Reference Guide
Table Of Contents
- OS10 Enterprise Edition User Guide Release 10.4.0E(R2)
- Getting Started
- Download OS10 image and license
- Installation
- Log into OS10
- Install OS10 license
- Remote access
- Upgrade OS10
- CLI Basics
- User accounts
- Key CLI features
- CLI command modes
- CLI command hierarchy
- CLI command categories
- CONFIGURATION Mode
- Command help
- Check device status
- Candidate configuration
- Change to transaction-based configuration
- Copy running configuration
- Restore startup configuration
- Reload system image
- Filter show commands
- Alias command
- Batch mode commands
- Linux shell commands
- SSH commands
- OS9 environment commands
- Common commands
- alias
- alias (multi-line)
- batch
- boot
- commit
- configure
- copy
- default (alias)
- delete
- description (alias)
- dir
- discard
- do
- feature config-os9-style
- exit
- license
- line (alias)
- lock
- management route
- move
- no
- reload
- show alias
- show boot
- show candidate-configuration
- show environment
- show inventory
- show ip management-route
- show ipv6 management-route
- show license status
- show running-configuration
- show startup-configuration
- show system
- show version
- start
- system
- system identifier
- terminal
- traceroute
- unlock
- write
- Interfaces
- Ethernet interfaces
- Unified port groups
- L2 mode configuration
- L3 mode configuration
- Fibre Channel interfaces
- Management interface
- VLAN interfaces
- User-configured default VLAN
- Loopback interfaces
- Port-channel interfaces
- Configure interface ranges
- Switch-port profiles
- Configure breakout mode
- Breakout auto-configuration
- Reset default configuration
- Forward error correction
- Energy-efficient Ethernet
- View interface configuration
- Interface commands
- channel-group
- default interface
- default vlan-id
- description (Interface)
- duplex
- enable auto-breakout
- fec
- interface breakout
- interface ethernet
- interface loopback
- interface mgmt
- interface null
- interface port-channel
- interface range
- interface vlan
- link-bundle-utilization
- mgmt
- mode
- mtu
- port-group
- show interface
- show link-bundle-utilization
- show port-channel summary
- show port-group
- show switch-port-profile
- show vlan
- shutdown
- speed (Fibre Channel)
- speed (Management)
- switch-port-profile
- switchport access vlan
- switchport mode
- switchport trunk allowed vlan
- Fibre channel
- Fibre Channel over Ethernet
- Terminology
- Virtual fabric
- Fibre Channel zoning
- F_Port on Ethernet
- F_Port, NPG, and FCoE commands
- clear fcoe database
- clear fcoe statistics
- fc alias
- fc zone
- fc zoneset
- fcoe
- fcoe max-sessions-per-enodemac
- feature fc
- feature fc npg
- feature fip-snooping
- fip-snooping enable
- fip-snooping fc-map
- fip-snooping port-mode fcf
- member (alias)
- member (zone)
- member (zoneset)
- name
- show fc alias
- show fc ns switch
- show fc statistics
- show fc switch
- show fc zone
- show fc zoneset
- show fcoe enode
- show fcoe fcf
- show fcoe sessions
- show fcoe statistics
- show fcoe system
- show fcoe vlan
- show npg devices
- show running-config vfabric
- show vfabric
- vfabric
- vfabric (interface)
- vlan
- zone default-zone permit
- zoneset activate
- Layer 2
- 802.1X
- Link aggregation control protocol
- Link layer discovery protocol
- Protocol data units
- Optional TLVs
- Organizationally-specific TLVs
- Media endpoint discovery
- Network connectivity device
- LLDP-MED capabilities TLV
- Network policies TLVs
- Define network policies
- Packet timer values
- Disable and re-enable LLDP
- Disable and re-enable LLDP on management ports
- Advertise TLVs
- Network policy advertisement
- Fast start repeat count
- View LLDP configuration
- Adjacent agent advertisements
- Time to live
- LLDP commands
- Media Access Control
- Multiple spanning-tree protocol
- Rapid per-VLAN spanning-tree plus
- Rapid spanning-tree protocol
- Virtual LANs
- Port monitoring
- Layer 3
- Border gateway protocol
- Sessions and peers
- Route reflectors
- Multiprotocol BGP
- Attributes
- Selection criteria
- Weight and local preference
- Multiexit discriminators
- Origin
- AS path and next-hop
- Best path selection
- More path support
- Advertise cost
- 4-Byte AS numbers
- AS number migration
- Configure border gateway protocol
- Enable BGP
- Configure Dual Stack
- Peer templates
- Neighbor fall-over
- Fast external fallover
- Passive peering
- Local AS
- AS number limit
- Redistribute routes
- Additional paths
- MED attributes
- Local preference attribute
- Weight attribute
- Enable multipath
- Route-map filters
- Route reflector clusters
- Aggregate routes
- Confederations
- Route dampening
- Timers
- Neighbor soft-reconfiguration
- BGP commands
- Equal cost multi-path
- IPv4 routing
- IPv6 routing
- Internet group management protocol
- Open shortest path first
- Object tracking manager
- Policy-based routing
- Virtual routing and forwarding
- Virtual router redundancy protocol
- Border gateway protocol
- UFT modes
- System management
- Access Control Lists
- IP ACLs
- MAC ACLs
- IP fragment handling
- L3 ACL rules
- Assign sequence number to filter
- L2 and L3 ACLs
- Assign and apply ACL filters
- Ingress ACL filters
- Egress ACL filters
- Clear access-list counters
- IP prefix-lists
- Route-maps
- Match routes
- Set conditions
- continue Clause
- ACL flow-based monitoring
- Enable flow-based monitoring
- ACL commands
- clear ip access-list counters
- clear ipv6 access-list counters
- clear mac access-list counters
- deny
- deny (IPv6)
- deny (MAC)
- deny icmp
- deny icmp (IPv6)
- deny ip
- deny ipv6
- deny tcp
- deny tcp (IPv6)
- deny udp
- deny udp (IPv6)
- description
- ip access-group
- ip access-list
- ip as-path deny
- ip as-path permit
- ip community-list standard deny
- ip community–list standard permit
- ip extcommunity-list standard deny
- ip extcommunity-list standard permit
- ip prefix-list description
- ip prefix-list deny
- ip prefix-list permit
- ip prefix-list seq deny
- ip prefix-list seq permit
- ipv6 access-group
- ipv6 access-list
- ipv6 prefix-list deny
- ipv6 prefix-list description
- ipv6 prefix-list permit
- ipv6 prefix-list seq deny
- ipv6 prefix-list seq permit
- mac access-group
- mac access-list
- permit
- permit (IPv6)
- permit (MAC)
- permit icmp
- permit icmp (IPv6)
- permit ip
- permit ipv6
- permit tcp
- permit tcp (IPv6)
- permit udp
- permit udp (IPv6)
- remark
- seq deny
- seq deny (IPv6)
- seq deny (MAC)
- seq deny icmp
- seq deny icmp (IPv6)
- seq deny ip
- seq deny ipv6
- seq deny tcp
- seq deny tcp (IPv6)
- seq deny udp
- seq deny udp (IPv6)
- seq permit
- seq permit (IPv6)
- seq permit (MAC)
- seq permit icmp
- seq permit icmp (IPv6)
- seq permit ip
- seq permit ipv6
- seq permit tcp
- seq permit tcp (IPv6)
- seq permit udp
- seq permit udp (IPv6)
- show access-group
- show access-lists
- show ip as-path-access-list
- show ip community-list
- show ip extcommunity-list
- show ip prefix-list
- Route-map commands
- continue
- match as-path
- match community
- match extcommunity
- match interface
- match ip address
- match ip next-hop
- match ipv6 address
- match ipv6 next-hop
- match metric
- match origin
- match route-type
- match tag
- route-map
- set comm-list add
- set comm-list delete
- set community
- set extcomm-list add
- set extcomm-list delete
- set extcommunity
- set local-preference
- set metric
- set metric-type
- set next-hop
- set origin
- set tag
- set weight
- show route-map
- Quality of service
- Configure quality of service
- Ingress traffic classification
- Egress traffic classification
- Policing traffic
- Mark Traffic
- Color traffic
- Modify packet fields
- Shaping traffic
- Bandwidth allocation
- Strict priority queuing
- Buffer management
- Congestion avoidance
- Storm control
- QoS commands
- bandwidth
- class
- class-map
- clear interface priority-flow-control
- clear qos statistics
- clear qos statistics type
- control-plane
- flowcontrol
- match
- match cos
- match dscp
- match precedence
- match qos-group
- match vlan
- mtu
- pause
- pfc-cos
- pfc-max-buffer-size
- pfc-shared-buffer-size
- pfc-shared-headroom-buffer-size
- police
- policy-map
- priority
- priority-flow-control mode
- qos-group dot1p
- qos-group dscp
- queue-limit
- queue bandwidth
- queue qos-group
- random-detect (interface)
- random-detect (queue)
- random-detect color
- random-detect ecn
- random-detect pool
- random-detect weight
- service-policy
- set cos
- set dscp
- set qos-group
- shape
- show class-map
- show control-plane info
- show control-plane statistics
- show interface priority-flow-control
- show qos interface
- show policy-map
- show qos control-plane
- show qos egress bufffers interface
- show egress buffer-stats interface
- show qos ingress buffers interface
- show ingress buffer-stats interface
- show queuing statistics
- show qos system
- show qos system buffers
- show qos maps
- show qos wred-profile
- system qos
- trust
- trust dot1p-map
- trust dscp-map
- qos-map traffic-class
- trust-map
- wred
- Virtual link trunking
- Converged data center services
- sFlow
- Troubleshoot OS10
- Support resources
Telnet commands......................................................................................................................................................451
Security...........................................................................................................................................................................452
User re-authentication............................................................................................................................................ 452
Password strength.................................................................................................................................................. 453
Role-based access control..................................................................................................................................... 453
Assign user role........................................................................................................................................................ 454
RADIUS authentication...........................................................................................................................................454
TACACS+ authentication........................................................................................................................................455
SSH Server...............................................................................................................................................................456
Virtual terminal line.................................................................................................................................................. 456
Enable login statistics.............................................................................................................................................. 457
Security commands.................................................................................................................................................457
Simple network management protocol....................................................................................................................... 470
SNMP commands....................................................................................................................................................470
OS10 image upgrade...................................................................................................................................................... 471
Boot system partition.............................................................................................................................................. 472
Upgrade commands.................................................................................................................................................473
8 Access Control Lists...................................................................................................................................477
IP ACLs............................................................................................................................................................................477
MAC ACLs...................................................................................................................................................................... 478
IP fragment handling..................................................................................................................................................... 478
IP fragments ACL.....................................................................................................................................................478
L3 ACL rules................................................................................................................................................................... 479
Permit ACL with L3 information only.................................................................................................................... 479
Deny ACL with L3 information only....................................................................................................................... 479
Permit all packets from host...................................................................................................................................479
Permit only rst fragments and non-fragmented packets from host............................................................... 479
Assign sequence number to lter................................................................................................................................ 480
User-provided sequence number.......................................................................................................................... 480
Auto-generated sequence number........................................................................................................................480
L2 and L3 ACLs..............................................................................................................................................................480
Assign and apply ACL lters..........................................................................................................................................481
Ingress ACL lters..........................................................................................................................................................482
Egress ACL lters.......................................................................................................................................................... 482
Clear access-list counters.............................................................................................................................................483
IP prex-lists...................................................................................................................................................................483
Route-maps....................................................................................................................................................................484
Match routes..................................................................................................................................................................485
Set conditions................................................................................................................................................................ 485
continue Clause..............................................................................................................................................................486
ACL ow-based monitoring..........................................................................................................................................486
Flow-based mirroring...............................................................................................................................................486
Enable ow-based monitoring......................................................................................................................................487
ACL commands..............................................................................................................................................................488
clear ip access-list counters................................................................................................................................... 488
12
Contents