Page 1
Cisco IE 3000 Switch Command Reference
Cisco IOS Release 12.2(44)EX
June 2008
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-13019-01
Page 2
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way
We Work, Live, Play, and Learn is a service mark; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA,
CCNP, CCSP, CCVP, Cisco, the Cisco
Cisco
Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient,
IOS, iPhone, iQ Expertise, the iQ logo, iQ
Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The
Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx
States and certain other countries.
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (0805R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the
document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
Cisco IE 3000 Switch Command Reference
© 2008 Cisco Systems, Inc. All rights reserved.
Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo,
Net Readiness Scorecard, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MGX,
logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United
IMPLIED, INCLUDING, WITHOUT
Page 3
CONTENTS
Preface xvii
Audience xvii
Purpose xvii
Conventions xvii
Related Publications xviii
Obtaining Documentation and Submitting a Service Request xix
CHAPTER
CHAPTER
1 Using the Command-Line Interface 1-1
CLI Command Modes 1-1
User EXEC Mode 1-3
Privileged EXEC Mode 1-3
Global Configuration Mode 1-3
Interface Configuration Mode 1-4
config-vlan Mode 1-4
VLAN Configuration Mode 1-5
Line Configuration Mode 1-5
2 IE 3000 Switch Cisco IOS Commands 2-1
aaa accounting dot1x 2-1
aaa authentication dot1x 2-3
aaa authorization network 2-5
alarm facility fcs-hysteresis 2-6
alarm facility power-supply 2-7
alarm facility temperature 2-8
alarm profile (global configuration) 2-10
alarm profile (interface configuration) 2-12
alarm relay-mode 2-13
archive download-sw 2-14
archive tar 2-17
archive upload-sw 2-20
auto qos voip 2-22
boot config-file 2-26
OL-13019-01
Cisco IE 3000 Switch Command Reference
iii
Page 4
Contents
boot enable-break 2-27
boot helper 2-28
boot helper-config-file 2-29
boot manual 2-30
boot private-config-file 2-31
boot system 2-32
channel-group 2-33
channel-protocol 2-36
cip 2-37
class 2-38
class-map 2-40
clear dot1x 2-42
clear eap sessions 2-43
clear errdisable interface 2-44
clear ip dhcp snooping 2-45
clear lacp 2-47
clear mac address-table 2-48
clear mac address-table move update 2-49
clear pagp 2-50
clear port-security 2-51
clear spanning-tree counters 2-53
clear spanning-tree detected-protocols 2-54
clear vmps statistics 2-55
clear vtp counters 2-56
cluster commander-address 2-57
cluster discovery hop-count 2-59
cluster enable 2-60
cluster holdtime 2-62
cluster member 2-63
cluster outside-interface 2-65
cluster run 2-66
cluster standby-group 2-67
cluster timer 2-69
define interface-range 2-70
delete 2-72
Cisco IE 3000 Switch Command Reference
iv
OL-13019-01
Page 5
deny (MAC access-list configuration) 2-73
dot1x 2-76
dot1x auth-fail max-attempts 2-78
dot1x auth-fail vlan 2-80
dot1x control-direction 2-82
dot1x critical (global configuration) 2-84
dot1x critical (interface configuration) 2-86
dot1x default 2-88
dot1x fallback 2-89
dot1x guest-vlan 2-90
dot1x host-mode 2-92
dot1x initialize 2-93
dot1x mac-auth-bypass 2-94
Contents
dot1x max-reauth-req 2-96
dot1x max-req 2-97
dot1x pae 2-98
dot1x port-control 2-99
dot1x re-authenticate 2-101
dot1x reauthentication 2-102
dot1x test eapol-capable 2-103
dot1x test timeout 2-104
dot1x timeout 2-105
duplex 2-107
errdisable detect cause 2-109
errdisable detect cause small-frame 2-111
errdisable recovery cause small-frame 2-113
errdisable recovery 2-114
exception crashinfo 2-116
fallback profile 2-117
fcs-threshold 2-119
flowcontrol 2-120
interface port-channel 2-122
interface range 2-124
interface vlan 2-126
ip access-group 2-127
OL-13019-01
Cisco IE 3000 Switch Command Reference
v
Page 6
Contents
ip address 2-129
ip admission 2-131
ip admission name proxy http 2-132
ip dhcp snooping 2-134
ip dhcp snooping binding 2-135
ip dhcp snooping database 2-137
ip dhcp snooping information option 2-139
ip dhcp snooping information option allow-untrusted 2-141
ip dhcp snooping limit rate 2-143
ip dhcp snooping trust 2-144
ip dhcp snooping verify 2-145
ip dhcp snooping vlan 2-146
ip igmp filter 2-147
ip igmp max-groups 2-149
ip igmp profile 2-151
ip igmp snooping 2-153
ip igmp snooping last-member-query-interval 2-155
ip igmp snooping querier 2-157
ip igmp snooping report-suppression 2-159
ip igmp snooping tcn 2-161
ip igmp snooping tcn flood 2-163
ip igmp snooping vlan immediate-leave 2-164
ip igmp snooping vlan mrouter 2-165
ip igmp snooping vlan static 2-167
ip ssh 2-169
lacp port-priority 2-171
lacp system-priority 2-173
location (global configuration) 2-175
location (interface configuration) 2-177
link state group 2-179
link state track 2-181
logging event 2-182
logging file 2-183
mac access-group 2-185
mac access-list extended 2-187
Cisco IE 3000 Switch Command Reference
vi
OL-13019-01
Page 7
mac address-table aging-time 2-189
mac address-table move update 2-190
mac address-table notification 2-192
mac address-table static 2-194
mac address-table static drop 2-195
macro apply 2-197
macro description 2-200
macro global 2-201
macro global description 2-204
macro name 2-205
match (class-map configuration) 2-207
mdix auto 2-209
media-type 2-211
Contents
mls qos 2-213
mls qos aggregate-policer 2-215
mls qos cos 2-217
mls qos dscp-mutation 2-219
mls qos map 2-221
mls qos queue-set output buffers 2-225
mls qos queue-set output threshold 2-227
mls qos rewrite ip dscp 2-229
mls qos srr-queue input bandwidth 2-231
mls qos srr-queue input buffers 2-233
mls qos srr-queue input cos-map 2-235
mls qos srr-queue input dscp-map 2-237
mls qos srr-queue input priority-queue 2-239
mls qos srr-queue input threshold 2-241
mls qos srr-queue output cos-map 2-243
mls qos srr-queue output dscp-map 2-245
mls qos trust 2-247
monitor session 2-249
mvr (global configuration) 2-254
mvr (interface configuration) 2-257
pagp learn-method 2-260
pagp port-priority 2-262
OL-13019-01
Cisco IE 3000 Switch Command Reference
vii
Page 8
Contents
permit (MAC access-list configuration) 2-264
police 2-267
police aggregate 2-269
policy-map 2-271
port-channel load-balance 2-273
power-supply dual 2-275
priority-queue 2-276
queue-set 2-278
radius-server dead-criteria 2-279
radius-server host 2-281
rcommand 2-283
remote-span 2-285
renew ip dhcp snooping database 2-287
rmon collection stats 2-289
sdm prefer 2-290
service password-recovery 2-292
service-policy 2-294
set 2-296
setup 2-298
setup express 2-301
show access-lists 2-303
show alarm description port 2-306
show alarm profile 2-307
show alarm settings 2-309
show archive status 2-311
show auto qos 2-312
show boot 2-316
show cable-diagnostics tdr 2-318
show cip 2-320
show class-map 2-321
show cluster 2-322
show cluster candidates 2-324
show cluster members 2-326
show controllers cpu-interface 2-328
show controllers ethernet-controller 2-330
Cisco IE 3000 Switch Command Reference
viii
OL-13019-01
Page 9
show controllers tcam 2-337
show controllers utilization 2-339
show dot1x 2-341
show dtp 2-345
show eap 2-347
show env 2-350
show errdisable detect 2-351
show errdisable flap-values 2-353
show errdisable recovery 2-355
show etherchannel 2-357
show facility-alarm relay 2-360
show facility-alarm status 2-361
show fallback profile 2-362
Contents
show fcs-threshold 2-364
show flowcontrol 2-366
show interfaces 2-368
show interfaces counters 2-377
show inventory 2-379
show ip dhcp snooping 2-380
show ip dhcp snooping binding 2-381
show ip dhcp snooping database 2-383
show ip dhcp snooping statistics 2-385
show ip igmp profile 2-388
show ip igmp snooping 2-389
show ip igmp snooping groups 2-392
show ip igmp snooping mrouter 2-394
show ip igmp snooping querier 2-396
show lacp 2-398
show location 2-402
show link state group 2-405
show mac access-group 2-407
show mac address-table 2-409
show mac address-table address 2-411
show mac address-table aging-time 2-413
show mac address-table count 2-415
OL-13019-01
Cisco IE 3000 Switch Command Reference
ix
Page 10
Contents
show mac address-table dynamic 2-417
show mac address-table interface 2-419
show mac address-table move update 2-421
show mac address-table notification 2-423
show mac address-table static 2-425
show mac address-table vlan 2-427
show mls qos 2-429
show mls qos aggregate-policer 2-430
show mls qos input-queue 2-431
show mls qos interface 2-433
show mls qos maps 2-437
show mls qos queue-set 2-440
show mls qos vlan 2-442
show monitor 2-443
show mvr 2-445
show mvr interface 2-447
show mvr members 2-449
show pagp 2-451
show parser macro 2-453
show policy-map 2-456
show port-security 2-458
show sdm prefer 2-461
show setup express 2-463
show spanning-tree 2-464
show storm-control 2-470
show system mtu 2-472
show udld 2-473
show version 2-476
show vlan 2-478
show vmps 2-482
show vtp 2-484
shutdown 2-489
shutdown vlan 2-490
small-frame violation rate 2-491
snmp-server enable traps 2-493
Cisco IE 3000 Switch Command Reference
x
OL-13019-01
Page 11
snmp-server host 2-496
snmp trap mac-notification 2-500
spanning-tree backbonefast 2-502
spanning-tree bpdufilter 2-503
spanning-tree bpduguard 2-505
spanning-tree cost 2-507
spanning-tree etherchannel guard misconfig 2-509
spanning-tree extend system-id 2-511
spanning-tree guard 2-512
spanning-tree link-type 2-514
spanning-tree loopguard default 2-516
spanning-tree mode 2-518
spanning-tree mst configuration 2-520
Contents
spanning-tree mst cost 2-522
spanning-tree mst forward-time 2-524
spanning-tree mst hello-time 2-525
spanning-tree mst max-age 2-526
spanning-tree mst max-hops 2-527
spanning-tree mst port-priority 2-528
spanning-tree mst pre-standard 2-530
spanning-tree mst priority 2-531
spanning-tree mst root 2-532
spanning-tree port-priority 2-534
spanning-tree portfast (global configuration) 2-536
spanning-tree portfast (interface configuration) 2-538
spanning-tree transmit hold-count 2-540
spanning-tree uplinkfast 2-541
spanning-tree vlan 2-543
speed 2-546
srr-queue bandwidth limit 2-548
srr-queue bandwidth shape 2-550
srr-queue bandwidth share 2-552
storm-control 2-554
switchport access 2-557
switchport backup interface 2-559
OL-13019-01
Cisco IE 3000 Switch Command Reference
xi
Page 12
Contents
switchport block 2-563
switchport host 2-564
switchport mode 2-565
switchport nonegotiate 2-567
switchport port-security 2-569
switchport port-security aging 2-574
switchport priority extend 2-576
switchport protected 2-578
switchport trunk 2-579
switchport voice vlan 2-582
system mtu 2-584
test cable-diagnostics tdr 2-586
test relay 2-587
APPENDIX
traceroute mac 2-588
traceroute mac ip 2-591
trust 2-593
udld 2-595
udld port 2-597
udld reset 2-599
vlan (global configuration) 2-600
vlan (VLAN configuration) 2-605
vlan database 2-611
vmps reconfirm (privileged EXEC) 2-614
vmps reconfirm (global configuration) 2-615
vmps retry 2-616
vmps server 2-617
vtp (global configuration) 2-619
vtp (VLAN configuration) 2-623
A IE 3000 Switch Bootloader Commands A-1
boot A-2
cat A-4
copy A-5
delete A-6
dir A-7
flash_init A-9
Cisco IE 3000 Switch Command Reference
xii
OL-13019-01
Page 13
format A-10
fsck A-11
help A-12
memory A-13
mkdir A-14
more A-15
rename A-16
reset A-17
rmdir A-18
set A-19
type A-22
unset A-23
version A-25
Contents
APPENDIX
B IE 3000 Switch Debug Commands B-1
debug auto qos B-2
debug backup B-4
debug cip B-5
debug cluster B-6
debug dot1x B-8
debug dtp B-9
debug eap B-10
debug etherchannel B-11
debug interface B-12
debug ip dhcp snooping B-13
debug ip igmp filter B-14
debug ip igmp max-groups B-15
debug ip igmp snooping B-16
debug lacp B-17
debug mac-notification B-18
debug matm B-19
debug matm move update B-20
debug monitor B-21
debug mvrdbg B-22
debug nvram B-23
debug pagp B-24
OL-13019-01
Cisco IE 3000 Switch Command Reference
xiii
Page 14
Contents
debug platform acl B-25
debug platform backup interface B-26
debug platform cpu-queues B-27
debug platform dot1x B-29
debug platform etherchannel B-30
debug platform forw-tcam B-31
debug platform ip dhcp B-32
debug platform ip igmp snooping B-33
debug platform led B-35
debug platform matm B-36
debug platform messaging application B-37
debug platform phy B-38
debug platform pm B-40
debug platform port-asic B-42
debug platform port-security B-43
debug platform qos-acl-tcam B-44
debug platform resource-manager B-45
debug platform snmp B-46
debug platform span B-47
debug platform supervisor-asic B-48
debug platform sw-bridge B-49
debug platform tcam B-50
debug platform udld B-52
debug platform vlan B-53
debug pm B-54
debug port-security B-56
debug qos-manager B-57
debug spanning-tree B-58
debug spanning-tree backbonefast B-60
debug spanning-tree bpdu B-61
debug spanning-tree bpdu-opt B-62
debug spanning-tree mstp B-63
debug spanning-tree switch B-65
debug spanning-tree uplinkfast B-67
debug sw-vlan B-68
Cisco IE 3000 Switch Command Reference
xiv
OL-13019-01
Page 15
debug sw-vlan ifs B-70
debug sw-vlan notification B-71
debug sw-vlan vtp B-72
debug udld B-74
debug vqpc B-76
Contents
APPENDIX
C IE 3000 Switch Show Platform Commands C-1
show platform acl C-2
show platform backup interface C-3
show platform etherchannel C-4
show platform forward C-5
show platform ip igmp snooping C-7
show platform layer4op C-9
show platform mac-address-table C-10
show platform messaging C-11
show platform monitor C-12
show platform mvr table C-13
show platform pm C-14
show platform port-asic C-15
show platform port-security C-20
show platform qos C-21
show platform resource-manager C-22
show platform snmp counters C-24
show platform spanning-tree C-25
show platform stp-instance C-26
show platform tcam C-27
show platform vlan C-29
I
NDEX
OL-13019-01
Cisco IE 3000 Switch Command Reference
xv
Page 16
Contents
Cisco IE 3000 Switch Command Reference
xvi
OL-13019-01
Page 17
Audience
Preface
This guide is for the networking professional using the Cisco IOS command-line interface (CLI) to
manage the Cisco IE 3000 switch, hereafter referred to as the switch. Before using this guide, you should
have experience working with the Cisco IOS commands and the switch software features. Before using
this guide, you should have experience working with the concepts and terminology of Ethernet and local
area networking.
Purpose
This guide provides the information that you need about the Layer 2 commands that have been created
or changed for use with the IE 3000 switches. For information about the standard Cisco IOS Release 12.2
commands, see the Cisco IOS documentation set available from the Cisco.com home page by selecting
Technical Support & Documentation > Cisco IOS Software.
This guide does not provide procedures for configuring your switch. For detailed configuration
procedures, see the software configuration guide for this release.
This guide does not describe system messages you might encounter. For more information, see the
system message guide for this release.
For documentation updates, see the release notes for this release.
Conventions
This publication uses these conventions to convey instructions and information:
Command descriptions use these conventions:
• Commands and keywords are in boldface text.
• Arguments for which you supply values are in italic.
• Square brackets ([ ]) means optional elements.
• Braces ({}) group required choices, and vertical bars ( | ) separate the alternative elements.
• Braces and vertical bars within square brackets ([{ | }]) mean a required choice within an optional
element.
OL-13019-01
Cisco IE 3000 Switch Command Reference
xvii
Page 18
Interactive examples use these conventions:
• Terminal sessions and system displays are in screen font.
• Information you enter is in boldface screen font.
• Nonprinting characters, such as passwords or tabs, are in angle brackets (< >).
Notes, cautions, and warnings use these conventions and symbols:
Note Means reader take note. Notes contain helpful suggestions or references to materials not contained in
this manual.
Caution Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Related Publications
Preface
These documents provide complete information about the switch and are available from this Cisco.com
site:
http://www.cisco.com/en/US/products/ps9703/tsd_products_support_series_home.html
Note Before installing, configuring, or upgrading the switch, see these documents:
• For initial configuration information, see the “Using Express Setup” section in the getting started
guide or the “Configuring the Switch with the CLI-Based Setup Program” appendix in the hardware
installation guide.
• For device manager requirements, see the “System Requirements” section in the release notes (not
orderable but available on Cisco.com).
• For Network Assistant requirements, see the Getting Started with Cisco Network Assistant (not
orderable but available on Cisco.com).
• For cluster requirements, see the Release Notes for Cisco Network Assistant (not orderable but
available on Cisco.com).
• For upgrade information, see the “Downloading Software” section in the release notes.
See these documents for other information about the switches:
• Release Notes for the Cisco IE 3000 Switch
• Cisco IE 3000 Switch Software Configuration Guide
• Cisco IE 3000 Switch Command Reference
• Cisco IE 3000 Switch System Message Guide
• Device manager online help (available on the switch)
• Cisco IE 3000 Switch Hardware Installation Guide
• Cisco IE 3000 Switch Getting Started Guide
• Regulatory Compliance and Safety Information for the Cisco IE 3000 Switch
Cisco IE 3000 Switch Command Reference
xviii
OL-13019-01
Page 19
Preface
• Getting Started with Cisco Network Assistant
• Release Notes for Cisco Network Assistant
• Cisco Small Form-Factor Pluggable Modules Installation Notes
• For information about the Network Admission Control (NAC) features, see the Network Admission
Control Software Configuration Guide (not orderable but available on Cisco.com)
• This compatibility matrix document is available from this Cisco.com site:
http://www.cisco.com/en/US/products/hw/modules/ps5455/products_device_support_tables_list.html
–
Cisco Gigabit Ethernet Transceiver Modules Compatibility Matrix
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional
information, see the monthly What’s
revised Cisco
technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS version 2.0.
New in Cisco Product Documentation, which also lists all new and
OL-13019-01
Cisco IE 3000 Switch Command Reference
xix
Page 20
Preface
Cisco IE 3000 Switch Command Reference
xx
OL-13019-01
Page 21
CHAPTER
1
Using the Command-Line Interface
The IE 3000 switch is supported by Cisco IOS software. This chapter describes how to use the switch
command-line interface (CLI) to configure software features.
• For a complete description of the commands that support these features, see Chapter 2, “IE 3000
Switch Cisco IOS Commands.”
• For information on the bootloader commands, see Appendix A, “IE 3000 Switch Bootloader
Commands.”
• For information on the debug commands, see Appendix B, “IE 3000 Switch Debug Commands.”
• For information on the show platform commands, see Appendix C, “IE 3000 Switch Show Platform
Commands.”
• For more information on Cisco IOS Release 12.2, see the Cisco IOS Release 12.2 Command
Summary.
• For task-oriented configuration steps, see the software configuration guide for this release.
In this document, IP refers to IP version 4 (IPv4).
CLI Command Modes
This section describes the CLI command mode structure. Command modes support specific Cisco IOS
commands. For example, the interface interface-id command only works when entered in global
configuration mode.
These are the main command modes for the switch:
• User EXEC
• Privileged EXEC
• Global configuration
• Interface configuration
• Config-vlan
• VLAN configuration
• Line configuration
OL-13019-01
Cisco IE 3000 Switch Command Reference
1-1
Page 22
Chapter 1 Using the Command-Line Interface
CLI Command Modes
Table 1-1 lists the main command modes, how to access each mode, the prompt you see in that mode,
and how to exit that mode. The prompts listed use the default name Switch.
Ta b l e 1-1 Command Modes Summary
Command Mode Access Method Prompt Exit or Access Next Mode
User EXEC This is the first level of access.
Switch>
Enter the logout command.
(For the switch) Change terminal
settings, perform basic tasks, and
list system information.
Privileged EXEC From user EXEC mode, enter the
enable command.
Global
configuration
Interface
configuration
From privileged EXEC mode,
enter the configure command.
From global configuration mode,
specify an interface by entering
the interface command followed
by an interface identification.
Config-vlan In global configuration mode,
enter the vlan vlan-id command.
VLAN
configuration
From privileged EXEC mode,
enter the vlan database
command.
Line configuration From global configuration mode,
specify a line by entering the line
command.
Switch#
Switch(config)#
Switch(config-if)#
Switch(config-vlan)#
Switch(vlan)#
Switch(config-line)#
To enter privileged EXEC mode, enter
the enable command.
To exit to user EXEC mode, enter the
disable command.
To enter global configuration mode,
enter the configure command.
To exit to privileged EXEC mode,
enter the exit or end command, or
press Ctrl-Z.
To enter interface configuration mode,
enter the interface configuration
command.
To exit to privileged EXEC mode,
enter the end command, or press
Ctrl-Z.
To exit to global configuration mode,
enter the exit command.
To exit to global configuration mode,
enter the exit command.
To return to privileged EXEC mode,
enter the end command, or press
Ctrl-Z.
To exit to privileged EXEC mode,
enter the exit command.
To exit to global configuration mode,
enter the exit command.
To return to privileged EXEC mode,
enter the end command, or press
Ctrl-Z.
Cisco IE 3000 Switch Command Reference
1-2
OL-13019-01
Page 23
Chapter 1 Using the Command-Line Interface
User EXEC Mode
After you access the device, you are automatically in user EXEC command mode. The EXEC commands
available at the user level are a subset of those available at the privileged level. In general, use the user
EXEC commands to temporarily change terminal settings, perform basic tests, and list system
information.
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch> ?
Privileged EXEC Mode
Because many of the privileged commands configure operating parameters, privileged access should be
password-protected to prevent unauthorized use. The privileged command set includes those commands
contained in user EXEC mode, as well as the configure privileged EXEC command through which you
access the remaining command modes.
If your system administrator has set a password, you are prompted to enter it before being granted access
to privileged EXEC mode. The password does not appear on the screen and is case sensitive.
The privileged EXEC mode prompt is the device name followed by the pound sign (#).
Switch#
CLI Command Modes
Enter the enable command to access privileged EXEC mode:
Switch> enable
Switch#
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch# ?
To return to user EXEC mode, enter the disable privileged EXEC command.
Global Configuration Mode
Global configuration commands apply to features that affect the device as a whole. Use the configure
privileged EXEC command to enter global configuration mode. The default is to enter commands from
the management console.
When you enter the configure command, a message prompts you for the source of the configuration
commands:
Switch# configure
Configuring from terminal, memory, or network [terminal]?
You can specify either the terminal or NVRAM as the source of configuration commands.
This example shows you how to access global configuration mode:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
OL-13019-01
Cisco IE 3000 Switch Command Reference
1-3
Page 24
CLI Command Modes
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config)# ?
To exit global configuration command mode and to return to privileged EXEC mode, enter the end or
exit command, or press Ctrl-Z.
Interface Configuration Mode
Interface configuration commands modify the operation of the interface. Interface configuration
commands always follow a global configuration command, which defines the interface type.
Use the interface interface-id command to access interface configuration mode. The new prompt means
interface configuration mode.
Switch(config-if)#
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config-if)# ?
Chapter 1 Using the Command-Line Interface
To exit interface configuration mode and to return to global configuration mode, enter the exit command.
To exit interface configuration mode and to return to privileged EXEC mode, enter the end command,
or press Ctrl-Z.
config-vlan Mode
Use this mode to configure normal-range VLANs (VLAN IDs 1 to 1005) or, when VTP mode is
transparent, to configure extended-range VLANs (VLAN IDs 1006 to 4094). When VTP mode is
transparent, the VLAN and VTP configuration is saved in the running configuration file, and you can
save it to the switch startup configuration file by using the copy running-config startup-config
privileged EXEC command. The configurations of VLAN IDs 1 to 1005 are saved in the VLAN database
if VTP is in transparent or server mode. The extended-range VLAN configurations are not saved in the
VLAN database.
Enter the vlan vlan-id global configuration command to access config-vlan mode:
Switch(config)# vlan 2000
Switch(config-vlan)#
The supported keywords can vary but are similar to the commands available in VLAN configuration
mode. To display a comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config-vlan)# ?
For extended-range VLANs, all characteristics except the MTU size must remain at the default setting.
To return to global configuration mode, enter exit; to return to privileged EXEC mode, enter end. All
the commands except shutdown take effect when you exit config-vlan mode.
Cisco IE 3000 Switch Command Reference
1-4
OL-13019-01
Page 25
Chapter 1 Using the Command-Line Interface
VLAN Configuration Mode
You can use the VLAN configuration commands to create or modify VLAN parameters for VLAN IDs
1 to 1005.
Enter the vlan database privileged EXEC command to access VLAN configuration mode:
Switch# vlan database
Switch(vlan)#
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(vlan)# ?
To return to privileged EXEC mode, enter the abort VLAN configuration command to abandon the
proposed database. Otherwise, enter exit to implement the proposed new VLAN database and to return
to privileged EXEC mode. When you enter exit or apply, the configuration is saved in the VLAN
database; configuration from VLAN configuration mode cannot be saved in the switch configuration file.
Line Configuration Mode
CLI Command Modes
Line configuration commands modify the operation of a terminal line. Line configuration commands
always follow a line command, which defines a line number. Use these commands to change terminal
parameter settings line-by-line or for a range of lines.
Use the line vty line_number [ending_line_number] command to enter line configuration mode. The
new prompt means line configuration mode. The following example shows how to enter line
configuration mode for virtual terminal line
Switch(config)# line vty 0 7
7:
The supported commands can vary depending on the version of software in use. To display a
comprehensive list of commands, enter a question mark (?) at the prompt.
Switch(config-line)# ?
To exit line configuration mode and to return to global configuration mode, use the exit command. To
exit line configuration mode and to return to privileged EXEC mode, enter the end command, or press
Ctrl-Z.
OL-13019-01
Cisco IE 3000 Switch Command Reference
1-5
Page 26
CLI Command Modes
Chapter 1 Using the Command-Line Interface
Cisco IE 3000 Switch Command Reference
1-6
OL-13019-01
Page 27
CHAPTER
2
IE 3000 Switch Cisco IOS Commands
aaa accounting dot1x
Use the aaa accounting dot1x global configuration command to enable authentication, authorization,
and accounting (AAA) accounting and to create method lists defining specific accounting methods on a
per-line or per-interface basis for IEEE 802.1x sessions. Use the no form of this command to disable
IEEE
802.1x accounting.
aaa accounting dot1x {name | default} start-stop {broadcast group {name | radius | tacacs+}
[group {name | radius | tacacs+} ... ] | group {name | radius | tacacs+} [group { name | radius
| tacacs+} ... ]}
no aaa accounting dot1x {name | default}
Syntax Description name Name of a server group. This is optional when you enter it after the
broadcast group and group keywords.
default Use the accounting methods that follow as the default list for accounting
services.
start-stop Send a start accounting notice at the beginning of a process and a stop
accounting notice at the end of a process. The start accounting record is sent
in the background. The requested-user process begins regardless of whether
or not the start accounting notice was received by the accounting server.
broadcast Enable accounting records to be sent to multiple AAA servers and send
accounting records to the first server in each group. If the first server is
unavailable, the switch uses the list of backup servers to identify the first
server.
group Specify the server group to be used for accounting services. These are valid
server group names:
radius (Optional) Enable RADIUS authorization.
tacacs+ (Optional) Enable TACACS+ accounting.
OL-13019-01
• name—Name of a server group.
• radius—List of all RADIUS hosts.
• tacacs+—List of all TACACS+ hosts.
The group keyword is optional when you enter it after the broadcast group
and group keywords. You can enter more than optional group keyword.
Cisco IE 3000 Switch Command Reference
2-1
Page 28
aaa accounting dot1x
Defaults AAA accounting is disabled.
Command Modes Global configuration
Chapter 2 IE 3000 Switch Cisco IOS Commands
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines This command requires access to a RADIUS server.
We recommend that you enter the dot1x reauthentication interface configuration command before
configuring IEEE 802.1x RADIUS accounting on an interface.
Examples This example shows how to configure IEEE 802.1x accounting:
Switch(config)# aaa new-model
Switch(config)# aaa accounting dot1x default start-stop group radius
Note The RADIUS authentication server must be properly configured to accept and log update or watchdog
packets from the AAA client.
Related Commands
Command Description
aaa authentication
dot1x
Specifies one or more AAA methods for use on interfaces running
IEEE
802.1x.
aaa new-model Enables the AAA access control model. For syntax information, see the
Cisco IOS Security Command Reference, Release 12.2 > Authentication,
Authorization, and Accounting > Authentication Commands.
dot1x reauthentication Enables or disables periodic reauthentication.
dot1x timeout
Sets the number of seconds between re-authentication attempts.
reauth-period
Cisco IE 3000 Switch Command Reference
2-2
OL-13019-01
Page 29
Chapter 2 IE 3000 Switch Cisco IOS Commands
aaa authentication dot1x
Use the aaa authentication dot1x global configuration command to specify the authentication,
authorization, and accounting (AAA) method to use on ports complying with the IEEE 802.1x
authentication. Use the no form of this command to disable authentication.
aaa authentication dot1x {default} method1
no aaa authentication dot1x {default}
aaa authentication dot1x
Syntax Description
default Use the listed authentication method that follows this argument as the default
method when a user logs in.
method1 Enter the group radius keywords to use the list of all RADIUS servers for
authentication.
Note Though other keywords are visible in the command-line help strings, only the default and group radius
keywords are supported.
Defaults No authentication is performed.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines The method argument identifies the method that the authentication algorithm tries in the given sequence
to validate the password provided by the client. The only method that is truly IEEE 802.1x-compliant is
the group radius method, in which the client data is validated against a RADIUS authentication server.
If you specify group radius, you must configure the RADIUS server by entering the radius-server host
global configuration command.
Use the show running-config privileged EXEC command to display the configured lists of
authentication methods.
Examples This example shows how to enable AAA and how to create an IEEE 802.1x-compliant authentication
list. This authentication first tries to contact a RADIUS server. If this action returns an error, the user is
not allowed access to the network.
Switch(config)# aaa new-model
Switch(config)# aaa authentication dot1x default group radius
You can verify your settings by entering the show running-config privileged EXEC command.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-3
Page 30
aaa authentication dot1x
Related Commands Command Description
aaa new-model Enables the AAA access control model. For syntax information, see the
Cisco IOS Security Command Reference, Release 12.2 > Authentication,
Authorization, and Accounting > Authentication Commands.
show running-config Displays the current operating configuration. For syntax information, select
Cisco IOS Configuration Fundamentals Command Reference, Release
12.2 > File Management Commands > Configuration File Management
Commands.
Chapter 2 IE 3000 Switch Cisco IOS Commands
Cisco IE 3000 Switch Command Reference
2-4
OL-13019-01
Page 31
Chapter 2 IE 3000 Switch Cisco IOS Commands
aaa authorization network
Use the aaa authorization network global configuration command to the configure the switch to use
user-RADIUS authorization for all network-related service requests, such as IEEE 802.1x VLAN
assignment. Use the no form of this command to disable RADIUS user authorization.
aaa authorization network default group radius
no aaa authorization network default
aaa authorization network
Syntax Description
Defaults Authorization is disabled.
Command Modes Global configuration
Command History
Usage Guidelines Use the aaa authorization network default group radius global configuration command to allow the
default group
radius
Release Modification
12.2(44)EX This command was introduced.
switch to download IEEE 802.1x authorization parameters from the RADIUS servers in the default
authorization list. The authorization parameters are used by features such as VLAN assignment to get
parameters from the RADIUS servers.
Use the show running-config privileged EXEC command to display the configured lists of authorization
methods.
Use the list of all RADIUS hosts in the server group as the default authorization
list.
Examples This example shows how to configure the switch for user RADIUS authorization for all network-related
service requests:
Switch(config)# aaa authorization network default group radius
You can verify your settings by entering the show running-config privileged EXEC command.
Related Commands
OL-13019-01
Command Description
show running-config Displays the current operating configuration. For syntax information, select
Cisco IOS Configuration Fundamentals Command Reference, Release
12.2 > File Management Commands > Configuration File Management
Commands.
Cisco IE 3000 Switch Command Reference
2-5
Page 32
alarm facility fcs-hysteresis
alarm facility fcs-hysteresis
Use the alarm facility fcs-hysteresis global configuration command to set the frame check sequence
(FCS) error hysteresis threshold as a percentage of fluctuation from the FCS bit-error rate. Use the no
form of this command to set the FCS error hysteresis threshold to its default value.
alarm facility fcs-hysteresis percentage
no alarm facility fcs-hysteresis percentage
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
Defaults The default threshold-value is 10 percent.
Command Modes Global configuration
Command History
Usage Guidelines Set a hysteresis threshold to cause an alarm to trigger when the FCS bit-error rate fluctuates near the
percentage Hysteresis threshold fluctuation. The range is 1 to 10 percent.
Release Modification
12.2(44)EX This command was introduced.
configured rate.
You set the FCS hysteresis threshold for all ports on the switch. You set the FCS error rate on a per-port
basis by using the fcs-threshold interface configuration command.
If the threshold is not the default, it appears in the output of the show running-config privileged EXEC
command.
Examples This example shows how to set the FCS error hysteresis to 5 percent. The alarm is not triggered unless
the bit error rate is more than 5 percent from the configured FCS bit-error rate.
Switch(config)# alarm facility fcs-hysteresis 5
Related Commands
Cisco IE 3000 Switch Command Reference
2-6
Command Description
fcs-threshold Sets an FCS error rate for an interface.
show running-config Displays the running configuration on the switch, including FCS hysteresis
threshold if it is not set at the default.
OL-13019-01
Page 33
Chapter 2 IE 3000 Switch Cisco IOS Commands
alarm facility power-supply
Use the alarm facility power-supply global configuration command to set the alarm options for a
missing or failing power supply when the system is operating in dual power-supply mode. Use the no
form of the command to disable the specified setting.
alarm facility power-supply {disable | notifies | relay {major | minor} | syslog}
no alarm facility power-supply {disable | notifies | relay {major | minor} | syslog}
alarm facility power-supply
Syntax Description
Defaults A power supply alarm message is stored but not sent to an SNMP server, to a relay, or to a syslog server.
Command Modes Global configuration
Command History
Usage Guidelines Power supply alarms are generated only when the system is in dual power-supply mode. When a second
disable Disable the power supply alarm.
notifies Send power supply alarm traps to an SNMP server.
relay major Send the alarm to the major relay circuitry.
relay minor Send the alarm to the minor relay circuitry.
syslog Send power supply alarm traps to a syslog server.
Release Modification
12.2(44)EX This command was introduced.
power supply is connected, you must use the power-supply dual global configuration command to set
dual power-mode operation.
Before you use the notifies keyword to send alarm traps to an SNMP host, you need to set up an SNMP
server by using the snmp-server enable traps global configuration command.
Examples This example shows how to set the power-supply monitoring alarm to go to the minor relay circuitry:
Switch(config)# alarm facility power-supply relay minor
Related Commands
OL-13019-01
Command Description
power-supply dual Sets the switch to operate in dual power-supply mode.
show alarm settings Displays environmental alarm settings and options.
snmp-server enable traps Enables the switch to send SNMP notification for various trap types to
the network management system (NMS).
Cisco IE 3000 Switch Command Reference
2-7
Page 34
alarm facility temperature
alarm facility temperature
Use the alarm facility temperature global configuration command to configure a primary temperature
monitoring alarm or to configure a secondary temperature alarm threshold with a lower maximum
temperature threshold. Use the no form of this command to delete the temperature monitoring alarm
configuration or to disable the secondary temperature alarm.
alarm facility temperature {primary {high | low | notifies | relay {major | minor} | syslog} |
secondary {high | low | notifies | relay {major | minor} | syslog}}
no alarm facility temperature {primary {high | low | notifies | relay {major | minor} | syslog} |
secondary {high | low | notifies | relay {major | minor} | syslog}}
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
Defaults The primary temperature alarm is enabled for a –4 to 203ºF (–20 to 95oC) range and cannot be disabled.
Command Modes Global configuration
Command History
high Set the high temperature threshold for the primary or secondary temperature
alarm. The range is –238 to 572ºF (–150 to 300ºC).
low Set the low temperature threshold for the primary or secondary temperature
alarm. The range is –328 to 482ºF (–200 to 250ºC).
notifies Send primary or secondary temperature alarm traps to an SNMP server.
relay major Send the primary or secondary temperature alarm to the major relay circuitry.
relay minor Send the primary or secondary temperature alarm to the minor relay circuitry.
syslog Send primary or secondary temperature alarm traps to a syslog server.
It is associated with a major relay. The secondary temperature alarm is disabled by default.
Release Modification
12.2(44)EX1 This command was introduced.
Usage Guidelines The primary temperature alarm is automatically enabled. It cannot be disabled, but you can configure
alarm options.
You can modify the primary temperature alarm range by using the high and low keywords.
You can use the secondary temperature alarm to trigger a high temperature alarm that is lower than the
maximum primary temperature threshold, which is 203
threshold and alarm options.
Before you use the notifies keyword to send alarm traps to an SNMP host, you need to set up an SNMP
server by using the snmp-server enable traps global configuration command.
Cisco IE 3000 Switch Command Reference
2-8
oF
(95oC). You can configure the temperature
OL-13019-01
Page 35
Chapter 2 IE 3000 Switch Cisco IOS Commands
alarm facility temperature
Examples This example shows how to set the secondary temperature with a high threshold value of 113oF (45oC)
with alarms and how to send traps to the minor relay circuitry, to the syslog, and to an SNMP server:
Switch(config)# alarm facility temperature secondary high 45
Switch(config)# alarm facility temperature secondary relay minor
Switch(config)# alarm facility temperature secondary syslog
Switch(config)# alarm facility temperature secondary notifies
This example shows how to disable the secondary temperature alarm:
Switch(config)# no alarm facility temperature secondary 45
This example shows how to set the primary temperature alarm with alarms and traps to go to the syslog
and to the major relay circuitry:
Switch(config)# alarm facility temperature primary syslog
Switch(config)# alarm facility temperature primary relay major
Related Commands Command Description
show alarm settings Displays environmental alarm settings and options.
snmp-server enable traps Enables the switch to send SNMP notification for various trap types to
the network management system (NMS).
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-9
Page 36
alarm profile (global configuration)
alarm profile (global configuration)
Use the alarm profile global configuration command to create an alarm profile and to enter alarm profile
configuration mode. Use the no form of this command to delete an alarm profile.
alarm profile name
no alarm profile name
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
name Alarm profile name
Defaults No alarm profiles are created. However, there is a default profile for all interfaces called defaultPort.
When a profile is created, none of the alarms are enabled.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines In alarm-profile configuration mode, these commands are available:
• alarm alarm-id: enables the specified alarm.
• exit: exits from alarm-profile configuration mode.
• help: displays a description of the interactive help system.
• no: negates or sets the default values of a command.
• notifies alarm-id: enables notification for the alarm, which means sending a Simple Network
Management Protocol (SNMP) trap to an SNMP server.
• relay-major alarm-id: enables sending the alarm to the major relay circuitry.
• relay-minor alarm-id: enables sending the alarm to the minor relay circuitry.
• syslog alarm-id: enables sending the alarm to a syslog file.
For alarm-id, you can enter one or more alarm IDs separated by a space.
Before you use the notifies keyword to send alarm traps to a SNMP host, you need to set up an SNMP
server by using the snmp-server enable traps global configuration command.
There is a default profile for all interfaces. Enter the show alarm profile user EXEC command and see
the output for defaultPort.
Table 2-1 lists the alarm IDs and the corresponding alarm descriptions.
Cisco IE 3000 Switch Command Reference
2-10
OL-13019-01
Page 37
Chapter 2 IE 3000 Switch Cisco IOS Commands
alarm profile (global configuration)
Ta b l e 2-1 AlarmList ID Numbers and Alarm Descriptions
AlarmList ID Alarm Description
1 Link Fault.
2 Port not Forwarding.
3 Port not Operating.
4 FCS Error Rate exceeds threshold.
After you have created an alarm profile, you can attach the profile to an interface by using the
alarm-profile interface configuration command.
By default, the defaultPort profile is applied to all interfaces. This profile enables only the Port Not
Operating (3) alarm. You can modify this profile by using the alarm profile defaultPort global
configuration command to enter alarm profile configuration mode for this profile.
Examples This example shows how to create the alarm profile fastE for a port with the link-down (alarm 1) and
port not forwarding (alarm 2) alarms enabled. The link-down alarm is connected to the minor relay
circuitry, and the port not forwarding alarm is connected to the major relay circuitry. These alarms are
sent to an SNMP server and written to the system log file (syslog).
Switch(config)# alarm profile fastE
Switch(config-alarm-prof)# alarm 1 2
Switch(config-alarm-prof)# relay major 2
Switch(config-alarm-prof)# relay minor 1
Switch(config-alarm-prof)# notifies 1 2
Switch(config-alarm-prof)# syslog 1 2
Related Commands
This example shows how to delete the alarm relay profile named my-profile:
Switch(config)# no alarm profile my-profile
Command Description
alarm profile (interface
Attaches an alarm profile to an interface.
configuration)
show alarm profile Displays all alarm profiles or a specified alarm profile and lists the
interfaces to which each profile is attached.
snmp-server enable traps Enables the switch to send SNMP notification for various trap types
to the network management system (NMS).
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-11
Page 38
alarm profile (interface configuration)
alarm profile (interface configuration)
Use the alarm profile interface configuration command to attach an alarm profile to a port. Use the no
form of this command to detach the profile from the port.
alarm profile name
no alarm profile
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
name Alarm profile name
Defaults The alarm profile defaultPort is applied to all interfaces. In this profile, only the Port Not Operating
alarm is enabled.
Command Modes Interface configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Use the alarm profile global configuration command to create the alarm profile, enabling one or more
alarms and specifying the alarm options.
You can attach only one alarm profile to an interface.
When you attach an alarm profile to an interface, it overwrites any previous alarm profile that was
attached to the interface (including the defaultPort profile).
Examples This example shows how to attach an alarm profile named fastE to a port:
Switch(config)# interface fastethernet1/2
Switch(config-if)# alarm profile fastE
This example shows how to detach the alarm profile from a port and return it to the defaultPort profile:
Switch(config)# interface fastethernet1/2
Switch(config-if)# no alarm profile
Related Commands
Command Description
alarm profile (global
configuration)
show alarm profile Displays all alarm profiles or a specified alarm profile and lists the interfaces
Cisco IE 3000 Switch Command Reference
2-12
Creates or identifies an alarm profile and enters alarm-profile configuration
mode.
to which each profile is attached.
OL-13019-01
Page 39
Chapter 2 IE 3000 Switch Cisco IOS Commands
alarm relay-mode
Use the alarm relay-mode global configuration command to set the alarm relay mode for the switch to
positive or negative. Use the no form of the command to set the alarm relay mode to the default mode.
alarm relay-mode {negative}
no alarm relay-mode {negative}
alarm relay-mode
Syntax Description
Defaults By default, the alarm relays are in positive mode when they are open. When there is no power to the
Command Modes Global configuration
Command History
Usage Guidelines Use this command to invert the behavior of the alarm relays. When the alarm relay mode is set to
Examples This example shows how to set the alarm relays to negative mode:
negative Set the alarm relay mode to negative.
switch, all alarm relays are open. The alarm relays close when one or more alarm events are detected.
Release Modification
12.2(44)EX This command was introduced.
negative, alarm relays are normally closed. When one or more alarm events are detected, the appropriate
alarm relay opens.
Switch(config)# alarm relay-mode negative
Related Commands
OL-13019-01
Command Description
alarm profile (global
configuration)
show alarm profile Displays all alarm profiles or a specified alarm profile and lists the interfaces
show alarm settings Displays environmental alarm settings and options.
Creates or identifies an alarm profile and enters alarm-profile configuration
mode.
to which each profile is attached.
Cisco IE 3000 Switch Command Reference
2-13
Page 40
archive download-sw
archive download-sw
Use the archive download-sw privileged EXEC command to download a new image from a TFTP server
to the switch and to overwrite or keep the existing image.
archive download-sw {/directory | /force-reload | /imageonly | /leave-old-sw | /no-set-boot |
/no-version-check | /overwrite | /reload | /safe} source-url
Syntax Description /directory Specify a directory for the images.
/force-reload Unconditionally force a system reload after successfully downloading the
software image.
/imageonly Download only the software image but not the HTML files associated with
the embedded device manager. The HTML files for the existing version are
deleted only if the existing version is being overwritten or removed.
/leave-old-sw Keep the old software version after a successful download.
/no-set-boot Do not alter the setting of the BOOT environment variable to point to the
new software image after it is successfully downloaded.
/no-version-check Download the software image without verifying its version compatibility
with the image that is running on the switch.
/overwrite Overwrite the software image in flash memory with the downloaded
image.
/reload Reload the system after successfully downloading the image unless the
configuration has been changed and not saved.
/safe Keep the current software image. Do not delete it to make room for the
new software image before the new image is downloaded. The current
image is deleted after the download.
Chapter 2 IE 3000 Switch Cisco IOS Commands
Cisco IE 3000 Switch Command Reference
2-14
OL-13019-01
Page 41
Chapter 2 IE 3000 Switch Cisco IOS Commands
source-url The source URL alias for a local or network file system. These options are
archive download-sw
supported:
• The syntax for the secondary boot loader (BS1):
bs1:
• The syntax for the local flash file system:
flash:
• The syntax for the FTP:
ftp:[[//username[:password]@location]/directory]/image-name.tar
• The syntax for an HTTP server:
http://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for a secure HTTP server:
https://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for the Remote Copy Protocol (RCP):
rcp:[[//username@location]/directory]/image-name.tar
• The syntax for the TFTP:
tftp:[[//location]/directory]/image-name.tar
The image-name.tar is the software image to download and install on the
switch.
Defaults The current software image is not overwritten with the downloaded image.
Both the software image and HTML files are downloaded.
The new image is downloaded to the flash: file system.
The BOOT environment variable is changed to point to the new software image on the flash: file system.
Image names are case sensitive; the image file is provided in tar format.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines The /imageonly option removes the HTML files for the existing image if the existing image is being
removed or replaced. Only the Cisco IOS image (without the HTML files) is downloaded.
Using the /safe or /leave-old-sw option can cause the new image download to fail if there is insufficient
flash memory. If leaving the software in place prevents the new image from fitting in flash memory due
to space constraints, an error results.
If you used the /leave-old-sw option and did not overwrite the old image when you downloaded the new
one, you can remove the old image by using the delete privileged EXEC command. For more
information, see the
OL-13019-01
“delete” section on page 2-72.
Cisco IE 3000 Switch Command Reference
2-15
Page 42
Chapter 2 IE 3000 Switch Cisco IOS Commands
archive download-sw
Use the /overwrite option to overwrite the image on the flash device with the downloaded one.
If you specify the command without the /overwrite option, the download algorithm verifies that the new
image is not the same as the one on the switch flash device. If the images are the same, the download
does not occur. If the images are different, the old image is deleted, and the new one is downloaded.
After downloading a new image, enter the reload privileged EXEC command to begin using the new
image, or specify the /reload or /force-reload option in the archive download-sw command.
Examples This example shows how to download a new image from a TFTP server at 172.20.129.10 and to
overwrite the image on the switch:
Switch# archive download-sw /overwrite tftp://172.20.129.10/test-image.tar
This example shows how to download only the software image from a TFTP server at 172.20.129.10 to
the switch:
Switch# archive download-sw /imageonly tftp://172.20.129.10/test-image.tar
This example shows how to keep the old software version after a successful download:
Switch# archive download-sw /leave-old-sw tftp://172.20.129.10/test-image.tar
Related Commands Command Description
archive tar Creates a tar file, lists the files in a tar file, or extracts the files from a tar file.
archive upload-sw Uploads an existing image on the switch to a server.
delete Deletes a file or directory on the flash memory device.
Cisco IE 3000 Switch Command Reference
2-16
OL-13019-01
Page 43
Chapter 2 IE 3000 Switch Cisco IOS Commands
archive tar
Use the archive tar privileged EXEC command to create a tar file, list files in a tar file, or extract the
files from a tar file.
archive tar {/create destination-url flash:/file-url} | {/table source-url} | {/xtract source-url
flash:/file-url [dir/file...]}
archive tar
Syntax Description /create destination-url
flash:/file-url
Create a new tar file on the local or network file system.
For destination-url, specify the destination URL alias for the local or
network file system and the name of the tar file to create. These options
are supported:
• The syntax for the local flash filesystem:
flash:
• The syntax for the FTP:
ftp:[[//username[:password]@location]/directory]/tar-filename.tar
• The syntax for an HTTP server:
http://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for a secure HTTP server:
https://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for the Remote Copy Protocol (RCP) is:
rcp:[[//username@location]/directory]/tar-filename.tar
• The syntax for the TFTP:
tftp:[[//location]/directory]/tar-filename.tar
The tar-filename.tar is the tar file to be created.
For flash:/file-url, specify the location on the local flash file system from
which the new tar file is created.
OL-13019-01
An optional list of files or directories within the source directory can be
specified to write to the new tar file. If none are specified, all files and
directories at this level are written to the newly created tar file.
Cisco IE 3000 Switch Command Reference
2-17
Page 44
archive tar
Chapter 2 IE 3000 Switch Cisco IOS Commands
/table source-url Display the contents of an existing tar file to the screen.
For source-url, specify the source URL alias for the local or network file
system. These options are supported:
• The syntax for the local flash file system:
flash:
• The syntax for the FTP:
ftp:[[//username[:password]@location]/directory]/tar-filename.tar
• The syntax for an HTTP server:
http://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for a secure HTTP server:
https://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for the RCP:
rcp:[[//username@location]/directory]/tar-filename.tar
• The syntax for the TFTP:
tftp:[[//location]/directory]/tar-filename.tar
/xtract source-url
flash:/file-url [dir/file...]
The tar-filename.tar is the tar file to display.
Extract files from a tar file to the local file system.
For source-url, specify the source URL alias for the local file system.
These options are supported:
• The syntax for the local flash file system:
flash:
• The syntax for the FTP:
ftp:[[//username[:password]@location]/directory]/tar-filename.tar
• The syntax for an HTTP server:
http://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for a secure HTTP server:
https://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for the RCP:
rcp:[[//username@location]/directory]/tar-filename.tar
• The syntax for the TFTP:
tftp:[[//location]/directory]/tar-filename.tar
The tar-filename.tar is the tar file from which to extract.
For flash:/file-url [dir/file...], specify the location on the local flash file
system into which the tar file is extracted. Use the dir/file... option to
specify an optional list of files or directories within the tar file to be
extracted. If none are specified, all files and directories are extracted.
Defaults There is no default setting.
Cisco IE 3000 Switch Command Reference
2-18
OL-13019-01
Page 45
Chapter 2 IE 3000 Switch Cisco IOS Commands
Command Modes Privileged EXEC
archive tar
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Filenames and directory names are case sensitive.
Image names are case sensitive.
Examples This example shows how to create a tar file. The command writes the contents of the new-configs
directory on the local flash device to a file named saved.tar on the TFTP server at 172.20.10.30:
Switch# archive tar /create tftp:172.20.10.30/saved.tar flash:/new_configs
This example shows how to display the contents of the ies-lanbase-tar.12-44.EX file that is in flash
memory. The contents of the tar file appear on the screen:
Switch# archive tar /table flash:ies-lanbase-tar.12-44.EX.tar
info (219 bytes)
ies-lanbase-mz.12-44.EX/ (directory)
ies-lanbase-mz.12-44.EX (610856 bytes)
ies-lanbase-mz.12-44.EX/info (219 bytes)
info.ver (219 bytes)
This example shows how to display only the ies-lanbase-12-44.EX/html directory and its contents:
Switch# archive tar /table flash:ies-lanbase-12-44.EX.tar /html
ies-lanbase-mz.12-44.EX/html/ (directory)
ies-lanbase-mz.12-44.EX/html/const.htm (556 bytes)
ies-lanbase-mz.12-44.EX/html/xhome.htm (9373 bytes)
ies-lanbase-mz.12-44.EX/html/menu.css (1654 bytes)
<output truncated>
This example shows how to extract the contents of a tar file on the TFTP server at 172.20.10.30. This
command extracts just the new-configs directory into the root directory on the local flash file system.
The remaining files in the saved.tar file are ignored.
Switch# archive tar /xtract tftp://172.20.10.30/saved.tar flash:/new_configs
Related Commands
Command Description
archive download-sw Downloads a new image from a TFTP server to the switch.
archive upload-sw Uploads an existing image on the switch to a server.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-19
Page 46
archive upload-sw
archive upload-sw
Use the archive upload-sw privileged EXEC command to upload an existing switch image to a server.
archive upload-sw [/version version_string] destination-url
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
/version version_string (Optional) Specify the specific version string of the image to be uploaded.
destination-url The destination URL alias for a local or network file system. These options
are supported:
• The syntax for the local flash file system:
flash:
• The syntax for the FTP:
ftp:[[//username[:password]@location]/directory]/image-name.tar
• The syntax for an HTTP server:
http://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for a secure HTTP server:
https://[[username:password]@]{hostname |
host-ip}[/directory]/image-name.tar
• The syntax for the Secure Copy Protocol (SCP):
scp:[[//username@location]/directory]/image-name.tar
• The syntax for the Remote Copy Protocol (RCP):
rcp:[[//username@location]/directory]/image-name.tar
• The syntax for the TFTP:
tftp:[[//location]/directory]/image-name.tar
The image-name.tar is the name of software image to be stored on the
server.
Defaults Uploads the currently running image from the flash file system.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Use the upload feature only if the HTML files associated with the embedded device manager have been
installed with the existing image.
The files are uploaded in this sequence: the Cisco IOS image, the HTML files, and info. After these files
are uploaded, the software creates the tar file.
Image names are case sensitive.
Cisco IE 3000 Switch Command Reference
2-20
OL-13019-01
Page 47
Chapter 2 IE 3000 Switch Cisco IOS Commands
archive upload-sw
Examples This example shows how to upload the currently running image to a TFTP server at 172.20.140.2:
Switch# archive upload-sw tftp://172.20.140.2/test-image.tar
Related Commands Command Description
archive download-sw Downloads a new image to the switch.
archive tar Creates a tar file, lists the files in a tar file, or extracts the files from a tar file.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-21
Page 48
auto qos voip
auto qos voip
Use the auto qos voip interface configuration command to automatically configure quality of service
(QoS) for voice over IP (VoIP) within a QoS domain. Use the no form of this command to return to the
default setting.
Chapter 2 IE 3000 Switch Cisco IOS Commands
auto qos voip {cisco-phone | cisco-softphone | trust}
no auto qos voip [cisco-phone | cisco-softphone | trust]
Syntax Description
cisco-phone Identify this port as connected to a Cisco IP Phone, and automatically configure QoS
for VoIP. The QoS labels of incoming packets are trusted only when the telephone
is detected.
cisco-softphone Identify this port as connected to a device running the Cisco SoftPhone, and
automatically configure QoS for VoIP.
trust Identify this port as connected to a trusted switch or router, and automatically
configure QoS for VoIP. The QoS labels of incoming packets are trusted. For
nonrouted ports, the CoS value of the incoming packet is trusted.
Defaults Auto-QoS is disabled on the port.
When auto-QoS is enabled, it uses the ingress packet label to categorize traffic, to assign packet labels,
and to configure the ingress and egress queues as shown in
Ta b l e 2-2 Traffic Types, Packet Labels, and Queues
3
DSCP
4
CoS
CoS-to-ingress
VoIP Data
Traffic
46 24, 26 48 56 34 –
5 3 6 7 3 –
2, 3, 4, 5, 6, 7 (queue 2) 0, 1 (queue 1)
VoIP Control
Traffic
Routing Protocol
Traffic
queue map
CoS-to-egress
5 (queue 1) 3, 6, 7 (queue 2) 4 (queue 3) 2
queue map
1. STP = Spanning Tree Protocol
2. BPDU = bridge protocol data unit
3. DSCP = Differentiated Services Code Point
4. CoS = class of service
STP1 BPDU2
Traffic
Table 2-2.
Real-Time
Video Traffic All Other Traffic
(queue 3)
0, 1
(queue 4)
Cisco IE 3000 Switch Command Reference
2-22
OL-13019-01
Page 49
Chapter 2 IE 3000 Switch Cisco IOS Commands
Table 2-3 shows the generated auto-QoS configuration for the ingress queues.
Ta b l e 2-3 Auto-QoS Configuration for the Ingress Queues
auto qos voip
Ingress Queue Queue Number CoS-to-Queue Map
SRR1 shared
1 0, 1 81 percent 67 percent
Queue Weight
(Bandwidth)
Queue (Buffer)
Size
Priority 2 2, 3, 4, 5, 6, 7 19 percent 33 percent
1. SRR = shaped round robin. Ingress queues support shared mode only.
Table 2-4 shows the generated auto-QoS configuration for the egress queues.
Ta b l e 2-4 Auto-QoS Configuration for the Egress Queues
Egress Queue Queue Number CoS-to-Queue Map
Queue Weight
(Bandwidth)
Queue (Buffer) Size
for Gigabit-Capable
Ports
Queue (Buffer)
Size for 10/100
Ethernet Ports
Priority (shaped) 1 5 up to100 percent 16 percent 10 percent
SRR shared 2 3, 6, 7 10 percent 6 percent 10 percent
SRR shared 3 2, 4 60 percent 17 percent 26 percent
SRR shared 4 0, 1 20 percent 61 percent 54 percent
Command Modes Interface configuration
Command History
Release Modification
12.2(40)SE The information in the command output changed.
12.2(44)EX This command was introduced.
Usage Guidelines Use this command to configure the QoS appropriate for VoIP traffic within the QoS domain. The QoS
domain includes the switch, the interior of the network, and edge devices that can classify incoming
traffic for QoS.
Auto-QoS configures the switch for VoIP with Cisco IP Phones on switch and routed ports and for VoIP
with devices running the Cisco SoftPhone application. These releases support only Cisco IP SoftPhone
Version 1.3(3) or later. Connected devices must use Cisco Call Manager Version 4 or later.
The show auto qos command output shows the service policy information for the Cisco IP phone.
To take advantage of the auto-QoS defaults, you should enable auto-QoS before you configure other QoS
commands. You can fine-tune the auto-QoS configuration after you enable auto-QoS.
Note The switch applies the auto-QoS-generated commands as if the commands were entered from the
command-line interface (CLI). An existing user configuration can cause the application of the generated
commands to fail or to be overridden by the generated commands. These actions occur without warning.
If all the generated commands are successfully applied, any user-entered configuration that was not
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-23
Page 50
auto qos voip
Chapter 2 IE 3000 Switch Cisco IOS Commands
overridden remains in the running configuration. Any user-entered configuration that was overridden can
be retrieved by reloading the switch without saving the current configuration to memory. If the generated
commands fail to be applied, the previous running configuration is restored.
If this is the first port on which you have enabled auto-QoS, the auto-QoS-generated global configuration
commands are executed followed by the interface configuration commands. If you enable auto-QoS on
another port, only the auto-QoS-generated interface configuration commands for that port are executed.
When you enable the auto-QoS feature on the first port, these automatic actions occur:
• QoS is globally enabled (mls qos global configuration command), and other global configuration
commands are added.
• When you enter the auto qos voip cisco-softphone interface configuration command on a port at
the edge of the network that is connected to a device running the Cisco SoftPhone, the switch uses
policing to decide whether a packet is in or out of profile and to specify the action on the packet. If
the packet does not have a DSCP value of 24, 26, or 46 or is out of profile, the switch changes the
DSCP value to 0. The switch configures ingress and egress queues on the port according to the
settings in
• When you enter the auto qos voip trust interface configuration command on a port connected to the
interior of the network, the switch trusts the CoS value for nonrouted ports in ingress packets (the
assumption is that traffic has already been classified by other edge devices). The switch configures
the ingress and egress queues on the port according to the settings in
You can enable auto-QoS on static, dynamic-access, and voice VLAN access, and trunk ports. When
enabling auto-QoS with a Cisco IP Phone on a routed port, you must assign a static IP address to the
IP
phone.
Table 2-3 and Ta ble 2-4.
Table 2-3 and Table 2-4.
Note When a device running Cisco SoftPhone is connected to a switch or routed port, the switch supports only
one Cisco SoftPhone application per port.
After auto-QoS is enabled, do not modify a policy map or aggregate policer that includes AutoQoS in its
name. If you need to modify the policy map or aggregate policer, make a copy of it, and change the
copied policy map or policer. To use the new policy map instead of the generated one, remove the
generated policy map from the interface, and apply the new policy map.
To display the QoS configuration that is automatically generated when auto-QoS is enabled, enable
debugging before you enable auto-QoS. Use the debug auto qos privileged EXEC command to enable
auto-QoS debugging. For more information, see the
debug auto qos command.
To disable auto-QoS on a port, use the no auto qos voip interface configuration command. Only the
auto-QoS-generated interface configuration commands for this port are removed. If this is the last port
on which auto-QoS is enabled and you enter the no auto qos voip command, auto-QoS is considered
disabled even though the auto-QoS-generated global configuration commands remain (to avoid
disrupting traffic on other ports affected by the global configuration). You can use the no mls qos global
configuration command to disable the auto-QoS-generated global configuration commands. With QoS
disabled, there is no concept of trusted or untrusted ports because the packets are not modified (the CoS,
DSCP, and IP precedence values in the packet are not changed). Traffic is switched in pass-through mode
(packets are switched without any rewrites and classified as best effort without any policing).
Cisco IE 3000 Switch Command Reference
2-24
OL-13019-01
Page 51
Chapter 2 IE 3000 Switch Cisco IOS Commands
auto qos voip
Examples This example shows how to enable auto-QoS and to trust the QoS labels received in incoming packets
when the switch or router connected to the port is a trusted device:
Switch(config)# interface gigabitethernet1/1
Switch(config-if)# auto qos voip trust
You can verify your settings by entering the show auto qos interface interface-id privileged EXEC
command.
Related Commands Command Description
debug auto qos Enables debugging of the auto-QoS feature.
mls qos cos Defines the default CoS value of a port or assigns the default
CoS to all incoming packets on the port.
mls qos map {cos-dscp dscp1 ... dscp8
| dscp-cos dscp-list to cos}
mls qos queue-set output buffers Allocates buffers to a queue-set.
mls qos srr-queue input bandwidth Assigns shaped round robin (SRR) weights to an ingress
mls qos srr-queue input buffers Allocates the buffers between the ingress queues.
mls qos srr-queue input cos-map Maps CoS values to an ingress queue or maps CoS values to
mls qos srr-queue input dscp-map Maps DSCP values to an ingress queue or maps DSCP values
mls qos srr-queue input
priority-queue
mls qos srr-queue output cos-map Maps CoS values to an egress queue or maps CoS values to
mls qos srr-queue output dscp-map Maps DSCP values to an egress queue or maps DSCP values
mls qos trust Configures the port trust state.
queue-set Maps a port to a queue-set.
show auto qos Displays auto-QoS information.
show mls qos interface Displays QoS information at the port level.
srr-queue bandwidth shape Assigns the shaped weights and enables bandwidth shaping
srr-queue bandwidth share Assigns the shared weights and enables bandwidth sharing
Defines the CoS-to-DSCP map or the DSCP-to-CoS map.
queue.
a queue and to a threshold ID.
to a queue and to a threshold ID.
Configures the ingress priority queue and guarantees
bandwidth.
a queue and to a threshold ID.
to a queue and to a threshold ID.
on the four egress queues mapped to a port.
on the four egress queues mapped to a port.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-25
Page 52
boot config-file
boot config-file
Use the boot config-file global configuration command to specify the filename that Cisco IOS uses to
read and write a nonvolatile copy of the system configuration. Use the no form of this command to return
to the default setting.
boot config-file flash:/file-url
no boot config-file
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
Defaults The default configuration file is flash:config.text.
Command Modes Global configuration
Command History
Usage Guidelines Filenames and directory names are case sensitive.
Related Commands
flash:/file-url The path (directory) and name of the configuration file.
Release Modification
12.2(44)EX This command was introduced.
This command changes the setting of the CONFIG_FILE environment variable. For more information,
see
Appendix A, “IE 3000 Switch Bootloader Commands.”
Command Description
show boot Displays the settings of the boot environment variables.
Cisco IE 3000 Switch Command Reference
2-26
OL-13019-01
Page 53
Chapter 2 IE 3000 Switch Cisco IOS Commands
boot enable-break
boot enable-break
Use the boot enable-break global configuration command to enable interrupting the automatic boot
process. Use the no form of this command to return to the default setting.
boot enable-break
no boot enable-break
Syntax Description This command has no arguments or keywords.
Defaults Disabled. The automatic boot process cannot be interrupted by pressing the Break key on the console.
Command Modes Global configuration
Command History
Usage Guidelines When you enter this command, you can interrupt the automatic boot process by pressing the Break key
Note Despite the setting of this command, you can interrupt the automatic boot process at any time by pressing
Related Commands
Release Modification
12.2(44)EX This command was introduced.
on the console after the flash file system is initialized.
the MODE button on the switch front panel.
This command changes the setting of the ENABLE_BREAK environment variable. For more
information, see
Command Description
show boot Displays the settings of the boot environment variables.
Appendix A, “IE 3000 Switch Bootloader Commands.”
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-27
Page 54
boot helper
boot helper
Chapter 2 IE 3000 Switch Cisco IOS Commands
Use the boot helper global configuration command to dynamically load files during boot loader
initialization to extend or patch the functionality of the boot loader. Use the no form of this command
to return to the default.
boot helper filesystem:/file-url ...
no boot helper
Syntax Description
Defaults No helper files are loaded.
Command Modes Global configuration
Command History
Usage Guidelines This variable is used only for internal development and testing.
filesystem: Alias for a flash file system. Use flash: for the system board flash device.
/file-url The path (directory) and a list of loadable files to dynamically load during
loader initialization. Separate each image name with a semicolon.
Release Modification
12.2(44)EX This command was introduced.
Filenames and directory names are case sensitive.
This command changes the setting of the HELPER environment variable. For more information, see
Appendix A, “IE 3000 Switch Bootloader Commands.”
Related Commands
Cisco IE 3000 Switch Command Reference
2-28
Command Description
show boot Displays the settings of the boot environment variables.
OL-13019-01
Page 55
Chapter 2 IE 3000 Switch Cisco IOS Commands
boot helper-config-file
Use the boot helper-config-file global configuration command to specify the name of the configuration
file to be used by the Cisco IOS helper image. If this is not set, the file specified by the CONFIG_FILE
environment variable is used by all versions of Cisco IOS that are loaded. Use the no form of this
command to return to the default setting.
boot helper-config-file filesystem:/file-url
no boot helper-config file
boot helper-config-file
Syntax Description
Defaults No helper configuration file is specified.
Command Modes Global configuration
Command History
Usage Guidelines This variable is used only for internal development and testing.
filesystem: Alias for a flash file system. Use flash: for the system board flash
device.
/file-url The path (directory) and helper configuration file to load.
Release Modification
12.2(44)EX This command was introduced.
Filenames and directory names are case sensitive.
This command changes the setting of the HELPER_CONFIG_FILE environment variable. For more
information, see
Appendix A, “IE 3000 Switch Bootloader Commands.”
Related Commands
OL-13019-01
Command Description
show boot Displays the settings of the boot environment variables.
Cisco IE 3000 Switch Command Reference
2-29
Page 56
boot manual
boot manual
Use the boot manual global configuration command to enable manually booting the switch during the
next boot cycle. Use the no form of this command to return to the default setting.
boot manual
no boot manual
Syntax Description This command has no arguments or keywords.
Defaults Manual booting is disabled.
Command Modes Global configuration
Chapter 2 IE 3000 Switch Cisco IOS Commands
Command History
Usage Guidelines The next time you reboot the system, the switch is in boot loader mode, which is shown by the switch:
Related Commands
Release Modification
12.2(44)EX This command was introduced.
prompt. To boot up the system, use the boot boot loader command, and specify the name of the bootable
image.
This command changes the setting of the MANUAL_BOOT environment variable. For more
information, see
Command Description
show boot Displays the settings of the boot environment variables.
Appendix A, “IE 3000 Switch Bootloader Commands.”
Cisco IE 3000 Switch Command Reference
2-30
OL-13019-01
Page 57
Chapter 2 IE 3000 Switch Cisco IOS Commands
boot private-config-file
Use the boot private-config-file global configuration command to specify the filename that Cisco IOS
uses to read and write a nonvolatile copy of the private configuration. Use the no form of this command
to return to the default setting.
boot private-config-file filename
no boot private-config-file
boot private-config-file
Syntax Description
Defaults The default configuration file is private-config.
Command Modes Global configuration
Command History
Usage Guidelines Filenames are case sensitive.
Examples This example shows how to specify the name of the private configuration file to be pconfig:
Related Commands
filename The name of the private configuration file.
Release Modification
12.2(44)EX This command was introduced.
Switch(config)# boot private-config-file pconfig
Command Description
show boot Displays the settings of the boot environment variables.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-31
Page 58
boot system
boot system
Chapter 2 IE 3000 Switch Cisco IOS Commands
Use the boot system global configuration command to specify the Cisco IOS image to load during the
next boot cycle. Use the no form of this command to return to the default setting.
boot system filesystem:/file-url ...
no boot system
Syntax Description
Defaults The switch attempts to automatically boot up the system by using information in the BOOT environment
Command Modes Global configuration
Command History
Usage Guidelines Filenames and directory names are case sensitive.
filesystem: Alias for a flash file system. Use flash: for the system board flash device.
/file-url The path (directory) and name of a bootable image. Separate image names
with a semicolon.
variable. If this variable is not set, the switch attempts to load and execute the first executable image it
can by performing a recursive, depth-first search throughout the flash file system. In a depth-first search
of a directory, each encountered subdirectory is completely searched before continuing the search in the
original directory.
Release Modification
12.2(44)EX This command was introduced.
If you are using the archive download-sw privileged EXEC command to maintain system images, you
never need to use the boot system command. The boot system command is automatically manipulated
to load the downloaded image.
This command changes the setting of the BOOT environment variable. For more information, see
Appendix A, “IE 3000 Switch Bootloader Commands.”
Related Commands
Cisco IE 3000 Switch Command Reference
2-32
Command Description
show boot Displays the settings of the boot environment variables.
OL-13019-01
Page 59
Chapter 2 IE 3000 Switch Cisco IOS Commands
channel-group
Use the channel-group interface configuration command to assign an Ethernet port to an EtherChannel
group, to enable an EtherChannel mode, or both. Use the no form of this command to remove an Ethernet
port from an EtherChannel group.
channel-group channel-group-number mode {active | {auto [non-silent]} | {desirable
[non-silent]} | on | passive}
no channel-group
PAgP modes:
channel-group channel-group-number mode {{auto [non-silent]} | {desirable [non-silent}}
LACP modes:
channel-group channel-group-number mode {active | passive}
On mode:
channel-group channel-group-number mode on
channel-group
Syntax Description channel-group-number Specify the channel group number. The range is 1 to 6.
mode Specify the EtherChannel mode.
active Unconditionally enable Link Aggregation Control Protocol (LACP).
Active mode places a port into a negotiating state in which the port initiates
negotiations with other ports by sending LACP packets. A channel is
formed with another port group in either the active or passive mode.
auto Enable the Port Aggregation Protocol (PAgP) only if a PAgP device is
detected.
Auto mode places a port into a passive negotiating state in which the port
responds to PAgP packets it receives but does not start PAgP packet
negotiation. A channel is formed only with another port group in desirable
mode. When auto is enabled, silent operation is the default.
desirable Unconditionally enable PAgP.
Desirable mode places a port into an active negotiating state in which the
port starts negotiations with other ports by sending PAgP packets. An
EtherChannel is formed with another port group that is in the desirable or
auto mode. When desirable is enabled, silent operation is the default.
non-silent (Optional) Use in PAgP mode with the auto or desirable keyword when
traffic is expected from the other device.
on Enable on mode.
In on mode, a usable EtherChannel exists only when both connected port
groups are in the on mode.
passive Enable LACP only if a LACP device is detected.
Passive mode places a port into a negotiating state in which the port
responds to received LACP packets but does not initiate LACP packet
negotiation. A channel is formed only with another port group in active
mode.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-33
Page 60
channel-group
Defaults No channel groups are assigned.
No mode is configured.
Command Modes Interface configuration
Chapter 2 IE 3000 Switch Cisco IOS Commands
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines For Layer 2 EtherChannels, you do not have to create a port-channel interface first by using the interface
port-channel global configuration command before assigning a physical port to a channel group.
Instead, you can use the channel-group interface configuration command. It automatically creates the
port-channel interface when the channel group gets its first physical port if the logical interface is not
already created. If you create the port-channel interface first, the channel-group-number can be the same
as the port-channel-number, or you can use a new number. If you use a new number, the channel-group
command dynamically creates a new port channel.
After you configure an EtherChannel, configuration changes that you make on the port-channel interface
apply to all the physical ports assigned to the port-channel interface. Configuration changes applied to
the physical port affect only the port where you apply the configuration. To change the parameters of all
ports in an EtherChannel, apply configuration commands to the port-channel interface, for example,
spanning-tree commands or commands to configure a Layer 2 EtherChannel as a trunk.
If you do not specify non-silent with the auto or desirable mode, silent is assumed. The silent mode is
used when the switch is connected to a device that is not PAgP-capable and seldom, if ever, sends
packets. A example of a silent partner is a file server or a packet analyzer that is not generating traffic.
In this case, running PAgP on a physical port prevents that port from ever becoming operational.
However, it allows PAgP to operate, to attach the port to a channel group, and to use the port for
transmission. Both ends of the link cannot be set to silent.
2-34
In the on mode, an EtherChannel exists only when a port group in the on mode is connected to another
port group in the on mode.
Caution You should use care when using the on mode. This is a manual configuration, and ports on both ends of
the EtherChannel must have the same configuration. If the group is misconfigured, packet loss or
spanning-tree loops can occur.
Do not configure an EtherChannel in both the PAgP and LACP modes. EtherChannel groups running
PAgP and LACP can coexist on the same switch. Individual EtherChannel groups can run either PAgP
or LACP, but they cannot interoperate.
If you set the protocol by using the channel-protocol interface configuration command, the setting is
not overridden by the channel-group interface configuration command.
Do not configure a port that is an active or a not-yet-active member of an EtherChannel as an
IEEE
802.1x port. If you try to enable IEEE 802.1x authentication on an EtherChannel port, an error
message appears, and IEEE 802.1x authentication is not enabled.
Do not configure a secure port as part of an EtherChannel or an EtherChannel port as a secure port.
Cisco IE 3000 Switch Command Reference
OL-13019-01
Page 61
Chapter 2 IE 3000 Switch Cisco IOS Commands
channel-group
For a complete list of configuration guidelines, see the “Configuring EtherChannels” chapter in the
software configuration guide for this release.
Examples This example shows how to configure an EtherChannel. It assigns two static-access ports in VLAN 10
to channel 5 with the PAgP mode desirable:
Switch# configure terminal
Switch(config)# interface range gigabitethernet1/1 -2
Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 10
Switch(config-if-range)# channel-group 5 mode desirable
Switch(config-if-range)# end
This example shows how to configure an EtherChannel. It assigns two static-access ports in VLAN 10
to channel 5 with the LACP mode active:
Switch# configure terminal
Switch(config)# interface range gigabitethernet1/1 -2
Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 10
Switch(config-if-range)# channel-group 5 mode active
Switch(config-if-range)# end
You can verify your settings by entering the show running-config privileged EXEC command.
Related Commands Command Description
channel-protocol Restricts the protocol used on a port to manage channeling.
interface port-channel Accesses or creates the port channel.
show etherchannel Displays EtherChannel information for a channel.
show lacp Displays LACP channel-group information.
show pagp Displays PAgP channel-group information.
show running-config Displays the current operating configuration. For syntax
information, select Cisco IOS Configuration Fundamentals
Command Reference, Release 12.2 > File Management
Commands > Configuration File Management Commands.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-35
Page 62
channel-protocol
channel-protocol
Use the channel-protocol interface configuration command to restrict the protocol used on a port to
manage channeling. Use the no form of this command to return to the default setting.
channel-protocol {lacp | pagp}
no channel-protocol
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
Defaults No protocol is assigned to the EtherChannel.
Command Modes Interface configuration
Command History
Usage Guidelines Use the channel-protocol command only to restrict a channel to LACP or PAgP. If you set the protocol
lacp Configure an EtherChannel with the Link Aggregation Control Protocol (LACP).
pagp Configure an EtherChannel with the Port Aggregation Protocol (PAgP).
Release Modification
12.2(44)EX This command was introduced.
by using the channel-protocol command, the setting is not overridden by the channel-group interface
configuration command.
You must use the channel-group interface configuration command to configure the EtherChannel
parameters. The channel-group command also can set the mode for the EtherChannel.
You cannot enable both the PAgP and LACP modes on an EtherChannel group.
PAgP and LACP are not compatible; both ends of a channel must use the same protocol.
Examples This example shows how to specify LACP as the protocol that manages the EtherChannel:
Switch(config-if)# channel-protocol lacp
You can verify your settings by entering the show etherchannel [channel-group-number] protocol
privileged EXEC command.
Related Commands
Cisco IE 3000 Switch Command Reference
2-36
Command Description
channel-group Assigns an Ethernet port to an EtherChannel group.
show etherchannel protocol Displays protocol information the EtherChannel.
OL-13019-01
Page 63
Chapter 2 IE 3000 Switch Cisco IOS Commands
cip
Use the cip global configuration command to enable the Common Industrial Protocol (CIP), and set the
CIP security options on the switch. Use the no form of the command to disable CIP.
cip {enable | security {password | window timeout value}}
no cip {enable | security {password | window timeout value}}
cip
Syntax Description
enable Enable the CIP stack on the switch.
security Specify the CIP security options.
password Configure an ASCII password for CIP security.
window timeout Set the timeout for the CIP security window.
value Set the value for the CIP security window timeout. The range is 1 to 3600
seconds. The default setting is 600 seconds.
Defaults By default, CIP is disabled. No password is configured.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines We recommend that you configure a CIP security password when enabling CIP. If you enable CIP
without configuring a security password, any CIP user can configure the switch.
Examples This example shows how to enable CIP on the switch:
Switch(config)# cip enable
This example shows how to set the CIP security window timeout value to 1 hour:
Switch(config)# cip security window timeout 3600
This example shows how to set the CIP security password to abc123:
Switch(config)# cip security password abc123
Related Commands
Command Description
show cip Displays information about the CIP subsystem.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-37
Page 64
class
class
Chapter 2 IE 3000 Switch Cisco IOS Commands
Use the class policy-map configuration command to define a traffic classification match criteria (through
the police, set, and trust policy-map class configuration commands) for the specified class-map name.
Use the no form of this command to delete an existing class map.
class class-map-name
no class class-map-name
Syntax Description
class-map-name Name of the class map.
Defaults No policy map class-maps are defined.
Command Modes Policy-map configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Before using the class command, you must use the policy-map global configuration command to
identify the policy map and to enter policy-map configuration mode. After specifying a policy map, you
can configure a policy for new classes or modify a policy for any existing classes in that policy map. You
attach the policy map to a port by using the service-policy interface configuration command.
After entering the class command, you enter policy-map class configuration mode, and these
configuration commands are available:
• exit: exits policy-map class configuration mode and returns to policy-map configuration mode.
• no: returns a command to its default setting.
• police: defines a policer or aggregate policer for the classified traffic. The policer specifies the
bandwidth limitations and the action to take when the limits are exceeded. For more information,
see the
• set: specifies a value to be assigned to the classified traffic. For more information, see the set
police and police aggregate policy-map class commands.
command.
• trust: defines a trust state for traffic classified with the class or the class-map command. For more
information, see the
To return to policy-map configuration mode, use the exit command. To return to privileged EXEC mode,
use the end command.
The class command performs the same function as the class-map global configuration command. Use
the class command when a new classification, which is not shared with any other ports, is needed. Use
the class-map command when the map is shared among many ports.
Cisco IE 3000 Switch Command Reference
2-38
trust command.
OL-13019-01
Page 65
Chapter 2 IE 3000 Switch Cisco IOS Commands
class
Examples This example shows how to create a policy map called policy1. When attached to the ingress direction,
it matches all the incoming traffic defined in class1, sets the IP Differentiated Services Code Point
(DSCP) to 10, and polices the traffic at an average rate of 1 Mb/s and bursts at 20 KB. Traffic exceeding
the profile is marked down to a DSCP value gotten from the policed-DSCP map and then sent.
Switch(config)# policy-map policy1
Switch(config-pmap)# class class1
Switch(config-pmap-c)# set dscp 10
Switch(config-pmap-c)# police 1000000 20000 exceed-action policed-dscp-transmit
Switch(config-pmap-c)# exit
You can verify your settings by entering the show policy-map privileged EXEC command.
Related Commands Command Description
class-map Creates a class map to be used for matching packets to the class whose name
you specify.
police Defines a policer for classified traffic.
policy-map Creates or modifies a policy map that can be attached to multiple ports to
specify a service policy.
set Classifies IP traffic by setting a DSCP or IP-precedence value in the packet.
show policy-map Displays quality of service (QoS) policy maps.
trust Defines a trust state for the traffic classified through the class policy-map
configuration command or the class-map global configuration command.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-39
Page 66
class-map
class-map
Chapter 2 IE 3000 Switch Cisco IOS Commands
Use the class-map global configuration command to create a class map to be used for matching packets
to the class name you specify and to enter class-map configuration mode. Use the no form of this
command to delete an existing class map and to return to global configuration mode.
class-map [match-all | match-any] class-map-name
no class-map [match-all | match-any] class-map-name
Syntax Description
match-all (Optional) Perform a logical-AND of all matching statements under this class
map. All criteria in the class map must be matched.
match-any (Optional) Perform a logical-OR of the matching statements under this class
map. One or more criteria must be matched.
class-map-name Name of the class map.
Defaults No class maps are defined.
If neither the match-all or match-any keyword is specified, the default is match-all.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Use this command to specify the name of the class for which you want to create or modify class-map
match criteria and to enter class-map configuration mode.
The class-map command and its subcommands are used to define packet classification, marking, and
aggregate policing as part of a globally named service policy applied on a per-port basis.
After you are in quality of service (QoS) class-map configuration mode, these configuration commands
are available:
• description: describes the class map (up to 200 characters). The show class-map privileged EXEC
command displays the description and the name of the class-map.
• exit: exits from QoS class-map configuration mode.
• match: configures classification criteria. For more information, see the match (class-map
configuration) command.
• no: removes a match statement from a class map.
• rename: renames the current class map. If you rename a class map with a name that is already used,
the message
Cisco IE 3000 Switch Command Reference
A class-map with this name already exists appears.
2-40
OL-13019-01
Page 67
Chapter 2 IE 3000 Switch Cisco IOS Commands
class-map
To define packet classification on a physical-port basis, only one match command per class map is
supported. In this situation, the match-all and match-any keywords are equivalent.
Only one access control list (ACL) can be configured in a class map. The ACL can have multiple access
control entries (ACEs).
Examples This example shows how to configure the class map called class1 with one match criterion, which is an
access list called 103:
Switch(config)# access-list 103 permit ip any any dscp 10
Switch(config)# class-map class1
Switch(config-cmap)# match access-group 103
Switch(config-cmap)# exit
This example shows how to delete the class map class1:
Switch(config)# no class-map class1
You can verify your settings by entering the show class-map privileged EXEC command.
Related Commands Command Description
class Defines a traffic classification match criteria (through the police,
set, and trust policy-map class configuration commands) for the
specified class-map name.
match (class-map
Defines the match criteria to classify traffic.
configuration)
policy-map Creates or modifies a policy map that can be attached to multiple
ports to specify a service policy.
show class-map Displays QoS class maps.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-41
Page 68
clear dot1x
clear dot1x
Chapter 2 IE 3000 Switch Cisco IOS Commands
Use the clear dot1x privileged EXEC command to clear IEEE 802.1x information for the switch or for
the specified port.
clear dot1x {all | interface interface-id}
Syntax Description
all Clear all IEEE 802.1x information for the switch.
interface interface-id Clear IEEE 802.1x information for the specified interface.
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines You can clear all the information by using the clear dot1x all command, or you can clear only the
information for the specified interface by using the clear dot1x interface interface-id command.
Examples This example shows how to clear all IEEE 8021.x information:
Switch# clear dot1x all
Related Commands
Cisco IE 3000 Switch Command Reference
2-42
This example shows how to clear IEEE 8021.x information for the specified interface:
Switch# clear dot1x interface gigabithethernet1/1
You can verify that the information was deleted by entering the show dot1x privileged EXEC command.
Command Description
show dot1x Displays IEEE 802.1x statistics, administrative status, and operational
status for the switch or for the specified port.
OL-13019-01
Page 69
Chapter 2 IE 3000 Switch Cisco IOS Commands
clear eap sessions
Use the clear eap sessions privileged EXEC command to clear Extensible Authentication Protocol
(EAP) session information for the switch or for the specified port.
clear eap sessions [credentials name [interface interface-id] | interface interface-id | method
name | transport name] [credentials name | interface interface-id | transport name] ...
clear eap sessions
Syntax Description
credentials name Clear EAP credential information for the specified profile.
interface interface-id Clear EAP information for the specified interface.
method name Clear EAP information for the specified method.
transport name Clear EAP transport information for the specified lower level.
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines You can clear all counters by using the clear eap sessions command, or you can clear only the specific
information by using the keywords.
Examples This example shows how to clear all EAP information:
Switch# clear eap
This example shows how to clear EAP-session credential information for the specified profile:
Switch# clear eap sessions credential type1
You can verify that the information was deleted by entering the show dot1x privileged EXEC command.
Related Commands
Command Description
show eap Displays EAP registration and session information for the switch or for
OL-13019-01
the specified port
Cisco IE 3000 Switch Command Reference
2-43
Page 70
clear errdisable interface
clear errdisable interface
Use the clear errdisable interface privileged EXEC command to re-enable a VLAN that was error
disabled.
clear errdisable interface interface-id vlan [vlan-list]
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
Command Default No default is defined
Command Modes Privileged EXEC
Command History
Usage Guidelines You can re-enable a port by using the shutdown and no shutdown interface configuration commands,
Examples This example shows how to re-enable all VLANs that were error-disabled on port Gi1/2.
vlan list (Optional) Specify a list of VLANs to be re-enabled. If a vlan-list is not
specified, then all VLANs are re-enabled.
Release Modification
12.2(44)EX This command was introduced.
or you can clear error disable for VLANs by using the clear errdisable interface command.
Switch# clear errdisable interface GigabitEthernet1/2 vlan
Related Commands
Cisco IE 3000 Switch Command Reference
2-44
Command Description
errdisable detect cause Enables error-disabled detection for a specific cause or all
errdisable recovery Configures the recovery mechanism variables.
show errdisable detect Displays error-disabled detection status.
show errdisable recovery Display error-disabled recovery timer information.
show interfaces status err-disabled Displays interface status of a list of interfaces in
causes.
error-disabled state.
OL-13019-01
Page 71
Chapter 2 IE 3000 Switch Cisco IOS Commands
clear ip dhcp snooping
Use the clear ip dhcp snooping privileged EXEC command to clear the DHCP snooping binding
database, the DHCP snooping binding database agent statistics, or the DHCP snooping statistics
counters.
clear ip dhcp snooping {binding {* | ip-address | interface interface-id | vlan vlan-id} | database
statistics | statistics}
clear ip dhcp snooping
Syntax Description
binding Clear the DHCP snooping binding database.
* Clear all automatic bindings.
ip-address Clear the binding entry IP address.
interface interface-id Clear the binding input interface.
vlan vlan-id Clear the binding entry VLAN.
database statistics Clear the DHCP snooping binding database agent statistics.
statistics Clear the DHCP snooping statistics counter.
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(25)FX This command was introduced.
12.2(44)EX This command was introduced.
Usage Guidelines When you enter the clear ip dhcp snooping database statistics command, the switch does not update
the entries in the binding database and in the binding file before clearing the statistics.
Examples This example shows how to clear the DHCP snooping binding database agent statistics:
Switch# clear ip dhcp snooping database statistics
You can verify that the statistics were cleared by entering the show ip dhcp snooping database
privileged EXEC command.
This example shows how to clear the DHCP snooping statistics counters:
Switch# clear ip dhcp snooping statistics
You can verify that the statistics were cleared by entering the show ip dhcp snooping statistics user
EXEC command.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-45
Page 72
clear ip dhcp snooping
Related Commands Command Description
ip dhcp snooping Enables DHCP snooping on a VLAN.
ip dhcp snooping database Configures the DHCP snooping binding database agent or
the binding file.
show ip dhcp snooping binding Displays the status of DHCP snooping database agent.
show ip dhcp snooping database Displays the DHCP snooping binding database agent
statistics.
show ip dhcp snooping statistics Displays the DHCP snooping statistics.
Chapter 2 IE 3000 Switch Cisco IOS Commands
Cisco IE 3000 Switch Command Reference
2-46
OL-13019-01
Page 73
Chapter 2 IE 3000 Switch Cisco IOS Commands
clear lacp
Use the clear lacp privileged EXEC command to clear Link Aggregation Control Protocol (LACP)
channel-group counters.
clear lacp {channel-group-number counters | counters}
clear lacp
Syntax Description
channel-group-number (Optional) Channel group number. The range is 1 to 6.
counters Clear traffic counters.
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines You can clear all counters by using the clear lacp counters command, or you can clear only the counters
for the specified channel group by using the clear lacp channel-group-number counters command.
Examples This example shows how to clear all channel-group information:
Switch# clear lacp counters
Related Commands
OL-13019-01
This example shows how to clear LACP traffic counters for group 4:
Switch# clear lacp 4 counters
You can verify that the information was deleted by entering the show lacp counters or the show lacp 4
counters privileged EXEC command.
Command Description
show lacp Displays LACP channel-group information.
Cisco IE 3000 Switch Command Reference
2-47
Page 74
clear mac address-table
clear mac address-table
Use the clear mac address-table privileged EXEC command to delete from the MAC address table a
specific dynamic address, all dynamic addresses on a particular interface, or all dynamic addresses on a
particular VLAN. This command also clears the MAC address notification global counters.
clear mac address-table {dynamic [address mac-addr | interface interface-id | vlan vlan-id] |
notification}
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Examples This example shows how to remove a specific MAC address from the dynamic address table:
dynamic Delete all dynamic MAC addresses.
dynamic address
mac-addr
dynamic interface
interface-id
dynamic vlan vlan-id (Optional) Delete all dynamic MAC addresses for the specified VLAN. The
notification Clear the notifications in the history table and reset the counters.
Release Modification
12.2(44)EX This command was introduced.
Switch# clear mac address-table dynamic address 0008.0070.0007
(Optional) Delete the specified dynamic MAC address.
(Optional) Delete all dynamic MAC addresses on the specified physical port
or port channel.
range is 1 to 4094.
You can verify that the information was deleted by entering the show mac address-table privileged
EXEC command.
Related Commands
Cisco IE 3000 Switch Command Reference
2-48
Command Description
mac address-table notification Enables the MAC address notification feature.
show mac access-group Displays the MAC address table static and dynamic entries.
show mac address-table notification Displays the MAC address notification settings for all
snmp trap mac-notification Enables the Simple Network Management Protocol (SNMP)
interfaces or the specified interface.
MAC address notification trap on a specific interface.
OL-13019-01
Page 75
Chapter 2 IE 3000 Switch Cisco IOS Commands
clear mac address-table move update
Use the clear mac address-table move update privileged EXEC command to clear the mac
address-table-move update-related counters.
clear mac address-table move update
Syntax Description This command has no arguments or keywords.
Defaults No default is defined.
Command Modes Privileged EXEC
clear mac address-table move update
Command History
Examples This example shows how to clear the mac address-table move update related counters.
Related Commands
Release Modification
12.2(44)EX This command was introduced.
Switch# clear mac address-table move update
You can verify that the information was cleared by entering the show mac address-table move update
privileged EXEC command.
Command Description
mac address-table move update
{receive | transmit}
show mac address-table move update Displays the MAC address-table move update information on
Configures MAC address-table move update on the switch.
the switch.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-49
Page 76
clear pagp
clear pagp
Chapter 2 IE 3000 Switch Cisco IOS Commands
Use the clear pagp privileged EXEC command to clear Port Aggregation Protocol (PAgP)
channel-group information.
clear pagp {channel-group-number counters | counters}
Syntax Description
channel-group-number (Optional) Channel group number. The range is 1 to 6.
counters Clear traffic counters.
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines You can clear all counters by using the clear pagp counters command, or you can clear only the counters
for the specified channel group by using the clear pagp channel-group-number counters command.
Examples This example shows how to clear all channel-group information:
Switch# clear pagp counters
Related Commands
Cisco IE 3000 Switch Command Reference
2-50
This example shows how to clear PAgP traffic counters for group 10:
Switch# clear pagp 10 counters
You can verify that information was deleted by entering the show pagp privileged EXEC command.
Command Description
show pagp Displays PAgP channel-group information.
OL-13019-01
Page 77
Chapter 2 IE 3000 Switch Cisco IOS Commands
clear port-security
Use the clear port-security privileged EXEC command to delete from the MAC address table all secure
addresses or all secure addresses of a specific type (configured, dynamic, or sticky) on the switch or on
an interface.
clear port-security {all | configured | dynamic | sticky} [[address mac-addr | interface
interface-id] [vlan {vlan-id | {access | voice}}]]
clear port-security
Syntax Description
all Delete all secure MAC addresses.
configured Delete configured secure MAC addresses.
dynamic Delete secure MAC addresses auto-learned by hardware.
sticky Delete secure MAC addresses, either auto-learned or configured.
address mac-addr (Optional) Delete the specified dynamic secure MAC address.
interface interface-id (Optional) Delete all the dynamic secure MAC addresses on the specified
vlan (Optional) Delete the specified secure MAC address from the specified
Defaults No default is defined.
physical port or VLAN.
VLAN. Enter one of these options after you enter the vlan keyword:
• vlan-id—On a trunk port, specify the VLAN ID of the VLAN on which
this address should be cleared.
• access—On an access port, clear the specified secure MAC address on
the access VLAN.
• voice—On an access port, clear the specified secure MAC address on the
voice VLAN.
Note The voice keyword is available only if voice VLAN is configured on
a port and if that port is not the access VLAN.
Command Modes Privileged EXEC
Command History
Release Modification
12.2(44)EX This command was introduced.
Examples This example shows how to clear all secure addresses from the MAC address table:
Switch# clear port-security all
This example shows how to remove a specific configured secure address from the MAC address table:
Switch# clear port-security configured address 0008.0070.0007
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-51
Page 78
clear port-security
This example shows how to remove all the dynamic secure addresses learned on a specific interface:
Switch# clear port-security dynamic interface gigabitethernet1/1
This example shows how to remove all the dynamic secure addresses from the address table:
Switch# clear port-security dynamic
You can verify that the information was deleted by entering the show port-security privileged EXEC
command.
Related Commands Command Description
switchport port-security Enables port security on an interface.
switchport port-security
mac-address mac-address
switchport port-security maximum
value
show port-security Displays the port security settings defined for an interface or for
Configures secure MAC addresses.
Configures a maximum number of secure MAC addresses on a
secure interface.
the switch.
Chapter 2 IE 3000 Switch Cisco IOS Commands
Cisco IE 3000 Switch Command Reference
2-52
OL-13019-01
Page 79
Chapter 2 IE 3000 Switch Cisco IOS Commands
clear spanning-tree counters
Use the clear spanning-tree counters privileged EXEC command to clear the spanning-tree counters.
clear spanning-tree counters [interface interface-id]
clear spanning-tree counters
Syntax Description
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Usage Guidelines If the interface-id is not specified, spanning-tree counters are cleared for all interfaces.
Examples This example shows how to clear spanning-tree counters for all interfaces:
interface interface-id (Optional) Clear all spanning-tree counters on the specified interface. Valid
interfaces include physical ports, VLANs, and port channels. The VLAN
range is 1 to 4094. The port-channel range is 1 to 6.
Release Modification
12.2(44)EX This command was introduced.
Switch# clear spanning-tree counters
Related Commands
OL-13019-01
Command Description
show spanning-tree Displays spanning-tree state information.
Cisco IE 3000 Switch Command Reference
2-53
Page 80
clear spanning-tree detected-protocols
clear spanning-tree detected-protocols
Use the clear spanning-tree detected-protocols privileged EXEC command to restart the protocol
migration process (force the renegotiation with neighboring switches) on all interfaces or on the
specified interface.
clear spanning-tree detected-protocols [interface interface-id]
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
Defaults No default is defined.
Command Modes Privileged EXEC
Command History
Usage Guidelines A switch running the rapid per-VLAN spanning-tree plus (rapid-PVST+) protocol or the Multiple
interface interface-id (Optional) Restart the protocol migration process on the specified interface.
Valid interfaces include physical ports, VLANs, and port channels. The
VLAN range is 1 to 4094. The port-channel range is 1 to 6.
Release Modification
12.2(44)EX This command was introduced.
Spanning Tree Protocol (MSTP) supports a built-in protocol migration mechanism that enables it to
interoperate with legacy IEEE 802.1D switches. If a rapid-PVST+ switch or an MSTP switch receives a
legacy IEEE 802.1D configuration bridge protocol data unit (BPDU) with the protocol version set to 0,
it sends only IEEE 802.1D BPDUs on that port. A multiple spanning-tree (MST) switch can also detect
that a port is at the boundary of a region when it receives a legacy BPDU, an MST BPDU (Version 3)
associated with a different region, or a rapid spanning-tree (RST) BPDU (Version 2).
However, the switch does not automatically revert to the rapid-PVST+ or the MSTP mode if it no longer
receives IEEE 802.1D BPDUs because it cannot learn whether the legacy switch has been removed from
the link unless the legacy switch is the designated switch. Use the clear spanning-tree
detected-protocols command in this situation.
Examples This example shows how to restart the protocol migration process on a port:
Switch# clear spanning-tree detected-protocols interface gigabitethernet1/1
Related Commands
Cisco IE 3000 Switch Command Reference
2-54
Command Description
show spanning-tree Displays spanning-tree state information.
spanning-tree link-type Overrides the default link-type setting and enables rapid spanning-tree
changes to the forwarding state.
OL-13019-01
Page 81
Chapter 2 IE 3000 Switch Cisco IOS Commands
clear vmps statistics
Use the clear vmps statistics privileged EXEC command to clear the statistics maintained by the VLAN
Query Protocol (VQP) client.
clear vmps statistics
Syntax Description This command has no arguments or keywords.
Defaults No default is defined.
Command Modes Privileged EXEC
clear vmps statistics
Command History
Examples This example shows how to clear VLAN Membership Policy Server (VMPS) statistics:
Related Commands
Release Modification
12.2(44)EX This command was introduced.
Switch# clear vmps statistics
You can verify that information was deleted by entering the show vmps statistics privileged EXEC
command.
Command Description
show vmps Displays the VQP version, reconfirmation interval, retry count, VMPS IP
addresses, and the current and primary servers.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-55
Page 82
clear vtp counters
clear vtp counters
Use the clear vtp counters privileged EXEC command to clear the VLAN Trunking Protocol (VTP) and
pruning counters.
clear vtp counters
Syntax Description This command has no arguments or keywords.
Defaults No default is defined.
Command Modes Privileged EXEC
Chapter 2 IE 3000 Switch Cisco IOS Commands
Command History
Examples This example shows how to clear the VTP counters:
Related Commands
Release Modification
12.2(44)EX This command was introduced.
Switch# clear vtp counters
You can verify that information was deleted by entering the show vtp counters privileged EXEC
command.
Command Description
show vtp Displays general information about the VTP management domain, status,
and counters.
Cisco IE 3000 Switch Command Reference
2-56
OL-13019-01
Page 83
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster commander-address
You do not need to enter this command from a standalone cluster member switch. The cluster command
switch automatically provides its MAC address to cluster member switches when these switches join the
cluster. The cluster member switch adds this information and other cluster information to its running
configuration file. Use the no form of this global configuration command from the cluster member
switch console port to remove the switch from a cluster only during debugging or recovery procedures.
cluster commander-address mac-address [member number name name]
no cluster commander-address
cluster commander-address
Syntax Description
mac-address MAC address of the cluster command switch.
member number (Optional) Number of a configured cluster member switch. The range is 0
to
15.
name name (Optional) Name of the configured cluster up to 31 characters.
Defaults The switch is not a member of any cluster.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines This command is available only on the cluster command switch.
A cluster member can have only one cluster command switch.
The cluster member switch retains the identity of the cluster command switch during a system reload by
using the mac-address parameter.
You can enter the no form on a cluster member switch to remove it from the cluster during debugging or
recovery procedures. You would normally use this command from the cluster member switch console
port only when the member has lost communication with the cluster command switch. With normal
switch configuration, we recommend that you remove cluster member switches only by entering the no
cluster member n global configuration command on the cluster command switch.
When a standby cluster command switch becomes active (becomes the cluster command switch), it
removes the cluster commander address line from its configuration.
Examples This is partial sample output from the running configuration of a cluster member.
Switch(config)# show running-configuration
<output truncated>
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-57
Page 84
cluster commander-address
cluster commander-address 00e0.9bc0.a500 member 4 name my_cluster
<output truncated>
This example shows how to remove a member from the cluster by using the cluster member console.
Switch # configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# no cluster commander-address
You can verify your settings by entering the show cluster privileged EXEC command.
Related Commands Command Description
debug cluster Displays the cluster status and a summary of the cluster to which the switch
belongs.
Chapter 2 IE 3000 Switch Cisco IOS Commands
Cisco IE 3000 Switch Command Reference
2-58
OL-13019-01
Page 85
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster discovery hop-count
Use the cluster discovery hop-count global configuration command on the cluster command switch to
set the hop-count limit for extended discovery of candidate switches. Use the no form of this command
to return to the default setting.
cluster discovery hop-count number
no cluster discovery hop-count
cluster discovery hop-count
Syntax Description
Defaults The hop count is set to 3.
Command Modes Global configuration
Command History
Usage Guidelines This command is available only on the cluster command switch. This command does not operate on
number Number of hops from the cluster edge that the cluster command switch limits
the discovery of candidates. The range is 1 to 7.
Release Modification
12.2(44)EX This command was introduced.
cluster member switches.
If the hop count is set to 1, it disables extended discovery. The cluster command switch discovers only
candidates that are one hop from the edge of the cluster. The edge of the cluster is the point between the
last discovered cluster member switch and the first discovered candidate switch.
Examples This example shows how to set hop count limit to 4. This command is executed on the cluster command
switch.
Switch(config)# cluster discovery hop-count 4
You can verify your setting by entering the show cluster privileged EXEC command.
Related Commands
OL-13019-01
Command Description
show cluster Displays the cluster status and a summary of the cluster to which the
show cluster candidates Displays a list of candidate switches.
switch belongs.
Cisco IE 3000 Switch Command Reference
2-59
Page 86
cluster enable
cluster enable
Use the cluster enable global configuration command on a command-capable switch to enable it as the
cluster command switch, assign a cluster name, and to optionally assign a member number to it. Use the
no form of the command to remove all members and to make the cluster command switch a candidate
switch.
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster enable name [command-switch-member-number]
no cluster enable
Syntax Description
Defaults The switch is not a cluster command switch.
Command Modes Global configuration
Command History
Usage Guidelines Enter this command on any command-capable switch that is not part of any cluster. This command fails
name Name of the cluster up to 31 characters. Valid characters include
only alphanumerics, dashes, and underscores.
command-switch-member-number (Optional) Assign a member number to the cluster command
switch of the cluster. The range is 0 to 15.
No cluster name is defined.
The member number is 0 when the switch is the cluster command switch.
Release Modification
12.2(44)EX This command was introduced.
if a device is already configured as a member of the cluster.
You must name the cluster when you enable the cluster command switch. If the switch is already
configured as the cluster command switch, this command changes the cluster name if it is different from
the previous cluster name.
Examples This example shows how to enable the cluster command switch, name the cluster, and set the cluster
command switch member number to 4.
Switch(config)# cluster enable Engineering-IDF4 4
You can verify your setting by entering the show cluster privileged EXEC command on the cluster
command switch.
Cisco IE 3000 Switch Command Reference
2-60
OL-13019-01
Page 87
Chapter 2 IE 3000 Switch Cisco IOS Commands
Related Commands Command Description
show cluster Displays the cluster status and a summary of the cluster to which the switch belongs.
cluster enable
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-61
Page 88
cluster holdtime
cluster holdtime
Use the cluster holdtime global configuration command to set the duration in seconds before a switch
(either the command or cluster member switch) declares the other switch down after not receiving
heartbeat messages. Use the no form of this command to set the duration to the default value.
cluster holdtime holdtime-in-secs
no cluster holdtime
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
holdtime-in-secs Duration in seconds before a switch (either a command or cluster member
switch) declares the other switch down. The range is 1 to 300 seconds.
Defaults The default holdtime is 80 seconds.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Enter this command with the cluster timer global configuration command only on the cluster command
switch. The cluster command switch propagates the values to all its cluster members so that the setting
is consistent among all switches in the cluster.
The holdtime is typically set as a multiple of the interval timer (cluster timer). For example, it takes
(holdtime-in-secs divided by the interval-in-secs) number of heartbeat messages to be missed in a row
to declare a switch down.
Examples This example shows how to change the interval timer and the duration on the cluster command switch.
Switch(config)# cluster timer 3
Switch(config)# cluster holdtime 30
You can verify your settings by entering the show cluster privileged EXEC command.
Related Commands
Command Description
show cluster Displays the cluster status and a summary of the cluster to which the switch
Cisco IE 3000 Switch Command Reference
2-62
belongs.
OL-13019-01
Page 89
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster member
Use the cluster member global configuration command on the cluster command switch to add
candidates to a cluster. Use the no form of the command to remove members from the cluster.
cluster member [n] mac-address H.H.H [password enable-password] [vlan vlan-id]
no cluster member n
cluster member
Syntax Description
Defaults A newly enabled cluster command switch has no associated cluster members.
Command Modes Global configuration
Command History
Usage Guidelines Enter this command only on the cluster command switch to add a candidate to or remove a member from
n The number that identifies a cluster member. The range is 0 to 15.
mac-address H.H.H MAC address of the cluster member switch in hexadecimal format.
password enable-password Enable password of the candidate switch. The password is not
required if there is no password on the candidate switch.
vlan vlan-id (Optional) VLAN ID through which the candidate is added to the
cluster by the cluster command switch. The range is 1 to 4094.
Release Modification
12.2(44)EX This command was introduced.
the cluster. If you enter this command on a switch other than the cluster command switch, the switch
rejects the command and displays an error message.
You must enter a member number to remove a switch from the cluster. However, you do not need to enter
a member number to add a switch to the cluster. The cluster command switch selects the next available
member number and assigns it to the switch that is joining the cluster.
You must enter the enable password of the candidate switch for authentication when it joins the cluster.
The password is not saved in the running or startup configuration. After a candidate switch becomes a
member of the cluster, its password becomes the same as the cluster command-switch password.
If a switch does not have a configured hostname, the cluster command switch appends a member number
to the cluster command-switch hostname and assigns it to the cluster member switch.
If you do not specify a VLAN ID, the cluster command switch automatically chooses a VLAN and adds
the candidate to the cluster.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-63
Page 90
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster member
Examples This example shows how to add a switch as member 2 with MAC address 00E0.1E00.2222 and the
password key to a cluster. The cluster command switch adds the candidate to the cluster through
VLAN
3.
Switch(config)# cluster member 2 mac-address 00E0.1E00.2222 password key vlan 3
This example shows how to add a switch with MAC address 00E0.1E00.3333 to the cluster. This switch
does not have a password. The cluster command switch selects the next available member number and
assigns it to the switch that is joining the cluster.
Switch(config)# cluster member mac-address 00E0.1E00.3333
You can verify your settings by entering the show cluster members privileged EXEC command on the
cluster command switch.
Related Commands Command Description
show cluster Displays the cluster status and a summary of the cluster to which the
switch belongs.
show cluster candidates Displays a list of candidate switches.
show cluster members Displays information about the cluster members.
Cisco IE 3000 Switch Command Reference
2-64
OL-13019-01
Page 91
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster outside-interface
Use the cluster outside-interface global configuration command to configure the outside interface for
cluster Network Address Translation (NAT) so that a member without an IP address can communicate
with devices outside the cluster. Use the no form of this command to return to the default setting.
cluster outside-interface interface-id
no cluster outside-interface
cluster outside-interface
Syntax Description
Defaults The default outside interface is automatically selected by the cluster command switch.
Command Modes Global configuration
Command History
Usage Guidelines Enter this command only on the cluster command switch. If you enter this command on a cluster member
Examples This example shows how to set the outside interface to VLAN 1:
interface-id Interface to serve as the outside interface. Valid interfaces include
physical interfaces, port-channels, or VLANs. The port-channel
range is 1 to 6. The VLAN range is 1 to 4094.
Release Modification
12.2(44)EX This command was introduced.
switch, an error message appears.
Switch(config)# cluster outside-interface vlan 1
You can verify your setting by entering the show running-config privileged EXEC command.
Related Commands
OL-13019-01
Command Description
show running-config Displays the current operating configuration. For syntax information,
select the Cisco IOS Configuration Fundamentals Command
Reference, Release 12.2 > File Management Commands >
Configuration File Management Commands.
Cisco IE 3000 Switch Command Reference
2-65
Page 92
cluster run
cluster run
Use the cluster run global configuration command to enable clustering on a switch. Use the no form of
this command to disable clustering on a switch.
cluster run
no cluster run
Syntax Description This command has no arguments or keywords.
Defaults Clustering is enabled on all switches.
Command Modes Global configuration
Chapter 2 IE 3000 Switch Cisco IOS Commands
Command History
Usage Guidelines When you enter the no cluster run command on a cluster command switch, the cluster command switch
Examples This example shows how to disable clustering on the cluster command switch:
Related Commands
Release Modification
12.2(44)EX This command was introduced.
is disabled. Clustering is disabled, and the switch cannot become a candidate switch.
When you enter the no cluster run command on a cluster member switch, it is removed from the cluster.
Clustering is disabled, and the switch cannot become a candidate switch.
When you enter the no cluster run command on a switch that is not part of a cluster, clustering is
disabled on this switch. This switch cannot then become a candidate switch.
Switch(config)# no cluster run
You can verify your setting by entering the show cluster privileged EXEC command.
Command Description
show cluster Displays the cluster status and a summary of the cluster to which the switch
belongs.
Cisco IE 3000 Switch Command Reference
2-66
OL-13019-01
Page 93
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster standby-group
Use the cluster standby-group global configuration command to enable cluster command-switch
redundancy by binding the cluster to an existing Hot Standby Router Protocol (HSRP). Entering the
routing-redundancy keyword enables the same HSRP group to be used for cluster command-switch
redundancy and routing redundancy. Use the no form of this command to return to the default setting.
cluster standby-group HSRP-group-name [routing-redundancy]
no cluster standby-group
cluster standby-group
Syntax Description
HSRP-group-name Name of the HSRP group that is bound to the cluster. The group name is
limited to 32 characters.
routing-redundancy (Optional) Enable the same HSRP standby group to be used for cluster
command-switch redundancy and routing redundancy.
Defaults The cluster is not bound to any HSRP group.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Enter this command only on the cluster command switch. If you enter it on a cluster member switch, an
error message appears.
The cluster command switch propagates the cluster-HSRP binding information to all cluster-HSRP
capable members. Each cluster member switch stores the binding information in its NVRAM. The HSRP
group name must be a valid standby group; otherwise, the command exits with an error.
The same group name should be used on all members of the HSRP standby group that is to be bound to
the cluster. The same HSRP group name should also be used on all cluster-HSRP capable members for
the HSRP group that is to be bound. (When not binding a cluster to an HSRP group, you can use different
names on the cluster commander and the members.)
Examples This example shows how to bind the HSRP group named my_hsrp to the cluster. This command is
executed on the cluster command switch.
Switch(config)# cluster standby-group my_hsrp
This example shows how to use the same HSRP group named my_hsrp for routing redundancy and
cluster redundancy.
Switch(config)# cluster standby-group my_hsrp routing-redundancy
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-67
Page 94
cluster standby-group
This example shows the error message when this command is executed on a cluster command switch and
the specified HSRP standby group does not exist:
Switch(config)# cluster standby-group my_hsrp
%ERROR: Standby (my_hsrp) group does not exist
This example shows the error message when this command is executed on a cluster member switch:
Switch(config)# cluster standby-group my_hsrp routing-redundancy
%ERROR: This command runs on a cluster command switch
You can verify your settings by entering the show cluster privileged EXEC command. The output shows
whether redundancy is enabled in the cluster.
Related Commands Command Description
standby ip Enables HSRP on the interface. For syntax information, select Cisco IOS IP
Command Reference, Volume 1 of 3:Addressing and Services, Release
12.2 > IP Services Commands.
show cluster Displays the cluster status and a summary of the cluster to which the switch
belongs.
show standby Displays standby group information. For syntax information, select Cisco
IOS IP Command Reference, Volume 1 of 3:Addressing and Services,
Release 12.2 > IP Services Commands.
Chapter 2 IE 3000 Switch Cisco IOS Commands
Cisco IE 3000 Switch Command Reference
2-68
OL-13019-01
Page 95
Chapter 2 IE 3000 Switch Cisco IOS Commands
cluster timer
Use the cluster timer global configuration command to set the interval in seconds between heartbeat
messages. Use the no form of this command to set the interval to the default value.
cluster timer interval-in-secs
no cluster timer
cluster timer
Syntax Description
interval-in-secs Interval in seconds between heartbeat messages. The range is 1 to 300
seconds.
Defaults The interval is 8 seconds.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines Enter this command with the cluster holdtime global configuration command only on the cluster
command switch. The cluster command switch propagates the values to all its cluster members so that
the setting is consistent among all switches in the cluster.
The holdtime is typically set as a multiple of the heartbeat interval timer (cluster timer). For example,
it takes (holdtime-in-secs divided by the interval-in-secs) number of heartbeat messages to be missed in
a row to declare a switch down.
Examples This example shows how to change the heartbeat interval timer and the duration on the cluster command
switch:
Switch(config)# cluster timer 3
Switch(config)# cluster holdtime 30
You can verify your settings by entering the show cluster privileged EXEC command.
Related Commands
Command Description
show cluster Displays the cluster status and a summary of the cluster to which the switch
OL-13019-01
belongs.
Cisco IE 3000 Switch Command Reference
2-69
Page 96
define interface-range
define interface-range
Use the define interface-range global configuration command to create an interface-range macro. Use
the no form of this command to delete the defined macro.
define interface-range macro-name interface-range
no define interface-range macro-name interface-range
Chapter 2 IE 3000 Switch Cisco IOS Commands
Syntax Description
macro-name Name of the interface-range macro; up to 32 characters.
interface-range Interface range; for valid values for interface ranges, see “Usage Guidelines.”
Defaults This command has no default setting.
Command Modes Global configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Usage Guidelines The macro name is a 32-character maximum character string.
A macro can contain up to five ranges.
All interfaces in a range must be the same type; that is, all Fast Ethernet ports, all Gigabit Ethernet ports,
all EtherChannel ports, or all VLANs, but you can combine multiple interface types in a macro.
When entering the interface-range, use this format:
• type {first-interface} - {last-interface}
• You must add a space between the first interface number and the hyphen when entering an
interface-range. For example, gigabitethernet 1/1
- 2 is a valid range; gigabitethernet 1/1-2 is not
a valid range.
Valid values for type and interface:
• vlan vlan-id, where the VLAN ID is 1 to 4094
Note Though options exist in the command-line interface to set multiple VLAN IDs, it is not
supported.
VLAN interfaces must have been configured with the interface vlan command (the show
running-config privileged EXEC command displays the configured VLAN interfaces). VLAN
interfaces not displayed by the show running-config command cannot be used in interface-ranges.
• port-channel port-channel-number, where port-channel-number is from 1 to 6
• fastethernet module/{first port} - {last port}
Cisco IE 3000 Switch Command Reference
2-70
OL-13019-01
Page 97
Chapter 2 IE 3000 Switch Cisco IOS Commands
• gigabitethernet module/{first port} - {last port}
For physical interfaces:
• the range is type number/number - number (for example, gigabitethernet 1/1 - 2).
When you define a range, you must enter a space before the hyphen (-), for example:
gigabitethernet1/1 - 2
You can also enter multiple ranges. When you define multiple ranges, you must enter a space after the
first entry before the comma
fastethernet1/3, gigabitethernet1/1 - 2
fastethernet1/3 -4, gigabitethernet1/1 - 2
Examples This example shows how to create a multiple-interface macro:
Switch(config)# define interface-range macro1 fastethernet1/1 - 2, gigabitethernet1/1 - 2
Related Commands Command Description
interface range Executes a command on multiple ports at the same time.
show running-config Displays the current operating configuration, including defined
(,). The space after the comma is optional, for example:
macros. For syntax information, select Cisco IOS Configuration
Fundamentals Command Reference, Release 12.2 > File Management
Commands > Configuration File Management Commands.
define interface-range
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-71
Page 98
delete
delete
Chapter 2 IE 3000 Switch Cisco IOS Commands
Use the delete privileged EXEC command to delete a file or directory on the flash memory device.
delete [/force] [/recursive] filesystem:/file-url
Syntax Description
Command Modes Privileged EXEC
Command History
Usage Guidelines If you use the /force keyword, you are prompted once at the beginning of the deletion process to confirm
/force (Optional) Suppress the prompt that confirms the deletion.
/recursive (Optional) Delete the named directory and all subdirectories and the files contained in
it.
filesystem: Alias for a flash file system.
The syntax for the local flash file system:
flash:
/file-url The path (directory) and filename to delete.
Release Modification
12.2(44)EX This command was introduced.
the deletion.
If you use the /recursive keyword without the /force keyword, you are prompted to confirm the deletion
of every file.
The prompting behavior depends on the setting of the file prompt global configuration command. By
default, the switch prompts for confirmation on destructive file operations. For more information about
this command, see the Cisco IOS Command Reference for Release 12.1.
Examples This example shows how to remove the directory that contains the old software image after a successful
download of a new image:
Switch# delete /force /recursive flash:/old-image
You can verify that the directory was removed by entering the dir filesystem: privileged EXEC
command.
Related Commands
Cisco IE 3000 Switch Command Reference
2-72
Command Description
archive download-sw Downloads a new image to the switch and overwrites or keeps the existing
image.
OL-13019-01
Page 99
Chapter 2 IE 3000 Switch Cisco IOS Commands
deny (MAC access-list configuration)
deny (MAC access-list configuration)
Use the deny MAC access-list configuration command to prevent non-IP traffic from being forwarded
if the conditions are matched. Use the no form of this command to remove a deny condition from the
named MAC access list.
{deny | permit} {any | host src-MAC-addr | src-MAC-addr mask} {any | host dst-MAC-addr |
dst-MAC-addr mask} [type mask | aarp | amber | cos cos | dec-spanning | decnet-iv |
diagnostic | dsm | etype-6000 | etype-8042 | lat | lavc-sca | lsap lsap mask |mop-console |
mop-dump | msdos | mumps | netbios | vines-echo | vines-ip | xns-idp]
no {deny | permit} {any | host src-MAC-addr | src-MAC-addr mask} {any | host dst-MAC-addr |
dst-MAC-addr mask} [type mask | aarp | amber | cos cos | dec-spanning | decnet-iv |
diagnostic | dsm | etype-6000 | etype-8042 | lat | lavc-sca | lsap lsap mask | mop-console |
mop-dump | msdos | mumps | netbios | vines-echo | vines-ip | xns-idp]
Syntax Description any Keyword to specify to deny any source or destination MAC address.
host src MAC-addr |
src-MAC-addr mask
host dst-MAC-addr |
dst-MAC-addr mask
type mask (Optional) Use the Ethertype number of a packet with Ethernet II or
aarp (Optional) Select Ethertype AppleTalk Address Resolution Protocol that
amber (Optional) Select EtherType DEC-Amber.
cos cos (Optional) Select a class of service (CoS) number from 0 to 7 to set
dec-spanning (Optional) Select EtherType Digital Equipment Corporation (DEC)
decnet-iv (Optional) Select EtherType DECnet Phase IV protocol.
diagnostic (Optional) Select EtherType DEC-Diagnostic.
dsm (Optional) Select EtherType DEC-DSM.
etype-6000 (Optional) Select EtherType 0x6000.
etype-8042 (Optional) Select EtherType 0x8042.
lat (Optional) Select EtherType DEC-LAT.
lavc-sca (Optional) Select EtherType DEC-LAVC-SCA.
Define a host MAC address and optional subnet mask. If the source
address for a packet matches the defined address, non-IP traffic from that
address is denied.
Define a destination MAC address and optional subnet mask. If the
destination address for a packet matches the defined address, non-IP
traffic to that address is denied.
SNAP encapsulation to identify the protocol of the packet.
The type is 0 to 65535, specified in hexadecimal.
The mask is a mask of don’t care bits applied to the Ethertype before
testing for a match.
maps a data-link address to a network address.
priority. Filtering on CoS can be performed only in hardware. A warning
message reminds the user if the cos option is configured.
spanning tree.
OL-13019-01
Cisco IE 3000 Switch Command Reference
2-73
Page 100
deny (MAC access-list configuration)
lsap lsap-number mask (Optional) Use the LSAP number (0 to 65535) of a packet with 802.2
mop-console (Optional) Select EtherType DEC-MOP Remote Console.
mop-dump (Optional) Select EtherType DEC-MOP Dump.
msdos (Optional) Select EtherType DEC-MSDOS.
mumps (Optional) Select EtherType DEC-MUMPS.
netbios (Optional) Select EtherType DEC- Network Basic Input/Output System
vines-echo (Optional) Select EtherType Virtual Integrated Network Service (VINES)
vines-ip (Optional) Select EtherType VINES IP.
xns-idp (Optional) Select EtherType Xerox Network Systems (XNS) protocol
Chapter 2 IE 3000 Switch Cisco IOS Commands
encapsulation to identify the protocol of the packet.
mask is a mask of don’t care bits applied to the LSAP number before
testing for a match.
(NETBIOS).
Echo from Banyan Systems.
suite (0 to 65535), an arbitrary Ethertype in decimal, hexadecimal, or
octal.
Note Though visible in the command-line help strings, appletalk is not supported as a matching condition.
To filter IPX traffic, you use the type mask or lsap lsap mask keywords, depending on the type of IPX
encapsulation being used. Filter criteria for IPX encapsulation types as specified in Novell terminology
and Cisco IOS terminology are listed in
Ta b l e 2-5 IPX Filtering Criteria
Tabl e 2-5.
IPX Encapsulation Type
Filter CriterionCisco IOS Name Novel Name
arpa Ethernet II Ethertype 0x8137
snap Ethernet-snap Ethertype 0x8137
sap Ethernet 802.2 LSAP 0xE0E0
novell-ether Ethernet 802.3 LSAP 0xFFFF
Defaults This command has no defaults. However; the default action for a MAC-named ACL is to deny.
Command Modes MAC-access list configuration
Command History
Release Modification
12.2(44)EX This command was introduced.
Cisco IE 3000 Switch Command Reference
2-74
OL-13019-01
Loading...