Main
Page
Notice
Enterasys Networks, Inc. Software License Agreement
Page
Page
Contents
About This Guide
Chapter 1: Introduction
Chapter 2: Startup and General Configuration
Page
Page
Chapter 3: Discovery Protocols Configuration
Chapter 4: Port Configuration
Page
Chapter 5: SNMP Configuration
Chapter 6: Spanning Tree Configuration
Page
Page
Chapter 7: 802.1Q VLAN Configuration
Chapter 8: Policy Classification Configuration
Page
Chapter 9: IGMP Configuration
Chapter 10: System Logging Configuration
Chapter 11: Network Monitoring Configuration
Chapter 12: Network Address and Route Management Configuration
Chapter 13: SNTP Configuration
Chapter 14: Node Alias Configuration
Chapter 15: NetFlow Configuration
Chapter 16: IP Configuration
Chapter 17: PIM Configuration
Chapter 18: Network Address Translation (NAT) Configuration
Chapter 19: LSNAT Configuration
Chapter 20: DHCP Configuration
Chapter 21: Routing Protocol Configuration
Page
Chapter 22: Port Priority and Rate Limiting Configuration
Chapter 23: Transparent Web Cache Balancing Configuration
Chapter 24: Security Configuration
Chapter 25: Authentication Configuration
Page
Chapter 26: RADIUS Snooping Configuration
Chapter 27: MultiAuth Configuration
Index Figures
Tables
Page
Page
About This Guide
Using This Guide
Structure of This Guide
Page
Related Documents
Conventions Used in This Guide
Thefollowingconventionsareusedinthetextofthisdocument:
Thefollowingiconsareusedinthisguide:
Convention Description
Getting Help
Page
Introduction
Matrix DFE Series Features
Matrix Series CLI Overview
Device Management Methods
Startup and General Configuration
Startup and General Configuration Summary
Factory Default Settings
Table 2-1 Default Device Settings for Basic Switch Operation
Page
Page
Table 2-2 Default Device Settings for Router Mode Operation
CLI Defaults Descriptions
CLI Command Modes
Using WebView
Displaying WebView status:
Enabling / disabling WebView:
Starting and Navigating the Command Line Interface
Using a Console Port Connection
Logging in with Administratively Configured Account
Using a Telnet Connection
Getting Help with CLI Syntax
Using Context-Sensitive Help
Performing Keyword Lookups
Displaying Scrolling Screens
Abbreviating and Completing Commands
Using the Spacebar Auto Complete Function
Configuring the Line Editor
Figure 2-7 Basic Line Editing Emacs & vi Commands (continued)
show line-editor
set line-editor
Setting User Accounts and Passwords
show system login
set system login
clear system login
set password
show system password
set system password
Page
clear system password
show system lockout
set system lockout
Page
Managing the Management Authentication Notification MIB
show mgmt-auth-notify
set mgmt-auth-notify
clear mgmt-auth-notify
Page
Setting Basic Device Properties
show ip address
set ip address
clear ip address
show ip gratuitous-arp
set ip gratuitous-arp
clear ip gratuitous-arp
show system
Table 25providesanexplanationofthecommandoutput.
show system hardware
Usethiscommandtodisplaythesystemshardwareconfiguration.
Table 2-5 Show System Output Display
Page
show system utilization
Page
set system utilization threshold
clear system utilization
show time
set time
show summertime
set summertime
set summertime date
set summertime recurring
clear summertime
set prompt
set cli completion
loop
show banner
set banner
motd message Specifiesamessageofthedaydisplayedpostsessionlogin.Thisisa
clear banner
show version
Table 26providesanexplanationofthecommandoutput. Table 2-6 show version Output Details
set system name
set system location
set system contact
set width
set length
show logout
set logout
show physical alias
set physical alias
clear physical alias
show physical assetid
set physical assetid
clear physical assetid
Page
Activating Licensed Features
About Redundant Management on Matrix DFE-Gold Series Modules
set license
show license
clear license
Configuring Power over Ethernet (PoE)
show inlinepower
UsethiscommandtodisplaydevicePoEproperties.
set inlinepower mode
Usethiscommandtosetthechassispowerallocationmode.
clear inlinepower mode
set inlinepower available
clear inlinepower available
set inlinepower powertrap
clear inlinepower powertrap
set inlinepower assigned
clear inlinepower assigned
set inlinepower threshold
clear inlinepower threshold
set inlinepower management
clear inlinepower management
set inlinepower psetrap
clear inlinepower psetrap
show port inlinepower
set port inlinepower
clear port inlinepower
Reviewing and Selecting a Boot Firmware Image
Downloading a New Firmware Image
Downloading from an FTP or TFTP Server
Downloading via the Serial Port
Page
show boot system
set boot system
Starting and Configuring Telnet
show telnet
set telnet
telnet
show router telnet
set router telnet
clear router telnet
Managing Configuration and Image Files
dir
Usethiscommandtolistfilesstoredinthefilesystem.
filename (Optional)Specifiesthefilenameordirectorytolist.
Iffilenameisnotspecified,allfilesinthesystemwillbedisplayed.
Switch,ReadOnly.
Table 27providesanexplanationofthecommandoutput. Table 2-7 dir Output Details
show file
Usethiscommandtodisplaythecontentsofanimageorconfigurationfile.
filename Specifiesthefilenametodisplay.
None.
Switch,ReadOnly.
Page
show config
configure
copy
delete
sour ce
destinat ion
script
Page
Enabling or Disabling the Path MTU Discovery Protocol
show mtu
set mtu
clear mtu
Pausing, Clearing and Closing the CLI
cls (clear screen)
exit | quit
Page
Resetting the Device
show reset
reset
reset at
reset in
clear config
Gathering Technical Support Information
show support
Page
Preparing the Device for Router Mode
Pre-Routing Configuration Tasks
Reviewing and Configuring Routing
Toreviewandconfigurerouting.
Table 2-8 Enabling the Switch for Routing
show router
clear router
router
UsethiscommandtoenterrouterCLImode.
Switchcommand,ReadWrite.
Thisexampleshowshowtoenableroutingonthisrouter:
Enabling Router Configuration Modes
Page
Table 2-9 Router CLI Configuration Modes (continued)
Page
Discovery Protocols Configuration
Displaying Neighbors
show neighbors
Ifportstringisnotspecified,allNetworkNeighborDiscoveryinformationwillbedisplayed.
ThisexampleshowshowtodisplayNetworkNeighborDiscoveryinformation:
Enterasys Discovery Protocol
show cdp
Table 31providesanexplanationofthecommandoutput.
set cdp state
UsethiscommandtoenableordisabletheCDPdiscoveryprotocolononeormoreports.
Table 3-1 show cdp Output Details
set cdp auth
set cdp interval
set cdp hold-time
clear cdp
Cisco Discovery Protocol
show ciscodp
show ciscodp port info
set ciscodp status
set ciscodp timer
set ciscodp holdtime
set ciscodp port
clear ciscodp
Page
Link Layer Discovery Protocol and LLDP-MED
LLDP Frames
Configuration Tasks
Page
show lldp
UsethiscommandtodisplayLLDPconfigurationinformation.
ThisexampleshowshowtodisplayLLDPconfigurationinformation.
show lldp port status
show lldp port trap
show lldp port tx-tlv
show lldp port location-info
show lldp port local-info
Page
Table 3-4 show lldp port local-info Output Details (continued)
show lldp port remote-info
port-string
show lldp port network-policy
port-string
set lldp tx-interval
set lldp hold-multiplier
set lldp trap-interval
set lldp med-fast-repeat
set lldp port status
set lldp port trap
set lldp port med-trap
set lldp port location-info
set lldp port tx-tlv
Page
set lldp port network-policy
Page
clear lldp
clear lldp port status
clear lldp port trap
clear lldp port med-trap
clear lldp port location-info
clear lldp port network-policy
clear lldp port tx-tlv
port-string
Port Configuration
Port Configuration Summary
Console Port(s)
Switch Ports
Port String Syntax Used in the CLI
port type.slot location.port number
Examples
Setting Console Port Properties
show console
clear console
show console baud
set console baud
clear console baud
show console flowcontrol
set console flowcontrol
clear console flowcontrol
show console bits
set console bits
clear console bits
show console stopbits
set console stopbits
clear console stopbits
show console parity
set console parity
clear console parity
Reviewing Port Status
show port
show port status
show port counters
Table 42providesanexplanationofthecommandoutput. Table 4-2 show port counters Output Details
show port operstatuscause
clear port operstatuscause
Page
Disabling / Enabling and Naming Ports
set port disable
port-string
set port enable
show port alias
set port alias
show forcelinkdown
set forcelinkdown
clear forcelinkdown
Setting Speed and Duplex Mode
show port speed
set port speed
show port duplex
set port duplex
Enabling / Disabling Jumbo Frame Support
show port jumbo
set port jumbo
clear port jumbo
Page
Setting Auto-Negotiation and Advertised Ability
show port negotiation
set port negotiation
show port mdix
set port mdix
clear port mdix
show port advertise
Table 43providesanexplanationofthecommandoutput.
set port advertise
Usethiscommandtoenableordisableandtoconfiguretheadvertisedabilityononeormore ports.
Table 4-3 show port advertise Output Details
clear port advertise
port-string
Page
Setting Flow Control
show port flowcontrol
set port flowcontrol
Configuring Link Traps and Link Flap Detection
show port trap
set port trap
show linkflap
Page
Table 45providesanexplanationoftheshowlinkflapparameterscommandoutput.
Thisexampleshowshowtodisplaythelinkflapmetricstable:
Table 46providesanexplanationoftheshowlinkflapmetricscommandoutput.
Table 4-5 show linkflap parameters Output Details
Table 4-6 show linkflap metrics Output Details
set linkflap globalstate
set linkflap
set linkflap interval
set linkflap action
clear linkflap action
set linkflap threshold
set linkflap downtime
clear linkflap down
clear linkflap
Page
Configuring Broadcast Suppression
show port broadcast
port-string
set port broadcast
clear port broadcast
port-string
Page
Configuring Port Mirroring
Supported Mirrors
Active Destination Port Configurations
Commands
show port mirroring
set port mirroring
clear port mirroring
Configuring LACP
LACP Operation
LACP Terminology
Matrix Series Usage Considerations
Page
show lacp
Table 49providesanexplanationofthecommandoutput.
set lacp
disable|enable DisablesorenablesLACP.
Table 4-9 show lacp Output Details
DFE-Gold Series devices allow for up to four ports per aggregator.
clear lacp state
set lacp asyspri
set lacp aadminkey
clear lacp
set lacp static
clear lacp static
show lacp singleportlag
set singleportlag
clear singleportlag
show port lacp
set port lacp
Page
clear port lacp
show lacp flowRegeneration
set lacp flowRegeneration
clear lacp flowRegeneration
show lacp outportAlgorithm
set lacp outportAlgorithm
clear lacp outportAlgorithm
Page
SNMP Configuration
SNMP Configuration Summary
SNMPv1 and SNMPv2c
SNMPv3
unauthorized source.
About SNMP Security Models and Levels
Using SNMP Contexts to Access Specific MIBs
Creating a Basic SNMP Trap Configuration
How SNMP Will Use This Configuration
Reviewing SNMP Statistics
show snmp engineid
show snmp counters
Page
Page
Table 5-4 show snmp counters Output Details (continued)
Configuring SNMP Users, Groups and Communities
show snmp user
Page
set snmp user
clear snmp user
show snmp group
set snmp group
clear snmp group
show snmp community
set snmp community
clear snmp community
Configuring SNMP Access Rights
show snmp access
ThisexampleshowshowtodisplaySNMPaccessinformation:
set snmp access
context name match) or a partial match with a given prefix.
clear snmp access
Configuring SNMP MIB Views
show snmp view
show snmp context
UsethiscommandtodisplaythecontextlistconfigurationforSNMPsviewbasedaccesscontrol.
Table 5-8 show snmp view Output Details
set snmp view
clear snmp view
Configuring SNMP Target Parameters
show snmp targetparams
set snmp targetparams
clear snmp targetparams
Configuring SNMP Target Addresses
show snmp targetaddr
set snmp targetaddr
clear snmp targetaddr
Page
Configuring SNMP Notification Parameters
About SNMP Notify Filters
show snmp notify
Page
set snmp notify
clear snmp notify
show snmp notifyfilter
set snmp notifyfilter
clear snmp notifyfilter
show snmp notifyprofile
set snmp notifyprofile
clear snmp notifyprofile
Page
Configuring SNMP Walk Behavior
set snmp timefilter break
Page
Spanning Tree Configuration
Overview: Single, Rapid and Multiple Spanning Tree Protocols
RSTP
MSTP
Spanning Tree Features
Loop Protect
Configuring Spanning Tree Bridge Parameters
Page
Page
show spantree stats
Table 61showsadetailedexplanationofcommandoutput. Table 6-1 show spantree Output Details
Table 6-2 Port-Specific show spantree stats Output Details
show spantree version
set spantree version
clear spantree version
show spantree stpmode
set spantree stpmode
clear spantree stpmode
show spantree maxconfigurablestps
set spantree maxconfigurablestps
clear spantree maxconfigurablestps
show spantree mstilist
set spantree msti
clear spantree msti
show spantree mstmap
set spantree mstmap
clear spantree mstmap
show spantree vlanlist
show spantree mstcfgid
set spantree mstcfgid
clear spantree mstcfgid
show spantree bridgeprioritymode
set spantree bridgeprioritymode
clear spantree bridgeprioritymode
show spantree priority
set spantree priority
Page
clear spantree priority
show spantree bridgehellomode
set spantree bridgehellomode
clear spantree bridgehellomode
show spantree hello
set spantree hello
clear spantree hello
show spantree maxage
set spantree maxage
clear spantree maxage
show spantree fwddelay
set spantree fwddelay
clear spantree fwddelay
show spantree autoedge
set spantree autoedge
clear spantree autoedge
show spantree legacypathcost
set spantree legacypathcost
clear spantree legacypathcost
show spantree tctrapsuppress
set spantree tctrapsuppress
clear spantree tctrapsuppress
show spantree txholdcount
set spantree txholdcount
clear spantree txholdcount
show spantree maxhops
set spantree maxhops
clear spantree maxhops
show spantree spanguard
set spantree spanguard
clear spantree spanguard
show spantree spanguardtimeout
set spantree spanguardtimeout
clear spantree spanguardtimeout
show spantree spanguardlock
clear / set spantree spanguardlock
show spantree spanguardtrapenable
set spantree spanguardtrapenable
clear spantree spanguardtrap enable
show spantree backuproot
set spantree backuproot
clear spantree backuproot
show spantree backuproottrapendable
set spantree backuproottrapenable
clear spantree backuproottrapenable
show spantree newroottrapendable
set spantree newroottrapenable
clear spantree newroottrapenable
clear spantree default
show spantree debug
ThisexampleshowshowtodisplaySpanningTreedebugcountersforlinkaggregationport3, SID 0:
clear spantree debug
Configuring Spanning Tree Port Parameters
show spantree portenable
set spantree portenable
clear spantree portenable
show spantree portadmin
set spantree portadmin
clear spantree portadmin
set spantree protomigration
show spantree portstate
show spantree blockedports
show spantree portpri
set spantree portpri
clear spantree portpri
set spantree porthello
clear spantree porthello
show spantree portcost
show spantree adminpathcost
set spantree adminpathcost
clear spantree adminpathcost
show spantree adminedge
set spantree adminedge
clear spantree adminedge
show spantree operedge
show spantree adminpoint
show spantree operpoint
set spantree adminpoint
clear spantree adminpoint
Configuring Spanning Tree Loop Protect Features
set spantree lp
UsethiscommandtoenableordisabletheLoopProtectfeatureperportandoptionally,perSID.
show spantree lp
clear spantree lp
show spantree lplock
clear spantree lplock
set spantree lpcapablepartner
show spantree lpcapablepartner
clear spantree lpcapablepartner
set spantree lpthreshold
show spantree lpthreshold
clear spantree lpthreshold
set spantree lpwindow
show spantree lpwindow
clear spantree lpwindow
set spantree lptrapenable
show spantree lptrapenable
clear spantree lptrapenable
set spantree disputedbpduthreshold
show spantree disputedbpduthreshold
clear spantree disputedbpduthreshold
show spantree nonforwardingreason
Page
802.1Q VLAN Configuration
VLAN Configuration Summary
Port Assignment Scheme
Port String Syntax Used in the CLI
Preparing for VLAN Configuration
About PVIDs and Policy Classification to a VLAN
Creating a Secure Management VLAN
Reviewing Existing VLANs
show vlan
Page
Page
Creating and Naming Static VLANs
set vlan
set vlan name
clear vlan
clear vlan name
Assigning Port VLAN IDs (PVIDs) and Ingress Filtering
show port vlan
set port vlan
clear port vlan
show vlan interface
set vlan interface
clear vlan interface
show port ingress filter
set port ingress filter
show port discard
set port discard
clear port discard
Configuring the VLAN Egress List
show port egress
set vlan egress
clear vlan egress
show vlan dynamic egress
set vlan dynamicegress
Page
Enabling/Disabling GVRP
GARP VLAN Registration Protocol (GVRP) Operation
Overview
How It Works
set vlan dynamicegress Enabling/Disabling GVRP
RD
Switch 3 1R
show gvrp
show garp timer
Page
set gvrp
clear gvrp
set garp timer
clear garp timer
Page
Policy Classification Configuration
Policy Classification Configuration Summary
Configuring Policy Profiles
show policy profile
Table 81providesanexplanationofthecommandoutput.
set policy profile
Usethiscommandtocreateapolicyprofileentry.
Table 8-1 show policy profile Output Details
vlans
If append is not used, previous VLAN settings are replaced.
clear policy profile
show policy invalid
set policy invalid action
clear policy invalid action
Assigning Classification Rules to Policy Profiles
show policy rule
Page
Table 82providesanexplanationofthecommandoutput. Table 8-2 show policy rule Output Details
show policy capability
set policy classify
pr ofile-index
classify-in dex
set policy rule
set policy port port-string admin-id
clear policy rule
clear policy all-rules
set policy port
show policy allowed-type
set policy allowed-type
clear policy allowed-type
clear policy port-hit
Page
Configuring Policy Class of Service (CoS)
Using Port-Based or Policy-Based CoS Settings
About Policy-Based CoS Default and User-Defined Configurations
ToconfigurepolicybasedClassofService.
Table 8-4 Configuring User-Defined CoS
show cos state
set cos state
show cos port-type
Table 85providesanexplanationofthecommandoutput.
Table 8-5 show cos port-type Output Details
show cos unit
show cos port-config
set cos port-config irl
clear cos port-config irl
set cos port-config txq
clear cos port-config txq
show cos port-resource
set cos port-resource irl
irl-numbe r
clear cos port-resource irl
set cos port-resource txq
clear cos port-resource txq
show cos reference
set cos reference irl
clear cos reference irl
set cos reference txq
clear cos reference txq
show cos settings
set cos settings
clear cos settings
show cos violation irl
clear cos violation irl
clear cos all-entries
Configuring Policy-Based Routing
About Policy-Based Routing
show route-map
route-map
match ip address
set next hop
show ip policy
ip policy route-map
ip policy priority
ip policy load-policy
ip policy pinger
Page
Page
IGMP Configuration
About IP Multicast Group Management
IGMP Configuration Summary
Enabling / Disabling IGMP
show igmp enable
set igmp enable
set igmp disable
Page
Configuring IGMP
vlanlist SpecifiestheVLAN(s)forwhichtodisplayIGMPquerystate.
show igmp query
UsethiscommandtodisplaytheIGMPquerystatusofoneormoreVLANs.
set igmp query-enable
set igmp query-disable
show igmp grp-full-action
set igmp grp-full-action
show igmp config
set igmp config
set igmp delete
show igmp groups
show igmp static
set igmp add-static
set igmp remove-static
show igmp protocols
set igmp protocols
clear igmp protocols
show igmp vlan
show igmp reporters
show igmp flows
show igmp counters
show igmp number-groups
Page
System Logging Configuration
Thischapterdescribessystemloggingcommandsandhowtousethem.
Configuring System Logging
show logging all
Usethiscommandtodisplayallconfigurationinformationforsystemlogging.
Thisexampleshowshowtodisplayallsystemlogginginformation:
Table 101providesanexplanationofthecommandoutput.
show logging server
UsethiscommandtodisplaytheSyslogconfigurationforaparticularserver.
Table 10-1 show logging all Output Details
set logging server
clear logging server
show logging default
set logging default
clear logging default
show logging application
Page
set logging application
Page
clear logging application
show logging local
set logging local
clear logging local
set logging here
clear logging here
show logging buffer
Network Monitoring Configuration
ThischapterdescribesNetworkMonitoringcommandsandhowtousethem.
Monitoring Network Events and Status
history
Usethiscommandtodisplaythecontentsofthecommandhistorybuffer.
show history
set history
show netstat
ping
Switchcommand,ReadWrite.
Matrix(rw)>ping134.141.89.255Inthisexample,thehostatIPaddressisnotresponding:
ThisexampleshowshowtopingIPaddress134.141.89.29with10packets:
show users
tell
disconnect
Configuring SMON
show smon priority
set smon priority
clear smon priority
show smon vlan
set smon vlan
clear smon vlan
Page
Configuring RMON
RMON Monitoring Group Functions and Commands
and notification of events from the device.
Table 11-2 RMON Monitoring Group Functions and Commands (continued)
show rmon stats
Table 11-3 show rmon stats Output Details
set rmon stats
clear rmon stats
show rmon history
set rmon history
clear rmon history
show rmon alarm
set rmon alarm properties
set rmon alarm status
clear rmon alarm
show rmon event
set rmon event properties
set rmon event status
clear rmon event
show rmon host
set rmon host properties
set rmon host status
clear rmon host
show rmon topN
Page
set rmon topN properties
set rmon topN status
clear rmon topN
show rmon matrix
Page
set rmon matrix properties
set rmon matrix status
clear rmon matrix
show rmon channel
set rmon channel
clear rmon channel
show rmon filter
set rmon filter
clear rmon filter
show rmon capture
set rmon capture
clear rmon capture
Network Address and Route Management Configuration
Managing Switch Network Addresses and Routes
show arp
set arp
clear arp
S - manually configured entry (static) P - respond to ARP requests for this entry
show rad
set rad
show ip route
traceroute
Page
set ip route
clear ip route
show port mac
show mac
set mac
clear mac
port
disable - Treats static unicast MAC addresses as unicast addresses.
show newaddrtraps
set newaddrtraps
show movedaddrtrap
set movedaddrtrap
Page
SNTP Configuration
ThischapterdescribesSimpleNetworkTimeProtocol(SNTP)commandsandhowtousethem.
Configuring Simple Network Time Protocol (SNTP)
show sntp
set sntp client
clear sntp client
set sntp server
clear sntp server
set sntp broadcastdelay
clear sntp broadcast delay
set sntp poll-interval
clear sntp poll-interval
set sntp poll-retry
clear sntp poll-retry
set sntp poll-timeout
clear sntp poll-timeout
show timezone
set timezone
clear timezone
Node Alias Configuration
Configuring Node Aliases
show nodealias
show nodealias mac
Page
show nodealias protocol
Usethiscommandtodisplaynodealiasentriesbasedonprotocolandprotocoladdress.
show nodealias config
set nodealias
set nodealias maxentries
clear nodealias
clear nodealias config
NetFlow Configuration
Configuring NetFlow
Enterasys Matrix DFE Implementation
Operation
Version Support
Commands
show netflow
set netflow cache
clear netflow cache
set netflow export-destination
clear netflow export-destination
set netflow export-interval
clear netflow export-interval
set netflow port
clear netflow port
set netflow export-version
clear netflow export-version
set netflow template
The value of packets can range from 1 to 600. The default value is 20 packets.
The value of minutes can range from 1 to 3600. The default value is 30 minutes.
clear netflow template
Page
IP Configuration
Configuring Routing Interface Settings
About Loopback Versus VLAN Interfaces
show interface
interface
ip ecm-forwarding-algorithm
show ip interface
ip address
no shutdown
Managing Router Configuration Files
show running-config
write
no ip routing
Performing a Basic Router Configuration
Using Router-Only Config Files
Displaying or Writing the Current Config to a File
Configuring the Router
Using a downloaded file...
Reviewing and Configuring the ARP Table
show ip arp
the specified IP address.
specified IP address.
specified IP address.
arp
ip gratuitous-arp
ip gratuitous-arp-learning
ip proxy-arp
ip mac-address
arp timeout
clear arp-cache
Configuring Broadcast Settings
Applying DHCP/BOOTP Relay
ip directed-broadcast
ip forward-protocol
ip helper-address
Reviewing IP Traffic and Configuring Routes
show ip protocols
show ip traffic
Sent:0requests,1replies
clear ip stats
PrivilegedEXEC:Matrix>Router#
UsethiscommandtoclearallIPtrafficcounters(IP,ICMP,UDP,TCP,IGMP,andARP).
show ip route
ip route
ip icmp
ping
traceroute
Page
Configuring Debug IP Packet
debug ip packet access-group
debug ip packet restart
show debugging
no debug ip packet
Page
Page
PIM Configuration
Configuring PIM
ip pim sparse mode
ip pim bsr-candidate
ip pim dr-priority
ip pim rp-address
ip pim rp-candidate
show ip pim bsr
Routercommand,PrivilegedEXEC:Matrix>Router#
ThisexampleshowshowtodisplayBootStrapRouter(BSR)information:
Table 171providesanexplanationofthecommandoutput.
show ip pim interface
UsethiscommandtodisplayinformationaboutPIMinterfacesthatarecurrentlyup(not shutdown).
Table 17-1 show ip pim bsr Output Details
show ip pim neighbor
show ip pim rp
Page
show ip pim rp-hash
show ip mroute
show ip mforward
show ip rpf
Network Address Translation (NAT) Configuration
Configuring Network Address Translation (NAT)
NAT Configuration Task List and Commands
ip nat
ip nat pool
ip nat inside source list
ip nat inside source static (NAT)
ip nat inside source static (NAPT)
ip nat ftp-control-port
ip nat secure-plus
ip nat translation max-entries
ip nat translation (timeouts)
show ip nat translations
Thisexampleshowsaportionoftheverboseversionoftheaboveexample:
show ip nat statistics
Routercommand,Globalconfiguration:Matrix>Router(config)#
UsethiscommandtodisplayNATtranslationstatistics.
Ifverboseisnotspecified,thestandardoutputisdisplayed.
ThisexampledisplaystheNATstatisticsforthisrouter:
Thisexampledisplaysaportionoftheverboseversionoftheaboveexample:
clear ip nat translation
clear ip nat translation inside (NAT)
clear ip nat translation inside (NAPT)
set router limits (NAT)
show router limits (NAT)
clear router limits (NAT)
Page
Page
LSNAT Configuration
Configuring Load Sharing Network Address Translation (LSNAT)
About LSNAT
LSNAT Configuration Considerations
Session Persistence
Sticky Persistence Configuration Considerations
Configuring Direct Access to Real Servers
Service Verification
Application Content Verification (ACV)
ToreviewandconfigureLoadSharingNetworkAddressTranslation(LSNAT).
LSNAT Configuration Task List and Commands
show ip slb serverfarms
Usethiscommandtodisplayserverloadbalancingserverfarminformation.
Table 19-1 LSNAT Configuration Task List and Commands (continued)
ip slb ftpctrlport
ip slb serverfarm
real
predictor
sticky
show ip slb reals
Page
Page
inservice (real server)
faildetect (real server)
Page
faildetect acv-command
faildetect acv-reply
faildetect acv-quit
faildetect read-till-index
maxconns
weight
show ip slb vservers
Thisexampleshowshowtodisplaydetailedinformationaboutthetestvirtualserver:
ip slb vserver
serverfarm (Virtual Server)
virtual
Currently, only ftp may be specified.
inservice (virtual server)
client
persistence level
Page
allow accessservers
ip slb allowaccess_all
show ip slb conns
Table 194providesanexplanationofthedetailedcommandoutput.
show ip slb stats
Usethiscommandtodisplayloadserverbalancingstatistics.
Table 19-4 show ip slb conns Output Details
show ip slb sticky
clear ip slb
show router limits (LSNAT)
set router limits (LSNAT)
configured
clear router limits (LSNAT)
Page
Page
DHCP Configuration
DHCP Overview
Configuring DHCP
DHCP Supported Options
Table 20-1 DHCP Server Supported Options
DHCP Command Modes
Page
ip dhcp server
ip local pool
exclude
ip dhcp ping packets
ip dhcp ping timeout
ip dhcp pool
domain-name
dns-server
netbios-name-server
netbios-node-type
default-router
bootfile
next-server
option
lease
host
client-class
client-identifier
client-name
hardware-address
show ip dhcp binding
clear ip dhcp binding
show ip dhcp server statistics
Routercommand,AnyDHCPconfigurationmode.
ThisexampleshowshowtodisplayDHCPserverstatistics:
clear ip dhcp server statistics
Routing Protocol Configuration
Activating Advanced Routing Features
Configuring RIP
RIP Configuration Task List and Commands
router rip
UsethiscommandtoenableordisableRIPconfigurationmode.
Table 21-1 RIP Configuration Task List and Commands
network
neighbor
distance
ip rip offset
timers
ip rip send version
ip rip receive version
key chain
key
key-string
accept-lifetime
send-lifetime
ip rip authentication keychain
ip rip authentication mode
no auto-summary
ip rip disable-triggered-updates
ip split-horizon poison
passive-interface
receive-interface
distribute-list
redistribute
Page
Configuring OSPF
Understanding Graceful Restart
Graceful Restart and High Availability
Rest of Routed
Network 100.1.1.0/24
100.1.1.0/24
OSPF Configuration Task List and Commands
Table 21-2 OSPF Configuration Task List and Commands
router ospf
UsethiscommandtoenableordisableOpenShortestPathFirst(OSPF)configurationmode.
Table 21-2 OSPF Configuration Task List and Commands (continued)
network
router id
ip ospf cost
ip ospf priority
timers spf
ip ospf retransmit-interval
ip ospf transmit-delay
ip ospf hello-interval
ip ospf dead-interval
ip ospf authentication-key
ip ospf message digest key md5
distance ospf
area range
area authentication
area stub
area default cost
area nssa
area virtual-link
passive-interface
redistribute
database-overflow
graceful-restart enable
graceful-restart helper-disable
graceful-restart restart-interval
graceful-restart strict-lsa-checking-disable
ThisexampleshowshowtodisablestrictLSAcheckingonthisrouter:
show ip ospf
UsethiscommandtodisplayOSPFinformation.
Routercommand,Anyroutermode.
ThisexampleshowshowtodisplayOSPFinformation:
show ip ospf database
Page
show ip ospf border-routers
show ip ospf interface
Page
show ip ospf neighbor
show ip ospf virtual-links
clear ip ospf process
debug ip ospf
rfc1583compatible
Page
Configuring DVMRP
ip dvmrp
ip dvmrp metric
show ip dvmrp route
Page
Configuring IRDP
ip irdp
ip irdp maxadvertinterval
ip irdp minadvertinterval
ip irdp holdtime
ip irdp preference
ip irdp address
no ip irdp multicast
show ip irdp
Page
Configuring VRRP
router vrrp
create
address
priority
master-icmp-reply
advertise-interval
critical-ip
preempt
preempt-delay
enable
ip vrrp authentication-key
ip vrrp message-digest-key
show ip vrrp
Table 21-7 show ip vrrp Output Details
Port Priority and Rate Limiting Configuration
Port Priority Configuration Summary
Configuring Port Priority
show port priority
set port priority
clear port priority
Page
Configuring Priority to Transmit Queue Mapping
show port priority-queue
set port priority-queue
clear port priority-queue
Page
Configuring Port Traffic Rate Limiting
show port ratelimit
set port ratelimit
clear port ratelimit
Page
Transparent Web Cache Balancing Configuration
Understanding Transparent Web Cache Balancing (TWCB)
Page
ip twcb wcserverfarm
predictor roundrobin
cache
faildetect type
faildetect
maxconns
inservice
ip twcb webcache
http-port
serverfarm
bypass-list range
hosts redirect range
ip twcb redirect out
show ip twcb wcserverfarm
show ip twcb webcache
show ip twcb conns
show ip twcb stats
clear ip twcb statistics
show limits
set router limits (TWCB)
show router limits (TWCB)
clear router limits (TWCB)
Page
TWCB Configuration Example
Configure the s1Server Server Farm
Configuretheendusersthatwillusethisserverfarmbysettingtheroundrobinpredictor ranges:
Configurecacheserver186.89.10.51:
Configurecacheserver186.89.10.55:
Configure the s2Server Server Farm
Configureserverfarms2Server:
Configurecacheserver176.89.10.20:
Configure the cache1 Web Cache
Configure the Switch and Router
Page
Security Configuration
Overview of Security Methods
Configuring MAC Locking
show maclock
Page
show maclock stations
set maclock enable
set maclock disable
set maclock
set maclock firstarrival
set maclock move
clear maclock firstarrival
set maclock static
clear maclock static
set maclock trap
clear maclock
Configuring Secure Shell (SSH)
show ssh state
set ssh
set ssh hostkey
show router ssh
set router ssh
clear router ssh
Page
Configuring Access Lists
show access-lists
access-list (standard)
To insert or replace an ACL entry:
To move entries within an ACL:
access-list (extended)
To insert or replace an ACL entry:
To move entries within an ACL:
To log entries within an ACL:
To apply ACL restrictions to IP, UDP, or ICMP packets:
To apply ACL restrictions to TCP packets:
Page
ip access-group
Page
Configuring Denial of Service (DoS) Prevention
show hostdos
hostdos
clear hostdos-counters
Configuring Flow Setup Throttling (FST)
About FST
show flowlimit
set flowlimit
set flowlimit limit
clear flowlimit limit
set flowlimit action
clear flowlimit action
show flowlimit class
set flowlimit port
clear flowlimit port class
set flowlimit shutdown
set flowlimit notification
clear flowlimit notification interval
clear flowlimit stats
Authentication Configuration
Overview of Authentication Methods
Configuring 802.1X Authentication
About Multi-User Authentication
show dot1x
Thisexampleshowshowtodisplay802.1Xstatus:
Thisexampleshowshowtodisplayauthenticationdiagnosticsinformationforfe.1.1:
Thisexampleshowshowtodisplayauthenticationstatisticsforfe.1.1:
Thisexampleshowshowtodisplayauthenticationsessionstatisticsforfe.1.1:
show dot1x auth-config
Page
set dot1x
set dot1x auth-config
Page
clear dot1x auth-config
Page
Configuring Port Web Authentication (PWA)
About PWA
PWA Configuration Considerations
Page
show pwa
Table 25-1 show pwa Output Details
set pwa
set pwa hostname
clear pwa hostname
show pwa banner
set pwa banner
set pwa displaylogo hide
clear pwa banner
set pwa displaylogo
set pwa redirecttime
set pwa ipaddress
set pwa protocol
set pwa enhancedmode
set pwa guestname
clear pwa guestname
set pwa guestpassword
set pwa gueststatus
set pwa initialize
set pwa quietperiod
set pwa maxrequests
set pwa portcontrol
show pwa session
Configuring MAC Authentication
show macauthentication
Page
show macauthentication session
set macauthentication
set macauthentication password
clear macauthentication password
set macauthentication significant-bits
clear macauthentication significant-bits
set macauthentication port
set macauthentication authallocated
clear macauthentication authallocated
set macauthentication portinitialize
set macauthentication macinitialize
set macauthentication reauthentication
set macauthentication portreauthenticate
set macauthentication macreauthenticate
set macauthentication reauthperiod
clear macauthentication reauthperiod
set macauthentication quietperiod
clear macauthentication quietperiod
Page
Configuring Convergence End Points (CEP) Phone Detection
About CEP Phone Detection
Commands
show cep connections
show cep detection
show cep policy
show cep port
set cep
set cep port
set cep policy
set cep detection-id
set cep detection-id type
set cep detection-id address
set cep detection-id protocol
set cep detection-id porthigh | portlow
set cep initialize
clear cep
RADIUS Filter-ID Attribute and Dynamic Policy Profile Assignment
Filter-ID Attribute Formats
Setting the Authentication Login Method
show authentication login
set authentication login
clear authentication login
Configuring RADIUS
show radius
set radius
clear radius
show radius accounting
set radius accounting
clear radius accounting
Page
Configuring RFC 3580
About RFC 3580
show vlanauthorization
set vlanauthorization
disable - Disable VLAN Authorization.
disable - Disable port VLAN Authorization.
clear vlanauthorization
Configuring TACACS+
show tacacs
ThisexampleshowshowtodisplayallTACACSconfigurationinformation:
Table 255providesanexplanationofthecommandoutput. Table 25-5 show tacacs Output Details
set tacacs
show tacacs server
set tacacs server
clear tacacs server
show tacacs session
set tacacs session
clear tacacs session
show tacacs command
set tacacs command
show tacacs singleconnect
set tacacs singleconnect
RADIUS Snooping Configuration
Understanding RADIUS Snooper
set radius-snooping
set radius-snooping timeout
set radius-snooping port
set radius-snooping flow
set radius-snooping initialize
clear radius-snooping all
clear radius-snooping flow
show radius-snooping
show radius-snooping port
show radius-snooping flow
show radius-snooping session
Table 26-3 Radius-Snooping Flow Settings
ReadOnly.
ThisexampledisplaysRADIUSconfigurationinformationforportfe.1.1:
Table 26-4 Radius-Snooping Session Port Settings
Table 26-5 Radius-Snooping Session MAC Settings
Page
MultiAuth Configuration
Configuring Multiple Authentication
About Multiple Authentication
DFE-Gold Multi-User Capacities
Commands
set multiauth mode
strict Setsthesystemauthenticationmodetostrict802.1X.
multi Allowsthesystemtousemultipleauthenticatorssimultaneously.
clear multiauth mode
show multiauth
show multiauth counters
set multiauth precedence
clear multiauth precedence
show multiauth port
set multiauth port
clear multiauth port
show multiauth station
clear multiauth station
show multiauth session
show multiauth idle-timeout
set multiauth idle-timeout
clear multiauth idle-timeout
show multiauth session-timeout
set multiauth session-timeout
clear multiauth session-timeout
set multiauth trap
clear multiauth trap
show multiauth trap
Page
Page
Index
Numerics
A
B
C
M
N
O
P
R
T
U
V
W
