168 A50010-Y3-C150-2-7619 | Siemens S323, S223 specs

UMN:CLI	User Manual
	SURPASS hiD 6615 S223/S323 R1.5

You can configure the switch to perform additional checks on the destination MAC ad- dress, the sender and target IP address and the source MAC address.

Command		Mode	Description

			Inspects specific check on incoming ARP packets.
			src-mac: checks the source MAC address. Packets
			with different MAC addresses are classified as invalid
ip arp inspection validate {src-			are dropped.
mac dst-mac ip}			dst-mac: checks the destination MAC address. Packets
			with different MAC addresses are classified as invalid
		Global	are dropped.
		Global	ip: checks the unexpected IP address.
			ip: checks the unexpected IP address.

ip arp inspection filter	NAME		Applies ARP ACL to the VLAN.
ip arp inspection filter	NAME		NAME: ARP ACL name. It is created with the arp ac-
vlan VLAN			NAME: ARP ACL name. It is created with the arp ac-
vlan VLAN			cess-list NAME command.
			cess-list NAME command.

ip arp inspection trust port			Configures a connection between switches as trusted.
PORTS			PORTS: trusted port number.

To remove the specific ARP Inspection configuration, use the following commands

Command		Mode	Description

no ip arp inspection	validate
{src-mac dst-mac ip}

no ip arp inspection filter NAME		Global	Removes specific ARP inspection configuration.
vlan VLAN		Global	Removes specific ARP inspection configuration.
vlan VLAN

no ip arp inspection trust port
PORTS

To display checking and statistics, use the following command.

Command		Mode	Description

show ip arp inspection [vlan
VLAN]		Enable

show ip arp inspection statistics
show ip arp inspection statistics		Global	Displays the information of ARP inspection.
[vlan VLAN]		Global	Displays the information of ARP inspection.
[vlan VLAN]		Bridge

show ip arp inspection	trust
show ip arp inspection	trust
[port PORTS]

To clear ARP inspection mapping counter and statistics, use the following command.

Command	Mode	Description

clear ip arp inspection statistics	Global	Clears ARP inspection statistics.
[vlan VLAN]	Bridge	Clears ARP inspection statistics.
[vlan VLAN]	Bridge

168	A50010-Y3-C150-2-7619

Page 168

Image 168

Siemens S323, S223 user manual 168 A50010-Y3-C150-2-7619

Contents

Umncli A50010-Y3-C150-2-7619 Important Notice on Product Safety Surpass hiD 6615 S223/S323 R1.5A50010-Y3-C150-2-7619 Reason for Update Issue HistorySummary System software upgrade added Details Contents 4.3 4.45.1 5.2 7.1 7.27.3 12.1 100 101102 103 124 125126 127 Surpass hiD 6615 S223/S323 R1.5 3.1 147149 150 179 180181 182 Surpass hiD 6615 S223/S323 R1.5 5.9 216217 6.1 1.16 1.17246 247 Surpass hiD 6615 S223/S323 R1.5 3.2 268269 3.8 295 297298 299 Surpass hiD 6615 S223/S323 R1.5 10.1.1 31810.1.1.1 10.1.1.2 10.2.12 35310.2.13 354 Illustrations Igmp Snooping and PIM-SM Configuration Network 279 Tables Tab171 176 Audience Document StructureTab .1 briefly describes the structure of this document Tab .1 Overview of Chapters A50010-Y3-C150-2-7619 Tab .2 Command Notation of Guide Book Document ConventionDocument Notation CE Declaration of Conformity GPL/LGPL Warranty and Liability Exclusion System Overview System Features Quality of Service QoSMulticasting IP Routing Spanning Tree Protocol STP Link Aggregation TrunkingSystem Management based on CLI Broadcast Storm Control Radius and TACACS+ Command Line Interface CLI Command Mode Shows hiD 6615 S323 software mode structure briefly Privileged Exec View Mode Privileged Exec Enable ModeGlobal Configuration Mode Tab .1 Main Commands of Privileged Exec View Mode Bridge Configuration Mode Tab .3 Main Commands of Global Configuration Mode Rule Configuration Mode Tab .4 Main Commands of Bridge Configuration ModeOpens Rule Configuration mode Dhcp Configuration Mode Dhcp Option 82 Configuration ModeTab .6 Main Commands of Dhcp Configuration Mode Command Mode Description Ip dhcp pool Pool Interface Configuration Mode Rmon Configuration ModeCommand Mode Description Interface Interface Router Configuration Mode Vrrp Configuration ModeTab .10 Main Commands of Router Configuration Mode Command Mode Description Route-Map Configuration Mode Listing Available Commands Variables following after the commandsUseful Tips 6615 S223/S323 Calling Command History CommandSurpass hiD 6615 S223/S323 R1.5 Using Abbreviation Using Command of Privileged Exec Enable ModeTab .13 Command Abbreviation SWITCH# show clock Exit Current Command Mode Exits to Privileged Exec enable modeAble mode, you will be logged out System Login System ConnectionStep Password for Privileged Exec Mode Command Mode Description Passwd enable PasswordPasswd enable 8 Password Changing Login Password Management for System AccountCreating System Account Configuring Security Level To display the created account, use the following command SWITCH# show list Command Mode Description No privilege No privilege configure levelNo privilege rmon-alarm level No privilege bgp level Command Mode Description Show privilege Shows a configured security level Telnet Access SWITCH# write memorySWITCH# disconnect ttyp0 Limiting Number of User System Rebooting Manual System RebootingSWITCHconfig# show exec-timeout Auto Log-out System Authentication Auto System RebootingAuto-reset memory 1-120 No auto-reset cpu memory Authentication Method Authentication InterfacePrimary Authentication Method Radius Server for System Authentication Timeout of Authentication RequestRadius Server Radius Server Priority Tacacs Server for System Authentication Tacacs ServerFrequency of Retransmit 5.2 Tacacs Server Priority Additional TACACS+ Configuration TCP Port for the AuthenticationAuthentication Type Command Mode Description Login tacacs timeout Accounting Mode Displaying System AuthenticationLogin accounting-mode none Start stop both Sample Configuration Tacacs Assigning IP Address Interface Configuration Mode To enable the interface, use the following commandEnabling Interface Disabling Interface Static Route and Default Gateway Assigning IP Address to Network InterfaceIp address IP-ADDRESS/M No ip route IP-ADDRESS/M Displaying Forwarding Information BaseFIB Table Forwarding Information BaseFIB Retain ② On Interface Configuration Mode Displaying InterfaceShow interface Interface Show ip interface Interface SSH Secure Shell SSH Server Assigning Specific Authentication Key Login to SSH Server2.3 Configuring Authentication Key SSH Client Configure the authentication key in the switch Connect to SSH server with the authentication keySsh keygen rsa1 rsa dsa 802.1x Authentication Server Suppliant Authenticator Authentication ServerEAP over LAN EAP over Radius 1 802.1x Authentication Configuring Radius ServerAuthentication Server Designate as default Response Configuring Authentication Mode Command Mode Description Dot1x radius-server move IPDot1x radius-server host Authentication Port Force AuthorizationMode Description Dot1x port-control auto force Command Mode Description Dot1x timeout tx-period 2 802.1x Re-Authentication 1.7 Configuring Number of Request to Radius Server1.8 Configuring Interval of Request to Radius Server Enabling 802.1x Re-Authentication Configuring the Interval of Re-Authentication Configuring the Interval of Requesting Re-authentication2.4 802.1x Re-authentication Initializing Authentication Status Applying Default ValueDisplaying 802.1x Configuration 6 802.1x User Authentication Statistic SWTICHconfig# dot1x system-auth-control SWTICHconfig# dot1x auth-mode mac-base PortAuthed Port Basic Selecting Port TypeShow port Ports Ethernet Port Configuration To enable/disable a port, use the following commandCommand Mode Description Port medium Port sfp rj45 Enabling Ethernet Port Command Mode Description Port nego Ports on off Auto-negotiationTransmit Rate Port speed Ports 10 100 Duplex Mode Command Mode Description Port duplex Ports full halfFlow Control Half Following is an example of configuring flow control to port To view description of port, use the following commandSWITCHbridge# port flow-control 25 on SWITCHbridge# show port description SWITCHbridge# show port statistics avg-pkt SWITCHbridge# show port statistics rmonTraffic Statistics Packets Statistics To enable/disable protocol statistics CPU statisticsProtocol statistics To display a port status, use the following command SWITCH# show portPort Mirroring Port Status Activate the port mirroring, using the following command Designate the monitor port, use the following commandDesignate the mirrored ports, use the following command Command Mode Description Mirror add Ports ingress To disable monitoring function, use the following command Connect a motoring PC to the monitor port of the switchEnable mirroring function Configure the monitor port 1 and mirroring port 2, 3, 4 Environment Configuration Host NameTime and Date Time Zone Network Time ProtocolTab .1 shows the world time zone Tab .1 World Time Zone NTP Network Time Protocol Simple Network Time Protocol SntpFollowing is an example of releasing NTP and showing it Terminal Configuration To display Sntp configuration, use the following commandNo sntp Login Banner To restore a default banner, use the following commandTo set a DNS server, use the following command DNS Server Fan Operation Disabling Daemon OperationSystem Threshold CPU Load Mode Description Threshold Port Port TrafficFan Operation No threshold Port Ports rx System Temperature Enabling FTP ServerSystem Memory Threshold temp Value Value Configuration Management Displaying System ConfigurationAssigning IP Address of FTP Client All Option History router bgp pim rip Saving System Configuration System Configuration FileSWITCH# show running-config syslog Auto-Saving Restoring Default Configuration To delete backup file, use the following commandSWITCHconfig# copy running-config SURPASShiD6615 SWITCHconfig# restore factory-defaults System ManagementNetwork Connection Figured time interval. Default is 2 seconds Type of service Items Description Source address or interfaceSet DF bit in IP header? no Data pattern 0xABCD IP Icmp Source-Routing IP Source Routing A50010-Y3-C150-2-7619 Tracing Packet Route Following is the basic information to trace packet routes Displaying User Connecting to System SWITCH# tracerouteMAC Table Configuring Ageing time SWITCH# show uptimeRunning Time of System System Information System Memory Information CPU packet limitAverage of CPU Load Running Process Displaying Installed OS Default OSDisplaying System Image Switch Status Tech SupportBer of display lines of terminal screen A50010-Y3-C150-2-7619 103 Command Mode Description Snmp community ro rw Community Simple Network Management Protocol SnmpSnmp Community No snmp community ro rw Community Information of Snmp Agent Following is an example of creating 2 Snmp communitiesA50010-Y3-C150-2-7619 105 Following is an example of configuring Snmp com2sec SWITCHconfig# show snmp com2secSnmp Com2sec Snmp Group Permission to Access Snmp View Record SWITCHconfig# snmp view Test includedSnmp View Record Following is an example of creating an Snmp view record Lowing command To display Snmp version 3 user, use the following commandSnmp access Snmp Version 3 User Snmp Trap Mode To set an Snmp trap host, use the following commandTo select an Snmp trap-mode, use the following command Snmp Trap Host Enabling Snmp Trap 110 A50010-Y3-C150-2-7619 To disable Snmp trap, use the following command Disabling Snmp TrapNode Snmp Alarm Enabling Alarm NotificationSWITCHconfig# snmp inform-trap-host Displaying Snmp Trap Default Alarm Severity Alarm Severity CriterionTo configure a priority of alarm, use the following command Generic Alarm Severity 114 A50010-Y3-C150-2-7619 Adva Alarm Severity Snmp Alarm-severity adva-if-sfp-mismatchA50010-Y3-C150-2-7619 115 Critical major minor warning intermedi ERP Alarm Severity 116 A50010-Y3-C150-2-7619 Displaying Snmp Configuration STP Guard Alarm SeverityA50010-Y3-C150-2-7619 117 To disable Snmp feature, use the following command SWITCHconfig# show snmp alarm-historyDisabling Snmp Operation, Administration and Maintenance OAM Disables local OAMOAM Loopback A50010-Y3-C150-2-7619 119 Local OAM Mode OAM UnidirectionRemote OAM Displaying OAM Configuration To display OAM configuration, use the following commandA50010-Y3-C150-2-7619 121 122 A50010-Y3-C150-2-7619 Link Layer Discovery Protocol Lldp Lldp OperationLldp Operation Type Basic TLV Interval and Delay Time Lldp Message124 A50010-Y3-C150-2-7619 Displaying Lldp Configuration To display Lldp configuration, use the following commandA50010-Y3-C150-2-7619 125 To open RMON-historymode, use the following command SWITCHconfig# show rmon-history configCommand Mode Description Rmon-history Remote Monitoring Rmon Source Port of Statistical Data Subject of Rmon HistoryNumber of Sample Data Interval of Sample Inquiry Deleting Configuration of Rmon History Activating Rmon HistoryDisplaying Rmon History Rmon Alarm Subject of Rmon AlarmCommand Mode Description Rmon-alarm A50010-Y3-C150-2-7619 129 Object of Sample Inquiry Absolute Comparison and Delta ComparisonUpper Bound of Threshold 130 A50010-Y3-C150-2-7619 Configuring Standard of the First Alarm Lower Bound of Threshold Activating Rmon Alarm Deleting Configuration of Rmon AlarmDisplaying Rmon Alarm Rmon Event Event Description Subject of Rmon EventEvent Type Activating Rmon Event Deleting Configuration of Rmon Event Displaying Rmon Event134 A50010-Y3-C150-2-7619 Activates Rmon event To set a syslog output level, use the following command SyslogSyslog Output Level Syslog Output Level without a Priority Syslog Output Level with a Priority 136 A50010-Y3-C150-2-7619Local5 local6 local7 lpr mail news sys Log user uucp emerg alert crit err Facility Code Syslog Bind AddressA50010-Y3-C150-2-7619 137 Displaying Syslog Configuration Debug Message for Remote TerminalDisabling Syslog Displaying Syslog Message How to Operate Rule and QoS Rule and QoS Rule Configuration Rule CreationRule Priority 140 A50010-Y3-C150-2-7619 Packet Classification A50010-Y3-C150-2-7619 141 142 A50010-Y3-C150-2-7619 Tcp Rule Action A50010-Y3-C150-2-7619 143 144 A50010-Y3-C150-2-7619 Overwrites 802.1p CoS field in the packet same as IP Applying Rule Modifying and Deleting RuleRemedy Select another name for the rule e.g. add a prefix 3 QoS Displaying Rule Weighted Round Robin WRR Weighted Fair Queuing WFQScheduling Algorithm Weighted Fair Queuing Strict Priority Queuing SP Qos Weight 3.3 802.1p Priory-to-queue Mapping Admin Access Rule To configure a queue parameter, use the following commandTo display a configuration of QoS, enter following command Queue Parameter Command Mode Description Rule Name create admin Command Mode Description Priority low medium highA50010-Y3-C150-2-7619 151 Highest Defaul low 152 A50010-Y3-C150-2-7619 Command Mode Description No-match deny Command Mode Description ApplyApplies an admin access rule to the system Match permit Permits a packet Shows a current configuration of a rule 154 A50010-Y3-C150-2-7619 NetBIOS Filtering InternetA50010-Y3-C150-2-7619 155 SWITCHbridge# show netbios-filter Martian FilteringMax Host To display configured max host, use the following command Following is an example of displaying configured max hostsMax New Hosts To configure max new hosts, use the following command Enable port security on the portPort Security Port Security on Port Set the violation mode and the action to be taken Set the maximum number of secure MAC address for the portEnter a secure MAC address for the port A50010-Y3-C150-2-7619 159 This is an example of configuring port security on port Port Security AgingPort Maximum MAC Table A50010-Y3-C150-2-7619 161 Command Mode Description Clear mac Command Mode Description No macClear mac Name Clear mac Name Port Default Policy of MAC Filtering Sample ConfigurationMAC Filtering Adding Policy of MAC Filter Deleting MAC Filter Policy Listing of MAC Filter PolicyDisplaying MAC Filter Policy Address Resolution Protocol ARP Following is an example of displaying one configurationARP Table Registering ARP Table Displaying ARP Table166 A50010-Y3-C150-2-7619 To display ARP alias, use the following command ARP AliasARP Inspection A50010-Y3-C150-2-7619 167 168 A50010-Y3-C150-2-7619 Icmp Message Control Gratuitous ARPProxy-ARP Blocking Echo Reply Message Interval for Transmit Icmp MessageTab Type Value Type Status Command Mode Description Ip icmp interval rate-limit Enable Shows Icmp interval configuration GlobalTransmitting Icmp Redirect Message 172 A50010-Y3-C150-2-7619 RST Configuration IP TCP Flag ControlPolicy of unreached messages SYN Configuration Packet DumpVerifying Packet Dump Packet Dump by Protocol Packet Dump with OptionA50010-Y3-C150-2-7619 175 Tab .4 shows the options for packet dump Tab .4 Options for Packet Dump 176 A50010-Y3-C150-2-7619Option Description Displaying the usage of the packet routing table Debug Packet DumpA50010-Y3-C150-2-7619 177 Vlan Enlarged Network BandwidthCost-Effective Way Strengthened Security Port-Based Vlan Creating Vlan Specifying PvidAssigning Port to Vlan Deleting Vlan Protocol-Based Vlan MAC address-based VlanDisplaying Vlan Subnet-based Vlan Tagged VlanVlan Tag Macbase MAC-ADDRESS Vlan Description Displaying Vlan InformationMapping Frames to Vlan QinQ Tunnel PortTrunk Port Tagged Double Tagging Configuration To disable double tagging, use the following commandDouble Tagging Operation Designate the QinQ port Tpid Configuration Layer 2 IsolationPrivate Vlan Edge Private Vlan Command Mode Description Port protected Ports Port IsolationShared Vlan No port protected Ports 188 A50010-Y3-C150-2-7619 Vlan fid Vlans FID Open Rule Configuration mode using rule Name create command Open Bridge Configuration mode using the bridge commandSample Configuration 1 Configuring Port-based Vlan Vlan Translation Sample Configuration 2 Deleting Port-based Vlan Following is deleting vlan id 3 among configured VlanSample Configuration 3 Configuring Protocol-based Vlan Default br2 br3 br4 Sample Configuration 4 Configuring QinQ SwitchSample Configuration 5 Configuring Shared Vlan with FID SWITCHbridge# vlan dot1q-tunnel enable SWITCHbridge# vlan add br5 1-42untagged Link Aggregation Configuring Port Trunk Port TrunkTrunk distmode Dstip dstmac Srcdstip Displaying Port Trunk Configuration Link Aggregation Control Protocol LacpDisabling Port Trunk Configuring Lacp Activate Lacp function, using the following commandPacket Route Operating Mode of Member Port To disable configuring packets, use the following command196 A50010-Y3-C150-2-7619 Identifying Member Ports within Lacp Bpdu Transmission RateKey value of Member Port A50010-Y3-C150-2-7619 197 Priority of Switch Command Mode Description Lacp port priority PortsPriority of Member Port 198 A50010-Y3-C150-2-7619 Displaying Lacp Configuration To display a configured LACP, use the following commandA50010-Y3-C150-2-7619 199 Spanning-Tree Protocol STP Root Switch STP OperationA50010-Y3-C150-2-7619 201 Designated Switch Switch Designated Port and Root Port Port Priority Disabled Port StatesListening Learning Switch B Switch C BackupPort Path Switch D Rstp Operation Bpdu Policy Rapid Network Convergence 17 Network Convergence of 802.1w A50010-Y3-C150-2-7619 207 19 Network Convergece of 802.1w 208 A50010-Y3-C150-2-7619 Mstp Operation Compatibility with 802.1d Switch D Switch E OperationRegion B IST Configuring STP/RSTP/MSTP/PVSTP/PVRSTP Mode Required Region a ISTA50010-Y3-C150-2-7619 211 Configuring STP/RSTP/MSTP Root SwitchActivating STP/RSTP/MSTP Path-cost Port-priority Tab STP Path-costA50010-Y3-C150-2-7619 213 MST Region Mstp Protocol Point-to-point MAC ParametersEdge Ports A50010-Y3-C150-2-7619 215 Displaying Configuration To delete the edge port mode, use the following command Configuring PVSTP/PVRSTP Command Mode Description Stp pvst enable VLAN-RANGEActivating PVSTP/PVRSTP A50010-Y3-C150-2-7619 217 Ally. To configure port priority, use the following command 6.3 Path-cost6.4 Port-priority 218 A50010-Y3-C150-2-7619 Root Guard Configuration Root GuardRestarting Protocol Migration Bridge Protocol Data Unit Configuration Forward DelayHello Time Hello Time Forward Delay Max Age To delete a configured max age, use the following command Following command9.4 Bpdu Hop 9.5 Bpdu Filter Configure the specific port as edge-port Configure Bpdu GuardSelf Loop Detection Displaying Bpdu Configuration 224 A50010-Y3-C150-2-7619 Backup Route Mstp Configuration SWITCHbridge# stp force-version mstp226 A50010-Y3-C150-2-7619 Virtual Router Redundancy Protocol Vrrp Internet Configuring Vrrp To delete the Vrrp configuration, use the following commandAssociated IP Address 228 A50010-Y3-C150-2-7619 Access to Associated IP Address Master Router and Backup RouterA50010-Y3-C150-2-7619 229 Layer 3 Switch 2 IP Address 10.0.0.2/24 SWTICH1config# router vrrp default Vrrp Track Function Authentication Password To configure Vrrp Track, use the following command SWITCHconfig-vrrp#authentication cleartext network PreemptFollowing is an example of disabling Preempt A50010-Y3-C150-2-7619 233 Configuration mode Rate LimitVrrp Statistics Configuring Rate Limit To set a port bandwidth, use the following commandA50010-Y3-C150-2-7619 235 Configuring Flood-Guard Flood Guard236 A50010-Y3-C150-2-7619 Following is an example of configuration to bandwidth as SWITCHbridge# show mac-flood-guardBandwidth A50010-Y3-C150-2-7619 237 Dynamic Host Configuration Protocol Dhcp Saving CostEfficient IP Management IP Packet Broadcast Dhcp Server or Relay Agent Dhcp Server Dhcp Pool Creation Dhcp SubnetRange of IP Address Default Gateway Following is an example of specifying the default gatewayIP Lease Time A50010-Y3-C150-2-7619 241 DNS Server Manual BindingFollowing is an example of specifying a DNS server 242 A50010-Y3-C150-2-7619 Domain Name Dhcp Server OptionStatic Mapping Recognition of Dhcp Client Command Mode Description Ip dhcp arp ping packet Command Mode Description Ip dhcp arp ping timeoutIP Address Validation Authorized ARP Ignoring Bootp Request Prohibition of 1N IP Address AssignmentDhcp Packet Statistics A50010-Y3-C150-2-7619 245 Displaying Dhcp Pool Configuration SWITCHconfig# show ip dhcp server statisticsCommand Mode Description Show ip dhcp pool Pool 246 A50010-Y3-C150-2-7619 Dhcp Address Allocation with Option Dhcp Class CapabilityDhcp Class Creation Relay Agent Information Pattern Associating Dhcp Class Range of IP Address for Dhcp ClassText String No address range A.B.C.D Dhcp Lease Database Dhcp Database AgentDisplaying Dhcp Lease Status A50010-Y3-C150-2-7619 249 Dhcp Relay Agent Deleting Dhcp Lease DatabaseDhcp Server Relay Agent Subnet PC= Dhcp Client Packet Forwarding Address Smart Relay Agent ForwardingC.D all Dhcp Option Enabling Dhcp Option Option 82 Sub-Option Default Trust Policy Option 82 Reforwarding PolicyOption 82 Trust Policy To specify a trusted remote ID, use the following command Simplified Dhcp OptionTrusted Remote ID Trusted Physical Port Dhcp Client Enabling Dhcp Client6.2 Dhcp Client ID 6.3 Dhcp Class ID Displaying Dhcp Client Configuration Requesting OptionForcing Release or Renewal of Dhcp Lease A50010-Y3-C150-2-7619 257 Dhcp Snooping Enabling Dhcp SnoopingDhcp Trust State 258 A50010-Y3-C150-2-7619 Mode Description Ip dhcp snooping Limit-lease Dhcp Rate LimitDhcp Lease Limit Source MAC Address Verification Dhcp Snooping Database Agent Specifying Dhcp Snooping Database AgentSpecifying Dhcp Snooping Binding Entry 260 A50010-Y3-C150-2-7619 Displaying Dhcp Snooping Configuration IP Source GuardEnabling IP Source Guard Source IP Address Filter Displaying IP Source Guard Configuration Source port-security commands togetherCommand Mode Description Ip dhcp verify source Ports Static IP Source Binding Command Mode Description Ip dhcp filter-address Dhcp FilteringDhcp Packet Filtering Dhcp Server Packet Filtering Command Mode Description Debug dhcp filter Packet service allDebugging Dhcp 264 A50010-Y3-C150-2-7619 Ethernet Ring Protection ERP ERP Operation Normal Node Send Link Down MessageRM Node Normal Node RM Node Configuring ERP Loss of Test Packet LotpERP Domain RM Node Port of ERP domainProtected Vlan Protected Activation Manual Switch to Secondary Wait-to-Restore TimeLearning Disable Time Test Packet Interval Displaying ERP Configuration StackingShow erp all DOMAIN-ID Switch Group Designating Master and Slave SwitchDesignate Mater switch using the following command A50010-Y3-C150-2-7619 271 Accessing to Slave Switch from Master Switch To disable stacking, use the following commandSample Configuration 1 Configuring Stacking Disabling Stacking SWITCHA# configure terminal SWITCHAconfig# stack device defaultSWITCHBconfig# stack device default A50010-Y3-C150-2-7619 273 Broadcast Storm Control To disconnect, input as belowStorm-control broadcast mul Ticast dlf Rate Ports Command Mode Description Jumbo-frame Ports Jumbo-frame CapacityA50010-Y3-C150-2-7619 275 Blocking Direct Broadcast Maximum Transmission Unit MTU276 A50010-Y3-C150-2-7619 SWITCHconfig-if#show running-config interface A50010-Y3-C150-2-7619 277 Layer 2 Network Layer 3 Network Command Mode Description Ip multicast route-limit Multicast Routing Information BaseEnabling Multicast Routing Required Limitation of Mrib Routing Entry Clearing Mrib Information Clearing Total or Partial Group Entry of MribClearing Statistics of Multicast Routing Table 280 A50010-Y3-C150-2-7619 Displaying Mrib Information Multicast Time-To-Live ThresholdMrib Debug Multicast Aging 282 A50010-Y3-C150-2-7619 Igmp Basic Configuration Internet Group Management Protocol IgmpIgmp Version per Interface Igmp Version Igmp Static Join Setting Igmp VersionRemoving Igmp Entry Igmp Debug Igmp Query Configuration Command Mode Description Ip igmp static-groupMaximum Number of Groups Vlan Vlan port Port reporter Igmp Maximum Response Time 286 A50010-Y3-C150-2-7619 Displaying the Igmp Configuration Igmp v2 Fast LeaveA50010-Y3-C150-2-7619 287 Igmp Snooping Basic Configuration Step Execute the ip multicast-routing command3 L2 Mfib Enabling Igmp Snooping per Vlan Enable Igmp snooping on a Vlan interface Command Mode Description Ip igmp snooping vlan VlansCommand Mode Description Show ip igmp snooping Vlan Igmp v2 Snooping Igmp v2 Snooping Fast Leave Multicast Packet290 A50010-Y3-C150-2-7619 To disable Igmp querier, use the following command Igmp v2 Snooping QuerierEnabling Igmp Snooping Querier A50010-Y3-C150-2-7619 291 Timeout Value of Igmp v2 Snooping Querier’s General Query To disable the max-response-time, use the following commandQuery Interval of Igmp v2 Snooping Querier 292 A50010-Y3-C150-2-7619 Igmp v2 Snooping Last-Member-Interval A50010-Y3-C150-2-7619 293Vlans querier detail Last-member-query-interval Configuring Mrouter Port per Vlan Igmp v2 Snooping Report MethodMrouter Port 294 A50010-Y3-C150-2-7619 Displaying Mrouter Configuration Multicast TCN FloodingMrouter Port Learning Method Command Mode Description Ip igmp snooping tcn query 296 A50010-Y3-C150-2-7619Vlans flood Nected to on a Vlan interface Igmp v3 Snooping Igmp Snooping VersionJoin Host Management A50010-Y3-C150-2-7619 297 To display a configuration, use the following command Multicast Vlan Registration MVRImmediate Block Enabling MVR MVR Group AddressMVR IP Address A50010-Y3-C150-2-7619 299 7.5 Displaying MVR Configuration Igmp Filtering and ThrottlingSend and Receive Port Creating Igmp Profile Policy of Igmp ProfileGroup Range of Igmp Profile A50010-Y3-C150-2-7619 301 To return to the default setting, use the following command Applying Igmp Profile to the Filter PortMax Number of Igmp Join Group 302 A50010-Y3-C150-2-7619 PIM-SM Protocol Independent Multicast-Sparse Mode Displaying Igmp Snooping TableRPT and SPT PIM Common Configuration Packet for the request PIM-SM and Passive Mode DR Priority To configure a query hold time, use the following command Filters of Neighbor in PIMPIM Hello Query 306 A50010-Y3-C150-2-7619 Bootstrap Router BSR To activate PIM-SM debugging, use the following commandBSR and RP PIM Debug RP Information Static RP for Certain GroupIp pim bsr-candidate Global Clears all RP sets Set Enabling Transmission of Candidate RP Message A50010-Y3-C150-2-7619 309 PIM-SM Registration 4.34.4 Ignoring RP Priority Rate Limit of Register Message Configure filtering out multicast sources Command Mode Description Ip pim register-suppressionFilters for Register Message from RP Source Address of Register Message SPT Switchover This command is disabled by defaultReachability for PIM Register Process 312 A50010-Y3-C150-2-7619 PIM Join/Prune Interoperability Cisco Router InteroperabilityChecksum of Full PIM Register Message With older Cisco IOS versions, use the following command 8.2 Candidate RP Message with Cisco BSR8.3 Excluding GenID Option With older Cisco IOS versions PIM-SSM Group PIM Snooping Displaying PIM-SM Configuration 316 A50010-Y3-C150-2-7619 IP Routing Protocol Border Gateway Protocol BGP Basic Configuration Configuration Type of BGPEnabling BGP Routing Advanced Configuration Go back to Global Configuration mode using the exit commandDisabling BGP Routing Command Mode Description Aggregate-address A.B.C.D/M Summary of PathAutomatic Summarization of Path As-set summary-only Multi-Exit Discriminator MED Choosing Best PathBgp deterministic-med No bgp deterministic-med Command Mode Description Bgp bestpath as-path ignore Command Mode Description Bgp bestpath compare-confedSelects the best path using the router ID for identical Aspath Configures the router to consider the MED in choosing Graceful Restart IP Address Family Restart TimeStalepath Time 324 A50010-Y3-C150-2-7619 Default Route BGP NeighborPeer Group To create a BGP Peer Group, use the following command Route MapForce Shutdown BGP Session Reset Session Reset of All PeersWord shutdown Session Reset of Peers within Particular AS 328 A50010-Y3-C150-2-7619 Session Reset of Specific Route Session Reset of External PeerA50010-Y3-C150-2-7619 329 Session Reset of Peer Group 330 A50010-Y3-C150-2-7619 Displaying and Managing BGP A50010-Y3-C150-2-7619 331 332 A50010-Y3-C150-2-7619 NEIGHBOR-IP routes Open Shortest Path First Ospf Enabling Ospf Command Mode Description Router ospf 334 A50010-Y3-C150-2-7619No router ospf ABR Type Configuration Command Mode Description Network A.B.C.D/M areaCompatibility Support Ospf Interface Authentication Type Authentication Key336 A50010-Y3-C150-2-7619 Interface Cost A50010-Y3-C150-2-7619 337 Blocking Transmission of Route Information Database Routing Protocol Interval To configure a dead interval, use the following command To configure a transmit delay, use the following commandA50010-Y3-C150-2-7619 339 Ospf Maximum Transmission Unit MTU Ospf Priority340 A50010-Y3-C150-2-7619 Non-Broadcast Network Ospf Network TypeA50010-Y3-C150-2-7619 341 Area Authentication Ospf Area342 A50010-Y3-C150-2-7619 Default Cost of Area Area 0-4294967295filter-list access LIST-NAMEin outNo area 0-4294967295filter- list access LIST-NAMEin out Area 0-4294967295filter-list prefix LIST-NAMEin out Default-information-originate Not So Stubby Area NssaNo-redistribution No-summary To delete configured NSSA, use the following command Originate metric Router Configures Nssa with one optionA50010-Y3-C150-2-7619 345 Originate Area Range Shortcut Area346 A50010-Y3-C150-2-7619 C.D/M advertise not Advertise Stub Area Virtual Link Transmit-delay Dead-interval348 A50010-Y3-C150-2-7619 Default Metric To delete the configuration, use the following commandGraceful Restart Support Hello-interval Grace-period Helper350 A50010-Y3-C150-2-7619 Default Route Opaque-LSA SupportMetric Metric-type Metric-type Router Deletes the configuration Finding PeriodRoute-map Metric-type Always Route-map MAP-NAME External Routes to Ospf Network Metric-type Route-map MAP-NAMEA50010-Y3-C150-2-7619 353 To delete the default metric, use the following command Router Deletes the default metricOspf Distance External Inter-area Intra-area To make it as a default, use the following command Host RoutePassive Interface A50010-Y3-C150-2-7619 355 Blocking Routing Information Summary Routing InformationOspf Monitoring and Management To display the Ospf database, use the following command Displaying Ospf Protocol InformationA50010-Y3-C150-2-7619 357 As A.B.C.D Command Mode Description Show ip ospf interface Interface 358 A50010-Y3-C150-2-7619 Displaying Debugging Information Limiting Number of DatabaseA50010-Y3-C150-2-7619 359 Command Mode Description Overflow database Maximum Process of LSA360 A50010-Y3-C150-2-7619 Overflow database external To use RIP protocol, you should enable RIP Routing Information Protocol RIPEnabling RIP A50010-Y3-C150-2-7619 361 Configure the network to operate as RIP RIP Neighbor Router RIP Version Creating available Static Route only for RIP Redistributing Routing Information Command Mode Description Route-map TAG deny permit Metrics for Redistributed Routes Administrative Distance Originating Default InformationRouting Information Filtering Filtering Access List and Prefix List Disabling the transmission to InterfaceOffset List RIP Network Timer UpdateTimeout Maximum Number of RIP Routes Authentication Key To adjust the timers, use the following commandNo timers basic Update Time Split Horizon To disable RIP authentication, use the following command Restarting RIPUDP Buffer Size of RIP Monitoring and Managing RIP 372 A50010-Y3-C150-2-7619 General Upgrade Command Mode Description Copy ftp tftp os DownloadA50010-Y3-C150-2-7619 373 Boot Mode Upgrade 374 A50010-Y3-C150-2-7619 To configure a subnet mask, use the following command To configure a default gateway, use the following commandTo the boot mode only A50010-Y3-C150-2-7619 375 Boot load os1 10.27.41.82 V5212G.3.18.x 376 A50010-Y3-C150-2-7619 FTP Upgrade Uploads the new system software using the following commandA50010-Y3-C150-2-7619 377 Exit the FTP client using the following command Command! For more information, see SectionCommand Mode Description Exit 378 A50010-Y3-C150-2-7619 Access Control List Address Resolution ProtocolCommand Line Interface CoS Class of Service Internet Service Provider Loss of SignalLoss of Power Medium Access Control Type of Service Spanning Tree ProtocolSoftware Transmission Control Protocol

SURPASS hiD 6615 S223/S323 R1.5

mac dst-mac ip}

PORTS

Command

Mode

Description

show ip arp inspection [vlan

168

A50010-Y3-C150-2-7619