Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks SMC6824M manual Syntax No mask pktformat, MAC Mask

Models: SMC6824M

1 608

Download 608 pages 58 Kb

Page 436

ACCESS CONTROL LIST COMMANDS

mask (MAC ACL)

This command defines a mask for MAC ACLs. This mask defines the fields to check in the packet header. Use the no form to remove a mask.

Syntax

[no] mask [pktformat]

{any host source-bitmask} {any host destination-bitmask} [vid [vid-bitmask]] [ethertype [ethertype-bitmask]]

•pktformat – Check the packet format field. (If this keyword must be used in the mask, the packet format must be specified in ACL rule to match.)

•any – Any address will be matched.

•host – The address must be for a single node.

•source-bitmask– Source address of rule must match this bitmask.

•destination-bitmask – Destination address of rule must match this bitmask.

•vid – Check the VLAN ID field.

•vid-bitmask– VLAN ID of rule must match this bitmask.

•ethertype – Check the Ethernet type field.

•ethertype-bitmask– Ethernet type of rule must match this bitmask.

Default Setting

None

Command Mode

MAC Mask

Command Usage

•Up to seven masks can be assigned to an ingress or egress ACL.

•Packets crossing a port are checked against all the rules in the ACL until a match is found. The order in which these packets are checked is determined by the mask, and not the order in which the ACL rules were entered.

•First create the required ACLs and inbound or outbound masks before mapping an ACL to an interface.

4-144

Image 436

SMC Networks SMC6824M manual Syntax No mask pktformat, MAC Mask

Contents

TigerStack III 10/100 Page TigerStack III 10/100 Management Guide Trademarks Limited Warranty Limited Warranty Table of Contents Table of Contents Table of Contents Table of Contents Command Line Interface ViiViii Table of Contents Table of Contents Table of Contents Xii Xiii Xiv Table of Contents Xvi Glossary Index XviiXviii Tables XixTables Xxi Xxii Figures XxiiiXxiv 37 802.1X Global InformationXxv Xxvi Key Features Key FeaturesFeature Description Description of Software Features LacpDescription of Software Features Introduction Description of Software Features Introduction System Defaults System DefaultsFunction Parameter Default Https Pvid Dhcp Connecting to the Switch Configuration OptionsInitial Configuration Required Connections Remote Connections Stack Operations Recovering from Stack Failure or Topology ChangeSelecting the Stack Master Resilient IP Interface for Management Access Basic ConfigurationConsole Connection Setting Passwords Setting an IP AddressManual Configuration Dynamic Configuration Enabling Snmp Management Access Clients, we recommend that you delete both of the default Community Strings for Snmp version 1 and 2c clientsConfiguring Access for Snmp Version 3 Clients Trap ReceiversSaving Configuration Settings Managing System Files Configuring Power over Ethernet Initial Configuration Configuring the Switch Using the Web InterfaceConfiguring the Switch Navigating the Web Browser Interface HomeButton Web Page Configuration ButtonsAction Front Panel Indicators Panel DisplayMain Menu Switch Main MenuMenu Description Sntp ACL Vlan Mstp 206 Vlan ID Displaying System Information Field AttributesSystem Information Displaying Switch Hardware/Software Versions CLI Specify the hostname, location and contact informationManagement Software Web Click System, Switch Information General Switch InformationDisplaying Bridge Extension Capabilities Field AttributesCLI Enter the following command Setting the IP AddressWeb Click System, Bridge Extension Command Attributes Manual Configuration IP Interface Configuration ManualUsing DHCP/BOOTP IP Interface Configuration DhcpCommand Attributes Managing FirmwareDownloading System Software from a Server Copy FirmwareSetting the Startup Code Saving or Restoring Configuration Settings Command UsageBasic Configuration Downloading Configuration Settings from a Server 11 Downloading Configuration Settings for Start-Up12 Setting the Startup Configuration Settings Console Port Settings Command AttributesCLI only 13 Console Port Settings Telnet Settings Command Attributes14 Configuring the Telnet Interface Configuring Event Logging System Log ConfigurationCommand Attributes Logging LevelsRemote Log Configuration 15 System Logs16 Remote Logs Displaying Log Messages 17 Displaying LogsSending Simple Mail Transfer Protocol Alerts CLI This example shows the event message stored in RAM18 Enabling and Configuring Smtp Alerts Resetting the System 19 Resetting the SwitchConfiguring Sntp Setting the System ClockCLI Use the reload command to reboot the system Setting the Time Zone 20 Sntp Configuration21 Setting the Time Zone Simple Network Management ProtocolConfiguring the Switch SNMPv3 Security Models and Levels Model Level Group Read Write Notify Security ViewCLI The following example enables Snmp on the switch Setting Community Access StringsEnabling the Snmp Agent 23 Configuring Snmp Community Strings Command Usage Specifying Trap Managers and Trap TypesCommand Attributes 24 Configuring Snmp Trap Managers Configuring SNMPv3 Management Access Setting the Local Engine IDSpecifying a Remote Engine ID CLI This example sets an SNMPv3 engine IDConfiguring SNMPv3 Users CLI This example specifies a remote SNMPv3 engine IDConfiguring the Switch 27 Configuring SNMPv3 Users Configuring Remote SNMPv3 Users 169Command Attributes 28 Configuring Remote SNMPv3 Users Configuring SNMPv3 Groups Supported Notification Messages Object Label Object ID DescriptionObject Label Object ID Description Rmon Events SwIpFilterRejectTrap 29 Configuring SNMPv3 Groups Setting SNMPv3 Views 16530 Configuring SNMPv3 Views User Authentication 163Configuring User Accounts Command Attributes31 Configuring User Accounts That use software running Configuring Local/Remote Logon AuthenticationOn a central server to Command Attributes Radius SettingsTacacs Settings 32 Authentication Server SettingsConfiguring Https 104Https Support Web Browser Operating SystemReplacing the Default Secure-site Certificate 33 Https SettingsConfiguring the Secure Shell Command Usage Configuring the Switch Generating the Host Key Pair Field Attributes34 SSH Host-Key Settings Configuring the SSH Server SSH server includes basic settings for authentication35 SSH Server Settings Configuring Port Security Command UsageCommand Attributes 36 Enabling Port Security Configuring 802.1X Port Authentication Displaying 802.1X Global Settings 802.1X protocol provides client authentication802.1X System Authentication Control The global setting for Web Click Security, 802.1X, InformationCLI This example shows the default global setting for Configuring 802.1X Global SettingsCLI This example enables 802.1X globally for the switch Configuring Port Settings for 39 802.1X Port Configuration AuthorizedUser Authentication 802.1X Statistics Displaying 802.1X StatisticsParameter Description 40 Displaying 802.1X Statistics CLI This example displays the 802.1X statistics for portFiltering IP Addresses for Management Access Command Usage41 Entering IP Addresses to be Filtered Access Control Lists Configuring Access Control ListsSetting the ACL Name and Type Command Attributes100 Configuring a Standard IP ACL Command AttributesCLI This example creates a standard IP ACL named bill Configuring an Extended IP ACL Command Attributes 101102 44 Configuring Extended IP ACLs 103Configuring a MAC ACL Command Attributes 104Command Usage 10545 Configuring MAC ACLs 106107 Configuring ACL MasksSpecifying the Mask Type 108 Configuring an IP ACL MaskThis mask defines the fields to check in the IP header 47 Configuring an IP based ACL 109110 Configuring a MAC ACL MaskThis mask defines the fields to check in the packet header 48 Configuring an ACL MAC Mask 111Binding a Port to an Access Control List 112113 49 Mapping ACLs to Port Ingress/Egress QueuesPort Configuration Command Attributes WebDisplaying Connection Status 114Field Attributes CLI 115Web Click Port, Port Information or Trunk Information 116 Current status117 Configuring Interface ConnectionsCLI This example shows the connection status for Port 118 51 Configuring Port Attributes 119Creating Trunk Groups 120Statically Configuring a Trunk Command Usage 12152 Static Trunk Configuration 122Enabling Lacp on Selected Ports Command Usage 12353 Lacp Port Configuration 124125 126 54 Lacp Aggregation Port Configuration 127128 129 Displaying Lacp Port CountersYou can display statistics for Lacp protocol messages Lacp Port CountersLacp Internal Configuration Information Displaying Lacp Settings and Status for the Local Side130 131 132 56 Displaying Lacp Port Information10 Lacp Neighbor Configuration Information Displaying Lacp Settings and Status for the Remote Side133 134 57 Displaying Remote Lacp Port InformationSetting Broadcast Storm Thresholds 135Configuring Port Mirroring 13659 Configuring a Mirror Port 137Command Attribute Configuring Rate Limits138 Showing Port Statistics 139140 11 Port Statistics141 142 Rmon Statistics143 144 61 Port Statistics145 Power Over Ethernet SettingsCLI This example shows statistics for port Displays the Power over Ethernet parameters for the switch Switch Power Status146 Web Click PoE, Power Status Setting a Switch Power Budget147 Displaying Port Power Status 148Web Click PoE, Power Port Status Configuring Port PoE Power149 65 Configuring Port PoE Power 150Setting Static Addresses Address Table Settings151 Displaying the Address Table 152153 67 Displaying the MAC Dynamic Address TableSpanning Tree Algorithm Configuration Changing the Aging Time154 CLI This example sets the aging time to 300 seconds155 Displaying Global Settings 156157 158 159 Web Click Spanning Tree, STA InformationGlobal settings apply to the entire switch Configuring Global Settings160 Basic Configuration of Global Settings 161Root Device Configuration 162Configuration Settings for Rstp 16370 Configuring the Spanning Tree Algorithm 164Displaying Interface Settings 165166 167 AD B168 71 STA Port InformationConfiguring Interface Settings 169170 72 Configuring Spanning Tree Algorithm per Port 171172 Configuring Multiple Spanning TreesCLI This example sets STA attributes for port 73 Mstp Vlan Configuration 173174 Displaying Interface Settings for Mstp 175176 Configuring Interface Settings for Mstp 177178 CLI This example sets the Mstp attributes for portIeee 802.1Q VLANs Vlan Configuration179 180 Assigning Ports to VLANs181 182 Forwarding Tagged/Untagged FramesCLI This example enables Gvrp for the switch Enabling or Disabling Gvrp Global Setting183 Displaying Basic Vlan Information 184Web Click VLAN, 802.1Q VLAN, Basic Information 185 Displaying Current VLANs186 Command Attributes CLICreating VLANs 187 79 Vlan Static List Creating VLANsAdding Static Members to VLANs Vlan Index 188CLI This example creates a new Vlan Command Attributes 189190 Adding Static Members to VLANs Port IndexConfiguring Vlan Behavior for Interfaces 191192 193 Private VLANs 194195 Vlan ID ID of configured VlanDisplaying Current Private VLANs 196 83 Displaying Private Vlan Port InformationConfiguring Private VLANs 197Associating Community VLANs 198Each community Vlan must be associated with a primary Vlan 199 Displaying Private Vlan Interface InformationConfiguring Private Vlan Interfaces 20087 Configuring Private Vlan Ports 201Class of Service Configuration Layer 2 Queue SettingsSetting the Default Priority for Interfaces 202CLI This example assigns a default priority of 5 to port 203204 Mapping CoS Values to Egress Queues12 Mapping CoS Values to Egress Queues 13 CoS Priority Levels89 Configuring Traffic Classes 205Selecting the Queue Mode 206Setting the Service Weight for Traffic Classes 207Layer 3/4 Priority Settings 208Mapping Layer 3/4 Priorities to CoS Values Selecting IP Precedence/DSCP PriorityMapping IP Precedence 20914 Mapping IP Precedence 93 Mapping IP Precedence to Class of Service Values 210211 Mapping Dscp Priority15 Mapping Dscp Priority IP Dscp Value CoS Value94 Mapping IP Dscp Priority to Class of Service Values 212213 Mapping IP Port Priority214 95 Globally Enabling the IP Port Priority StatusCopy Settings 215CLI This feature not supported through the CLI 216Mapping CoS Values to ACLs 16 CoS to ACL Mapping217 98 Mapping CoS Values to ACLs218 Changing Priorities Based on ACL Rules219 99 Changing Priorities Based on ACL RulesIgmp Protocol Multicast Filtering220 Layer 2 Igmp Snooping and Query 221Configuring Igmp Snooping and Query Parameters 222100 Configuring Internet Group Management Protocol 223224 Displaying Interfaces Attached to a Multicast Router225 Specifying Interfaces Attached to a Multicast RouterDisplaying Port Members of Multicast Services 226103 Displaying Port Members of Multicast Services 227Assigning Ports to Multicast Services 228Configuring General DNS Server Parameters Configuring Domain Name Service229 230 105 Configuring DNS 231Configuring Static DNS Host to Address Entries 232233 106 Mapping IP Addresses to a Host NameDisplaying the DNS Cache 234235 Web Select DNS, Cache236 Accessing the CLI Using the Command Line InterfaceConsole Connection Telnet Connection This section describes how to enter CLI commands Entering CommandsKeywords and Arguments Command Completion Getting Help on CommandsShowing Commands Minimum AbbreviationCommand Line Interface Negating the Effect of Commands Using Command HistoryUnderstanding Command Modes Partial Keyword LookupCommand Modes Exec CommandsClass Mode Configuration Commands Configuration Command Modes Mode Command PromptKeystroke Commands Command Line ProcessingKeystroke Function Command Group Index Command GroupsCommand Group Description Configures DNS services 286 Line Commands Line CommandsCommand Function Mode Password-thresh commandLine Login Syntax Login local no loginLogin local Line ConfigurationPassword Username 4-34passwordSyntax Password 0 7 password no password No password is specifiedTimeout login response Login 4-15password-threshCLI Disabled 0 seconds Telnet 300 seconds To set the timeout to two minutes, enter this commandSyntax Exec-timeout seconds no exec-timeout Exec-timeoutCLI and Telnet 600 seconds 10 minutes Syntax Password-thresh threshold no password-thresh Password-threshDefault value is three attempts Silent-time DatabitsSyntax Silent-time seconds no silent-time Syntax Databits 7 8 no databitsParity Syntax Parity none even odd no parityTo specify no parity, enter this command To specify 57600 bps, enter this commandSpeed Syntax Speed bps no speedStopbits DisconnectStopbits 1 Syntax disconnect session-idShow line Syntax Show line console vtyGeneral Commands EnableGeneral Commands Syntax enable levelDisable Enable password DisableNone Configure Show historyThis command resets the entire system This command restarts the systemReload This example shows how to reset the switch This command returns to Privileged Exec modeEnd ExitThis example shows how to quit a CLI session Use this command to exit the configuration programQuit System Management Commands System Management CommandsCommand Group Function Device Designation Commands Device Designation CommandsPrompt Syntax Prompt string no promptHostname Light unitSyntax Hostname name no hostname Syntax Light unit unitUser Access Commands User Access CommandsUsername 10 Default Login Settings Username Access-level PasswordEnable password Default is level is level Default password is superIP Filter Commands Enable 4-25authentication enable11 IP Filter Commands ManagementShow management Web Server Commands 12 Web Server CommandsDefault Setting Command Mode Syntax No ip http server Default SettingIp http port Ip http serverSyntax No ip http secure-server Default Setting Ip http secure-serverIp http secure-port 13 Https System SupportIp http secure-port4-42 Copy tftp https-certificate Portnumber The UDP port used for HTTPS. RangeTelnet Server Commands 14 Telnet Server CommandsIp telnet server Ip http secure-server4-41Secure Shell Commands Server Enabled Server Port15 Secure Shell Commands Command Function ModeSystem Management Commands Disabled Syntax No ip ssh server Default SettingIp ssh server Ip ssh timeout Syntax Ip ssh timeout seconds no ip ssh timeoutIp ssh crypto host-key generate 4-51 show ssh SecondsIp ssh authentication-retries Exec-timeout4-18 show ip sshDelete public-key Ip ssh server-key sizeSyntax Delete public-key username dsa rsa Ip ssh crypto host-key generate Syntax Ip ssh crypto host-key generate dsa rsaDsa DSA Version 2 key type Rsa RSA Version 1 key type Generates both the DSA and RSA key pairsIp ssh crypto zeroize Ip ssh save host-keySyntax Ip ssh crypto zeroize dsa rsa Syntax Ip ssh save host-key dsa rsaThis command displays the current SSH server connections Show ip sshShow ssh Saves both the DSA and RSA key16 show ssh display description TerminologyShow public-key Syntax Show public-key user username hostUsername Name of an SSH user. Range 1-8 characters Shows all public keysEvent Logging Commands 17 Event Logging CommandsSyntax No logging on Default Setting Logging onLogging history Logging history 4-57clear logging18 Logging Levels Flash errors level 3 RAM informational level 6Level Severity Name Description Logging host Logging facilitySyntax No logging host hostipaddress Hostipaddress The IP address of a syslog serverLogging trap Disabled Level 7Syntax Logging trap level no logging trap Clear log Show loggingSyntax Clear log flash ram Syntax Show logging flash ram sendmail trapFollowing example displays settings for the trap function 19 show logging flash/ram display description20 show logging trap display description Show logSyntax Show log flash ram Smtp Alert Commands 21 Smtp CommandsLogging sendmail host Following example shows the event message stored in RAMLogging sendmail level Syntax Logging sendmail level levelLogging sendmail source-email Syntax Logging sendmail source-email email-addressSyntax No logging sendmail Default Setting Logging sendmail destination-emailLogging sendmail Syntax No logging sendmail destination-email email-address22 Time Commands Time CommandsShow logging sendmail Syntax No sntp client Default Setting Sntp clientSntp server 4-70 sntp poll 4-71 show sntp Sntp serverSyntax Sntp server ip1 ip2 ip3 Sntp client 4-69 sntp poll 4-71 show sntp Sntp pollSyntax Sntp poll seconds no sntp poll Show sntp Sntp clientClock timezone NoneThis command displays the system clock Calendar setShow calendar SyntaxShow startup-config System Status Commands23 System Status Commands Example Show running-config Related CommandsShow startup-config This command displays system information Show systemShow users Show versionFlash/File Commands 24 Flash/File CommandsCopy Privileged ExecCommand Usage Following example shows how to download a configuration file Command Line Interface Delete This command deletes a file or imageDir Delete public-key This command displays a list of files in flash memory Syntax Dir unit boot-rom config opcode filenameDir 25 File Directory InformationWhichboot Following example shows how to display all file informationSyntax Boot system unit boot-romconfig opcode filename Boot systemDir 4-87whichboot 26 PoE Commands Power over Ethernet CommandsCommand Group Function Mode Power mainpower maximum allocation Power inline compatibleSyntax Power mainpower maximum allocation watts unit unit Syntax No power inline compatibleCompatible Mode Enabled Power inline maximum allocation Power inlineSyntax No power inline Default Setting Power inline priority LowShow power inline status Syntax Show power inline status interfaceEthernet Unit Stack unit. Range Port Port number. RangeShow power mainpower 27 show power inline status parameters28 show power mainpower parameters Mainpower maximum allocation onAuthentication Commands Authentication Sequence29 Authentication Commands 30 Authentication Sequence CommandAuthentication login LocalAuthentication enable Username for setting the local user names and passwords31 Radius Client Commands Radius ClientDefault Setting Auth-port Timeout 5 secondsRetransmit Command Mode Radius-server hostRadius-server port Radius-server keySyntax Radius-server port portnumber no radius-server port 1812Radius-server timeout Radius-server retransmitShow radius-server Privileged Exec32 TACACS+ Client Commands TACACS+ ClientTacacs-server host Hostipaddress IP address of a TACACS+ serverTacacs-server port Tacacs-server keySyntax Tacacs-server port portnumber no tacacs-server port Syntax Tacacs-server key keystring no tacacs-server keyPort Security Commands Show tacacs-server33 Port Security Commands Status Disabled Action None Maximum AddressesInterface Configuration Ethernet Port security109 802.1X Port Authentication 34 802.1X Port Authentication CommandsDot1x default Syntax No dot1x system-auth-control Default SettingDot1x system-auth-control Dot1x max-reqDefault Command Mode DefaultDot1x port-control Force-authorizedDot1x operation-mode Single-hostDot1x re-authenticate Dot1x re-authenticationSyntax Dot1x re-authenticate interface Syntax No dot1x re-authentication Command ModeDot1x timeout re-authperiod Dot1x timeout quiet-periodSeconds The number of seconds. Range Dot1x timeout tx-period Show dot1xSyntax Show dot1x statistics interface interface Statistics Displays dot1x status for each port Interface117 Authenticator State Machine State- Current state including initialize, reauthenticateAccess Control List Commands Access Control ListsAccess Control List Commands 35 Access Control List Commands Masks for Access Control ListsCommand Groups Function 36 IP ACL Commands IP ACLsAccess-list ip Syntax No access-list ip standard extended aclnameAccess-list ip extended fragment-auto-mask Permit, deny Standard ACLPermit, deny Extended ACL Standard ACLNo permit deny tcp Extended ACL127 Show ip access-list This command displays the rules for configured IP ACLsSyntax Show ip access-list standard extended aclname Permit, deny Ip access-group4-134Syntax No access-list ip mask-precedence in out Access-list ip mask-precedenceMask IP ACL 4-130 ip access-group4-134 Syntax No mask protocol IP Mask131 132 Show access-list ip mask-precedence Syntax Show access-list ip mask-precedence in outIp access-group Syntax No ip access-group aclname in outShow ip access-group Map access-list ipShow ip access-list4-128 This command shows the ports assigned to IP ACLsShow map access-list ip Queue cos-map4-257 Show map access-list ipSyntax Show map access-list ip interface 37 Egress Queue Priority MappingMatch access-list ip Map access-list ipMatch access-list ip 38 MAC ACL CommandsShow marking MAC ACLsAccess-list mac Syntax No access-list mac aclnamePermit, deny MAC ACL Syntax No permit denyMAC ACL Show mac access-list This command displays the rules for configured MAC ACLsSyntax Show mac access-list aclname Permit, deny Mac access-group4-146Access-list mac mask-precedence Mask MAC ACL 4-144 mac access-group4-146Syntax No mask pktformat MAC Mask145 This example creates an Egress MAC ACLShow access-list mac mask-precedence Mac access-groupSyntax Show access-list mac mask-precedence in out Syntax Mac access-group aclname in outShow mac access-group Map access-list macShow mac access-list4-142 This command shows the ports assigned to MAC ACLsShow map access-list mac Queue cos-map4-257 Show map access-list macSyntax Show map access-list mac interface 39 Mapping CoS Values to MAC ACL RulesMatch access-list mac Map access-list macACL Information Show access-list40 ACL Information Snmp Commands Show access-groupThis command shows the port assignments of ACLs 41 Snmp CommandsSyntax No snmp-server Default Setting Snmp-serverShow snmp NoneSnmp-server contact Snmp-server communitySyntax Snmp-server contact string no snmp-server contact Snmp-server location Syntax Snmp-server location text no snmp-server location156 Snmp-server host157 158 Snmp-server enable traps Issue authentication and link-up-down trapsSnmp-server engine-id Snmp-server hostThis example shows the default engine ID This command shows the Snmp engine IDShow snmp engine-id Snmp-server view Defaultview includes access to the entire MIB tree42 show snmp engine-id display description This command shows information on the Snmp views Show snmp viewExamples This view includes MIB-2164 Snmp-server groupCommand Usage Show snmp group166 44 show snmp group display descriptionDefault Setting Snmp-server user168 Show snmp user This command shows information on Snmp users45 show snmp user display description Interface Commands 46 Interface CommandsInterface DescriptionPort-channel channel-idRange Syntax Description string no descriptionSpeed-duplex Interface Configuration Ethernet, Port ChannelFollowing example adds a description to port Negotiation Syntax No negotiation Default SettingNegotiation 4-173capabilities Capabilities Following example configures port 11 to use autonegotiationNegotiation 4-173speed-duplex Syntax No flowcontrol Default Setting Flow control enabledFlowcontrol Negotiation 4-173speed-duplex4-172 flowcontrolFollowing example enables flow control on port Syntax No shutdown Default SettingAll interfaces are enabled ShutdownSwitchport broadcast packet-rate Following example disables portThis command clears statistics on an interface Port-channel channel-idRange Default SettingClear counters Syntax Clear counters interfaceThis command displays the status for an interface Show interfaces statusSyntax Show interfaces status interface Shows the status for all interfacesThis command displays interface statistics Show interfaces countersSyntax Show interfaces counters interface Shows the counters for all interfaces181 Show interfaces switchport Syntax Show interfaces switchport interfaceThis example shows the configuration setting for port Shows all interfaces47 show interfaces switchport display description Field DescriptionMirror Port Commands 48 Mirror Port CommandsInterface Configuration Ethernet, destination port Port monitorThis command displays mirror information Show port monitorSyntax Show port monitor interface Shows all sessionsFollowing shows mirroring configured from port 6 to port Rate Limit Commands49 Rate Limit Commands Interface Configuration Ethernet, Port Channel Rate-limitLink Aggregation Commands 50 Link Aggregation CommandsGuidelines for Creating Trunks General GuidelinesSyntax no lacp Default Setting Channel-groupLacp Syntax Channel-group channel-idno channel-group191 Lacp system-priority 32768Lacp admin-keyEthernet Interface Lacp admin-key Port Channel Syntax Lacp admin-key key no lacp admin-keyDefault Setting Lacp port-priorityThis command displays Lacp information Show lacpPort Channel all 51 show lacp counters display description197 52 show lacp internal display descriptionPartner 199 53 show lacp neighbors display description55 Address Table Commands Address Table Commands54 show lacp sysid display description Mac-address- MAC address Mac-address-table staticVlan-id- Vlan ID Range Show mac-address-table Clear mac-address-table dynamicMac-address- MAC address Mask Bits to match in the address Mac-address-table aging-time Seconds56 Spanning Tree Commands Spanning Tree CommandsShow mac-address-table aging-time RSTP/MSTP Spanning tree is enabled Syntax No spanning-tree Default SettingSpanning-tree Spanning-tree mode Rstp208 Spanning-tree forward-timeSpanning-tree hello-time Seconds210 Spanning-tree max-ageSpanning-tree priority Spanning-tree default priorityIeee 802.1t format Spanning-tree pathcost method Long methodSpanning-tree transmission-limit This command limits the maximum transmission rate for BPDUsCount -The transmission limit in seconds. Range Spanning-tree mst-configuration Spanning-tree backup-rootSyntax No spanning-tree backup-root Default Setting MST Configuration Mst vlanMst priority Mst instanceid priority priority no mst instanceid prioritySwitch’s MAC address NameSyntax name name Name Name of the spanning treeRevision Max-hopsSyntax revision number Number Revision number of the spanning tree. RangeSyntax No spanning-tree spanning-disabled Default Setting Spanning-tree spanning-disabledThis example disables the Spanning Tree Algorithm for port Spanning-tree cost Syntax Spanning-tree cost cost no spanning-tree costSpanning-tree port-priority Spanning-tree edge-portPriority The priority for a port. Range 0-240, in steps Syntax No spanning-tree edge-portSyntax No spanning-tree portfast Default Setting Spanning-tree portfastSpanning-tree link-type Spanning-treeedge-port4-221Spanning-tree mst cost AutoSpanning-tree mst port-priority Spanning-tree mst port-priority4-225Spanning-tree protocol-migration Port-channel channel-idRange Command ModeSyntax Spanning-tree protocol-migration interface Show spanning-tree Syntax Show spanning-tree interface mst instanceid228 Show spanning-tree mst configuration 229Vlan Commands 57 Vlan CommandsEditing Vlan Groups Vlan databaseBy default only Vlan 1 exists and is active VlanVlan Database Configuration Configuring Vlan Interfaces59 Configuring Vlan Interfaces Syntax Interface vlan vlan-id Interface vlanShutdown Syntax Switchport mode trunk hybrid no switchport mode Switchport modeAll ports are in hybrid mode with the Pvid set to Vlan Switchport acceptable-frame-types All frame typesSwitchport ingress-filtering Syntax No switchport ingress-filtering Default SettingSwitchport native vlan 237Switchport allowed vlan 238239 Switchport forbidden vlanNo VLANs are included in the forbidden list 240 Displaying Vlan InformationShow vlan 60 Displaying Vlan Information61 Private Vlan Commands Following example shows how to display information for Vlan241 242 243 Private-vlanPrivate-vlan association 244No private-vlan primary-vlan-idassociation 245 Switchport mode private-vlanNormal Vlan Switchport private-vlan mapping Switchport private-vlan host-association246 Show vlan private-vlan 247Syntax Show vlan private-vlan community primary 62 Gvrp and Bridge Extension Commands Gvrp and Bridge Extension Commands248 Syntax No bridge-ext gvrp Default Setting 249Bridge-ext gvrp Show bridge-extSwitchport gvrp Show gvrp configurationSyntax No switchport gvrp Default Setting Syntax Show gvrp configuration interfaceShows both global and interface-specific configuration Garp timer251 Show garp timer Syntax Show garp timer interfaceShows all Garp timers 25263 Priority Commands Priority Commands253 Priority Commands Layer Queue mode64 Priority Commands Layer Syntax Queue mode strict wrr no queue mode255 Queue bandwidthSwitchport priority default 256257 Queue cos-map65 Default CoS Priority Levels 258Show queue mode This command shows the current queue mode259 Show queue bandwidthPriority Commands Layer 3 66 Priority Commands Layer 3260 Show queue cos-mapSyntax No map ip port Default Setting 261Syntax No map ip precedence Default Setting 262263 List below shows the default priority mapping67 Mapping IP Precedence to CoS Values Syntax No map ip dscp Default Setting 264265 68 Mapping IP Dscp to CoS ValuesThis command shows the IP port priority map 266Show map ip port Syntax Show map ip port interfaceThis command shows the IP precedence priority map 267Show map ip precedence Syntax Show map ip precedence interfaceThis command shows the IP Dscp priority map 268Show map ip dscp Syntax Show map ip dscp interfaceMulticast Filtering Commands Igmp Snooping Commands69 Multicast Filtering Commands 70 Igmp Snooping CommandsSyntax No ip igmp snooping Default Setting Following example enables Igmp snooping270 Ip igmp snoopingFollowing configures the switch to use Igmp Version 271Ip igmp snooping version Igmp VersionShow ip igmp snooping 272Show mac-address-table multicast Igmp Query Commands Layer 71 Igmp Query Commands Layer273 Ip igmp snooping querierIp igmp snooping query-count 274Times 275 Following shows how to configure the query count toIp igmp snooping query-interval 276 Seconds The report delay advertised in Igmp queries. RangeIp igmp snooping query-max-response-time 277 Switch must use IGMPv2 for this command to take effectIp igmp snooping router-port-expire-time Static Multicast Routing Commands 72 Static Multicast Routing Commands278 Ip igmp snooping vlan mrouterDisplays multicast router ports for all configured VLANs 279Show ip igmp snooping mrouter Syntax Show ip igmp snooping mrouter vlan vlan-idIP Interface Commands 73 IP Interface Command Syntax280 Ip addressInterface Configuration Vlan 281Ip default-gateway Syntax Ip default-gateway gateway no ip default-gateway282 Ip dhcp restart283 Show ip interfaceThis command has no default for the host 284Show ip redirects Ping285 74 DNS Commands DNS Commands286 287 Ip hostNo static entries This example maps two address to a host name288 Clear hostIp domain-name Syntax Clear host nameIp domain-list 289Syntax No ip domain-list name Ip name-server 290Ip domain-name4-288 Syntax No ip domain-lookup Default Setting 291Ip domain-lookup Ip domain-name4-288 ip domain-lookup4-291Show hosts 292Ip domain-name4-288 ip name-server4-290 This command displays the configuration of the DNS server This command displays entries in the DNS cache293 Show dnsThis command clears all entries in the DNS cache 294Clear dns cache 75 Show DNS Output DescriptionAuthentication Access Control ListsDhcp Client Port Configuration PoEClass of Service Additional FeaturesPort Trunking Spanning Tree ProtocolStandards SNMPv3Management Information Bases Table B-1 Troubleshooting Chart Problems Accessing the Management InterfaceSymptom Action Cannot access Using System Logs Troubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Virtual LAN Vlan Glossary-8XModem Index Index-1Index-2 IgmpIndex-3 Index-4 Page For Technical SUPPORT, Call