Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks SMC6224M manual User Authentication

Models: SMC6224M

1 522

Download 522 pages 38 Kb

Page 113

USER AUTHENTICATION

3.Import Client’s Public Key to the Switch – Use the copy tftp public-keycommand (page 4-86)to copy a file containing the public key for all the SSH client’s granted management access to the switch. (Note that these clients must be configured locally on the switch via the User Accounts page as described on page 3-48.)The clients are subsequently authenticated using these keys. The current firmware only accepts public key files based on standard UNIX format as shown in the following example for an RSA Version 1 key:

1024 35 1341081685609893921040944920155425347631641921872958921143173880

055536161631051775940838686311092912322268285192543746031009371877211996963178

136627741416898513204911720483033925432410163799759237144901193800609025394840

848271781943722884025331159521348610229029789827213532671316294325328189150453

06393916643 steve@192.168.1.19

4.Set the Optional Parameters – On the SSH Settings page, configure the optional parameters, including the authentication timeout, the number of retries, and the server key size.

5.Enable SSH Service – On the SSH Settings page, enable the SSH server on the switch.

6.Challenge-Response Authentication – When an SSH client attempts to contact the switch, the SSH server uses the host key pair to negotiate a session key and encryption method. Only clients that have a private key corresponding to the public keys stored on the switch can access. The following exchanges take place during this process:

a.The client sends its public key to the switch.

b.The switch compares the client's public key to those stored in memory.

c.If a match is found, the switch uses the public key to encrypt a random sequence of bytes, and sends this string to the client.

d.The client uses its private key to decrypt the bytes, and sends the decrypted bytes back to the switch.

3-59

Image 113

SMC Networks SMC6224M manual User Authentication

Contents

TigerStack 10/100 Page TigerStack 10/100 Management Guide Trademarks Limited Warranty Limited Warranty Contents Contents Contents Command Line Interface Vii Viii Contents Contents Contents Xii Xiii Xiv Glossary Index AppendicesXvi Xvii TablesXviii Xix Tables Xxi Figures39 Binding a Port to an ACL 37 ACL Configuration Extended IP ACL Configuration MACXxiii Xxiv Key Features Key FeaturesLacp Description of Software FeaturesDescription of Software Features Introduction Description of Software Features Introduction System Defaults System DefaultsSnmp Dhcp Introduction Configuration Options Connecting to the SwitchRequired Connections Connecting to the Switch Remote Connections Unit Numbering Stack OperationsResilient IP Interface for Management Access Recovering from Stack Failure or Topology ChangeConsole Connection Basic ConfigurationSetting Passwords Manual Configuration Setting an IP AddressDynamic Configuration Enabling Snmp Management Access Community Strings Trap Receivers Saving Configuration SettingsEnter the name of the start-up file. Press Enter Managing System FilesManaging System Files Initial Configuration Using the Web Interface Configuring the SwitchConfiguring the Switch Home Navigating the Web Browser InterfacePanel Display Configuration OptionsMain Menu Main MenuACL IP Filter Sets IP addresses of clients allowed Vlan 157 Vlan ID Field Attributes Displaying System InformationSystem Information CLI Specify the hostname, location and contact information Displaying Switch Hardware/Software VersionsSwitch Information Displaying Bridge Extension Capabilities CLI Use the following command to display version informationBridge Extension Configuration CLI Enter the following command Setting the Switch’s IP AddressCommand Attributes Manual IP Configuration Dhcp IP Configuration Using DHCP/BOOTP250 Range SMC6224M 1-8, SMC6248M 1-4, mixed stack Managing FirmwareSource/Destination Unit Stack unit Operation Code Image File Transfer Downloading System Software from a ServerSelect Start-Up Operation File Saving or Restoring Configuration Settings Source/Destination Unit Stack unit 11 Copy Configuration Settings Downloading Configuration Settings from a Server12 Setting the Startup Configuration Settings Console Port Settings 13 Console Port Settings Telnet Settings Basic Configuration 14 Enabling Telnet System Log Configuration Configuring Event LoggingLevel Severity Name Description Logging Levels15 System Logs Remote Log ConfigurationConfiguring the Switch 16 Remote Logs CLI This example shows the event message stored in RAM Displaying Log MessagesSending Simple Mail Transfer Protocol Alerts 18 Enabling and Configuring Smtp Alerts 19 Resetting the System Resetting the SystemConfiguring Sntp Setting the System Clock20 Sntp Configuration 21 Setting the System Clock Setting the Time ZoneSimple Network Management Protocol Setting Community Access StringsSpecifying Trap Managers and Trap Types Access Mode23 Configuring IP Trap Managers Configuring User Accounts User Authentication24 Access Levels Configuring Local/Remote Logon Authentication Command Usage Tacacs Settings Radius Settings25 Authentication Settings 100 Configuring HttpsWeb Browser Operating System Https System Support26 Https Settings Replacing the Default Secure-site CertificateConfiguring the Secure Shell Command Usage User Authentication Generating the Host Key Pair 27 SSH Host-Key Settings SSH server includes basic settings for authentication Configuring the SSH Server28 SSH Server Settings Configuring Port Security Command Usage 29 Configuring Port Security Configuring 802.1X Port AuthenticationPage 802.1X protocol provides client authentication Displaying 802.1X Global Settings802.1X System Authentication Control The global setting for Web Click Security, 802.1X, InformationCLI This example shows the default global setting for Configuring 802.1X Global SettingsCLI This example enables 802.1X globally for the switch Configuring Port Settings forAuthorized 32 802.1X Port Configuration108 802.1X Statistics Displaying 802.1X StatisticsCLI This example displays the 802.1X statistics for port 33 Displaying 802.1X Port StatisticsFiltering Addresses for Management Access 34 Creating a Web IP Filter List CLI This example allows Snmp access for a specific client Access Control ListsConfiguring Access Control Lists Setting the ACL Name and Type CLI This example creates a standard IP ACL named david 35 Selecting ACL TypeConfiguring a Standard IP ACL Command Attributes 36 ACL Configuration Standard IP Configuring an Extended IP ACL Command AttributesConfiguring the Switch 37 ACL Configuration Extended IP 120 Configuring a MAC ACL Command Attributes38 ACL Configuration MAC Binding a Port to an Access Control List 39 Binding a Port to an ACL Field Attributes Web Port ConfigurationDisplaying Connection Status Web Click Port, Port Information or Trunk Information Field Attributes CLICurrent Status CLI This example shows the connection status for Port Configuring Interface ConnectionsConfiguring the Switch Creating Trunk Groups 41 Port/Trunk ConfigurationCommand Usage Statically Configuring a Trunk Command Usage 42 Static Trunk Configuration 163 Enabling Lacp on Selected Ports Command Usage43 Lacp Trunk Configuration 164 100 44 Lacp Aggregation Port 101169 102Displaying Lacp Port Counters 103You can display statistics for Lacp protocol messages Lacp Port CountersLacp Internal Configuration Information Displaying Lacp Settings and Status for the Local Side104 CLI The following example displays Lacp counters105 46 Lacp Port Internal Information 106107 Displaying Lacp Settings and Status for the Remote SideLacp Neighbor Configuration Information 47 Lacp Port Neighbors Information 108109 Setting Broadcast Storm Thresholds48 Port Broadcast Control 110111 Configuring Port Mirroring112 49 Mirror Port ConfigurationRate Limit Granularity Configuring Rate Limits113 114 Rate Limit Configuration115 Showing Port StatisticsPort Statistics 116Port Statistics 117Rmon Statistics 118119 52 Port Statistics 120CLI This example shows statistics for port 121122 Address Table SettingsSetting Static Addresses 123 53 Configuring a Static Address Table124 Displaying the Address Table125 54 Configuring a Dynamic Address TableChanging the Aging Time Spanning Tree Algorithm Configuration126 CLI This example sets the aging time to 400 seconds127 128 Displaying Global Settings129 56 STA Information 130193 131132 Configuring Global SettingsGlobal settings apply to the entire switch 133 Root Device Configuration134 Configuration Settings for Rstp135 57 STA Configuration136 Displaying Interface Settings137 138 58 STA Port Information 139CLI This example shows the STA attributes for port Configuring Interface Settings140 141 142 Ieee 802.1Q VLANs Vlan Configuration143 CLI This example sets STA attributes for portAssigning Ports to VLANs 144145 146 Forwarding Tagged/Untagged Frames 147CLI This example enables Gvrp for the switch Enabling or Disabling Gvrp Global Setting148 Displaying Basic Vlan Information149 Command Attributes WebDisplaying Current VLANs Web Click VLAN, 802.1Q VLAN, Basic Information150 Command Attributes CLICreating VLANs 151CLI This example creates a new Vlan 152Adding Static Members to VLANs Vlan Index 153154 155 64 Configuring a Vlan Static TableAdding Static Members to VLANs Port Index 156157 Configuring Vlan Behavior for Interfaces158 159 66 Vlan Port Configuration160 Private VLANsDisplaying Current Private VLANs 16167 Private Vlan Information 162163 Configuring Private VLANsEach community Vlan must be associated with a primary Vlan 164Associating VLANs Displaying Private Vlan Interface Information 165166 Configuring Private Vlan Interfaces167 168 71 Private Vlan Port ConfigurationLayer 2 Queue Settings Class of Service ConfigurationSetting the Default Priority for Interfaces 169170 CLI This example assigns a default priority of 5 to portMapping CoS Values to Egress Queues 17110 Mapping CoS Values to Egress Queues 11 CoS Priority Levels73 Traffic Classes 172173 Selecting the Queue Mode174 Setting the Service Weight for Traffic ClassesMapping Layer 3/4 Priorities to CoS Values Layer 3/4 Priority Settings175 Mapping IP Precedence 176Selecting IP Precedence/DSCP Priority 12 Mapping IP Precedence 17713 Mapping Dscp Priority Values 178Mapping Dscp Priority 78 Mapping IP Dscp Priority Values 179Mapping IP Port Priority 18079 IP Port Priority Status 18114 Egress Queue Priority Mapping 182Mapping CoS Values to ACLs 81 ACL CoS Priority 183184 Multicast Filtering185 Configuring Igmp Snooping and Query ParametersLayer 2 Igmp Snooping and Query 186 187 82 Igmp ConfigurationDisplaying Interfaces Attached to a Multicast Router 188Specifying Static Interfaces for a Multicast Router 189190 Displaying Port Members of Multicast Services85 IP Multicast Registration Table 191192 Assigning Ports to Multicast Services86 Igmp Member Port Table 193194 Accessing the CLI Using the Command Line InterfaceTelnet Connection Using the Command Line Interface This section describes how to enter CLI commands Entering CommandsKeywords and Arguments Minimum AbbreviationGetting Help on Commands Command CompletionShowing Commands Partial Keyword Lookup Negating the Effect of CommandsUsing Command History Command Modes Understanding Command ModesExec Commands Configuration Commands Mode Command Prompt Configuration ModesCommand Line Processing Command Line ProcessingCommand Groups Command GroupsCommand Groups Line Commands Line CommandsLine Syntax Login local no login LoginLogin local Line ConfigurationUsername 4-35 password PasswordSyntax Password 0 7 password no password No password is specifiedCLI Disabled 0 seconds Telnet 600 seconds Timeout login responseLogin 4-16password-thresh4-20 To set the timeout to two minutes, enter this command Exec-timeoutSilent-time4-21exec-timeout Syntax Exec-timeout seconds no exec-timeoutSilent-time4-21 Timeout login response Password-threshSyntax Password-thresh threshold no password-thresh Default value is three attemptsTo set the silent time to 60 seconds, enter this command Default value is no silent-timePassword-thresh4-20 Silent-timeDatabits To specify 7 data bits, enter this commandSyntax Databits 7 8 no databits Seven data bits per character Eight data bits per characterSpeed ParitySyntax Parity none even odd no parity Syntax Speed bps no speedSyntax stopbits 1 StopbitsShow line DisconnectSyntax disconnect session-id Syntax Show line console vtyGeneral Commands General CommandsTo show all lines, enter this command Syntax enable level EnableDisable Enable password LevelNone DisableConfigure Show history End ReloadExit This command exits the configuration programQuit AnySystem Management Commands System Management CommandsThis example shows how to quit a CLI session Device Designation Commands Device Designation CommandsPrompt Syntax Prompt string no promptUser Access Commands User Access CommandsHostname Syntax Hostname name no hostnameUsername 10 Default Login SettingsDefault is level Default password is super Enable password11 IP Filter Commands IP Filter CommandsEnable 4-27 authentication enable All addresses ManagementShow management 12 Web Server Commands Web Server CommandsSyntax No ip http server Default Setting Default Setting Command ModeIp http port Ip http serverIp http port Syntax No ip http secure-server Default SettingIp http secure-server 13 Https System Support Ip http secure-portIp http secure-port4-43 Copy tftp https-certificate Portnumber The UDP port used for HTTPS. Range14 Telnet Server Commands Telnet Server CommandsIp telnet port Ip http secure-server4-42Ip telnet server Syntax No ip telnet server Default SettingIp telnet server Ip telnet port15 SSH Commands Secure Shell CommandsPublic key type Command Line Interface Ip ssh server Syntax No ip ssh server Default SettingDisabled Syntax Ip ssh timeout seconds no ip ssh timeout Ip ssh timeoutExec-timeout4-19 show ip ssh Ip ssh crypto host-key generate 4-52 show sshIp ssh server-key size Ip ssh authentication-retriesShow ip ssh Key-size- The size of server key. Range 512-896 bitsIp ssh crypto host-key generate Delete public-keySyntax Delete public-key username dsa rsa Syntax Ip ssh crypto host-key generate dsa rsaSyntax Ip ssh crypto zeroize dsa rsa Ip ssh crypto zeroizeIp ssh save host-key This command saves host key from RAM to flash memorySyntax Ip ssh save host-key dsa rsa Saves both the DSA and RSA keyShow ip ssh This command displays the current SSH server connectionsShow ssh 16 show ssh display descriptionSyntax Show public-key user username host Show public-keyUsername Name of an SSH user. Range 1-8 characters Shows all public keysConsole#show public-key host Host 17 Event Logging Commands Event Logging CommandsSyntax No logging on Default Setting Logging on18 Logging Levels Logging historyLogging history 4-59 clear logging Logging host Flash errors level 3 RAM warnings level 6Syntax No logging host hostipaddress Hostipaddress The IP address of a syslog serverSyntax No logging facility type Logging facilitySyntax Logging trap level no logging trap Enabled Level 6Logging trap Show logging Clear loggingSyntax Clear logging flash ram Syntax Show logging flash ram sendmail trap19 show logging flash/ram display description Following example displays settings for the trap functionShow log Syntax Show log flash ram login tail20 show logging trap display description Show logging sendmailFollowing example shows sample messages stored in RAM Smtp Alert Commands21 Smtp Alert Commands Syntax No logging sendmail host ipaddress Logging sendmail hostSyntax Logging sendmail level level Logging sendmail levelLogging sendmail destination-email Logging sendmail source-emailSyntax No logging sendmail source-email email-address This example will set the source email john@acme.comShow logging sendmail Syntax No logging sendmail Default SettingLogging sendmail 22 Time Commands Time CommandsSntp server 4-73 sntp poll 4-74 show sntp Syntax No sntp client Default SettingSntp client Sntp client 4-72 sntp poll 4-74 show sntp Sntp serverSyntax Sntp server ip1 ip2 ip3 Show sntp Sntp pollSyntax Sntp poll seconds no sntp poll Sntp clientClock timezone Show sntp Calendar setSyntax Year Year 4-digit. RangeThis command displays the system clock System Status Commands23 System Status Commands Show calendarSyntax Light unit unit Show startup-configLight unit Example Show running-config4-80 Show running-configExample Show system Show startup-config4-78This command displays system information Show version Show users24 Frame Size Commands Frame Size CommandsSyntax No jumbo frame Default Setting Jumbo frame25 Flash/File Commands Flash/File CommandsCopy Privileged Exec Following example shows how to download a configuration file Delete This command deletes a file or imageSyntax Dir unit boot-rom config opcode filename This command displays a list of files in flash memoryDir Dir Delete public-key4-52Following example shows how to display all file information WhichbootSyntax whichboot unit File information is shown belowSyntax Boot system unit boot-romconfig opcode filename Boot systemAuthentication Sequence Authentication CommandsDir 4-90 whichboot 27 Authentication CommandsLocal Authentication loginUsername for setting the local user names and passwords Authentication enableRadius Client 29 Radius Client CommandsTimeout 5 seconds Default Setting Auth-portRetransmit Command Mode Radius-server hostRadius-server key Radius-server portSyntax Radius-server port portnumber no radius-server port 1812Radius-server retransmit Radius-server timeoutShow radius-server TACACS+ Client 30 Tacacs CommandsTacacs-server host Hostipaddress IP address of a TACACS+ serverTacacs-server key Tacacs-server portSyntax Tacacs-server port portnumber no tacacs-server port Syntax Tacacs-server key keystring no tacacs-server keyShow tacacs-server Port Security CommandsStatus Disabled Action None Maximum Addresses 31 Port Security CommandsInterface Configuration Ethernet Port security105 32 802.1X Port Authentication 802.1X Port AuthenticationSyntax No system-auth-control Default Setting Dot1x defaultDot1x system-auth-control Dot1x max-reqInterface Configuration Default Command ModeDefault Dot1x port-controlSingle-host Dot1x operation-modeDot1x re-authentication Dot1x re-authenticateSyntax Dot1x re-authenticate interface Syntax No dot1x re-authentication Command ModeSeconds The number of seconds. Range Dot1x timeout quiet-periodDot1x timeout re-authperiod Show dot1x Dot1x timeout tx-periodSyntax Show dot1x statistics interface interface Statistics Displays dot1x status for each portBefore re-transmitting EAP packet Supplicant-timeout- Supplicant timeoutMax Count Access this portState Current state including initialize, reauthenticate 115 Access Control Lists Access Control List Commands34 IP ACLs 33 Access Control ListsIP ACLs Syntax No access-list ip standard extended aclname Access-list ipStandard ACL Permit, deny Ip access-group4-123 show ip access-list4-123Syntax No permit deny any source bitmask host source No permit deny tcp Access-list ipExtended ACL Precedence source-port control-flag122 Ip access-group Show ip access-listSyntax Show ip access-list standard extended aclname Syntax No ip access-group aclnameThis command shows the ports assigned to IP ACLs Show ip access-groupShow ip access-list4-123 Syntax No map access-list ip aclname cos cos-value Map access-list ipQueue cos-map4-224 Show map access-list ip 35 Egress Queue Priority MappingMap access-list ip Show map access-list ipSyntax Show map access-list ip interface Syntax No access-list mac aclname Access-list macMAC ACLs 36 MAC ACLsSyntax No permit deny Permit, deny MAC ACLMAC ACL Mac access-group Show mac access-listSyntax Show mac access-list aclname Syntax Mac access-group aclnameMap access-list mac Show mac access-groupShow mac access-list4-130 This command shows the ports assigned to MAC ACLsQueue cos-map4-224 Show map access-list mac Show map access-list macSyntax Show map access-list mac interface 37 Egress Queue Priority Mapping38 ACL Information Show access-listACL Information Privileged Executive Show access-groupThis command shows the port assignments of ACLs Snmp-server community Snmp Commands39 Snmp Commands Syntax Snmp-server contact string no snmp-server contact Snmp-server contactSyntax Snmp-server location text no snmp-server location Snmp-server locationHost Address None Snmp Version Snmp-server hostIssue authentication and link-up-down traps Snmp-server enable trapsShow snmp This command checks the status of Snmp communications141 40 Interface Commands Interface CommandsDescription InterfacePort-channel channel-idRange Syntax Description string no descriptionFollowing example adds a description to port Interface Configuration Ethernet, Port ChannelSpeed-duplex Negotiation 4-145 capabilities Syntax No negotiation Default SettingNegotiation Capabilities 4-146speed-duplex4-144 Following example configures port 11 to use autonegotiationCapabilities Negotiation 4-145speed-duplex4-144 flowcontrol Syntax No flowcontrol Default SettingFlowcontrol Shutdown Following example enables flow control on portNegotiation Capabilities flowcontrol, symmetric Syntax No shutdownFollowing example disables port Switchport broadcast packet-rateAll interfaces are enabled Port-channel channel-idRange Default Setting This command clears statistics on an interfaceClear counters Syntax Clear counters interfaceShow interfaces status This command displays the status for an interfaceFollowing example clears statistics on port Syntax Show interfaces status interfaceShow interfaces counters This command displays interface statisticsSyntax Show interfaces counters interface Shows the counters for all interfaces153 Syntax Show interfaces switchport interface Show interfaces switchportThis example shows the configuration setting for port Shows all interfaces41 Interfaces Switchport Statistics 42 Mirror Port Commands Mirror Port CommandsInterface Configuration Ethernet, destination port Port monitorShow port monitor This command displays mirror informationSyntax Show port monitor interface Shows all sessions43 Rate Limit Commands Rate Limit CommandsFollowing shows mirroring configured from port 6 to port Actual rate limit = Rate limit level * Granularity Rate-limitFast Ethernet Gigabit Ethernet Rate-limit granularity Global Configuration Ethernet, Port ChannelShow rate-limit Link Aggregation CommandsUse this command to display the rate limit granularity Guidelines for Creating Trunks 44 Link Aggregation CommandsSyntax Channel-group channel-idno channel-group Channel-groupChannel-id- Trunk index Range Current port will be added to this trunkFollowing example creates trunk 1 and then adds port Syntax no lacp Default SettingLacp 165 32768 Lacp system-priorityLacp admin-keyEthernet Interface Interface Configuration Port Channel Lacp admin-key Port ChannelLacp port-priority Port Channel all This command displays Lacp informationShow lacp 45 show lacp counters display description 46 show lacp internal display description Expected to be enabled in the absence of administrative 47 show lacp neighbors display description 48 show lacp sysid display description Address Table Commands49 Address Table Commands Mac-address- MAC address Mac-address-table staticEthernet unit/port -unit- Stack unit Vlan-id- Vlan ID RangeMac-address- MAC address Mask Bits to match in the address Clear mac-address-table dynamicShow mac-address-table 178 Show mac-address-table aging-time Mac-address-table aging-time50 Spanning Tree Commands Spanning Tree CommandsSpanning-tree Syntax No spanning-tree Default SettingSpanning tree is enabled Rstp Spanning-tree modeSyntax Spanning-tree mode stp rstp no spanning-tree mode Spanning-tree hello-time Spanning-tree forward-timeSpanning-tree max-age Spanning-tree priority Spanning-tree transmission-limit Spanning-tree pathcost methodLong method Count The transmission limit in seconds. RangeThis command limits the maximum transmission rate for BPDUs Spanning-tree spanning-disabledSyntax No spanning-tree spanning-disabled Default Setting This example disables the spanning tree algorithm for portSyntax Spanning-tree cost cost no spanning-tree cost Spanning-tree costSpanning-tree edge-port Spanning-tree port-priorityPriority The priority for a port. Range 0-240, in steps Syntax No spanning-tree edge-portSpanning-tree portfast Syntax No spanning-tree portfast Default SettingSpanning-treeedge-port4-189 Spanning-tree link-typeSpanning-tree protocol-migration Port-channel channel-idRange Command ModeAuto Syntax Spanning-tree protocol-migration interfaceSyntax Show spanning-tree interface This command shows the configuration for the spanning treeShow spanning-tree 194 Editing Vlan Groups Vlan Commands195 Vlan databaseVlan 196197 By default only Vlan 1 exists and is activeVlan Database Configuration 53 Configuring Vlan Interfaces Configuring Vlan Interfaces198 Interface vlan199 Switchport modeAll ports are in hybrid mode with the Pvid set to Vlan Switchport acceptable-frame-types4-200 Switchport acceptable-frame-types200 All frame types201 Switchport ingress-filteringSyntax No switchport ingress-filtering Default Setting 202 Switchport native vlan203 Switchport allowed vlanNo VLANs are included in the forbidden list Switchport forbidden vlan204 Displaying Vlan Information 54 Show Vlan Commands205 Show vlan206 Configuring Private VLANsFollowing example shows how to display information for Vlan 207 55 Private Vlan CommandsPrivate-vlan 208209 No private-vlan primary-vlan-idassociation 210Private vlan association Normal Vlan Switchport mode private-vlan211 Switchport private-vlan isolated Switchport private-vlan host-association212 Isolated-vlan-id- ID of isolated VLAN. Range213 Switchport private-vlan mappingSyntax Show vlan private-vlan community isolated primary 214Show vlan private-vlan 56 Gvrp and Bridge Extension Commands Gvrp and Bridge Extension CommandsSyntax No bridge-ext gvrp Default Setting 215Show bridge-ext 216Show gvrp configuration Switchport gvrpSyntax No switchport gvrp Default Setting Syntax Show gvrp configuration interface218 Garp timerSyntax Show garp timer interface Show garp timerShows all Garp timers 219Priority Commands Layer Priority Commands57 Priority Commands 58 Priority Commands LayerSyntax Queue mode strict wrr no queue mode Queue modeWeighted Round Robin 221222 Switchport priority defaultQueue bandwidth 223Queue cos-map 59 Default CoS Priority Levels224 This command shows the current queue mode Show queue mode225 Show queue cos-map4-226226 This command shows the class of service priority mapShow queue bandwidth Show queue cos-map227 Priority Commands Layer 360 Priority Commands Layer 3 228 Syntax No map ip port Default Setting229 Syntax No map ip precedence Default Setting61 Mapping IP Precedence Values List below shows the default priority mapping230 231 Syntax No map ip dscp Default Setting62 IP Dscp to CoS Values 232233 Use this command to show the IP port priority mapShow map ip port Syntax Show map ip port interface234 This command shows the IP precedence priority mapShow map ip precedence Syntax Show map ip precedence interface235 This command shows the IP Dscp priority mapShow map ip dscp Syntax Show map ip dscp interfaceIgmp Snooping Commands Multicast Filtering Commands63 Multicast Filtering Commands 64 Igmp Snooping CommandsFollowing example enables Igmp snooping Syntax No ip igmp snooping Default Setting237 Ip igmp snooping238 Following configures the switch to use Igmp VersionIp igmp snooping version Igmp VersionShow mac-address-table multicast 239Show ip igmp snooping 240 Igmp Query Commands Layer65 Igmp Query Commands Layer 241 Syntax No ip igmp snooping querier Default SettingIp igmp snooping querier Ip igmp snooping query-count242 Following shows how to configure the query count toIp igmp snooping query-interval Ip igmp snooping query-max-response-time4-243Ip igmp snooping query-max-response-time Seconds The report delay advertised in Igmp queries. Range243 Ip igmp snooping router-port-expire-time Switch must use IGMPv2 for this command to take effect244 66 Static Multicast Routing Commands Static Multicast Routing Commands245 Ip igmp snooping vlan mrouter246 Displays multicast router ports for all configured VLANsShow ip igmp snooping mrouter Syntax Show ip igmp snooping mrouter vlan vlan-id67 IP Interface Commands IP Interface CommandsIp address 247248 Interface Configuration VlanSyntax Ip default-gateway gateway no ip default-gateway Ip default-gatewayIp dhcp restart 249Show ip interface This command displays the settings of an IP interface250 All interfacesPing Show ip redirects251 Syntax Ping host size size count countInterface 252Software Features Management Features Standards Groups 1, 2, 3, 9 Statistics, History, Alarm, EventManagement Information Bases Problems Accessing the Management Interface Appendix B TroubleshootingTable B-1 Troubleshooting Chart Symptom Action Using System Logs Troubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 User Datagram Protocol UDP Glossary-8Virtual LAN Vlan XModemIndex-1 NumericsIgmp Index-2Snmp Snmp Index-3Index-4 Page For Technical SUPPORT, Call