Match permit Permits a packet, No no-match permit | Siemens S223

User Manual	UMN:CLI
SURPASS hiD 6615 S223/S323 R1.5

7.6.4.4Rule Action

To specify a rule action (match) for the packets matching configured classifying patterns, use the following command.

	Command	Mode	Description

	match deny	Admin-rule	Denies a packet.

	match permit		Permits a packet.
	match permit		Permits a packet.

To delete a specified rule action (match), use the following command.

Command

Mode

Description

no match deny

Admin-rule Deletes a specified rule action.

no match permit

To specify a rule action (no-match) for the packets not matching configured classifying patterns, use the following command.

	Command	Mode	Description

	no-match deny	Admin-rule	Denies a packet.

	no-match permit		Permits a packet.
	no-match permit		Permits a packet.

To delete a specified rule action (no-match), use the following command.

Command

Mode

Description

no no-match deny

Admin-rule Deletes a specified rule action.

no no-match permit

7.6.4.5Applying Rule

After configuring rule using the above commands, apply it to the system with the following command. If you do not apply a rule to the system, all specified rules will be lost.

To save and apply an admin access rule, use the following command.

Command	Mode	Description

apply	Admin-rule	Applies an admin access rule to the system.

i

1.The switch performs a detailed plausibility check and rejects the rule if the configuration is incomplete, contains bad or unsupported values or conflicts to other rules. In this case, the switch informs about the reason and the operator may correct the values

2.The switch may reject a rule with the message “% Already exist rule” allthough the name will not be listed by command, show rule. Unfortunately, the entered name in this case interferes with the name of an internally managed rule.

Remedy: Select another name for the rule (e.g. add a prefix).

3.All previously entered values remain valid after successful (or unsuccessful)

A50010-Y3-C150-2-7619

153

Image 153

Siemens S223, S323 Match permit Permits a packet, Command Mode Description No-match deny, No-match permit Permits a packet

Contents

A50010-Y3-C150-2-7619 Umncli Important Notice on Product Safety Surpass hiD 6615 S223/S323 R1.5A50010-Y3-C150-2-7619 Issue History Reason for UpdateSummary System software upgrade added Details Contents 4.4 4.35.1 5.2 7.2 7.17.3 12.1 101 100102 103 125 124126 127 147 Surpass hiD 6615 S223/S323 R1.5 3.1149 150 180 179181 182 216 Surpass hiD 6615 S223/S323 R1.5 5.9217 6.1 1.17 1.16246 247 268 Surpass hiD 6615 S223/S323 R1.5 3.2269 3.8 297 295298 299 318 Surpass hiD 6615 S223/S323 R1.5 10.1.110.1.1.1 10.1.1.2 353 10.2.1210.2.13 354 Illustrations Igmp Snooping and PIM-SM Configuration Network 279 Tab Tables171 176 Document Structure AudienceTab .1 briefly describes the structure of this document Tab .1 Overview of Chapters A50010-Y3-C150-2-7619 Document Convention Tab .2 Command Notation of Guide BookDocument Notation CE Declaration of Conformity GPL/LGPL Warranty and Liability Exclusion System Overview Quality of Service QoS System FeaturesMulticasting IP Routing Link Aggregation Trunking Spanning Tree Protocol STPSystem Management based on CLI Broadcast Storm Control Radius and TACACS+ Command Mode Command Line Interface CLI Shows hiD 6615 S323 software mode structure briefly Privileged Exec Enable Mode Privileged Exec View ModeGlobal Configuration Mode Tab .1 Main Commands of Privileged Exec View Mode Tab .3 Main Commands of Global Configuration Mode Bridge Configuration Mode Rule Configuration Mode Tab .4 Main Commands of Bridge Configuration ModeOpens Rule Configuration mode Dhcp Option 82 Configuration Mode Dhcp Configuration ModeTab .6 Main Commands of Dhcp Configuration Mode Command Mode Description Ip dhcp pool Pool Interface Configuration Mode Rmon Configuration ModeCommand Mode Description Interface Interface Vrrp Configuration Mode Router Configuration ModeTab .10 Main Commands of Router Configuration Mode Command Mode Description Route-Map Configuration Mode Variables following after the commands Listing Available CommandsUseful Tips 6615 S223/S323 Calling Command History CommandSurpass hiD 6615 S223/S323 R1.5 Using Command of Privileged Exec Enable Mode Using AbbreviationTab .13 Command Abbreviation SWITCH# show clock Exit Current Command Mode Exits to Privileged Exec enable modeAble mode, you will be logged out System Login System ConnectionStep Password for Privileged Exec Mode Command Mode Description Passwd enable PasswordPasswd enable 8 Password Changing Login Password Management for System AccountCreating System Account To display the created account, use the following command Configuring Security Level SWITCH# show list No privilege configure level Command Mode Description No privilegeNo privilege rmon-alarm level No privilege bgp level Shows a configured security level Command Mode Description Show privilege SWITCH# write memory Telnet AccessSWITCH# disconnect ttyp0 Limiting Number of User Manual System Rebooting System RebootingSWITCHconfig# show exec-timeout Auto Log-out Auto System Rebooting System AuthenticationAuto-reset memory 1-120 No auto-reset cpu memory Authentication Method Authentication InterfacePrimary Authentication Method Timeout of Authentication Request Radius Server for System AuthenticationRadius Server Radius Server Priority Tacacs Server Tacacs Server for System AuthenticationFrequency of Retransmit 5.2 Tacacs Server Priority TCP Port for the Authentication Additional TACACS+ ConfigurationAuthentication Type Command Mode Description Login tacacs timeout Displaying System Authentication Accounting ModeLogin accounting-mode none Start stop both Tacacs Sample Configuration Assigning IP Address To enable the interface, use the following command Interface Configuration ModeEnabling Interface Disabling Interface Assigning IP Address to Network Interface Static Route and Default GatewayIp address IP-ADDRESS/M No ip route IP-ADDRESS/M Forwarding Information BaseFIB Retain Displaying Forwarding Information BaseFIB Table Displaying Interface ② On Interface Configuration ModeShow interface Interface Show ip interface Interface SSH Server SSH Secure Shell Login to SSH Server Assigning Specific Authentication Key2.3 Configuring Authentication Key SSH Client Configure the authentication key in the switch Connect to SSH server with the authentication keySsh keygen rsa1 rsa dsa 802.1x Authentication Server Suppliant Authenticator Authentication ServerEAP over LAN EAP over Radius Configuring Radius Server 1 802.1x AuthenticationAuthentication Server Designate as default Response Configuring Authentication Mode Command Mode Description Dot1x radius-server move IPDot1x radius-server host Force Authorization Authentication PortMode Description Dot1x port-control auto force Command Mode Description Dot1x timeout tx-period 1.7 Configuring Number of Request to Radius Server 2 802.1x Re-Authentication1.8 Configuring Interval of Request to Radius Server Enabling 802.1x Re-Authentication Configuring the Interval of Re-Authentication Configuring the Interval of Requesting Re-authentication2.4 802.1x Re-authentication Applying Default Value Initializing Authentication StatusDisplaying 802.1x Configuration 6 802.1x User Authentication Statistic SWTICHconfig# dot1x auth-mode mac-base SWTICHconfig# dot1x system-auth-control PortAuthed Port Basic Selecting Port TypeShow port Ports To enable/disable a port, use the following command Ethernet Port ConfigurationCommand Mode Description Port medium Port sfp rj45 Enabling Ethernet Port Auto-negotiation Command Mode Description Port nego Ports on offTransmit Rate Port speed Ports 10 100 Command Mode Description Port duplex Ports full half Duplex ModeFlow Control Half To view description of port, use the following command Following is an example of configuring flow control to portSWITCHbridge# port flow-control 25 on SWITCHbridge# show port description SWITCHbridge# show port statistics rmon SWITCHbridge# show port statistics avg-pktTraffic Statistics Packets Statistics To enable/disable protocol statistics CPU statisticsProtocol statistics SWITCH# show port To display a port status, use the following commandPort Mirroring Port Status Designate the monitor port, use the following command Activate the port mirroring, using the following commandDesignate the mirrored ports, use the following command Command Mode Description Mirror add Ports ingress Connect a motoring PC to the monitor port of the switch To disable monitoring function, use the following commandEnable mirroring function Configure the monitor port 1 and mirroring port 2, 3, 4 Environment Configuration Host NameTime and Date Network Time Protocol Time ZoneTab .1 shows the world time zone Tab .1 World Time Zone NTP Network Time Protocol Simple Network Time Protocol SntpFollowing is an example of releasing NTP and showing it Terminal Configuration To display Sntp configuration, use the following commandNo sntp To restore a default banner, use the following command Login BannerTo set a DNS server, use the following command DNS Server Disabling Daemon Operation Fan OperationSystem Threshold CPU Load Port Traffic Mode Description Threshold PortFan Operation No threshold Port Ports rx Enabling FTP Server System TemperatureSystem Memory Threshold temp Value Value Displaying System Configuration Configuration ManagementAssigning IP Address of FTP Client All Option History router bgp pim rip System Configuration File Saving System ConfigurationSWITCH# show running-config syslog Auto-Saving Restoring Default Configuration To delete backup file, use the following commandSWITCHconfig# copy running-config SURPASShiD6615 SWITCHconfig# restore factory-defaults System ManagementNetwork Connection Figured time interval. Default is 2 seconds Items Description Source address or interface Type of serviceSet DF bit in IP header? no Data pattern 0xABCD IP Source Routing A50010-Y3-C150-2-7619 IP Icmp Source-Routing Following is the basic information to trace packet routes Tracing Packet Route Displaying User Connecting to System SWITCH# tracerouteMAC Table SWITCH# show uptime Configuring Ageing timeRunning Time of System System Information CPU packet limit System Memory InformationAverage of CPU Load Running Process Displaying Installed OS Default OSDisplaying System Image Tech Support Switch StatusBer of display lines of terminal screen A50010-Y3-C150-2-7619 103 Simple Network Management Protocol Snmp Command Mode Description Snmp community ro rw CommunitySnmp Community No snmp community ro rw Community Information of Snmp Agent Following is an example of creating 2 Snmp communitiesA50010-Y3-C150-2-7619 105 SWITCHconfig# show snmp com2sec Following is an example of configuring Snmp com2secSnmp Com2sec Snmp Group SWITCHconfig# snmp view Test included Permission to Access Snmp View RecordSnmp View Record Following is an example of creating an Snmp view record To display Snmp version 3 user, use the following command Lowing commandSnmp access Snmp Version 3 User To set an Snmp trap host, use the following command Snmp Trap ModeTo select an Snmp trap-mode, use the following command Snmp Trap Host 110 A50010-Y3-C150-2-7619 Enabling Snmp Trap To disable Snmp trap, use the following command Disabling Snmp TrapNode Enabling Alarm Notification Snmp AlarmSWITCHconfig# snmp inform-trap-host Displaying Snmp Trap Default Alarm Severity Alarm Severity CriterionTo configure a priority of alarm, use the following command 114 A50010-Y3-C150-2-7619 Generic Alarm Severity Snmp Alarm-severity adva-if-sfp-mismatch Adva Alarm SeverityA50010-Y3-C150-2-7619 115 Critical major minor warning intermedi 116 A50010-Y3-C150-2-7619 ERP Alarm Severity Displaying Snmp Configuration STP Guard Alarm SeverityA50010-Y3-C150-2-7619 117 To disable Snmp feature, use the following command SWITCHconfig# show snmp alarm-historyDisabling Snmp Disables local OAM Operation, Administration and Maintenance OAMOAM Loopback A50010-Y3-C150-2-7619 119 Local OAM Mode OAM UnidirectionRemote OAM Displaying OAM Configuration To display OAM configuration, use the following commandA50010-Y3-C150-2-7619 121 122 A50010-Y3-C150-2-7619 Lldp Operation Link Layer Discovery Protocol LldpLldp Operation Type Basic TLV Interval and Delay Time Lldp Message124 A50010-Y3-C150-2-7619 Displaying Lldp Configuration To display Lldp configuration, use the following commandA50010-Y3-C150-2-7619 125 SWITCHconfig# show rmon-history config To open RMON-historymode, use the following commandCommand Mode Description Rmon-history Remote Monitoring Rmon Subject of Rmon History Source Port of Statistical DataNumber of Sample Data Interval of Sample Inquiry Deleting Configuration of Rmon History Activating Rmon HistoryDisplaying Rmon History Subject of Rmon Alarm Rmon AlarmCommand Mode Description Rmon-alarm A50010-Y3-C150-2-7619 129 Absolute Comparison and Delta Comparison Object of Sample InquiryUpper Bound of Threshold 130 A50010-Y3-C150-2-7619 Lower Bound of Threshold Configuring Standard of the First Alarm Deleting Configuration of Rmon Alarm Activating Rmon AlarmDisplaying Rmon Alarm Rmon Event Subject of Rmon Event Event DescriptionEvent Type Activating Rmon Event Displaying Rmon Event Deleting Configuration of Rmon Event134 A50010-Y3-C150-2-7619 Activates Rmon event Syslog To set a syslog output level, use the following commandSyslog Output Level Syslog Output Level without a Priority 136 A50010-Y3-C150-2-7619 Syslog Output Level with a PriorityLocal5 local6 local7 lpr mail news sys Log user uucp emerg alert crit err Facility Code Syslog Bind AddressA50010-Y3-C150-2-7619 137 Debug Message for Remote Terminal Displaying Syslog ConfigurationDisabling Syslog Displaying Syslog Message Rule and QoS How to Operate Rule and QoS Rule Creation Rule ConfigurationRule Priority 140 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 141 Packet Classification Tcp 142 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 143 Rule Action Overwrites 802.1p CoS field in the packet same as IP 144 A50010-Y3-C150-2-7619 Applying Rule Modifying and Deleting RuleRemedy Select another name for the rule e.g. add a prefix Displaying Rule 3 QoS Weighted Round Robin WRR Weighted Fair Queuing WFQScheduling Algorithm Strict Priority Queuing SP Weighted Fair Queuing 3.3 802.1p Priory-to-queue Mapping Qos Weight To configure a queue parameter, use the following command Admin Access RuleTo display a configuration of QoS, enter following command Queue Parameter Command Mode Description Priority low medium high Command Mode Description Rule Name create adminA50010-Y3-C150-2-7619 151 Highest Defaul low 152 A50010-Y3-C150-2-7619 Command Mode Description Apply Command Mode Description No-match denyApplies an admin access rule to the system Match permit Permits a packet 154 A50010-Y3-C150-2-7619 Shows a current configuration of a rule NetBIOS Filtering InternetA50010-Y3-C150-2-7619 155 SWITCHbridge# show netbios-filter Martian FilteringMax Host To display configured max host, use the following command Following is an example of displaying configured max hostsMax New Hosts Enable port security on the port To configure max new hosts, use the following commandPort Security Port Security on Port Set the maximum number of secure MAC address for the port Set the violation mode and the action to be takenEnter a secure MAC address for the port A50010-Y3-C150-2-7619 159 Port Security Aging This is an example of configuring port security on portPort Maximum A50010-Y3-C150-2-7619 161 MAC Table Command Mode Description No mac Command Mode Description Clear macClear mac Name Clear mac Name Port Sample Configuration Default Policy of MAC FilteringMAC Filtering Adding Policy of MAC Filter Deleting MAC Filter Policy Listing of MAC Filter PolicyDisplaying MAC Filter Policy Address Resolution Protocol ARP Following is an example of displaying one configurationARP Table Registering ARP Table Displaying ARP Table166 A50010-Y3-C150-2-7619 ARP Alias To display ARP alias, use the following commandARP Inspection A50010-Y3-C150-2-7619 167 168 A50010-Y3-C150-2-7619 Icmp Message Control Gratuitous ARPProxy-ARP Interval for Transmit Icmp Message Blocking Echo Reply MessageTab Type Value Type Status Enable Shows Icmp interval configuration Global Command Mode Description Ip icmp interval rate-limitTransmitting Icmp Redirect Message 172 A50010-Y3-C150-2-7619 RST Configuration IP TCP Flag ControlPolicy of unreached messages SYN Configuration Packet DumpVerifying Packet Dump Packet Dump by Protocol Packet Dump with OptionA50010-Y3-C150-2-7619 175 Tab .4 shows the options for packet dump Tab .4 Options for Packet Dump 176 A50010-Y3-C150-2-7619Option Description Displaying the usage of the packet routing table Debug Packet DumpA50010-Y3-C150-2-7619 177 Enlarged Network Bandwidth VlanCost-Effective Way Strengthened Security Port-Based Vlan Specifying Pvid Creating VlanAssigning Port to Vlan Deleting Vlan Protocol-Based Vlan MAC address-based VlanDisplaying Vlan Tagged Vlan Subnet-based VlanVlan Tag Macbase MAC-ADDRESS Vlan Description Displaying Vlan InformationMapping Frames to Vlan Tunnel Port QinQTrunk Port Tagged To disable double tagging, use the following command Double Tagging ConfigurationDouble Tagging Operation Designate the QinQ port Layer 2 Isolation Tpid ConfigurationPrivate Vlan Edge Private Vlan Port Isolation Command Mode Description Port protected PortsShared Vlan No port protected Ports Vlan fid Vlans FID 188 A50010-Y3-C150-2-7619 Open Bridge Configuration mode using the bridge command Open Rule Configuration mode using rule Name create commandSample Configuration 1 Configuring Port-based Vlan Vlan Translation Following is deleting vlan id 3 among configured Vlan Sample Configuration 2 Deleting Port-based VlanSample Configuration 3 Configuring Protocol-based Vlan Default br2 br3 br4 Switch Sample Configuration 4 Configuring QinQSample Configuration 5 Configuring Shared Vlan with FID SWITCHbridge# vlan dot1q-tunnel enable Link Aggregation SWITCHbridge# vlan add br5 1-42untagged Port Trunk Configuring Port TrunkTrunk distmode Dstip dstmac Srcdstip Displaying Port Trunk Configuration Link Aggregation Control Protocol LacpDisabling Port Trunk Configuring Lacp Activate Lacp function, using the following commandPacket Route Operating Mode of Member Port To disable configuring packets, use the following command196 A50010-Y3-C150-2-7619 Bpdu Transmission Rate Identifying Member Ports within LacpKey value of Member Port A50010-Y3-C150-2-7619 197 Command Mode Description Lacp port priority Ports Priority of SwitchPriority of Member Port 198 A50010-Y3-C150-2-7619 Displaying Lacp Configuration To display a configured LACP, use the following commandA50010-Y3-C150-2-7619 199 Spanning-Tree Protocol STP Root Switch STP OperationA50010-Y3-C150-2-7619 201 Switch Designated Switch Port Priority Designated Port and Root Port Port States DisabledListening Learning Backup Switch B Switch CPort Path Switch D Rstp Operation Rapid Network Convergence Bpdu Policy 17 Network Convergence of 802.1w A50010-Y3-C150-2-7619 207 19 Network Convergece of 802.1w 208 A50010-Y3-C150-2-7619 Compatibility with 802.1d Mstp Operation Switch D Switch E OperationRegion B IST Configuring STP/RSTP/MSTP/PVSTP/PVRSTP Mode Required Region a ISTA50010-Y3-C150-2-7619 211 Root Switch Configuring STP/RSTP/MSTPActivating STP/RSTP/MSTP Path-cost Port-priority Tab STP Path-costA50010-Y3-C150-2-7619 213 MST Region Point-to-point MAC Parameters Mstp ProtocolEdge Ports A50010-Y3-C150-2-7619 215 To delete the edge port mode, use the following command Displaying Configuration Command Mode Description Stp pvst enable VLAN-RANGE Configuring PVSTP/PVRSTPActivating PVSTP/PVRSTP A50010-Y3-C150-2-7619 217 6.3 Path-cost Ally. To configure port priority, use the following command6.4 Port-priority 218 A50010-Y3-C150-2-7619 Root Guard Configuration Root GuardRestarting Protocol Migration Forward Delay Bridge Protocol Data Unit ConfigurationHello Time Hello Time Max Age Forward Delay Following command To delete a configured max age, use the following command9.4 Bpdu Hop 9.5 Bpdu Filter Configure the specific port as edge-port Configure Bpdu GuardSelf Loop Detection 224 A50010-Y3-C150-2-7619 Displaying Bpdu Configuration Backup Route Mstp Configuration SWITCHbridge# stp force-version mstp226 A50010-Y3-C150-2-7619 Internet Virtual Router Redundancy Protocol Vrrp To delete the Vrrp configuration, use the following command Configuring VrrpAssociated IP Address 228 A50010-Y3-C150-2-7619 Access to Associated IP Address Master Router and Backup RouterA50010-Y3-C150-2-7619 229 SWTICH1config# router vrrp default Layer 3 Switch 2 IP Address 10.0.0.2/24 Vrrp Track Function To configure Vrrp Track, use the following command Authentication Password Preempt SWITCHconfig-vrrp#authentication cleartext networkFollowing is an example of disabling Preempt A50010-Y3-C150-2-7619 233 Configuration mode Rate LimitVrrp Statistics Configuring Rate Limit To set a port bandwidth, use the following commandA50010-Y3-C150-2-7619 235 Configuring Flood-Guard Flood Guard236 A50010-Y3-C150-2-7619 SWITCHbridge# show mac-flood-guard Following is an example of configuration to bandwidth asBandwidth A50010-Y3-C150-2-7619 237 Saving Cost Dynamic Host Configuration Protocol DhcpEfficient IP Management IP Packet Broadcast Dhcp Server or Relay Agent Dhcp Server Dhcp Pool Creation Dhcp SubnetRange of IP Address Following is an example of specifying the default gateway Default GatewayIP Lease Time A50010-Y3-C150-2-7619 241 Manual Binding DNS ServerFollowing is an example of specifying a DNS server 242 A50010-Y3-C150-2-7619 Dhcp Server Option Domain NameStatic Mapping Recognition of Dhcp Client Command Mode Description Ip dhcp arp ping timeout Command Mode Description Ip dhcp arp ping packetIP Address Validation Authorized ARP Prohibition of 1N IP Address Assignment Ignoring Bootp RequestDhcp Packet Statistics A50010-Y3-C150-2-7619 245 SWITCHconfig# show ip dhcp server statistics Displaying Dhcp Pool ConfigurationCommand Mode Description Show ip dhcp pool Pool 246 A50010-Y3-C150-2-7619 Dhcp Class Capability Dhcp Address Allocation with OptionDhcp Class Creation Relay Agent Information Pattern Range of IP Address for Dhcp Class Associating Dhcp ClassText String No address range A.B.C.D Dhcp Database Agent Dhcp Lease DatabaseDisplaying Dhcp Lease Status A50010-Y3-C150-2-7619 249 Deleting Dhcp Lease Database Dhcp Relay AgentDhcp Server Relay Agent Subnet PC= Dhcp Client Packet Forwarding Address Smart Relay Agent ForwardingC.D all Dhcp Option Option 82 Sub-Option Enabling Dhcp Option Default Trust Policy Option 82 Reforwarding PolicyOption 82 Trust Policy Simplified Dhcp Option To specify a trusted remote ID, use the following commandTrusted Remote ID Trusted Physical Port Enabling Dhcp Client Dhcp Client6.2 Dhcp Client ID 6.3 Dhcp Class ID Requesting Option Displaying Dhcp Client ConfigurationForcing Release or Renewal of Dhcp Lease A50010-Y3-C150-2-7619 257 Enabling Dhcp Snooping Dhcp SnoopingDhcp Trust State 258 A50010-Y3-C150-2-7619 Dhcp Rate Limit Mode Description Ip dhcp snooping Limit-leaseDhcp Lease Limit Source MAC Address Verification Specifying Dhcp Snooping Database Agent Dhcp Snooping Database AgentSpecifying Dhcp Snooping Binding Entry 260 A50010-Y3-C150-2-7619 IP Source Guard Displaying Dhcp Snooping ConfigurationEnabling IP Source Guard Source IP Address Filter Source port-security commands together Displaying IP Source Guard ConfigurationCommand Mode Description Ip dhcp verify source Ports Static IP Source Binding Dhcp Filtering Command Mode Description Ip dhcp filter-addressDhcp Packet Filtering Dhcp Server Packet Filtering Packet service all Command Mode Description Debug dhcp filterDebugging Dhcp 264 A50010-Y3-C150-2-7619 ERP Operation Ethernet Ring Protection ERP Send Link Down Message Normal NodeRM Node Normal Node RM Node Configuring ERP Loss of Test Packet LotpERP Domain Port of ERP domain RM NodeProtected Vlan Protected Activation Wait-to-Restore Time Manual Switch to SecondaryLearning Disable Time Test Packet Interval Displaying ERP Configuration StackingShow erp all DOMAIN-ID Designating Master and Slave Switch Switch GroupDesignate Mater switch using the following command A50010-Y3-C150-2-7619 271 To disable stacking, use the following command Accessing to Slave Switch from Master SwitchSample Configuration 1 Configuring Stacking Disabling Stacking SWITCHAconfig# stack device default SWITCHA# configure terminalSWITCHBconfig# stack device default A50010-Y3-C150-2-7619 273 To disconnect, input as below Broadcast Storm ControlStorm-control broadcast mul Ticast dlf Rate Ports Command Mode Description Jumbo-frame Ports Jumbo-frame CapacityA50010-Y3-C150-2-7619 275 Blocking Direct Broadcast Maximum Transmission Unit MTU276 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 277 SWITCHconfig-if#show running-config interface Layer 3 Network Layer 2 Network Multicast Routing Information Base Command Mode Description Ip multicast route-limitEnabling Multicast Routing Required Limitation of Mrib Routing Entry Clearing Total or Partial Group Entry of Mrib Clearing Mrib InformationClearing Statistics of Multicast Routing Table 280 A50010-Y3-C150-2-7619 Displaying Mrib Information Multicast Time-To-Live ThresholdMrib Debug 282 A50010-Y3-C150-2-7619 Multicast Aging Internet Group Management Protocol Igmp Igmp Basic ConfigurationIgmp Version per Interface Igmp Version Igmp Version Igmp Static Join SettingRemoving Igmp Entry Igmp Debug Command Mode Description Ip igmp static-group Igmp Query ConfigurationMaximum Number of Groups Vlan Vlan port Port reporter 286 A50010-Y3-C150-2-7619 Igmp Maximum Response Time Displaying the Igmp Configuration Igmp v2 Fast LeaveA50010-Y3-C150-2-7619 287 Step Execute the ip multicast-routing command Igmp Snooping Basic Configuration3 L2 Mfib Enabling Igmp Snooping per Vlan Command Mode Description Ip igmp snooping vlan Vlans Enable Igmp snooping on a Vlan interfaceCommand Mode Description Show ip igmp snooping Vlan Igmp v2 Snooping Igmp v2 Snooping Fast Leave Multicast Packet290 A50010-Y3-C150-2-7619 Igmp v2 Snooping Querier To disable Igmp querier, use the following commandEnabling Igmp Snooping Querier A50010-Y3-C150-2-7619 291 To disable the max-response-time, use the following command Timeout Value of Igmp v2 Snooping Querier’s General QueryQuery Interval of Igmp v2 Snooping Querier 292 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 293 Igmp v2 Snooping Last-Member-IntervalVlans querier detail Last-member-query-interval Igmp v2 Snooping Report Method Configuring Mrouter Port per VlanMrouter Port 294 A50010-Y3-C150-2-7619 Displaying Mrouter Configuration Multicast TCN FloodingMrouter Port Learning Method 296 A50010-Y3-C150-2-7619 Command Mode Description Ip igmp snooping tcn queryVlans flood Nected to on a Vlan interface Igmp Snooping Version Igmp v3 SnoopingJoin Host Management A50010-Y3-C150-2-7619 297 To display a configuration, use the following command Multicast Vlan Registration MVRImmediate Block MVR Group Address Enabling MVRMVR IP Address A50010-Y3-C150-2-7619 299 7.5 Displaying MVR Configuration Igmp Filtering and ThrottlingSend and Receive Port Policy of Igmp Profile Creating Igmp ProfileGroup Range of Igmp Profile A50010-Y3-C150-2-7619 301 Applying Igmp Profile to the Filter Port To return to the default setting, use the following commandMax Number of Igmp Join Group 302 A50010-Y3-C150-2-7619 PIM-SM Protocol Independent Multicast-Sparse Mode Displaying Igmp Snooping TableRPT and SPT Packet for the request PIM Common Configuration DR Priority PIM-SM and Passive Mode Filters of Neighbor in PIM To configure a query hold time, use the following commandPIM Hello Query 306 A50010-Y3-C150-2-7619 To activate PIM-SM debugging, use the following command Bootstrap Router BSRBSR and RP PIM Debug Static RP for Certain Group RP InformationIp pim bsr-candidate Global Clears all RP sets Set A50010-Y3-C150-2-7619 309 Enabling Transmission of Candidate RP Message 4.3 PIM-SM Registration4.4 Ignoring RP Priority Rate Limit of Register Message Command Mode Description Ip pim register-suppression Configure filtering out multicast sourcesFilters for Register Message from RP Source Address of Register Message This command is disabled by default SPT SwitchoverReachability for PIM Register Process 312 A50010-Y3-C150-2-7619 PIM Join/Prune Interoperability Cisco Router InteroperabilityChecksum of Full PIM Register Message 8.2 Candidate RP Message with Cisco BSR With older Cisco IOS versions, use the following command8.3 Excluding GenID Option With older Cisco IOS versions PIM Snooping PIM-SSM Group 316 A50010-Y3-C150-2-7619 Displaying PIM-SM Configuration Border Gateway Protocol BGP IP Routing Protocol Basic Configuration Configuration Type of BGPEnabling BGP Routing Advanced Configuration Go back to Global Configuration mode using the exit commandDisabling BGP Routing Summary of Path Command Mode Description Aggregate-address A.B.C.D/MAutomatic Summarization of Path As-set summary-only Choosing Best Path Multi-Exit Discriminator MEDBgp deterministic-med No bgp deterministic-med Command Mode Description Bgp bestpath compare-confed Command Mode Description Bgp bestpath as-path ignoreSelects the best path using the router ID for identical Aspath Graceful Restart Configures the router to consider the MED in choosing Restart Time IP Address FamilyStalepath Time 324 A50010-Y3-C150-2-7619 Default Route BGP NeighborPeer Group To create a BGP Peer Group, use the following command Route MapForce Shutdown BGP Session Reset Session Reset of All PeersWord shutdown 328 A50010-Y3-C150-2-7619 Session Reset of Peers within Particular AS Session Reset of Specific Route Session Reset of External PeerA50010-Y3-C150-2-7619 329 330 A50010-Y3-C150-2-7619 Session Reset of Peer Group A50010-Y3-C150-2-7619 331 Displaying and Managing BGP NEIGHBOR-IP routes 332 A50010-Y3-C150-2-7619 Enabling Ospf Open Shortest Path First Ospf Command Mode Description Router ospf 334 A50010-Y3-C150-2-7619No router ospf Command Mode Description Network A.B.C.D/M area ABR Type ConfigurationCompatibility Support Ospf Interface Authentication Type Authentication Key336 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 337 Interface Cost Routing Protocol Interval Blocking Transmission of Route Information Database To configure a dead interval, use the following command To configure a transmit delay, use the following commandA50010-Y3-C150-2-7619 339 Ospf Maximum Transmission Unit MTU Ospf Priority340 A50010-Y3-C150-2-7619 Non-Broadcast Network Ospf Network TypeA50010-Y3-C150-2-7619 341 Area Authentication Ospf Area342 A50010-Y3-C150-2-7619 Area 0-4294967295filter-list access LIST-NAMEin out Default Cost of AreaNo area 0-4294967295filter- list access LIST-NAMEin out Area 0-4294967295filter-list prefix LIST-NAMEin out Not So Stubby Area Nssa Default-information-originateNo-redistribution No-summary Originate metric Router Configures Nssa with one option To delete configured NSSA, use the following commandA50010-Y3-C150-2-7619 345 Originate Shortcut Area Area Range346 A50010-Y3-C150-2-7619 C.D/M advertise not Advertise Virtual Link Stub Area Transmit-delay Dead-interval348 A50010-Y3-C150-2-7619 To delete the configuration, use the following command Default MetricGraceful Restart Support Hello-interval Grace-period Helper350 A50010-Y3-C150-2-7619 Opaque-LSA Support Default RouteMetric Metric-type Finding Period Metric-type Router Deletes the configurationRoute-map Metric-type Always Route-map MAP-NAME External Routes to Ospf Network Metric-type Route-map MAP-NAMEA50010-Y3-C150-2-7619 353 Router Deletes the default metric To delete the default metric, use the following commandOspf Distance External Inter-area Intra-area Host Route To make it as a default, use the following commandPassive Interface A50010-Y3-C150-2-7619 355 Blocking Routing Information Summary Routing InformationOspf Monitoring and Management Displaying Ospf Protocol Information To display the Ospf database, use the following commandA50010-Y3-C150-2-7619 357 As A.B.C.D 358 A50010-Y3-C150-2-7619 Command Mode Description Show ip ospf interface Interface Displaying Debugging Information Limiting Number of DatabaseA50010-Y3-C150-2-7619 359 Maximum Process of LSA Command Mode Description Overflow database360 A50010-Y3-C150-2-7619 Overflow database external Routing Information Protocol RIP To use RIP protocol, you should enable RIPEnabling RIP A50010-Y3-C150-2-7619 361 RIP Neighbor Router Configure the network to operate as RIP RIP Version Redistributing Routing Information Creating available Static Route only for RIP Command Mode Description Route-map TAG deny permit Metrics for Redistributed Routes Administrative Distance Originating Default InformationRouting Information Filtering Filtering Access List and Prefix List Disabling the transmission to InterfaceOffset List Update RIP Network TimerTimeout Maximum Number of RIP Routes To adjust the timers, use the following command Authentication KeyNo timers basic Update Time Split Horizon To disable RIP authentication, use the following command Restarting RIPUDP Buffer Size of RIP 372 A50010-Y3-C150-2-7619 Monitoring and Managing RIP General Upgrade Command Mode Description Copy ftp tftp os DownloadA50010-Y3-C150-2-7619 373 374 A50010-Y3-C150-2-7619 Boot Mode Upgrade To configure a default gateway, use the following command To configure a subnet mask, use the following commandTo the boot mode only A50010-Y3-C150-2-7619 375 376 A50010-Y3-C150-2-7619 Boot load os1 10.27.41.82 V5212G.3.18.x FTP Upgrade Uploads the new system software using the following commandA50010-Y3-C150-2-7619 377 Command! For more information, see Section Exit the FTP client using the following commandCommand Mode Description Exit 378 A50010-Y3-C150-2-7619 Address Resolution Protocol Access Control ListCommand Line Interface CoS Class of Service Loss of Signal Internet Service ProviderLoss of Power Medium Access Control Spanning Tree Protocol Type of ServiceSoftware Transmission Control Protocol