Specifying a Remote Engine ID | SMC Networks SMC8150L2 instruction

Simple Network Management Protocol 3

Specifying a Remote Engine ID

To send inform messages to an SNMPv3 user on a remote device, you must first specify the engine identifier for the SNMP agent on the remote device where the user resides. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host.

SNMP passwords are localized using the engine ID of the authoritative agent. For informs, the authoritative SNMP agent is the remote agent. You therefore need to configure the remote agent’s SNMP engine ID before you can send proxy requests or informs to it.

A new engine ID can be specified by entering 5 to 32 octets of hexadecimal characters; that is, 9 to 64 hexadecimal characters. If an odd number of hexadecimal characters are specified, a trailing zero is added to the value to fill the octet. For example, entering the value “123456789” results in an engine ID of “1234567890.”

Web – Click SNMP, SNMPv3, Remote Engine ID.

Figure 3-28 Setting a Remote Engine ID

CLI – This example specifies a remote SNMPv3 engine ID.

Console(config)#snmp-server engineID remote 54321fedcba0 192.168.1.19	4-107
Console(config)#exit
Console#show snmp engine-id	4-107

Local SNMP engineID: 83010000030000352810030000

Local SNMP engineBoots: 1

Remote SNMP engineID: 54321fedcba0 IP address 192.168.1.25

Console#

Configuring SNMPv3 Users

Each SNMPv3 user is defined by a unique name. Users must be configured with a specific security level and assigned to a group. The SNMPv3 group restricts users to a specific read, write, and notify view.

Command Attributes

•User Name – The name of user connecting to the SNMP agent. (Range: 1-32 characters)

•Group Name – The name of the SNMP group to which the user is assigned. (Range: 1-32 characters)

•Model – The user security model; SNMP v1, v2c or v3.

3-37

Image 81

SMC Networks SMC8150L2 manual Specifying a Remote Engine ID, Configuring SNMPv3 Users

Contents

Management Guide Page TigerSwitch 10/100/1000 Management Guide Page Contents Page Iii Page Command Line Interface Page Vii Viii Contents Page Contents Xii Appendix B Troubleshooting Appendix a Software SpecificationsGlossary Index Xiii Xiv Tables Xvi Xvii Xviii Xix Figures Figures Xxi Xxii Key Features Key FeaturesFeature Description Introduction Description of Software Features Description of Software Features Introduction Description of Software Features System Defaults System DefaultsFunction Parameter Default Client Enabled System Defaults Function Parameter Sntp Configuration Options Connecting to the Switch Required Connections Initial Configuration Basic Configuration Remote ConnectionsConsole Connection Setting Passwords Setting an IP AddressManual Configuration Dynamic Configuration Enabling Snmp Management Access Trap Receivers Configuring Access for Snmp Version 3 Clients Saving Configuration Settings Managing System Files Initial Configuration Using the Web Interface Configuring the Switch Home Navigating the Web Browser Interface Panel Display Configuration Options ActionButton Revert Apply Help Main Menu Main Menu DescriptionSystem System Information ACL Configuration Allows ports to dynamically join trunks 116 STA 122 Class-of-service valueCurrent Table 131 Configuration Settings Igmp Filter/Throttling Trunk Query Igmp Filter ConfigurationConfiguration Settings 152 183 Dhcp Snooping 186 ConfigurationCache 185 Field Attributes Displaying System Information CLI Specify the hostname, location and contact information Displaying Switch Hardware/Software VersionsMain Board Management Software Switch Information Web Click System, Switch Information Displaying Bridge Extension Capabilities Bridge Extension Configuration Setting the Switch’s IP Address CLI Enter the following commandCommand Attributes Manual IP Configuration Dhcp IP Configuration Using DHCP/BOOTP Managing Firmware Enabling Jumbo Frames Copy Firmware Downloading System Software from a Server 11 Deleting Files Saving or Restoring Configuration Settings 12 Downloading Configuration Settings for Startup Downloading Configuration Settings from a Server 13 Setting the Startup Configuration Settings Console Port Settings 14 Console Port Settings Telnet Settings 15 Enabling Telnet Displaying Log Messages Configuring Event Logging Error resource exhausted System Log ConfigurationCLI This example shows the event message stored in RAM Logging Levels 17 System Logs Remote Log Configuration 18 Remote Logs Simple Mail Transfer Protocol 19 Enabling and Configuring Smtp Renumbering the System Resetting the System Configuring Sntp Setting the System Clock 23 Setting the System Clock Setting the Time Zone Setting Community Access Strings Access ModeSimple Network Management Protocol Specifying Trap Managers and Trap Types 24 Configuring Snmp Community Strings Enabling Snmp Agent Status 25 Configuring IP Trap Managers Configuring SNMPv3 Management Access Setting the Local Engine IDCLI This example sets an SNMPv3 engine ID Configuring SNMPv3 Users Specifying a Remote Engine IDCLI This example specifies a remote SNMPv3 engine ID Configuring the Switch 29 Configuring SNMPv3 Users 30 Configuring Remote SNMPv3 Users Configuring Remote SNMPv3 Users Topology Change Timer immediately Configuring SNMPv3 GroupsSupported Notification Messages Subsequent to its election Rmon Events SNMPv2 Traps PD Powered Device. This notification is Private Traps SwPowerStatus 6.1.4.1.202.20.68.2.1.0.1Mode PethPsePortPower 6.1.4.1.202.20.68.2.1.0.1 ChangeTrap SwIpFilterRejectTrap 6.1.4.1.202.20.68.2.1.0.1 31 Configuring SNMPv3 Groups 32 Configuring SNMPv3 Views Setting SNMPv3 Views Configuring User Accounts User Authentication 33 Access Levels Command Usage Configuring Local/Remote Logon Authentication Tacacs Settings Radius Settings 34 Authentication Settings User Authentication Https System Support Web Browser Operating System Configuring Https Replacing the Default Secure-site Certificate Configuring the Secure Shell User Authentication SSH server includes basic settings for authentication Configuring the SSH Server Generating the Host Key Pair 37 SSH Host-Key Settings Configuring Port Security 38 Configuring Port Security Configuring 802.1X Port Authentication 802.1X protocol provides client authentication Displaying 802.1X Global Settings CLI This example shows the default global setting for Configuring 802.1X Global SettingsCLI This example enables 802.1X globally for the switch Web Click Security, 802.1X, Information Authorized Configuring Port Settings for 41 802.1X Port Configuration Consoleconfig#interface ethernet 1/2 Displaying 802.1X Statistics 802.1X StatisticsParameter Description Access Control Lists Configuring Access Control ListsCLI This example displays the 802.1X statistics for port CLI This example creates a standard IP ACL named david Setting the ACL Name and Type Configuring an Extended IP ACL Configuring a Standard IP ACL Configuring the Switch 45 Configuring Extended IP ACLs Configuring a MAC ACL This switch supports ACLs for ingress filtering only Binding a Port to an Access Control List 47 Configuring ACL Port Binding Filtering IP Addresses for Management Access 48 Creating an IP Filter List CLI This example allows Snmp access for a specific client Port ConfigurationDisplaying Connection Status Field Attributes Web Configuration Web Click Port, Port Information or Trunk InformationBasic Information Current Status Configuring Interface Connections 50 Port/Trunk Configuration Creating Trunk Groups 51 Configuring Static Trunks Statically Configuring a Trunk 131 Enabling Lacp on Selected Ports 52 Lacp Trunk Configuration Dynamically Creating a Port Channel Configuring Lacp Parameters 53 Lacp Port Configuration You can display statistics for Lacp protocol messages Displaying Lacp Port CountersLacp Port Counters Field Description CLI The following example displays Lacp counters 54 Lacp Port Counters Information Lacp Internal Configuration Information Displaying Lacp Settings and Status for the Local Side 55 Lacp Port Internal Information Lacp Neighbor Configuration Information Field Description Displaying Lacp Settings and Status for the Remote Side Setting Broadcast Storm Thresholds 57 Port Broadcast Control 58 Mirror Port Configuration Configuring Port Mirroring Rate Limit Configuration Configuring Rate Limits Showing Port Statistics Etherlike Statistics 10 Port Statistics Rmon Statistics Drop Events Or alignment error Received BytesResources Jabbers Formed Oversize Frames 60 Port Statistics Address Table Settings Setting Static AddressesCLI This example shows statistics for port Displaying the Address Table 61 Configuring a Static Address Table 62 Configuring a Dynamic Address Table Spanning Tree Algorithm Configuration Changing the Aging TimeCLI This example sets the aging time to 300 seconds Spanning Tree Algorithm Configuration 104 Displaying Global Settings 64 Displaying Spanning Tree Information Global settings apply to the entire switch Configuring Global Settings Root Device Configuration Basic Configuration of Global Settings Configuration Settings for Mstp Configuration Settings for Rstp 65 Configuring Spanning Tree Displaying Interface Settings 112 CLI This example shows the STA attributes for port 66 Displaying Spanning Tree Port Information Configuring Interface Settings CLI This example sets STA attributes for port 67 Configuring Spanning Tree per Port Configuring Multiple Spanning Trees 68 Configuring Multiple Spanning Trees MST Instance ID Instance identifier to configure. Default Displaying Interface Settings for Mstp 69 Displaying Mstp Interface Settings Configuring Interface Settings for Mstp 121 Vlan Configuration Ieee 802.1Q VLANsCLI This example sets the Mstp attributes for port Assigning Ports to VLANs 124 Enabling or Disabling Gvrp Global Setting CLI This example enables Gvrp for the switchForwarding Tagged/Untagged Frames Command Attributes Web Displaying Basic Vlan InformationDisplaying Current VLANs 73 Displaying Current VLANs Command Attributes CLI 175 Creating VLANs CLI This example creates a new Vlan Adding Static Members to VLANs Vlan Index 130 Adding Static Members to VLANs Port Index 75 Configuring a Vlan Static Table Configuring Vlan Behavior for Interfaces 77 Configuring VLANs per Port Configuring Ieee 802.1Q Tunneling Layer 2 Flow for Packets Coming into a Tunnel Access Port Layer 2 Flow for Packets Coming into a Tunnel Uplink Port General Configuration Guidelines for QinQ Configuration Limitations for QinQ 78 802.1Q Tunnel Status Enabling QinQ Tunneling on the Switch Adding an Interface to a QinQ Tunnel CLI This example sets the switch to operate in QinQ mode 79 Tunnel Port Configuration 45-1 Configuring Private VLANs CLI This example enables private VLANsEnabling Private VLANs Configuring Uplink and Downlink Ports Protocol Vlan Group ConfigurationProtocol VLANs 82 Protocol Vlan Configuration Configuring Protocol Vlan Interfaces Class of Service Configuration Layer 2 Queue SettingsSetting the Default Priority for Interfaces CLI This example assigns a default priority of 5 to port Port Priority ConfigurationMapping CoS Values to Egress Queues 11 Mapping CoS Values to Egress Queues Priority Level Traffic Type 12 CoS Priority LevelsBackground Spare Enabling CoS Selecting the Queue Mode 87 Queue Mode Setting the Service Weight for Traffic Classes Layer 3/4 Priority Settings Mapping Layer 3/4 Priorities to CoS ValuesSelecting IP Precedence/DSCP Priority 13 Mapping IP Precedence Mapping IP Precedence 90 Mapping IP Precedence Priority Values 14 Mapping Dscp Priority Values Mapping Dscp PriorityIP Dscp Value CoS Value 10, 12, 14 18, 20, 22 26, 28, 30, 32, 34 38, 40 92 IP Port Priority Status Mapping IP Port Priority 93 IP Port Priority Quality of Service Configuring Quality of Service Parameters Configuring a Class MapClass map is used for matching packets to a specified class Class Configuration Match Class SettingsClass Map 94 Configuring Class Maps Policy Configuration Creating QoS PoliciesPolicy Map Policy Options Policy Rule Settings Class Settings 95 Configuring Policy Maps Attaching a Policy Map to Ingress Queues 96 Service Policy Settings Layer 2 Igmp Snooping and Query Multicast Filtering Configuring Igmp Snooping and Query Parameters Enabling Igmp Immediate Leave 97 Igmp Configuration 98 Igmp Immediate Leave Displaying Interfaces Attached to a Multicast Router 99 Displaying Multicast Router Port Information Specifying Static Interfaces for a Multicast Router 100 Static Multicast Router Port Configuration Displaying Port Members of Multicast Services 101 IP Multicast Registration Table Assigning Ports to Multicast Services 102 Igmp Member Port Table Igmp Filtering and Throttling 103 Enabling Igmp Filtering and Throttling Enabling Igmp Filtering and Throttling Configuring Igmp Filtering and Throttling for Interfaces 104 Igmp Filter and Throttling Port Configuration Configuring Igmp Filter Profiles 105 Igmp Profile Configuration Multicast Vlan Registration General Configuration Guidelines for MVR Configuring Global MVR Settings Displaying MVR Interface Status 106 MVR Global Configuration 107 MVR Port Information Web Click MVR, Port or Trunk Information 108 MVR Group IP Information Displaying Port Members of Multicast Groups MVR Vlan Configuring MVR Interface Status Assigning Static Multicast Groups to Interfaces Web Click MVR, Port or Trunk Configuration Configuring General DNS Service Parameters Configuring Domain Name Service 111 DNS General Configuration 238 Configuring Static DNS Host to Address Entries 112 DNS Static Host Table 113 DNS Cache Displaying the DNS Cache Dhcp Snooping Web Click Dhcp Snooping, Configuration Dhcp Snooping Configuration Dhcp Snooping Information Option Configuration Dhcp Snooping Vlan ConfigurationEnables Dhcp snooping on the specified Vlan CLI This example first enables Dhcp Snooping for Vlan Trust Status Enables or disables port as trusted Dhcp Snooping Port Configuration Dhcp Snooping Binding Information 117 Dhcp Snooping Port Configuration IP Source Guard Port Configuration IP Source GuardWeb Click Dhcp Snooping, Dhcp Snooping Binding Information 119 IP Source Guard Port Configuration Static IP Source Guard Binding Configuration Dynamic IP Source Guard Binding Information 120 Static IP Source Guard Binding Configuration Web Click IP Source Guard, Dynamic Information Switch Clustering 122 Cluster Member Choice Cluster Configuration Cluster Member Configuration Web Click Cluster, ConfigurationAdds Candidate switches to the cluster as Members Web Click Cluster, Member Configuration Displays current cluster Member switch informationCluster Member Information 126 Cluster Candidate Information Cluster Candidate Information Accessing the CLI Using the Command Line Interface Telnet Connection Command Completion Entering CommandsGetting Help on Commands Keywords and Arguments Showing Commands Using Command History Negating the Effect of CommandsUnderstanding Command Modes Partial Keyword Lookup Command Modes Exec Commands Configuration Commands Configuration Modes Command PromptConsoleconfig-if# 120 Command Line Processing Command Line ProcessingKeystroke Function Command Groups Description Command Groups Line Commands Function Mode Line Commands Line Login Username 4-25 password PasswordSyntax Password 0 7 password no password No password is specified Exec-timeout Timeout login response Password-thresh Syntax Exec-timeout seconds no exec-timeoutSyntax Password-thresh threshold no password-thresh Silent-time DatabitsSyntax Silent-time seconds no silent-time Parity Syntax Databits 7 8 no databitsSyntax Parity none even odd no parity Stopbits SpeedSyntax Speed bps no speed Syntax Stopbits 1 Show line DisconnectSyntax Disconnect session-id Syntax Show line console vty Enable General CommandsTo show all lines, enter this command General Commands Function Mode Disable Enable password DisableEnable Level Show history Configure End Reload This example shows how to quit a CLI session This command exits the configuration programExit Quit System Management Commands Device Designation CommandsPrompt User Access Commands Function Mode User Access CommandsHostname Username Enable password 10 Default Login Settings Username Access-level PasswordGuest Admin IP Filter Commands 11 IP Filter Commands Function ModeManagement All addresses Show management 12 Web Server Commands Function Mode Web Server CommandsDefault Setting Command Mode Ip http port Syntax No ip http secure-server Default Setting Syntax No ip http server Default SettingIp http server Ip http secure-server 13 Https System Support Web Browser Operating System Ip http secure-portIp http secure-port4-31 Copy tftp https-certificate Portnumber The UDP port used for HTTPS. Range 14 Telnet Server Commands Function Mode Telnet Server CommandsIp telnet port Ip http secure-server4-30 Syntax No ip telnet server Default Setting Secure Shell Commands15 SSH Commands Function Mode Ip telnet server Copy tftp public-key Ip ssh server Syntax No ip ssh server Default Setting Syntax Ip ssh timeout seconds no ip ssh timeout Ip ssh timeoutExec-timeout4-13 show ip ssh Ip ssh crypto host-key generate 4-38 show ssh Ip ssh server-key size Ip ssh authentication-retriesKey-size- The size of server key. Range 512-896 bits Bits Ip ssh crypto host-key generate Delete public-keySyntax Delete public-key username dsa rsa Syntax Ip ssh crypto host-key generate dsa rsa Ip ssh save host-key Ip ssh crypto zeroizeSyntax Ip ssh crypto zeroize dsa rsa Syntax Ip ssh save host-key dsa rsa Show ip ssh This command displays the current SSH server connectionsShow ssh Ip ssh crypto host-key generate Show public-key TerminologySyntax Show public-key user username host Console#show public-key host Host 17 Event Logging Commands Function Mode Event Logging CommandsSyntax No logging on Default Setting Logging on Flash errors level 3 RAM warnings level 6 Logging history18 Logging Levels Logging facility Logging hostSyntax No logging host hostipaddress Hostipaddress The IP address of a syslog server Clear logging Logging trapSyntax Logging trap level no logging trap Syntax Clear logging flash ram Show logging Syntax Show logging flash ram sendmail trap19 show logging flash/ram display description Logging trap command Facility commandSyntax Show log flash ram login tail Show log 21 Smtp Alert Commands Function Mode Smtp Alert CommandsLogging sendmail host Following example shows sample messages stored in RAM Syntax Logging sendmail level level Logging sendmail level Logging sendmail destination-email Logging sendmail source-emailSyntax No logging sendmail source-email email-address This example will set the source email john@acme.com Syntax No logging sendmail Default Setting Logging sendmailShow logging sendmail 22 Time Commands Function Mode Time CommandsSyntax No sntp client Default Setting Sntp client Sntp server 4-54 sntp poll 4-55 show sntp Sntp serverSyntax Sntp server ip1 ip2 ip3 Sntp client 4-53 sntp poll 4-55 show sntp Show sntp Sntp pollSyntax Sntp poll seconds no sntp poll Sntp client Calendar set Clock timezoneSyntax Calendar set hour min sec day month year month day year Show startup-config System Status CommandsThis command displays the system clock 23 System Status Commands Function Mode Command Line Interface Show running-config4-59 Show running-config Show startup-config4-57 This command displays system information Show systemShow users Show version 24 Frame Size Commands Function Mode Frame Size CommandsJumbo frame Enables support for jumbo frames Syntax No jumbo frame Default Setting 25 Flash/File Commands Function Mode Flash/File CommandsCopy Copy Flash/File Commands Following example shows how to download a configuration file Delete This command deletes a file or imageDelete unit filename Dir Delete public-key4-38 Dir Syntax Dir unit boot-rom config opcode filename26 File Directory Information Column Heading Description Boot system WhichbootSyntax whichboot unit Syntax Boot system unit boot-romconfig opcode filename Authentication Sequence Authentication CommandsDir 4-68 whichboot 27 Authentication Commands Command Group Function Authentication login Username for setting the local user names and passwordsLocal Authentication enable 29 Radius Client Commands Function Mode Show radius-server Shows the current Radius settingsRadius Client Retransmit Command Mode Default Setting Auth-portRadius-server host Radius-server port Radius-server key Radius-server retransmitSyntax Radius-server key keystring no radius-server key Show radius-server Radius-server timeout TACACS+ Client 30 Tacacs Commands Function ModeTacacs-server host Tacacs-server port Tacacs-server key Show tacacs-serverSyntax Tacacs-server key keystring no tacacs-server key 31 Port Security Commands Function Mode Port Security CommandsStatus Disabled Action None Maximum Addresses Interface Configuration Ethernet Command Usage 32 802.1X Port Authentication Command Function Mode 802.1X Port AuthenticationSyntax No dotx system-auth-control Default Setting Dot1x system-auth-control Default Command Mode Dot1x defaultDot1x max-req Dot1x port-control Dot1x operation-mode Force-authorizedSingle-host Dot1x re-authenticate Dot1x re-authenticationDot1x timeout quiet-period Dot1x timeout tx-period Dot1x timeout re-authperiod Show dot1x Syntax Show dot1x statistics interface interfaceStatistics Displays dot1x status for each port Reauthentication State Machine Authenticator State MachineState Current state including initialize, reauthenticate Backend State Machine Command Line Interface Access Control List Commands Access Control Lists33 Access Control Lists Command Groups Function 34 IP ACLs Command Function Mode Access-list ipSyntax No access-list ip standard extended aclname IP ACLs Access-list ip Permit, deny Ip access-group4-93 show ip access-list4-93Syntax No permit deny any source bitmask host source Standard ACL Any destination address-bitmask host destination Source-port sport end destination-port dport endExtended ACL Ip access-group Show ip access-listSyntax Show ip access-list standard extended aclname Syntax No ip access-group aclname Show ip access-group Show ip access-list4-93This command shows the ports assigned to IP ACLs 35 MAC ACL Commands Function Mode Access-list macSyntax No access-list mac aclname Permit, deny Mac access-group4-98 show mac access-list4-97 Permit, deny MAC ACL This command displays the rules for configured MAC ACLs Show mac access-listSyntax Show mac access-list aclname Permit, deny Mac access-group4-98 Show mac access-group Mac access-groupSyntax Mac access-group aclname Show mac access-list4-97 Show access-group Show access-list36 ACL Information Command Function Mode ACL Information 37 Snmp Commands Function Mode Snmp Commands Syntax No snmp-server Default Setting Snmp-serverShow snmp Snmp-server community Snmp-server location Snmp-server contactSyntax Snmp-server contact string no snmp-server contact Syntax Snmp-server location text no snmp-server location Host Address None Notification Type Traps Snmp-server host Snmp Version UDP Port Snmp-server enable traps Snmp-server enable trapsIssue authentication and link-up-down traps Snmp-server engine-id This command shows the Snmp engine ID This example shows the default engine IDShow snmp engine-id Snmp-server view Defaultview includes access to the entire MIB treeExamples This view includes MIB-2 Show snmp view This command shows information on the Snmp viewsSnmp-server group 39 show snmp view display description Consoleconfig#snmp-server group r&d v3 auth write daily Show snmp group 40 show snmp group display description Snmp-server user 114 This command shows information on Snmp users Show snmp user41 show snmp user display description 42 Interface Commands Function Mode Interface CommandsInterface Port-channel channel-idRange Description Speed-duplexSyntax Description string no description Syntax No negotiation Default Setting NegotiationNegotiation 4-118 capabilities Following example configures port 11 to use autonegotiation CapabilitiesCapabilities 4-119speed-duplex4-117 Syntax No flowcontrol Default Setting FlowcontrolNegotiation 4-118speed-duplex4-117 flowcontrol Shutdown Syntax No shutdown Default Setting Port-channel channel-idRange Default Setting Switchport broadcast packet-rateClear counters Syntax Clear counters interface Show interfaces status This command displays the status for an interfaceFollowing example clears statistics on port Syntax Show interfaces status interface Show interfaces counters This command displays interface statisticsSyntax Show interfaces counters interface Shows the counters for all interfaces Show interfaces switchport Syntax Show interfaces switchport interfaceShows all interfaces 43 Interfaces Switchport Statistics 44 Mirror Port Commands Function Mode Mirror Port CommandsPort monitor Interface ethernet unit/port source port Following shows mirroring configured from port 6 to port This command displays mirror informationShow port monitor Syntax Show port monitor interface Rate Limit Commands Rate-limitGigabit Ethernet 1000 Mbps 46 Link Aggregation Commands Link Aggregation Commands135 123 Guidelines for Creating Trunks Channel-groupGeneral Guidelines Dynamically Creating a Port Channel Syntax No lacp Default Setting LacpFollowing example creates trunk 1 and then adds port 32768 Lacp system-priority Lacp admin-keyEthernet Interface Interface Configuration Port Channel Lacp admin-key Port Channel This command displays Lacp information Lacp port-priorityShow lacp 47 show lacp counters display description Port Channel allType LACPDUs Illegal Pkts 48 show lacp internal display description 50 show lacp sysid display description 49 show lacp neighbors display description 51 Address Table Commands Function Mode Address Table CommandsMac-address-table static Action Clear mac-address-table dynamic Show mac-address-tableMac-address- MAC address Mask Bits to match in the address Sort Sort by address, vlan or interface Mac-address-table aging-time Show mac-address-table aging-time 52 Spanning Tree Commands Function Mode Spanning Tree Commands Syntax No spanning-tree Default Setting Spanning-tree modeSpanning tree is enabled Spanning-tree Spanning-tree forward-time Spanning-tree hello-time Spanning-tree priority Spanning-tree max-age Long method Spanning-tree pathcost method This command limits the maximum transmission rate for BPDUs Spanning-tree mst-configurationSpanning-tree transmission-limit Count The transmission limit in seconds. Range Mst vlan MST ConfigurationMst priority No mst instanceid vlan vlan-range Name Switch’s MAC addressSyntax Name name Name Name of the spanning tree Max-hops RevisionSyntax Revision number Max-hopshop-number Syntax No spanning-tree spanning-disabled Default Setting Spanning-tree spanning-disabledThis example disables the spanning tree algorithm for port Spanning-tree cost Priority The priority for a port. Range 0-240, in steps Spanning-tree port-priority Syntax No spanning-tree portfast Default Setting Syntax No spanning-tree edge-port Default SettingSpanning-tree edge-port Spanning-tree portfast Spanning-tree link-type Spanning-treeedge-port4-156Auto Spanning-tree mst cost Spanning-tree mst port-priority4-159 Spanning-tree mst port-priority Spanning-tree protocol-migration Port-channel channel-idRange Command ModeShow spanning-tree Syntax Spanning-tree protocol-migration interface Mstp Show spanning-tree mst configuration Gvrp and Bridge Extension Commands Vlan Commands53 VLANs Command Groups Function 54 Gvrp and Bridge Extension Commands Function Mode Syntax No bridge-ext gvrp Default Setting Bridge-ext gvrpShow bridge-ext Show gvrp configuration Switchport gvrpSyntax No switchport gvrp Default Setting Syntax Show gvrp configuration interface Show garp timer Garp timer 55 Editing Vlan Groups Command Function Mode Syntax Show garp timer interfaceEditing Vlan Groups Vlan database Vlan Database Configuration By default only Vlan 1 exists and is activeVlan Show vlan 56 Configuring Vlan Interfaces Command Function Mode Configuring Vlan InterfacesInterface vlan Interface vlan Switchport mode All ports are in hybrid mode with the Pvid set to VlanSwitchport acceptable-frame-types4-171 Switchport ingress-filtering Switchport acceptable-frame-typesSwitchport mode All frame types Switchport native vlan Switchport allowed vlan No VLANs are included in the forbidden list Switchport forbidden vlan 57 Show Vlan Commands Function Mode Displaying Vlan InformationShow vlan 58 Ieee 802.1Q Tunneling Commands Function Mode Configuring Ieee 802.1Q TunnelingGeneral Configuration Guidelines for QinQ Dot1q-tunnel system-tunnel-control Show dot1q-tunnel4-178 Show interfaces switchport Switchport dot1q-tunnel mode Related Commands Switchport dot1q-tunnel tpidThis command displays information about QinQ tunnel ports Show dot1q-tunnel Switchport dot1q-tunnel mode 59 Private Vlan Commands Function ModePvlan This command displays the configured private Vlan Show pvlanNo private VLANs are defined Configuring Protocol-based VLANs Protocol-vlan protocol-group Configuring Groups60 Protocol-based Vlan Commands Function Mode Protocol-vlan protocol-group Configuring Interfaces No protocol groups are configuredNo protocol groups are mapped for any interface Show protocol-vlan protocol-group Show interfaces protocol-vlan protocol-groupSyntax Show protocol-vlan protocol-group group-id Priority Commands Layer Priority Commands61 Priority Commands Command Groups Function 62 Priority Commands Layer Function Mode Queue mode Switchport priority defaultSyntax Queue mode strict wrr no queue mode Queue bandwidth weight1...weight4 no queue bandwidth Weights 1, 2, 4, 8 are assigned to queues 0-3 respectivelyQueue bandwidth 63 Default CoS Values to Egress Queues Queue cos-mapQueue cos-mapqueueid cos1 ... cosn no queue cos-map Following example shows how to change the CoS assignments Show queue modeThis command shows the current queue mode Show queue bandwidth This command shows the class of service priority map Priority Commands Layer 364 Priority Commands Layer 3 Function Mode Show queue cos-map Syntax No map ip dscp Default Setting Map ip dscp dscp-value cos cos-value no map ip dscp65 IP Dscp to CoS Vales IP Dscp Value CoS Value This command shows the IP Dscp priority map Show map ip dscpSyntax Show map ip dscp interface Quality of Service Commands 66 Quality of Service Commands Function Mode 198 Service-policy199 Input of a particular interface Show class-map Match Class-mapSyntax No class-map class-map-namematch-any Show class map Class Map Configuration Policy-mapNo policy-mappolicy-map-name Policy Map Configuration ClassNo class class-map-name Set Policy Map Class Configuration Police Syntax No police rate-kbpsburst-byteexceed-action drop setDrop out-of-profile packets Syntax No service-policy input policy-map-name Service-policyShow class-map Syntax Show class-map class-map-name Show policy-map interface Show policy-mapShow policy-mappolicy-map-name class class-map-name Displays all policy maps and all classes Igmp Snooping Commands Multicast Filtering Commands67 Multicast Filtering Commands Command Groups Function 68 Igmp Snooping Commands Function Mode Following example enables Igmp snooping Syntax No ip igmp snooping Default SettingIp igmp snooping Ip igmp snooping vlan static Syntax No ip igmp snooping leave-proxy Default Setting Following configures the switch to use Igmp VersionIp igmp snooping version Ip igmp snooping leave-proxy Interface Configuration Vlan Syntax No ip igmp snooping immediate-leave Default SettingThis command shows the Igmp snooping configuration Ip igmp snooping immediate-leave Following shows the current Igmp snooping configuration This command shows known multicast addressesShow mac-address-table multicast 69 Igmp Query Commands Layer Function Mode Igmp Query Commands LayerSyntax No ip igmp snooping querier Default Setting Ip igmp snooping querier Ip igmp snooping query-interval Following shows how to configure the query count toTimes Ip igmp snooping query-max-response-time4-208 Seconds The report delay advertised in Igmp queries. Range Ip igmp snooping query-max-response-timeIp igmp snooping router-port-expire-time 70 Static Multicast Routing Commands Function Mode Static Multicast Routing CommandsIp igmp snooping vlan mrouter Syntax No ip igmp snooping vlan vlan-idmrouter interface Show ip igmp snooping mrouter Displays multicast router ports for all configured VLANsSyntax Show ip igmp snooping mrouter vlan vlan-id Multicast router port types displayed include Static 71 Igmp Filtering and Throttling Commands Function Mode Igmp Filtering and Throttling CommandsSyntax No ip igmp filter Default Setting 213 Ip igmp profile Syntax Permit deny Default SettingPermit, deny Syntax No ip igmp profile profile-number Range No range low-ip-address high-ip-addressSyntax No ip igmp filter profile-number Syntax Ip igmp max-groups number No ip igmp max-groups Ip igmp max-groups Show ip igmp filter Ip igmp max-groups actionSyntax Ip igmp max-groups action replace deny Syntax Show ip igmp filter interface interface Show ip igmp throttle interface Show ip igmp profileSyntax Show ip igmp profile profile-number Syntax Show ip igmp throttle interface interface 72 Multicast Vlan Registration Commands Function Mode Multicast Vlan Registration CommandsPort Port number. Range Port-channelchannel-id Range 219 No mvr group ip-address count vlan vlan-id Command Line Interface Mvr Global Configuration Multicast Filtering Commands Mvr Interface Configuration 220 Show mvr Syntax Show mvr interface interface members ip-address73 show mvr display description 74 show mvr interface display description 75 show mvr members display descriptionMembers 76 IP Interface Commands Function Mode IP Interface CommandsIp address 224 Syntax Ip default-gateway gateway no ip default-gateway Ip default-gatewayGateway IP address of the default gateway Following example defines a default gateway for this device This command displays the settings of an IP interface This command submits a Bootp or Dhcp client requestIp dhcp restart Show ip interface This command has no default for the host Ip default-gateway4-224Show ip redirects Ping IP Source Guard Commands 77 IP Source Guard Commands Function ModeIp source-guard Syntax Ip source-guard sip sip-macno ip source-guard No configured entries This example enables IP source guard on portIp source-guard binding No ip source-guard binding mac-addressvlan vlan-id Show ip source-guard This command shows the source guard binding tableShow ip source-guard binding Ip source-guard4-227 ip dhcp snooping Ip dhcp snooping vlan 78 Dhcp Snooping Commands Function Mode Dhcp Snooping CommandsSyntax No ip dhcp snooping Default Setting Ip dhcp snooping 232 This example enables Dhcp snooping for Vlan This example enables Dhcp snooping globally for the switchIp dhcp snooping vlan Ip dhcp snooping vlan 4-233 ip dhcp snooping trust Ip dhcp snooping trust Syntax No ip dhcp snooping trust Default Setting This example enables MAC address verification Ip dhcp snooping verify mac-addressIp dhcp snooping information option This example enables the Dhcp Snooping Information Option Ip dhcp snooping information policyReplace 79 Switch Cluster Commands Function Mode Switch Cluster CommandsShow ip dhcp snooping Show ip dhcp snooping binding Syntax No cluster Default Setting ClusterDisplays current cluster Candidates in the network 242 Syntax No cluster commander Default Setting Cluster commanderCluster ip-pool Syntax Cluster ip-pool ip-addressno cluster ip-pool Syntax Rcommand id member-id RcommandMember-id- The ID number of the Member switch. Range Cluster member This command shows the current switch cluster members This command shows the switch clustering configurationShow cluster Show cluster members Show cluster candidates Software Features Appendix a Software Specifications Groups 1, 2, 3, 9 Statistics, History, Alarm, Event Management FeaturesStandards Igmp RFC 1112 IGMPv2 RFC 2236 RADIUS+ RFC Management Information Bases a Management Information Bases Software Specifications Symptom Action Table B-1 Troubleshooting Chart Using System Logs Boot Protocol Bootp Access Control List ACLClass of Service CoS Differentiated Services Code Point Service Dscp Generic Attribute Registration Protocol Garp Garp Vlan Registration Protocol GvrpGeneric Multicast Registration Protocol Gmrp Group Attribute Registration Protocol Garp Igmp Query Igmp SnoopingInternet Group Management Protocol Igmp In-Band Management Port Authentication Multicast SwitchingRemote Authentication Dial-in User Service Radius Network Time Protocol NTP Simple Network Management Protocol Snmp Secure Shell SSHSimple Network Time Protocol Sntp Spanning Tree Algorithm STA XModem Virtual LAN Vlan Numerics Index Index Gateway, default 3-14,4-224 Index-3 Index-4 Page Technical Support