CLI Reference Guide-R04
Table Of Contents
- How to Use This Guide
- Contents
- Figures
- Tables
- Getting Started
- Command Line Interface
- Using the Command Line Interface
- General Commands
- System Management Commands
- SNMP Commands
- snmp-server
- snmp-server community
- snmp-server contact
- snmp-server location
- show snmp
- snmp-server enable traps
- snmp-server host
- snmp-server enable port-traps link- up-down
- snmp-server enable port-traps mac-notification
- show snmp-server enable port-traps
- snmp-server engine-id
- snmp-server group
- snmp-server user
- snmp-server view
- show snmp engine-id
- show snmp group
- show snmp user
- show snmp view
- nlm
- snmp-server notify-filter
- show nlm oper-status
- show snmp notify-filter
- memory
- process cpu
- process cpu guard
- Remote Monitoring Commands
- Flow Sampling Commands
- User Authentication Commands
- User Accounts and Privilege Levels
- Authentication Sequence
- RADIUS Client
- TACACS+ Client
- AAA
- Web Server
- Telnet Server
- Secure Shell
- 802.1X Port Authentication
- dot1x default
- dot1x eapol-pass- through
- dot1x system-auth- control
- dot1x intrusion-action
- dot1x max-reauth-req
- dot1x max-req
- dot1x operation- mode
- dot1x port-control
- dot1x re-authentication
- dot1x timeout quiet-period
- dot1x timeout re-authperiod
- dot1x timeout supp-timeout
- dot1x timeout tx-period
- dot1x re-authenticate
- show dot1x
- Management IP Filter
- PPPoE Intermediate Agent
- pppoe intermediate- agent
- pppoe intermediate- agent format-type
- pppoe intermediate- agent port-enable
- pppoe intermediate- agent port-format- type
- pppoe intermediate-agent port-format-type remote-id-delimiter
- pppoe intermediate- agent trust
- pppoe intermediate- agent vendor-tag strip
- clear pppoe intermediate-agent statistics
- show pppoe intermediate-agent info
- show pppoe intermediate-agent statistics
- General Security Measures
- Port Security
- Network Access (MAC Address Authentication)
- network-access aging
- network-access mac-filter
- mac-authentication reauth-time
- network-access dynamic-qos
- network-access dynamic-vlan
- network-access guest-vlan
- network-access link-detection
- network-access link- detection link-down
- network-access link- detection link-up
- network-access link- detection link-up- down
- network-access max- mac-count
- network-access mode mac-authentication
- network-access port- mac-filter
- mac-authentication intrusion-action
- mac-authentication max-mac-count
- clear network-access
- show network-access
- show network-access mac-address-table
- show network-access mac-filter
- Web Authentication
- DHCPv4 Snooping
- ip dhcp snooping
- ip dhcp snooping information option
- ip dhcp snooping information option encode no-subtype
- ip dhcp snooping information option remote-id
- ip dhcp snooping information option tr101 board-id
- information policy
- ip dhcp snooping limit rate
- ip dhcp snooping verify mac address
- ip dhcp snooping vlan
- ip dhcp snooping information option circuit-id
- ip dhcp snooping max-number
- ip dhcp snooping trust
- ip dhcp snooping vlan-flooding
- clear ip dhcp snooping binding
- clear ip dhcp snooping database flash
- ip dhcp snooping database flash
- show ip dhcp snooping
- show ip dhcp snooping binding
- DHCPv6 Snooping
- ipv6 dhcp snooping
- ipv6 dhcp snooping option remote-id
- ipv6 dhcp snooping option remote-id policy
- ipv6 dhcp snooping vlan
- ipv6 dhcp snooping max-binding
- ipv6 dhcp snooping trust
- clear ipv6 dhcp snooping binding
- clear ipv6 dhcp snooping statistics
- show ipv6 dhcp snooping
- show ipv6 dhcp snooping binding
- show ipv6 dhcp snooping statistics
- IPv4 Source Guard
- IPv6 Source Guard
- ARP Inspection
- ip arp inspection
- ip arp inspection filter
- ip arp inspection log-buffer logs
- ip arp inspection validate
- ip arp inspection vlan
- ip arp inspection limit
- ip arp inspection trust
- show ip arp inspection configuration
- show ip arp inspection interface
- show ip arp inspection log
- show ip arp inspection statistics
- show ip arp inspection vlan
- Denial of Service Protection
- Port-based Traffic Segmentation
- Access Control Lists
- Interface Commands
- interface
- capabilities
- description
- discard
- flowcontrol
- history
- media-type
- negotiation
- shutdown
- speed-duplex
- switchport block
- switchport mtu
- clear counters
- show discard
- show interfaces brief
- show interfaces counters
- show interfaces history
- show interfaces status
- show interfaces switchport
- transceiver-monitor
- transceiver-threshold- auto
- transceiver-threshold current
- transceiver-threshold rx-power
- transceiver-threshold temperature
- transceiver-threshold tx-power
- transceiver-threshold voltage
- show interfaces transceiver
- show interfaces transceiver-threshold
- test cable-diagnostics
- show cable-diagnostics
- show loop internal
- power-save
- show power-save
- Link Aggregation Commands
- Port Mirroring Commands
- Congestion Control Commands
- Rate Limit Commands
- Storm Control Commands
- Automatic Traffic Control Commands
- auto-traffic-control apply-timer
- auto-traffic-control release-timer
- auto-traffic-control
- auto-traffic-control action
- auto-traffic-control alarm-clear-threshold
- auto-traffic-control alarm-fire-threshold
- auto-traffic-control auto-control-release
- auto-traffic-control control-release
- snmp-server enable port-traps atc broadcast-alarm-clear
- snmp-server enable port-traps atc broadcast-alarm-fire
- snmp-server enable port-traps atc broadcast-control- apply
- snmp-server enable port-traps atc broadcast-control- release
- snmp-server enable port-traps atc multicast-alarm-clear
- snmp-server enable port-traps atc multicast-alarm-fire
- snmp-server enable port-traps atc multicast-control- apply
- snmp-server enable port-traps atc multicast-control- release
- show auto-traffic- control
- show auto-traffic- control interface
- Loopback Detection Commands
- UniDirectional Link Detection Commands
- Address Table Commands
- Smart Pair Commands
- TWAMP Commands
- Spanning Tree Commands
- spanning-tree
- spanning-tree forward-time
- spanning-tree hello- time
- spanning-tree max-age
- spanning-tree mode
- spanning-tree pathcost method
- spanning-tree priority
- spanning-tree mst configuration
- spanning-tree system- bpdu-flooding
- spanning-tree transmission-limit
- max-hops
- mst priority
- mst vlan
- name
- revision
- spanning-tree bpdu-filter
- spanning-tree bpdu-guard
- spanning-tree cost
- spanning-tree edge-port
- spanning-tree link-type
- spanning-tree loopback-detection
- spanning-tree loopback-detection action
- spanning-tree loopback-detection release-mode
- spanning-tree loopback-detection trap
- spanning-tree mst cost
- spanning-tree mst port-priority
- spanning-tree port- bpdu-flooding
- spanning-tree port-priority
- spanning-tree root-guard
- spanning-tree spanning-disabled
- spanning-tree tc-prop-stop
- spanning-tree loopback-detection release
- spanning-tree protocol-migration
- show spanning-tree
- show spanning-tree mst configuration
- ERPS Commands
- erps
- erps node-id
- erps vlan-group
- erps ring
- erps instance
- ring-port
- exclusion-vlan
- enable (ring)
- enable (instance)
- meg-level
- control-vlan
- rpl owner
- rpl neighbor
- wtr-timer
- guard-timer
- holdoff-timer
- mep-monitor
- major-ring
- propagate-tc
- bpdu-tcn-notify
- non-revertive
- raps-def-mac
- raps-without-vc
- version
- inclusion-vlan
- physical-ring
- erps forced-switch
- erps manual-switch
- erps clear
- clear erps statistics
- show erps statistics
- show erps
- VLAN Commands
- GVRP and Bridge Extension Commands
- Editing VLAN Groups
- Configuring VLAN Interfaces
- Displaying VLAN Information
- Configuring IEEE 802.1Q Tunneling
- Configuring L2PT Tunneling
- Configuring VLAN Translation
- Configuring Protocol-based VLANs
- Configuring IP Subnet VLANs
- Configuring MAC Based VLANs
- Configuring Voice VLANs
- Class of Service Commands
- Priority Commands (Layer 2)
- Priority Commands (Layer 3 and 4)
- qos map phb-queue
- qos map cos-dscp
- qos map default-drop- precedence
- qos map dscp-cos
- qos map dscp-mutation
- qos map ip-port-dscp
- qos map ip-prec-dscp
- qos map trust-mode
- show qos map cos-dscp
- show map default- drop-precedence
- show map dscp-cos
- show qos map dscp-mutation
- show qos map ip-port-dscp
- show qos map ip-prec-dscp
- show qos map phb-queue
- show qos map trust-mode
- Quality of Service Commands
- Multicast Filtering Commands
- IGMP Snooping
- ip igmp snooping
- ip igmp snooping mrouter-forward- mode dynamic
- ip igmp snooping priority
- ip igmp snooping proxy-reporting
- ip igmp snooping querier
- ip igmp snooping router-alert-option- check
- ip igmp snooping router-port-expire- time
- ip igmp snooping tcn-flood
- ip igmp snooping tcn-query-solicit
- ip igmp snooping unregistered-data- flood
- ip igmp snooping unsolicited-report- interval
- ip igmp snooping version
- ip igmp snooping version-exclusive
- ip igmp snooping vlan general-query- suppression
- ip igmp snooping vlan immediate-leave
- ip igmp snooping vlan last-memb-query- count
- ip igmp snooping vlan last-memb-query- intvl
- ip igmp snooping vlan mrd
- ip igmp snooping vlan proxy-address
- ip igmp snooping vlan query-interval
- ip igmp snooping vlan query-resp-intvl
- ip igmp snooping vlan static
- clear ip igmp snooping groups dynamic
- clear ip igmp snooping statistics
- show ip igmp snooping
- show ip igmp snooping group
- show ip igmp snooping mrouter
- show ip igmp snooping statistics
- Static Multicast Routing
- IGMP Filtering and Throttling
- ip igmp filter (Global Configuration)
- ip igmp igmp-with- pppoe
- ip igmp profile
- permit, deny
- range
- ip igmp authentication
- ip igmp filter (Interface Configuration)
- ip igmp max-groups
- ip igmp max-groups action
- ip igmp query-drop
- ip multicast-data-drop
- show ip igmp authentication
- show ip igmp filter
- show ip igmp igmp- with-pppoe
- show ip igmp profile
- show ip igmp query-drop
- show ip igmp throttle interface
- show ip multicast- data-drop
- MLD Snooping
- ipv6 mld snooping
- ipv6 mld snooping querier
- ipv6 mld snooping query-interval
- ipv6 mld snooping query-max-response- time
- ipv6 mld snooping proxy-reporting
- ipv6 mld snooping robustness
- ipv6 mld snooping router-port-expire- time
- ipv6 mld snooping unknown-multicast mode
- ipv6 mld snooping unsolicited-report- interval
- ipv6 mld snooping version
- ipv6 mld snooping vlan immediate-leave
- ipv6 mld snooping vlan mrouter
- ipv6 mld snooping vlan static
- clear ipv6 mld snooping groups dynamic
- clear ipv6 mld snooping statistics
- show ipv6 mld snooping
- show ipv6 mld snooping group
- show ipv6 mld snooping group source-list
- show ipv6 mld snooping mrouter
- show ipv6 mld snooping statistics
- MLD Filtering and Throttling
- MVR for IPv4
- mvr
- mvr associated-profile
- mvr domain
- mvr priority
- mvr profile
- mvr proxy-query- interval
- mvr proxy-switching
- mvr robustness-value
- mvr source-port- mode dynamic
- mvr upstream- source-ip
- mvr vlan
- mvr immediate-leave
- mvr type
- mvr vlan group
- clear mvr groups dynamic
- clear mvr statistics
- show mvr
- show mvr associated-profile
- show mvr interface
- show mvr members
- show mvr profile
- show mvr statistics
- MVR for IPv6
- mvr6 associated- profile
- mvr6 domain
- mvr6 priority
- mvr6 profile
- mvr6 proxy-query- interval
- mvr6 proxy-switching
- mvr6 robustness- value
- mvr6 source-port- mode dynamic
- mvr6 upstream- source-ip
- mvr6 vlan
- mvr6 immediate-leave
- mvr6 type
- mvr6 vlan group
- clear mvr6 groups dynamic
- clear mvr6 statistics
- show mvr6
- show mvr6 associated-profile
- show mvr6 interface
- show mvr6 members
- show mvr6 profile
- show mvr6 statistics
- IGMP Snooping
- LLDP Commands
- lldp
- lldp holdtime- multiplier
- lldp med-fast-start- count
- lldp notification- interval
- lldp refresh-interval
- lldp reinit-delay
- lldp tx-delay
- lldp admin-status
- lldp basic-tlv management-ip- address
- lldp basic-tlv management-ipv6- address
- lldp basic-tlv port-description
- lldp basic-tlv system-capabilities
- lldp basic-tlv system-description
- lldp basic-tlv system-name
- lldp dot1-tlv proto-ident
- lldp dot1-tlv proto-vid
- lldp dot1-tlv pvid
- lldp dot1-tlv vlan-name
- lldp dot3-tlv link-agg
- lldp dot3-tlv mac-phy
- lldp dot3-tlv max-frame
- lldp dot3-tlv poe
- lldp med-location civic-addr
- lldp med-notification
- lldp med-tlv ext-poe
- lldp med-tlv inventory
- lldp med-tlv location
- lldp med-tlv med-cap
- lldp med-tlv network-policy
- lldp notification
- show lldp config
- show lldp info local-device
- show lldp info remote-device
- show lldp info statistics
- show lldp info statistics
- CFM Commands
- ethernet cfm ais level
- ethernet cfm ais ma
- ethernet cfm ais period
- ethernet cfm ais suppress alarm
- ethernet cfm domain
- ethernet cfm enable
- ma index name
- ma index name-format
- ethernet cfm mep
- ethernet cfm port-enable
- clear ethernet cfm ais mpid
- show ethernet cfm configuration
- show ethernet cfm md
- show ethernet cfm ma
- show ethernet cfm maintenance-points local
- show ethernet cfm maintenance-points local detail mep
- show ethernet cfm maintenance-points remote detail
- ethernet cfm cc ma interval
- ethernet cfm cc enable
- snmp-server enable traps ethernet cfm cc
- mep archive-hold- time
- clear ethernet cfm maintenance-points remote
- clear ethernet cfm errors
- show ethernet cfm errors
- ethernet cfm mep crosscheck start-delay
- snmp-server enable traps ethernet cfm crosscheck
- mep crosscheck mpid
- ethernet cfm mep crosscheck
- show ethernet cfm maintenance-points remote crosscheck
- ethernet cfm linktrace cache
- ethernet cfm linktrace cache hold-time
- ethernet cfm linktrace cache size
- ethernet cfm linktrace
- clear ethernet cfm linktrace-cache
- show ethernet cfm linktrace-cache
- ethernet cfm loopback
- mep fault-notify alarm-time
- mep fault-notify lowest-priority
- mep fault-notify reset-time
- show ethernet cfm fault-notify-generator
- ethernet cfm delay- measure two-way
- OAM Commands
- efm oam
- efm oam critical-link-event
- efm oam link-monitor frame
- efm oam link-monitor frame threshold
- efm oam link-monitor frame window
- efm oam mode
- clear efm oam counters
- clear efm oam event-log
- efm oam remote-loopback
- efm oam remote- loopback test
- show efm oam counters interface
- show efm oam event-log interface
- show efm oam remote-loopback interface
- show efm oam status interface
- show efm oam status remote interface
- Domain Name Service Commands
- DHCP Commands
- IP Interface Commands
- IPv4 Interface
- IPv6 Interface
- ipv6 default-gateway
- ipv6 address
- ipv6 address autoconfig
- ipv6 address dhcp
- ipv6 address eui-64
- ipv6 address link-local
- ipv6 enable
- ipv6 mtu
- show ipv6 interface
- show ipv6 mtu
- show ipv6 traffic
- clear ipv6 traffic
- ping6
- traceroute6
- ipv6 hop-limit
- ipv6 neighbor
- ipv6 nd dad attempts
- ipv6 nd managed- config-flag
- ipv6 nd ns-interval
- ipv6 nd other-config- flag
- ipv6 nd prefix
- ipv6 nd ra interval
- ipv6 nd ra lifetime
- ipv6 nd ra router- preference
- ipv6 nd ra suppress
- ipv6 nd raguard
- ipv6 nd reachable-time
- clear ipv6 neighbors
- show ipv6 nd raguard
- show ipv6 neighbors
- ND Snooping
- ipv6 nd snooping
- ipv6 nd snooping auto-detect
- ipv6 nd snooping auto-detect retransmit count
- ipv6 nd snooping auto-detect retransmit interval
- ipv6 nd snooping prefix timeout
- ipv6 nd snooping max-binding
- ipv6 nd snooping trust
- clear ipv6 nd snooping binding
- clear ipv6 nd snooping prefix
- show ipv6 nd snooping
- show ipv6 nd snooping binding
- show ipv6 nd snooping prefix
- IP Routing Commands
- Appendices
- Glossary
- CLI Commands
Chapter 1
| Initial Switch Configuration
Automatic Installation of Operation Code and Configuration Settings
– 66 –
Flash programming started.
Flash programming completed.
Success.
Console#
Automatic Installation of Operation Code and Configuration Settings
Downloading
Operation Code from
a File Server
Automatic Operation Code Upgrade can automatically download an operation
code file when a file newer than the currently installed one is discovered on the file
server. After the file is transferred from the server and successfully written to the file
system, it is automatically set as the startup file, and the switch is rebooted.
Usage Guidelines
◆ If this feature is enabled, the switch searches the defined URL once during the
bootup sequence.
◆ FTP (port 21) and TFTP (port 69) are both supported. Note that the TCP/UDP
port bindings cannot be modified to support servers listening on non-standard
ports.
◆ The host portion of the upgrade file location URL must be a valid IPv4 IP
address. DNS host names are not recognized. Valid IP addresses consist of four
numbers, 0 to 255, separated by periods.
◆ The path to the directory must also be defined. If the file is stored in the root
directory for the FTP/TFTP service, then use the “/” to indicate this (e.g., ftp://
192.168.0.1/).
◆ The file name must not be included in the upgrade file location URL. The file
name of the code stored on the remote server must be ECS4120-Series.bix
(using lower case letters as indicated).
◆ The FTP connection is made with PASV mode enabled. PASV mode is needed to
traverse some fire walls, even if FTP traffic is not blocked. PASV mode cannot be
disabled.
◆ The switch-based search function is case-insensitive in that it will accept a file
name in upper or lower case (i.e., the switch will accept ECS4120-Series.BIX from
the server even though ECS4120-Series.bix was requested). However, keep in
mind that the file systems of many operating systems such as Unix and most
Unix-like systems (FreeBSD, NetBSD, OpenBSD, and most Linux distributions,
etc.) are case-sensitive, meaning that two files in the same directory, ecs4120-
series.bix and ECS4120-Series.BIX are considered to be unique files. Thus, if the
upgrade file is stored as ECS4120-Series.BIX (or even ECS4120-series.bix) on a
case-sensitive server, then the switch (requesting ECS4120-serieS.bix) will not be
upgraded because the server does not recognize the requested file name and