Clear spantree priority
Use this command to set the device’s Spanning Tree priority
Set spantree priority
Clear spantree hello
This example shows how to reset the bridge priority on SID
Set spantree hello
Use this command to set the bridge maximum aging time
Set spantree maxage
Clear spantree maxage
Set spantree fwddelay
Use this command to set the Spanning Tree forward delay
Clear spantree fwddelay
Show spantree backuproot
Set spantree backuproot
Clear spantree backuproot
Show spantree tctrapsuppress
Set spantree tctrapsuppress
Clear spantree tctrapsuppress
Set spantree protomigration
Set spantree spanguard
Enable disable Enables or disables the SpanGuard function
Show spantree spanguard
This example shows how to enable the SpanGuard function
Clear spantree spanguard
Show spantree spanguardtimeout
Set spantree spanguardtimeout
Clear spantree spanguardtimeout
Show spantree spanguardlock
Clear / set spantree spanguardlock
Show spantree spanguardtrapenable
This example shows how to unlock port ge.1.16
Is enabled
Set spantree spanguardtrapenable
Clear spantree spanguardtrapenable
Show spantree legacypathcost
Set spantree legacypathcost
Clear spantree legacypathcost
Show spantree autoedge
Set spantree autoedge
This example clears the legacy path cost to 802.1t values
Clear spantree autoedge
Configuring Spanning Tree Port Parameters
Set spantree portadmin
Disable enable
To display and set Spanning Tree port parameters
This example shows how to disable Spanning Tree on ge.1.5
Clear spantree portadmin
Show spantree portadmin
Set spantree portpri
Use this command to set a port’s Spanning Tree priority
Show spantree portpri
Clear spantree portpri
Show spantree adminpathcost
Set spantree adminpathcost
Clear spantree adminpathcost
Show spantree adminedge
Set spantree adminedge
Clear spantree adminedge
This example shows how to set ge.1.11 as an edge port
True false
This example shows how to reset ge.1.11 as a non‐edge port
Show spantree operedge
Configuring Spanning Tree Loop Protect Parameters
This example shows how to enable Loop Protect on ge.2.3
Set spantree lp
Show spantree lp
If no SID is specified, SID 0 is assumed
Clear spantree lp
Show spantree lplock
Clear spantree lplock
SID Locked
Set spantree lpcapablepartner
Show spantree lpcapablepartner
Set spantree lpthreshold
Use this command to set the Loop Protect event threshold
Clear spantree lpcapablepartner
Clear spantree lpthreshold
None. The default event threshold is
Show spantree lpthreshold
Set spantree lpwindow
Show spantree lpwindow
Clear spantree lpwindow
Set spantree lptrapenable
Disabled
Show spantree lptrapenable
Clear spantree lptrapenable
Set spantree disputedbpduthreshold
Show spantree disputedbpduthreshold
Clear spantree disputedbpduthreshold
Show spantree nonforwardingreason
802.1Q Vlan Configuration
Vlan Configuration Summary
Command Set for Creating a Secure Management Vlan
Creating a Secure Management Vlan
Viewing VLANs
Show vlan
Static
Portinfo
Show vlan Output Details
Vlan Vlan ID Name
Create enable Creates, enables or disables VLANs. disable
This example shows how to create Vlan
Creating and Naming Static VLANs
Set vlan
Clear vlan
This example shows how to set the name for Vlan 7 to green
Set vlan name
This example shows how to clear the name for Vlan
Clear vlan name
Assigning Port Vlan IDs PVIDs and Ingress Filtering
Show port vlan
Set port vlan
Clear port vlan
Modify‐egress
No‐modify‐egress
Show port ingress filter
Set port ingress filter
Show port discard
Set port discard
Tagged untagged both none
Configuring the Vlan Egress List
Show port egress
Set vlan forbidden
Use this command to remove ports from a VLAN’s egress list
Set vlan egress
Clear vlan egress
Untagged forbidden tagged
Show vlan dynamicegress
Forbidden
Set vlan dynamicegress
Enable disable Enables or disables dynamic egress
This example shows how to enable dynamic egress on Vlan
Set host vlan
Setting the Host Vlan
Show host vlan
This example shows how to set Vlan 7 as the host Vlan
Clear host vlan
How It Works
Enabling/Disabling Gvrp Garp Vlan Registration Protocol
About Garp Vlan Registration Protocol Gvrp
Example of Vlan Propagation via Gvrp
Show gvrp
Show garp timer
Use this command to display Gvrp configuration information
Set gvrp
Show gvrp configuration Output Details
Disables or enables Gvrp on the device
Clear gvrp
Set garp timer
This example shows how to enable Gvrp on ge.1.3
Clear garp timer
Leaveall timer‐
Join
Leave
C3su-clear garp timer leave ge.1.1
Policy Classification Configuration
Policy Classification Configuration Summary
Configuring Policy Profiles
Use this command to display policy profile information
Show policy profile
‐verbose
Show policy profile Output Details
Set policy profile
Clear policy profile
Use this command to delete a policy profile entry
This example shows how to delete policy profile
Show policy rule
Configuring Classification Rules
All admin‐ profile profile‐ index
Not‐in‐service Not‐ready Storage‐type non‐
Admin‐pid
Tcpsourceport
Udpdestport
Show policy capability
Show policy rule Output Details
Vlan
Vlantag data
Admin‐profile
Set policy rule
Ether
Ipproto
Ipdestsocket
Ipsourcesocket
Valid Values for Policy Classification Rules
Data value Mask bits
Following parameters apply to deleting an admin rule
Clear policy rule
Range from 1 to 4094 or 0xFFF
All‐pid‐entries
Use this command to remove all policy classification rules
Clear policy all-rules
Use this command to assign ports to a policy profile
Assigning Ports to Policy Profiles
Set policy port
To assign and unassign ports to policy profiles
Clear policy port
Procedure 11-1 User-Defined CoS Configuration
Configuring Policy Class of Service CoS
About Policy-Based CoS Configurations
Configuring Policy Class of Service CoS
Procedure
About CoS-Based Flood Control
Use this command to enable or disable Class of Service
Set cos state
Clear cos state
This example shows how to enable Class of Service
Show cos state
Set cos settings
Priority priority
Tos‐value tos‐value
Irl‐reference
Clear cos settings
Show cos settings
Priority
Tos‐value
Set cos port-config
Show cos port-config
Should be displayed
Clear cos port-config
Entry
Name
Ports
Set cos port-resource irl
Set cos port-resource flood-ctrl
Group#.port‐type
Unicast
Multicast
Show cos port-resource
Group#.port‐type
Clear cos port-resource irl
Unit
Rate
Type
Clear cos port-resource flood-ctrl
Set cos reference
Unicast
Multicast
Specifies that an IRL reference is being configured
Show cos reference
IRL reference number associated with this entry
Rate‐limit irl‐index
Clear cos reference
Show cos unit
Port‐typ e index
Kbps
Pps
Clear cos all-entries
Show cos port-type
This example shows flood control information for port type
Port Priority Configuration
Port Priority Configuration Summary
Configuring Port Priority
Show port priority
Set port priority
Clear port priority
Configuring Priority to Transmit Queue Mapping
Show port priority-queue
Set port priority-queue
Clear port priority-queue
Configuring Quality of Service QoS
Show port txq
Set port txq
By default, transmit queues are defined as follows
Clear port txq
Clear port txq Port Priority Configuration
About IP Multicast Group Management
Igmp Configuration
Igmp Overview
About Multicasting
Configuring Igmp at Layer
To configure Igmp snooping from the switch CLI
Set igmpsnooping adminmode
Use this command to display Igmp snooping information
This example shows how to display Igmp snooping information
Use this command to enable or disable Igmp on the system
This example shows how to enable Igmp on the system
Enable disable Enables or disables Igmp
This example shows how to enable Igmp on port ge.1.10
Set igmpsnooping interfacemode
Set igmpsnooping maxresponse
Set igmpsnooping mcrtrexpiretime
Set igmpsnooping add-static
Modify
If no ports are specified, all ports are added to the entry
If modify is not specified, a new entry is created
Set igmpsnooping remove-static
Show igmpsnooping static
Show igmpsnooping mfdb
Group group
This example displays the static Igmp ports for Vlan
Stats Optional Displays Mfdb statistics
Clear igmpsnooping
Use this command to clear all Igmp snooping entries
This example shows how to clear all Igmp snooping entries
Configuring Igmp on Routing Interfaces
To configure Igmp on routing interfaces
Global configuration C3su‐routerConfig#
Ip igmp
Ip igmp enable
This example shows how to enable Igmp on the router
Interface configuration C3su‐routerConfig‐ifVlan 1#
Ip igmp version
Any router mode
Show ip igmp interface
Show ip igmp groups
Ip igmp query-interval
Ip igmp query-max-response-time
Ip igmp startup-query-interval
Ip igmp startup-query-count
Ip igmp last-member-query-interval
Ip igmp last-member-query-count
Ip igmp robustness
Interface configuration C3 su‐routerConfig‐ifVlan 1#
Ip igmp robustness Igmp Configuration
Configuring System Logging
Logging and Network Management
Show logging server
Set logging server
Show logging default
Clear logging server
Set logging default
Use this command to set logging default values
Clear logging default
Show logging application
Facility
Severity
Set logging application
Show logging application Output Details
Level level
If level is not specified, none will be applied
Clear logging application
Show logging local
Set logging local
Clear logging local
Show logging interface
This example shows how to clear local logging
Show logging buffer
Set logging interface
Clear logging interface
Monitoring Network Events and Status
History
Use this command to set the size of the history buffer
Default
Show history
Set history
This example, the host at IP address is not responding
Ping
Show users
Console
Disconnect
Show netstat
Show netstat Output Details
Following example shows the output of this command
Following table describes the output of this command
Show arp
Managing Switch Network Addresses and Routes
Use this command to display the switch’s ARP table
Show arp Output Details
This example shows how to display the ARP table
Set arp
Clear arp
Traceroute
Show mac
Each response
Type other learned
Self mgmt
Show mac agetime
Show mac Output Details
This example shows how to display the MAC timeout period
This example shows how to set the MAC timeout period
Set mac agetime
Clear mac agetime
Show mac algorithm
Default MAC algorithm is mac‐crc16‐upperbits
Set mac algorithm
Clear mac algorithm
Set mac multicast
Append clear
Use this command to remove a multicast MAC address
Clear mac address
Show mac unreserved-flood
Set mac unreserved-flood
Configuring Simple Network Time Protocol Sntp
This example enables multicast flood protection
Use this command to display Sntp client settings
Show sntp
This example shows how to display Sntp client settings
Show sntp Output Details
Set sntp client
Clear sntp client
If precedence is not specified, 1 will be applied
Set sntp server
Clear sntp server
Set sntp poll-interval
Clear sntp poll-interval
Clear sntp poll-retry
This example shows how to clear the Sntp poll interval
Set sntp poll-retry
Set sntp poll-timeout
Clear sntp poll-timeout
Use this command to clear the Sntp poll timeout
This example shows how to clear the Sntp poll timeout
Set timezone
Show sntp interface
Set sntp interface
Clear sntp interface
C3rw-show sntp interface Vlan 100 C3rw-clear sntp interface
Configuring Node Aliases
Show nodealias config
Maxentries maxentries
Show nodealias config Output Details
Set nodealias
Clear nodealias config
Rmon Monitoring Group Functions
Rmon Configuration
Rmon Monitoring Group Functions and Commands
Group What It Does What It Monitors CLI Commands
Design Considerations
Statistics Group Commands
To display, configure, and clear Rmon statistics
Set rmon stats
Use this command to configure an Rmon statistics entry
Show rmon stats
To‐defaults
This example shows how to delete Rmon statistics entry
Clear rmon stats
If owner is not specified, monitor will be applied
History Group Commands
Show rmon history
Set rmon history
Clear rmon history
Buckets buckets
Interval interval
This example shows how to delete Rmon history entry
This example shows how to display Rmon alarm entry
Alarm Group Commands
Show rmon alarm
Set rmon alarm properties
Show rmon alarm Output Details
Object object
Type absolute
Set rmon alarm status
Clear rmon alarm
Enable
This example shows how to enable Rmon alarm entry
Use this command to delete an Rmon alarm entry
Event Group Commands
Use this command to display Rmon event entry properties
This example shows how to display Rmon event entry
Show rmon event
Set rmon event properties
Description
Type none log
Trap both
Clear rmon event
This example shows how to enable Rmon event entry
Set rmon event status
This example shows how to clear Rmon event
Filter Group Commands
Show rmon channel
Use this command to configure an Rmon channel entry
Set rmon channel
Accept matched
Failed
Clear rmon channel
Show rmon filter
Index index
Channel channel
Set rmon filter
Clear rmon filter
Use this command to clear an Rmon filter entry
This example shows how to clear Rmon filter entry
Nodata
Packet Capture Commands
Show rmon capture
Set rmon capture
Action lock
Slice slice
Loadsize loadsize
Clear rmon capture
Use this command to clears an Rmon capture entry
This example shows how to clear Rmon capture entry
Dhcp Server Configuration
Dhcp Overview
Dhcp Relay Agent
Dhcp Server
Configuring a Dhcp Server
Configuring General Dhcp Server Parameters
Set dhcp
Set dhcp bootp
This example enables Dhcp server functionality
This example enables address allocation for Bootp clients
This example enables Dhcp conflict logging
Set dhcp conflict logging
Show dhcp conflict
Logging Disables conflict logging
This example disables Dhcp conflict logging
Clear dhcp conflict
Clears the conflict information for all IP addresses
Clear dhcp exclude
100, with the set dhcp exclude command
Set dhcp exclude
This example sets the number of ping packets sent to
Set dhcp ping
Clear dhcp ping
Show dhcp binding
Clear dhcp binding
Use this command to display Dhcp server statistics
Use this command to clear all Dhcp server counters
Show dhcp server statistics
Clear dhcp server statistics
This example clears all Dhcp server counters
Configuring IP Address Pools
Manual Pool Configuration Considerations
Set dhcp pool
This example creates an address pool named auto1
Use this command to delete a Dhcp server pool of addresses
Clear dhcp pool
Set dhcp pool network
This example deletes the address pool named auto1
Clear dhcp pool network
Set dhcp pool hardware-address
If no type is specified, Ethernet is assumed
Clear dhcp pool hardware-address
Set dhcp pool host
Clear dhcp pool host
Set dhcp pool client-identifier
Clear dhcp pool client-identifier
Set dhcp pool client-name
Clear dhcp pool client-name
Set dhcp pool bootfile
Clear dhcp pool bootfile
Set dhcp pool next-server
Clear dhcp pool next-server
Infinite
Set dhcp pool lease
Clear dhcp pool lease
Set dhcp pool default-router
Clear dhcp pool default-router
Set dhcp pool dns-server
Clear dhcp pool dns-server
Set dhcp pool domain-name
Clear dhcp pool domain-name
Set dhcp pool netbios-name-server
Clear dhcp pool netbios-name-server
‐node
Set dhcp pool netbios-node-type
Clear dhcp pool netbios-node-type
Set dhcp pool option
Ascii string
This example removes option 19 from address pool auto1
Show dhcp pool configuration
Clear dhcp pool option
Show dhcp pool configuration
Dhcp Message Processing
Dhcp Snooping Dynamic ARP Inspection
Dhcp Snooping Overview
Building and Maintaining the Database
Basic Configuration
Configuration Notes
Procedure 17-1 Basic Configuration for Dhcp Snooping
Rate Limiting
Set dhcpsnooping
Dhcp Snooping Commands
Disabled globally
Set dhcpsnooping database write-delay
Set dhcpsnooping vlan
By default, ports are untrusted
Set dhcpsnooping trust
Set dhcpsnooping verify
This example configures port ge.1.1 as a trusted port
Set dhcpsnooping binding
Against the client hardware address
Source MAC address verification is enabled by default
Set dhcpsnooping log-invalid
Set dhcpsnooping limit
None
Rate pps
Burst interval secs
This example configures rate limit parameters on port ge.1.1
Show dhcpsnooping database
Show dhcpsnooping port
Entry, either dynamic or static
Show dhcpsnooping binding
Dynamic static
Show dhcpsnooping statistics
Clear dhcpsnooping database
Clear dhcpsnooping binding
Clear dhcpsnooping statistics
Write‐delay
Default value of 300 seconds
Clear dhcpsnooping limit
Dynamic ARP Inspection Overview
Optional ARP Packet Validation
Functional Description
Static Mappings
Logging Invalid Packets
Packet Forwarding
Rate Limiting
Eligible Interfaces
Procedure 17-2 Basic Dynamic ARP Inspection Configuration
Step Task Commands
Vlan Configuration
Example Configuration
Router Configuration
Dynamic ARP Inspection Commands
Set arpinspection vlan
Dhcp Snooping Configuration
Dynamic ARP Inspection Configuration
Set arpinspection trust
Logging is disabled by default
By default, all physical ports and LAGs are untrusted
Logging
Dst‐mac
Set arpinspection validate
Src‐mac
Set arpinspection limit
Set arpinspection filter
Show arpinspection access-list
Permit
Mac host
Show arpinspection ports
This example displays the ARP configuration of lag.0.1
Show arpinspection vlan
Show arpinspection statistics
This example removes all 3 additional validation conditions
Clear arpinspection validate
With an invalid address
Clear arpinspection vlan
Clear arpinspection filter
Clear arpinspection limit
This example removes the ARP ACL named staticARP from Vlan
Clear arpinspection statistics
This example clears all DAI statistics from the switch
Page
Preparing for Router Mode
Pre-Routing Configuration Tasks
Router CLI Configuration Modes
Enabling Router Configuration Modes
Enabling the Switch for Routing
Router CLI Configuration Modes
Page
IP Configuration
Configuring Routing Interface Settings
Show interface
Vlan vlan ‐id
Use this command to configure interfaces for IP routing
Router global configuration mode C3su‐routerConfig#
Interface
Vlan vlan‐ id
This example shows how to enter configuration mode for Vlan
Show ip interface
Router interface configuration C3su‐routerConfig‐ifVlan 1#
Ip address
Show ip interface Output Details
Secondary
Show running-config
No shutdown
This example shows how to enable Vlan 1 for IP routing
No ip routing
Interface tunnel
Configuring Tunnel Interfaces
Use this command to configure a tunnel interface
Tunnel source
This example creates a configured tunnel interface
Router interface configuration C3su‐routerConfig‐ifTnnl 1#
Tunnel mode
This command specifies the mode of the tunnel interface
Ipv6ip Specifies that the tunnel mode is IPv6 over IPv4
No form of this command removes the mode of the tunnel
This example sets the tunnel mode to IPv6 over IPv4
Show interface tunnel
Reviewing and Configuring the ARP Table
Show ip arp
Show ip arp Output Details
This example shows how to use the show ip arp command
Arp
This example shows how to enable proxy ARP on Vlan
Ip proxy-arp
Arp timeout
Clear arp-cache
14,400 seconds
Privileged Exec C3su‐router#
Ip directed-broadcast
Configuring Broadcast Settings
Interface configuration C3su‐Router1Config‐ifVlan 1#
Ip forward-protocol
Udp
Specifies UDP as the IP forwarding protocol
Are forwarded
Ip helper-address
Reviewing IP Traffic and Configuring Routes
Show ip route
OSPF, IA
Preference in route selection
Ip route
Ping
Traceroute
This command is also available in switch mode
There is also a traceroute command available in switch mode
Configuring Icmp Redirects
Ip icmp redirect enable
Show ip icmp redirect
Interface
IPv4 Routing Protocol Configuration
Activating Advanced Routing Features
Configuring RIP
RIP Configuration Task List and Commands
RIP Configuration Task List and Commands
Router rip
Distance
Ip rip enable
This example shows how to enable RIP
Ip rip send version
R1compatible
Ip rip authentication-key
Specifies RIP version 1. This is the default setting
Ip rip receive version
Specifies RIP version
Ip rip message-digest-key
Md5
Use this command to disable automatic route summarization
Router configuration C3su‐routerConfig‐router#
No auto-summary
Split-horizon poison
Passive-interface
Receive-interface
Redistribute
Connected
Ospf
Command detailed in ip route on page 19‐21
Protocol
Subnets
Subnetted will be redistributed
Configuring Ospf
Ospf Configuration Task List and Commands
Ospf Configuration Task List and Commands
Advanced License Required
Router id
Routes
1583compatibility
This example shows how to enable routing for Ospf process
Router ospf
Ip ospf areaid
Ip ospf enable
This example shows how to enable RFC 1583 compatibility
Ip ospf cost
Ip ospf priority
Timers spf
Ip ospf transmit-delay
Ip ospf retransmit-interval
65535
Ip ospf hello-interval
Ip ospf dead-interval
Ip ospf authentication-key
Ip ospf message digest key md5
Distance ospf
Area range
External inter‐
Area intra‐area
Intra‐area routes
If not specified, advertise mode will be set
Area stub
Advertise no‐
Advertise
Area default cost
Area nssa
Default‐
This example shows how to configure area 10 as an Nssa area
Area virtual-link
Information‐
Authentication‐
Transmit‐delay
Key key
Dead‐interval
Metric‐type type
Show ip ospf
Rip
Show ip ospf database
This example shows how to display Ospf information
Use this command to display the Ospf link state database
Show ip ospf interface
Show ip ospf database Output Details
Show ip ospf interface Output Details
Show ip ospf neighbor
Show ip ospf neighbor Output Details
Show ip ospf virtual links Output Details
Show ip ospf virtual-links
Clear ip ospf process
This example shows how to reset Ospf process
Configuring Dvmrp
Enabling Dvmrp on an Interface
Ip dvmrp enable
Commands to Enable Dvmrp on an Interface
This example shows how to enable the Dvmrp process
Ip dvmrp
Show ip dvmrp
Use this command to display Dvmrp routing information
Ip dvmrp metric
This example shows how to display Dvmrp status information
Configuring Irdp
Ip irdp enable
Ip irdp maxadvertinterval
Ip irdp minadvertinterval
9000
Ip irdp holdtime
Ip irdp preference
Show ip irdp
Use this command to display Irdp information
Ip irdp broadcast
Configuration Tasks on page 18‐1
Configuring Vrrp
Router vrrp
This example shows how enable Vrrp configuration mode
Create
Address
Priority
Advertise-interval
Described in Pre‐Routing Configuration Tasks on page 18‐1
Preempt
Enable
Ip vrrp authentication-key
Use this command to display Vrrp routing information
This example shows how to display Vrrp information
Show ip vrrp
Configuring PIM-SM
Design Considerations
Global router configuration C3su‐routerConfig#
This example shows how to globally enable and disable PIM
Ip pimsm
Ip pimsm staticrp
Ip pimsm enable
Show ip pimsm
This example shows how to display PIM information
Ip pimsm query-interval
Show ip pimsm Output Details
This example shows how to display PIM router information
Show ip pimsm componenttable
This example shows how to display PIM interface information
Show ip pimsm interface
Show ip pimsm componenettable Output Details
Stats
This example shows how to display PIM interface statistics
Show ip pimsm neighbor
Show ip pimsm interface vlan Output Details
10 show ip pimsm interface stats Output Details
‐11 provides an explanation of the command output
Show ip pimsm rp
11 show ip pimsm neighbor Output Details
Candidate
12 show ip pimsm rp Output Details
‐12 provides an explanation of the command output
Show ip pimsm rphash
Display the PIM‐SM static Rendezvous Point information
‐13 provides an explanation of the command output
Show ip pimsm staticrp
13 show ip pimsm staticrp Output Details
Use this command to display the IP multicast routing table
Show ip mroute
20-60 IPv4 Routing Protocol Configuration
IPv6 Management
Show ipv6 status
Set ipv6
By default, IPv6 management is disabled
This example shows how to enable IPv6 management
Eui64
No global unicast IPv6 address is defined by default
Set ipv6 address
Clear ipv6 address
Use this command to clear IPv6 global addresses
Show ipv6 address
Set ipv6 gateway
Show ipv6 neighbors
Use this command to clear an IPv6 gateway address
Clear ipv6 gateway
Show ipv6 netstat
This example shows example output of this command
Use this command to display IPv6 netstat information
Size num
This command is also available in router mode
Ping ipv6
Traceroute ipv6
Traceroute ipv6 21-10 IPv6 Management
IPv6 Routing License Required
IPv6 Configuration
Overview
Default Conditions
Following table lists the default IPv6 conditions
Ipv6 hop-limit
General Configuration Commands
Ipv6 forwarding
Default maximum number of IPv6 hops is
This command configures static IPv6 routes
Ipv6 route
This example sets the hop limit to
Default preference or administrative distance is
Ipv6 route distance
This command sets the default distance value to
Ipv6 unicast-routing
Ping ipv6 interface
Link‐local‐address
Router privileged exec C3 su‐router#
20010db8123455551
No IPv6 addresses are defined for any interface
Interface Configuration Commands
Ipv6 address
Ipv6 enable
IPv6 is disabled
Ipv6 mtu
Bytes
This example sets the MTU value to 1500 bytes
This example clears all dynamically learned cache entries
Neighbor Cache and Neighbor Discovery Commands
Clear ipv6 neighbors
Ipv6 nd ns-interval
Duplicate address detection enabled, for 1 attempt
Ipv6 nd dad attempts
By default, a value of 0 is advertised in RA messages
Router interface configurationC3su‐routerConfig‐ifVlan 1#
Ipv6 nd reachable-time
This example sets the NS interval to 2 seconds
Ipv6 nd other-config-flag
Flag is set to false by default
Router interface configuration C3su‐routerConfig‐if Vlan 1#
This example sets the reachable time to 60 seconds
Ipv6 nd ra-interval
Ipv6 nd ra-lifetime
Suppression disabled
This example disables router advertisement transmission
Ipv6 nd suppress-ra
Ipv6 nd prefix
Off‐link
No‐autoconfig
Router interface configurationC3su‐routerConfig‐if Vlan 1#
Example
Query Commands
Show ipv6
Show ipv6 interface
Router privileged execution C3su‐router#
This example displays information about IPv6 interface Vlan
This command displays IPv6 Neighbor Cache information
This example displays the neighbors in the cache
This command displays the IPv6 routing table
Show ipv6 route
Show ipv6 neighbor Output Details
Interface interface
This example displays all active IPv6 routes
Show ipv6 route Output Details
Show ipv6 route preferences
Show ipv6 route preferences Output Details
Non‐best routes
This command displays the summary of the routing table
Show ipv6 route summary
Show ipv6 summary Output Details
Following example displays the output of this command
Show ipv6 traffic
Show ipv6 traffic Output Details
Options, etc
Counter would include datagrams counted
Send. Note that this counter includes all those counted by
This example clears the statistics for Vlan
Clear ipv6 statistics
Router privileged executionC3su‐router#
IPv6 Proxy Routing
Preparing a Mixed Stack for IPv6 Proxy Routing
Limitations
IPv6 proxy routing is disabled by default
Router global configuration C2su‐routerConfig#
This example enables IPv6 proxy routing
Ipv6 proxy-routing
Any routing mode
DHCPv6 Configuration
Global Configuration Commands
Ipv6 dhcp enable
Following table lists the default DHCPv6 conditions
This command enables DHCPv6 on the router
Ipv6 dhcp relay-agent-info-opt
By default, DHCPv6 is disabled
This example enables DHCPv6
Ipv6 dhcp relay-agent-info-remote-id-subopt
Ipv6 dhcp pool
Ipv6 dhcp pool
Address Pool Configuration Commands
Domain-name
Dns-server
Prefix-delegation
Secs infinite
Valid‐lifetime secs
Preferred‐lifetime
C3su-routerConfig-dhcp6s-pool# exit C3su-routerConfig#
By default, DHCPv6 functionality is disabled
Ipv6 dhcp server
Rapid‐commit
Preference pref
Ipv6 dhcp relay
Destination dest‐addr
Interface intf
Remote‐id duid‐ifid
Examples
DHCPv6 Show Commands
Show ipv6 dhcp
Show ipv6 dhcp interface
Statistics
Output of show ipv6 dhcp interface Command
This example displays the DHCPv6 statistics for Vlan
Show ipv6 dhcp statistics
This example displays the output of this command
Output of show ipv6 dhcp statistics Command
Clear ipv6 dhcp statistics
This example clears DHCPv6 statistics for Vlan
Show ipv6 dhcp binding
This command displays information about DHCPv6 bindings
Show ipv6 dhcp pool
If no IPv6 address is specified, all bindings are displayed
Show ipv6 dhcp binding DHCPv6 Configuration
OSPFv3 Configuration
Following table lists the default OSPFv3 conditions
Ipv6 router id
Global OSPFv3 Configuration Commands
Use this command to configure the OSPFv3 router ID
Default-information originate
Ipv6 router ospf
Always
Metric value
Default-metric
Router OSPFv3 configuration C3su‐routerConfig‐router#
No default metric is configured
Router OSPFv3 configuration C3su-routerConfig-router#
Exit-overflow-interval
Intra
Inter
Type1
This command configures the external Lsdb limit for OSPFv3
Default value is ‐1
External-lsdb-limit
This example sets the exit overflow interval to 10 seconds
Tag tag
Maximum-paths
Connected static
Metric = unspecified Metric type = Type Tag =
These commands are used to configure area parameters
Area Configuration Commands
Area default-cost
This example sets the default route cost to 50 for area
This example shows how to configure area 20 as an Nssa
Area nssa default-info-originate
Default metric value is
Area nssa no-redistribute
Comparable
Area nssa no-summary
This command configures the translator role of the router
By default, the translator role is disabled
Area nssa translator role
Area nssa translator-stab-intv
Default interval is 40 seconds
Area address ranges are not configured by default
Summarylink
Nssaexternallink
This command creates a stub area for the specified area ID
This example creates a stub area with the ID
Example disables the import of summary LSAs into stub area
Area stub no-summary
Default dead interval is 40 seconds
Area virtual-link dead-interval
Area virtual-link retransmit-interval
Default hello interval is 10 seconds
Area virtual-link hello-interval
Default transmit delay is 1 second
Area virtual-link transmit-delay
Default retransmit interval is 5 seconds
Ipv6 ospf enable
OSPFv3 is disabled by default
Ipv6 ospf areaid
Ipv6 ospf cost
Default dead interval value is 40 seconds
Ipv6 ospf dead-interval
Ipv6 ospf hello-interval
Ipv6 ospf mtu-ignore
Ipv6 ospf network
By default, MTU mismatch detection is enabled
Default network type is broadcast
Ipv6 ospf retransmit-interval
Default priority value is
Ipv6 ospf priority
Default value is 1 second
Ipv6 ospf transmit-delay
Default value is 4 seconds
Ipv6 ospf transmit-delay
OSPFv3 Show Commands
This command displays OSPFv3 router information
This example shows how to display OSPFv3 router information
Show ipv6 ospf
Show ipv6 ospf Output Details
Show ipv6 ospf area
Show ipv6 ospf area Output Details
Show ipv6 ospf abr
Show ipv6 ospf abr Output Details
Show ipv6 ospf asbr
Show ipv6 ospf asbr Output Details
Show ipv6 ospf database
Adv Router Link Id Age Sequence Csum Options Rtr Opt
Show ipv6 ospf database Output Details
Show ipv6 ospf database database-summary Output Details
Loopback loopid
This command displays information about OSPFv3 interfaces
Show ipv6 ospf interface
Show ipv6 ospf interface Command Output Details
This example shows how to display statistics for Vlan
Show ipv6 ospf interface stats
Show ipv6 ospf interface stats Output Details
This command displays information about OSPFv3 neighbors
Show ipv6 ospf neighbor
Specify the Vlan interface to display information about
Specify the tunnel interface to display
Show ipv6 ospf neighbor Output Details
This example displays range information for area
Show ipv6 ospf range
10 show ipv6 ospf neighbor routerid Output Details
Show ipv6 ospf stub table
11 show ipv6 ospf range Output Details
This example displays the OSPFv3 stub table information
12 show ipv6 ospf stub table Output Details
Show ipv6 ospf virtual-link
13 show ipv6 ospf virtual-link Output Details
Show ipv6 ospf virtual-link
Show ipv6 ospf virtual-link OSPFv3 Configuration
Authentication and Authorization Configuration
Overview of Authentication and Authorization Methods
Overview of Authentication and Authorization Methods
Filter-ID Attribute Formats
Setting the Authentication Login Method
Show authentication login
Set authentication login
Use this command to set the authentication login method
Clear authentication login
Any
Local
Radius
Configuring Radius
Timeout
Show radius
Retries
Optional Displays Radius server configuration information
Set radius
Server
Servers or a specific Radius server as defined by an index
Server index
Timeout timeout
Realm management‐ access any network‐access
Clear radius
Realm
Retries retries
Show radius accounting
Set radius accounting
This example shows how to set Radius accounting retries to
Timeout
Clear radius accounting
Retries
Show radius interface
Set radius interface
Clear radius interface
Example
Configuring 802.1X Authentication
Show dot1x
Auth‐diag
Auth‐stats
This example shows how to display 802.1X status
Show dot1x auth-config
True false
Set dot1x
Init reauth
Set dot1x auth-config
Clear dot1x auth-config
Portcontrol Maxreq
Show eapol
Connecting state, via disconnected
Show eapol Output Details
Set eapol
Clear eapol
Auth‐mode
Forced‐auth
Optional Globally clears the Eapol authentication mode
Configuring MAC Authentication
Show macauthentication
Show macauthentication Output Details
Nopassword
Show macauthentication session Output Details
Show macauthentication session
This example shows how to display MAC session information
Use this command to set a MAC authentication password
Set macauthentication
Set macauthentication password
Clear macauthentication password
Set macauthentication port
Use this command to clear the MAC authentication password
Enables or disables MAC authentication
Set macauthentication portinitialize
Set macauthentication portquietperiod
This example resets the default quiet period on port
Clear macauthentication portquietperiod
Set macauthentication macinitialize
Enables or disables MAC reauthentication
Set macauthentication reauthentication
Set macauthentication portreauthenticate
Set macauthentication macreauthenticate
Set macauthentication reauthperiod
Clear macauthentication reauthperiod
Set macauthentication significant-bits
Clear macauthentication significant-bits
C3su-clear macauthentication significant-bits
About Multi-User Authentication
Configuring Multiple Authentication Methods
About Multiple Authentication Types
Show multiauth
Set multiauth mode
Clear multiauth mode
Multi
Strict
Clear multiauth precedence
Default precedence order is dot1x, pwa, mac
Set multiauth precedence
Show multiauth port
Set multiauth port
Clear multiauth port
Show multiauth station
Show multiauth session
Show multiauth idle-timeout
Agent dot1x mac
Set multiauth idle-timeout
Authentication method for which to set the timeout value
Which to set the timeout value
Idle timeout value is provided by the authenticating server
Clear multiauth idle-timeout
Show multiauth session-timeout
Default
Which to reset the timeout value to its default
Set multiauth session-timeout
Which to set the session timeout value
Clear multiauth session-timeout
Configuring User + IP Phone Authentication
Configuring Vlan Authorization RFC
Tagged
Set vlanauthorization
Set vlanauthorization egress
By default, administrative egress is set to untagged
Clear vlanauthorization
Show vlanauthorization
Configuring Policy Maptable Response
Show vlanauthorization Output Details
When Policy Maptable Response is Both
Operational Description
Show policy maptable
When Policy Maptable Response is Policy
When Policy Maptable Response is Tunnel
Set policy maptable
Response
Both
Policy
Clear policy maptable
Configuring MAC Locking
To review, disable, enable, and configure MAC locking
Show maclock
Show maclock stations
Show maclock Output Details
Firstarrival
Connected to MAC locked ports
Show maclock stations Output Details
Set maclock enable
Set maclock enable port‐string
Set maclock disable
This example shows how to enable MAC locking on ge.2.3
This example shows how to disable MAC locking on ge.2.3
Set maclock
Specified MAC address and port
Clear maclock
Create
Set maclock static
Clear maclock static
Set maclock firstarrival
Clear maclock firstarrival
Set maclock agefirstarrival
This example enables first arrival aging on port ge.1.1
This example disables first arrival aging on port ge.1.1
Clear maclock agefirstarrival
Set maclock move
Set maclock trap
Configuring Port Web Authentication PWA
About PWA
Show pwa
Show pwa Output Details
Set pwa
Enable disable Enables or disables port web authentication
This example shows how to enable port web authentication
Set pwa banner
This example shows how to display the PWA login banner
Show pwa banner
This example shows how to hide the Enterasys Networks logo
Clear pwa banner
Set pwa displaylogo
Display hide
Chap pap
Set pwa ipaddress
Set pwa protocol
Use this command to clear the PWA guest user name
This example shows how to clear the PWA guest user name
Set pwa guestname
Clear pwa guestname
Set pwa guestpassword
Set pwa gueststatus
Authnone
Authradius
Set pwa quietperiod
This example shows how to initialize ports ge.1.5‐7
Set pwa initialize
Set pwa maxrequest
Set pwa portcontrol
Enables or disables PWA on specified ports
This example shows how to enable PWA on ports 1‐22
This example shows how to display PWA session information
Show pwa session
Set pwa enhancedmode
Enable disable Enables or disables PWA enhancedmode
This example shows how to enable PWA enhancedmode
Configuring Secure Shell SSH
This example shows how to display SSH status on the switch
Show ssh status
Set ssh
Set ssh hostkey
This example shows how to disable SSH
This example shows how to regenerate SSH keys
Show access‐lists number
Configuring Access Lists
Show access-lists
Access-list standard
Deny permit
This example moves entry 16 to the beginning of ACL
Access-list extended
Insert replace
Insert replace
Filters inbound frames
Ip access-group
Interface configuration C3su‐routerConfig‐ifVlan vlanid#
Example
Page
TACACS+ Configuration
Show tacacs Output Details
Show tacacs
State Optional Displays only the TACACS+ client status
Use this command to enable or disable the TACACS+ client
Enable disable Enables or disables the Tacacs client
This example shows how to enable the TACACS+ client
Set tacacs
Timeout seconds
Set tacacs server
Clear tacacs server
Specifies one TACACS+ server to be affected
Show tacacs session
This example removes TACACS+ server
Set tacacs session
Service
Clear tacacs session
Read‐write
Super‐user
Show tacacs command
Set tacacs command
Connection
Show tacacs singleconnect
Set tacacs singleconnect
Show tacacs interface
Set tacacs interface
Clear tacacs interface
Clear tacacs interface TACACS+ Configuration
27-14
Advantages of using sFlow include
SFlow Configuration
Using sFlow in Your Network
Definitions
SFlow Agent Functionality
Sampling Mechanisms
SFlow Definitions
Usage Notes
Packet Flow Sampling
Counter Sampling
28-5
This example displays the sFlow Receivers Table
Contents of the sFlow Receivers Table is displayed
Show sflow receivers
Following table describes the output fields
Show sflow receivers Output Descriptions
Set sflow receiver owner
Set sflow receiver ip
Default IP address is
Default maximum datagram size is 1400 bytes
Set sflow receiver maxdatagram
Maxdatagram bytes
Default port value is
Set sflow receiver port
Clear sflow receiver
Maxdatagram
Port port
Set sflow port poller
Owner
Show sflow pollers
Clear sflow port poller
Set sflow port sampler
Interval
This example removes the poller instance on port ge.1.1
Show sflow samplers
Clear sflow port sampler
Set sflow interface
Maxheadersize
Rate
Show sflow interface
Clear sflow interface
Show sflow agent
28-18
Table A-1 Policy Capacities
Policy and Authentication Capacities
Policy Capacities
Authentication Capacities
Table A-2 Authentication Capacities
Index
Numerics
Ospf 20-30Network Management
Tftp
Index
