Manuals / Intel / Computer Equipment / Switch

Intel SBCEGBESW10 CLI manual Priority-queue out num-of-queues

Models: SBCEGBESW10 CLI SBCEGBESW1

1 424

Download 424 pages 57.83 Kb

Page 201

Image 201

QoS Commands

Default Configuration

The default WRR weight ratio is one-eighth of the sum of all queue weights (each weight is set to 6).

Command Mode

Interface Configuration (Ethernet, port-channel) mode

User Guidelines

Use the priority-queue out num-of-queuesGlobal Configuration mode command to configure a queue as WRR or Strict Priority. Use this command to define a WRR weight per interface.

The weight ratio for each queue is defined by the queue weight divided by the sum of all queue weights (i.e., the normalized weight). This sets the bandwidth allocation for each queue.

A queue can be assigned a WRR weight of 0, in which case no bandwidth is allocated to the queue and the shared bandwidth is divided among the remaining queues.

All eight queues participate in the WRR, excluding the queues that are assigned as expedite queues. The weights of the expedite queues are ignored in the ratio calculation.

An expedite queue is a priority queue, and it is serviced before the other queues are serviced. Use the priority-queue out Interface Configuration (Ethernet, port-channel) mode command to enable expedite queues.

Example

The following example assigns a weight of 6 to each of the 8 WRR queues.

Console(config-if)# wrr-queue bandwidth 6 6 6 6 6 6 6 6

priority-queue out num-of-queues

The priority-queue out num-of-queuesGlobal Configuration mode command configures the number of expedite queues. To return to the default configuration, use the no form of this command.

Syntax

priority-queue out num-of-queues number-of-queues

Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide

185

Page 201

Image 201

Intel SBCEGBESW10 CLI manual Priority-queue out num-of-queues number-of-queues

Contents

Guide for System Administrators of Intel Server Products Disclaimer Wichtige Sicherheitshinweise Important Safety InstructionsConsignes de sécurité Instrucciones de seguridad importantesPage Manual Organization About this ManualPage Contents ACL Commands Gvrp Commands Line Commands 141 QoS Commands Radius Commands 215 Spanning-Tree Commands System Management Commands 321 Vlan Commands Appendix a Getting Help 405 Overview Using CLICommand in the Global Configuration mode Privileged Exec ModeInterface Configuration and Specific Configuration Modes Starting the CLI Negating the Effect of Commands Nomenclature CLI Command Conventions Using CLI AAA Commands Aaa authentication loginGlobal Configuration mode Following example configures the authentication login Aaa authentication enableConsoleconfig# aaa authentication enable default enable Login authenticationEnable authentication Line Configuration modeConsoleconfig-line#login authentication default Ip http authentication There are no user guidelines for this commandConsoleconfig-line#enable authentication default Following example configures the Http authentication Ip https authenticationShow authentication methods Following example configures Https authenticationShow authentication methods This command has no default configuration PasswordPrivileged Exec mode Following example displays the authentication configurationNo password is defined Enable passwordConsoleconfig# enable password secret level No enable password is definedUsername No user is definedUser account can be created without a password AAA Commands Interface Configuration Vlan mode Address Table Commands Bridge addressConsoleconfig# bridge multicast filtering Folowing example, bridge multicast filtering is enabledBridge multicast filtering Bridge multicast filtering No bridge multicast filteringNo multicast addresses are defined Bridge multicast addressBridge multicast forbidden address Following example registers the MAC addressNo forbidden addresses are defined Bridge multicast forward-all This setting is disabled Command ModeThis setting is disabled Bridge multicast forbidden forward-allThis example, all multicast packets on port 1 are forwarded Bridge aging-time Default setting is 300 secondsBridge aging-time seconds No bridge aging-time Seconds Time in seconds. Range 10-630 secondsPort security Clear bridgeClear bridge Following example, the bridge tables are clearedInterface Configuration Ethernet, port-channel mode Port security modePort security mode lock mac-addresses No port security mode Consoleconfig-if#port security forward trapConsoleconfig-if#port security mode mac-addresses Port security routed secure-addressMac-address a valid MAC address No addresses are defined Show bridge address-tableConsole# show bridge address-table Show bridge address-table staticShow bridge address-table count Vlan Specifies a valid VLAN, such as VlanConsole# show bridge address-table static Console# show bridge address-table count Show bridge multicast address-tableConsole# show bridge multicast address-table Show bridge multicast filtering Show bridge multicast filtering vlan-idConsole# show bridge multicast address-table format ip Console# show bridge multicast filtering Show ports securityShow ports security addresses Following table describes the fields shown aboveConsole# show ports security Console# show ports security addresses Address Table Commands ACL Commands Ip access-listIp access-list name No ip access-list name IP Protocol Abbreviated Name Protocol Number Permit ipACL Commands Deny IP IP-Access List Configuration modeNo IPv4 ACL is defined Deny-icmp Deny-igmpDeny-tcp deny-udp Mac access-list Default for all ACLs is deny all Mac access-list name No mac access-list nameFollowing example shows how to create a MAC ACL Permit MACMAC-Access List Configuration mode Deny MACNo MAC ACL is defined This command has no default configuration Show access-lists Service-aclService-acl input acl-name No service-acl input Show access-lists nameFollowing example displays access lists defined on a device Show interfaces access-listsConsole# show access-lists Name The name of the ACLConsole# show interfaces access-lists Clock set Clock CommandsClock timezone Clock sourceSntp Sntp servers No external clock sourceClock summer-time No clock timezoneClock set to UTC No clock summer-time recurring No authentication key is defined Sntp authentication-keySntp authenticate no sntp authenticate Sntp authenticateFollowing example authenticates key Sntp client poll timerSntp trusted-key Sntp trusted-key key-number No sntp trusted-key key-numberSntp client poll timer seconds No sntp client poll timer Sntp broadcast client enableSntp broadcast client is disabled Seconds Polling interval in seconds. RangeFollowing example enables the Sntp broadcast clients Sntp anycast client enableSntp anycast client enable No sntp anycast client enable Sntp anycast client is disabledFollowing example enables Sntp anycast clients Sntp client enable InterfaceSntp client is disabled on an interface Interface Configuration Ethernet, port-channel, Vlan modeSntp unicast client enable No sntp unicast client enable Sntp unicast client enableSntp unicast client is disabled Sntp unicast client pollConsoleconfig# sntp unicast client poll Polling is disabledSntp server No sntp server hostDetail Shows timezone and summertime configuration Show clockShow clock detail Show sntp configuration Show sntp configurationConsole# show clock Console# show sntp configuration Show sntp statusShow sntp status Console# show sntp status Following example shows the status of the SntpCopy Configuration and Image File CommandsCopying an Image File from a Server to Flash Memory Copying a Boot File from a Server to Flash MemoryStoring the Running or Startup Configuration on a Server DeleteDelete url Boot system Boot system image-1 image-2Sys, *.prv, image-1 and image-2 files cannot be deleted Show running-config Show running-configConsole# boot system image-1 Show startup-config Show startup-configConsole# show running-config Show backup-config Show backup-configConsole# show startup-config Show bootvar Show bootvarConsole# show backup-config Console# show bootvar Configuration and Image File Commands Interface ethernet Ethernet Configuration CommandsInterface range ethernet Interface ethernet interfaceShutdown Interface range ethernet port-listallShutdown No shutdown Description string No description DescriptionFollowing example adds a description to Ethernet port SpeedSpeed 10 100 No speed Maximum port capabilityDuplex Interface Configuration Ethernet modeDuplex half full No duplex Interface is set to full duplexConsoleconfig# interface ethernet ext.1 NegotiationNo negotiation Flowcontrol auto on off No flowcontrol FlowcontrolFollowing example, automatic crossover is enabled on port Default setting is onMdix Mdix on auto No mdixPort jumbo-frame Back-pressureBack-pressure No back-pressure Port jumbo-frame No port jumbo-frameGlobal Configuration Jumbo frames are disabled on the deviceFollowing example, jumbo frames are enabled on the device Clear countersFollowing example, the counters for interface 1 are cleared Set interface activeFollowing example reactivates interface Console# clear counters ethernet ext.2Show interfaces advertise Following example displays auto-negotiation informationConsole# show interfaces advertise Console# show interfaces configuration Show interfaces configurationShow interfaces status Show interfaces description Show interfaces counters Interface a valid Ethernet port. Full syntax unit/portConsole# show interfaces description Console# show interfaces counters Following example displays counters for Ethernet port Following table describes the fields shown in the displayConsole# show interfaces counters ethernet ext.1 Show ports jumbo-frame This command is relevant to Giga devices onlyShow ports jumbo-frame Console# show port jumbo-framePort storm-control include-multicast GC Following example enables counting multicast packetsPort storm-control include-multicast IC Multicast packets are not countedBroadcast storm control is disabled Port storm-control broadcast enablePort storm-control broadcast rate Default storm control broadcast rate is 3500 Kbits/SecShow ports storm-control Following example displays the storm control configurationShow ports storm-control interface Console# show ports storm-controlDisabled 3500 Broadcast Gvrp enable Global Gvrp CommandsGvrp enable Interface Gvrp enable No gvrp enableGvrp is disabled on all interfaces Garp timerFollowing example enables Gvrp on Ethernet port Garp timer join leave leaveall timervalue No garp timerConsoleconfig# interface ethernet ext.6 Gvrp vlan-creation-forbidGvrp vlan-creation-forbid No gvrp vlan-creation-forbid Gvrp registration-forbid Dynamic Vlan creation or modification is enabledGvrp registration-forbid No gvrp registration-forbid Dynamic registration of VLANs on the port is allowedConsole# clear gvrp statistics ethernet ext.1 Clear gvrp statisticsPrivieged Exec mode Show gvrp configurationFollowing example displays Gvrp configuration information Console# show gvrp configurationShow gvrp statistics Following example shows Gvrp statistical informationConsole# show gvrp statistics Show gvrp error-statistics Console# show gvrp error-statisticsFollowing example displays Gvrp statistical information Ip igmp snooping Global Igmp Snooping CommandsIp igmp snooping Interface Ip igmp snooping No ip igmp snoopingFollowing example enables Igmp snooping on Vlan Automatic learning of multicast device ports is enabledIp igmp snooping mrouter learn-pim-dvmrp Default host-time-out is 260 seconds Time-out- Specifies the host timeout in seconds. RangeConsoleconfig-if#ip igmp snooping mrouter learn-pim-dvmrp Ip igmp snooping host-time-outDefault value is 300 seconds Consoleconfig-if#ip igmp snooping host-time-outIp igmp snooping mrouter-time-out Default leave-time-out configuration is 10 seconds Consoleconfig-if#ip igmp snooping mrouter-time-outIp igmp snooping leave-time-out Show ip igmp snooping mrouter Consoleconfig-if#ip igmp snooping leave-time-outShow ip igmp snooping mrouter interface vlan-id Vlan-id Specifies the Vlan numberShow ip igmp snooping interface vlan-id Show ip igmp snooping interfaceConsole# show ip igmp snooping interface Show ip igmp snooping groupsConsole# show ip igmp snooping groups Igmp Snooping Commands Interface Configuration Ethernet, VLAN, port-channel mode IP Address CommandsIp address Ip address ip-address mask prefix-lengthIp address dhcp hostname host-name No ip address dhcp Ip address dhcpIp default-gateway Ip default-gateway ip-address No ip default-gatewayNo default gateway is defined This command is only operational in Switch mode Following example defines default gatewayShow ip interface Console# show ip interface ArpArp timeout Arp timeout seconds No arp timeoutDefault timeout is 60000 seconds Show arp Clear arp-cacheClear arp-cache Console# clear arp-cacheShow arp Ip domain-lookupFollowing example displays entries in the ARP table Ip domain-lookup No ip domain-lookupDefault domain name is not defined Ip domain-nameIp domain-name name No ip domain-name Server-address- Specifies IP addresses of the name server Ip name-serverNo name server addresses are specified Following example sets the available name serverClear host Ip hostNo ip host name No host is definedClear host dhcp Clear host dhcp nameConsole# clear host Show hosts name Show hostsName Specifies the host name. Range 1-158 characters Console# clear host dhcpConsole# show hosts Following example displays host informationLacp system-priority Lacp CommandsLacp port-priority Lacp system-priority value No lacp system-priorityLacp timeout Lacp timeout long short no lacp timeoutLacp port-priority value No lacp port-priority Short Specifies the short timeout value Default port timeout value is longShow lacp ethernet Console# show lacp ethernet ext.1 Following example display Lacp information for Ethernet portShow lacp port-channel Show lacp port-channel portchannelnumber Portchannelnumber Valid port-channel numberConsole# show lacp port-channel This command has no user guidelines Line CommandsLine Show lineShow line telnet ssh Exec modeLine Commands Line Commands Management access-list Management ACL CommandsManagement access-list name No management access-list name Name Access list name. Range 1-32 charactersConsoleconfig# management access-class mlist Consoleconfig# management access-list mlistManagement Access-list Configuration mode If no permit rule is defined, the default is set to denyDeny Management Management access-class Following example displays the mlist management access list Show management access-list nameConsole# show management access-class Show management access-classManagement ACL Commands Test copper-port tdr PHY Diagnostics CommandsTest copper-port tdr interface Console# test copper-port tdr ext.3Show copper-ports tdr User Exec modeShow copper-ports tdr interface Maximum length of the cable for the TDR test is 120 metersShow copper-ports cable-length Port must be active and working in 100M or 1000M modeShow copper-ports cable-length interface Console show copper-ports cable-lengthPHY Diagnostics Commands Consoleconfig# interface port-channel Port Channel CommandsInterface port-channel Interface port-channel port-channel-numberInterface range port-channel Consoleconfig# interface range port-channel 1-2,6Channel-group Interface range port-channel port-channel-rangeallShow interfaces port-channel Port is not assigned to a port-channelShow interfaces port-channel port-channel-number Console# show interfaces port-channel Following example displays information on all port-channelsMonitors both received and transmitted packets Port Monitor CommandsPort monitor vlan-tagging Console config-if#port monitor vlan-taggingPort monitor vlan-tagging No port monitor vlan-tagging Ingress mirrored packets are transmitted untaggedShow ports monitor Show ports monitorConsole show ports monitor Port Monitor Commands Qos basic advanced service No qos QoS CommandsQoS basic mode is enabled Following example enables QoS on the deviceShow qos Trust mode is displayed if QoS is enabled in basic modeShow qos aggregate-policer Show qosShow qos interface There are no user guidelinesConsole# show qos aggregate-policer policer1 Console# show qos interface ethernet 1 buffers There is no default configuration for this commandShow qos map Show qos map User Exec mode command displays all QoS mapsShow qos map dscp-queue Dscp-queue- Indicates the Dscp to queue mapFollowing example displays the Dscp port-queue map Class-mapClass-map class-map-namematch-all match-any Console show qos mapBy default, the match-allparameter is selected Show class-mapShow class-map class-map-name Match Match access-group acl-name No match access-group acl-nameFollowing example shows the class map for class1 Acl-name- Specifies the name of an IP or MAC ACLClass-map Configuration mode Policy-mapPolicy-map-name- Specifies the name of the policy map No policy map is defined ClassPolicy-map Configuration mode Show policy-mapUser Exec command displays the policy mapsShow policy-map Trust cos-dscp Policy-map Class Configuration modeFollowing example displays all policy maps Trust cos-dscp No trust cos-dscpNo set SetNo police PoliceService-policy input policy-map-name No service-policy input Service-policyQos aggregate-policer No qos aggregate-policerNo aggregate policer is define Exceed-action drop Console show qos aggregate-policer policer1 Police aggregateNo wrr-queue cos-map queue-id Wrr-queue cos-mapWrr-queue bandwidth Following example maps CoS 7 to queueNo wrr-queue bandwidth Priority-queue out num-of-queues number-of-queues Priority-queue out num-of-queuesTraffic-shape Consoleconfig# priority-queue out num-of-queuesNo priority-queue out num-of-queues All queues are expedite queuesNo shape is defined Ethernet Notify Q depth Qid Size 125 Qos wrr-queue threshold Qos map policed-dscp Console config# qos wrr-queue threshold gigabitethernet 1No qos wrr-queue threshold tengigabitethernet queue-id Percent for all thresholdsConsoleconfig# qos map policed-dscp 3 to Qos map dscp-queueDscp values 3,11,19… cannot be remapped to other values Qos trust Global Following table describes the default mapFollowing example maps Dscp values 33, 40 and 41 to queue Qos trust cos dscp no qos trustCoS is the default trust mode Qos trust InterfaceQos trust No qos trust Default CoS value of a port is Qos cosNo qos cos Following example configures port 15 default CoS value to Qos dscp-mutationQos dscp-mutation No qos dscp-mutation Qos map dscp-mutation QoS Commands QoS Commands Rmon Commands Show rmon statisticsConsole# show rmon statistics ethernet ext.1 Rmon Commands Rmon collection history Show rmon collection history Cannot be configured for a range of interfaces Range contextConsole# show rmon collection history Show rmon historyConsole# show rmon history 1 throughput Console# show rmon history 1 errorsConsole# show rmon history 1 other No rmon alarm index Rmon alarmType is absolute Startup direction is rising-falling Show rmon alarm-table Show rmon alarm-tableFollowing example displays the alarms table Console# show rmon alarm-tableShow rmon alarm number Show rmon alarmNumber Specifies the alarm index. Range Following example displays Rmon 1 alarmsLast Sample Value Rmon eventShow rmon events Show rmon eventsFollowing example displays the Rmon event table Show rmon logShow rmon log event Event Specifies the event index. RangeConsole# show rmon log Following example displays the Rmon log tableConsoleconfig# rmon table-size history Rmon table-sizeHistory table size is Log table size is Radius-server host Radius CommandsNo radius-server host ip-addresshostname No Radius server host is specifiedRadius-server key key-string No radius-server key Radius-server keyRadius-server retransmit Key-string is an empty stringSoftware searches the list of Radius server hosts 3 times Consoleconfig# radius-server retransmit Radius-server source-ipSource Specifies a valid source IP address Radius-server timeout Timeout value is 3 secondsConsoleconfig# radius-server timeout Consoleconfig# radius-server deadtime Deadtime setting isRadius-server deadtime Show radius-serversFollowing example displays Radius server settings Show radius-serversConsole# show radius-servers Radius Commands Ip http server Web Server CommandsIp http port Ip http server No ip http serverIp http exec-timeout No ip http portIp http exec-timout minutes seconds no ip http exec-timout Disabled Default timout is 10 minutesIp https server Ip https server No ip https serverFollowing example configures the https port number to Ip https exec-timeoutIp https port Ip https port port-number No ip https portNo ip https exec-timout Crypto certificate generateConsoleconfig# crypto certificate 1 generate key-generate Crypto certificate requestFollowing example regenerates an Https certificate There is no default configuration for this command Crypto certificate number import Crypto certificate importNumber Specifies the certificate number. Range Console# crypto certificate 1 requestConsoleconfig# crypto certificate 1 import Ip https certificateIp https certificate number No ip https certificate Show crypto certificate mycertificate Consoleconfig# ip https certificateCertificate number Show crypto certificate mycertificate numberFollowing example displays the certificate Show ip httpShow ip http Console# show crypto certificate mycertificateShow ip https Following example displays the Http server configurationShow ip https Console# show ip httpWeb Server Commands Web Server Commands Snmp Commands Snmp-server communityNo communities are defined Snmp-server view No view entry exists Snmp-server groupNo group entry exists No snmp-server group groupname v1 v2 v3 noauth auth privNo snmp-server user username remote engineid-string Snmp-server userSnmp-server engineID local Parameters Snmp-server enable traps No snmp-server enable traps Snmp-server enable trapsSnmp traps are enabled Following example enables Snmp trapsNo filter entry exists Snmp-server filterSnmp-server host Snmp-server v3-host Snmp-server trap authentication Following example configures an SNMPv3 hostSnmp-server trap authentication Snmp failed authentication traps are enabled No snmp-server trap authenticationFollowing example enables Snmp failed authentication traps Snmp-server contactSnmp-server location IntelTechnicalSupportSnmp-server location text No snmp-server location Following example defines the device location as NewYork Snmp-server setShow snmp Show snmpFollowing example displays the Snmp communications status Show snmp engineID Show snmp engineidFollowing example displays the Snmp engine ID Show snmp viewsShow snmp views viewname Viewname Specifies the name of the view. RangeShow snmp groups Following example displays the configuration of viewsShow snmp groups groupname Groupname-Specifies the name of the group. RangeFollowing table describes significant fields shown above Show snmp filtersShow snmp filters filtername Filtername-Specifies the name of the filter. RangeShow snmp users Following example displays the configuration of filtersShow snmp users username Username-Specifies the name of the user. RangeConsole# show snmp users Spanning-tree mode Spanning-Tree CommandsSpanning-tree mode stp rstpmstp Spanning-treeSTP is enabled No spanning-tree modeConsoleconfig# spanning-tree mode rstp Spanning-tree forward-timeSeconds Time in seconds. Range Consoleconfig# spanning-tree forward-timeConsoleconfig# spanning-tree hello-time Spanning-tree max-ageSpanning-tree max-age seconds No spanning-tree max-age Spanning-tree priority Following example configures spanning tree priority toForward-Time 1 = Max-Age Max-Age = 2*Hello-Time + Spanning-tree priority priority No spanning-tree prioritySpanning-tree disable No spanning-tree disable Spanning-tree disableSpanning-tree cost Spanning-tree cost cost No spanning-tree costCost Path cost of the port Range 1-200,000,000 Spanning-tree port-priorityPortFast mode is disabled Default port priority for Ieee Spanning TreeProtocol STP isConsoleconfig-if#spanning-tree port-priority Spanning-tree portfastFollowing example enables PortFast on Ethernet port Consoleconfig-if#spanning-tree portfastSpanning-tree link-type Consoleconfig-if#spanning-tree link-type shared Spanning-tree pathcost methodShort path cost method Default setting is flooding Following example sets the default path cost method to longSpanning-tree bpdu Spanning-tree bpdu filtering flooding No spanning-tree bpduClear spanning-tree detected-protocols Spanning-tree mst prioritySpanning-tree mst instance-idpriority priority Console config # spanning-tree mst 1 priority Spanning-tree mst max-hopsNo spanning-tree mst instance-idpriority Default number of hops is Console config # spanning-tree mst max-hopsSpanning-tree mst port-priority Spanning-tree mst cost Consoleconfig-if#spanning-tree mst 1 port-prioritySpanning-tree mst configuration Spanning-tree mst configurationFollowing example configures an MST region Consoleconfig# spanning-tree mst configurationInstance mst MST Configuration modeInstance instance-idadd remove vlan vlan-range Following example maps VLANs 10-20 to MST instanceFollowing example defines the configuration name as region1 Default name is a radlanguestName mst Revision mstDefault configuration revision number is Value Configuration revision number RangeFollowing example sets the configuration revision to Show mstExit Exit mstAbort mst Spanning-tree guard rootAbort Show spanning-tree Root guard is disabledSpanning-tree guard root No spanning-tree guard root Interface -number- a valid Ethernet portConsole# show spanning-tree Following example displays spanning-tree informationFWD Console# show spanning-tree active Console# show spanning-tree blockedports Console# show spanning-tree detail Port 3 disabled State N/A Role N/A Port id Console# show spanning-tree ethernet ext.1 Console# show spanning-tree mst-configurationRstp Times hold 1, topology change 35, notification Designated port id Designated path cost Port Enabled State Forwarding Role Boundary Port id This switch is root for CST and IST master Hello Time 2 sec Max Age 20 sec Spanning-Tree Commands Ip ssh port SSH CommandsIp ssh server Ip ssh port port-number No ip ssh portDevice configuration from a SSH server is disabled Crypto key generate dsaDSA key pairs do not exist Crypto key generate rsa Consoleconfig# crypto key generate dsaFollowing example generates DSA key pairs Crypto key generate rsaIp ssh pubkey-auth AAA authentication is independentFollowing example generates RSA key pairs Ip ssh pubkey-auth No ip ssh pubkey-authNo keys are specified Crypto key pubkey-chain sshConsoleconfig# crypt\o key pubkey-chain ssh SSH Public Key-string Configuration modeUser-key No SSH public keys existKey-string Consoleconfig# crypto key pubkey-chain ssh Show ip sshShow ip ssh Show crypto key mypubkey Following example displays the SSH server configurationShow crypto key mypubkey rsa dsa Rsa Indicates the RSA key Dsa Indicates the DSA keyConsole# show crypto key mypubkey rsa Show crypto key pubkey-chain sshConsole# show crypto key pubkey-chain ssh username bob Console# show crypto key pubkey-chain sshSSH Commands Logging is enabled Syslog CommandsFollowing example enables logging error messages Logging onLogging Consoleconfig# logging buffered debugging Default severity level is informationalLogging buffered Logging buffered level No logging bufferedThis command takes effect only after Reset Default number of messages isConsoleconfig# logging buffered size Logging buffered sizeLogging file Default severity level is errorsClear logging Logging file level No logging fileClear logging file Consoleconfig# logging file alertsClear logging file Following example clears messages from the logging fileAaa logging Aaa logging login no aaa logging loginFile-system logging File-system logging copyConsoleconfig# file-system logging copy Logging file system events is enabledManagement logging Management logging deny No management logging denyConsoleconfig# management logging deny Logging management ACL events is enabledShow logging Show loggingAAA Console# show loggingShow logging file Show logging fileConsole# show logging file Show syslog-servers Show syslog-serversConsole# show syslog-servers Syslog Commands Ping System Management CommandsFollowing example displays pinging results TracerouteSyntax Probe timed out Telnet Default port is the Telnet port decimal23 on the hostKeywords Table Special Telnet SequencesPorts Table Resume Following command switches to open Telnet session numberReload Connection The connection number. Range 1-4 connectionsReload HostnameFollowing example reloads the operating system Hostname name No hostnameFollowing example specifies the device host name Show usersShow users Console show usersShow sessions Show sessionsFollowing example lists open Telnet sessions Console show sessionsShow system Show systemConsole# show system Show system id Privilaged Exec modeShow system id unit unit Unit unit Unit numberShow system flowcontrol Show system flowcontrolConsole show system id Show system mode Show system modePriviledged Exec mode Following example displays information on features controlService cpu-utilization No service cpu-utilization Service cpu-utilizationShow version Console show versionConsoleconfig# service cpu-utilization This example enables measuring CPU utilizationShow cpu utilization Show cpu utilizationConsole# show cpu utilization TACACS+ Commands Tacacs-server hostNo tacacs-server host ip-addresshostname Following example specifies a TACACS+ host Tacacs-server keyTacacs-server key key-string No tacacs-server key Empty stringFollowing example sets the authentication encryption key Tacacs-server timeoutFollowing example sets the timeout value to Consoleconfig# tacacs-server timeoutShow tacacs Tacacs-server source-ipSource Specifies the source IP address Following example specifies the source IP addressConsole# show tacacs Ip-address Name or IP address of the TACACS+ serverTACACS+ Commands User Interface Commands EnableDisable Following example return to Users Exec mode LoginLogin User Exec mode command changes a login username LoginConfigure ConfigureFollowing example enters Global Configuration mode Exit Configuration All configuration modesExit Privileged and User Exec modes EndFollowing example closes an active terminal session EndHelp All command modesTerminal datadump HelpShow history Dumping is disabledTerminal datadump No terminal datadump Show historyShow privilege Show privilegeConsole# show version Console# show historyConsole# show privilege Command The command to be executedConsole Config# do show vlan Following example enters the Vlan database mode Vlan CommandsVlan database VlanInterface vlan Vlan Configuration modeFollowing example Vlan number 1972 is created Interface vlan vlan-idInterface range vlan Interface range vlan vlan-rangeallAll All existing static VLANs No name NameNo name is defined Following example gives Vlan number 19 the name MarketingSwitchport protected Switchport protected is disabledConsoleconfig-if#switchport protected ethernet ext.1 Switchport mode Switchport access vlanSwitchport mode access trunk general No switchport mode Switchport trunk allowed vlan Switchport trunk allowed vlan add vlan-listremove vlan-listAll ports belong to Vlan Vlan-id- Specifies the ID of the native Vlan Switchport trunk native vlanVID=1 Switchport general allowed vlanVlan-id- Specifies the Pvid Port Vlan ID Switchport general pvidIngress filtering is enabled Switchport general ingress-filtering disableSwitchport forbidden vlan Switchport general acceptable-frame-type tagged-onlySwitchport forbidden vlan add vlan-listremove vlan-list All frame types are accepted at ingressAll VLANs are allowed Ip internal-usage-vlanIp internal-usage-vlan vlan-id No ip internal-usage-vlan Vlan-id- Specifies the ID of the internal usage VlanShow vlan Consoleconfig-if#ip internal-usage-vlanShow vlan id vlan-idname vlan-name Vlan-id- specifies a Vlan IDShow vlan internal usage Following example displays all Vlan informationShow vlan internal usage Console# show vlan internal usage Show interfaces switchportVLAN011 Console# show interface switchport ethernet ext.1Pvid Map protocol protocol encapsulation protocols-group group Map protocol protocols-groupVlan Database mode Switchport general map protocols-group vlanFollowing protocol names are reserved Following example maps protocol ip-arp to the group namedMap mac macs-group Console config-if#switchport general map macs-group 1 vlan Switchport general map macs-group vlanMap subnet subnets-group Switchport general map subnets-group vlanShow vlan protocols-groups Console# show vlan protocols-groups Show vlan macs-groupsShow vlan subnets-groups Following example shows subnets-groups information Vlan Commands Aaa authentication dot1x 29 802.1x CommandsNo authentication method is defined Method1 method2... At least one from the following tableFollowing example enables 802.1x globally 802.1x is disabled globallyDot1x system-auth-control Dot1x port-controlInterface Configuration Ethernet Consoleconfig-if#dot1x port-control autoPort is in the force-authorized state Dot1x timeout re-authperiod Dot1x re-authenticationDot1x re-authentication No dot1x re-authentication Periodic re-authentication is disabledRe-authentication period is 3600 seconds Dot1x re-authenticateDot1x re-authenticate ethernet interface Consoleconfig-if#dot1x timeout re-authperiodDot1x timeout quiet-period Console# dot1x re-authenticate ethernet ext.16Quiet period is 60 seconds Dot1x timeout tx-period seconds No dot1x timeout tx-period Dot1x timeout tx-periodTimeout period is 30 seconds Consoleconfig-if#dot1x timeout quiet-periodDefault number of times is Dot1x max-reqDot1x max-req count No dot1x max-req Default timeout period is 30 seconds Dot1x timeout supp-timeoutDot1x timeout server-timeout Consoleconfig-if# dot1x timeout supp-timeoutConsoleconfig-if#dot1x timeout server-timeout Show dot1x Show dot1x ethernet interfaceConsole# show dot1x Console# show dot1x ethernet ext.3 Show dot1x users Show dot1x users username usernameUsername Supplicant username Range 1-160 characters Following example displays 802.1x users Console# show dot1x usersConsole# show dot1x users username Bob Show dot1x statistics Show dot1x statistics ethernet interfaceConsole# show dot1x statistics ethernet ext.1 Dot1x auth-not-req No dot1x auth-not-req Dot1x auth-not-reqMultiple hosts are disabled Access is enabledConsoleconfig-if# dot1x auth-not-req Dot1x multiple-hostsDot1x single-host-violation Dot1x guest-vlan Consoleconfig-if#dot1x single-host-violation forward trapNo traps are sent Dot1x guest-vlan No dot1x guest-vlanFollowing example defines Vlan 2 as a guest Vlan Dot1x guest-vlan enableShow dot1x advanced Consoleconfig-if#dot1x guest-vlan enableShow dot1x advanced ethernet interface Console# show dot1x advancedConsole# show dot1x advanced ethernet ext.1 World Wide Web Telephone Appendix a Getting HelpFinland HollandCambodia AustraliaMyanmar New Zealand 0800 444Ecuador PanamaUruguay