Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks SMC8624/48T manual Port Security Commands, Port security

Models: SMC8624/48T

1 556

Download 556 pages 10.96 Kb

Page 346

COMMAND LINE INTERFACE

Port Security Commands

These commands can be used to disable the learning function or manually specify secure addresses for a port. You may want to leave port security off for an initial training period (i.e., enable the learning function) to register all the current VLAN members on the selected port, and then enable port security to ensure that the port will drop any incoming frames with a source MAC address that is unknown or has been previously learned from another port.

Table 4-24. Port Security Commands

Command	Function	Mode	Page
port security	Configures a secure port	IC	4-102

mac-address-table static	Maps a static address to a port in a	GC	4-201
	VLAN

show mac-address-table	Displays entries in the	PE	4-202
	bridge-forwarding database

port security

This command enables or configures port security. Use the no form without any keywords to disable port security. Use the no form with the appropriate keyword to restore the default settings for a response to security violation or for the maximum number of allowed addresses.

Syntax

port security [action {shutdown trap trap-and-shutdown} max-mac-count address-count]

no port security [action max-mac-count]

•action - Response to take when port security is violated.

•shutdown - Disable port only.

•trap - Issue SNMP trap message only.

•trap-and-shutdown- Issue SNMP trap message and disable port.

•max-mac-count

•address-count- The maximum number of MAC addresses that can be learned on a port. (Range: 0 - 20)

4-102

Image 346

SMC Networks SMC8624/48T manual Port Security Commands, Port security

Contents

TigerSwitch 10/100/1000 Page TigerSwitch 10/100/1000 Management Guide Trademarks Limited Warranty Limited Warranty Contents Contents Contents Command Line Interface Vii Viii Contents Contents Contents Xii Xiii Xiv Contents Tables XviXvii Figures XviiiXix 61. Displaying Vlan Information by Port MembershipFigures Key Features Key FeaturesDescription of Software Features Description of Software Features Introduction Description of Software Features Introduction System Defaults System DefaultsSystem Defaults Dhcp Introduction Connecting to the Switch Configuration OptionsRequired Connections Connecting to the Switch Remote Connections Basic ConfigurationConsole Connection Setting Passwords Setting an IP Address Manual ConfigurationDynamic Configuration Initial Configuration Enabling Snmp Management Access Community StringsInitial Configuration Saving Configuration Settings Trap ReceiversManaging System Files Managing System Files Initial Configuration Configuring the Switch Using the Web InterfaceConfiguring the Switch Navigating the Web Browser Interface HomeConfiguration Options Panel DisplayMain Menu Main MenuACL Lacp STA 141 Vlan ID DNS Displaying System Information Field AttributesSystem Information CLI Specify the hostname, location and contact informationMain Board Displaying Switch Hardware/Software VersionsManagement Software Web Click System, Switch Information Switch InformationDisplaying Bridge Extension Capabilities CLI Enter the following command Setting the Switch’s IP AddressWeb Click System, Bridge Extension Command Attributes Manual IP Configuration Using DHCP/BOOTP Dhcp IP Configuration288 Managing Firmware Downloading System Software from a ServerOperation Code Image File Transfer Saving or Restoring Configuration Settings Downloading Configuration Settings from a Server 10. Downloading Configuration Settings from a ServerResetting the System CLI Use the reload command to restart the switchSetting the System Clock Configuring Sntp13. Sntp Configuration Setting the Time Zone 14. Setting the Time ZoneSetting Community Access Strings Simple Network Management ProtocolAccess Mode Specifying Trap Managers and Trap Types16. Specifying Trap Managers and Trap Types User Authentication Configuring the Logon PasswordConfiguring Local/Remote Logon Authentication 17. Configuring the Logon PasswordCommand Usage Radius Settings Tacacs Settings 18. Setting Local, Radius and Tacacs AuthenticationConfiguring Https 19. Https Settings Https SupportReplacing the Default Secure-site Certificate Configuring the Secure Shell Configuring the Switch Generating the Host Key Pair Field Attributes 20. SSH Host-Key Settings Configuring the SSH Server SSH server includes basic settings for authentication21. SSH Server Settings Configuring Port Security Command Usage 22. Configuring Port Security Configuring 802.1x Port Authentication Displaying 802.1x Global Settings 802.1x client Radius server23 .1x Information 111 Configuring 802.1x Global Settings Configuring Port Authorization Mode 24 .1x Configuration25 .1x Port Configuration AuthorizedStatistical Values Displaying 802.1x Statistics1x Statistics 26 .1x Statistics Configuring Access Control Lists Access Control ListsCLI This example displays the 802.1x statistics for port Setting the ACL Name and Type 27. Naming and Choosing ACLs CLI This example creates a standard IP ACL named billConfiguring a Standard IP ACL Command Attributes 28. Configuring Standard IP ACLsConfiguring an Extended IP ACL Command Attributes Access Control Lists 29. Configuring Extended IP ACLs Configuring a MAC ACL Command Attributes 120Command Usage 30. Configuring MAC ACLs Command Usage Configuring ACL MasksSpecifying the Mask Type Configuring an IP ACL Mask This mask defines the fields to check in the IP headerConfiguring the Switch 32. Configuring an IP based ACL Configuring a MAC ACL Mask This mask defines the fields to check in the packet header33. Configuring a MAC based ACL Binding a Port to an Access Control List 14834. Mapping ACLs to Port Ingress/Egress Queues Filtering Management Access 35. Filtering Management Access Displaying Connection Status Port ConfigurationField Attributes Web Field Attributes CLI Web Click Port, Port Information or Trunk InformationCurrent status CLI This example shows the connection status for Port 178Configuring Interface Connections Port Configuration 37. Configuring Port Attributes Creating Trunk GroupsCommand Usage Statically Configuring a Trunk Command Usage 38. Static Trunk ConfigurationEnabling Lacp on Selected Ports Command Usage 18939. Lacp Port Configuratio 190 Command Attributes 40. Lacp Aggregation Port Configuration You can display statistics for Lacp protocol messages Displaying Lacp Port CountersCounter Information Lacp Port Counter Information41. Displaying Lacp Port Counters Information Internal Configuration Information Displaying Lacp Settings and Status for the Local SideLacp Settings Link Passive 1 Active 42. Displaying Lacp Port Information Neighbor Configuration Information Displaying Lacp Settings and Status for the Remote SideLacp Remote Side Settings 100 43. Displaying Remote Lacp Port InformationSetting Broadcast Storm Thresholds 101102 44. Enabling Port Broadcast ControlConfiguring Port Mirroring 103Configuring Rate Limits 104Command Attribute 105Showing Port Statistics 106107 Port Statistics108 109 Rmon Statistics110 47. Displaying Port Statistics111 48. Displaying Etherlike and Rmon Statistics112 Address Table SettingsSetting Static Addresses CLI This example shows statistics for port113 49. Mapping Ports to Static AddressesDisplaying the Address Table 114115 Changing the Aging TimeCLI This example sets the aging time to 400 seconds Spanning Tree Algorithm Configuration 116Displaying Global Settings 117118 119 120 52. Displaying the Spanning Tree AlgorithmGlobal settings apply to the entire switch Configuring Global Settings121 Basic Configuration of Global Settings 122Root Device Configuration 123Configuration Settings for Rstp 12453. Configuring the Spanning Tree Algorithm 125Displaying Interface Settings 126127 Rules defining port status are128 AD B129 130 Configuring Interface SettingsCLI This example shows the STA attributes for port 131 132 133 Configuring Multiple Spanning TreesCLI This example sets STA attributes for port 134 135 Vlan ID Vlan to assign to this selected MST instance. Range136 Displaying Interface Settings for Mstp 137138 Configuring Interface Settings for Mstp 13958. Mstp Port Configuration 140141 Vlan ConfigurationOverview CLI This example sets the Mstp attributes for port142 Assigning Ports to VLANs143 144 145 Forwarding Tagged/Untagged FramesDisplaying Basic Vlan Information Enabling or Disabling Gvrp Global SettingCLI This example enables Gvrp for the switch 146147 Command Attributes WebDisplaying Current VLANs Web Click VLAN, 802.1Q VLAN, Basic InformationCommand Attributes CLI 148Creating VLANs 149150 CLI This example creates a new VlanAdding Static Members to VLANs Vlan Index 15163. Configuring Vlan Port Attributes 152Adding Static Members to VLANs Port Index 153Configuring Vlan Behavior for Interfaces 154155 156 65. Configuring Vlan Ports 157158 Configuring Private VLANsCLI This example enables private VLANs Enabling Private VLANsConfiguring Uplink and Downlink Ports Configuring Protocol-Based VLANs159 160 Configuring Protocol GroupsCreate a protocol group for one or more protocols 161 Mapping Protocols to VLANs162 69. Mapping Protocols to VLANsSetting the Default Priority for Interfaces Class of Service Configuration163 CLI This example assigns a default priority of 5 to port 164Egress Queue Priority Mapping Mapping CoS Values to Egress Queues165 10. CoS Priority Levels71. Configuring Ports and Trunks for Class of Service 166Selecting the Queue Mode 167Setting the Service Weight for Traffic Classes 168Mapping Layer 3/4 Priorities to CoS Values 169Selecting IP Precedence/DSCP Priority 170171 Mapping IP Precedence11. IP Precedence Prioruty 75. Mapping IP Precedence to Class of Service Values 172Mapping Dscp Priority 17376. Mapping IP Dscp Priority to Class of Service Values 174Mapping IP Port Priority 175176 78. IP Port Priority Mapping177 Mapping CoS Values to ACLs13. CoS to ACL Mapping Changing Priorities Based on ACL Rules 178179 180 79. Changing Priorities Based on ACL RulesMulticast Filtering 181Layer 2 Igmp Snooping and Query Configuring Igmp Snooping and Query Parameters182 183 80. Configuring Internet Group Management Protocol 184185 Command AttributesDisplaying Interfaces Attached to a Multicast Router 186 Specifying Static Interfaces for a Multicast RouterDisplaying Port Members of Multicast Services 187Assigning Ports to Multicast Services 188189 84. Specifying Multicast Port MembershipConfiguring General DNS Server Parameters Configuring Domain Name Service190 191 85. Configuring DNS 192Configuring Static DNS Host to Address Entries 193194 86. Mapping IP Addresses to a Host NameDisplaying the DNS Cache 195196 Web Select DNS, CacheUsing the Command Line Interface Accessing the CLITelnet Connection Using the Command Line Interface Keywords and Arguments Entering CommandsThis section describes how to enter CLI commands Minimum AbbreviationCommand Completion Getting Help on CommandsShowing Commands Using Command History Negating the Effect of CommandsPartial Keyword Lookup Exec Commands Understanding Command ModesCommand Modes Configuration Commands Configuration Commands Mode Command PromptCommand Line Processing Keystroke FunctionCommand Groups Command Group Index255 Line Commands Line Command SyntaxLine Default SettingCommand Mode Syntax Line console vtyRelated Commands LoginSyntax Login local no login Syntax Password 0 7 password no password PasswordUsername 4-35 password No password is specifiedSyntax Exec-timeout seconds no exec-timeout Exec-timeoutLogin 4-16password-thresh4-19 CLI No timeout Telnet 10 minutesSyntax Password-thresh threshold no password-thresh Password-threshTo set the timeout to two minutes, enter this command Default value is three attemptsSilent-time Syntax Silent-time seconds no silent-timeSyntax Databits 7 8 no databits To specify 7 data bits, enter this commandDatabits Seven data bits per character Eight data bits per characterSyntax Parity none even odd no parity To specify no parity, enter this commandParity None No parity Even Even parity Odd Odd paritySyntax Speed bps no speed To specify 57600 bps, enter this commandSpeed AutoSyntax Stopbits 1 StopbitsDisconnect Syntax Disconnect session-idShow line Syntax Show line console vtyGeneral Commands General CommandsEnable Syntax Enable levelNormal Exec DisableDisable Enable password NoneConfigure Show historyThis command restarts the system ReloadThis command returns to Privileged Exec mode This command resets the entire systemThis example shows how to reset the switch EndQuit This command exits the configuration programExit AnyThis example shows how to quit a CLI session System Management CommandsSystem Mangement Commands Prompt Device Designation CommandsDevice Designation Commands Syntax Prompt string no promptHostname User Access CommandsUser Access Commands Syntax Hostname name no hostnameUsername Enable password Default is level Default password is superIP Filter Commands 10. IP Filter CommandsManagement All addressesShow management Web Server Commands 11. Web Server CommandIp http port Default Setting Command ModeSyntax No ip http server Default Setting Ip http serverIp http secure-server Syntax No ip http secure-server Default SettingIp http port Copy tftp https-certificate Ip http secure-port4-44 Copy tftp https-certificate 443 Ip http secure-portPortnumber The UDP port used for HTTPS/SSL. Range Ip http secure-server4-42Secure Shell Commands 12. Secure Shell Commands12. Secure Shell Commands System Management Commands Disabled Syntax Ip ssh server no ip ssh server Default SettingIp ssh server Ip ssh crypto host-key generate 4-52 show ssh Ip ssh timeoutSyntax Ip ssh timeout seconds no ip ssh timeout SecondsExec-timeout4-18 show ip ssh Ip ssh authentication-retriesShow ip ssh Delete public-key Ip ssh server-key sizeSyntax Delete public-key username dsa rsa Dsa DSA key type Rsa RSA key type Ip ssh crypto host-key generateSyntax Ip ssh crypto host-key generate dsa rsa Generates both the DSA and RSA key pairsIp ssh crypto zeroize 4-53 ip ssh save host-key4-54 Use this command to clear the host key from memory i.e. RAMIp ssh crypto zeroize Syntax Ip ssh crypto zeroize dsa rsaShow ip ssh Ip ssh save host-keySyntax Ip ssh save host-key dsa rsa Show ssh 13. SSH InformationSyntax Show public-key user username host Show public-keyUsername Name of an SSH user. Range 1-8 characters Shows all public keys RSASyntax No logging on Default Setting Event Logging Commands14. Event Logging Commands Logging onLogging history Logging history 4-59 clear loggingSyntax No logging host hostipaddress Flash errors level 3 RAM warnings level 7Logging host Hostipaddress The IP address of a syslog serverLogging facility Syntax No logging facility typeSyntax Logging trap level no logging trap Logging trapClear logging Syntax Clear logging flash ramShow logging Show loggingSyntax Show logging flash ram sendmail trap Following example displays settings for the trap function 15. Smtp Alert Commands Smtp Alert CommandsShow logging sendmail Logging sendmail host Syntax No logging sendmail host ipaddressSyntax Logging sendmail level level Logging sendmail levelLogging sendmail source-email Syntax Logging sendmail source-email email-addressLogging sendmail destination-email Syntax No logging sendmail destination-email email-addressLogging sendmail Syntax No logging sendmail Default SettingShow logging sendmail Time Commands 16. Time CommandsSyntax Sntp server ip1 ip2 ip3 Sntp serverSntp poll 4-72 show sntp Sntp client Related CommandsSntp poll Syntax Sntp poll seconds no sntp pollDisabled Sntp broadcast client Syntax No sntp broadcast client Default SettingShow sntp Clock timezone Show sntpShow calendar This command displays the system clockCalendar set SyntaxShow startup-config System Status Commands17. System Status Commands Command Usage Show running-config4-80 Show running-config Show startup-config4-77 This command displays system information Show systemShow users Show versionSyntax No jumbo frame Default Setting Frame Size Commands18. Frame Size Commands Jumbo frameFlash/File Commands 19. Flash/File CommandsCopy Command Usage Following example shows how to download a configuration file Filename Name of the configuration file or image name This command deletes a file or imageDelete Dir This command displays a list of files in flash memorySyntax Dir boot-rom config opcode filename Dir Delete public-key4-51Whichboot Following example shows how to display all file informationBoot system Syntax Boot system boot-romconfig opcode filenameDir 4-90 whichboot Authentication CommandsAuthentication Sequence 20. Authentication CommandsAuthentication login LocalRadius Client Username for setting the local user names and passwords22. Radius Client Commands Radius-server hostSyntax Radius-server port portnumber no radius-server port Radius-server port10.1.0.1 1812Radius-server retransmit Radius-server keySyntax Radius-server key keystring no radius-server key Radius-server timeout Show radius-serverTacacs-server host 23. TACACS+ Client CommandsTACACS+ Client Hostipaddress IP address of a TACACS+ serverTacacs-server port Syntax Tacacs-server port portnumber no tacacs-server portShow tacacs-server Tacacs-server keySyntax Tacacs-server key keystring no tacacs-server key 24. Port Security Commands Port Security CommandsPort security Status Disabled Action None Maximum Addresses Interface Configuration Ethernet802.1x Port Authentication 25 .1x Port Authentication CommandsAuthentication dot1x default Default Command Mode Dot1x defaultSyntax Dot1x default Command Mode Dot1x max-reqDot1x port-control DefaultInterface Configuration Force-authorizedDot1x operation-mode Dot1x re-authenticateSyntax Dot1x re-authenticate interface Ethernet unit/portSyntax No dot1x re-authentication Command Mode Dot1x re-authenticationDot1x timeout quiet-period Seconds The number of seconds. RangeDot1x timeout re-authperiod Dot1x timeout tx-periodShow dot1x Show dot1x statistics interface interfaceAuthenticator State Machine State- Current state including initialize, reauthenticate113 Access Control List Commands Access Control ListsAccess Control List Commands 27. IP ACL Commands Masks for Access Control Lists26. Access Control List Commands IP ACLsEXT-ACL Access-list ip Syntax No access-list ip standard extended aclnamePermit, deny Ip access-group4-129 show ip access-list4-123 Standard ACLAccess-list ip No permit deny tcpExtended ACL 122 Syntax Show ip access-list standard extended aclname Show ip access-listAccess-list ip mask-precedence Syntax No access-list ip mask-precedence in outMask IP ACL 4-125 ip access-group4-129 Syntax No mask protocol IP Mask126 127 Show access-list ip mask-precedence Syntax Show access-list ip mask-precedence in outSyntax No ip access-group aclname in out Ip access-groupMask IP ACL Show ip access-list4-123 Show ip access-groupMap access-list ip This command shows the ports assigned to IP ACLsQueue cos-map4-260 Show map access-list ip Syntax Show map access-list ip interface Show map access-list ipMap access-list ip Match access-list ip Show marking Match access-list ipShow marking 28. MAC ACL Commands MAC ACLsAccess-list mac Syntax No access-list mac aclnamePermit, deny MAC ACL Any host destination destination address-bitmaskMAC ACL This command displays the rules for configured MAC ACLs Show mac access-listAccess-list mac mask-precedence Syntax Show mac access-list aclnameMask MAC ACL 4-140 mac access-group4-144 Mask MAC ACLMAC Mask 142 Syntax Show access-list mac mask-precedence in out Show access-list mac mask-precedenceThis example creates an Egress MAC ACL Syntax Mac access-group aclname in out Mac access-groupShow mac access-list4-139 This command shows the ports assigned to MAC ACLs Show mac access-groupMap access-list mac Syntax No map access-list mac aclname cos cos-valueQueue cos-map4-260 Show map access-list mac Show map access-list macSyntax Show map access-list mac interface Match access-list mac ACL Information Show access-list29. ACL Information This command shows the port assignments of ACLs Snmp CommandsShow access-group 30. Snmp CommandsSnmp community Syntax Snmp community string rorw no snmp community stringSyntax Snmp contact string no snmp contact Snmp contactSnmp location Syntax Snmp-server location text no snmp-server locationSnmp host Host Address None Snmp VersionConsoleconfig#snmp-server host 10.1.19.23 batman Syntax No snmp enable traps authentication link-up-down Snmp enable trapsIssue authentication and link-up-down traps This command checks the status of Snmp communications Show snmp156 DNS Commands 31. DNS CommandsNo static entries Ip hostThis example maps two address to a host name Syntax Clear host name Clear hostIp domain-name Syntax Ip domain-name name no ip domain-nameIp domain-list Syntax No ip domain-list nameIp domain-name4-159 Ip name-server Server-address1- IP address of domain-name serverIp domain-lookup Syntax No ip domain-lookup Default SettingIp domain-name4-159 ip domain-lookup4-163 Show hosts Ip domain-name4-159 ip name-server4-162Show dns This command displays the configuration of the DNS serverThis command displays entries in the DNS cache Show dns cacheThis command clears all entries in the DNS cache Clear dns cache167 Interface Commands 32. Interface CommandsPort-channel channel-idRange InterfaceDescription Syntax Description string no descriptionSpeed-duplex Interface Configuration Ethernet, Port ChannelFollowing example adds a description to port Negotiation Syntax No negotiation Default SettingNegotiation 4 -170 capabilities 4 Following example configures port 11 to use autonegotiation Capabilities 4 -172speed-duplex 4Capabilities Flowcontrol Syntax No flowcontrol Default SettingFlow control enabled Negotiation 4 -170speed-duplex 4 -169 flowcontrol 4Combo-forced-mode Following example enables flow control on portSyntax Combo-forced-mode mode no combo-forced-mode Negotiation 4 Capabilities flowcontrol, symmetricFollowing example disables port Syntax No shutdown Default SettingAll interfaces are enabled ShutdownSwitchport broadcast packet-rate Clear counters This command clears statistics on an interfacePort-channel channel-idRange Default Setting Following example clears statistics on portSyntax Show interfaces status interface This command displays the status for an interfaceShow interfaces status Shows the status for all interfacesSyntax Show interfaces counters interface This command displays interface statisticsShow interfaces counters Shows the counters for all interfaces180 This example shows the configuration setting for port Show interfaces switchportSyntax Show interfaces switchport interface Shows all interfacesShows if acceptable Vlan frames include all types or Interface Configuration Ethernet, destination port Mirror Port Commands33. Mirror Port Commands Port monitorShow port monitor This command displays mirror informationUnit Switch unit Port Port number Syntax Show port monitor interfaceFollowing shows mirroring configured from port 6 to port Rate Limit Commands34. Rate Limit Commands Rate-limit MbpsLink Aggregation Commands 35. Link Aggregation CommandsGuidelines for Creating Trunks General GuidelinesChannel-id- Trunk index Range Channel-groupSyntax Channel-group channel-idno channel-group Current port will be added to this trunkSyntax No lacp Default Setting Lacp191 Lacp system-priority 32768Lacp admin-keyEthernet Interface Syntax Lacp admin-key key no lacp admin-key Lacp admin-key Port ChannelInterface Configuration Port Channel Lacp port-priority Show lacp This command displays Lacp informationPort Channel all 197 198 199 36. Adress Table Commands Address Table Commands200 Mac-address- MAC address Mac-address-table static201 Vlan-id- Vlan ID Range202 Clear mac-address-table dynamicShow mac-address-table Mac-address- MAC address Mask Bits to match in the addressMac-address-table aging-time 203Show mac-address-table aging-time 20437. Spanning Tree Commands Spanning Tree Commands205 206 Spanning tree is enabledSpanning-tree No spanning-tree207 Spanning-tree modeRstp 208 Spanning-tree forward-time 209Spanning-tree max-age Spanning-tree hello-time210 Spanning-tree priority 211212 Spanning-tree pathcost methodLong method Spanning-tree transmission-limit Spanning-tree mst-configurationThis command limits the maximum transmission rate for BPDUs 213Mst vlan MST Configuration214 Mst priority 215216 Switch’s MAC addressName Syntax Name nameRevision 4 Revision217 Syntax Revision number218 Max-hopsName 4 Spanning-tree cost Spanning-tree spanning-disabledSyntax No spanning-tree spanning-disabled Default Setting 219Priority The priority for a port. Range 0-240, in steps Spanning-tree port-priority220 128221 Syntax No spanning-tree edge-port Default SettingSpanning-tree edge-port Spanning-tree cost 4222 Syntax No spanning-tree portfast Default SettingSpanning-tree portfast Spanning-tree portfast 4223 Spanning-tree link-typeSpanning-treeedge-port 4 Spanning-tree mst cost 224225 Spanning-tree mst port-priority 4226 Spanning-tree mst port-prioritySpanning-tree mst cost 4 227 Port-channel channel-idRange Command ModeSpanning-tree protocol-migration Syntax Spanning-tree protocol-migration interface228 Show spanning-treeSyntax Show spanning-tree interface mst instanceid 229 Syntax Show spanning-tree mst configuration Command Mode Show spanning-tree mst configurationThis command shows the multiple spanning tree configuration 230Editing Vlan Groups Vlan Commands38. Vlan Commands 231Vlan database 232Show vlan 4 233 By default only Vlan 1 exists and is activeVlan Database Configuration Vlan40. Configuring Vlan Interfaces Configuring Vlan Interfaces234 Syntax Interface vlan vlan-id 235Interface vlan Shutdown 4All ports are in hybrid mode with the Pvid set to Vlan Switchport modeSyntax Switchport mode trunk hybrid no switchport mode Switchport acceptable-frame-types 4237 Switchport acceptable-frame-typesSwitchport mode 4 All frame typesSyntax No switchport ingress-filtering Default Setting Switchport ingress-filtering238 Switchport native vlan 239Switchport allowed vlan 240241 Switchport forbidden vlanNo VLANs are included in the forbidden list Show vlan Displaying Vlan Information242 41. Displaying Vlan Information42. Protocol-based Vlan Commands Following example shows how to display information for Vlan243 No protocol groups are configured Protocol-vlan protocol-group Configuring Groups244 245 Protocol-vlan protocol-group Configuring InterfacesNo protocol groups are mapped for any interface Syntax Show protocol-vlan protocol-group group-id 246Show protocol-vlan protocol-group Group-id- Group identifier for a protocol group. RangeShow interfaces protocol-vlan protocol-group This shows protocol group 1 configured for IP over Ethernet247 Mapping for all interfaces is displayedPvlan 43. Private Vlan Commands248 No private VLANs are defined249 This command displays the configured private VlanShow pvlan Syntax No bridge-ext gvrp Default Setting Gvrp and Bridge Extension Commands44. Gvrp and Bridge Extension Commands 250251 Show bridge-extSyntax No switchport gvrp Default Setting Switchport gvrpShow gvrp configuration Syntax Show gvrp configuration interfaceGarp timer 253Syntax Show garp timer interface Show garp timerShow garp timer 4 Shows all Garp timers45. Priority Commands Priority CommandsGarp timer 4 25546. Priority Commands Layer Priority Commands LayerSwitchport priority default 256257 Weighted Round Robin Queue modeSyntax Queue mode strict wrr no queue mode 258Queue bandwidth 259Show queue bandwidth 4 260 Queue cos-map261 Show queue modeThis command shows the current queue mode Show queue cos-map 4Show queue bandwidth This command shows the class of service priority map262 Show queue cos-map47. Priority Commands Layer 3 Priority Commands Layer 3263 Syntax Map ip port no map ip port Default Setting 264Syntax No map ip precedence Default Setting 265List below shows the default priority mapping 266Syntax No map ip dscp Default Setting 267Map ip dscp Interface Configuration 268Show map ip port Use this command to show the IP port priority map269 Syntax Show map ip port interfaceShow map ip precedence This command shows the IP precedence priority map270 Syntax Show map ip precedence interfaceShow map ip dscp This command shows the IP Dscp priority map271 Syntax Show map ip dscp interface48. Multicast Filtering Commands Multicast Filtering CommandsIgmp Snooping Commands 49. Igmp Snooping CommandsIp igmp snooping Following example enables Igmp snooping273 No ip igmp snooping274 Ip igmp snooping vlan staticIp igmp snooping version Following configures the switch to use Igmp Version275 Igmp VersionShow ip igmp snooping 276Show mac-address-table multicast 50. Igmp Query Commands Layer Igmp Query Commands Layer277 Ip igmp snooping querier Syntax No ip igmp snooping querier Default Setting278 Ip igmp snooping query-countIp igmp snooping query-interval Following shows how to configure the query count to279 Ip igmp snooping query-max-response-time 4280 Seconds The report delay advertised in Igmp queries. RangeIp igmp snooping query-max-response-time 281 Switch must use IGMPv2 for this command to take effectIp igmp snooping router-port-expire-time 282 Static Multicast Routing Commands51. Static Multicast Routing Commands Ip igmp snooping vlan mrouterShow ip igmp snooping mrouter Displays multicast router ports for all configured VLANs283 Syntax Show ip igmp snooping mrouter vlan vlan-id52. Basic IP Configuration commands IP Interface CommandsBasic IP Configuration 284Ip address Interface Configuration Vlan285 IP address NetmaskIp dhcp restart This command submits a Bootp or Dhcp client request286 Ip dhcp restart 4Syntax Ip default-gateway gateway no ip default-gateway Ip default-gateway287 Show ip interface 288Show ip redirects Ping This command has no default for the host289 Syntax Ping host count countsize size290 Interface 4291 Dhcp Client Port Configuration Software FeaturesAuthentication Flow ControlPort Mirroring Class of ServiceAdditional Features Rate LimitsIn-Band Management Management FeaturesStandards Out-of-Band ManagementManagement Information Bases Appendix B Troubleshooting Table B-1. Troubleshooting ChartTroubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 Virtual LAN Vlan Glossary-8User Datagram Protocol UDP XModemNumerics Index-1Index-2 IgmpIndex-3 Snmp SnmpIndex-4 Page For Technical SUPPORT, Call