Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks SMC8624/48T manual Filtering Management Access

Models: SMC8624/48T

1 556

Download 556 pages 10.96 Kb

Page 126

CONFIGURING THE SWITCH

CLI – This examples assigns an IP and MAC ingress ACL to port 1, and an IP ingress ACL to port 2.

Console(config)#interface ethernet	1/1	3-168
Console(config-if)#ip access-group	david in	3-129
Console(config-if)#mac access-group jerry in		3-144
Console(config-if)#exit
Console(config)#interface ethernet	1/2
Console(config-if)#ip access-group	david in
Console(config-if)#

Filtering Management Access

You can specify the client IP addresses that are allowed management access to the switch through the web interface, SNMP, or Telnet.

Command Usage

•The management interfaces are open to all IP addresses by default. Once you add an entry to a filter list, access to that interface is restricted to the specified addresses.

•If anyone tries to access a management interface on the switch from an invalid address, the switch will reject the connection, enter an event message in the system log, and send a trap message to the trap manager.

•IP address can be configured for SNMP, web and Telnet access respectively. Each of these groups can include up to five different sets of addresses, either individual addresses or address ranges.

•When entering addresses for the same group (i.e., SNMP, web or Telnet), the switch will not accept overlapping address ranges. When entering addresses for different groups, the switch will accept overlapping address ranges.

•You cannot delete an individual address from a specified range. You must delete the entire range, and reenter the addresses.

•You can delete an address range just by specifying the start address, or by specifying both the start address and end address.

3-78

Image 126

SMC Networks SMC8624/48T manual Filtering Management Access

Contents

TigerSwitch 10/100/1000 Page TigerSwitch 10/100/1000 Management Guide Trademarks Limited Warranty Limited Warranty Contents Contents Contents Command Line Interface Vii Viii Contents Contents Contents Xii Xiii Xiv Contents Tables XviXvii Figures XviiiXix 61. Displaying Vlan Information by Port MembershipFigures Key Features Key FeaturesDescription of Software Features Description of Software Features Introduction Description of Software Features Introduction System Defaults System DefaultsSystem Defaults Dhcp Introduction Connecting to the Switch Configuration OptionsRequired Connections Connecting to the Switch Basic Configuration Remote ConnectionsConsole Connection Setting Passwords Setting an IP Address Manual ConfigurationDynamic Configuration Initial Configuration Enabling Snmp Management Access Community StringsInitial Configuration Saving Configuration Settings Trap ReceiversManaging System Files Managing System Files Initial Configuration Configuring the Switch Using the Web InterfaceConfiguring the Switch Navigating the Web Browser Interface HomeConfiguration Options Panel DisplayMain Menu Main MenuACL Lacp STA 141 Vlan ID DNS Displaying System Information Field AttributesSystem Information CLI Specify the hostname, location and contact informationDisplaying Switch Hardware/Software Versions Main BoardManagement Software Web Click System, Switch Information Switch InformationDisplaying Bridge Extension Capabilities Setting the Switch’s IP Address CLI Enter the following commandWeb Click System, Bridge Extension Command Attributes Manual IP Configuration Using DHCP/BOOTP Dhcp IP Configuration288 Managing Firmware Downloading System Software from a ServerOperation Code Image File Transfer Saving or Restoring Configuration Settings Downloading Configuration Settings from a Server 10. Downloading Configuration Settings from a ServerResetting the System CLI Use the reload command to restart the switchSetting the System Clock Configuring Sntp13. Sntp Configuration Setting the Time Zone 14. Setting the Time ZoneSetting Community Access Strings Simple Network Management ProtocolAccess Mode Specifying Trap Managers and Trap Types16. Specifying Trap Managers and Trap Types User Authentication Configuring the Logon PasswordConfiguring Local/Remote Logon Authentication 17. Configuring the Logon PasswordCommand Usage Radius Settings Tacacs Settings 18. Setting Local, Radius and Tacacs AuthenticationConfiguring Https 19. Https Settings Https SupportReplacing the Default Secure-site Certificate Configuring the Secure Shell Configuring the Switch Generating the Host Key Pair Field Attributes 20. SSH Host-Key Settings Configuring the SSH Server SSH server includes basic settings for authentication21. SSH Server Settings Configuring Port Security Command Usage 22. Configuring Port Security Configuring 802.1x Port Authentication Displaying 802.1x Global Settings 802.1x client Radius server23 .1x Information 111 Configuring 802.1x Global Settings Configuring Port Authorization Mode 24 .1x Configuration25 .1x Port Configuration AuthorizedDisplaying 802.1x Statistics Statistical Values1x Statistics 26 .1x Statistics Access Control Lists Configuring Access Control ListsCLI This example displays the 802.1x statistics for port Setting the ACL Name and Type 27. Naming and Choosing ACLs CLI This example creates a standard IP ACL named billConfiguring a Standard IP ACL Command Attributes 28. Configuring Standard IP ACLsConfiguring an Extended IP ACL Command Attributes Access Control Lists 29. Configuring Extended IP ACLs Configuring a MAC ACL Command Attributes 120Command Usage 30. Configuring MAC ACLs Configuring ACL Masks Command UsageSpecifying the Mask Type Configuring an IP ACL Mask This mask defines the fields to check in the IP headerConfiguring the Switch 32. Configuring an IP based ACL Configuring a MAC ACL Mask This mask defines the fields to check in the packet header33. Configuring a MAC based ACL Binding a Port to an Access Control List 14834. Mapping ACLs to Port Ingress/Egress Queues Filtering Management Access 35. Filtering Management Access Port Configuration Displaying Connection StatusField Attributes Web Field Attributes CLI Web Click Port, Port Information or Trunk InformationCurrent status CLI This example shows the connection status for Port 178Configuring Interface Connections Port Configuration 37. Configuring Port Attributes Creating Trunk GroupsCommand Usage Statically Configuring a Trunk Command Usage 38. Static Trunk ConfigurationEnabling Lacp on Selected Ports Command Usage 18939. Lacp Port Configuratio 190 Command Attributes 40. Lacp Aggregation Port Configuration You can display statistics for Lacp protocol messages Displaying Lacp Port CountersCounter Information Lacp Port Counter Information41. Displaying Lacp Port Counters Information Displaying Lacp Settings and Status for the Local Side Internal Configuration InformationLacp Settings Link Passive 1 Active 42. Displaying Lacp Port Information Displaying Lacp Settings and Status for the Remote Side Neighbor Configuration InformationLacp Remote Side Settings 100 43. Displaying Remote Lacp Port InformationSetting Broadcast Storm Thresholds 101102 44. Enabling Port Broadcast ControlConfiguring Port Mirroring 103Configuring Rate Limits 104Command Attribute 105Showing Port Statistics 106107 Port Statistics108 109 Rmon Statistics110 47. Displaying Port Statistics111 48. Displaying Etherlike and Rmon Statistics112 Address Table SettingsSetting Static Addresses CLI This example shows statistics for port113 49. Mapping Ports to Static AddressesDisplaying the Address Table 114Changing the Aging Time 115CLI This example sets the aging time to 400 seconds Spanning Tree Algorithm Configuration 116Displaying Global Settings 117118 119 120 52. Displaying the Spanning Tree AlgorithmConfiguring Global Settings Global settings apply to the entire switch121 Basic Configuration of Global Settings 122Root Device Configuration 123Configuration Settings for Rstp 12453. Configuring the Spanning Tree Algorithm 125Displaying Interface Settings 126127 Rules defining port status are128 AD B129 Configuring Interface Settings 130CLI This example shows the STA attributes for port 131 132 Configuring Multiple Spanning Trees 133CLI This example sets STA attributes for port 134 135 Vlan ID Vlan to assign to this selected MST instance. Range136 Displaying Interface Settings for Mstp 137138 Configuring Interface Settings for Mstp 13958. Mstp Port Configuration 140141 Vlan ConfigurationOverview CLI This example sets the Mstp attributes for port142 Assigning Ports to VLANs143 144 145 Forwarding Tagged/Untagged FramesDisplaying Basic Vlan Information Enabling or Disabling Gvrp Global SettingCLI This example enables Gvrp for the switch 146147 Command Attributes WebDisplaying Current VLANs Web Click VLAN, 802.1Q VLAN, Basic InformationCommand Attributes CLI 148Creating VLANs 149150 CLI This example creates a new VlanAdding Static Members to VLANs Vlan Index 15163. Configuring Vlan Port Attributes 152Adding Static Members to VLANs Port Index 153Configuring Vlan Behavior for Interfaces 154155 156 65. Configuring Vlan Ports 157158 Configuring Private VLANsCLI This example enables private VLANs Enabling Private VLANsConfiguring Protocol-Based VLANs Configuring Uplink and Downlink Ports159 Configuring Protocol Groups 160Create a protocol group for one or more protocols 161 Mapping Protocols to VLANs162 69. Mapping Protocols to VLANsClass of Service Configuration Setting the Default Priority for Interfaces163 CLI This example assigns a default priority of 5 to port 164Egress Queue Priority Mapping Mapping CoS Values to Egress Queues165 10. CoS Priority Levels71. Configuring Ports and Trunks for Class of Service 166Selecting the Queue Mode 167Setting the Service Weight for Traffic Classes 168Mapping Layer 3/4 Priorities to CoS Values 169Selecting IP Precedence/DSCP Priority 170Mapping IP Precedence 17111. IP Precedence Prioruty 75. Mapping IP Precedence to Class of Service Values 172Mapping Dscp Priority 17376. Mapping IP Dscp Priority to Class of Service Values 174Mapping IP Port Priority 175176 78. IP Port Priority MappingMapping CoS Values to ACLs 17713. CoS to ACL Mapping Changing Priorities Based on ACL Rules 178179 180 79. Changing Priorities Based on ACL RulesMulticast Filtering 181Configuring Igmp Snooping and Query Parameters Layer 2 Igmp Snooping and Query182 183 80. Configuring Internet Group Management Protocol 184Command Attributes 185Displaying Interfaces Attached to a Multicast Router 186 Specifying Static Interfaces for a Multicast RouterDisplaying Port Members of Multicast Services 187Assigning Ports to Multicast Services 188189 84. Specifying Multicast Port MembershipConfiguring Domain Name Service Configuring General DNS Server Parameters190 191 85. Configuring DNS 192Configuring Static DNS Host to Address Entries 193194 86. Mapping IP Addresses to a Host NameDisplaying the DNS Cache 195196 Web Select DNS, CacheUsing the Command Line Interface Accessing the CLITelnet Connection Using the Command Line Interface Keywords and Arguments Entering CommandsThis section describes how to enter CLI commands Minimum AbbreviationCommand Completion Getting Help on CommandsShowing Commands Negating the Effect of Commands Using Command HistoryPartial Keyword Lookup Understanding Command Modes Exec CommandsCommand Modes Configuration Commands Configuration Commands Mode Command PromptCommand Line Processing Keystroke FunctionCommand Groups Command Group Index255 Line Commands Line Command SyntaxLine Default SettingCommand Mode Syntax Line console vtyLogin Related CommandsSyntax Login local no login Syntax Password 0 7 password no password PasswordUsername 4-35 password No password is specifiedSyntax Exec-timeout seconds no exec-timeout Exec-timeoutLogin 4-16password-thresh4-19 CLI No timeout Telnet 10 minutesSyntax Password-thresh threshold no password-thresh Password-threshTo set the timeout to two minutes, enter this command Default value is three attemptsSilent-time Syntax Silent-time seconds no silent-timeSyntax Databits 7 8 no databits To specify 7 data bits, enter this commandDatabits Seven data bits per character Eight data bits per characterSyntax Parity none even odd no parity To specify no parity, enter this commandParity None No parity Even Even parity Odd Odd paritySyntax Speed bps no speed To specify 57600 bps, enter this commandSpeed AutoSyntax Stopbits 1 StopbitsDisconnect Syntax Disconnect session-idShow line Syntax Show line console vtyGeneral Commands General CommandsEnable Syntax Enable levelNormal Exec DisableDisable Enable password NoneConfigure Show historyThis command restarts the system ReloadThis command returns to Privileged Exec mode This command resets the entire systemThis example shows how to reset the switch EndQuit This command exits the configuration programExit AnySystem Management Commands This example shows how to quit a CLI sessionSystem Mangement Commands Prompt Device Designation CommandsDevice Designation Commands Syntax Prompt string no promptHostname User Access CommandsUser Access Commands Syntax Hostname name no hostnameUsername Enable password Default is level Default password is superIP Filter Commands 10. IP Filter CommandsManagement All addressesShow management Web Server Commands 11. Web Server CommandIp http port Default Setting Command ModeSyntax No ip http server Default Setting Ip http serverSyntax No ip http secure-server Default Setting Ip http secure-serverIp http port Copy tftp https-certificate Ip http secure-port4-44 Copy tftp https-certificate 443 Ip http secure-portPortnumber The UDP port used for HTTPS/SSL. Range Ip http secure-server4-42Secure Shell Commands 12. Secure Shell Commands12. Secure Shell Commands System Management Commands Syntax Ip ssh server no ip ssh server Default Setting DisabledIp ssh server Ip ssh crypto host-key generate 4-52 show ssh Ip ssh timeoutSyntax Ip ssh timeout seconds no ip ssh timeout SecondsIp ssh authentication-retries Exec-timeout4-18 show ip sshShow ip ssh Ip ssh server-key size Delete public-keySyntax Delete public-key username dsa rsa Dsa DSA key type Rsa RSA key type Ip ssh crypto host-key generateSyntax Ip ssh crypto host-key generate dsa rsa Generates both the DSA and RSA key pairsIp ssh crypto zeroize 4-53 ip ssh save host-key4-54 Use this command to clear the host key from memory i.e. RAMIp ssh crypto zeroize Syntax Ip ssh crypto zeroize dsa rsaIp ssh save host-key Show ip sshSyntax Ip ssh save host-key dsa rsa Show ssh 13. SSH InformationShow public-key Syntax Show public-key user username hostUsername Name of an SSH user. Range 1-8 characters Shows all public keys RSASyntax No logging on Default Setting Event Logging Commands14. Event Logging Commands Logging onLogging history Logging history 4-59 clear loggingSyntax No logging host hostipaddress Flash errors level 3 RAM warnings level 7Logging host Hostipaddress The IP address of a syslog serverLogging facility Syntax No logging facility typeSyntax Logging trap level no logging trap Logging trapClear logging Syntax Clear logging flash ramShow logging Show loggingSyntax Show logging flash ram sendmail trap Following example displays settings for the trap function Smtp Alert Commands 15. Smtp Alert CommandsShow logging sendmail Logging sendmail host Syntax No logging sendmail host ipaddressSyntax Logging sendmail level level Logging sendmail levelLogging sendmail source-email Syntax Logging sendmail source-email email-addressLogging sendmail destination-email Syntax No logging sendmail destination-email email-addressSyntax No logging sendmail Default Setting Logging sendmailShow logging sendmail Time Commands 16. Time CommandsSntp server Syntax Sntp server ip1 ip2 ip3Sntp poll 4-72 show sntp Sntp client Related CommandsSntp poll Syntax Sntp poll seconds no sntp pollDisabled Syntax No sntp broadcast client Default Setting Sntp broadcast clientShow sntp Clock timezone Show sntpShow calendar This command displays the system clockCalendar set SyntaxSystem Status Commands Show startup-config17. System Status Commands Command Usage Show running-config4-80 Show running-config Show startup-config4-77 This command displays system information Show systemShow users Show versionSyntax No jumbo frame Default Setting Frame Size Commands18. Frame Size Commands Jumbo frameFlash/File Commands 19. Flash/File CommandsCopy Command Usage Following example shows how to download a configuration file This command deletes a file or image Filename Name of the configuration file or image nameDelete Dir This command displays a list of files in flash memorySyntax Dir boot-rom config opcode filename Dir Delete public-key4-51Whichboot Following example shows how to display all file informationBoot system Syntax Boot system boot-romconfig opcode filenameDir 4-90 whichboot Authentication CommandsAuthentication Sequence 20. Authentication CommandsAuthentication login LocalRadius Client Username for setting the local user names and passwords22. Radius Client Commands Radius-server hostSyntax Radius-server port portnumber no radius-server port Radius-server port10.1.0.1 1812Radius-server key Radius-server retransmitSyntax Radius-server key keystring no radius-server key Radius-server timeout Show radius-serverTacacs-server host 23. TACACS+ Client CommandsTACACS+ Client Hostipaddress IP address of a TACACS+ serverTacacs-server port Syntax Tacacs-server port portnumber no tacacs-server portTacacs-server key Show tacacs-serverSyntax Tacacs-server key keystring no tacacs-server key Port Security Commands 24. Port Security CommandsPort security Status Disabled Action None Maximum Addresses Interface Configuration Ethernet802.1x Port Authentication 25 .1x Port Authentication CommandsAuthentication dot1x default Default Command Mode Dot1x defaultSyntax Dot1x default Command Mode Dot1x max-reqDot1x port-control DefaultInterface Configuration Force-authorizedDot1x operation-mode Dot1x re-authenticateSyntax Dot1x re-authenticate interface Ethernet unit/portSyntax No dot1x re-authentication Command Mode Dot1x re-authenticationDot1x timeout quiet-period Seconds The number of seconds. RangeDot1x timeout re-authperiod Dot1x timeout tx-periodShow dot1x Show dot1x statistics interface interfaceAuthenticator State Machine State- Current state including initialize, reauthenticate113 Access Control List Commands Access Control ListsAccess Control List Commands 27. IP ACL Commands Masks for Access Control Lists26. Access Control List Commands IP ACLsEXT-ACL Access-list ip Syntax No access-list ip standard extended aclnamePermit, deny Ip access-group4-129 show ip access-list4-123 Standard ACLAccess-list ip No permit deny tcpExtended ACL 122 Syntax Show ip access-list standard extended aclname Show ip access-listAccess-list ip mask-precedence Syntax No access-list ip mask-precedence in outMask IP ACL 4-125 ip access-group4-129 Syntax No mask protocol IP Mask126 127 Show access-list ip mask-precedence Syntax Show access-list ip mask-precedence in outIp access-group Syntax No ip access-group aclname in outMask IP ACL Show ip access-list4-123 Show ip access-groupMap access-list ip This command shows the ports assigned to IP ACLsQueue cos-map4-260 Show map access-list ip Show map access-list ip Syntax Show map access-list ip interfaceMap access-list ip Match access-list ip Match access-list ip Show markingShow marking 28. MAC ACL Commands MAC ACLsAccess-list mac Syntax No access-list mac aclnamePermit, deny MAC ACL Any host destination destination address-bitmaskMAC ACL This command displays the rules for configured MAC ACLs Show mac access-listAccess-list mac mask-precedence Syntax Show mac access-list aclnameMask MAC ACL 4-140 mac access-group4-144 Mask MAC ACLMAC Mask 142 Show access-list mac mask-precedence Syntax Show access-list mac mask-precedence in outThis example creates an Egress MAC ACL Mac access-group Syntax Mac access-group aclname in outShow mac access-list4-139 This command shows the ports assigned to MAC ACLs Show mac access-groupMap access-list mac Syntax No map access-list mac aclname cos cos-valueShow map access-list mac Queue cos-map4-260 Show map access-list macSyntax Show map access-list mac interface Match access-list mac Show access-list ACL Information29. ACL Information This command shows the port assignments of ACLs Snmp CommandsShow access-group 30. Snmp CommandsSnmp community Syntax Snmp community string rorw no snmp community stringSyntax Snmp contact string no snmp contact Snmp contactSnmp location Syntax Snmp-server location text no snmp-server locationSnmp host Host Address None Snmp VersionConsoleconfig#snmp-server host 10.1.19.23 batman Snmp enable traps Syntax No snmp enable traps authentication link-up-downIssue authentication and link-up-down traps This command checks the status of Snmp communications Show snmp156 DNS Commands 31. DNS CommandsIp host No static entriesThis example maps two address to a host name Syntax Clear host name Clear hostIp domain-name Syntax Ip domain-name name no ip domain-nameIp domain-list Syntax No ip domain-list nameIp domain-name4-159 Ip name-server Server-address1- IP address of domain-name serverSyntax No ip domain-lookup Default Setting Ip domain-lookupIp domain-name4-159 ip domain-lookup4-163 Show hosts Ip domain-name4-159 ip name-server4-162Show dns This command displays the configuration of the DNS serverThis command displays entries in the DNS cache Show dns cacheThis command clears all entries in the DNS cache Clear dns cache167 Interface Commands 32. Interface CommandsPort-channel channel-idRange InterfaceDescription Syntax Description string no descriptionInterface Configuration Ethernet, Port Channel Speed-duplexFollowing example adds a description to port Syntax No negotiation Default Setting NegotiationNegotiation 4 -170 capabilities 4 Following example configures port 11 to use autonegotiation Capabilities 4 -172speed-duplex 4Capabilities Flowcontrol Syntax No flowcontrol Default SettingFlow control enabled Negotiation 4 -170speed-duplex 4 -169 flowcontrol 4Combo-forced-mode Following example enables flow control on portSyntax Combo-forced-mode mode no combo-forced-mode Negotiation 4 Capabilities flowcontrol, symmetricFollowing example disables port Syntax No shutdown Default SettingAll interfaces are enabled ShutdownSwitchport broadcast packet-rate Clear counters This command clears statistics on an interfacePort-channel channel-idRange Default Setting Following example clears statistics on portSyntax Show interfaces status interface This command displays the status for an interfaceShow interfaces status Shows the status for all interfacesSyntax Show interfaces counters interface This command displays interface statisticsShow interfaces counters Shows the counters for all interfaces180 This example shows the configuration setting for port Show interfaces switchportSyntax Show interfaces switchport interface Shows all interfacesShows if acceptable Vlan frames include all types or Interface Configuration Ethernet, destination port Mirror Port Commands33. Mirror Port Commands Port monitorShow port monitor This command displays mirror informationUnit Switch unit Port Port number Syntax Show port monitor interfaceRate Limit Commands Following shows mirroring configured from port 6 to port34. Rate Limit Commands Rate-limit MbpsLink Aggregation Commands 35. Link Aggregation CommandsGuidelines for Creating Trunks General GuidelinesChannel-id- Trunk index Range Channel-groupSyntax Channel-group channel-idno channel-group Current port will be added to this trunkSyntax No lacp Default Setting Lacp191 Lacp system-priority 32768Lacp admin-keyEthernet Interface Lacp admin-key Port Channel Syntax Lacp admin-key key no lacp admin-keyInterface Configuration Port Channel Lacp port-priority This command displays Lacp information Show lacpPort Channel all 197 198 199 Address Table Commands 36. Adress Table Commands200 Mac-address- MAC address Mac-address-table static201 Vlan-id- Vlan ID Range202 Clear mac-address-table dynamicShow mac-address-table Mac-address- MAC address Mask Bits to match in the addressMac-address-table aging-time 203Show mac-address-table aging-time 204Spanning Tree Commands 37. Spanning Tree Commands205 206 Spanning tree is enabledSpanning-tree No spanning-treeSpanning-tree mode 207Rstp 208 Spanning-tree forward-time 209Spanning-tree hello-time Spanning-tree max-age210 Spanning-tree priority 211Spanning-tree pathcost method 212Long method Spanning-tree transmission-limit Spanning-tree mst-configurationThis command limits the maximum transmission rate for BPDUs 213MST Configuration Mst vlan214 Mst priority 215216 Switch’s MAC addressName Syntax Name nameRevision 4 Revision217 Syntax Revision numberMax-hops 218Name 4 Spanning-tree cost Spanning-tree spanning-disabledSyntax No spanning-tree spanning-disabled Default Setting 219Priority The priority for a port. Range 0-240, in steps Spanning-tree port-priority220 128221 Syntax No spanning-tree edge-port Default SettingSpanning-tree edge-port Spanning-tree cost 4222 Syntax No spanning-tree portfast Default SettingSpanning-tree portfast Spanning-tree portfast 4Spanning-tree link-type 223Spanning-treeedge-port 4 Spanning-tree mst cost 224225 Spanning-tree mst port-priority 4Spanning-tree mst port-priority 226Spanning-tree mst cost 4 227 Port-channel channel-idRange Command ModeSpanning-tree protocol-migration Syntax Spanning-tree protocol-migration interfaceShow spanning-tree 228Syntax Show spanning-tree interface mst instanceid 229 Syntax Show spanning-tree mst configuration Command Mode Show spanning-tree mst configurationThis command shows the multiple spanning tree configuration 230Editing Vlan Groups Vlan Commands38. Vlan Commands 231232 Vlan databaseShow vlan 4 233 By default only Vlan 1 exists and is activeVlan Database Configuration VlanConfiguring Vlan Interfaces 40. Configuring Vlan Interfaces234 Syntax Interface vlan vlan-id 235Interface vlan Shutdown 4All ports are in hybrid mode with the Pvid set to Vlan Switchport modeSyntax Switchport mode trunk hybrid no switchport mode Switchport acceptable-frame-types 4237 Switchport acceptable-frame-typesSwitchport mode 4 All frame typesSwitchport ingress-filtering Syntax No switchport ingress-filtering Default Setting238 Switchport native vlan 239Switchport allowed vlan 240Switchport forbidden vlan 241No VLANs are included in the forbidden list Show vlan Displaying Vlan Information242 41. Displaying Vlan InformationFollowing example shows how to display information for Vlan 42. Protocol-based Vlan Commands243 Protocol-vlan protocol-group Configuring Groups No protocol groups are configured244 Protocol-vlan protocol-group Configuring Interfaces 245No protocol groups are mapped for any interface Syntax Show protocol-vlan protocol-group group-id 246Show protocol-vlan protocol-group Group-id- Group identifier for a protocol group. RangeShow interfaces protocol-vlan protocol-group This shows protocol group 1 configured for IP over Ethernet247 Mapping for all interfaces is displayedPvlan 43. Private Vlan Commands248 No private VLANs are definedThis command displays the configured private Vlan 249Show pvlan Syntax No bridge-ext gvrp Default Setting Gvrp and Bridge Extension Commands44. Gvrp and Bridge Extension Commands 250251 Show bridge-extSyntax No switchport gvrp Default Setting Switchport gvrpShow gvrp configuration Syntax Show gvrp configuration interfaceGarp timer 253Syntax Show garp timer interface Show garp timerShow garp timer 4 Shows all Garp timers45. Priority Commands Priority CommandsGarp timer 4 25546. Priority Commands Layer Priority Commands LayerSwitchport priority default 256257 Weighted Round Robin Queue modeSyntax Queue mode strict wrr no queue mode 258259 Queue bandwidthShow queue bandwidth 4 260 Queue cos-map261 Show queue modeThis command shows the current queue mode Show queue cos-map 4Show queue bandwidth This command shows the class of service priority map262 Show queue cos-mapPriority Commands Layer 3 47. Priority Commands Layer 3263 Syntax Map ip port no map ip port Default Setting 264Syntax No map ip precedence Default Setting 265List below shows the default priority mapping 266Syntax No map ip dscp Default Setting 267Map ip dscp Interface Configuration 268Show map ip port Use this command to show the IP port priority map269 Syntax Show map ip port interfaceShow map ip precedence This command shows the IP precedence priority map270 Syntax Show map ip precedence interfaceShow map ip dscp This command shows the IP Dscp priority map271 Syntax Show map ip dscp interface48. Multicast Filtering Commands Multicast Filtering CommandsIgmp Snooping Commands 49. Igmp Snooping CommandsIp igmp snooping Following example enables Igmp snooping273 No ip igmp snooping274 Ip igmp snooping vlan staticIp igmp snooping version Following configures the switch to use Igmp Version275 Igmp Version276 Show ip igmp snoopingShow mac-address-table multicast Igmp Query Commands Layer 50. Igmp Query Commands Layer277 Ip igmp snooping querier Syntax No ip igmp snooping querier Default Setting278 Ip igmp snooping query-countIp igmp snooping query-interval Following shows how to configure the query count to279 Ip igmp snooping query-max-response-time 4Seconds The report delay advertised in Igmp queries. Range 280Ip igmp snooping query-max-response-time Switch must use IGMPv2 for this command to take effect 281Ip igmp snooping router-port-expire-time 282 Static Multicast Routing Commands51. Static Multicast Routing Commands Ip igmp snooping vlan mrouterShow ip igmp snooping mrouter Displays multicast router ports for all configured VLANs283 Syntax Show ip igmp snooping mrouter vlan vlan-id52. Basic IP Configuration commands IP Interface CommandsBasic IP Configuration 284Ip address Interface Configuration Vlan285 IP address NetmaskIp dhcp restart This command submits a Bootp or Dhcp client request286 Ip dhcp restart 4Ip default-gateway Syntax Ip default-gateway gateway no ip default-gateway287 288 Show ip interfaceShow ip redirects Ping This command has no default for the host289 Syntax Ping host count countsize size290 Interface 4291 Dhcp Client Port Configuration Software FeaturesAuthentication Flow ControlPort Mirroring Class of ServiceAdditional Features Rate LimitsIn-Band Management Management FeaturesStandards Out-of-Band ManagementManagement Information Bases Appendix B Troubleshooting Table B-1. Troubleshooting ChartTroubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Virtual LAN Vlan Glossary-8User Datagram Protocol UDP XModemNumerics Index-1Index-2 IgmpIndex-3 Snmp SnmpIndex-4 Page For Technical SUPPORT, Call