Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks SMC6724L3 manual Configuring Access Control Lists

Models: SMC6724L3

1 618

Download 618 pages 36.53 Kb

Page 89

ACCESS CONTROL LISTS

Access Control Lists

Access Control Lists (ACL) provide packet filtering for IP frames (based on address, protocol, TCP/UDP port number or TCP control code) or any frames (based on MAC address or Ethernet type). To filter incoming packets, first create an access list, add the required rules, and then bind the list to a specific port.

Configuring Access Control Lists

An ACL is a sequential list of permit or deny conditions that apply to IP addresses, MAC addresses, or other more specific criteria. This switch tests incoming packets against the conditions in an ACL one by one. If a list contains all permit rules, a packet will be accepted as soon as it passes any of the rules. If a list contains all deny rules, a packet will be rejected as soon as it fails any one of the rules. In other words, if no rules match for a permit list, the packet is dropped; and if no rules match for a deny list, the packet is accepted.

Command Usage

The following restrictions apply to ACLs:

•Each ACL can have up to 32 rules.

•The maximum number of ACLs is also 32.

•However, due to resource restrictions, the average number of rules bound to the ports should not exceed 20.

•The switch does not support the explicit “deny any any” rule for the IP ACL or MAC ACL. If these rules are included in an ACL, and you attempt to bind the ACL to an interface, the bind operation will fail.

•An access list can only contain all permit rules or all deny rules. In other words, for performance reasons, you cannot mix permit and deny rules in the same list.

3-41

Image 89

SMC Networks SMC6724L3 manual Configuring Access Control Lists

Contents

TigerSwitch 10/100 Page TigerSwitch 10/100 Management Guide Trademarks Limited Warranty SMC Networks, Inc Tesla Irvine, CA Contents Viii Contents Contents Command Line Interface Xii Xiii Xiv Contents Xvi Xvii Xviii Xix Contents Xxi Xxii Chapter Introduction Key FeaturesARP Description of Software FeaturesDescription of Software Features Introduction Description of Software Features Introduction Description of Software Features Function Parameter Default System DefaultsSnmp Pvid Dhcp Introduction Configuration Options Connecting to the SwitchRequired Connections Connecting to the Switch Remote Connections Console Connection Basic ConfigurationSetting an IP Address Setting PasswordsManual Configuration Dynamic Configuration Community Strings Enabling Snmp Management AccessInitial Configuration Trap Receivers Saving Configuration SettingsManaging System Files Managing System Files Initial Configuration Using the Web Interface Configuring the SwitchConfiguring the Switch Home Navigating the Web Browser InterfaceButton Action Panel DisplayMenu Description Main MenuVlan Vlan ID Sntp UDP Routing Protocol 152 222 Field Attributes Displaying System InformationBasic Configuration Expansion Slot Indicates any installed module type Displaying Switch Hardware/Software VersionsField Attributes Main Board Management SoftwareBasic Configuration Displaying Bridge Extension Capabilities 176 Setting the Switch’s IP AddressCommand Attributes Command UsageManual Configuration Using DHCP/BOOTP 219 Downloading System Software from a Server Managing FirmwareSaving or Restoring Configuration Settings Downloading Configuration Settings from a Server Setting the System Clock Configuring Sntp Setting the Time Zone Configuring the Logon Password User AuthenticationResetting the System User Authentication Configuring Local/Remote Logon Authentication Command Attributes Configuring 802.1x Port Authentication User Authentication Displaying 802.1x Global Settings User Authentication Configuring 802.1x Global Settings CLI only Authorized Configuring Port Authorization ModeStatistical Values Displaying 802.1x StatisticsEapol EAP Configuring Access Control Lists Access Control ListsACL Configuration Setting the Name and Type Setting the ACL Name and TypeConfiguring a Standard IP ACL Configuring an Extended IP ACL Access Control Lists Configuring the Switch Configuring a MAC ACL Configuring the Switch Binding a Port to an Access Control List Simple Network Management Protocol Setting Community Access StringsSpecifying Trap Managers and Trap Types Access ModeCommand Usage Configuring Dhcp Relay Service Dynamic Host Configuration Protocol101 Address Pool Static Addresses Configuring the Dhcp ServerEnabling the Server, Setting Excluded Addresses Configuring Address Pools Setting the Host Parameters Setting the Network ParametersSetting the Optional Parameters Creating a New Address PoolExamples Configuring a Network Address Pool Configuring a Host Address Pool Displaying Address Bindings CLI This example configures a host address poolField Attributes Web Port ConfigurationDisplaying Connection Status Web Click Port, Port Information or Trunk Information ConfigurationField Attributes CLI Basic informationCurrent status 128 CLI This example shows the connection status for PortConfiguring Interface Connections 125 Setting Broadcast Storm Thresholds 131 Configuring Port MirroringShowing Port Statistics Parameter Description Etherlike Statistics Rmon Statistics Octets long excluding framing bits, but including Configuring the Switch CLI This example shows statistics for port Configuring Rate LimitsCommand Attribute Trunk Configuration Dynamically Configuring a Trunk Trunk Configuration 139 Statically Configuring a Trunk138 Setting Static Addresses Address Table SettingsDisplaying the Address Table 143 Changing the Aging Time Spanning Tree Algorithm ConfigurationDesignated Root Bridge Port Root Port Displaying Global Settings Configuring the Switch 160 Basic Configuration of Global Settings Configuring Global SettingsGlobal settings apply to the entire switch Root Device Configuration Advanced Configuration Settings for Rstp Displaying Interface Settings AD B AD B Configuring the Switch CLI This example shows the STA attributes for port Configuring Interface Settings100 101 102 Vlan ConfigurationOverview Assigning Ports to VLANs 103104 105 Forwarding Tagged/Untagged Frames 106107 Enabling or Disabling Gvrp Global SettingDisplaying Basic Vlan Information 108 Command Attributes WebDisplaying Current VLANs 109 Command Attributes CLI110 Creating VLANs111 Adding Static Members to VLANs Vlan Index112 113 Adding Static Members to VLANs Port Index114 Configuring Vlan Behavior for Interfaces115 116 117 Enabling Private VLANs Configuring Private VLANs118 119 Configuring Uplink and Downlink Ports120 Class of Service ConfigurationSetting the Default Priority for Interfaces 131 121122 Mapping CoS Values to Egress Queues123 124 Setting the Service Weight for Traffic Classes125 Mapping Layer 3/4 Priorities to CoS Values126 Selecting IP Precedence/DSCP Priority127 Mapping IP Precedence128 129 Mapping Dscp Priority130 131 Mapping IP Port Priority132 133 Copying IP Settings to Another Interface134 Multicast Filtering135 Igmp Protocol136 Layer 2 Igmp Snooping and Query137 Configuring Igmp Snooping Parameters138 Displaying Interfaces Attached to a Multicast Router 139Specifying Static Interfaces for a Multicast Router 140141 142 Displaying Port Members of Multicast Services143 Assigning Ports to Multicast Services144 Layer 3 Igmp Query used with Multicast Routing145 Configuring Igmp Interface Parameters146 147 Displaying Multicast Group Information CLI This example configures the Igmp parameters for Vlan148 149 IP Routing150 Initial Configuration151 IP SwitchingRouting Protocols 152Routing Path Management RIP and RIP-2 Dynamic Routing Protocols 153OSPFv2 Dynamic Routing Protocol Non-IP Protocol Routing154 Basic IP Interface Configuration155 Configuring IP Routing Interfaces156 157 Address Resolution ProtocolProxy ARP 158159 Basic ARP Configuration160 Configuring Static ARP AddressesDisplaying Dynamically Learned ARP Entries 161162 Displaying Local ARP Entries 163Web Click IP, ARP, Statistics 164Displaying ARP Statistics IP Statistics Displaying Statistics for IP Protocols165 166 Web Click IP, Statistics, IP CLI See the example on 167Icmp Statistics 168Web Click IP, Statistics, Icmp CLI See the example on 169Web Click IP, Statistics, UDP CLI See the example on 170UDP Statistics TCP Statistics 171Web Click IP, Statistics, TCP CLI See the example on Configuring Static Routes172 173 Displaying the Routing Table228 174175 Configuring the Routing Information Protocol176 Configuring General Protocol Settings177 Global SettingsTimer Settings Specifying Network Interfaces for RIP 178179 Configuring Network Interfaces for RIPLoopback Prevention 180Specifying Receive and Send Protocol Types 181 Protocol Message Authentication182 Displaying RIP Information and Statistics 183RIP Information and Statistics 184Web Click Routing Protocol, RIP, Statistics 185186 Configuring the Open Shortest Path First Protocol187 General Information 188Networks in two or more areas 189An area border router runs a AS Boundary Router190 Default Route Information191 Single route. The backbone or any Configuring Ospf Areas192 193 194 195 271 196197 198 Configuring Ospf InterfacesOspf Interface List Detail Interface Configuration199 200 201 202 203 204 Configuring Virtual Links205 206 Configuring Network Area Addresses207 208 Configuring Summary Addresses for External AS Routes209 Redistributing External Routes 210211 Area ID Identifier for an not-so-stubby area Nssa Configuring Nssa Settings212 Displaying Link State Database Information 213214 215 Displaying Information on Border Routers 216Displaying Information on Neighbor Routers 217218 Multicast Routing219 Configuring Global Settings for Multicast RoutingDisplaying the Multicast Routing Table 220 221 222 Configuring Dvmrp223 Configuring Global Dvmrp Settings224 225 226 Dvmrp Interface Information Configuring Dvmrp Interface Settings227 228 You can display all the neighboring Dvmrp routers 229Displaying Neighbor Information CLI This example displays the only neighboring Dvmrp router 230Displaying the Routing Table 231 Configuring PIM-DM232 Configuring Global PIM-DM Settings233 Configuring PIM-DM Interface Settings234 309 235Displaying Interface Information 236You can display all the neighboring PIM-DM routers 237238 Accessing the CLI Using the Command Line InterfaceTelnet Connection Keywords and Arguments Entering CommandsThis section describes how to enter CLI commands Minimum Abbreviation Command CompletionGetting Help on Commands Showing Commands Using Command History Negating the Effect of CommandsUnderstanding Command Modes Partial Keyword LookupVlan Database Exec CommandsConfiguration Commands Mode Command Prompt Keystroke Function Command Line ProcessingCommand Group Description Command Groups181 Command Function Mode Line CommandsLine Syntax Login local no login LoginLogin local Line ConfigurationUsername 4-33 password PasswordSyntax Password 0 7 password no password No password is specifiedLogin 4-15password-thresh4-18 Exec-timeoutSyntax Exec-timeout seconds no exec-timeout CLI No timeout Telnet 10 minutesTo set the timeout to two minutes, enter this command Password-threshSyntax Password-thresh threshold no password-thresh Default value is three attemptsSyntax Silent-time seconds no silent-time Silent-timeDatabits To specify 7 data bits, enter this commandSyntax Databits 7 8 no databits Seven data bits per character Eight data bits per characterParity To specify no parity, enter this commandSyntax Parity none even odd no parity None No parity Even Even parity Odd Odd paritySpeed To specify 57600 bps, enter this commandSyntax Speed bps no speed 9600 bpsShow line StopbitsSyntax Stopbits 1 Syntax Show line console vtyTo show all lines, enter this command General CommandsSyntax Enable level EnableDisable Enable password LevelPrivileged Exec DisableNone Show history ConfigureReload Use this command to restart the systemExit EndQuit Use this command to exit the configuration programThis example shows how to quit a CLI session Device Designation Commands System Management CommandsHostname User Access CommandsSyntax Hostname name no hostname Name The name of this host. Maximum length 255 charactersUsername Default is level Default password is super Enable passwordSyntax Ip http port port-numberno ip http port Web Server CommandsIp http port Ip http server Default Setting Command ModeSyntax Ip http server no ip http server Default Setting Syntax Logging on no logging on Default Setting Event Logging CommandsLogging on Logging history 4-38 clear loggingLogging history Flash errors level 3 RAM warnings level 7Clear logging Use this command to clear messages from the log bufferSyntax Clear logging flash ram Flash and RAMSyntax Show logging flash ram Show loggingTime Commands Sntp client Syntax Sntp client no sntp client Default SettingDisabled Syntax Sntp server ip1 ip2 ip3 Sntp serverSntp client 4-42 sntp poll 4-44 show sntp Sntp pollSyntax Sntp poll seconds no sntp poll SecondsShow sntp Sntp broadcast clientClock timezone Show startup-config System Status CommandsCommand Usage Show running-config4-49 Show running-configShow startup-config4-47 Show users Use this command to display system informationShow system Show version Copy Flash/File CommandsPrivileged Exec Following example shows how to download a configuration file Filename Name of the configuration file or image name Use this command to delete a file or imageDelete SyntaxDir Use this command to display a list of files in flash memoryFollowing example shows how to display all file information WhichbootDir 4-57 whichboot Boot systemAuthentication Sequence Authentication CommandsAuthentication login LocalRadius Client Username for setting the local user names and passwords10.1.0.1 Radius-server hostHostipaddress IP address of server Radius-server key Radius-server portSyntax Radius-server port portnumber no radius-server port 1812Radius-server retransmit Show radius-server Radius-server timeout802.1x Port Authentication Dot1x default Authentication dot1x defaultDot1x max-req Default Command ModeDot1x port-control Syntax Dot1x max-req count no dot1x max-reqDot1x re-authentication Dot1x re-authenticateSeconds The number of seconds. Range Dot1x timeout quiet-periodDot1x timeout re-authperiod Dot1x timeout tx-period Show dot1x Reauthentication State Machine Authenticator State MachineState- Current state including initialize, reauthenticate Backend State MachineAccess Control List Commands Access Control List Commands IP ACLs Access-list ipPermit, deny Ip access-group4-81 show ip access-list4-83 Standard ACL Permit, deny Standard ACLPermit, deny Extended ACL Extended ACL Syntax Ip access-group aclname in no ip access-group aclname Ip access-groupInterface Configuration Ethernet Show ip access-groupShow ip access-list4-83 Use this command to show the ports assigned to IP ACLsPermit, deny 4-78,4-79 ip access-group4-81 Show ip access-listSyntax Show ip access-list standard extended aclname MAC ACLs Access-list macSyntax Access-list mac aclname no access-list mac aclname No permit deny packet-format any host source source bitmask Permit, deny MAC ACLMAC ACL Show mac access-group Mac access-groupSyntax Mac access-group aclname Show mac access-list4-88Mac access-group4-87 Show mac access-listSyntax Show mac access-list aclname Permit, deny Mac access-group4-87ACL Information Show access-listShow access-group Snmp-server community Snmp CommandsSyntax Snmp-server contact string no snmp-server contact Snmp-server contactSyntax Snmp-server location text no snmp-server location Snmp-server locationSnmp-server host Issue authentication and link-up-down traps Snmp-server enable trapsShow snmp Use this command to check the status of Snmp communicationsExample Ip dhcp client-identifier Dhcp CommandsDhcp Client Ip dhcp restart client Interface Configuration VlanUse this command to submit a Bootp or Dhcp client request Syntax Ip dhcp relay no ip dhcp relay Dhcp RelayIp dhcp restart relay 100 Usage Guidelines Ip dhcp relay serverAddress IP address of Dhcp server. Range 1-3 addresses Dhcp Server Syntax Service dhcp no service dhcp Default Setting Service dhcpSyntax Ip dhcp pool name no ip dhcp pool name Ip dhcp excluded-addressIp dhcp pool Network Dhcp Pool ConfigurationNetwork 4-105 host Network network-number mask no networkDefault-routeraddress1 address2 no default-router Default-routerSyntax Domain-name domain no domain-name Domain-nameDns-serveraddress1 address2 no dns-server Dns-serverSyntax Bootfile filename no bootfile BootfileNext-server Syntax Next-server address no next-server addressNext-server4-109 Netbios-name-serverSyntax Netbios-node-type type no netbios-node-type Netbios-node-typeMixed Peer-to-peer Default Setting BroadcastLease Command ModesLease days hoursminutes infinite no lease One dayHost address mask no host HostClient-identifier4-114hardware-address4-115 Client-identifierIf no type is specified, the default protocol is Ethernet Ethernet Ieee802 Fddi Default SettingHardware-address Hardware-addresshardware-address type no hardware-addressSyntax Clear ip dhcp binding address Clear ip dhcp bindingSyntax Show ip dhcp binding address Show ip dhcp bindingInterface Commands Description InterfacePort-channel channel-idRange Syntax Description string no descriptionFollowing example adds a description to port Interface Configuration Ethernet, Port ChannelSpeed-duplex Negotiation 4-121 capabilities Syntax Negotiation no negotiation Default SettingNegotiation Capabilities 4-122speed-duplex4-120 Following example configures port 11 to use autonegotiationCapabilities Negotiation 4-121speed-duplex4-120 flowcontrol Flowcontrol Syntax Flowcontrol no flowcontrol Default SettingFlow control enabled Shutdown Syntax Shutdown no shutdown Default SettingSwitchport broadcast packet-rate Port-channel channel-idRange Default Setting Use this command to clear statistics on an interfaceClear counters Syntax Clear counters interfaceShow interfaces status Use this command to display the status for an interfaceSyntax Show interfaces status interface Shows the status for all interfacesShow interfaces counters Use this command to display interface statisticsSyntax Show interfaces counters interface Shows the counters for all interfaces130 Syntax Show interfaces switchport interface Show interfaces switchportThis example shows the configuration setting for port Shows all interfacesField Description Interface Configuration Ethernet, destination port Mirror Port CommandsPort monitor Interface ethernet unit/port source portUnit Switch unit Port Port number Use this command to display mirror informationShow port monitor Syntax Show port monitor interfaceFollowing shows mirroring configured from port 6 to port Rate Limit CommandsRate-limit Guidelines for Creating Trunks Link Aggregation CommandsSyntax Channel-group channel-idno channel-group Channel-groupChannel-id- Trunk index Range Current port will be added to this trunkLacp Syntax Lacp no lacp Default Setting140 Mac-address-table static Address Table CommandsMac-address- MAC address Vlan-id- Vlan ID RangeAction Clear mac-address-table dynamicMac-address- MAC address Mask Bits to match in the address Show mac-address-tableSeconds Time in number of seconds Mac-address-table aging-timeShow mac-address-table aging-time Spanning Tree Commands Spanning-tree Syntax Spanning-tree no spanning-tree Default SettingSpanning tree is enabled Rstp Spanning-tree modeSyntax Spanning-tree mode stp rstp no spanning-tree mode Spanning-tree forward-time Spanning-tree max-age Spanning-tree hello-time32768 Spanning-tree priorityLong method Spanning-tree pathcost methodCount The transmission limit in seconds. Range This command limits the maximum transmission rate for BPDUsSpanning-tree transmission-limit Syntax Spanning-tree cost cost no spanning-tree cost Spanning-tree costPriority The priority for a port. Range 0-240, in steps Spanning-tree port-prioritySpanning-tree edge-port Spanning-tree portfast Auto Spanning-tree link-typeSpanning-treeedge-port4-156 Syntax Spanning-tree protocol-migration interface Port-channel channel-idRange Command ModeSpanning-tree protocol-migration Syntax Show spanning-tree interface Use this command to show the spanning tree configurationShow spanning-tree 161 Vlan database Vlan CommandsEditing Vlan Groups Vlan Vlan Database Configuration Configuring Vlan InterfacesBy default only Vlan 1 exists and is active Syntax Interface vlan vlan-id Interface vlanSyntax Switchport mode trunk hybrid no switchport mode Switchport modeAll ports are in hybrid mode with the Pvid set to Vlan Switchport acceptable-frame-types4-167All frame types Switchport acceptable-frame-typesSwitchport mode Switchport ingress-filtering Switchport native vlan Switchport allowed vlan No VLANs are included in the forbidden list Switchport forbidden vlanDisplaying Vlan Information Use this command to show Vlan informationShow vlan Syntax Show vlan id vlan-idname vlan-namePvlan Following example shows how to display information for VlanPvlan up-linkinterface-list down-linkinterface-listno pvlan No private VLANs are definedShow pvlan Use this command to display the configured private VlanBridge-ext gvrp Gvrp and Bridge Extension CommandsSyntax Bridge-ext gvrp no bridge-ext gvrp Default Setting Show bridge-ext Syntax Switchport gvrp no switchport gvrp Default Setting Switchport gvrpGarp timer Show gvrp configurationUse this command to show if Gvrp is enabled Syntax Show gvrp configuration interface179 Shows all Garp timers Show garp timerSyntax Show garp timer interface Priority Commands Layer Priority CommandsSwitchport priority default Queue bandwidth Queue bandwidth weight1...weight4 no queue bandwidthQueue cos-mapqueueid cos1 ... cosn no queue cos-map Queue cos-mapShow queue cos-map4-186 Show queue bandwidthSyntax Show queue cos-map interface Use this command to show the class of service priority mapShow queue cos-map Syntax Map ip port no map ip port Default Setting Priority Commands Layer 3Map ip port Global Configuration Following example shows how to map Http traffic to CoS value Map ip port Interface ConfigurationMap ip precedence Interface Configuration Map ip precedence Global ConfigurationList below shows the default priority mapping Map ip dscp Interface Configuration Map ip dscp Global ConfigurationSyntax Map ip dscp no map ip dscp Default Setting Map ip dscp dscp-value cos cos-value no map ip dscp192 Syntax Show map ip port interface Use this command to show the IP port priority mapShow map ip port Syntax Show map ip precedence interface Use this command to show the IP precedence priority mapShow map ip precedence Syntax Show map ip dscp interface Use this command to show the IP Dscp priority mapShow map ip dscp Igmp Snooping Commands Multicast Filtering CommandsFollowing example enables Igmp snooping Syntax Ip igmp snooping no ip igmp snooping Default SettingIp igmp snooping Ip igmp snooping vlan staticIgmp Version Ip igmp snooping versionUse this command to show the Igmp snooping configuration Following configures the switch to use Igmp VersionFollowing shows the current Igmp snooping configuration Show ip igmp snoopingShow mac-address-table multicast Use this command to show known multicast addressesIp igmp snooping querier Igmp Query Commands LayerIp igmp snooping query-count Following shows how to configure the query count toTimes Ip igmp snooping query-max-response-time4-203Ip igmp snooping query-max-response-time Seconds The report delay advertised in Igmp queries. RangeIp igmp snooping query-interval Ip igmp snooping router-port-expire-time Switch must use IGMPv2 for this command to take effect Igmp Commands LayerIp igmp snooping 4-197 show ip igmp snooping Syntax Ip igmp no ip igmp Default SettingIp igmp Ip igmp query-interval Ip igmp robustvalSyntax Ip igmp robustval robust-valueno ip igmp robustval Robust-value- The robustness of this interface. RangeIp igmp max-resp-interval Ip igmp version Ip igmp query-interval4-207 Seconds The report delay for the last member query. RangeIp igmp last-memb-query-interval Syntax Ip igmp version 1 2 no ip igmp version Ip igmp versionSecond Syntax Show ip igmp interface vlan vlan-id Show ip igmp interfaceDeletes all entries in the cache if no options are selected Use this command to delete entries from the Igmp cacheClear ip igmp group Displays information for all known groups Show ip igmp groupsFollowing shows the Igmp groups currently active on Vlan Basic IP Configuration IP Interface CommandsIP address Netmask Ip addressFollowing example, the device is assigned an address in Vlan Syntax Ip default-gateway gateway no ip default-gateway Ip default-gatewayIp default-gateway4-218 Use this command to display the settings of an IP interfaceShow ip interface Show ip redirectsSyntax Ping host count countsize size This command has no default for the hostPing Interface Address Resolution Protocol ARPArp No default entriesArp ip-address hardware-address no arp ip-address Clear arp-cache show arpSyntax Arp-timeout seconds no arp-timeout Arp-timeoutClear arp-cache Seconds 20 minutesShow arp Syntax Ip proxy-arp no ip proxy-arp Default SettingIp proxy-arp This example displays all entries in the ARP cacheIP Routing Commands Ip routing Global Routing ConfigurationSyntax Ip routing no ip routing Default Setting Ip route No static routes are configuredClear ip route Syntax Show ip route config address netmaskShow ip route Syntax Clear ip route network netmaskShow ip traffic 230 Syntax Router rip no router rip Routing Information Protocol RIPRouter rip Router Configuration Timers basicTimers basic update-seconds no timers basic Network subnet-address no network subnet-address No networks are specified NeighborRouter rip Syntax Neighbor ip-addressno neighbor ip-addressRIP Version VersionSyntax Version 1 2 no version Ip rip receive version 4-236 ip rip send version Ip rip receive versionVersion Ip rip send version238 239 Ip split-horizonSyntax Ip split-horizon poison-reverseno ip split-horizon Split-horizonNo authentication Ip rip authentication keyIp rip authentication mode 240Text Indicates that a simple password will be used Ip rip authentication modeThis example sets the authentication mode to plain text Ip rip authentication keyShow rip globals Syntax Show ip rip configuration status peerShow ip rip 242243 Show ip rip configuration244 Open Shortest Path First OspfDisplay Information 245Router ospf Syntax Router ospf no router ospf Command Mode246 Network areaRouter-idip-address no router-id Router-id247 Compatible rfc1583 Default-information originate248 RFC 1583 compatibleIp route 4-227 redistribute 249250 Timers spfTimers spf spf-holdtime no timers spf 251 Area rangeDefault Setting Command Usage Area default-cost252 Area stubArea range Summary-address253 Type-value Redistribute254 255 Default-information originateNetwork area 256 Area stub No stub is configured257 Syntax Area area-idstub summary no area area-idstub summaryNo Nssa is configured Area default-cost4-252Area nssa 258259 260 Area virtual-link261 Show ip ospf virtual-links4-284 262Area-id None Router-id None 263 Ip ospf authentication264 Ip ospf authentication-key265 MD5 authentication is disabledIp ospf message-digest-key Syntax Ip ospf cost cost no ip ospf cost Ip ospf cost266 Ip ospf hello-interval4-268 Ip ospf dead-interval267 Ip ospf priority Ip ospf hello-interval268 Syntax Ip ospf priority priority no ip ospf priority269 Ip ospf retransmit-interval270 Ip ospf transmit-delay271 Show ip ospf272 Show ip ospf border-routers273 Show ip ospf database274 Following shows output for the show ip ospf database command275 Following shows output when using the asbr-summarykeyword276 Following shows output when using the external keyword277 278 Following shows output when using the network keyword279 Following shows output when using the router keyword280 Following shows output when using the summary keyword281 Show ip ospf interface282 Syntax Show ip ospf neighbor Command ModeShow ip ospf neighbor Syntax Show ip ospf summary-address Command Mode Use this command to display all summary address informationShow ip ospf summary-address 283Show ip ospf virtual-links Syntax Show ip ospf virtual-links Command Mode284 Summary-address4-253285 Multicast Routing CommandsStatic Multicast Routing Commands 286 No static multicast router ports are configuredIp igmp snooping vlan mrouter Displays multicast router ports for all configured VLANs General Multicast Routing CommandsShow ip igmp snooping mrouter 287Ip multicast-routing Use this command to display the IP multicast routing tableShow ip mroute 288289 290 Dvmrp Multicast Routing Commands291 Syntax Router dvmrp no router dvmrp Command ModeRouter dvmrp 292 Probe-intervalIp dvmrp Show router dvmrp Syntax Probe-interval secondsSyntax Nbr-timeout seconds Nbr-timeoutReport-interval 293Syntax Flash-update-interval seconds Flash-update-intervalPrune-lifetime 294Syntax Default-gateway ip-addressno default-gateway Default-gatewayIp-address- IP address of the default Dvmrp gateway 295296 Syntax Ip dvmrp no ip dvmrp Default SettingIp dvmrp Ip dvmrp metric interface-metric no ip dvmrp metric Ip dvmrp metric297 298 Clear ip dvmrp routeShow router dvmrp Show ip dvmrp route Default settings are shown in the following example299 Dmvrp routes are shown in the following example300 Show ip dvmrp neighbor301 PIM-DM Multicast Routing CommandsShow ip dvmrp interface 302 Syntax Router pim no router pim Default SettingRouter pim 303 Syntax Ip pim dense-mode no pim dense-mode Default SettingIp pim dense-mode 304 Ip pim hello-intervalSyntax Ip pim hello-interval seconds no pim hello-interval Seconds Interval between sending PIM hello messages. RangeIp pim trigger-hello-interval Ip pim hello-holdtime305 Seconds The hold time for PIM hello messages. RangeSeconds The hold time for the prune state. Range Ip pim join-prune-holdtime306 Seconds The time before resending a Graft. Range Ip pim graft-retry-interval307 308 Ip pim max-graft-retriesShow router pim Show ip pim neighbor Show ip pim interface309 Syntax Show ip pim interface vlan-id310 Appendix a Troubleshooting Troubleshooting Appendix B Upgrading Firmware VIA Serial Port Upgrading Firmware VIA the Serial Port Page Upgrading Firmware VIA the Serial Port Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 XModem Glossary-8Index-1 IndexIndex-2 Index-3 Snmp Snmp Index-4Index-5 Index-6 Page Internet