Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
Cisco Catalyst Blade Switch 3020 for HP
Command Reference
Cisco IOS Release 12.2(25)SEF
June 2006
Text Part Number: OL-8916-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn,
and iQuick Study are service marks of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, the Cisco
Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel,
EtherFast, EtherSwitch, Fast Step, FormShare, GigaDrive, GigaStack, HomeLink, Internet Quotient, IOS, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard,
LightStream, Linksys, MeetingPlace, MGX, the Networkers logo, Networking Academy, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, ProConnect,
RateMUX, ScriptShare, SlideCast, SMARTnet, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or
its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0601R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the
document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
Cisco Catalyst Blade Switch 3020 for HP Command Reference
© 2006 Cisco Systems, Inc. All rights reserved.
iii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
CONTENTS
Preface xv
Audience xv
Purpose xv
Conventions xv
Related Publications xvi
Obtaining Documentation xvii
Cisco.com xvii
Product Documentation DVD xvii
Ordering Documentation xvii
Documentation Feedback xviii
Cisco Product Security Overview xviii
Reporting Security Problems in Cisco Products xviii
Obtaining Technical Assistance xix
Cisco Technical Support & Documentation Website xix
Submitting a Service Request xx
Definitions of Service Request Severity xx
Obtaining Additional Publications and Information xx
CHAPTER
1 Using the Command-Line Interface 1-1
CLI Command Modes 1-1
User EXEC Mode 1-3
Privileged EXEC Mode 1-3
Global Configuration Mode 1-3
Interface Configuration Mode 1-4
config-vlan Mode 1-4
VLAN Configuration Mode 1-5
Line Configuration Mode 1-5
CHAPTER
2 Cisco Catalyst Blade Switch 3020 for HP Cisco IOS Commands 2-1
aaa accounting dot1x 2-1
aaa authentication dot1x 2-3
aaa authorization network 2-5
action 2-6
Contents
iv
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
archive download-sw 2-8
archive tar 2-11
archive upload-sw 2-14
auto qos voip 2-16
boot boothlpr 2-20
boot config-file 2-21
boot enable-break 2-22
boot helper 2-23
boot helper-config-file 2-24
boot manual 2-25
boot private-config-file 2-26
boot system 2-27
channel-group 2-28
channel-protocol 2-31
class 2-32
class-map 2-34
clear dot1x 2-36
clear eap sessions 2-37
clear lacp 2-38
clear mac address-table 2-39
clear mac address-table move update 2-41
clear pagp 2-42
clear port-security 2-43
clear spanning-tree counters 2-45
clear spanning-tree detected-protocols 2-46
clear vmps statistics 2-47
clear vtp counters 2-48
define interface-range 2-49
delete 2-51
deny (MAC access-list configuration) 2-52
dot1x 2-55
dot1x auth-fail max-attempts 2-57
dot1x auth-fail vlan 2-59
dot1x control-direction 2-61
dot1x critical (global configuration) 2-63
Contents
v
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
dot1x critical (interface configuration) 2-65
dot1x default 2-67
dot1x guest-vlan 2-68
dot1x host-mode 2-70
dot1x initialize 2-71
dot1x mac-auth-bypass 2-72
dot1x max-reauth-req 2-74
dot1x max-req 2-75
dot1x pae 2-76
dot1x port-control 2-77
dot1x re-authenticate 2-79
dot1x reauthentication 2-80
dot1x timeout 2-81
duplex 2-84
errdisable detect cause 2-86
errdisable recovery 2-88
exception crashinfo 2-90
flowcontrol 2-91
interface port-channel 2-93
interface range 2-95
interface vlan 2-97
ip access-group 2-98
ip address 2-100
ip dhcp snooping 2-102
ip dhcp snooping information option 2-103
ip dhcp snooping information option allow-untrusted 2-105
ip dhcp snooping information option format remote-id 2-107
ip dhcp snooping limit rate 2-109
ip dhcp snooping trust 2-110
ip dhcp snooping verify 2-111
ip dhcp snooping vlan 2-112
ip dhcp snooping vlan information option format-type circuit-id string 2-113
ip igmp filter 2-115
ip igmp max-groups 2-116
ip igmp profile 2-118
Contents
vi
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
ip igmp snooping 2-120
ip igmp snooping last-member-query-interval 2-122
ip igmp snooping querier 2-124
ip igmp snooping report-suppression 2-126
ip igmp snooping tcn 2-128
ip igmp snooping tcn flood 2-130
ip igmp snooping vlan immediate-leave 2-131
ip igmp snooping vlan mrouter 2-133
ip igmp snooping vlan static 2-135
ip ssh 2-137
lacp port-priority 2-139
lacp system-priority 2-141
link state group 2-143
link state track 2-145
logging event 2-146
logging file 2-147
mac access-group 2-149
mac access-list extended 2-151
mac address-table aging-time 2-153
mac address-table move update 2-154
mac address-table notification 2-156
mac address-table static 2-158
mac address-table static drop 2-159
macro apply 2-161
macro description 2-164
macro global 2-165
macro global description 2-168
macro name 2-169
match (access-map configuration) 2-171
match (class-map configuration) 2-173
mdix auto 2-175
media-type 2-177
mls qos 2-179
mls qos aggregate-policer 2-181
mls qos cos 2-183
Contents
vii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
mls qos dscp-mutation 2-185
mls qos map 2-187
mls qos queue-set output buffers 2-191
mls qos queue-set output threshold 2-193
mls qos rewrite ip dscp 2-195
mls qos srr-queue input bandwidth 2-197
mls qos srr-queue input buffers 2-199
mls qos srr-queue input cos-map 2-201
mls qos srr-queue input dscp-map 2-203
mls qos srr-queue input priority-queue 2-205
mls qos srr-queue input threshold 2-207
mls qos srr-queue output cos-map 2-209
mls qos srr-queue output dscp-map 2-211
mls qos trust 2-213
mls qos vlan-based 2-215
monitor session 2-216
mvr (global configuration) 2-220
mvr (interface configuration) 2-223
pagp learn-method 2-226
pagp port-priority 2-228
permit (MAC access-list configuration) 2-230
police 2-233
police aggregate 2-235
policy-map 2-237
port-channel load-balance 2-240
priority-queue 2-242
queue-set 2-244
radius-server dead-criteria 2-245
radius-server host 2-247
remote-span 2-249
rmon collection stats 2-253
service password-recovery 2-254
service-policy 2-256
set 2-259
setup 2-261
Contents
viii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
setup express 2-264
show access-lists 2-266
show archive status 2-269
show auto qos 2-270
show boot 2-273
show cable-diagnostics tdr 2-275
show class-map 2-277
show controllers cpu-interface 2-278
show controllers ethernet-controller 2-280
show controllers tcam 2-288
show controllers utilization 2-290
show dot1x 2-292
show dtp 2-296
show eap 2-298
show env 2-301
show errdisable detect 2-302
show errdisable flap-values 2-304
show errdisable recovery 2-306
show etherchannel 2-308
show flowcontrol 2-311
show interfaces 2-313
show interfaces counters 2-321
show inventory 2-323
show ip dhcp snooping 2-324
show ip dhcp snooping binding 2-325
show ip igmp profile 2-327
show ip igmp snooping 2-328
show ip igmp snooping groups 2-330
show ip igmp snooping mrouter 2-332
show ip igmp snooping querier 2-334
show lacp 2-336
show link state group 2-340
show mac access-group 2-342
show mac address-table 2-344
show mac address-table address 2-346
Contents
ix
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
show mac address-table aging-time 2-348
show mac address-table count 2-349
show mac address-table dynamic 2-351
show mac address-table interface 2-353
show mac address-table move update 2-355
show mac address-table notification 2-357
show mac address-table static 2-359
show mac address-table vlan 2-361
show mls qos 2-363
show mls qos aggregate-policer 2-364
show mls qos input-queue 2-365
show mls qos interface 2-367
show mls qos maps 2-371
show mls qos queue-set 2-374
show mls qos vlan 2-376
show monitor 2-377
show mvr 2-379
show mvr interface 2-381
show mvr members 2-383
show pagp 2-385
show parser macro 2-387
show policy-map 2-390
show port-security 2-392
show setup express 2-395
show spanning-tree 2-396
show storm-control 2-402
show system mtu 2-404
show udld 2-405
show version 2-408
show vlan 2-410
show vlan access-map 2-415
show vlan filter 2-416
show vmps 2-417
show vtp 2-420
shutdown 2-423
Contents
x
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
shutdown vlan 2-424
snmp-server enable traps 2-425
snmp-server host 2-428
snmp trap mac-notification 2-432
spanning-tree backbonefast 2-434
spanning-tree bpdufilter 2-435
spanning-tree bpduguard 2-437
spanning-tree cost 2-439
spanning-tree etherchannel guard misconfig 2-441
spanning-tree extend system-id 2-443
spanning-tree guard 2-445
spanning-tree link-type 2-447
spanning-tree loopguard default 2-449
spanning-tree mode 2-451
spanning-tree mst configuration 2-453
spanning-tree mst cost 2-455
spanning-tree mst forward-time 2-457
spanning-tree mst hello-time 2-458
spanning-tree mst max-age 2-459
spanning-tree mst max-hops 2-460
spanning-tree mst port-priority 2-462
spanning-tree mst pre-standard 2-464
spanning-tree mst priority 2-465
spanning-tree mst root 2-466
spanning-tree port-priority 2-468
spanning-tree portfast (global configuration) 2-470
spanning-tree portfast (interface configuration) 2-472
spanning-tree transmit hold-count 2-474
spanning-tree uplinkfast 2-475
spanning-tree vlan 2-477
speed 2-480
srr-queue bandwidth limit 2-482
srr-queue bandwidth shape 2-484
srr-queue bandwidth share 2-486
storm-control 2-488
Contents
xi
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
switchport access 2-491
switchport backup interface 2-493
switchport block 2-496
switchport host 2-497
switchport mode 2-498
switchport nonegotiate 2-500
switchport port-security 2-502
switchport port-security aging 2-507
switchport priority extend 2-509
switchport protected 2-511
switchport trunk 2-512
switchport voice vlan 2-515
system mtu 2-517
test cable-diagnostics tdr 2-519
traceroute mac 2-520
traceroute mac ip 2-523
trust 2-525
udld 2-527
udld port 2-529
udld reset 2-531
vlan (global configuration) 2-532
vlan (VLAN configuration) 2-537
vlan access-map 2-543
vlan database 2-545
vlan filter 2-548
vmps reconfirm (privileged EXEC) 2-550
vmps reconfirm (global configuration) 2-551
vmps retry 2-552
vmps server 2-553
vtp (global configuration) 2-555
vtp (VLAN configuration) 2-559
APPENDIX
A Cisco Catalyst Switch 3020 for HP Boot Loader Commands A-1
boot A-2
cat A-4
copy A-5
Contents
xii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
delete A-6
dir A-7
flash_init A-9
format A-10
fsck A-11
help A-12
load_helper A-13
memory A-14
mkdir A-15
more A-16
rename A-17
reset A-18
rmdir A-19
set A-20
type A-23
unset A-24
version A-26
APPENDIX
B Cisco Catalyst Blade Switch 3020 for HP Debug Commands B-1
debug auto qos B-2
debug backup B-4
debug dot1x B-5
debug dtp B-7
debug eap B-8
debug etherchannel B-10
debug interface B-12
debug ip igmp filter B-14
debug ip igmp max-groups B-15
debug ip igmp snooping B-16
debug lacp B-17
debug mac-notification B-18
debug matm B-19
debug matm move update B-20
debug monitor B-21
debug mvrdbg B-22
debug nvram B-23
Contents
xiii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
debug pagp B-24
debug platform acl B-25
debug platform backup interface B-26
debug platform cpu-queues B-27
debug platform dot1x B-29
debug platform etherchannel B-30
debug platform forw-tcam B-31
debug platform ip dhcp B-32
debug platform ip igmp snooping B-33
debug platform led B-35
debug platform matm B-36
debug platform messaging application B-38
debug platform phy B-39
debug platform pm B-41
debug platform port-asic B-43
debug platform port-security B-44
debug platform qos-acl-tcam B-45
debug platform remote-commands B-46
debug platform resource-manager B-47
debug platform snmp B-48
debug platform span B-49
debug platform supervisor-asic B-50
debug platform sw-bridge B-51
debug platform tcam B-52
debug platform udld B-54
debug platform vlan B-55
debug pm B-56
debug port-security B-58
debug qos-manager B-59
debug spanning-tree B-60
debug spanning-tree backbonefast B-62
debug spanning-tree bpdu B-63
debug spanning-tree bpdu-opt B-64
debug spanning-tree mstp B-65
debug spanning-tree switch B-67
Contents
xiv
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
debug spanning-tree uplinkfast B-69
debug sw-vlan B-70
debug sw-vlan ifs B-72
debug sw-vlan notification B-74
debug sw-vlan vtp B-76
debug udld B-78
debug vqpc B-80
APPENDIX
C Cisco Catalyst Blade Switch 3020 for HP Show Platform Commands C-1
show platform acl C-2
show platform backup interface C-3
show platform configuration C-4
show platform etherchannel C-5
show platform forward C-6
show platform ip igmp snooping C-8
show platform layer4op C-10
show platform mac-address-table C-11
show platform messaging C-12
show platform monitor C-13
show platform mvr table C-14
show platform pm C-15
show platform port-asic C-16
show platform port-security C-21
show platform qos C-22
show platform resource-manager C-23
show platform snmp counters C-25
show platform spanning-tree C-26
show platform stp-instance C-27
show platform tcam C-28
show platform vlan C-30
I
NDEX
xv
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Audience
This guide is for the networking professional using the Cisco IOS command-line interface (CLI) to
manage the Cisco Catalyst Blade Switch 3020 for HP, hereafter referred to as the switch. Before using
this guide, you should have experience working with the Cisco IOS commands and the switch software
features. Before using this guide, you should have experience working with the concepts and
terminology of Ethernet and local area networking.
Purpose
This guide provides the information that you need about the Layer 2 commands that have been created
or changed for use with the switch. For information about the standard Cisco IOS Release 12.2 commands,
see the Cisco IOS documentation set available from the Cisco.com home page by selecting Technical
Support & Documentation > Cisco IOS Software.
This guide does not provide procedures for configuring your switch. For detailed configuration
procedures, see the software configuration guide for this release.
This guide does not describe system messages you might encounter. For more information, see the
system message guide for this release.
For documentation updates, see the release notes for this release.
Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use these conventions:
• Commands and keywords are in boldface text.
• Arguments for which you supply values are in italic.
• Square brackets ([ ]) means optional elements.
• Braces ({}) group required choices, and vertical bars ( | ) separate the alternative elements.
• Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional
element.
xvi
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Related Publications
Interactive examples use these conventions:
• Terminal sessions and system displays are in screen font.
• Information you enter is in boldface screen font.
• Nonprinting characters, such as passwords or tabs, are in angle brackets (< >).
Notes, cautions, and warnings use these conventions and symbols:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in
this manual.
Caution Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Related Publications
These documents provide complete information about the switch and are available from this Cisco.com
site:
http://www.cisco.com/en/US/products/ps6748/tsd_products_support_series_home.html
Note Before installing, configuring, or upgrading the switch, see these documents:
• For initial configuration information, see the “Configuring the Switch Module” section in the getting
started guide or the “Configuring the Switch with the CLI-Based Setup Program” appendix in the
hardware installation guide.
• For device manager requirements, see the “System Requirements” section in the release notes (not
orderable but available on Cisco.com).
• For upgrade information, see the “Downloading Software” section in the release notes.
You can order printed copies of documents with a DOC-xxxxxx= number from the Cisco.com sites and
from the telephone numbers listed in the “Obtaining Documentation” section on page xvii.
• Release Notes for the Cisco Catalyst Blade Switch 3020 for HP (not orderable but available on
Cisco.com)
• Cisco Catalyst Blade Switch 3020 for HP System Message Guide (not orderable but available on
Cisco.com)
• Cisco Catalyst Blade Switch 3020 for HP Software Configuration Guide (not orderable but available
on Cisco.com)
• Cisco Catalyst Blade Switch 3020 for HP Command Reference (not orderable but available on
Cisco.com)
• Device manager online help (available on the switch)
• Cisco Catalyst Blade Switch 3020 for HP Hardware Installation Guide (not orderable but available
on Cisco.com)
• Cisco Catalyst Blade Switch 3020 for HP Getting Started Guide (order number DOC-7817364=)
xvii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Obtaining Documentation
• Regulatory Compliance and Safety Information for the Cisco Catalyst Blade Switch 3020 for HP
(order number DOC-7817607=)
• Cisco Small Form-Factor Pluggable Modules Installation Notes (order number DOC-7815160=)
Obtaining Documentation
Cisco documentation and additional literature are available on Cisco.com. Cisco also provides several
ways to obtain technical assistance and other technical resources. These sections explain how to obtain
technical information from Cisco Systems.
Cisco.com
You can access the most current Cisco documentation at this URL:
http://www.cisco.com/techsupport
You can access the Cisco website at this URL:
http://www.cisco.com
You can access international Cisco websites at this URL:
http://www.cisco.com/public/countries_languages.shtml
Product Documentation DVD
The Product Documentation DVD is a comprehensive library of technical product documentation on a
portable medium. The DVD enables you to access multiple versions of installation, configuration, and
command guides for Cisco hardware and software products. With the DVD, you have access to the same
HTML documentation that is found on the Cisco website without being connected to the Internet.
Certain products also have .PDF versions of the documentation available.
The Product Documentation DVD is available as a single unit or as a subscription. Registered Cisco.com
users (Cisco direct customers) can order a Product Documentation DVD (product number
DOC-DOCDVD= or DOC-DOCDVD=SUB) from Cisco Marketplace at this URL:
http://www.cisco.com/go/marketplace/
Ordering Documentation
Registered Cisco.com users may order Cisco documentation at the Product Documentation Store in the
Cisco Marketplace at this URL:
http://www.cisco.com/go/marketplace/
Nonregistered Cisco.com users can order technical documentation from 8:00 a.m. to 5:00 p.m.
(0800 to 1700) PDT by calling 1 866 463-3487 in the United States and Canada, or elsewhere by
calling 011 408 519-5055. You can also order documentation by e-mail at
tech-doc-store-mkpl@external.cisco.com or by fax at 1 408 519-5001 in the United States and Canada,
or elsewhere at 011 408 519-5001.
xviii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Documentation Feedback
Documentation Feedback
You can rate and provide feedback about Cisco technical documents by completing the online feedback
form that appears with the technical documents on Cisco.com.
You can submit comments about Cisco documentation by using the response card (if present) behind the
front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Cisco Product Security Overview
Cisco provides a free online Security Vulnerability Policy portal at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
From this site, you will find information about how to:
• Report security vulnerabilities in Cisco products.
• Obtain assistance with security incidents that involve Cisco products.
• Register to receive security information from Cisco.
A current list of security advisories, security notices, and security responses for Cisco products is
available at this URL:
http://www.cisco.com/go/psirt
To see security advisories, security notices, and security responses as they are updated in real time, you
can subscribe to the Product Security Incident Response Team Really Simple Syndication (PSIRT RSS)
feed. Information about how to subscribe to the PSIRT RSS feed is found at this URL:
http://www.cisco.com/en/US/products/products_psirt_rss_feed.html
Reporting Security Problems in Cisco Products
Cisco is committed to delivering secure products. We test our products internally before we release them,
and we strive to correct all vulnerabilities quickly. If you think that you have identified a vulnerability
in a Cisco product, contact PSIRT:
• For Emergencies only— security-alert@cisco.com
An emergency is either a condition in which a system is under active attack or a condition for which
a severe and urgent security vulnerability should be reported. All other conditions are considered
nonemergencies.
• For Nonemergencies—psirt@cisco.com
In an emergency, you can also reach PSIRT by telephone:
• 1 877 228-7302
• 1 408 525-6532
xix
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Obtaining Technical Assistance
Tip We encourage you to use Pretty Good Privacy (PGP) or a compatible product (for example, GnuPG) to
encrypt any sensitive information that you send to Cisco. PSIRT can work with information that has been
encrypted with PGP versions 2.x through 9.x.
Never use a revoked or an expired encryption key. The correct public key to use in your correspondence
with PSIRT is the one linked in the Contact Summary section of the Security Vulnerability Policy page
at this URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
The link on this page has the current PGP key ID in use.
If you do not have or use PGP, contact PSIRT at the aforementioned e-mail addresses or phone numbers
before sending any sensitive material to find other means of encrypting the data.
Obtaining Technical Assistance
Cisco Technical Support provides 24-hour-a-day award-winning technical assistance. The Cisco
Technical Support & Documentation website on Cisco.com features extensive online support resources.
In addition, if you have a valid Cisco service contract, Cisco Technical Assistance Center (TAC)
engineers provide telephone support. If you do not have a valid Cisco service contract, contact your
reseller.
Cisco Technical Support & Documentation Website
The Cisco Technical Support & Documentation website provides online documents and tools for
troubleshooting and resolving technical issues with Cisco products and technologies. The website is
available 24 hours a day, at this URL:
http://www.cisco.com/techsupport
Access to all tools on the Cisco Technical Support & Documentation website requires a Cisco.com user
ID and password. If you have a valid service contract but do not have a user ID or password, you can
register at this URL:
http://tools.cisco.com/RPF/register/register.do
Note Use the Cisco Product Identification (CPI) tool to locate your product serial number before submitting
a web or phone request for service. You can access the CPI tool from the Cisco Technical Support &
Documentation website by clicking the Tools & Resources link under Documentation & Tools. Choose
Cisco Product Identification Tool from the Alphabetical Index drop-down list, or click the Cisco
Product Identification Tool link under Alerts & RMAs. The CPI tool offers three search options: by
product ID or model name; by tree view; or for certain products, by copying and pasting show command
output. Search results show an illustration of your product with the serial number label location
highlighted. Locate the serial number label on your product and record the information before placing a
service call.
xx
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Obtaining Additional Publications and Information
Submitting a Service Request
Using the online TAC Service Request Tool is the fastest way to open S3 and S4 service requests. (S3
and S4 service requests are those in which your network is minimally impaired or for which you require
product information.) After you describe your situation, the TAC Service Request Tool provides
recommended solutions. If your issue is not resolved using the recommended resources, your service
request is assigned to a Cisco engineer. The TAC Service Request Tool is located at this URL:
http://www.cisco.com/techsupport/servicerequest
For S1 or S2 service requests, or if you do not have Internet access, contact the Cisco TAC by telephone.
(S1 or S2 service requests are those in which your production network is down or severely degraded.)
Cisco engineers are assigned immediately to S1 and S2 service requests to help keep your business
operations running smoothly.
To open a service request by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447
For a complete list of Cisco TAC contacts, go to this URL:
http://www.cisco.com/techsupport/contacts
Definitions of Service Request Severity
To ensure that all service requests are reported in a standard format, Cisco has established severity
definitions.
Severity 1 (S1)—An existing network is down, or there is a critical impact to your business operations.
You and Cisco will commit all necessary resources around the clock to resolve the situation.
Severity 2 (S2)—Operation of an existing network is severely degraded, or significant aspects of your
business operations are negatively affected by inadequate performance of Cisco products. You and Cisco
will commit full-time resources during normal business hours to resolve the situation.
Severity 3 (S3)—Operational performance of the network is impaired, while most business operations
remain functional. You and Cisco will commit resources during normal business hours to restore service
to satisfactory levels.
Severity 4 (S4)—You require information or assistance with Cisco product capabilities, installation, or
configuration. There is little or no effect on your business operations.
Obtaining Additional Publications and Information
Information about Cisco products, technologies, and network solutions is available from various online
and printed sources.
• The Cisco Product Quick Reference Guide is a handy, compact reference tool that includes brief
product overviews, key features, sample part numbers, and abbreviated technical specifications for
many Cisco products that are sold through channel partners. It is updated twice a year and includes
the latest Cisco offerings. To order and find out more about the Cisco Product Quick Reference
Guide, go to this URL:
http://www.cisco.com/go/guide
xxi
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Obtaining Additional Publications and Information
• Cisco Marketplace provides a variety of Cisco books, reference guides, documentation, and logo
merchandise. Visit Cisco Marketplace, the company store, at this URL:
http://www.cisco.com/go/marketplace/
• Cisco Press publishes a wide range of general networking, training and certification titles. Both new
and experienced users will benefit from these publications. For current Cisco Press titles and other
information, go to Cisco Press at this URL:
http://www.ciscopress.com
• Packet magazine is the Cisco Systems technical user magazine for maximizing Internet and
networking investments. Each quarter, Packet delivers coverage of the latest industry trends,
technology breakthroughs, and Cisco products and solutions, as well as network deployment and
troubleshooting tips, configuration examples, customer case studies, certification and training
information, and links to scores of in-depth online resources. You can access Packet magazine at
this URL:
http://www.cisco.com/packet
• iQ Magazine is the quarterly publication from Cisco Systems designed to help growing companies
learn how they can use technology to increase revenue, streamline their business, and expand
services. The publication identifies the challenges facing these companies and the technologies to
help solve them, using real-world case studies and business strategies to help readers make sound
technology investment decisions. You can access iQ Magazine at this URL:
http://www.cisco.com/go/iqmagazine
or view the digital edition at this URL:
http://ciscoiq.texterity.com/ciscoiq/sample/
• Internet Protocol Journal is a quarterly journal published by Cisco Systems for engineering
professionals involved in designing, developing, and operating public and private internets and
intranets. You can access the Internet Protocol Journal at this URL:
http://www.cisco.com/ipj
• Networking products offered by Cisco Systems, as well as customer support services, can be
obtained at this URL:
http://www.cisco.com/en/US/products/index.html
• Networking Professionals Connection is an interactive website for networking professionals to share
questions, suggestions, and information about networking products and technologies with Cisco
experts and other networking professionals. Join a discussion at this URL:
http://www.cisco.com/discuss/networking
• World-class networking training is available from Cisco. You can view current offerings at
this URL:
http://www.cisco.com/en/US/learning/index.html
xxii
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Preface
Obtaining Additional Publications and Information
CHAPTER
1-1
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
1
Using the Command-Line Interface
The switch is supported by Cisco IOS software. This chapter describes how to use the switch
command-line interface (CLI) to configure software features.
• For a complete description of the commands that support these features, see Chapter 2, “Cisco
Catalyst Blade Switch 3020 for HP Cisco IOS Commands.”
• For information on the boot loader commands, see Appendix A, “Cisco Catalyst Switch 3020 for
HP Boot Loader Commands.”
• For information on the debug commands, see Appendix B, “Cisco Catalyst Blade Switch 3020 for
HP Debug Commands.”
• For information on the show platform commands, see Appendix C, “Cisco Catalyst Blade Switch
3020 for HP Show Platform Commands.”
• For more information on Cisco IOS Release 12.2, see the Cisco IOS Release 12.2 Command
Summary.
• For task-oriented configuration steps, see the software configuration guide for this release.
In this document, IP refers to IP version 4 (IPv4).
CLI Command Modes
This section describes the CLI command mode structure. Command modes support specific Cisco IOS
commands. For example, the interface interface-id command only works when entered in global
configuration mode.
These are the main command modes for the switch:
• User EXEC
• Privileged EXEC
• Global configuration
• Interface configuration
• Config-vlan
• VLAN configuration
• Line configuration
1-2
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Chapter 1 Using the Command-Line Interface
CLI Command Modes
Table 1 - 1 lists the main command modes, how to access each mode, the prompt you see in that mode,
and how to exit that mode. The prompts listed use the default name Switch.
Table 1-1 Command Modes Summary
Command Mode Access Method Prompt Exit or Access Next Mode
User EXEC This is the first level of access.
(For the switch) Change terminal
settings, perform basic tasks, and
list system information.
Switch>
Enter the logout command.
To enter privileged EXEC mode, enter
the enable command.
Privileged EXEC From user EXEC mode, enter the
enable command.
Switch#
To exit to user EXEC mode, enter the
disable command.
To enter global configuration mode,
enter the configure command.
Global
configuration
From privileged EXEC mode,
enter the configure command.
Switch(config)#
To exit to privileged EXEC mode,
enter the exit or end command, or
press Ctrl-Z.
To enter interface configuration mode,
enter the interface configuration
command.
Interface
configuration
From global configuration mode,
specify an interface by entering
the interface command followed
by an interface identification.
Switch(config-if)#
To exit to privileged EXEC mode,
enter the end command, or press
Ctrl-Z.
To exit to global configuration mode,
enter the exit command.
Config-vlan In global configuration mode,
enter the vlan vlan-id command.
Switch(config-vlan)#
To exit to global configuration mode,
enter the exit command.
To return to privileged EXEC mode,
enter the end command, or press
Ctrl-Z.
VLAN
configuration
From privileged EXEC mode,
enter the vlan database
command.
Switch(vlan)#
To exit to privileged EXEC mode,
enter the exit command.
Line configuration From global configuration mode,
specify a line by entering the line
command.
Switch(config-line)#
To exit to global configuration mode,
enter the exit command.
To return to privileged EXEC mode,
enter the end command, or press
Ctrl-Z.
1-3
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Chapter 1 Using the Command-Line Interface
CLI Command Modes
User EXEC Mode
After you access the device, you are automatically in user EXEC command mode. The EXEC commands
available at the user level are a subset of those available at the privileged level. In general, use the user
EXEC commands to temporarily change terminal settings, perform basic tests, and list system
information.
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch> ?
Privileged EXEC Mode
Because many of the privileged commands configure operating parameters, privileged access should be
password-protected to prevent unauthorized use. The privileged command set includes those commands
contained in user EXEC mode, as well as the configure privileged EXEC command through which you
access the remaining command modes.
If your system administrator has set a password, you are prompted to enter it before being granted access
to privileged EXEC mode. The password does not appear on the screen and is case sensitive.
The privileged EXEC mode prompt is the device name followed by the pound sign (
#).
Switch#
Enter the enable command to access privileged EXEC mode:
Switch> enable
Switch#
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch# ?
To return to user EXEC mode, enter the disable privileged EXEC command.
Global Configuration Mode
Global configuration commands apply to features that affect the device as a whole. Use the configure
privileged EXEC command to enter global configuration mode. The default is to enter commands from
the management console.
When you enter the configure command, a message prompts you for the source of the configuration
commands:
Switch# configure
Configuring from terminal, memory, or network [terminal]?
You can specify either the terminal or NVRAM as the source of configuration commands.
This example shows you how to access global configuration mode:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
1-4
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Chapter 1 Using the Command-Line Interface
CLI Command Modes
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config)# ?
To exit global configuration command mode and to return to privileged EXEC mode, enter the end or
exit command, or press Ctrl-Z.
Interface Configuration Mode
Interface configuration commands modify the operation of the interface. Interface configuration
commands always follow a global configuration command, which defines the interface type.
Use the interface interface-id command to access interface configuration mode. The new prompt means
interface configuration mode.
Switch(config-if)#
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config-if)# ?
To exit interface configuration mode and to return to global configuration mode, enter the exit command.
To exit interface configuration mode and to return to privileged EXEC mode, enter the end command,
or press Ctrl-Z.
config-vlan Mode
Use this mode to configure normal-range VLANs (VLAN IDs 1 to 1005) or, when VTP mode is
transparent, to configure extended-range VLANs (VLAN IDs 1006 to 4094). When VTP mode is
transparent, the VLAN and VTP configuration is saved in the running configuration file, and you can
save it to the switch startup configuration file by using the copy running-config startup-config
privileged EXEC command. The configurations of VLAN IDs 1 to 1005 are saved in the VLAN database
if VTP is in transparent or server mode. The extended-range VLAN configurations are not saved in the
VLAN database.
Enter the vlan vlan-id global configuration command to access config-vlan mode:
Switch(config)# vlan 2000
Switch(config-vlan)#
The supported keywords can vary but are similar to the commands available in VLAN configuration
mode. To display a comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config-vlan)# ?
For extended-range VLANs, all characteristics except the MTU size must remain at the default setting.
To return to global configuration mode, enter exit; to return to privileged EXEC mode, enter end. All
the commands except shutdown take effect when you exit config-vlan mode.
1-5
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Chapter 1 Using the Command-Line Interface
CLI Command Modes
VLAN Configuration Mode
You can use the VLAN configuration commands to create or modify VLAN parameters for VLAN IDs
1 to 1005.
Enter the vlan database privileged EXEC command to access VLAN configuration mode:
Switch# vlan database
Switch(vlan)#
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(vlan)# ?
To return to privileged EXEC mode, enter the abort VLAN configuration command to abandon the
proposed database. Otherwise, enter exit to implement the proposed new VLAN database and to return
to privileged EXEC mode. When you enter exit or apply, the configuration is saved in the VLAN
database; configuration from VLAN configuration mode cannot be saved in the switch configuration file.
Line Configuration Mode
Line configuration commands modify the operation of a terminal line. Line configuration commands
always follow a line command, which defines a line number. Use these commands to change terminal
parameter settings line-by-line or for a range of lines.
Use the line vty line_number [ending_line_number] command to enter line configuration mode. The
new prompt means line configuration mode. The following example shows how to enter line
configuration mode for virtual terminal line 7:
Switch(config)# line vty 0 7
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config-line)# ?
To exit line configuration mode and to return to global configuration mode, use the exit command. To
exit line configuration mode and to return to privileged EXEC mode, enter the end command, or press
Ctrl-Z.
1-6
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Chapter 1 Using the Command-Line Interface
CLI Command Modes
CHAPTER
2-1
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
2
Cisco Catalyst Blade Switch 3020 for HP Cisco
IOS Commands
aaa accounting dot1x
Use the aaa accounting dot1x global configuration command to enable authentication, authorization,
and accounting (AAA) accounting and to create method lists defining specific accounting methods on a
per-line or per-interface basis for IEEE 802.1x sessions. Use the no form of this command to disable
IEEE 802.1x accounting.
aaa accounting dot1x {name | default} start-stop {broadcast group {name | radius | tacacs+}
[group {name | radius | tacacs+} ... ] | group {name | radius | tacacs+} [group {name | radius
| tacacs+} ... ]}
no aaa accounting dot1x {name | default}
Syntax Description name Name of a server group. This is optional when you enter it after the
broadcast group and group keywords.
default Use the accounting methods that follow as the default list for accounting
services.
start-stop Send a start accounting notice at the beginning of a process and a stop
accounting notice at the end of a process. The start accounting record is sent
in the background. The requested-user process begins regardless of whether
or not the start accounting notice was received by the accounting server.
broadcast Enable accounting records to be sent to multiple AAA servers and send
accounting records to the first server in each group. If the first server is
unavailable, the switch uses the list of backup servers to identify the first
server.
group Specify the server group to be used for accounting services. These are valid
server group names:
• name—Name of a server group.
• radius—List of all RADIUS hosts.
• tacacs+—List of all TACACS+ hosts.
The group keyword is optional when you enter it after the broadcast group
and group keywords. You can enter more than optional group keyword.
2-2
Cisco Catalyst Blade Switch 3020 for HP Command Reference
OL-8916-01
Chapter 2 Cisco Catalyst Blade Switch 3020 for HP Cisco IOS Commands
aaa accounting dot1x
Defaults AAA accounting is disabled.
Command Modes Global configuration
Command History
Usage Guidelines This command requires access to a RADIUS server.
We recommend that you enter the dot1x reauthentication interface configuration command before
configuring IEEE 802.1x RADIUS accounting on an interface.
Examples This example shows how to configure IEEE 802.1x accounting:
Switch(config)# aaa new-model
Switch(config)# aaa accounting dot1x default start-stop group radius
Note The RADIUS authentication server must be properly configured to accept and log update or watchdog
packets from the AAA client.
Related Commands
radius (Optional) Enable RADIUS authorization.
tacacs+ (Optional) Enable TACACS+ accounting.
Release Modification
12.2(25)SEF This command was introduced.
Command Description
aaa authentication
dot1x
Specifies one or more AAA methods for use on interfaces running
IEEE 802.1x.
aaa new-model Enables the AAA access control model. For syntax information, see the
Cisco IOS Security Command Reference, Release 12.2 > Authentication,
Authorization, and Accounting > Authentication Commands.
dot1x reauthentication Enables or disables periodic reauthentication.
dot1x timeout
reauth-period
Sets the number of seconds between re-authentication attempts.
Loading...