Manuals / SMC Networks / Computer Equipment / Switch

SMC Networks TigerSwitch manual User Authentication

Models: TigerSwitch

1 518

Download 518 pages 30.84 Kb

Page 109

USER AUTHENTICATION

3.Import Client’s Public Key to the Switch – Use the copy tftp public-keycommand (page 4-89)to copy a file containing the public key for all the SSH client’s granted management access to the switch. (Note that these clients must be configured locally on the switch via the User Accounts page as described on page 3-48.)The clients are subsequently authenticated using these keys. The current firmware only accepts public key files based on standard UNIX format as shown in the following example for an RSA Version 1 key:

1024 35 1341081685609893921040944920155425347631641921872958921143173880

05553616163105177594083868631109291232226828519254374603100937187721199696317

81366277414168985132049117204830339254324101637997592371449011938006090253948

40848271781943722884025331159521348610229029789827213532671316294325328189150

45306393916643 steve@192.168.1.19

4.Set the Optional Parameters – On the SSH Settings page, configure the optional parameters, including the authentication timeout, the number of retries, and the server key size.

5.Enable SSH Service – On the SSH Settings page, enable the SSH server on the switch.

6.Challenge-Response Authentication – When an SSH client attempts to contact the switch, the SSH server uses the host key pair to negotiate a session key and encryption method. Only clients that have a private key corresponding to the public keys stored on the switch can access. The following exchanges take place during this process:

a.The client sends its public key to the switch.

b.The switch compares the client's public key to those stored in memory.

c.If a match is found, the switch uses the public key to encrypt a random sequence of bytes, and sends this string to the client.

d.The client uses its private key to decrypt the bytes, and sends the decrypted bytes back to the switch.

3-59

Image 109

SMC Networks TigerSwitch manual User Authentication

Contents

TigerSwitch 10/100 Page TigerSwitch 10/100 Management Guide Trademarks Limited Warranty Limited Warranty Contents Contents Contents Command Line Interface Vii Viii Contents Contents Contents Xii Xiii Xiv Glossary Index Xvi Xvii TablesXviii Xix Figures Xxi Xxii Queue Mode 172Key Features Key FeaturesLacp Description of Software FeaturesDescription of Software Features Introduction Description of Software Features Introduction System Defaults System DefaultsSnmp Dhcp Introduction Configuration Options Connecting to the SwitchRequired Connections Connecting to the Switch Remote Connections Stack Operations Recovering from Stack Failure or Topology ChangeSelecting the Stack Master Resilient IP Interface for Management Access Basic ConfigurationConsole Connection Setting Passwords Manual Configuration Setting an IP AddressDynamic Configuration Enabling Snmp Management Access Community Strings Trap Receivers Saving Configuration SettingsEnter the name of the start-up file. Press Enter Managing System FilesInitial Configuration Using the Web Interface Configuring the SwitchConfiguring the Switch Home Navigating the Web Browser InterfacePanel Display Configuration OptionsMain Menu Main MenuACL IP Filter Sets IP addresses of clients allowed Vlan 156 Vlan ID Field Attributes Displaying System InformationSystem Information CLI Specify the hostname, location and contact information Displaying Switch Hardware/Software VersionsSwitch Information Displaying Bridge Extension Capabilities CLI Use the following command to display version informationBridge Extension Configuration Command Attributes Setting the Switch’s IP AddressCLI Enter the following command Manual IP Configuration Dhcp IP Configuration Using DHCP/BOOTP251 Managing Firmware Operation Code Image File Transfer Downloading System Software from a ServerSelect Start-Up Operation File Saving or Restoring Configuration Settings Basic Configuration 11 Copy Configuration Settings Downloading Configuration Settings from a Server12 Setting the Startup Configuration Settings Console Port Settings 13 Console Port Settings Telnet Settings Basic Configuration 14 Enabling Telnet System Log Configuration Configuring Event LoggingLevel Severity Name Description Logging Levels15 System Logs Remote Log ConfigurationConfiguring the Switch 16 Remote Logs CLI This example shows the event message stored in RAM Displaying Log MessagesSending Simple Mail Transfer Protocol Alerts 18 Enabling and Configuring Smtp Alerts 19 Resetting the System Resetting the SystemConfiguring Sntp Setting the System Clock20 Sntp Configuration 21 Setting the System Clock Setting the Time ZoneSimple Network Management Protocol Setting Community Access StringsSpecifying Trap Managers and Trap Types Access Mode23 Configuring IP Trap Managers Configuring User Accounts User Authentication24 Access Levels Configuring Local/Remote Logon Authentication Command Usage Tacacs Settings Radius Settings25 Authentication Settings Configuring Https Web Browser Operating System Compatible Operating Systems26 Https Settings Replacing the Default Secure-site CertificateConfiguring the Secure Shell Command Usage User Authentication Generating the Host Key Pair 27 SSH Host-Key Settings SSH server includes basic settings for authentication Configuring the SSH Server28 SSH Server Settings Configuring Port Security Command Usage 29 Configuring Port Security Configuring 802.1X Port AuthenticationPage 802.1X System Authentication Control The global setting for Displaying 802.1X Global SettingsWeb Click Security, 802.1X, Information CLI This example shows the default global setting for Configuring 802.1X Global SettingsCLI This example enables 802.1X globally for the switch Configuring Port Settings forAuthorized 32 802.1X Port Configuration111 802.1X Statistics Displaying 802.1X StatisticsCLI This example displays the 802.1X statistics for port Displaying 802.1X Port StatisticsFiltering Addresses for Management Access 34 Creating a Web IP Filter List Configuring Access Control Lists Access Control ListsCLI This example allows Snmp access for a specific client Setting the ACL Name and Type CLI This example creates a standard IP ACL named david 35 Selecting ACL TypeConfiguring a Standard IP ACL Command Attributes 36 ACL Configuration Standard IP Configuring an Extended IP ACL Command AttributesConfiguring the Switch 37 ACL Configuration Extended IP 123 Configuring a MAC ACL Command Attributes38 ACL Configuration MAC Binding a Port to an Access Control List 39 Binding a Port to an ACL Displaying Connection Status Port ConfigurationField Attributes Web Web Click Port, Port Information or Trunk Information Field Attributes CLICurrent Status CLI This example shows the connection status for Port Configuring Interface ConnectionsConfiguring the Switch Creating Trunk Groups 41 Port/Trunk ConfigurationCommand Usage Statically Configuring a Trunk Command Usage 42 Configuring Port Trunks 166 Enabling Lacp on Selected Ports Command Usage43 Lacp Configuration 167 100 101 44 Lacp Port Configuration172 102Displaying Lacp Port Counters 103You can display statistics for Lacp protocol messages Lacp Port CountersLacp Internal Configuration Information Displaying Lacp Settings and Status for the Local Side104 CLI The following example displays Lacp counters105 46 Lacp Port Internal Information 106Lacp Neighbor Configuration Information Displaying Lacp Settings and Status for the Remote Side107 47 Lacp Port Neighbors Information 108109 Setting Broadcast Storm Thresholds48 Port Broadcast Control 110111 Configuring Port Mirroring112 49 Mirror Port Configuration113 Configuring Rate LimitsRate Limit Granularity 114 Rate Limit Configuration115 Showing Port StatisticsPort Statistics 116Port Statistics 117Rmon Statistics 118119 52 Port Statistics 120CLI This example shows statistics for port 121Setting Static Addresses Address Table Settings122 123 Displaying the Address TableInterface Indicates a port or trunk 124 54 Configuring a Dynamic Address TableChanging the Aging Time Spanning Tree Algorithm Configuration125 CLI This example sets the aging time to 400 seconds126 127 Displaying Global Settings128 56 STA Information 129196 130Global settings apply to the entire switch Configuring Global Settings131 132 Root Device Configuration133 Configuration Settings for Rstp134 57 STA Configuration135 Displaying Interface Settings136 137 58 STA Port Information 138139 Configuring Interface SettingsCLI This example shows the STA attributes for port 140 141 Ieee 802.1Q VLANs Vlan Configuration142 CLI This example sets STA attributes for portAssigning Ports to VLANs 143144 145 Forwarding Tagged/Untagged Frames 146CLI This example enables Gvrp for the switch Enabling or Disabling Gvrp Global Setting147 Displaying Basic Vlan Information148 Command Attributes WebDisplaying Current VLANs Web Click VLAN, 802.1Q VLAN, Basic Information149 Command Attributes CLICreating VLANs 150CLI This example creates a new Vlan 151Adding Static Members to VLANs Vlan Index 152153 Adding Static Members to VLANs Port Index 154Interface Port or trunk identifier 65 Vlan Static Membership by Port 155156 Configuring Vlan Behavior for Interfaces157 158 66 Vlan Port Configuration159 Private VLANsDisplaying Current Private VLANs 160Vlan ID ID of configured Vlan Configuring Private VLANs161 162 68 Private Vlan ConfigurationAssociating VLANs 163Displaying Private Vlan Interface Information 164165 Configuring Private Vlan Interfaces166 167 71 Private Vlan Port ConfigurationLayer 2 Queue Settings Class of Service ConfigurationSetting the Default Priority for Interfaces 168169 CLI This example assigns a default priority of 5 to portMapping CoS Values to Egress Queues 17010 Egress Queue Priority Mapping 11 CoS Priority Levels73 Traffic Classes 171172 Selecting the Queue Mode173 Setting the Service Weight for Traffic Classes174 Layer 3/4 Priority SettingsMapping Layer 3/4 Priorities to CoS Values Selecting IP Precedence/DSCP Priority 175Mapping IP Precedence 12 Mapping IP Precedence 176Mapping Dscp Priority 17713 Mapping Dscp Priority Values 78 Mapping IP Dscp Priority Values 178Mapping IP Port Priority 17979 IP Port Priority Status 180Mapping CoS Values to ACLs 18114 Egress Queue Priority Mapping 81 ACL CoS Priority 182183 Multicast FilteringLayer 2 Igmp Snooping and Query Configuring Igmp Snooping and Query Parameters184 185 186 82 Igmp ConfigurationDisplaying Interfaces Attached to a Multicast Router 187Specifying Static Interfaces for a Multicast Router 188189 Displaying Port Members of Multicast Services85 IP Multicast Registration Table 190191 Assigning Ports to Multicast Services86 Igmp Member Port Table 192Accessing the CLI Using the Command Line InterfaceTelnet Connection Using the Command Line Interface This section describes how to enter CLI commands Entering CommandsKeywords and Arguments Minimum AbbreviationGetting Help on Commands Command CompletionShowing Commands Using Command History Negating the Effect of CommandsPartial Keyword Lookup Exec Commands Understanding Command ModesCommand Modes Configuration Commands Mode Command Prompt Configuration ModesCommand Line Processing Command Line ProcessingCommand Groups Command GroupsACL Access Control List Configuration Line Commands Line CommandsLine Syntax Login local no login LoginLogin local Line ConfigurationUsername 4-36 password PasswordSyntax Password 0 7 password no password No password is specifiedLogin 4-16password-thresh4-20 Timeout login responseSyntax Timeout login response seconds no silent-time CLI Disabled 0 seconds Telnet 600 secondsTo set the timeout to two minutes, enter this command Exec-timeoutSilent-time4-21exec-timeout Syntax Exec-timeout seconds no exec-timeoutSilent-time4-21 Timeout login response Password-threshSyntax Password-thresh threshold no password-thresh Default value is three attemptsTo set the silent time to 60 seconds, enter this command Default value is no silent-timePassword-thresh4-20 Silent-timeDatabits To specify 7 data bits, enter this commandSyntax Databits 7 8 no databits Seven data bits per character Eight data bits per characterSpeed ParitySyntax Parity none even odd no parity Syntax Speed bps no speedSyntax stopbits 1 StopbitsShow line DisconnectSyntax disconnect session-id Syntax Show line console vtyTo show all lines, enter this command Enable General CommandsGeneral Commands Syntax enable levelDisable Enable password DisableNormal Exec NoneShow history ConfigureReload This command restarts the systemExit EndThis example shows how to quit a CLI session This command exits the configuration programQuit Device Designation Commands System Management CommandsSystem Management Commands Device Designation CommandsHostname PromptSyntax Prompt string no prompt Syntax Hostname name no hostnameUser Access Commands User Access CommandsUsername 10 Default Login SettingsDefault is level Default password is super Enable passwordEnable 4-27 authentication enable IP Filter Commands11 IP Filter Commands All addresses ManagementShow management 12 Web Server Commands Web Server CommandsSyntax No ip http server Default Setting Default Setting Command ModeIp http port Ip http serverIp http secure-server Syntax No ip http secure-server Default SettingIp http port 13 Https System Support Ip http secure-portIp http secure-port4-44 Copy tftp https-certificate Portnumber The UDP port used for HTTPS/SSL. Range14 Telnet Server Commands Telnet Server CommandsIp telnet port Ip http secure-server4-43Ip telnet server Syntax No ip telnet server Default SettingIp telnet server Ip telnet port15 SSH Commands Secure Shell CommandsPublic key type System Management Commands Disabled Syntax No ip ssh server Default SettingIp ssh server Syntax Ip ssh timeout seconds no ip ssh timeout Ip ssh timeoutExec-timeout4-19 show ip ssh Ip ssh crypto host-key generate 4-53 show sshIp ssh server-key size Ip ssh authentication-retriesShow ip ssh Key-size- The size of server key. Range 512-896 bitsIp ssh crypto host-key generate Delete public-keySyntax Delete public-key username dsa rsa Syntax Ip ssh crypto host-key generate dsa rsaSyntax Ip ssh crypto zeroize dsa rsa Ip ssh crypto zeroizeIp ssh save host-key This command saves host key from RAM to flash memorySyntax Ip ssh save host-key dsa rsa Saves both the DSA and RSA keyShow ip ssh This command displays the current SSH server connectionsShow ssh 16 show ssh display descriptionSyntax Show public-key user username host Show public-keyUsername Name of an SSH user. Range 1-8 characters Shows all public keysConsole#show public-key host Host 17 Event Logging Commands Event Logging CommandsSyntax No logging on Default Setting Logging onLogging history 4-60 clear logging Logging history18 Logging Levels Logging host Flash errors level 3 RAM warnings level 7Syntax No logging host hostipaddress Hostipaddress The IP address of a syslog serverSyntax No logging facility type Logging facilityLogging trap Enabled Level 7Syntax Logging trap level no logging trap Show logging Clear loggingSyntax Clear logging flash ram Syntax Show logging flash ram sendmail trap19 show logging flash/ram display description Syntax Show log flash ram login tail Following example displays settings for the trap functionShow log 20 show logging trap display descriptionFollowing example shows sample messages stored in RAM 21 Smtp Alert Commands Smtp Alert CommandsLogging sendmail host Syntax No logging sendmail host ipaddressSyntax Logging sendmail level level Logging sendmail levelLogging sendmail destination-email Logging sendmail source-emailSyntax No logging sendmail source-email email-address This example will set the source email john@acme.comLogging sendmail Syntax No logging sendmail Default SettingShow logging sendmail 22 Time Commands Time CommandsSntp client Syntax No sntp client Default SettingSntp server 4-74 sntp poll 4-75 show sntp Syntax Sntp server ip1 ip2 ip3 Sntp serverSntp client 4-73 sntp poll 4-75 show sntp Show sntp Sntp pollSyntax Sntp poll seconds no sntp poll Sntp clientClock timezone Show sntp Calendar setSyntax Year Year 4-digit. RangeThis command displays the system clock System Status Commands23 System Status Commands Show calendarLight unit Show startup-configSyntax Light unit unit Command Line Interface Show running-config4-82 Show running-config Example This command displays system information Show startup-config4-79Show system Dram Show usersShow version 24 Frame Size Commands Frame Size CommandsSyntax No jumbo frame Default Setting Jumbo frame25 Flash/File Commands Flash/File CommandsCopy Example Following example shows how to download a configuration file Delete Syntax Dir unit boot-rom config opcode filenameDir 26 File Directory Information Following example shows how to display all file informationBoot system WhichbootSyntax whichboot unit Syntax Boot system unit boot-romconfig opcode filenameDir 4-92 whichboot Authentication Commands27 Authentication Commands Unit* Specifies the unit number Colon is requiredAuthentication login Authentication Sequence28 Authentication Sequence LocalUsername for setting the local user names and passwords Authentication enableEnable password sets the password for changing command modes Radius Client 29 Radius Client CommandsRadius-server host Retransmit Command Mode Default Setting Auth-portRadius-server port Syntax Radius-server port portnumber no radius-server portRadius-server retransmit Radius-server keySyntax Radius-server key keystring no radius-server key Show radius-server Radius-server timeoutTACACS+ Client 30 Tacacs CommandsTacacs-server port Tacacs-server hostHostipaddress IP address of a TACACS+ server 10.11.12.13Show tacacs-server Tacacs-server keySyntax Tacacs-server key keystring no tacacs-server key 31 Port Security Commands Port Security CommandsInterface Configuration Ethernet Status Disabled Action None Maximum AddressesPort security Max-mac-count32 802.1X Port Authentication 802.1X Port AuthenticationDot1x system-auth-control Syntax No system-auth-control Default SettingSyntax Dot1x default Command Mode Dot1x defaultDefault Command Mode Dot1x max-reqDot1x port-control DefaultForce-authorized Single-host Dot1x operation-modeDot1x re-authentication Dot1x re-authenticateSyntax Dot1x re-authenticate interface Syntax No dot1x re-authentication Command ModeDot1x timeout re-authperiod Dot1x timeout quiet-periodSeconds The number of seconds. Range Show dot1x Dot1x timeout tx-periodSyntax Show dot1x statistics interface interface Statistics Displays dot1x status for each portBefore re-transmitting EAP packet Supplicant-timeout- Supplicant timeoutState Current state including initialize, reauthenticate Authenticator State Machine118 Access Control Lists Access Control List CommandsIP ACLs 33 Access Control Lists34 IP ACLs Syntax No access-list ip standard extended aclname Access-list ipSyntax No permit deny any source bitmask host source Permit, deny Ip access-group4-126 show ip access-list4-126Standard ACL No permit deny tcp Access-list ipExtended ACL Precedence source-port control-flag125 Ip access-group Show ip access-listSyntax Show ip access-list standard extended aclname Syntax No ip access-group aclnameShow ip access-list4-126 Show ip access-groupThis command shows the ports assigned to IP ACLs Syntax No map access-list ip aclname cos cos-value Map access-list ipQueue cos-map4-226 Show map access-list ip 35 Egress Queue Priority MappingSyntax Show map access-list ip interface Show map access-list ipMap access-list ip Unit This is device Port Port numberSyntax No access-list mac aclname Access-list macMAC ACLs 36 MAC ACLsSyntax No permit deny Permit, deny MAC ACLMAC ACL Mac access-group Show mac access-listSyntax Show mac access-list aclname Syntax Mac access-group aclnameMap access-list mac Show mac access-groupThis command shows the ports assigned to MAC ACLs Syntax No map access-list mac aclname cos cos-valueQueue cos-map4-226 Show map access-list mac Show map access-list macSyntax Show map access-list mac interface 37 Egress Queue Priority MappingACL Information Show access-list38 ACL Information This command shows the port assignments of ACLs Show access-groupPrivileged Executive 39 Snmp Commands Snmp CommandsSnmp-server community Syntax Snmp-server contact string no snmp-server contact Snmp-server contactSyntax Snmp-server location text no snmp-server location Snmp-server locationHost Address None Snmp Version Snmp-server hostIssue authentication and link-up-down traps Snmp-server enable trapsShow snmp This command checks the status of Snmp communications144 40 Interface Commands Interface CommandsDescription InterfacePort-channel channel-idRange Syntax Description string no descriptionSpeed-duplex Interface Configuration Ethernet, Port ChannelFollowing example adds a description to port Negotiation Syntax No negotiation Default SettingNegotiation 4 -148 capabilities 4 Capabilities Following example configures port 11 to use autonegotiationCapabilities 4 -149speed-duplex 4 Flow control enabled Syntax No flowcontrol Default SettingFlowcontrol Negotiation 4 -148speed-duplex 4 -147 flowcontrol 4Syntax No shutdown Default Setting Following example enables flow control on portAll interfaces are enabled ShutdownFollowing example disables port Switchport broadcast packet-ratePort-channel channel-idRange Default Setting This command clears statistics on an interfaceClear counters Syntax Clear counters interfaceShow interfaces status This command displays the status for an interfaceShows the status for all interfaces Show interfaces counters This command displays interface statisticsSyntax Show interfaces counters interface Shows the counters for all interfaces156 Syntax Show interfaces switchport interface Show interfaces switchportThis example shows the configuration setting for port Shows all interfaces41 Interfaces Switchport Statistics 42 Mirror Port Commands Mirror Port CommandsInterface Configuration Ethernet, destination port Port monitorShow port monitor This command displays mirror informationSyntax Show port monitor interface Shows all sessionsFollowing shows mirroring configured from port 6 to port Rate Limit Commands43 Rate Limit Commands Rate-limit granularity Rate-limitActual rate limit = Rate limit level * Granularity Use this command to display the rate limit granularity Global Configuration Ethernet, Port ChannelShow rate-limit 44 Link Aggregation Commands Link Aggregation CommandsGuidelines for Creating Trunks Trunk Status Display CommandSyntax Channel-group channel-idno channel-group Channel-groupChannel-id- Trunk index Range Current port will be added to this trunkLacp Syntax no lacp Default SettingLacp system-priority 32768 Lacp admin-keyEthernet Interface Interface Configuration Port Channel Lacp admin-key Port ChannelLacp port-priority Show lacp This command displays Lacp informationPort Channel all 45 show lacp counters display description 46 show lacp internal display description Expected to be enabled in the absence of administrative 47 show lacp neighbors display description 49 Address Table Commands Address Table Commands48 show lacp sysid display description Mac-address- MAC address Mac-address-table staticVlan-id- Vlan ID Range Clear mac-address-table dynamic Mac-address- MAC address Mask Bits to match in the address Show mac-address-tableShow mac-address-table aging-time Mac-address-table aging-time50 Spanning Tree Commands Spanning Tree CommandsSpanning tree is enabled Syntax No spanning-tree Default SettingSpanning-tree Syntax Spanning-tree mode stp rstp no spanning-tree mode Spanning-tree modeRstp Spanning-tree forward-time Spanning-tree max-age Spanning-tree hello-timeSpanning-tree priority Long method Spanning-tree pathcost methodSpanning-tree transmission-limit This command limits the maximum transmission rate for BPDUsSpanning-tree cost Count The transmission limit in seconds. RangePriority The priority for a port. Range 0-240, in steps Spanning-tree port-prioritySpanning-tree edge-port Syntax No spanning-tree edge-port Default SettingSpanning-tree cost 4 Spanning-tree portfast Syntax No spanning-tree portfast Default Setting193 Spanning-tree portfast 4194 Spanning-tree link-typeSpanning-treeedge-port 4 AutoSpanning-tree protocol-migration Port-channel channel-idRange Command Mode195 Syntax Spanning-tree protocol-migration interfaceShow spanning-tree This command shows the configuration for the spanning tree196 Syntax Show spanning-tree interface197 Editing Vlan Groups Vlan Commands198 Vlan databaseVlan 199Show vlan 4 Vlan Database Configuration By default only Vlan 1 exists and is active200 53 Configuring Vlan Interfaces Configuring Vlan Interfaces201 Interface vlanAll ports are in hybrid mode with the Pvid set to Vlan Switchport mode202 Shutdown 4Switchport acceptable-frame-types 4 Switchport acceptable-frame-types203 All frame typesSwitchport mode 4 Switchport ingress-filteringSyntax No switchport ingress-filtering Default Setting 204205 Switchport native vlan206 Switchport allowed vlan207 Switchport forbidden vlanNo VLANs are included in the forbidden list Displaying Vlan Information 54 Show Vlan Commands208 Show vlanFollowing example shows how to display information for Vlan Configuring Private VLANs55 Private Vlan Commands 209Private-vlan 210Private vlan association 211No private-vlan primary-vlan-idassociation 212 213 Switchport mode private-vlanNormal Vlan Switchport private-vlan mapping Switchport private-vlan host-association214 Show vlan private-vlan 215Syntax Show vlan private-vlan community isolated primary 56 Gvrp and Bridge Extension Commands Gvrp and Bridge Extension Commands216 217 Syntax No bridge-ext gvrp Default SettingBridge-ext gvrp Show bridge-extSyntax No switchport gvrp Default Setting Switchport gvrp218 Garp timer Show gvrp configurationSyntax Show gvrp configuration interface 219220 Show garp timer 4Syntax Show garp timer interface Show garp timerShows all Garp timers Garp timer 4Priority Commands Layer Priority Commands57 Priority Commands 58 Priority Commands LayerSyntax Queue mode strict wrr no queue mode Queue modeWeighted Round Robin 223224 Switchport priority defaultQueue bandwidth 225226 59 Default CoS Priority LevelsQueue cos-map Show queue bandwidth 4This command shows the current queue mode Show queue mode227 Show queue bandwidth228 This command shows the class of service priority mapShow queue cos-map Syntax Show queue cos-map interface60 Priority Commands Layer 3 Priority Commands Layer 3229 Syntax No map ip port230 Map ip port Interface Configuration231 Syntax No map ip precedence Default Setting232 List below shows the default priority mapping61 Mapping IP Precedence Values 233 Syntax No map ip dscp Default Setting62 IP Dscp to CoS Values 234235 Use this command to show the IP port priority mapShow map ip port Syntax Show map ip port interface236 This command shows the IP precedence priority mapShow map ip precedence Syntax Show map ip precedence interface237 This command shows the IP Dscp priority mapShow map ip dscp Syntax Show map ip dscp interfaceIgmp Snooping Commands Multicast Filtering Commands63 Multicast Filtering Commands 64 Igmp Snooping CommandsFollowing example enables Igmp snooping Syntax No ip igmp snooping Default Setting239 Ip igmp snooping240 Following configures the switch to use Igmp VersionIp igmp snooping version Igmp VersionShow ip igmp snooping 241Show mac-address-table multicast 65 Igmp Query Commands Layer Igmp Query Commands Layer242 243 Syntax No ip igmp snooping querier Default SettingIp igmp snooping querier Ip igmp snooping query-count244 Following shows how to configure the query count toIp igmp snooping query-interval Ip igmp snooping query-max-response-time 4245 Seconds The report delay advertised in Igmp queries. RangeIp igmp snooping query-max-response-time 246 Switch must use IGMPv2 for this command to take effectIp igmp snooping router-port-expire-time Ip igmp snooping version 466 Static Multicast Routing Commands Static Multicast Routing Commands247 Ip igmp snooping vlan mrouter248 Displays multicast router ports for all configured VLANsShow ip igmp snooping mrouter Syntax Show ip igmp snooping mrouter vlan vlan-id67 IP Interface Commands IP Interface CommandsIp address 249250 Interface Configuration VlanIp dhcp restart 4 Ip dhcp restart This command submits a Bootp or Dhcp client request251 Ip address 4Syntax Ip default-gateway gateway no ip default-gateway Ip default-gatewayShow ip interface 252Show ip redirects Ip default-gateway 4Ping 253254 This command has no default for the hostInterface 4 Software Features Management Features Standards Groups 1, 2, 3, 9 Statistics, History, Alarm, EventManagement Information Bases Problems Accessing the Management Interface Appendix B TroubleshootingTable B-1 Troubleshooting Chart Symptom Action Using System Logs Troubleshooting Glossary-1 Glossary-2 Glossary-3 Glossary-4 Glossary-5 Glossary-6 Glossary-7 User Datagram Protocol UDP Glossary-8Virtual LAN Vlan XModemIndex-1 NumericsIgmp Index-2Snmp Snmp Index-3Index-4 Page For Technical SUPPORT, Call