Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks SMC8624/48T manual Command Usage

Models: SMC8624/48T

1 556

Download 556 pages 10.96 Kb

Page 83

USER AUTHENTICATION

Remote Authentication Dial-in User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) are logon authentication protocols that use software running on a central server to control access to RADIUS-aware or TACACS -aware devices on the network. An authentication server contains a database of multiple user name/password pairs with associated privilege levels for each user that requires management access to the switch.

RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a connection-oriented transport. Also, note that RADIUS encrypts only the password in the access-request packet from the client to the server, while TACACS+ encrypts the entire body of the packet.

Command Usage

•By default, management access is always checked against the authentication database stored on the local switch. If a remote authentication server is used, you must specify the authentication sequence and the corresponding parameters for the remote authentication protocol. Local and remote logon authentication control management access via the console port, web browser, or Telnet.

•RADIUS and TACACS+ logon authentication assign a specific privilege level for each user name/password pair. The user name, password, and privilege level must be configured on the authentication server.

•You can specify up to three authentication methods for any user to indicate the authentication sequence. For example, if you select (1) RADIUS, (2) TACACS and (3) Local, the user name and password on the RADIUS server is verified first. If the RADIUS server is not available, then authentication is attempted using the TACACS+ server, and finally the local user name and password is checked.

3-35

Image 83

SMC Networks SMC8624/48T manual Command Usage

Contents

TigerSwitch 10/100/1000 Page TigerSwitch 10/100/1000 Management Guide Trademarks Limited Warranty Limited Warranty Contents Contents Contents Command Line Interface Vii Viii Contents Contents Contents Xii Xiii Xiv Contents Xvi TablesXvii Xviii Figures61. Displaying Vlan Information by Port Membership XixFigures Key Features Key FeaturesDescription of Software Features Description of Software Features Introduction Description of Software Features Introduction System Defaults System DefaultsSystem Defaults Dhcp Introduction Configuration Options Connecting to the SwitchRequired Connections Connecting to the Switch Console Connection Basic ConfigurationRemote Connections Setting Passwords Manual Configuration Setting an IP AddressDynamic Configuration Initial Configuration Community Strings Enabling Snmp Management AccessInitial Configuration Trap Receivers Saving Configuration SettingsManaging System Files Managing System Files Initial Configuration Using the Web Interface Configuring the SwitchConfiguring the Switch Home Navigating the Web Browser InterfacePanel Display Configuration OptionsMain Menu Main MenuACL Lacp STA 141 Vlan ID DNS Field Attributes Displaying System InformationCLI Specify the hostname, location and contact information System InformationManagement Software Displaying Switch Hardware/Software VersionsMain Board Switch Information Web Click System, Switch InformationDisplaying Bridge Extension Capabilities Web Click System, Bridge Extension Setting the Switch’s IP AddressCLI Enter the following command Command Attributes Manual IP Configuration Dhcp IP Configuration Using DHCP/BOOTP288 Downloading System Software from a Server Managing FirmwareOperation Code Image File Transfer Saving or Restoring Configuration Settings 10. Downloading Configuration Settings from a Server Downloading Configuration Settings from a ServerCLI Use the reload command to restart the switch Resetting the SystemConfiguring Sntp Setting the System Clock13. Sntp Configuration 14. Setting the Time Zone Setting the Time ZoneSimple Network Management Protocol Setting Community Access StringsSpecifying Trap Managers and Trap Types Access Mode16. Specifying Trap Managers and Trap Types Configuring the Logon Password User Authentication17. Configuring the Logon Password Configuring Local/Remote Logon AuthenticationCommand Usage Radius Settings 18. Setting Local, Radius and Tacacs Authentication Tacacs SettingsConfiguring Https Https Support 19. Https SettingsReplacing the Default Secure-site Certificate Configuring the Secure Shell Configuring the Switch Generating the Host Key Pair Field Attributes 20. SSH Host-Key Settings SSH server includes basic settings for authentication Configuring the SSH Server21. SSH Server Settings Configuring Port Security Command Usage 22. Configuring Port Security Configuring 802.1x Port Authentication 802.1x client Radius server Displaying 802.1x Global Settings23 .1x Information 111 Configuring 802.1x Global Settings 24 .1x Configuration Configuring Port Authorization ModeAuthorized 25 .1x Port Configuration1x Statistics Displaying 802.1x StatisticsStatistical Values 26 .1x Statistics CLI This example displays the 802.1x statistics for port Access Control ListsConfiguring Access Control Lists Setting the ACL Name and Type CLI This example creates a standard IP ACL named bill 27. Naming and Choosing ACLs28. Configuring Standard IP ACLs Configuring a Standard IP ACL Command AttributesConfiguring an Extended IP ACL Command Attributes Access Control Lists 29. Configuring Extended IP ACLs 120 Configuring a MAC ACL Command AttributesCommand Usage 30. Configuring MAC ACLs Specifying the Mask Type Configuring ACL MasksCommand Usage This mask defines the fields to check in the IP header Configuring an IP ACL MaskConfiguring the Switch 32. Configuring an IP based ACL This mask defines the fields to check in the packet header Configuring a MAC ACL Mask33. Configuring a MAC based ACL 148 Binding a Port to an Access Control List34. Mapping ACLs to Port Ingress/Egress Queues Filtering Management Access 35. Filtering Management Access Field Attributes Web Port ConfigurationDisplaying Connection Status Web Click Port, Port Information or Trunk Information Field Attributes CLICurrent status 178 CLI This example shows the connection status for PortConfiguring Interface Connections Port Configuration Creating Trunk Groups 37. Configuring Port AttributesCommand Usage 38. Static Trunk Configuration Statically Configuring a Trunk Command Usage189 Enabling Lacp on Selected Ports Command Usage39. Lacp Port Configuratio 190 Command Attributes 40. Lacp Aggregation Port Configuration Lacp Port Counter Information Displaying Lacp Port CountersCounter Information You can display statistics for Lacp protocol messages41. Displaying Lacp Port Counters Information Lacp Settings Displaying Lacp Settings and Status for the Local SideInternal Configuration Information Link Passive 1 Active 42. Displaying Lacp Port Information Lacp Remote Side Settings Displaying Lacp Settings and Status for the Remote SideNeighbor Configuration Information 43. Displaying Remote Lacp Port Information 100101 Setting Broadcast Storm Thresholds44. Enabling Port Broadcast Control 102103 Configuring Port Mirroring104 Configuring Rate Limits105 Command Attribute106 Showing Port StatisticsPort Statistics 107108 Rmon Statistics 10947. Displaying Port Statistics 11048. Displaying Etherlike and Rmon Statistics 111CLI This example shows statistics for port Address Table SettingsSetting Static Addresses 11249. Mapping Ports to Static Addresses 113114 Displaying the Address TableCLI This example sets the aging time to 400 seconds Changing the Aging Time115 116 Spanning Tree Algorithm Configuration117 Displaying Global Settings118 119 52. Displaying the Spanning Tree Algorithm 120121 Configuring Global SettingsGlobal settings apply to the entire switch 122 Basic Configuration of Global Settings123 Root Device Configuration124 Configuration Settings for Rstp125 53. Configuring the Spanning Tree Algorithm126 Displaying Interface SettingsRules defining port status are 127AD B 128129 CLI This example shows the STA attributes for port Configuring Interface Settings130 131 132 CLI This example sets STA attributes for port Configuring Multiple Spanning Trees133 134 Vlan ID Vlan to assign to this selected MST instance. Range 135136 137 Displaying Interface Settings for Mstp138 139 Configuring Interface Settings for Mstp140 58. Mstp Port ConfigurationCLI This example sets the Mstp attributes for port Vlan ConfigurationOverview 141Assigning Ports to VLANs 142143 144 Forwarding Tagged/Untagged Frames 145146 Enabling or Disabling Gvrp Global SettingCLI This example enables Gvrp for the switch Displaying Basic Vlan InformationWeb Click VLAN, 802.1Q VLAN, Basic Information Command Attributes WebDisplaying Current VLANs 147148 Command Attributes CLI149 Creating VLANsCLI This example creates a new Vlan 150151 Adding Static Members to VLANs Vlan Index152 63. Configuring Vlan Port Attributes153 Adding Static Members to VLANs Port Index154 Configuring Vlan Behavior for Interfaces155 156 157 65. Configuring Vlan PortsEnabling Private VLANs Configuring Private VLANsCLI This example enables private VLANs 158159 Configuring Protocol-Based VLANsConfiguring Uplink and Downlink Ports Create a protocol group for one or more protocols Configuring Protocol Groups160 Mapping Protocols to VLANs 16169. Mapping Protocols to VLANs 162163 Class of Service ConfigurationSetting the Default Priority for Interfaces 164 CLI This example assigns a default priority of 5 to port10. CoS Priority Levels Mapping CoS Values to Egress Queues165 Egress Queue Priority Mapping166 71. Configuring Ports and Trunks for Class of Service167 Selecting the Queue Mode168 Setting the Service Weight for Traffic Classes169 Mapping Layer 3/4 Priorities to CoS Values170 Selecting IP Precedence/DSCP Priority11. IP Precedence Prioruty Mapping IP Precedence171 172 75. Mapping IP Precedence to Class of Service Values173 Mapping Dscp Priority174 76. Mapping IP Dscp Priority to Class of Service Values175 Mapping IP Port Priority78. IP Port Priority Mapping 17613. CoS to ACL Mapping Mapping CoS Values to ACLs177 178 Changing Priorities Based on ACL Rules179 79. Changing Priorities Based on ACL Rules 180181 Multicast Filtering182 Configuring Igmp Snooping and Query ParametersLayer 2 Igmp Snooping and Query 183 184 80. Configuring Internet Group Management ProtocolDisplaying Interfaces Attached to a Multicast Router Command Attributes185 Specifying Static Interfaces for a Multicast Router 186187 Displaying Port Members of Multicast Services188 Assigning Ports to Multicast Services84. Specifying Multicast Port Membership 189190 Configuring Domain Name ServiceConfiguring General DNS Server Parameters 191 192 85. Configuring DNS193 Configuring Static DNS Host to Address Entries86. Mapping IP Addresses to a Host Name 194195 Displaying the DNS CacheWeb Select DNS, Cache 196Accessing the CLI Using the Command Line InterfaceTelnet Connection Using the Command Line Interface Minimum Abbreviation Entering CommandsThis section describes how to enter CLI commands Keywords and ArgumentsGetting Help on Commands Command CompletionShowing Commands Partial Keyword Lookup Negating the Effect of CommandsUsing Command History Command Modes Understanding Command ModesExec Commands Configuration Commands Mode Command Prompt Configuration CommandsKeystroke Function Command Line ProcessingCommand Group Index Command Groups255 Line Command Syntax Line CommandsSyntax Line console vty Default SettingCommand Mode LineSyntax Login local no login LoginRelated Commands No password is specified PasswordUsername 4-35 password Syntax Password 0 7 password no passwordCLI No timeout Telnet 10 minutes Exec-timeoutLogin 4-16password-thresh4-19 Syntax Exec-timeout seconds no exec-timeoutDefault value is three attempts Password-threshTo set the timeout to two minutes, enter this command Syntax Password-thresh threshold no password-threshSyntax Silent-time seconds no silent-time Silent-timeSeven data bits per character Eight data bits per character To specify 7 data bits, enter this commandDatabits Syntax Databits 7 8 no databitsNone No parity Even Even parity Odd Odd parity To specify no parity, enter this commandParity Syntax Parity none even odd no parityAuto To specify 57600 bps, enter this commandSpeed Syntax Speed bps no speedSyntax Disconnect session-id StopbitsDisconnect Syntax Stopbits 1Syntax Show line console vty Show lineSyntax Enable level General CommandsEnable General CommandsNone DisableDisable Enable password Normal ExecShow history ConfigureReload This command restarts the systemEnd This command resets the entire systemThis example shows how to reset the switch This command returns to Privileged Exec modeAny This command exits the configuration programExit QuitSystem Mangement Commands System Management CommandsThis example shows how to quit a CLI session Syntax Prompt string no prompt Device Designation CommandsDevice Designation Commands PromptSyntax Hostname name no hostname User Access CommandsUser Access Commands HostnameUsername Default is level Default password is super Enable password10. IP Filter Commands IP Filter CommandsAll addresses ManagementShow management 11. Web Server Command Web Server CommandsIp http server Default Setting Command ModeSyntax No ip http server Default Setting Ip http portIp http port Copy tftp https-certificate Syntax No ip http secure-server Default SettingIp http secure-server Ip http secure-port4-44 Copy tftp https-certificate Ip http secure-server4-42 Ip http secure-portPortnumber The UDP port used for HTTPS/SSL. Range 44312. Secure Shell Commands Secure Shell Commands12. Secure Shell Commands System Management Commands Ip ssh server Syntax Ip ssh server no ip ssh server Default SettingDisabled Seconds Ip ssh timeoutSyntax Ip ssh timeout seconds no ip ssh timeout Ip ssh crypto host-key generate 4-52 show sshShow ip ssh Ip ssh authentication-retriesExec-timeout4-18 show ip ssh Syntax Delete public-key username dsa rsa Ip ssh server-key sizeDelete public-key Generates both the DSA and RSA key pairs Ip ssh crypto host-key generateSyntax Ip ssh crypto host-key generate dsa rsa Dsa DSA key type Rsa RSA key typeSyntax Ip ssh crypto zeroize dsa rsa Use this command to clear the host key from memory i.e. RAMIp ssh crypto zeroize Ip ssh crypto zeroize 4-53 ip ssh save host-key4-54Syntax Ip ssh save host-key dsa rsa Ip ssh save host-keyShow ip ssh 13. SSH Information Show sshUsername Name of an SSH user. Range 1-8 characters Show public-keySyntax Show public-key user username host RSA Shows all public keysLogging on Event Logging Commands14. Event Logging Commands Syntax No logging on Default SettingLogging history 4-59 clear logging Logging historyHostipaddress The IP address of a syslog server Flash errors level 3 RAM warnings level 7Logging host Syntax No logging host hostipaddressSyntax No logging facility type Logging facilitySyntax Clear logging flash ram Logging trapClear logging Syntax Logging trap level no logging trapSyntax Show logging flash ram sendmail trap Show loggingShow logging Following example displays settings for the trap function Show logging sendmail Smtp Alert Commands15. Smtp Alert Commands Syntax No logging sendmail host ipaddress Logging sendmail hostSyntax Logging sendmail source-email email-address Logging sendmail levelLogging sendmail source-email Syntax Logging sendmail level levelSyntax No logging sendmail destination-email email-address Logging sendmail destination-emailShow logging sendmail Syntax No logging sendmail Default SettingLogging sendmail 16. Time Commands Time CommandsSntp poll 4-72 show sntp Sntp serverSyntax Sntp server ip1 ip2 ip3 Syntax Sntp poll seconds no sntp poll Related CommandsSntp poll Sntp clientDisabled Show sntp Syntax No sntp broadcast client Default SettingSntp broadcast client Show sntp Clock timezoneSyntax This command displays the system clockCalendar set Show calendar17. System Status Commands System Status CommandsShow startup-config Command Usage Show running-config4-80 Show running-config Show startup-config4-77 Show system This command displays system informationShow version Show usersJumbo frame Frame Size Commands18. Frame Size Commands Syntax No jumbo frame Default Setting19. Flash/File Commands Flash/File CommandsCopy Command Usage Following example shows how to download a configuration file Delete This command deletes a file or imageFilename Name of the configuration file or image name Dir Delete public-key4-51 This command displays a list of files in flash memorySyntax Dir boot-rom config opcode filename DirFollowing example shows how to display all file information WhichbootSyntax Boot system boot-romconfig opcode filename Boot system20. Authentication Commands Authentication CommandsAuthentication Sequence Dir 4-90 whichbootLocal Authentication loginRadius-server host Username for setting the local user names and passwords22. Radius Client Commands Radius Client1812 Radius-server port10.1.0.1 Syntax Radius-server port portnumber no radius-server portSyntax Radius-server key keystring no radius-server key Radius-server keyRadius-server retransmit Show radius-server Radius-server timeoutHostipaddress IP address of a TACACS+ server 23. TACACS+ Client CommandsTACACS+ Client Tacacs-server hostSyntax Tacacs-server port portnumber no tacacs-server port Tacacs-server portSyntax Tacacs-server key keystring no tacacs-server key Tacacs-server keyShow tacacs-server Port security Port Security Commands24. Port Security Commands Interface Configuration Ethernet Status Disabled Action None Maximum Addresses25 .1x Port Authentication Commands 802.1x Port AuthenticationAuthentication dot1x default Dot1x max-req Dot1x defaultSyntax Dot1x default Command Mode Default Command ModeForce-authorized DefaultInterface Configuration Dot1x port-controlEthernet unit/port Dot1x re-authenticateSyntax Dot1x re-authenticate interface Dot1x operation-modeSeconds The number of seconds. Range Dot1x re-authenticationDot1x timeout quiet-period Syntax No dot1x re-authentication Command ModeDot1x timeout tx-period Dot1x timeout re-authperiodShow dot1x statistics interface interface Show dot1xState- Current state including initialize, reauthenticate Authenticator State Machine113 Access Control Lists Access Control List CommandsAccess Control List Commands IP ACLs Masks for Access Control Lists26. Access Control List Commands 27. IP ACL CommandsEXT-ACL Syntax No access-list ip standard extended aclname Access-list ipStandard ACL Permit, deny Ip access-group4-129 show ip access-list4-123No permit deny tcp Access-list ipExtended ACL 122 Syntax No access-list ip mask-precedence in out Show ip access-listAccess-list ip mask-precedence Syntax Show ip access-list standard extended aclnameMask IP ACL 4-125 ip access-group4-129 IP Mask Syntax No mask protocol126 127 Syntax Show access-list ip mask-precedence in out Show access-list ip mask-precedenceMask IP ACL Ip access-groupSyntax No ip access-group aclname in out This command shows the ports assigned to IP ACLs Show ip access-groupMap access-list ip Show ip access-list4-123Queue cos-map4-260 Show map access-list ip Map access-list ip Show map access-list ipSyntax Show map access-list ip interface Match access-list ip Show marking Match access-list ipShow marking MAC ACLs 28. MAC ACL CommandsSyntax No access-list mac aclname Access-list macAny host destination destination address-bitmask Permit, deny MAC ACLMAC ACL Syntax Show mac access-list aclname Show mac access-listAccess-list mac mask-precedence This command displays the rules for configured MAC ACLsMask MAC ACL Mask MAC ACL 4-140 mac access-group4-144MAC Mask 142 This example creates an Egress MAC ACL Show access-list mac mask-precedenceSyntax Show access-list mac mask-precedence in out Show mac access-list4-139 Mac access-groupSyntax Mac access-group aclname in out Syntax No map access-list mac aclname cos cos-value Show mac access-groupMap access-list mac This command shows the ports assigned to MAC ACLsSyntax Show map access-list mac interface Show map access-list macQueue cos-map4-260 Show map access-list mac Match access-list mac 29. ACL Information Show access-listACL Information 30. Snmp Commands Snmp CommandsShow access-group This command shows the port assignments of ACLsSyntax Snmp community string rorw no snmp community string Snmp communitySyntax Snmp-server location text no snmp-server location Snmp contactSnmp location Syntax Snmp contact string no snmp contactHost Address None Snmp Version Snmp hostConsoleconfig#snmp-server host 10.1.19.23 batman Issue authentication and link-up-down traps Snmp enable trapsSyntax No snmp enable traps authentication link-up-down Show snmp This command checks the status of Snmp communications156 31. DNS Commands DNS CommandsThis example maps two address to a host name Ip hostNo static entries Syntax Ip domain-name name no ip domain-name Clear hostIp domain-name Syntax Clear host nameSyntax No ip domain-list name Ip domain-listIp domain-name4-159 Server-address1- IP address of domain-name server Ip name-serverIp domain-name4-159 ip domain-lookup4-163 Syntax No ip domain-lookup Default SettingIp domain-lookup Ip domain-name4-159 ip name-server4-162 Show hostsShow dns cache This command displays the configuration of the DNS serverThis command displays entries in the DNS cache Show dnsClear dns cache This command clears all entries in the DNS cache167 32. Interface Commands Interface CommandsSyntax Description string no description InterfaceDescription Port-channel channel-idRangeFollowing example adds a description to port Interface Configuration Ethernet, Port ChannelSpeed-duplex Negotiation 4 -170 capabilities 4 Syntax No negotiation Default SettingNegotiation Capabilities 4 -172speed-duplex 4 Following example configures port 11 to use autonegotiationCapabilities Negotiation 4 -170speed-duplex 4 -169 flowcontrol 4 Syntax No flowcontrol Default SettingFlow control enabled FlowcontrolNegotiation 4 Capabilities flowcontrol, symmetric Following example enables flow control on portSyntax Combo-forced-mode mode no combo-forced-mode Combo-forced-modeShutdown Syntax No shutdown Default SettingAll interfaces are enabled Following example disables portSwitchport broadcast packet-rate Following example clears statistics on port This command clears statistics on an interfacePort-channel channel-idRange Default Setting Clear countersShows the status for all interfaces This command displays the status for an interfaceShow interfaces status Syntax Show interfaces status interfaceShows the counters for all interfaces This command displays interface statisticsShow interfaces counters Syntax Show interfaces counters interface180 Shows all interfaces Show interfaces switchportSyntax Show interfaces switchport interface This example shows the configuration setting for portShows if acceptable Vlan frames include all types or Port monitor Mirror Port Commands33. Mirror Port Commands Interface Configuration Ethernet, destination portSyntax Show port monitor interface This command displays mirror informationUnit Switch unit Port Port number Show port monitor34. Rate Limit Commands Rate Limit CommandsFollowing shows mirroring configured from port 6 to port Mbps Rate-limit35. Link Aggregation Commands Link Aggregation CommandsGeneral Guidelines Guidelines for Creating TrunksCurrent port will be added to this trunk Channel-groupSyntax Channel-group channel-idno channel-group Channel-id- Trunk index RangeLacp Syntax No lacp Default Setting191 32768 Lacp system-priorityLacp admin-keyEthernet Interface Interface Configuration Port Channel Lacp admin-key Port ChannelSyntax Lacp admin-key key no lacp admin-key Lacp port-priority Port Channel all This command displays Lacp informationShow lacp 197 198 199 200 Address Table Commands36. Adress Table Commands Vlan-id- Vlan ID Range Mac-address-table static201 Mac-address- MAC addressMac-address- MAC address Mask Bits to match in the address Clear mac-address-table dynamicShow mac-address-table 202203 Mac-address-table aging-time204 Show mac-address-table aging-time205 Spanning Tree Commands37. Spanning Tree Commands No spanning-tree Spanning tree is enabledSpanning-tree 206Rstp Spanning-tree mode207 208 209 Spanning-tree forward-time210 Spanning-tree hello-timeSpanning-tree max-age 211 Spanning-tree priorityLong method Spanning-tree pathcost method212 213 Spanning-tree mst-configurationThis command limits the maximum transmission rate for BPDUs Spanning-tree transmission-limit214 MST ConfigurationMst vlan 215 Mst prioritySyntax Name name Switch’s MAC addressName 216Syntax Revision number Revision217 Revision 4Name 4 Max-hops218 219 Spanning-tree spanning-disabledSyntax No spanning-tree spanning-disabled Default Setting Spanning-tree cost128 Spanning-tree port-priority220 Priority The priority for a port. Range 0-240, in stepsSpanning-tree cost 4 Syntax No spanning-tree edge-port Default SettingSpanning-tree edge-port 221Spanning-tree portfast 4 Syntax No spanning-tree portfast Default SettingSpanning-tree portfast 222Spanning-treeedge-port 4 Spanning-tree link-type223 224 Spanning-tree mst costSpanning-tree mst port-priority 4 225Spanning-tree mst cost 4 Spanning-tree mst port-priority226 Syntax Spanning-tree protocol-migration interface Port-channel channel-idRange Command ModeSpanning-tree protocol-migration 227Syntax Show spanning-tree interface mst instanceid Show spanning-tree228 229 230 Show spanning-tree mst configurationThis command shows the multiple spanning tree configuration Syntax Show spanning-tree mst configuration Command Mode231 Vlan Commands38. Vlan Commands Editing Vlan GroupsShow vlan 4 232Vlan database Vlan By default only Vlan 1 exists and is activeVlan Database Configuration 233234 Configuring Vlan Interfaces40. Configuring Vlan Interfaces Shutdown 4 235Interface vlan Syntax Interface vlan vlan-idSwitchport acceptable-frame-types 4 Switchport modeSyntax Switchport mode trunk hybrid no switchport mode All ports are in hybrid mode with the Pvid set to VlanAll frame types Switchport acceptable-frame-typesSwitchport mode 4 237238 Switchport ingress-filteringSyntax No switchport ingress-filtering Default Setting 239 Switchport native vlan240 Switchport allowed vlanNo VLANs are included in the forbidden list Switchport forbidden vlan241 41. Displaying Vlan Information Displaying Vlan Information242 Show vlan243 Following example shows how to display information for Vlan42. Protocol-based Vlan Commands 244 Protocol-vlan protocol-group Configuring GroupsNo protocol groups are configured No protocol groups are mapped for any interface Protocol-vlan protocol-group Configuring Interfaces245 Group-id- Group identifier for a protocol group. Range 246Show protocol-vlan protocol-group Syntax Show protocol-vlan protocol-group group-idMapping for all interfaces is displayed This shows protocol group 1 configured for IP over Ethernet247 Show interfaces protocol-vlan protocol-groupNo private VLANs are defined 43. Private Vlan Commands248 PvlanShow pvlan This command displays the configured private Vlan249 250 Gvrp and Bridge Extension Commands44. Gvrp and Bridge Extension Commands Syntax No bridge-ext gvrp Default SettingShow bridge-ext 251Syntax Show gvrp configuration interface Switchport gvrpShow gvrp configuration Syntax No switchport gvrp Default Setting253 Garp timerShows all Garp timers Show garp timerShow garp timer 4 Syntax Show garp timer interface255 Priority CommandsGarp timer 4 45. Priority Commands256 Priority Commands LayerSwitchport priority default 46. Priority Commands Layer257 258 Queue modeSyntax Queue mode strict wrr no queue mode Weighted Round RobinShow queue bandwidth 4 259Queue bandwidth Queue cos-map 260Show queue cos-map 4 Show queue modeThis command shows the current queue mode 261Show queue cos-map This command shows the class of service priority map262 Show queue bandwidth263 Priority Commands Layer 347. Priority Commands Layer 3 264 Syntax Map ip port no map ip port Default Setting265 Syntax No map ip precedence Default Setting266 List below shows the default priority mapping267 Syntax No map ip dscp Default Setting268 Map ip dscp Interface ConfigurationSyntax Show map ip port interface Use this command to show the IP port priority map269 Show map ip portSyntax Show map ip precedence interface This command shows the IP precedence priority map270 Show map ip precedenceSyntax Show map ip dscp interface This command shows the IP Dscp priority map271 Show map ip dscp49. Igmp Snooping Commands Multicast Filtering CommandsIgmp Snooping Commands 48. Multicast Filtering CommandsNo ip igmp snooping Following example enables Igmp snooping273 Ip igmp snoopingIp igmp snooping vlan static 274Igmp Version Following configures the switch to use Igmp Version275 Ip igmp snooping versionShow mac-address-table multicast 276Show ip igmp snooping 277 Igmp Query Commands Layer50. Igmp Query Commands Layer Ip igmp snooping query-count Syntax No ip igmp snooping querier Default Setting278 Ip igmp snooping querierIp igmp snooping query-max-response-time 4 Following shows how to configure the query count to279 Ip igmp snooping query-intervalIp igmp snooping query-max-response-time Seconds The report delay advertised in Igmp queries. Range280 Ip igmp snooping router-port-expire-time Switch must use IGMPv2 for this command to take effect281 Ip igmp snooping vlan mrouter Static Multicast Routing Commands51. Static Multicast Routing Commands 282Syntax Show ip igmp snooping mrouter vlan vlan-id Displays multicast router ports for all configured VLANs283 Show ip igmp snooping mrouter284 IP Interface CommandsBasic IP Configuration 52. Basic IP Configuration commandsIP address Netmask Interface Configuration Vlan285 Ip addressIp dhcp restart 4 This command submits a Bootp or Dhcp client request286 Ip dhcp restart287 Ip default-gatewaySyntax Ip default-gateway gateway no ip default-gateway Show ip redirects 288Show ip interface Syntax Ping host count countsize size This command has no default for the host289 PingInterface 4 290291 Flow Control Software FeaturesAuthentication Dhcp Client Port ConfigurationRate Limits Class of ServiceAdditional Features Port MirroringOut-of-Band Management Management FeaturesStandards In-Band ManagementManagement Information Bases Table B-1. Troubleshooting Chart Appendix B TroubleshootingTroubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 XModem Glossary-8User Datagram Protocol UDP Virtual LAN VlanIndex-1 NumericsIgmp Index-2Snmp Snmp Index-3Index-4 Page For Technical SUPPORT, Call