Root Guard, Restarting Protocol Migration | Siemens S223, S323

User Manual	UMN:CLI
SURPASS hiD 6615 S223/S323 R1.5

8.3.7Root Guard

The standard STP does not allow the administrator to enforce the position of the root bridge, as any bridge in the network with lower bridge ID will take the role of the root bridge. Root guard feature is designed to provide a way to enforce the root bridge place- ment in the network. Even if the administrator sets the root bridge priority to zero in an ef- fort to secure the root bridge position, there is still no guarantee against bridge with prior- ity zero and a lower MAC address.

Service provider

Customer

	Switch A	Switch B
Root Switch	Root Guard
Root Switch	Configuration
	Configuration
Fig. 8.25 Root Guard

Software-based bridge applications launched on PCs or other switches connected by a customer to a service-provider network can be elected as root switches. If the priority of bridge B is zero or any value lower than that of the root bridge, device B will be elected as a root bridge for this VLAN. As a result, network topology could be changed. This may lead to sub-optimal switching. But, by configuring root guard on switch A, no switches be- hind the port connecting to switch A can be elected as a root for the service provider’s switch network. In which case, switch A will block the port connecting switch B.

To configure Root-Guard, use the following command.

Command

Mode

Description

stp pvst root-guard

Configures Root Guard on PVST network.

VLAN-RANGE PORTS

stp mst root-guard

Configures Root Guard on MST network.

MSTID-RANGE PORTS

Bridge

no stp pvst root-guard

VLAN-RANGE PORTS

Disables Root Guard.

no stp mst root-guard

MSTID-RANGE PORTS

8.3.8Restarting Protocol Migration

There are two switches which configured as STP and RSTP. Usually, in this case, STP protocol is used between two switches. But if someone configures the STP switch to RSTP mode, what happens? Because the RSTP switch already received STP protocol packet, the two switches still can work with STP mode even though RSTP is enabled at both. If you enable this command, the switch checks STP protocol packet once again.

A50010-Y3-C150-2-7619

219

Image 219

Siemens S223, S323 user manual Restarting Protocol Migration, Root Guard Configuration

Contents

A50010-Y3-C150-2-7619 Umncli Important Notice on Product Safety Surpass hiD 6615 S223/S323 R1.5A50010-Y3-C150-2-7619 Details Reason for UpdateIssue History Summary System software upgrade added Contents 5.2 4.34.4 5.1 12.1 7.17.2 7.3 103 100101 102 127 124125 126 150 Surpass hiD 6615 S223/S323 R1.5 3.1147 149 182 179180 181 6.1 Surpass hiD 6615 S223/S323 R1.5 5.9216 217 247 1.161.17 246 3.8 Surpass hiD 6615 S223/S323 R1.5 3.2268 269 299 295297 298 10.1.1.2 Surpass hiD 6615 S223/S323 R1.5 10.1.1318 10.1.1.1 354 10.2.12353 10.2.13 Illustrations Igmp Snooping and PIM-SM Configuration Network 279 176 TablesTab 171 Tab .1 Overview of Chapters A50010-Y3-C150-2-7619 AudienceDocument Structure Tab .1 briefly describes the structure of this document CE Declaration of Conformity Tab .2 Command Notation of Guide BookDocument Convention Document Notation GPL/LGPL Warranty and Liability Exclusion System Overview IP Routing System FeaturesQuality of Service QoS Multicasting Broadcast Storm Control Spanning Tree Protocol STPLink Aggregation Trunking System Management based on CLI Radius and TACACS+ Command Mode Command Line Interface CLI Shows hiD 6615 S323 software mode structure briefly Tab .1 Main Commands of Privileged Exec View Mode Privileged Exec View ModePrivileged Exec Enable Mode Global Configuration Mode Tab .3 Main Commands of Global Configuration Mode Bridge Configuration Mode Rule Configuration Mode Tab .4 Main Commands of Bridge Configuration ModeOpens Rule Configuration mode Command Mode Description Ip dhcp pool Pool Dhcp Configuration ModeDhcp Option 82 Configuration Mode Tab .6 Main Commands of Dhcp Configuration Mode Interface Configuration Mode Rmon Configuration ModeCommand Mode Description Interface Interface Command Mode Description Router Configuration ModeVrrp Configuration Mode Tab .10 Main Commands of Router Configuration Mode Route-Map Configuration Mode 6615 S223/S323 Listing Available CommandsVariables following after the commands Useful Tips Calling Command History CommandSurpass hiD 6615 S223/S323 R1.5 SWITCH# show clock Using AbbreviationUsing Command of Privileged Exec Enable Mode Tab .13 Command Abbreviation Exit Current Command Mode Exits to Privileged Exec enable modeAble mode, you will be logged out System Login System ConnectionStep Password for Privileged Exec Mode Command Mode Description Passwd enable PasswordPasswd enable 8 Password Changing Login Password Management for System AccountCreating System Account To display the created account, use the following command Configuring Security Level SWITCH# show list No privilege bgp level Command Mode Description No privilegeNo privilege configure level No privilege rmon-alarm level Shows a configured security level Command Mode Description Show privilege Limiting Number of User Telnet AccessSWITCH# write memory SWITCH# disconnect ttyp0 Auto Log-out System RebootingManual System Rebooting SWITCHconfig# show exec-timeout No auto-reset cpu memory System AuthenticationAuto System Rebooting Auto-reset memory 1-120 Authentication Method Authentication InterfacePrimary Authentication Method Radius Server Priority Radius Server for System AuthenticationTimeout of Authentication Request Radius Server 5.2 Tacacs Server Priority Tacacs Server for System AuthenticationTacacs Server Frequency of Retransmit Command Mode Description Login tacacs timeout Additional TACACS+ ConfigurationTCP Port for the Authentication Authentication Type Start stop both Accounting ModeDisplaying System Authentication Login accounting-mode none Tacacs Sample Configuration Assigning IP Address Disabling Interface Interface Configuration ModeTo enable the interface, use the following command Enabling Interface No ip route IP-ADDRESS/M Static Route and Default GatewayAssigning IP Address to Network Interface Ip address IP-ADDRESS/M Forwarding Information BaseFIB Retain Displaying Forwarding Information BaseFIB Table Show ip interface Interface ② On Interface Configuration ModeDisplaying Interface Show interface Interface SSH Server SSH Secure Shell SSH Client Assigning Specific Authentication KeyLogin to SSH Server 2.3 Configuring Authentication Key Configure the authentication key in the switch Connect to SSH server with the authentication keySsh keygen rsa1 rsa dsa 802.1x Authentication Server Suppliant Authenticator Authentication ServerEAP over LAN EAP over Radius Designate as default Response 1 802.1x AuthenticationConfiguring Radius Server Authentication Server Configuring Authentication Mode Command Mode Description Dot1x radius-server move IPDot1x radius-server host Command Mode Description Dot1x timeout tx-period Authentication PortForce Authorization Mode Description Dot1x port-control auto force Enabling 802.1x Re-Authentication 2 802.1x Re-Authentication1.7 Configuring Number of Request to Radius Server 1.8 Configuring Interval of Request to Radius Server Configuring the Interval of Re-Authentication Configuring the Interval of Requesting Re-authentication2.4 802.1x Re-authentication 6 802.1x User Authentication Statistic Initializing Authentication StatusApplying Default Value Displaying 802.1x Configuration SWTICHconfig# dot1x auth-mode mac-base SWTICHconfig# dot1x system-auth-control PortAuthed Port Basic Selecting Port TypeShow port Ports Enabling Ethernet Port Ethernet Port ConfigurationTo enable/disable a port, use the following command Command Mode Description Port medium Port sfp rj45 Port speed Ports 10 100 Command Mode Description Port nego Ports on offAuto-negotiation Transmit Rate Half Duplex ModeCommand Mode Description Port duplex Ports full half Flow Control SWITCHbridge# show port description Following is an example of configuring flow control to portTo view description of port, use the following command SWITCHbridge# port flow-control 25 on Packets Statistics SWITCHbridge# show port statistics avg-pktSWITCHbridge# show port statistics rmon Traffic Statistics To enable/disable protocol statistics CPU statisticsProtocol statistics Port Status To display a port status, use the following commandSWITCH# show port Port Mirroring Command Mode Description Mirror add Ports ingress Activate the port mirroring, using the following commandDesignate the monitor port, use the following command Designate the mirrored ports, use the following command Configure the monitor port 1 and mirroring port 2, 3, 4 To disable monitoring function, use the following commandConnect a motoring PC to the monitor port of the switch Enable mirroring function Environment Configuration Host NameTime and Date Tab .1 World Time Zone Time ZoneNetwork Time Protocol Tab .1 shows the world time zone NTP Network Time Protocol Simple Network Time Protocol SntpFollowing is an example of releasing NTP and showing it Terminal Configuration To display Sntp configuration, use the following commandNo sntp DNS Server Login BannerTo restore a default banner, use the following command To set a DNS server, use the following command CPU Load Fan OperationDisabling Daemon Operation System Threshold No threshold Port Ports rx Mode Description Threshold PortPort Traffic Fan Operation Threshold temp Value Value System TemperatureEnabling FTP Server System Memory All Option History router bgp pim rip Configuration ManagementDisplaying System Configuration Assigning IP Address of FTP Client Auto-Saving Saving System ConfigurationSystem Configuration File SWITCH# show running-config syslog Restoring Default Configuration To delete backup file, use the following commandSWITCHconfig# copy running-config SURPASShiD6615 SWITCHconfig# restore factory-defaults System ManagementNetwork Connection Figured time interval. Default is 2 seconds Data pattern 0xABCD Type of serviceItems Description Source address or interface Set DF bit in IP header? no IP Source Routing A50010-Y3-C150-2-7619 IP Icmp Source-Routing Following is the basic information to trace packet routes Tracing Packet Route Displaying User Connecting to System SWITCH# tracerouteMAC Table System Information Configuring Ageing timeSWITCH# show uptime Running Time of System Running Process System Memory InformationCPU packet limit Average of CPU Load Displaying Installed OS Default OSDisplaying System Image A50010-Y3-C150-2-7619 103 Switch StatusTech Support Ber of display lines of terminal screen No snmp community ro rw Community Command Mode Description Snmp community ro rw CommunitySimple Network Management Protocol Snmp Snmp Community Information of Snmp Agent Following is an example of creating 2 Snmp communitiesA50010-Y3-C150-2-7619 105 Snmp Group Following is an example of configuring Snmp com2secSWITCHconfig# show snmp com2sec Snmp Com2sec Following is an example of creating an Snmp view record Permission to Access Snmp View RecordSWITCHconfig# snmp view Test included Snmp View Record Snmp Version 3 User Lowing commandTo display Snmp version 3 user, use the following command Snmp access Snmp Trap Host Snmp Trap ModeTo set an Snmp trap host, use the following command To select an Snmp trap-mode, use the following command 110 A50010-Y3-C150-2-7619 Enabling Snmp Trap To disable Snmp trap, use the following command Disabling Snmp TrapNode Displaying Snmp Trap Snmp AlarmEnabling Alarm Notification SWITCHconfig# snmp inform-trap-host Default Alarm Severity Alarm Severity CriterionTo configure a priority of alarm, use the following command 114 A50010-Y3-C150-2-7619 Generic Alarm Severity Critical major minor warning intermedi Adva Alarm SeveritySnmp Alarm-severity adva-if-sfp-mismatch A50010-Y3-C150-2-7619 115 116 A50010-Y3-C150-2-7619 ERP Alarm Severity Displaying Snmp Configuration STP Guard Alarm SeverityA50010-Y3-C150-2-7619 117 To disable Snmp feature, use the following command SWITCHconfig# show snmp alarm-historyDisabling Snmp A50010-Y3-C150-2-7619 119 Operation, Administration and Maintenance OAMDisables local OAM OAM Loopback Local OAM Mode OAM UnidirectionRemote OAM Displaying OAM Configuration To display OAM configuration, use the following commandA50010-Y3-C150-2-7619 121 122 A50010-Y3-C150-2-7619 Basic TLV Link Layer Discovery Protocol LldpLldp Operation Lldp Operation Type Interval and Delay Time Lldp Message124 A50010-Y3-C150-2-7619 Displaying Lldp Configuration To display Lldp configuration, use the following commandA50010-Y3-C150-2-7619 125 Remote Monitoring Rmon To open RMON-historymode, use the following commandSWITCHconfig# show rmon-history config Command Mode Description Rmon-history Interval of Sample Inquiry Source Port of Statistical DataSubject of Rmon History Number of Sample Data Deleting Configuration of Rmon History Activating Rmon HistoryDisplaying Rmon History A50010-Y3-C150-2-7619 129 Rmon AlarmSubject of Rmon Alarm Command Mode Description Rmon-alarm 130 A50010-Y3-C150-2-7619 Object of Sample InquiryAbsolute Comparison and Delta Comparison Upper Bound of Threshold Lower Bound of Threshold Configuring Standard of the First Alarm Rmon Event Activating Rmon AlarmDeleting Configuration of Rmon Alarm Displaying Rmon Alarm Activating Rmon Event Event DescriptionSubject of Rmon Event Event Type Activates Rmon event Deleting Configuration of Rmon EventDisplaying Rmon Event 134 A50010-Y3-C150-2-7619 Syslog Output Level without a Priority To set a syslog output level, use the following commandSyslog Syslog Output Level Log user uucp emerg alert crit err Syslog Output Level with a Priority136 A50010-Y3-C150-2-7619 Local5 local6 local7 lpr mail news sys Facility Code Syslog Bind AddressA50010-Y3-C150-2-7619 137 Displaying Syslog Message Displaying Syslog ConfigurationDebug Message for Remote Terminal Disabling Syslog Rule and QoS How to Operate Rule and QoS 140 A50010-Y3-C150-2-7619 Rule ConfigurationRule Creation Rule Priority A50010-Y3-C150-2-7619 141 Packet Classification Tcp 142 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 143 Rule Action Overwrites 802.1p CoS field in the packet same as IP 144 A50010-Y3-C150-2-7619 Applying Rule Modifying and Deleting RuleRemedy Select another name for the rule e.g. add a prefix Displaying Rule 3 QoS Weighted Round Robin WRR Weighted Fair Queuing WFQScheduling Algorithm Strict Priority Queuing SP Weighted Fair Queuing 3.3 802.1p Priory-to-queue Mapping Qos Weight Queue Parameter Admin Access RuleTo configure a queue parameter, use the following command To display a configuration of QoS, enter following command Highest Defaul low Command Mode Description Rule Name create adminCommand Mode Description Priority low medium high A50010-Y3-C150-2-7619 151 152 A50010-Y3-C150-2-7619 Match permit Permits a packet Command Mode Description No-match denyCommand Mode Description Apply Applies an admin access rule to the system 154 A50010-Y3-C150-2-7619 Shows a current configuration of a rule NetBIOS Filtering InternetA50010-Y3-C150-2-7619 155 SWITCHbridge# show netbios-filter Martian FilteringMax Host To display configured max host, use the following command Following is an example of displaying configured max hostsMax New Hosts Port Security on Port To configure max new hosts, use the following commandEnable port security on the port Port Security A50010-Y3-C150-2-7619 159 Set the violation mode and the action to be takenSet the maximum number of secure MAC address for the port Enter a secure MAC address for the port Maximum This is an example of configuring port security on portPort Security Aging Port A50010-Y3-C150-2-7619 161 MAC Table Clear mac Name Port Command Mode Description Clear macCommand Mode Description No mac Clear mac Name Adding Policy of MAC Filter Default Policy of MAC FilteringSample Configuration MAC Filtering Deleting MAC Filter Policy Listing of MAC Filter PolicyDisplaying MAC Filter Policy Address Resolution Protocol ARP Following is an example of displaying one configurationARP Table Registering ARP Table Displaying ARP Table166 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 167 To display ARP alias, use the following commandARP Alias ARP Inspection 168 A50010-Y3-C150-2-7619 Icmp Message Control Gratuitous ARPProxy-ARP Type Value Blocking Echo Reply MessageInterval for Transmit Icmp Message Tab Type Status 172 A50010-Y3-C150-2-7619 Command Mode Description Ip icmp interval rate-limitEnable Shows Icmp interval configuration Global Transmitting Icmp Redirect Message RST Configuration IP TCP Flag ControlPolicy of unreached messages SYN Configuration Packet DumpVerifying Packet Dump Packet Dump by Protocol Packet Dump with OptionA50010-Y3-C150-2-7619 175 Tab .4 shows the options for packet dump Tab .4 Options for Packet Dump 176 A50010-Y3-C150-2-7619Option Description Displaying the usage of the packet routing table Debug Packet DumpA50010-Y3-C150-2-7619 177 Strengthened Security VlanEnlarged Network Bandwidth Cost-Effective Way Port-Based Vlan Deleting Vlan Creating VlanSpecifying Pvid Assigning Port to Vlan Protocol-Based Vlan MAC address-based VlanDisplaying Vlan Macbase MAC-ADDRESS Subnet-based VlanTagged Vlan Vlan Tag Vlan Description Displaying Vlan InformationMapping Frames to Vlan Tagged QinQTunnel Port Trunk Port Designate the QinQ port Double Tagging ConfigurationTo disable double tagging, use the following command Double Tagging Operation Private Vlan Tpid ConfigurationLayer 2 Isolation Private Vlan Edge No port protected Ports Command Mode Description Port protected PortsPort Isolation Shared Vlan Vlan fid Vlans FID 188 A50010-Y3-C150-2-7619 Vlan Translation Open Rule Configuration mode using rule Name create commandOpen Bridge Configuration mode using the bridge command Sample Configuration 1 Configuring Port-based Vlan Default br2 br3 br4 Sample Configuration 2 Deleting Port-based VlanFollowing is deleting vlan id 3 among configured Vlan Sample Configuration 3 Configuring Protocol-based Vlan SWITCHbridge# vlan dot1q-tunnel enable Sample Configuration 4 Configuring QinQSwitch Sample Configuration 5 Configuring Shared Vlan with FID Link Aggregation SWITCHbridge# vlan add br5 1-42untagged Dstip dstmac Srcdstip Configuring Port TrunkPort Trunk Trunk distmode Displaying Port Trunk Configuration Link Aggregation Control Protocol LacpDisabling Port Trunk Configuring Lacp Activate Lacp function, using the following commandPacket Route Operating Mode of Member Port To disable configuring packets, use the following command196 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 197 Identifying Member Ports within LacpBpdu Transmission Rate Key value of Member Port 198 A50010-Y3-C150-2-7619 Priority of SwitchCommand Mode Description Lacp port priority Ports Priority of Member Port Displaying Lacp Configuration To display a configured LACP, use the following commandA50010-Y3-C150-2-7619 199 Spanning-Tree Protocol STP Root Switch STP OperationA50010-Y3-C150-2-7619 201 Switch Designated Switch Port Priority Designated Port and Root Port Learning DisabledPort States Listening Rstp Operation Switch B Switch CBackup Port Path Switch D Rapid Network Convergence Bpdu Policy 17 Network Convergence of 802.1w A50010-Y3-C150-2-7619 207 19 Network Convergece of 802.1w 208 A50010-Y3-C150-2-7619 Compatibility with 802.1d Mstp Operation Switch D Switch E OperationRegion B IST Configuring STP/RSTP/MSTP/PVSTP/PVRSTP Mode Required Region a ISTA50010-Y3-C150-2-7619 211 Path-cost Configuring STP/RSTP/MSTPRoot Switch Activating STP/RSTP/MSTP Port-priority Tab STP Path-costA50010-Y3-C150-2-7619 213 MST Region A50010-Y3-C150-2-7619 215 Mstp ProtocolPoint-to-point MAC Parameters Edge Ports To delete the edge port mode, use the following command Displaying Configuration A50010-Y3-C150-2-7619 217 Configuring PVSTP/PVRSTPCommand Mode Description Stp pvst enable VLAN-RANGE Activating PVSTP/PVRSTP 218 A50010-Y3-C150-2-7619 Ally. To configure port priority, use the following command6.3 Path-cost 6.4 Port-priority Root Guard Configuration Root GuardRestarting Protocol Migration Hello Time Bridge Protocol Data Unit ConfigurationForward Delay Hello Time Max Age Forward Delay 9.5 Bpdu Filter To delete a configured max age, use the following commandFollowing command 9.4 Bpdu Hop Configure the specific port as edge-port Configure Bpdu GuardSelf Loop Detection 224 A50010-Y3-C150-2-7619 Displaying Bpdu Configuration Backup Route Mstp Configuration SWITCHbridge# stp force-version mstp226 A50010-Y3-C150-2-7619 Internet Virtual Router Redundancy Protocol Vrrp 228 A50010-Y3-C150-2-7619 Configuring VrrpTo delete the Vrrp configuration, use the following command Associated IP Address Access to Associated IP Address Master Router and Backup RouterA50010-Y3-C150-2-7619 229 SWTICH1config# router vrrp default Layer 3 Switch 2 IP Address 10.0.0.2/24 Vrrp Track Function To configure Vrrp Track, use the following command Authentication Password A50010-Y3-C150-2-7619 233 SWITCHconfig-vrrp#authentication cleartext networkPreempt Following is an example of disabling Preempt Configuration mode Rate LimitVrrp Statistics Configuring Rate Limit To set a port bandwidth, use the following commandA50010-Y3-C150-2-7619 235 Configuring Flood-Guard Flood Guard236 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 237 Following is an example of configuration to bandwidth asSWITCHbridge# show mac-flood-guard Bandwidth IP Packet Broadcast Dhcp Server or Relay Agent Dynamic Host Configuration Protocol DhcpSaving Cost Efficient IP Management Dhcp Server Dhcp Pool Creation Dhcp SubnetRange of IP Address A50010-Y3-C150-2-7619 241 Default GatewayFollowing is an example of specifying the default gateway IP Lease Time 242 A50010-Y3-C150-2-7619 DNS ServerManual Binding Following is an example of specifying a DNS server Recognition of Dhcp Client Domain NameDhcp Server Option Static Mapping Authorized ARP Command Mode Description Ip dhcp arp ping packetCommand Mode Description Ip dhcp arp ping timeout IP Address Validation A50010-Y3-C150-2-7619 245 Ignoring Bootp RequestProhibition of 1N IP Address Assignment Dhcp Packet Statistics 246 A50010-Y3-C150-2-7619 Displaying Dhcp Pool ConfigurationSWITCHconfig# show ip dhcp server statistics Command Mode Description Show ip dhcp pool Pool Relay Agent Information Pattern Dhcp Address Allocation with OptionDhcp Class Capability Dhcp Class Creation No address range A.B.C.D Associating Dhcp ClassRange of IP Address for Dhcp Class Text String A50010-Y3-C150-2-7619 249 Dhcp Lease DatabaseDhcp Database Agent Displaying Dhcp Lease Status PC= Dhcp Client Dhcp Relay AgentDeleting Dhcp Lease Database Dhcp Server Relay Agent Subnet Packet Forwarding Address Smart Relay Agent ForwardingC.D all Dhcp Option Option 82 Sub-Option Enabling Dhcp Option Default Trust Policy Option 82 Reforwarding PolicyOption 82 Trust Policy Trusted Physical Port To specify a trusted remote ID, use the following commandSimplified Dhcp Option Trusted Remote ID 6.3 Dhcp Class ID Dhcp ClientEnabling Dhcp Client 6.2 Dhcp Client ID A50010-Y3-C150-2-7619 257 Displaying Dhcp Client ConfigurationRequesting Option Forcing Release or Renewal of Dhcp Lease 258 A50010-Y3-C150-2-7619 Dhcp SnoopingEnabling Dhcp Snooping Dhcp Trust State Source MAC Address Verification Mode Description Ip dhcp snooping Limit-leaseDhcp Rate Limit Dhcp Lease Limit 260 A50010-Y3-C150-2-7619 Dhcp Snooping Database AgentSpecifying Dhcp Snooping Database Agent Specifying Dhcp Snooping Binding Entry Source IP Address Filter Displaying Dhcp Snooping ConfigurationIP Source Guard Enabling IP Source Guard Static IP Source Binding Displaying IP Source Guard ConfigurationSource port-security commands together Command Mode Description Ip dhcp verify source Ports Dhcp Server Packet Filtering Command Mode Description Ip dhcp filter-addressDhcp Filtering Dhcp Packet Filtering 264 A50010-Y3-C150-2-7619 Command Mode Description Debug dhcp filterPacket service all Debugging Dhcp ERP Operation Ethernet Ring Protection ERP Normal Node RM Node Normal NodeSend Link Down Message RM Node Configuring ERP Loss of Test Packet LotpERP Domain Protected Activation RM NodePort of ERP domain Protected Vlan Test Packet Interval Manual Switch to SecondaryWait-to-Restore Time Learning Disable Time Displaying ERP Configuration StackingShow erp all DOMAIN-ID A50010-Y3-C150-2-7619 271 Switch GroupDesignating Master and Slave Switch Designate Mater switch using the following command Disabling Stacking Accessing to Slave Switch from Master SwitchTo disable stacking, use the following command Sample Configuration 1 Configuring Stacking A50010-Y3-C150-2-7619 273 SWITCHA# configure terminalSWITCHAconfig# stack device default SWITCHBconfig# stack device default Ticast dlf Rate Ports Broadcast Storm ControlTo disconnect, input as below Storm-control broadcast mul Command Mode Description Jumbo-frame Ports Jumbo-frame CapacityA50010-Y3-C150-2-7619 275 Blocking Direct Broadcast Maximum Transmission Unit MTU276 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 277 SWITCHconfig-if#show running-config interface Layer 3 Network Layer 2 Network Limitation of Mrib Routing Entry Command Mode Description Ip multicast route-limitMulticast Routing Information Base Enabling Multicast Routing Required 280 A50010-Y3-C150-2-7619 Clearing Mrib InformationClearing Total or Partial Group Entry of Mrib Clearing Statistics of Multicast Routing Table Displaying Mrib Information Multicast Time-To-Live ThresholdMrib Debug 282 A50010-Y3-C150-2-7619 Multicast Aging Igmp Version Igmp Basic ConfigurationInternet Group Management Protocol Igmp Igmp Version per Interface Igmp Debug Igmp Static Join SettingIgmp Version Removing Igmp Entry Vlan Vlan port Port reporter Igmp Query ConfigurationCommand Mode Description Ip igmp static-group Maximum Number of Groups 286 A50010-Y3-C150-2-7619 Igmp Maximum Response Time Displaying the Igmp Configuration Igmp v2 Fast LeaveA50010-Y3-C150-2-7619 287 Enabling Igmp Snooping per Vlan Igmp Snooping Basic ConfigurationStep Execute the ip multicast-routing command 3 L2 Mfib Igmp v2 Snooping Enable Igmp snooping on a Vlan interfaceCommand Mode Description Ip igmp snooping vlan Vlans Command Mode Description Show ip igmp snooping Vlan Igmp v2 Snooping Fast Leave Multicast Packet290 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 291 To disable Igmp querier, use the following commandIgmp v2 Snooping Querier Enabling Igmp Snooping Querier 292 A50010-Y3-C150-2-7619 Timeout Value of Igmp v2 Snooping Querier’s General QueryTo disable the max-response-time, use the following command Query Interval of Igmp v2 Snooping Querier Last-member-query-interval Igmp v2 Snooping Last-Member-IntervalA50010-Y3-C150-2-7619 293 Vlans querier detail 294 A50010-Y3-C150-2-7619 Configuring Mrouter Port per VlanIgmp v2 Snooping Report Method Mrouter Port Displaying Mrouter Configuration Multicast TCN FloodingMrouter Port Learning Method Nected to on a Vlan interface Command Mode Description Ip igmp snooping tcn query296 A50010-Y3-C150-2-7619 Vlans flood A50010-Y3-C150-2-7619 297 Igmp v3 SnoopingIgmp Snooping Version Join Host Management To display a configuration, use the following command Multicast Vlan Registration MVRImmediate Block A50010-Y3-C150-2-7619 299 Enabling MVRMVR Group Address MVR IP Address 7.5 Displaying MVR Configuration Igmp Filtering and ThrottlingSend and Receive Port A50010-Y3-C150-2-7619 301 Creating Igmp ProfilePolicy of Igmp Profile Group Range of Igmp Profile 302 A50010-Y3-C150-2-7619 To return to the default setting, use the following commandApplying Igmp Profile to the Filter Port Max Number of Igmp Join Group PIM-SM Protocol Independent Multicast-Sparse Mode Displaying Igmp Snooping TableRPT and SPT Packet for the request PIM Common Configuration DR Priority PIM-SM and Passive Mode 306 A50010-Y3-C150-2-7619 To configure a query hold time, use the following commandFilters of Neighbor in PIM PIM Hello Query PIM Debug Bootstrap Router BSRTo activate PIM-SM debugging, use the following command BSR and RP Global Clears all RP sets Set RP InformationStatic RP for Certain Group Ip pim bsr-candidate A50010-Y3-C150-2-7619 309 Enabling Transmission of Candidate RP Message Rate Limit of Register Message PIM-SM Registration4.3 4.4 Ignoring RP Priority Source Address of Register Message Configure filtering out multicast sourcesCommand Mode Description Ip pim register-suppression Filters for Register Message from RP 312 A50010-Y3-C150-2-7619 SPT SwitchoverThis command is disabled by default Reachability for PIM Register Process PIM Join/Prune Interoperability Cisco Router InteroperabilityChecksum of Full PIM Register Message With older Cisco IOS versions With older Cisco IOS versions, use the following command8.2 Candidate RP Message with Cisco BSR 8.3 Excluding GenID Option PIM Snooping PIM-SSM Group 316 A50010-Y3-C150-2-7619 Displaying PIM-SM Configuration Border Gateway Protocol BGP IP Routing Protocol Basic Configuration Configuration Type of BGPEnabling BGP Routing Advanced Configuration Go back to Global Configuration mode using the exit commandDisabling BGP Routing As-set summary-only Command Mode Description Aggregate-address A.B.C.D/MSummary of Path Automatic Summarization of Path No bgp deterministic-med Multi-Exit Discriminator MEDChoosing Best Path Bgp deterministic-med Aspath Command Mode Description Bgp bestpath as-path ignoreCommand Mode Description Bgp bestpath compare-confed Selects the best path using the router ID for identical Graceful Restart Configures the router to consider the MED in choosing 324 A50010-Y3-C150-2-7619 IP Address FamilyRestart Time Stalepath Time Default Route BGP NeighborPeer Group To create a BGP Peer Group, use the following command Route MapForce Shutdown BGP Session Reset Session Reset of All PeersWord shutdown 328 A50010-Y3-C150-2-7619 Session Reset of Peers within Particular AS Session Reset of Specific Route Session Reset of External PeerA50010-Y3-C150-2-7619 329 330 A50010-Y3-C150-2-7619 Session Reset of Peer Group A50010-Y3-C150-2-7619 331 Displaying and Managing BGP NEIGHBOR-IP routes 332 A50010-Y3-C150-2-7619 Enabling Ospf Open Shortest Path First Ospf Command Mode Description Router ospf 334 A50010-Y3-C150-2-7619No router ospf Ospf Interface ABR Type ConfigurationCommand Mode Description Network A.B.C.D/M area Compatibility Support Authentication Type Authentication Key336 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 337 Interface Cost Routing Protocol Interval Blocking Transmission of Route Information Database To configure a dead interval, use the following command To configure a transmit delay, use the following commandA50010-Y3-C150-2-7619 339 Ospf Maximum Transmission Unit MTU Ospf Priority340 A50010-Y3-C150-2-7619 Non-Broadcast Network Ospf Network TypeA50010-Y3-C150-2-7619 341 Area Authentication Ospf Area342 A50010-Y3-C150-2-7619 Area 0-4294967295filter-list prefix LIST-NAMEin out Default Cost of AreaArea 0-4294967295filter-list access LIST-NAMEin out No area 0-4294967295filter- list access LIST-NAMEin out No-summary Default-information-originateNot So Stubby Area Nssa No-redistribution Originate To delete configured NSSA, use the following commandOriginate metric Router Configures Nssa with one option A50010-Y3-C150-2-7619 345 C.D/M advertise not Advertise Area RangeShortcut Area 346 A50010-Y3-C150-2-7619 Virtual Link Stub Area Transmit-delay Dead-interval348 A50010-Y3-C150-2-7619 Hello-interval Default MetricTo delete the configuration, use the following command Graceful Restart Support Grace-period Helper350 A50010-Y3-C150-2-7619 Metric-type Default RouteOpaque-LSA Support Metric Metric-type Always Route-map MAP-NAME Metric-type Router Deletes the configurationFinding Period Route-map External Routes to Ospf Network Metric-type Route-map MAP-NAMEA50010-Y3-C150-2-7619 353 External Inter-area Intra-area To delete the default metric, use the following commandRouter Deletes the default metric Ospf Distance A50010-Y3-C150-2-7619 355 To make it as a default, use the following commandHost Route Passive Interface Blocking Routing Information Summary Routing InformationOspf Monitoring and Management As A.B.C.D To display the Ospf database, use the following commandDisplaying Ospf Protocol Information A50010-Y3-C150-2-7619 357 358 A50010-Y3-C150-2-7619 Command Mode Description Show ip ospf interface Interface Displaying Debugging Information Limiting Number of DatabaseA50010-Y3-C150-2-7619 359 Overflow database external Command Mode Description Overflow databaseMaximum Process of LSA 360 A50010-Y3-C150-2-7619 A50010-Y3-C150-2-7619 361 To use RIP protocol, you should enable RIPRouting Information Protocol RIP Enabling RIP RIP Neighbor Router Configure the network to operate as RIP RIP Version Redistributing Routing Information Creating available Static Route only for RIP Command Mode Description Route-map TAG deny permit Metrics for Redistributed Routes Administrative Distance Originating Default InformationRouting Information Filtering Filtering Access List and Prefix List Disabling the transmission to InterfaceOffset List Maximum Number of RIP Routes RIP Network TimerUpdate Timeout Split Horizon Authentication KeyTo adjust the timers, use the following command No timers basic Update Time To disable RIP authentication, use the following command Restarting RIPUDP Buffer Size of RIP 372 A50010-Y3-C150-2-7619 Monitoring and Managing RIP General Upgrade Command Mode Description Copy ftp tftp os DownloadA50010-Y3-C150-2-7619 373 374 A50010-Y3-C150-2-7619 Boot Mode Upgrade A50010-Y3-C150-2-7619 375 To configure a subnet mask, use the following commandTo configure a default gateway, use the following command To the boot mode only 376 A50010-Y3-C150-2-7619 Boot load os1 10.27.41.82 V5212G.3.18.x FTP Upgrade Uploads the new system software using the following commandA50010-Y3-C150-2-7619 377 378 A50010-Y3-C150-2-7619 Exit the FTP client using the following commandCommand! For more information, see Section Command Mode Description Exit CoS Class of Service Access Control ListAddress Resolution Protocol Command Line Interface Medium Access Control Internet Service ProviderLoss of Signal Loss of Power Transmission Control Protocol Type of ServiceSpanning Tree Protocol Software