Dell 5324 User Manual

Download

Page 1

Dell™ PowerConnect™ 5324 Systems

CLI Reference Guide

www.dell.com | support.dell.com

Page 2

Notes, Notices, and Cautions

NOTE: A NOTE indicates important information that helps you make better use of your computer.

NOTICE: A NOTICE indicates either potential damage to hardware or loss of data and tells you how to

avoid the problem.

CAUTION: A CAUTION indicates a potential for property damage, personal injury, or death.

____________________

Reproduction in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell, the DELL logo, and PowerConnect are trademarks of Dell Inc.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

Aug 2006 Rev. A01

Page 3

Contents

1 Command Groups

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Command Groups

AAA Commands

Address Table Commands

Clock Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

. . . . . . . . . . . . . . . . . . . . . . . . . 23

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Configuration and Image Files Commands

Ethernet Configuration Commands

GVRP Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

IGMP Snooping Commands

IP Addressing

LACP Commands

Line Commands

LLDP Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Management ACL Commands

PHY Diagnostics Commands

Port Channel Commands

Port Monitor Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . 32

. . . . . . . . . . . . . . . . . . . . . 26

. . . . . . . . . . . . . . . . . . . . . . . . 28

. . . . . . . . . . . . . . . . . . . . . . . 31

. . . . . . . . . . . . . . . . . . . . . . . . 31

. . . . . . . . . . . . . . . . . 25

QoS Commands

Radius Commands

RMON Commands

SNMP Commands

Spanning Tree Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

. . . . . . . . . . . . . . . . . . . . . . . . . 35

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 4

SSH Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Syslog Commands

System Management Commands

TACACS Commands

User Interface Commands

VLAN Commands

Web Server Commands

802.1x Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

. . . . . . . . . . . . . . . . . . . . . . 39

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

. . . . . . . . . . . . . . . . . . . . . . . . . 40

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

. . . . . . . . . . . . . . . . . . . . . . . . . . 42

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

2 Command Modes

GC (Global Configuration) Mode . . . . . . . . . . . . . . . . . . . . . . 45

IC (Interface Configuration) Mode

LC (Line Configuration) Mode

MA (Management Access-level) Mode

PE (Privileged User EXEC) Mode

SP (SSH Public Key) Mode

UE (User EXEC) Mode

. . . . . . . . . . . . . . . . . . . . . . . . . . . 53

. . . . . . . . . . . . . . . . . . . . . 48

. . . . . . . . . . . . . . . . . . . . . . . . 50

. . . . . . . . . . . . . . . . . . . 51

. . . . . . . . . . . . . . . . . . . . . . 51

. . . . . . . . . . . . . . . . . . . . . . . . . 53

VC (VLAN Configuration) Mode

. . . . . . . . . . . . . . . . . . . . . . . 55

3 Using the CLI

CLI Command Modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Starting the CLI

Editing Features

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

4 AAA Commands

aaa authentication login . . . . . . . . . . . . . . . . . . . . . . . . . . 65

aaa authentication enable

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . 66

Page 5

enable authentication

ip http authentication

ip https authentication

show authentication methods

password

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

enable password

username

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

show users accounts

. . . . . . . . . . . . . . . . . . . . . . . . . . . 68

. . . . . . . . . . . . . . . . . . . . . . . . . . . 69

. . . . . . . . . . . . . . . . . . . . . . . . . . . 70

. . . . . . . . . . . . . . . . . . . . . . . 70

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

. . . . . . . . . . . . . . . . . . . . . . . . . . . 74

5 Address Table Commands

bridge address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

bridge multicast filtering

bridge multicast address

bridge multicast forbidden address

bridge multicast forward-all

bridge multicast forbidden forward-all

. . . . . . . . . . . . . . . . . . . . . . . . . . 78

. . . . . . . . . . . . . . . . . . . . . 80

. . . . . . . . . . . . . . . . . . . . . . . . 81

. . . . . . . . . . . . . . . . . . . 81

bridge aging-time

clear bridge

port security

port security routed secure-address

show bridge address-table

show bridge address-table static

show bridge address-table count

show bridge multicast address-table

show bridge multicast filtering

show ports security

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

. . . . . . . . . . . . . . . . . . . . 85

. . . . . . . . . . . . . . . . . . . . . . . . . 85

. . . . . . . . . . . . . . . . . . . . . . 87

. . . . . . . . . . . . . . . . . . . . . . 88

. . . . . . . . . . . . . . . . . . . . 89

. . . . . . . . . . . . . . . . . . . . . . . 91

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 6

6 Clock

clock set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

clock source

clock timezone

clock summer-time

sntp authentication-key

sntp authenticate

sntp trusted-key

sntp client poll timer

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

. . . . . . . . . . . . . . . . . . . . . . . . . . 96

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

sntp broadcast client enable

sntp anycast client enable

sntp client enable (interface)

sntp unicast client enable

sntp unicast client poll

sntp server

show clock

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

show sntp configuration

show sntp status

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

. . . . . . . . . . . . . . . . . . . . . . . . 101

. . . . . . . . . . . . . . . . . . . . . . . . . . 102

. . . . . . . . . . . . . . . . . . . . . . . . . 105

. . . . . . . . . . . . . . . . . . . . . . . . 99

. . . . . . . . . . . . . . . . . . . . . . . . 100

. . . . . . . . . . . . . . . . . . . . . . . 100

7 Configuration and Image Files

delete startup-config. . . . . . . . . . . . . . . . . . . . . . . . . . . 109

copy

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

boot system

show running-config

show startup-config

show backup-config

show bootvar

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

. . . . . . . . . . . . . . . . . . . . . . . . . . . 113

. . . . . . . . . . . . . . . . . . . . . . . . . . . 114

. . . . . . . . . . . . . . . . . . . . . . . . . . . 116

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Page 7

8 Ethernet Configuration Commands

interface ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

interface range ethernet

shutdown

description

speed

duplex

negotiation

flowcontrol

mdix

back-pressure

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

port jumbo-frame

clear counters

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

set interface active

show interfaces configuration

show interfaces status

show interfaces description

show interfaces counters

. . . . . . . . . . . . . . . . . . . . . . . . . 119

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

. . . . . . . . . . . . . . . . . . . . . . . . . . . 127

. . . . . . . . . . . . . . . . . . . . . . 127

. . . . . . . . . . . . . . . . . . . . . . . . . . 129

. . . . . . . . . . . . . . . . . . . . . . . 131

. . . . . . . . . . . . . . . . . . . . . . . . 132

show ports jumbo-frame

port storm-control include-multicast

port storm-control broadcast enable

port storm-control broadcast rate

show ports storm-control

. . . . . . . . . . . . . . . . . . . . . . . . . 136

. . . . . . . . . . . . . . . . . . . 137

. . . . . . . . . . . . . . . . . . . . . 138

. . . . . . . . . . . . . . . . . . . . . . . . 139

9 GVRP Commands

gvrp enable (global) . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

gvrp enable (interface)

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . 141

Page 8

garp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

gvrp vlan-creation-forbid

gvrp registration-forbid

clear gvrp statistics

show gvrp configuration

show gvrp statistics

show gvrp error-statistics

. . . . . . . . . . . . . . . . . . . . . . . . . 143

. . . . . . . . . . . . . . . . . . . . . . . . . 144

. . . . . . . . . . . . . . . . . . . . . . . . . . . 144

. . . . . . . . . . . . . . . . . . . . . . . . . 145

. . . . . . . . . . . . . . . . . . . . . . . . . . . 146

. . . . . . . . . . . . . . . . . . . . . . . . 147

10 IGMP Snooping Commands

ip igmp snooping (Global) . . . . . . . . . . . . . . . . . . . . . . . . 149

ip igmp snooping (Interface)

ip igmp snooping mrouter

ip igmp snooping host-time-out

ip igmp snooping mrouter-time-out

ip igmp snooping leave-time-out

show ip igmp snooping mrouter

show ip igmp snooping interface

. . . . . . . . . . . . . . . . . . . . . . . 149

. . . . . . . . . . . . . . . . . . . . . . . . 150

. . . . . . . . . . . . . . . . . . . . . . 150

. . . . . . . . . . . . . . . . . . . . 151

. . . . . . . . . . . . . . . . . . . . . 152

. . . . . . . . . . . . . . . . . . . . . 153

show ip igmp snooping groups

. . . . . . . . . . . . . . . . . . . . . . 154

11 IP Addressing Commands

clear host dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

ip address

ip address dhcp

ip default-gateway

show ip interface

arp

arp timeout

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

Page 9

clear arp-cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

show arp

ip domain-lookup

ip domain-name

ip name-server

ip host

clear host

show hosts

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

12 LACP Commands

lacp system-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

lacp port-priority

lacp timeout

show lacp ethernet

show lacp port-channel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

. . . . . . . . . . . . . . . . . . . . . . . . . . . 171

. . . . . . . . . . . . . . . . . . . . . . . . . 171

13 Line Commands

line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

speed

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

autobaud

exec-timeout

show line

terminal history

terminal history size

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176

. . . . . . . . . . . . . . . . . . . . . . . . . . . 176

14 LLDP Commands

lldp enable (global) . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 10

Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

lldp enable (interface)

. . . . . . . . . . . . . . . . . . . . . . . . . . 179

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lldp timer

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lldp reinit-delay

lldp tx-delay

lldp optional-tlv

lldp management-address

clear lldp rx

show lldp configuration

show lldp local

show lldp neighbors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

. . . . . . . . . . . . . . . . . . . . . . . . 183

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

. . . . . . . . . . . . . . . . . . . . . . . . . 185

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

. . . . . . . . . . . . . . . . . . . . . . . . . . . 186

15 Management ACL

management access-list . . . . . . . . . . . . . . . . . . . . . . . . . 189

permit (management)

deny (management)

management access-class

. . . . . . . . . . . . . . . . . . . . . . . . . . 190

. . . . . . . . . . . . . . . . . . . . . . . . . . . 191

. . . . . . . . . . . . . . . . . . . . . . . . 192

180

181

show management access-list

show management access-class

. . . . . . . . . . . . . . . . . . . . . . 193

. . . . . . . . . . . . . . . . . . . . . 193

16 PHY Diagnostics Commands

test copper-port tdr . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

show copper-ports tdr

show copper-ports cable-length

show fiber-ports optical-transceiver

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . 195

. . . . . . . . . . . . . . . . . . . . . 196

. . . . . . . . . . . . . . . . . . . 197

Page 11

17 Port Channel Commands

interface port-channel . . . . . . . . . . . . . . . . . . . . . . . . . . 201

interface range port-channel

channel-group

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202

port channel load balance

. . . . . . . . . . . . . . . . . . . . . . . 201

. . . . . . . . . . . . . . . . . . . . . . . . 203

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .show interfaces port-channel

18 Port Monitor Commands

port monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205

show ports monitor

. . . . . . . . . . . . . . . . . . . . . . . . . . . 206

19 QoS Commands

qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

show qos

wrr-queue cos-map

wrr-queue bandwidth

priority-queue out num-of-queues

show qos interface

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

. . . . . . . . . . . . . . . . . . . . . . . . . . . 210

. . . . . . . . . . . . . . . . . . . . . . . . . . 211

. . . . . . . . . . . . . . . . . . . . 212

. . . . . . . . . . . . . . . . . . . . . . . . . . . 213

203

qos map dscp-queue

qos trust (Global)

qos trust (Interface)

qos cos

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

show qos map

. . . . . . . . . . . . . . . . . . . . . . . . . . . 214

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

. . . . . . . . . . . . . . . . . . . . . . . . . . . 216

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217

20 Radius Commands

radius-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

radius-server key

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

Page 12

radius-server retransmit . . . . . . . . . . . . . . . . . . . . . . . . . 221

radius-server source-ip

radius-server timeout

radius-server deadtime

show radius-servers

. . . . . . . . . . . . . . . . . . . . . . . . . 221

. . . . . . . . . . . . . . . . . . . . . . . . . . 222

. . . . . . . . . . . . . . . . . . . . . . . . . 223

. . . . . . . . . . . . . . . . . . . . . . . . . . . 223

21 RMON Commands

show rmon statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . 225

rmon collection history

show rmon collection history

show rmon history

rmon alarm

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

show rmon alarm-table

show rmon alarm

rmon event

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236

show rmon events

show rmon log

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238

. . . . . . . . . . . . . . . . . . . . . . . . . 227

. . . . . . . . . . . . . . . . . . . . . . 228

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

. . . . . . . . . . . . . . . . . . . . . . . . . 233

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 234

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

rmon table-size

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240

22 SNMP Commands

snmp-server community . . . . . . . . . . . . . . . . . . . . . . . . . 241

snmp-server view

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . snmp-server filter

snmp-server contact

snmp-server location

snmp-server enable traps

snmp-server trap authentication

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

243

. . . . . . . . . . . . . . . . . . . . . . . . . . . 244

. . . . . . . . . . . . . . . . . . . . . . . . . . 244

. . . . . . . . . . . . . . . . . . . . . . . . 245

. . . . . . . . . . . . . . . . . . . . . 246

Page 13

snmp-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

snmp-server set

snmp-server group

snmp-server user

snmp-server v3-host

snmp-server engineID local

show snmp engineid

show snmp

show snmp views

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 248

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 249

. . . . . . . . . . . . . . . . . . . . . . . . . . . 251

. . . . . . . . . . . . . . . . . . . . . . . 252

. . . . . . . . . . . . . . . . . . . . . . . . . . . 253

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .show snmp groups

show snmp filters

show snmp users

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

23 Spanning-Tree Commands

spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

spanning-tree mode

spanning-tree forward-time

. . . . . . . . . . . . . . . . . . . . . . . . . . . 261

. . . . . . . . . . . . . . . . . . . . . . . 262

256

spanning-tree hello-time

spanning-tree max-age

spanning-tree priority

spanning-tree disable

spanning-tree cost

spanning-tree port-priority

spanning-tree portfast

spanning-tree link-type

spanning-tree mst priority

spanning-tree mst max-hops

. . . . . . . . . . . . . . . . . . . . . . . . . 263

. . . . . . . . . . . . . . . . . . . . . . . . . 264

. . . . . . . . . . . . . . . . . . . . . . . . . . 265

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 266

. . . . . . . . . . . . . . . . . . . . . . . . 267

. . . . . . . . . . . . . . . . . . . . . . . . . . 267

. . . . . . . . . . . . . . . . . . . . . . . . . 268

. . . . . . . . . . . . . . . . . . . . . . . . 269

. . . . . . . . . . . . . . . . . . . . . . . 269

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 14

spanning-tree mst port-priority . . . . . . . . . . . . . . . . . . . . . . 270

spanning-tree mst cost

. . . . . . . . . . . . . . . . . . . . . . . . . . 271

spanning-tree mst configuration

instance (mst)

name (mst)

revision (mst)

show (mst)

exit (mst)

abort (mst)

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275

spanning-tree pathcost method

spanning-tree bpdu

. . . . . . . . . . . . . . . . . . . . . . . . . . . 276

clear spanning-tree detected-protocols

show spanning-tree

. . . . . . . . . . . . . . . . . . . . . . . . . . . 278

spanning-tree mst mstp-rstp

Spanning-tree guard root

. . . . . . . . . . . . . . . . . . . . . . . . . 291

24 SSH Commands

. . . . . . . . . . . . . . . . . . . . . 271

. . . . . . . . . . . . . . . . . . . . . . 276

. . . . . . . . . . . . . . . . . 277

. . . . . . . . . . . . . . . . . . . . . . . 290

ip ssh port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

ip ssh server

crypto key generate dsa

crypto key generate rsa

ip ssh pubkey-auth

crypto key pubkey-chain ssh

user-key

key-string

show ip ssh

show crypto key mypubkey

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293

. . . . . . . . . . . . . . . . . . . . . . . . . 294

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 295

. . . . . . . . . . . . . . . . . . . . . . . 296

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298

. . . . . . . . . . . . . . . . . . . . . . . 299

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 15

show crypto key pubkey-chain ssh . . . . . . . . . . . . . . . . . . . . 300

25 Syslog Commands

logging on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303

logging

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303

logging console

logging buffered

logging buffered size

clear logging

logging file

clear logging file

show logging

show logging file

show syslog-servers

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

. . . . . . . . . . . . . . . . . . . . . . . . . . . 305

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 307

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

. . . . . . . . . . . . . . . . . . . . . . . . . . . 310

27 System Management

ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

traceroute

telnet

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320

resume

reload

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

hostname

show users

show sessions

show system

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 16

show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324

asset-tag

show system id

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326

28 TACACS Commands

tacacs-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327

tacacs-server key

tacacs-server timeout

tacacs-server source-ip

show tacacs

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 328

. . . . . . . . . . . . . . . . . . . . . . . . . . 328

. . . . . . . . . . . . . . . . . . . . . . . . . 329

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330

29 User Interface

enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

disable

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332

configure

exit(configuration)

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 333

exit(EXEC)

end

help

history

history size

debug-mode

show history

show privilege

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 17

30 VLAN Commands

vlan database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

vlan

default-vlan disable

interface vlan

interface range vlan

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342

name

switchport access vlan

switchport trunk allowed vlan

switchport trunk native vlan

switchport general allowed vlan

switchport general pvid

switchport general ingress-filtering disable

switchport general acceptable-frame-type tagged-only

switchport forbidden vlan

map protocol protocols-group

switchport general map protocols-group vlan

ip internal-usage-vlan

show vlan

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350

. . . . . . . . . . . . . . . . . . . . . . . . . . . 340

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340

. . . . . . . . . . . . . . . . . . . . . . . . . . . 341

. . . . . . . . . . . . . . . . . . . . . . . . . 342

. . . . . . . . . . . . . . . . . . . . . . 343

. . . . . . . . . . . . . . . . . . . . . . . 344

. . . . . . . . . . . . . . . . . . . . . 344

. . . . . . . . . . . . . . . . . . . . . . . . . 345

. . . . . . . . . . . . . . . 346

. . . . . . . . . . 347

. . . . . . . . . . . . . . . . . . . . . . . . 347

. . . . . . . . . . . . . . . . . . . . . . 348

. . . . . . . . . . . . . . . 349

. . . . . . . . . . . . . . . . . . . . . . . . . . 349

show vlan internal usage

show vlan protocols-groups

show interfaces switchport

switchport mode

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354

switchport customer vlan

. . . . . . . . . . . . . . . . . . . . . . . . 351

. . . . . . . . . . . . . . . . . . . . . . . 352

. . . . . . . . . . . . . . . . . . . . . . . 353

. . . . . . . . . . . . . . . . . . . . . . . . 355

31 Web Server

ip http server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 18

ip http port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357

ip https server

ip https port

crypto certificate generate

crypto certificate request

crypto certificate import

ip https certificate

crypto certificate export pkcs12

crypto certificate import pkcs12

show crypto certificate mycertificate

show ip http

show ip https

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358

. . . . . . . . . . . . . . . . . . . . . . . . 359

. . . . . . . . . . . . . . . . . . . . . . . . 360

. . . . . . . . . . . . . . . . . . . . . . . . . 362

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 363

. . . . . . . . . . . . . . . . . . . . . 364

. . . . . . . . . . . . . . . . . . . . . 366

. . . . . . . . . . . . . . . . . . . 368

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

32 802.1x Commands

aaa authentication dot1x. . . . . . . . . . . . . . . . . . . . . . . . . 371

dot1x system-auto-control

dot1x port-control

. . . . . . . . . . . . . . . . . . . . . . . . 372

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 372

dot1x re-authentication

dot1x timeout re-authperiod

dot1x re-authenticate

dot1x timeout quiet-period

dot1x timeout tx-period

dot1x max-req

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377

dot1x timeout supp-timeout

dot1x timeout server-timeout

show dot1x

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379

show dot1x users

. . . . . . . . . . . . . . . . . . . . . . . . . 373

. . . . . . . . . . . . . . . . . . . . . . . 374

. . . . . . . . . . . . . . . . . . . . . . . . . . 374

. . . . . . . . . . . . . . . . . . . . . . . . 375

. . . . . . . . . . . . . . . . . . . . . . . . . 376

. . . . . . . . . . . . . . . . . . . . . . . 377

. . . . . . . . . . . . . . . . . . . . . . . 378

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 381

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 19

show dot1x statistics . . . . . . . . . . . . . . . . . . . . . . . . . . 382

ADVANCED FEATURES

dot1x auth-not-req

dot1x multiple-hosts

. . . . . . . . . . . . . . . . . . . . . . . . . . 384

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 384

. . . . . . . . . . . . . . . . . . . . . . . . . . . 385

dot1x single-host-violation

show dot1x advanced

. . . . . . . . . . . . . . . . . . . . . . . . . . 386

. . . . . . . . . . . . . . . . . . . . . . . . 385

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 20

DELL CONFIDENTIAL – PRELIMINARY 9/12/06 – FOR PROOF ONLY

Page 21

Command Groups

Introduction

The Command Language Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphic User Interface (GUI) driven software application. By directly entering commands, you have greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.

A device can be configured and maintained by entering commands from the CLI, which is based solely on textual input and output with commands being entered from a terminal keyboard and the output displayed as text via a terminal monitor. The CLI can be accessed from a VT100 terminal connected to the console port of the device or through a Telnet connection from a remote host.

This guide describes how the Command Line Interface (CLI) is structured, describes the command syntax, and describes the command functionality.

This guide also provides information for configuring the PowerConnect switch, details the procedures and provides configuration examples. Basic installation configuration is described in the

User’s Guide

Command Groups

The system commands can be broken down into the functional groups shown below.

Command Group Description

AAA Configures connection security including authorization and

Address Table Configures bridging address tables.

Configuration and Image Files Manages the device configuration files.

Clock Configures clock commands on the device.

Ethernet Configuration Configures all port configuration options for example ports, storm

GVRP Configures and displays GVRP configuration and information.

IGMP Snooping Configures IGMP snooping and displays IGMP configuration and

IP Addressing Configures and manages IP addresses on the device.

LACP Configures and displays LACP information.

Line Configures the console and remote Telnet connection.

LLDP Configures and displays LLDP information.

Management ACL Configures and displays management access-list information.

and must be completed before using this document.

passwords.

control, port speed and auto-negotiation.

IGMP information.

Command Groups 21

Page 22

PHY Diagnostics Diagnoses and displays the interface status.

Port Channel Configures and displays Port channel information.

Port Monitor Monitors activity on specific target ports.

QoS Configures and displays QoS information.

RADIUS Configures and displays RADIUS information.

RMON Displays RMON statistics.

SNMP Configures SNMP communities, traps and displays SNMP

Spanning Tree

www.dell.com | support.dell.com

SSH Configures SSH authentication.

Syslog Commands Manages and displays syslog messages.

System Management Configures the device clock, name and authorized users.

TACACS

User Interface Describes user commands used for entering CLI commands.

VLAN Configures VLANs and displays VLAN information.

Web Server Configures Web based access to the device.

802.1x

information.

Configures and reports on Spanning Tree protocol

Configures TACACS commands

Configures commands related to 802.1x security protocol.

22 Command Groups

Page 23

AAA Commands

Command Group Description Access Mode

aaa authentication login Defines login authentication. Global

Configuration

aaa authentication enable Defines authentication method lists for accessing higher

privilege levels.

remote telnet or console.

enable authentication Specifies the authentication method list when accessing

a higher privilege level from a remote telnet or console.

ip http authentication Specifies authentication methods for http. Global

ip https authentication Specifies authentication methods for https. Global

show authentication methods

password Specifies a password on a line. Line

enable password Sets a local password to control access to normal and

username Establishes a username-based authentication system. Global

show users accounts Displays information about the local user database. Privileged User

Displays information about the authentication methods. Privileged User

privilege levels.

Global Configuration

Line Configuration

Configuration

EXEC

Configuration

Global Configuration

Configuration

EXEC

Address Table Commands

Command Group Description Access Mode

bridge address Adds a static MAC-layer station source address to the

bridge table.

bridge multicast filtering Enables filtering of multicast addresses. Global

bridge multicast address Registers MAC-layer multicast addresses to the bridge

table, and adds static ports to the group.

bridge multicast forbidden address

Forbids adding a specific multicast address to specific ports.

VLAN Configuration

Configuration

VLAN Configuration

Command Groups 23

Page 24

bridge multicast forwardall

bridge multicast forbidden forward-all

bridge aging-time Sets the address table aging time. Global

clear bridge Removes any learned entries from the forwarding

port security Disables new address learning on an interface. Interface

www.dell.com | support.dell.com

port security routed secure-address

show bridge address-table Displays dynamically created entries in the bridge-

show bridge address-table static

show bridge address-table count

show bridge multicast address-table

show bridge multicast filtering

show ports security Displays the port-lock status. Privileged User

Enables forwarding of all multicast frames on a port. VLAN

Configuration

Enables forbidding forwarding of all multicast frames to a port.

database.

Adds MAC-layer secure addresses to a routed port. Interface

forwarding database.

Displays statically created entries in the bridgeforwarding database

Displays the number of addresses present in all or at a specific VLAN.

Displays statically created entries in the bridgeforwarding database.

Displays the multicast filtering configuration. Privileged User

VLAN Configuration

Configuration

Privileged User EXEC

Configuration

Privileged User EXEC

EXEC

Clock Commands

Command Group Description Access Mode

clock set

clock source

clock timezone

clock summer-time

sntp authentication-key

24 Command Groups

Manually sets the system clock.

Configures an external time source for the system clock.

Sets the time zone for display purposes.

Configures the system to automatically switch to summer time (daylight saving time).

Defines an authentication key for Simple Network Time Protocol (SNTP).

Privileged User EXEC

Global Configuration

Page 25

sntp authenticate

sntp trusted-key

sntp client poll timer

sntp broadcast client enable

sntp anycast client enable

sntp client enable (interface)

sntp unicast client enable

sntp unicast client poll

sntp server

show clock

show sntp configuration

show sntp status

Grants authentication for received Network Time Protocol (NTP) traffic from servers.

Authenticates the identity of a system to which Simple Network Time Protocol (SNTP) will synchronize.

Sets the polling time for the Simple Network Time Protocol (SNTP) client.

Enables the Simple Network Time Protocol (SNTP) broadcast clients.

Enables Anycast clients.

Enables the Simple Network Time Protocol (SNTP) client on an interface.

Enables the device to use the Simple Network Time Protocol (SNTP) to request and accept Network Time Protocol (NTP) traffic from servers.

Enables polling for the Simple Network Time Protocol (SNTP) predefined unicast clients.

Configures the device to use the Simple Network Time Protocol (SNTP) to request and accept Network Time Protocol (NTP) traffic from a server.

Displays the time and date from the system clock.

Shows the configuration of the Simple Network Time Protocol (SNTP).

Shows the status of the Simple Network Time Protocol (SNTP).

Global Configuration

Interface Configuration

Global Configuration

User EXEC

Privileged User EXEC

Configuration and Image Files Commands

Command Group Description Access Mode

delete startup-config

copy Copies files from a source to a destination. Privileged User

boot system Specifies the system image that the device loads at

Deletes the startup-config file.

startup.

Privileged User EXEC

EXEC

Privileged User EXEC

Command Groups 25

Page 26

show running-config Displays the contents of the currently running

show startup-config Displays the startup configuration file contents. Privileged User

show backup-config

show bootvar Displays the active system image file that the device

Ethernet Configuration Commands

www.dell.com | support.dell.com

Command Group Description Access Mode

interface ethernet Enters the interface configuration mode to

interface range ethernet Enters the interface configuration mode to

shutdown Disables interfaces. Interface

description Adds a description to an interface. Interface

speed Configures the speed of a given Ethernet interface

duplex Configures the full/half duplex operation of a given

negotiation Enables auto-negotiation operation for the speed

flowcontrol Configures the Flow Control on a given interface. Interface

mdix Enables automatic crossover on a given interface. Interface

back-pressure Enables Back Pressure on a given interface. Interface

port jumbo-frame Enables jumbo frames for the device. Global

clear counters Clears statistics on an interface. User EXEC

configuration file.

Displays the backup configuration file contents.

loads at startup.

configure an Ethernet type interface.

configure multiple Ethernet type interfaces.

when not using auto-negotiation.

Ethernet interface when not using auto-negotiation.

and duplex parameters of a given interface.

Privileged User EXEC

EXEC

Privileged User EXEC

Global Configuration

Configuration

Interface Configuration

Configuration

26 Command Groups

Page 27

set interface active Reactivates an interface that was suspended by the

system.

show interfaces configuration

show interfaces status Displays the status for all configured interfaces. User EXEC

show interfaces description

show interfaces counters Displays traffic seen by the physical interface. User EXEC

show ports jumbo-frame Displays the jumbo frames configuration. User EXEC

port storm-control include-multicast

port storm-control broadcast enable

port storm-control broadcast rate

show ports storm-control Displays the storm control configuration. Privileged User

Displays the configuration for all configured interfaces.

Displays the description for all configured interfaces. User EXEC

Enables the device to count multicast packets. Global

Enables broadcast storm control. Interface

Configures the maximum broadcast rate. Interface

Privileged User EXEC

User EXEC

Configuration

EXEC

GVRP Commands

Command Group Description Mode

gvrp enable (global) Enables GVRP globally. Global

Configuration

gvrp enable (interface) Enables GVRP on an interface. Interface

Configuration

garp timer Adjusts the GARP application join, leave, and

leaveall GARP timer values.

gvrp vlan-creation-forbid Enables or disables dynamic VLAN creation. Interface

gvrp registration-forbid De-registers all VLANs, and prevents dynamic

VLAN registration on the port.

clear gvrp statistics Clears all the GVRP statistics information. Privileged User

show gvrp configuration Displays GVRP configuration information. User EXEC

show gvrp statistics Displays GVRP statistics. User EXEC

show gvrp error-statistics Displays GVRP error statistics. User EXEC

Interface Configuration

Configuration

Interface Configuration

EXEC

Command Groups 27

Page 28

IGMP Snooping Commands

Command Group Description Access Mode

ip igmp snooping (Global)

ip igmp snooping (Interface)

ip igmp snooping mrouter

ip igmp snooping host-

www.dell.com | support.dell.com

time-out

ip igmp snooping mrouter-time-out

ip igmp snooping leavetime-out

show ip igmp snooping mrouter

show ip igmp snooping interface

show ip igmp snooping groups

Enables Internet Group Management Protocol (IGMP) snooping.

Enables Internet Group Management Protocol (IGMP) snooping on a specific VLAN.

Enables automatic learning of multicast router ports in the context of a specific VLAN.

Configures the host-time-out. VLAN

Configures the mrouter-time-out. VLAN

Configures the leave-time-out. VLAN

Displays information on dynamically learned multicast router interfaces.

Displays IGMP snooping configuration. User EXEC

Displays multicast groups learned by IGMP snooping.

Global Configuration

VLAN Configuration

Configuration

User EXEC

IP Addressing

Command Group Description Access Mode

clear host dhcp Sets an IP address on the device. Interface

ip address

ip address dhcp Acquires an IP address on an interface from the

ip default-gateway

show ip interface Displays the usability status of interfaces configured

arp Adds a permanent entry in the ARP cache. Global

28 Command Groups

Sets an IP address

DHCP server.

Defines a default gateway (router)

for IP.

Configuration

Interface Configuration

Global Configuration

User EXEC

Configuration

Page 29

arp timeout Configures how long an entry remains in the ARP

cache

clear arp-cache Deletes all dynamic entries from the ARP cache. Privileged User

show arp Displays entries in the ARP table. Privileged User

ip domain-lookup Enables the IP Domain Naming System (DNS)-based

host name-to-address translation.

ip domain-name Defines a default domain name, that the software

uses to complete unqualified host names.

ip name-server Sets the available name servers.

ip host Defines static host name-to-address mapping in the

host cache.

clear host

Deletes entries from the host name-to-address cache

show hosts Displays the default domain name, a list of name

server hosts, the static and cached list of host names and addresses.

Global Configuration

EXEC

Global Configuration

Privileged User EXEC

User EXEC

LACP Commands

Command Group Description Access Mode

lacp system-priority Configures the system LACP priority. Global

Configuration

lacp port-priority Configures the priority value for physical ports. Interface

Configuration

lacp timeout Assigns an administrative LACP timeout. Interface

Configuration

show lacp ethernet Displays LACP information for Ethernet ports. User EXEC

show lacp port-channel

Displays LACP information for a port-channel.

User EXEC

Line Commands

Command Group Description Access Mode

line Identifies a specific line for configuration and enters

the line configuration command mode.

Global Configuration

Command Groups 29

Page 30

speed Sets the line baud rate. Line

Configuration

autobaud

exec-timeout Configures the interval that the system waits until

show line Displays line parameters. User EXEC

Sets the line for automatic baud rate detection

user input is detected.

Line Configuration

LLDP Commands

www.dell.com | support.dell.com

Command Group Description Access Mode

lldp enable (global) Enables Link Layer Discovery Protocol. Global

lldp enable (interface) Enables Link Layer Discovery Protocol (LLDP) on an

lldp timer Specifies how often the software sends Link Layer

lldp hold-multiplier Specifies the amount of time the receiving device should

lldp reinit-delay Specifies the minimum time an LLDP port will wait

lldp tx-delay Specifies the delay between successive LLDP frame

lldp optional-tlv Specifies which optional TLVs from the basic set should

lldp managementaddress

clear lldp rx Restarts the LLDP RX state machine and clears the

show lldp configuration

show lldp local Displays the Link Layer Discovery Protocol (LLDP)

interface.

Discovery Protocol (LLDP) updates.

hold a Link Layer Discovery Protocol packet before discarding it.

before reinitializing LLDP transmission.

transmissions initiated by value/status changes in the LLDP local systems MIB.

be transmitted.

Specifies the management address that would be advertised from an interface.

neighbors table.

Displays the Link Layer Discovery Protocol (LLDP) configuration.

information that is advertised from a specific port.

configuration

Interface configuration (Ethernet)

Global configuration

Interface configuration (Ethernet)

Privileged EXEC

30 Command Groups

Page 31

show lldp neighbors Displays information about discovered neighboring

devices using Link Layer Discovery Protocol (LLDP).

Privileged EXEC

Management ACL Commands

Command Group Description Access Mode

management accesslist

permit (management) Defines a permit rule. Management

deny (management) Defines a deny rule. Management

management accessclass

show management access-list

show management access-class

Defines a management access-list, and enters the accesslist for configuration.

Defines which management access-list is used. Global

Displays management access-lists. Privileged User

Displays the active management access-list. Privileged User

Global Configuration

Access-level

Configuration

EXEC

PHY Diagnostics Commands

Command Group Description Access Mode

test copper-port tdr Diagnoses with TDR (Time Domain Reflectometry)

technology the quality and characteristics of a copper cable attached to a port.

show copper-ports tdr Displays the last TDR (Time Domain Reflectometry)

tests on specified ports.

show copper-ports cable-length

show fiber-ports optical-transceiver

Displays the estimated copper cable length attached to a port.

Displays the optical transceiver diagnostics. Privileged User

Privileged User EXEC

EXEC

Command Groups 31

Page 32

Port Channel Commands

Command Group Description Access Mode

interface port-channel Enters the interface configuration mode of a specific

interface range portchannel

channel-group Associates a port with a port-channel. Interface

port channel load

www.dell.com | support.dell.com

balance

show interfaces portchannel

Port Monitor Commands

Command Group Description Access Mode

port monitor Starts a port monitoring session. Interface

show ports monitor Displays the port monitoring status. User EXEC

Global

port-channel.

Enters the interface configuration mode to configure multiple port-channels.

Configures the load balancing policy of the port channeling

Displays port-channel information. User EXEC

Configuration

Global Configuration

Configuration

Global Configuration

Configuration

QoS Commands

Command Group Description Access Mode

qos Enables quality of service (QoS) on the device and

show qos Displays the QoS status. User EXEC

wrr-queue cos-map

wrr-queue bandwidth Assigns Weighted Round Robin (WRR) weights to

priority-queue out numof-queues

show qos interface Displays interface QoS data. User EXEC

qos map dscp-queue Modifies the DSCP to CoS map. Global

32 Command Groups

enters QoS basic or advance mode.

Maps assigned CoS values to select one of the egress queues.

egress queues.

Enables the egress queues to be expedite queues

Global Configuration

Interface Configuration

. Global

Configuration

Page 33

qos trust (Global) Configures the system to basic mode and the "trust"

state.

qos trust (Interface)

qos cos Configures the default port CoS value. Interface

show qos map Displays all the maps for QoS. User EXEC

Enables each port trust state

Global Configuration

Interface Configuration

Configuration

Radius Commands

Command Group Description Access Mode

radius-server host Specifies a RADIUS server host. Global

Configuration

radius-server key Sets the authentication and encryption key for all

RADIUS communications between the router and the RADIUS daemon.

radius-server retransmit

radius-server source-ip Specifies the source IP address used for communication

radius-server timeout Sets the interval for which a router waits for a server host

radius-server deadtime Improves RADIUS response times when servers are

show radius-servers Displays the RADIUS server settings. Privileged User

Specifies the number of times the software searches the list of RADIUS server hosts.

with RADIUS servers.

to reply.

unavailable.

Global Configuration

EXEC

Command Groups 33

Page 34

RMON Commands

Command Group Description Mode

show rmon statistics Displays RMON Ethernet Statistics. User EXEC

rmon collection history Enables a Remote Monitoring (RMON) MIB history

show rmon collection history

show rmon history Displays RMON Ethernet Statistics history. User EXEC

rmon alarm Configures alarm conditions. Global

www.dell.com | support.dell.com

show rmon alarm-table Displays the alarms summary table. User EXEC

show rmon alarm Displays alarm configurations. User EXEC

rmon event Configures a RMON event. Global

show rmon events Displays the RMON event table. User EXEC

show rmon log Displays the RMON logging table. User EXEC

rmon table-size Configures the maximum RMON tables sizes. Global

Interface

statistics group on an interface.

Displays the requested history group configuration. User EXEC

Configuration

SNMP Commands

Command Group Description Access Mode

snmp-server community Sets up the community access string to permit access

snmp-server view Creates or update a view entry, Global

snmp-server filter Create or update a filter entry, Global

snmp-server contact Sets up a system contact. Global

snmp-server location Sets up the information on where the device is located. Global

snmp-server enable traps Enables the switch to send SNMP traps or SNMP

snmp-server trap authentication

34 Command Groups

to SNMP protocol.

notifications.

Enables the switch to send Simple Network Management Protocol traps when authentication failed.

Global Configuration

Configuration

Global Configuration

Page 35

snmp-server host Specifies the recipient of Simple Network

Management Protocol notification operation,

snmp-server set Sets SNMP MIB value by the CLI. Global

snmp-server group Configures a new Simple Network Management

Protocol (SNMP) group, or a table that maps SNMP users to SNMP views.

snmp-server user Configure a new SNMP Version 3 user. Global

snmp-server v3-host Specifies the recipient of Simple Network

Management Protocol Version 3 notifications.

snmp-server engineID local

show snmp engineid Displays the ID of the local Simple Network

show snmp Displays the SNMP status.. Privileged User

show snmp views Displays the configuration of views. Privileged User

show snmp groups Displays the configuration of groups. Privileged User

show snmp filters Displays the configuration of filters. Privileged User

show snmp users Displays the configuration of groups. Privileged User

Specifies the Simple Network Management Protocol (SNMP) engineID on the local device.

Management Protocol (SNMP) engine.

Global Configuration

Configuration

Global Configuration

Configuration

Global Configuration

Privileged User EXEC

EXEC

Spanning Tree Commands

Command Group Description Access Mode

spanning-tree Enables spanning tree functionality. Global

Configuration

spanning-tree mode Configures the spanning tree protocol. Global

Configuration

spanning-tree forwardtime

spanning-tree hello-time Configures the spanning tree bridge Hello Time. Global

spanning-tree max-age Configures the spanning tree bridge maximum age. Global

Configures the spanning tree bridge forward time. Global

Configuration

Command Groups 35

Page 36

spanning-tree priority Configures the spanning tree priority. Global

spanning-tree disable Disables spanning tree on a specific port. Interface

spanning-tree cost Configures the spanning tree path cost for a port. Interface

spanning-tree portpriority

spanning-tree portfast Enables PortFast mode. Interface

www.dell.com | support.dell.com

spanning-tree mst priority

spanning-tree mst maxhops

spanning-tree mst portpriority

sspanning-tree mst cost Configures the path cost for multiple spanning tree

spanning-tree mst configuration

instance (mst) Maps VLANS to an MST instance. MST

name (mst) Defines the configuration name. MST

revision (mst) Defines the configuration revision number. MST

show (mst) Displays the current or pending MST region

exit (mst) Exits the MST configuration mode and applies all

abort (mst) Exits the MST configuration mode without applying

Configuration

Configures port priority. Interface

Configuration

Configures the device priority for the specified spanning-tree instance

Configures the number of hops in an MST region before the BDPU is discarded and the port information is aged out.

Configures port priority for the specified MST instance.

(MST) calculations.

Enables configuring an MST region by entering the Multiple Spanning Tree (MST) mode.

configuration.

configuration changes.

the configuration changes

Global Configuration

Interface Configuration

Global Configuration

Configuration mode

MST Configuration mode

36 Command Groups

Page 37

spanning-tree link-type

spanning-tree pathcost method

spanning-tree bpdu Defines BPDU handling when spanning tree is

clear spanning-tree detected-protocols

show spanning-tree Displays spanning tree configuration. Privileged User

spanning-tree mst mstprstp

Spanning-tree guard root Enables root guard on all the spanning tree instances

Overrides the default link-type setting

. Interface

Sets the default path cost method.

disabled on an interface.

Restarts the protocol migration process on all interfaces or on the specified interface.

Configure the switch to convert STP/RSTP packets to MSTP instances.

on that interface.

Configuration

Global Configuration

Privileged User EXEC

EXEC

Global Configuration

Interface Configuration

SSH Commands

Command Group Description Access Mode

ip ssh port Specifies the port to be used by the SSH server. Global

Configuration

ip ssh server Enables the device to be configured from a SSH

server.

crypto key generate dsa Generates DSA key pairs. Global

crypto key generate rsa Generates RSA key pairs. Global

ip ssh pubkey-auth Enables public key authentication for incoming

SSH sessions.

crypto key pubkey-chain ssh Enters SSH Public Key-chain configuration mode. Global

user-key Specifies which SSH public key is manually

configured and enters the SSH public key-string configuration command.

key-string Manually specifies a SSH public key. SSH Public Key

show ip ssh Displays the SSH server configuration. Privileged User

show crypto key mypubkey Displays the SSH public keys stored on the device. Privileged User

Global Configuration

Configuration

Global Configuration

Configuration

SSH Public Key

EXEC

Command Groups 37

Page 38

show crypto key pubkey-chain ssh

Syslog Commands

Command Group Description Access Mode

logging on Controls error messages logging. Global

logging Logs messages to a syslog server. Global

www.dell.com | support.dell.com

logging console Limits messages logged to the console based on

logging buffered Limits syslog messages displayed from an internal

logging buffered size Changes the number of syslog messages stored in

clear logging Clears messages from the internal logging buffer. Privileged User

logging file Limits syslog messages sent to the logging file

clear logging file Clears messages from the logging file. Privileged User

show logging Displays the state of logging and the syslog

show logging file Displays the state of logging and the syslog

show syslog-servers Displays the syslog servers settings. Privileged User

Displays SSH public keys stored on the device. Privileged User

EXEC

Configuration

Global

severity.

buffer based on severity.

the internal buffer.

based on severity.

messages stored in the internal buffer.

messages stored in the logging file.

Configuration

Global Configuration

EXEC

Global Configuration

EXEC

Privileged User EXEC

EXEC

38 Command Groups

Page 39

System Management Commands

Command Group Description Access Mode

ping Sends ICMP echo request packets to another

node on the network.

traceroute Discovers the routes that packets will actually take

when traveling to their destination.

telnet Logs in to a host that supports Telnet.

resume Switches to another open Telnet session

reload

hostname Specifies or modifies the device host name. Global

show users Displays information about the active users. User EXEC

show sessions Lists the open Telnet sessions.

show system Displays system information. User EXEC

show version Displays the system version information. User EXEC

asset-tag Specifies the device asset-tag. Global

show system id Displays the service ID information. User EXEC

Reloads the operating system

User EXEC

Privileged User EXEC

Configuration

User EXEC

Configuration

TACACS Commands

Command Group Description Mode

tacacs-server host Specifies a TACACS+ host. Global

tacacs-server key Sets the authentication encryption key used for all

TACACS+ communications between the device and the TACACS+ daemon.

tacacs-server source-ip Specifies the source IP address that will be used

for the communication with TACACS servers.

tacacs-server timeout Sets the timeout value. Global

show tacacs Displays configuration and statistics for a

TACACS+ servers.

Configuration

Global Configuration

Configuration

Privileged User EXEC

Command Groups 39

Page 40

User Interface Commands

Command Group Description Access Mode

enable Enters the privileged EXEC mode. All

disable Returns to User EXEC mode. All

configure

exit(configuration) Exits any configuration mode to the next highest mode in

www.dell.com | support.dell.com

exit(EXEC) Closes an active terminal session by logging off the device. All

end Ends the current configuration session and returns to the

help Displays a brief description of the help system. All

history Enables the command history function. All

history size Changes the command history buffer size for a particular

debug-mode

show history Lists the commands entered in the current session. All

show privilege Displays the current privilege level. All

Enables the global configuration mode

the CLI mode hierarchy.

previous command mode.

line.

Switches the mode to debug

.All

All

VLAN Commands

Command Group Description Access Mode

vlan database Enters the VLAN database configuration mode. Global

vlan Creates a VLAN. VLAN

default-vlan disable

interface vlan

interface range vlan Enters the interface configuration mode to configure

name Configures a name to a VLAN. Interface

40 Command Groups

Disables the default VLAN functionality

. VLAN

Enters the interface configuration (VLAN) mode.

multiple VLANs.

Configuration

Global Configuration

Configuration

Page 41

switchport access vlan Configures the VLAN membership mode of a port. Interface

Configuration

switchport access vlan Configures the VLAN ID when the interface is in access

mode.

switchport trunk allowed vlan

switchport trunk native vlan

switchport general allowed vlan

switchport general pvid Configures the PVID when the interface is in general

switchport general ingress-filtering disable

switchport general acceptable-frame-type tagged-only

switchport forbidden vlan

map protocol protocols-group

switchport general map protocols-group vlan

ip internal-usage-vlan

Adds or removes VLANs from a port in general mode. Interface

Defines the port as a member of the specified VLAN, and the VLAN ID is the "port default VLAN ID (PVID)".

Adds or removes VLANs from a general port. Interface

mode.

Disables port ingress filtering. Interface

Discards untagged frames at ingress. Interface

Forbids adding specific VLANs to a port. Interface

Adds a special protocol to a named group of protocols, which may be used for protocol-based VLAN assignment.

Sets a protocol-based classification rule. Interface

Reserves a VLAN as the internal usage VLAN of an interface.

show vlan Displays VLAN information. Privileged User

show vlan internal usage

show vlan protocolsgroups

show interfaces switchport

switchport mode Configures the VLAN membership mode of a port Interface

Displays a list of VLANs being used internally by the switch.

Displays protocols-groups information. Privileged User

Displays switchport configuration. Privileged User

Interface Configuration

Configuration

Interface Configuration

Configuration

Interface Configuration

Configuration

VLAN Configuration

Configuration

Interface Configuration

EXEC

Privileged User EXEC

EXEC

configuration (Ethernet, portchannel)

Command Groups 41

Page 42

switchport customer vlan

Web Server Commands

Command Group Description Access Mode

ip http server Enables the device to be configured from a browser. Global

www.dell.com | support.dell.com

ip http port Specifies the TCP port for use by a web browser to

ip https port Configures a TCP port for use by a secure web browser to

ip https server Enables the device to be configured from a secured

crypto certificate generate

crypto certificate request

crypto certificate import

ip https certificate

crypto certificate export pkcs12

show ip http Displays the HTTP server configuration. Privileged User

show ip https Displays the HTTPS server configuration. Privileged User

show crypto certificate mycertificate

Sets the port's VLAN when

the interface is in customer mode.

configure the device.

browser.

Generates a HTTPS certificate. Global

Generates and displays certificate requests for HTTPS.

Imports a certificate signed by Certification Authority for HTTPS.

Configures the active certificate for HTTPS.

Exports the certificate and the RSA keys within a PKCS12 file

Displays the SSL certificates of the device Privileged User

Interface configuration (Ethernet, portchannel)

Configuration

Global Configuration

Configuration

Privileged User EXEC

Global Configuration

Privileged User EXEC

EXEC

42 Command Groups

Page 43

802.1x Commands

Command Description Access Mode

aaa authentication dot1x

dot1x system-autocontrol

dot1x port-control Enables manual control of the authorization state of the

dot1x re-authentication Enables periodic re-authentication of the client. Interface

dot1x timeout reauthperiod

dot1x re-authenticate Manually initiates a re-authentication of all 802.1X-

dot1x timeout quietperiod

dot1x timeout tx-period

dot1x max-req Sets the maximum number of times that the switch sends

dot1x timeout supptimeout

dot1x timeout servertimeout

show dot1x Allows multiple hosts on an 802.1X-authorized port, that

show dot1x users Displays 802.1X statistics for the specified interface. Privileged User

show dot1x statistics

Specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 802.1X.

Enables 802.1x globally. Global

port

Sets the number of seconds between re-authentication attempts

enabled ports or the specified 802.1X-enabled port.

Sets the number of seconds that the switch remains in the quiet state following a failed authentication exchange

Sets the number of seconds that the switch waits for a response to an Extensible Authentication Protocol

Global Configuration

Configuration

Interface Configuration

Configuration

Interface Configuration

Privileged User EXEC

Interface Configuration

(EAP) - request/identity frame, from the client, before resending the request.

Interface an EAP - request/identity frame to the client, before restarting the authentication process.

Sets the time for the retransmission of an Extensible Authentication Protocol (EAP)-request frame to the client.

Sets the time for the retransmission of packets to the authentication server

has the

dot1x port-control

mand set to

auto

interface configuration com-

Displays 802.1X statistics for the specified interface.

Configuration

Interface

Configuration

Interface

Configuration

Interface

Configuration

EXEC

Privileged User

EXEC

Command Groups 43

Page 44

www.dell.com | support.dell.com

44 Command Groups

Page 45

Command Modes

GC (Global Configuration) Mode

Command Description

aaa authentication enable Defines authentication method lists for accessing higher privilege

levels.

aaa authentication login Defines login authentication.

aaa authentication dot1x Specifies one or more authentication, authorization, and accounting

(AAA) methods for use on interfaces running IEEE 802.1X.

arp Adds a permanent entry in the ARP cache.

arp timeout Configures how long an entry remains in the ARP cache

asset-tag Specifies the device asset-tag.

bridge aging-time Sets the address table aging time.

bridge multicast filtering Enables filtering of multicast addresses.

clock source Configures an external time source for the system clock.

clock timezone Sets the time zone for display purposes

clock summer-time Configures the system to automatically switch to summer time

(daylight saving time).

crypto certificate generate Generates a HTTPS certificate.

crypto certificate import Imports a certificate signed by Certification Authority for HTTPS.

crypto key generate dsa Generates DSA key pairs.

crypto key generate rsa Generates RSA key pairs.

crypto key pubkey-chain ssh Enters SSH Public Key-chain configuration mode.

dot1x system-auto-control Enables 802.1x globally.

enable password Sets a local password to control access to normal and privilege levels.

end Ends the current configuration session and returns to the previous

command mode.

gvrp enable (global) Enables GVRP globally.

hostname Specifies or modifies the device host name.

interface ethernet Enters the interface configuration mode to configure an Ethernet type

interface.

interface port-channel Enters the interface configuration mode of a specific port-channel.

Command Modes 45

Page 46

interface range ethernet Enters the interface configuration mode to configure multiple ethernet

interface range port-channel Enters the interface configuration mode to configure multiple port-

interface range vlan Enters the interface configuration mode to configure multiple VLANs.

interface vlan Enters the interface configuration (VLAN) mode.

ip default-gateway Defines a default gateway.

ip domain-lookup Enables the IP Domain Naming System (DNS)-based host name-to-

ip domain-name Defines a default domain name, that the software uses to complete

www.dell.com | support.dell.com

ip host Defines static host name-to-address mapping in the host cache.

ip http authentication Specifies authentication methods for http.

ip http port Specifies the TCP port for use by a web browser to configure the

ip http server

ip https authentication Specifies authentication methods for https

ip https certificate Configures the active certificate for HTTPS. Use the

ip https server

ip https port Configures a TCP port for use by a secure web browser to configure

ip igmp snooping (Global) Enables Internet Group Management Protocol (IGMP) snooping

ip name-server Sets the available name servers.

ip ssh port Specifies the port to be used by the SSH server.

ip ssh pubkey-auth Enables public key authentication for incoming SSH sessions.

ip ssh server Enables the device to be configured from a SSH server.

lacp system-priority Configures the system LACP priority.

line Identifies a specific line for configuration and enters the line

logging Logs messages to a syslog server.

logging buffered Limits syslog messages displayed from an internal buffer based on

logging buffered size Changes the number of syslog messages stored in the internal buffer.

logging console Limits messages logged to the console based on severity.

type interfaces.

channels.

address translation.

unqualified host names.

device.

Enables the device to be configured from a browser

command to return to default.

Enables the device to be configured from a secured browser

the device.

configuration command mode.

severity.

form of this

46 Command Modes

Page 47

logging file Limits syslog messages sent to the logging file based on severity.

logging on Controls error messages logging.

console.

management access-class Defines which management access-list is used.

management access-list Defines a management access-list, and enters the access-list for

configuration.

port jumbo-frame Enables jumbo frames for the device.

port storm-control includemulticast

priority-queue out num-ofqueues

qos Enables quality of service (QoS) on the device and enters QoS basic or

qos map dscp-queue Modifies the DSCP to CoS map.

qos trust (Global) Configure the system to "trust" state.

radius-server deadtime Improves RADIUS response times when servers are unavailable.

radius-server host Specifies a RADIUS server host.

radius-server key Sets the authentication and encryption key for all RADIUS

radius-server retransmit Specifies the number of times the software searches the list of RADIUS

radius-server source-ip Specifies the source IP address used for communication with RADIUS

radius-server timeout Sets the interval for which a router waits for a server host to reply.

rmon alarm Configures alarm conditions.

rmon event Configures a RMON event.

rmon table-size Configures the maximum RMON tables sizes.

snmp-server community Sets up the community access string to permit access to SNMP

snmp-server contact Sets up a system contact.

snmp-server enable traps Enables the switch to send SNMP traps or SNMP notifications.

snmp-server host

snmp-server location Sets up the information on where the device is located.

Enables the device to count multicast packets.

Enables the egress queues to be expedite queues.

advance mode.

communications between the router and the RADIUS daemon.

server hosts.

servers.

protocol.

Specifies the recipient of Simple Network Management Protocol notification operation

Command Modes 47

Page 48

snmp-server set Sets SNMP MIB value by the CLI.

snmp-server trap authentication

sntp authenticate Grants authentication for received Network Time Protocol (NTP)

sntp authentication-key Defines an authentication key for Simple Network Time Protocol

spanning-tree Enables spanning tree functionality.

spanning-tree bpdu Defines BPDU handling when spanning tree is disabled on an interface

www.dell.com | support.dell.com

spanning-tree forward-time Configures the spanning tree bridge forward time.

spanning-tree hello-time Configures the spanning tree bridge Hello Time.

spanning-tree max-age Configures the spanning tree bridge maximum age.

spanning-tree mode Configures the spanning tree protocol.

spanning-tree pathcost method Sets the default pathcost method.

spanning-tree priority Configures the spanning tree priority.

tacacs-server key Sets the authentication encryption key used for all TACACS+

tacacs-server source-ip Specifies the source IP address that will be used for the communication

tacacs-server timeout Sets the timeout value.

tacacs-server host Specifies a TACACS+ host.

username Establishes a username-based authentication system.

vlan database Enters the VLAN database configuration mode.

wrr-queue cos-map

Enables the switch to send Simple Network Management Protocol traps when authentication failed.

traffic from servers.

(SNTP).

communications between the device and the TACACS+ daemon.

with TACACS servers.

Maps assigned CoS values to select one of the egress queues.

IC (Interface Configuration) Mode

Command Description

back-pressure Enables Back Pressure on a given interface.

channel-group Associates a port with a Port-channel.

clear host dhcp Sets an IP address on the device.

description Adds a description to an interface.

dot1x auth-not-req Enables unauthorized users access to that VLAN

48 Command Modes

Page 49

dot1x max-req Sets the maximum number of times that the switch sends an EAP -

request/identity frame to the client, before restarting the authentication process.

show dot1x Allows multiple hosts on an 802.1X-authorized port, that has the dot1x

port-control interface configuration command set to auto.

dot1x port-control Enables manual control of the authorization state of the port

dot1x re-authentication Enables periodic re-authentication of the client.

dot1x single-host-violation Configures the action to be taken, when a station whose MAC address is

not the supplicant MAC address, attempts to access the interface.

dot1x timeout quiet-period Sets the number of seconds that the switch remains in the quiet state

following a failed authentication exchange.

dot1x timeout re-authperiod Sets the number of seconds between re-authentication attempts.

dot1x timeout server-timeout Sets the time for the retransmission of packets to the authentication

server

dot1x timeout supp-timeout Sets the time for the retransmission of an EAP-request frame to the

client.

dot1x timeout tx-period

Sets the number of seconds that the switch waits for a response to an Extensible Authentication Protocol (EAP) - request/identity frame, from the client, before resending the request.

show dot1x Sets the number of seconds that the switch waits for a response to an

EAP request/identity frame, from the client, before resending the request.

duplex Configures the full/half duplex operation of a given ethernet interface

when not using auto-negotiation.

flowcontrol Configures the Flow Control on a given interface.

garp timer Adjusts the GARP application join, leave, and leaveall GARP timer

values.

gvrp enable (interface) Enables GVRP on an interface.

gvrp registration-forbid De-registers all VLANs, and prevents dynamic VLAN registration on the

port.

gvrp vlan-creation-forbid Enables or disables dynamic VLAN creation.

ip address

ip address dhcp Acquires an IP address on an interface from the DHCP server.

ip internal-usage-vlan

lacp port-priority Configures the priority value for physical ports.

lacp timeout Assigns an administrative LACP timeout.

mdix Enables automatic crossover on a given interface.

Sets an IP address

Reserves a VLAN as the internal usage VLAN of an interface.

Command Modes 49

Page 50

name Configures a name to a VLAN.

negotiation Enables auto-negotiation operation for the speed and duplex parameters

port monitor Starts a port monitoring session.

port security Disables new address learning on an interface.

port security routed secureaddress

port storm-control broadcast enable

www.dell.com | support.dell.com

port storm-control broadcast rate

qos cos Configures the default port CoS value.

qos trust (Interface) Enables each port trust state while the system is in basic mode.

rmon collection history Enables a Remote Monitoring (RMON) MIB history statistics group on

shutdown Disables interfaces.

sntp client enable (interface)

spanning-tree cost Configures the spanning tree path cost for a port.

spanning-tree disable Disables spanning tree on a specific port.

spanning-tree link-type Overrides the default link-type setting.

spanning-tree portfast Enables PortFast mode.

spanning-tree port-priority Configures port priority.

speed Configures the speed of a given ethernet interface when not using auto-

qos map dscp-queue Defines the wrr-queue mechanism on an egress queue.

wrr-queue bandwidth Assigns Weighted Round Robin (WRR) weights to egress queues.

of a given interface.

Adds MAC-layer secure addresses to a routed port.

Enables broadcast storm control.

Configures the maximum broadcast rate.

an interface.

Enables the Simple Network Time Protocol (SNTP) client on an interface.

negotiation.

LC (Line Configuration) Mode

Command Description

enable authentication Specifies the authentication method list when accessing a higher

exec-timeout Configures the interval that the system waits until user input is detected.

history Enables the command history function.

50 Command Modes

privilege level from a remote telnet or console.

Page 51

history size Changes the command history buffer size for a particular line.

password Specifies a password on a line.

autobaud

speed Sets the line baud rate.

Sets the line for automatic baud rate detection

MA (Management Access-level) Mode

Command Description

deny (management) Defines a deny rule.

permit (management) Defines a permit rule.

PE (Privileged User EXEC) Mode

Command Description

show dot1x users Displays 802.1X statistics for the specified interface.

boot system Specifies the system image that the device loads at startup.

clear arp-cache Deletes all dynamic entries from the ARP cache.

clear bridge Removes any learned entries from the forwarding database.

clear gvrp statistics Clears all the GVRP statistics information.

clear host Deletes entries from the host name-to-address cache

clear host dhcp Deletes entries from the host name-to-address mapping received from

Dynamic Host Configuration Protocol (DHCP).

clear logging Clears messages from the internal logging buffer.

clear logging file Clears messages from the logging file

clear spanning-tree detectedprotocols

clock set Manually sets the system clock.

configure Enters the global configuration mode.

copy Copies files from a source to a destination.

crypto certificate request Generates and displays certificate requests for HTTPS.

dot1x re-authenticate Manually initiates a re-authentication of all 802.1X-enabled ports or the

reload Reloads the operating system.

Restarts the protocol migration process on all interfaces or on the specified interface.

specified 802.1X-enabled port.

Command Modes 51

Page 52

set interface active Reactivates an interface that was suspended by the system.

show arp Displays entries in the ARP table.

show authentication methods Displays information about the authentication methods.

show bootvar Displays the active system image file that the device loads at startup

show bridge address-table Displays dynamically created entries in the bridge-forwarding database.

show bridge address-table count

show bridge multicast addresstable

www.dell.com | support.dell.com

show bridge multicast addresstable

show bridge multicast filtering Displays the multicast filtering configuration.

show copper-ports cablelength

show copper-ports tdr Displays the last TDR (Time Domain Reflectometry) tests on specified

show crypto key mypubkey Displays the SSH public keys stored on the device.

show crypto key pubkey-chain ssh

show crypto certificate mycertificate

show dot1x Displays 802.1X status for the switch or for the specified interface.

show dot1x advanced Displays 802.1X enhanced features for the switch or for the specified

show dot1x users Displays 802.1X users for the switch.

show fiber-ports opticaltransceiver

show ip ssh Displays the SSH server configuration.

show lacp port-channel Displays LACP information for a port-channel.

show logging Displays the state of logging and the syslog messages stored in the

show logging file Displays the state of logging and the syslog messages stored in the

show management access-class Displays the active management access-list.

show management access-list Displays management access-lists.

show ports security Displays the port-lock status.

Displays the number of addresses present in all VLANs or at specific VLAN.

Displays statically created entries in the bridge-forwarding database.

Displays multicast MAC address table information.

Displays the estimated copper cable length attached to a port.

ports.

Displays SSH public keys stored on the device.

Displays the SSL certificates of the device

interface.

Displays the optical transceiver diagnostics.

internal buffer.

logging file.

52 Command Modes

Page 53

show ports storm-control Displays the storm control configuration.

show radius-servers Displays the RADIUS server settings.

show running-config Displays the contents of the currently running configuration file.

show snmp Displays the SNMP status.

show spanning-tree Displays spanning tree configuration.

show startup-config Displays the startup configuration file contents.

show syslog-servers Displays the syslog servers settings.

show tacacs Displays configuration and statistics for a TACACS+ servers.

show users accounts Displays information about the local user database.

test copper-port tdr Diagnoses with TDR (Time Domain Reflectometry) technology the

quality and characteristics of a copper cable attached to a port.

SP (SSH Public Key) Mode

Command Description

key-string Manually specifies a SSH public key.

user-key Specifies which SSH public key is manually configured and enters the

SSH public key-string configuration command

UE (User EXEC) Mode

Command Description

clear counters Clears statistics on an interface.

enable Enters the privileged EXEC mode.

exit(EXEC) Closes an active terminal session by logging off the device.

ping Sends ICMP echo request packets to another node on the network.

show clock Displays the time and date from the system clock.

show gvrp configuration Displays GVRP configuration information.

show gvrp error-statistics Displays GVRP error statistics.

clear gvrp statistics Displays GVRP statistics.

show history Lists the commands entered in the current session.

Command Modes 53

Page 54

show hosts Displays the default domain name, a list of name server hosts, the static

show interfaces configuration Displays the configuration for all configured interfaces.

show interfaces counters Displays traffic seen by the physical interface.

show interfaces description Displays the description for all configured interfaces.

port channel load balance Displays Port-channel information.

show interfaces status Displays the status for all configured interfaces.

show ip igmp snooping groups Displays multicast groups learned by IGMP snooping.

show ip igmp snooping

www.dell.com | support.dell.com

interface

show ip igmp snooping mrouter

show ip interface Displays the usability status of interfaces configured for IP.

show lacp ethernet Displays LACP information for Ethernet ports.

show line Displays line parameters.

show ports jumbo-frame Displays the jumbo frames configuration.

show ports monitor Displays the port monitoring status.

show privilege Displays the current privilege level.

show qos Displays the QoS status.

show qos interface Assigns CoS values to select one of the egress queues.

show qos map Displays all the maps for QoS.

show rmon alarm Displays alarm configurations.

show rmon alarm-table Displays the alarms summary table.

show rmon collection history Displays the requested history group configuration.

show rmon events Displays the RMON event table.

show rmon history Displays RMON Ethernet Statistics history.

show rmon log Displays the RMON logging table.

show rmon statistics Displays RMON Ethernet Statistics.

show system Displays system information.

show system id Displays the service id information.

show users Displays information about the active users.

show version Displays the system version information.

and the cached list of host names and addresses.

Displays IGMP snooping configuration.

Displays information on dynamically learned multicast router interfaces.

54 Command Modes

Page 55

VC (VLAN Configuration) Mode

Command Description

bridge address Adds a static MAC-layer station source address to the bridge table.

bridge multicast address Registers MAC-layer multicast addresses to the bridge table, and adds

static ports to the group.

bridge multicast forbidden address

bridge multicast forbidden forward-all

bridge multicast forward-all Enables forwarding of all multicast frames on a port.

ip igmp snooping (Interface) Enables Internet Group Management Protocol (IGMP) snooping on a

ip igmp snooping host-timeout

ip igmp snooping leave-timeout

show ip igmp snooping mrouter Enables automatic learning of multicast router ports in the context of a

ip igmp snooping mroutertime-out

vlan Creates a VLAN.

Forbids adding a specific multicast address to specific ports.

Enables forbidding forwarding of all multicast frames to a port.

specific VLAN.

Configures the host-time-out.

Configures the leave-time-out.

specific VLAN.

Configures the mrouter-time-out.

Command Modes 55

Page 56

www.dell.com | support.dell.com

56 Command Modes

Page 57

Using the CLI

This chapter describes how to start using the CLI and describes implemented command editing features to assist in using the CLI.

CLI Command Modes

Introduction

To assist in configuring devices, the CLI [Command Line Interface] is divided into different command modes. Each command mode has its own set of specific commands. Entering a question mark "

" at the system prompt (console prompt) displays a list of commands available for that

particular command mode.

From each mode a specific command is used to navigate from one command mode to another. The standard order to access the modes is as follows:

Configuration

command mode access path.

mode, and

Interface Configuration

User EXEC

mode. The following figure illustrates the

mode,

Privileged EXEC

mode,

Global

Using the CLI 57

Page 58

When starting a session, the initial mode is the User EXEC mode. Only a limited subset of commands are available in User EXEC Mode. This level is reserved for tasks that do not change the configuration. To enter the next level, the Privileged EXEC mode, a password is required.

The Privileged mode gives access to commands that are restricted on EXEC mode and provides access to the device Configuration mode.

The Global Configuration mode manages the device configuration on a global level.

The Interface Configuration mode configures specific interfaces in the device.

User EXEC Mode

After logging into the device, the user is automatically in User EXEC command mode unless the

www.dell.com | support.dell.com

user is defined as a privileged user. In general, the User EXEC commands allow the user to perform basic tests, and list system information.

The user-level prompt consists of the device "host name" followed by the angle bracket (>).

console>

The default host name is "Console" unless it has been changed using the

hostname

command in

the Global Configuration mode.

Privileged EXEC Mode

Privileged access is password protected to prevent unauthorized use because many of the privileged commands set operating system parameters: The password is not displayed on the screen and is case sensitive.

Privileged users enter directly into the Privileged EXEC mode. To enter the Privileged EXEC mode from the User EXEC mode, perform the following steps:

At the prompt enter the command displayed.

Enter the password and press <Enter>. The password is displayed as "*". The Privileged EXEC mode prompt is displayed. The Privileged EXEC mode prompt consists of the device "host name" followed by "

console#

To return from Privileged Exec mode to User EXEC mode, type the command prompt.

enable

and press <Enter>. A password prompt is

disable

command at the

58 Using the CLI

Page 59

The following example illustrates how to access Privileged Exec mode and return back to the User EXEC mode:

console>enable

Enter Password: ******

console#

console#disable

console>

The Exit command is used to return from any mode to the previous mode except when returning to User EXEC mode from the Privileged EXEC mode. For example, the Exit command is used to return from the Interface Configuration mode to the Global Configuration mode

Global Configuration Mode

Global Configuration mode commands apply to features that affect the system as a whole, rather than just a specific interface. The Privileged EXEC mode command Global Configuration mode.

To enter the Global Configuration mode perform the following steps:"

At the Privileged EXEC mode prompt enter the command The Global Configuration mode prompt is displayed. The Global Configuration mode prompt consists of the device "host name" followed by the word "(config)" and "

configure

is used to enter the

and press

<Enter>

console(config)#

To return from the Global Configuration mode to the Privileged EXEC mode, the user can use one of the following commands:

•exit

•end

• Ctrl+Z

The following example illustrates how to access Global Configuration mode and returns to the Privileged EXEC mode:

console#

console#configure

console(config)#exit

console#

Using the CLI 59

Page 60

Interface Configuration Mode and Specific Configuration Modes

Interface Configuration mode commands are to modify specific interface operations. The following are the Interface Configuration modes:

•

Line Interface

include commands such as line speed, timeout settings, etc. The Global Configuration mode command

•

VLAN Database

Configuration mode command Configuration mode.

Management Access List

•

www.dell.com | support.dell.com

Global Configuration mode command Management Access List Configuration mode.

•

Ethernet

mode command configure an Ethernet type interface.

•

Port Channel

to a VLAN or port-channel. Most of these commands are the same as the commands in the Ethernet interface mode, and are used to manage the member ports as a single entity. The Global Configuration mode command Channel Interface Configuration mode.

•

SSH Public Key-chain

keys. The Global Configuration mode command the SSH Public Key-chain Configuration mode.

•

Interface

mode command

•

QoS—Contains commands related to service definitions. The Global Configuration mode command qos config-services is used to enter the QoS services configuration mode.

—Contains commands to configure the management connections. These

line

is used to enter the Line Configuration command mode.

—Contains commands to create a VLAN as a whole. The Global

vlan database

—Contains commands to define management access-lists. The

—Contains commands to manage port configuration. The Global Configuration

interface ethernet

—Contains commands to configure port-channels, for example, assigning ports

—Contains commands to manually specify other device SSH public

—Contains commands that configure the interface. The Global Configuration

interface ethernet

is used to enter the Interface Configuration mode to

is used to enter the Interface Configuration mode.

is used to enter the VLAN Database Interface

management access-list

interface port-channel

crypto key pubkey-chain ssh

is used to enter the

is used to enter the Port

is used to enter

Starting the CLI

The switch can be managed over a direct connection to the switch console port, or via a Telnet connection. The switch is managed by entering command keywords and parameters at the prompt. Using the switch command-line interface (CLI) is very similar to entering commands on a UNIX system.

If access is via a Telnet connection, ensure the device has an IP address defined, corresponding management access is granted, and the workstation used to access the device is connected to the device prior to using CLI commands.

NOTE: The following steps are for use on the console line only.

To start using the CLI, perform the following steps:

60 Using the CLI

Page 61

Start the device and wait until the startup procedure is complete.

The User Exec mode is entered, and the prompt "Console>" is displayed.

Configure the device and enter the necessary commands to complete the required tasks.

When finished, exit the session with the

When a different user is required to log onto the system, in the Privileged EXEC mode command mode the user.

command is entered. This effectively logs off the current user and logs on the new

quit

exit

command.

Editing Features

Entering Commands

A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command "

ethernet g5

interface type, and

To enter commands that require parameters, enter the required parameters after the command keyword. For example, to set a password for the administrator, enter: Console(config)#

When working with the CLI, the command options are not displayed. The command is not selected from a menu but is manually entered. To see what commands are available in each mode or within an interface configuration, the CLI does provide a method of displaying the available commands, the command syntax requirements and in some instances parameters required to complete the command. The standard command to request help is

There are two instances where the help information can be displayed:

•

To assist in using the CLI, there is an assortment of editing features. The following features are described:

• Terminal Command Buffer

• Command Completion

• Keyboard Shortcuts

show, interfaces

specifies the port.

username admin password smith

Keyword lookup

commands and corresponding help messages are displayed.

Partial keyword lookup

a parameter. The matched parameters for this command are displayed.

—The character ? is entered in place of a command. A list of all valid

and

status

are keywords,

—A command is incomplete and the character ? is entered in place of

ethernet

is an argument that specifies the

show interfaces status

Using the CLI 61

Page 62

Terminal Command Buffer

Every time a command is entered in the CLI, it is recorded on an internally managed Command History buffer. Commands stored in the buffer are maintained on a basis.These commands can be recalled, reviewed, modified, and reissued. This buffer is not preserved across device resets.

Keyword Source or destination

Up-arrow key Ctrl+P

Down-arrow key Returns to more recent commands in the history buffer after recalling

www.dell.com | support.dell.com

By default, the history buffer system is enabled, but it can be disabled at any time. For information about the command syntax to enable or disable the history buffer, see history.

There is a standard default number of commands that are stored in the buffer. The standard number of 10 commands can be increased to 256. By configuring 0, the effect is the same as disabling the history buffer system. For information about the command syntax for configuring the command history buffer, see history size.

To display the history buffer, see show history.

Negating the Effect of Commands

For many configuration commands, the prefix keyword "no" can be entered to cancel the effect of a command or reset the configuration to the default value. This guide describes the negation effect for all applicable commands.

First In First Out (FIFO)

Recalls commands in the history buffer, beginning with the most recent command. Repeats the key sequence to recall successively older commands.

commands with the up-arrow key. Repeating the key sequence will recall successively more recent commands.

Command Completion

If the command entered is incomplete, invalid, or has missing or invalid parameters, then the appropriate error message is displayed. This assists in entering the correct command. By pressing the <Tab> button, an incomplete command is entered. If the characters already entered are not enough for the system to identify a single matching command, press "?" to display the available commands matching the characters already entered.

Incorrect or incomplete commands are automatically re-entered next to the cursor. If a parameter must be added, the parameter can be added to the basic command already displayed next to the cursor. The following example indicates that the command interface ethernet requires a missing parameter.

(config)#interface ethernet

%missing mandatory parameter

(config)#interface ethernet

62 Using the CLI

Page 63

Keyboard Shortcuts

The CLI has a range of keyboard shortcuts to assist in editing the CLI commands. The following table describes the CLI shortcuts.

Keyboard Key Description

Up-arrow key Recalls commands from the history buffer, beginning with the most recent

command. Repeat the key sequence to recall successively older commands.

Down-arrow key Returns the most recent commands from the history buffer after recalling

commands with the up arrow key. Repeating the key sequence will recall successively more recent commands.

Ctrl+A Moves the cursor to the beginning of the command line.

Ctrl+E Moves the cursor to the end of the command line.

Ctrl+Z / End Returns back to the Privileged EXEC mode from any mode.

Backspace key Moves the cursor back one space.

CLI Command Conventions

When entering commands there are certain command entry standards that apply to all commands. The following table describes the command conventions.

Convention Description

[ ] In a command line, square brackets indicates an optional entry.

{ } In a command line, curly brackets indicate a selection of compulsory

Italic font

<Enter>

Ctrl+F4

Screen

parameters separated by the example: command either

flowcontrol {auto|on|off}

auto, on

Indicates a parameter.

Any individual key on the keyboard. For example click

Any combination keys pressed simultaneously on the keyboard.

Indicates system messages and prompts appearing on the console.

character. One option must be selected. For

off

must be selected.

means that for the

flowcontrol

<Enter>

Display

all

When a parameter is required to define a range of ports or parameters and all is an option, the default for the command is all when no parameters are defined. For example, the command interface range port-

channel has the option of either entering a range of channels, or selecting all. When the command is entered without a parameter, it automatically defaults to all.

Using the CLI 63

Page 64

www.dell.com | support.dell.com

64 Using the CLI

Page 65

AAA Commands

aaa authentication login

The

aaa authentication login

To return to the default configuration, use the

Syntax

aaa authentication login {default | list-name} method1 [method2

Global Configuration mode commands defines login authentication.

form of this command.

...]

no aaa authentication login {default | list-name

•

default

—Uses the listed authentication methods that follow this argument as the default

list of methods when a user logs in.

•

list-name

when a user logs in.

•

method1 [method2

Keyword Source or destination

enable Uses the enable password for authentication.

line Uses the line password for authentication.

local Uses the local username database for authentication.

none Uses no authentication.

radius Uses the list of all RADIUS servers for authentication.

tacacs Uses the list of all TACACS servers for authentication.

Default Configuration

The local user database is checked. This has the same effect as the command

authentication login list-name local

NOTE: On the console, login succeeds without any authentication check if the authentication method is

not defined.

Command Mode

Global Configuration mode

—Character string used to name the list of authentication methods activated

...]—Specify at least one from the following table:

}

aaa

User Guidelines

• The default and optional list names created with the used with the

command.

aaa authentication login

command are

AAA Commands 65

Page 66

• Create a list by entering the particular protocol, where argument identifies the list of methods that the authentication algorithm tries, in the given sequence.

• The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify

Example

The following example configures authentication login.

www.dell.com | support.dell.com

Console (config)# aaa authentication login default radius local enable none

aaa authentication enable

The

aaa authentication enable

method lists for accessing higher privilege levels. To return to the default configuration use the form of this command.

Syntax

aaa authentication enable {default | list-name

aaa authentication login

list-name

none

as the final method in the command line.

is any character string used to name this list. The

Global Configuration mode command defines authentication

}

list-name method

method1 [method2

command for a

...]

method

no aaa authentication enable default

•

default

list of methods, when using higher privilege levels.

•

list-name

when using access higher privilege levels.

•

method1 [method2

Keyword Source or destination

enable Uses the enable password for authentication.

line Uses the line password for authentication.

none Uses no authentication.

radius Uses the list of all RADIUS servers for authentication. Uses username

tacacs Uses the list of all TACACS+ servers for authentication. Uses

66 AAA Commands

—Uses the listed authentication methods that follow this argument as the default

—Character string used to name the list of authentication methods activated,

...]—Specify at least one from the following table:

"$enabx$." where x is the privilege level.

username "$enabx$." where x is the privilege level.

Page 67

Default Configuration

If the

default

the command

list is not set, only the enable password is checked. This has the same effect as

aaa authentication enable default enable

On the console, the enable password is used if it exists. If no password is set, the process still succeeds. This has the same effect as using the command

enable none

Command Mode

aaa authentication enable default

Global Configuration mode

User Guidelines

• The default and optional list names created with the used with the

• Create a list by entering the

list-name

enable authentication

command.

aaa authentication enable

is any character string used to name this list. The

aaa authentication enable

list-name method

method

command where

argument identifies the

command are

list of methods that the authentication algorithm tries, in the given sequence.

•All

aaa authentication enable default

none

as the final method in the command line.

requests sent by the device to a RADIUS or TACACS

server include the username "$enab15$".

Example

The following example sets authentication when accessing higher privilege levels.

Console (config)# aaa authentication enable default enable

login authentication

The

method list for a remote telnet, SSH or console. To return to the default specified by the authentication login command, use the

Syntax

no login authentication

•

default

—Uses the default list created with the

list-name

•

Line Configuration mode command specifies the login authentication

form of this command.

list-name

—Uses the indicated list created with the

}

authentication login

command.

authentication login

command.

AAA Commands 67

Page 68

Default Configuration

Uses the default set with the command

Command Mode

Line Configuration mode

User Guidelines

• Changing login authentication from default to another value may disconnect the telnet session.

Example

www.dell.com | support.dell.com

The following example specifies the default authentication method for a console.

Console (config)# line console

Console (config-line)# login authentication default

enable authentication

The

enable authentication

method list when accessing a higher privilege level from a remote telnet, SSH or console. To return to the default specified by the

Syntax

enable authentication {default

authentication login

Line Configuration mode command specifies the authentication

enable authentication

list-name

command, use the no form of this command.

}

no enable authentication

•

default

•

list-name

Default Configuration

Uses the default set with the command

Command Mode

Line Configuration mode

User Guidelines

• There are no user guidelines for this command.

Example

The following example specifies the default authentication method when accessing a higher privilege level from a console.

68 AAA Commands

—Uses the default list created with the

—Uses the indicated list created with the

authentication enable

command.

Page 69

Console (config)# line console

Console (config-line)# enable authentication default

ip http authentication

The

ip http authentication

methods for http. To return to the default, use the

Syntax

ip http authentication

no ip http authentication

•

method1 [method2

Keyword Source or destination

local Uses the local username database for authentication.

none Uses no authentication.

radius Uses the list of all RADIUS servers for authentication.

tacacs Uses the list of all TACACS servers for authentication.

Default Configuration

The local user database is checked. This has the same effect as the command

authentication local

Global Configuration mode command specifies authentication

form of this command.

method1 [method2

...]

...]—Specify at least one from the following table:

ip http

Command Mode

Global Configuration mode

User Guidelines

Example

none

as the final method in the command line.

The following example configures the http authentication.

Console (config)# ip http authentication radius local

Console (config)# ip http authentication tacacs local

AAA Commands 69

Page 70

ip https authentication

The

ip https authentication

methods for https servers. To return to the default, use the

Syntax

ip https authentication

no ip https authentication

•

method1 [method2

Keyword Source or destination

www.dell.com | support.dell.com

local Uses the local username database for authentication.

none Uses no authentication.

radius Uses the list of all RADIUS servers for authentication.

tacacs Uses the list of all TACACS servers for authentication.

Default Configuration

The local user database is checked. This has the same effect as the command

authentication local

Command Mode

Global Configuration mode

Global Configuration mode command specifies authentication

form of this command.

method1 [method2

...]

...]—Specify at least one from the following table:

ip https

User Guidelines

Example

The following example configures https authentication.

Console (config)# ip https authentication radius local

Console (config)# ip https authentication tacacs local

show authentication methods

The

authentication methods

authentication methods.

70 AAA Commands

none

as the final method in the command line.

Privilege EXEC mode command displays information about the

Page 71

Syntax

show authentication methods

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• There are no user guidelines for this command.

Example

The following example displays the authentication configuration.

AAA Commands 71

Page 72

Console# show authentication methods

-----------------------------------

Console_Default: None

Network_Default: Local

Enable Authentication Method Lists

www.dell.com | support.dell.com

-----------------------------------

Console_Default: Enable None

Network_Default: Enable

Line Login Method List Enable Method List

-------------- ----------------- ------------------

Console Default Default

Telnet Default Default

SSH Default Default

http : Tacacs Local

https : Tacacs Local

dot1x :

password

The

password

password, use the

Syntax

password

Line Configuration mode command specifies a password on a line. To remove the

form of this command.

password [encrypted

]

no password

•

password

•

encrypted

configuration.

72 AAA Commands

—Password for this level, from 1 to 159 characters in length.

—Encrypted password to be entered, copied from another device

Page 73

Default Configuration

No password is required.

Command Mode

Line Configuration mode

User Guidelines

• There are no user guidelines for this command.

Example

The following example specifies a password "secret" on a line.

Console (config-line)# password secret

enable password

The

enable password

to normal and privilege levels. To remove the password requirement, use the command.

Syntax

enable password [level

Global Configuration mode command sets a local password to control access

level] password [encrypted

]

form of this

no enable password [level

•

password

level level

—Password for this level, from 1 to 159 characters in length.

—Level for which the password applies. If not specified the level is 15

level

]

(Range: 1-15).

•

encrypted

Default Configuration

—Encrypted password entered, copied from another device configuration.

This command has no default configuration.

Command Mode

Global Configuration mode

User Guidelines

• There are no user guidelines for this command.

AAA Commands 73

Page 74

Example

The following example sets a local level 15 password "secret" to control access to user and privilege levels.

Console (config)# enable password level 15 secret

username

The

username

system. To remove a user name use the

Global Configuration mode command establishes a username-based authentication

form of this command.

www.dell.com | support.dell.com

Syntax

username

no username

•

name

password

•

level

•

encrypted

Default Configuration

No user is defined.

Command Mode

Global Configuration mode

User Guidelines

• No password is required.

Example

The following example configures user "bob" with the password "lee" and user level 15 to the system.

Console (config)# username bob password lee level 15

name [password password

] [

level level

] [

encrypted

]

name

—The name of the user. (Range: 1 - 20 characters)

—The authentication password for the user. (Range: 1 - 159 characters).

—The user level (Range: 1 -15).

—Encrypted password entered, copied from another device configuration.

show users accounts

The

show users accounts

user database.

74 AAA Commands

Privileged EXEC mode command displays information about the local

Page 75

Syntax

show users accounts

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• There are no user guidelines for this command.

Example

The following example displays the local users configured with access to the system.

Console# show users accounts

Username Privilege

-------- ---------

Bob 15

Robert 15

AAA Commands 75

Page 76

www.dell.com | support.dell.com

76 AAA Commands

Page 77

Address Table Commands

bridge address

The

bridge address

station source address to the bridge table. To delete the MAC address, use the

bridge address

deletes all static MAC addresses belonging to this VLAN).

Syntax

bridge address

[

permanent

VLAN Interface Configuration mode command adds a static MAC-layer

command (using the no form of the command without specifying a MAC address

mac-address {ethernet interface | port-channel port-channel-number

delete-on-reset

delete-on-timeout

secure

]

form of the

}

no bridge address [mac-address

mac-address

•

interface—

•

port-channel-number—

permanent—

•

delete-on-reset

•

delete-on-timeout—

secure

•

security

mode.

Default Configuration

No static addresses are defined. The default mode for an added address is

Command Mode

Interface configuration (VLAN) mode

User Guidelines

• There are no user guidelines for this command.

Example

The following example adds a permanent static MAC-layer station source address 3aa2.64b3.a245 on port g8 to the bridge table.

—A valid MAC address in the format of xx:xx:xx:xx:xx:xx.

A valid Ethernet port.

The address can only be deleted by the

—The address is deleted after reset.

—The address is deleted after the port changes mode to unlock learning (

command). This parameter is only available when the port is in learning locked

]

A valid port-channel number.

no bridge address

The address is deleted after "age out" time has expired.

command.

permanent

no port

Address Table Commands 77

Page 78

Console (config)# interface vlan 2

Console (config-vlan)# bridge address 3a:a2:64:b3:a2:45 ethernet g8 permanent

bridge multicast filtering

The

bridge multicast filtering

addresses. To disable filtering of multicast addresses, use the

filtering

command.

Global Configuration mode command enables filtering of multicast

form of the

bridge multicast

www.dell.com | support.dell.com

Syntax

bridge multicast filtering

no bridge multicast filtering

Default Configuration

Disabled. All multicast addresses are flooded to all ports.

Command Mode

Global Configuration mode

User Guidelines

• If devices exist on the VLAN, do not change the unregistered multicast addresses state to drop on the devices ports.

• If multicast routers exist on the VLAN and IGMP-snooping is not enabled, the

multicast forward-all

the multicast routers.

Example

In this example, bridge multicast filtering is enabled.

Console (config)# bridge multicast filtering

bridge multicast address

bridge

command should be used to enable forwarding all multicast packets to

The

bridge multicast address

multicast addresses to the bridge table, and adds static ports to the group. To unregister the MAC address, use the

Syntax

bridge multicast address {mac-multicast-address | ip-multicast-address

78 Address Table Commands

form of the

Interface Configuration mode command registers MAC-layer

bridge multicast address

command.

}

Page 79

bridge multicast address {mac-multicast-address | ip-multicast-address} [add | remove]

{

ethernet interface-list | port-channel port-channel-number-list

}

no bridge multicast address {mac-multicast-address | ip-multicast-address

add

•

—Adds ports to the group. If no option is specified, this is the default option.

remove

—Removes ports from the group.

mac-multicast-address

ip- multicast-address

interface-list

—Separate nonconsecutive Ethernet ports with a comma and no spaces; a

—MAC multicast address in the format of xx:xx:xx:xx:xx:xx.

—IP multicast address.

hyphen is used to designate a range of ports.

•

port-channel-number-list

—Separate nonconsecutive port-channels with a comma and no

spaces; a hyphen is used to designate a range of ports.

Default Configuration

No multicast addresses are defined.

Command Mode

Interface configuration (VLAN) mode

User Guidelines

• If the command is executed without

add

remove

, the command only registers the group in

the bridge database.

• Static multicast addresses can only be defined on static VLANs.

Examples

The following example registers the MAC address:

}

Console (config)# interface vlan 8

Console (config-if)# bridge multicast address 01:00:5e:02:02:03

The following example registers the MAC address and adds ports statically.

Console (config)# interface vlan 8

Console (config-if)# bridge multicast address 01:00:5e:02:02:03 add ethernet g1-9

Address Table Commands 79

Page 80

bridge multicast forbidden address

The

bridge multicast forbidden address

specific multicast address to specific ports. Use the

Syntax

bridge multicast forbidden address {mac-multicast-address | ip-multicast-address remove

} {

ethernet interface-list | port-channel port-channel-number-list

Interface Configuration mode command forbids adding a

form of this command to return to default.

} {

add

}

no bridge multicast forbidden address {mac-multicast-address | ip-multicast-address

•

add

remove

www.dell.com | support.dell.com

•

mac-multicast-address

•

ip- multicast-address

interface-list—

•

spaces; hyphen is used to designate a range of ports.

•

port-channel-number-list—

and no spaces; a hyphen is used to designate a range of port-channels.

Default Configuration

No forbidden addresses are defined.

Command Modes

Interface Configuration (VLAN) mode

User Guidelines

• Before defining forbidden ports, the multicast group should be registered.

Examples

In this example the MAC address 01:00:5e:02:02:03 is forbidden on port g9 within VLAN 8.

}

—Adds ports to the group.

—Removes ports from the group.

—MAC multicast address in the format of xx:xx:xx:xx:xx:xx.

—IP multicast address is in the format xxx.xxx.xxx.xxx.

Separate non consecutive valid Ethernet ports with a comma and no

Separate non consecutive valid port-channels with a comma

Console (config)# interface vlan 8

Console (config-if)# bridge multicast address 01:00:5e:02:02:03

Console (config-if)# bridge multicast forbidden address 01:00:5e:02:02:03 add ethernet g9

80 Address Table Commands

Page 81

bridge multicast forward-all

The

bridge multicast forward-all

all multicast packets on a port. To restore the default, use the

forward-all

Syntax

command.

bridge multicast forward-all {add | remove} {ethernet interface-list | port-channel port-

channel-number-list

}

no bridge multicast forward-all

•

add

—Adds ports to the group.

•

remove

—Removes ports from the group.

interface-list

•

—Separate non consecutive valid Ethernet ports with a comma and no

spaces; a hyphen is used to designate a range of ports.

•

port-channel-number-list

and no spaces; a hyphen is used to designate a range of port-channels.

Default Configuration

Disable forward-all on the specified interface.

Command Mode

Interface Configuration (VLAN) mode

Interface Configuration mode command enables forwarding of

form of the

bridge multicast

—Separate non consecutive valid port-channels with a comma

User Guidelines

• There are no user guidelines for this command.

Example

In this example all multicast packets on port g8 are forwarded.

Console (config)# interface vlan 2

Console (config-if)# bridge multicast forward-all add ethernet g8

bridge multicast forbidden forward-all

The

bridge multicast forbidden forward-all

to be a forward-all-multicast port. To restore the default, use the

forward-all

command.

Interface Configuration mode command forbids a port

form of the

bridge multicast

Address Table Commands 81

Page 82

Syntax

bridge multicast forbidden forward-all {add | remove} {ethernet interface-list | port-channel

port-channel-number-list

no bridge multicast forward-all

•

add

remove

•

interface-list

spaces; a hyphen is used to designate a range of ports.

•

port-channel-number-list

and no spaces; a hyphen is used to designate a range of port-channels.

www.dell.com | support.dell.com

Default Configuration

By default, this setting is disabled (for example, forwarding to the port is not forbidden).

Command Mode

Interface Configuration (VLAN) mode

User Guidelines

• IGMP snooping dynamically discovers multicast router ports. When a multicast router port is discovered, all the multicast packets are forwarded to it unconditionally.

• This command prevents a port to be a multicast router port.

}

—Forbids forwarding all multicast packets.

—Does not forbid forwarding all multicast packets.

—Separates non consecutive valid Ethernet ports with a comma and no

—Separates non consecutive valid port-channels with a comma

Example

In this example, forwarding all multicast packets to g6 are forbidden.

Console (config)# interface vlan 2

Console (config-if)# bridge multicast forbidden forward-all add ethernet g6

bridge aging-time

The

bridge aging-time

restore the default, use the

Syntax

bridge aging-time

no bridge aging-time

82 Address Table Commands

Global Configuration mode command sets the address table aging time. To

form of the

bridge aging-time

command.

seconds

Page 83

•

seconds

—Time is number of seconds. (Range: 10 - 630 seconds)

Default Configuration

300 seconds

Command Mode

Global Configuration mode

User Guidelines

• There are no user guidelines for this command.

Example

In this example the bridge aging time is set to 250.

Console (config)# bridge aging-time 250

clear bridge

The

clear bridge

forwarding database.

Syntax

clear bridge

Privileged EXEC mode command removes any learned entries from the

• This command has no keywords or arguments.

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• There are no user guidelines for this command.

Example

In this example, the bridge tables are cleared.

Console# clear bridge

Address Table Commands 83

Page 84

port security

The

port security

addresses are not learned on the port. To enable new address learning, use the

security

Syntax

www.dell.com | support.dell.com

Default Configuration

Command Mode

command.

port security [forward

no port security

•

forward

address.

discard

•

option is indicated.

•

discard-shutdown

shut down.

•

trap

between two consecutive traps. (Range: 1 - 1,000,000)

Disabled - No port security

Interface Configuration (Ethernet, port-channel) mode

Interface Configuration mode command locks the port. By locking the port, new

form of the

discard | discard-shutdown

] [

trap

seconds

]

—Forwards frames with unlearned source addresses, but does not learn the

—Discards frames with unlearned source addresses. This is the default if no

—Discards frames with unlearned source addresses. The port is also

Seconds

—Sends SNMP traps and defines the minimal amount of time in seconds

port

User Guidelines

• There are no user guidelines for this command.

Example

In this example, frame forwarding is enabled without learning, and with traps sent every 100 seconds on port g1.

Console (config)# interface ethernet g1

Console (config-if)# port security forward trap 100

Console (config-if)# port security discard trap 100

Console (config-if)# port security discard-shutdown trap 100

84 Address Table Commands

Page 85

port security routed secure-address

The

port security routed secure-address

secure addresses to a routed port. Use the

Syntax

port security routed secure-address

Interface Configuration mode command adds MAC-layer

form of this command to delete the MAC addresses.

mac-address

no port security routed secure-address

•

mac-address

Default Configuration

—Specify a MAC address in the format of xx:xx:xx:xx:xx:xx.

mac-address

No addresses are defined.

Command Mode

Interface configuration (Ethernet, port-channel). Cannot be configured for a range of interfaces (range context).

User Guidelines

• The command enables adding secure MAC addresses to a routed ports in port security mode. The command is available when the port is a routed port and in port security mode. The address is deleted if the port exits the security mode or is not a routed port.

Example

In this example, the MAC-layer address 66:66:66:66:66:66 is added to port g1.

Console (config)# interface ethernet g1

Console (config-if)# port security routed secure-address 66:66:66:66:66:66

show bridge address-table

The

show bridge address-table

forwarding database.

Syntax

show bridge address-table [vlan

]

number

vlan

•

—Specific valid VLAN, such as VLAN 1.

interface—

A valid Ethernet port

Privileged EXEC mode command displays all entries in the bridge-

vlan

] [

ethernet interface |

port-channel

port-channel-

Address Table Commands 85

Page 86

•

port-channel-number

Default Configuration

—A valid port-channel number.

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• Internal usage VLANs (VLANs that are automatically allocated on routed ports) would be presented in the VLAN column by a port number and not by a VLAN ID.

www.dell.com | support.dell.com

Example

In this example, all classes of entries in the bridge-forwarding database are displayed.

86 Address Table Commands

Page 87

Console# show bridge address-table

Aging time is 300 sec

vlan mac address port type

---- ----------- ---- ----

1 00:60:70:4C:73:FF g8 dynamic

1 00:60:70:8C:73:FF g7 dynamic

200 00:10:0D:48:37:FF g4 static

8 00:10:0D:48:37:FF g2 dynamic

show bridge address-table static

The

show bridge address-table static

entries in the bridge-forwarding database.

Syntax

show bridge address-table static [vlan

number

]

vlan

•

—Specific valid VLAN, such as VLAN 1.

interface—

A valid Ethernet port

port-channel-number

Privileged EXEC mode command displays statically created

vlan

] [

ethernet interface |

—A valid port-channel number.

port-channel

port-channel-

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• There are no user guidelines for this command.

Example

In this example, all static entries in the bridge-forwarding database are displayed.

Address Table Commands 87

Page 88

Console# show bridge address-table static

Aging time is 300 sec

vlan mac address port type

---- ----------- ---- ----

1 00:60:70:4C:73:FF g8 permanent

1 00:60:70:8C:73:FF g8 delete-on-timeout

www.dell.com | support.dell.com

200 00:10:0D:48:37:FF g8 delete-on-reset

show bridge address-table count

The

show bridge address-table count

addresses present in all VLANs or in a specific VLAN.

Syntax

show bridge address-table count [vlan vlan

vlan

•

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• This command displays the count for 1 VLAN, for all VLANs or for a specific port.

• No commas are allowed.

Example

In this example, the number of addresses present in the VLANs are displayed.

Privileged EXEC mode command displays the number of

]

—Specific VLAN.

88 Address Table Commands

Page 89

Console# show bridge address-table count

Capacity: 8192

Free: 8084

Used: 108

Static addresses: 2

Dynamic addresses: 97

Internal addresses: 9

show bridge multicast address-table

The

show bridge multicast address-table

MAC address table information.

Syntax

show bridge multicast address-table [vlan

multicast-address

vlan_id

•

mac-multicast-address

ip-multicast-address—

•

format—Multicast address format. Can be ip or

mac

] [

format ip

—A VLAN ID value.

—A MAC multicast address in the format of xx:xx:xx:xx:xx:xx.

An IP multicast address.

Privileged EXEC mode command displays multicast

vlan-id] [address

mac

]

mac-multicast-address | ip-

mac

. If format is unspecified, the default

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• There are no user guidelines for this command.

Example

In this example, multicast MAC address table information is displayed.

Address Table Commands 89

Page 90

Console # show bridge multicast address-table

Vlan MAC Address Type Ports

---- ----------- ----- ----------

1 01:00:5e:02:02:03 static g1, g2

19 01:00:5e:02:02:08 static g1-8

19 01:00:5e:02:02:08 dynamic g9-11

Forbidden ports for multicast addresses:

www.dell.com | support.dell.com

Vlan MAC Address Ports

---- ----------- ----------

1 01:00:5e:02:02:03 g8

19 01:00:5e:02:02:08 g8

Console # show bridge multicast address-table format ip

Vlan IP Address Type Ports

---- ----------- ----- ----------

1 224-239.130|2.2.3 static g1,g2

19 224-239.130|2.2.8 static g1-8

19 224-239.130|2.2.8 dynamic g9-11

Forbidden ports for multicast addresses:

Vlan IP Address Ports

---- ----------- ----------

1 224-239.130|2.2.3 g8

19 224-239.130|2.2.8 g8

NOTE: A multicast MAC address maps to multiple IP addresses, as shown above.

90 Address Table Commands

Page 91

show bridge multicast filtering

The

show bridge multicast filtering

filtering configuration.

Syntax

show bridge multicast filtering vlan-id

•

vlan_id—

Default Configuration

A valid VLAN ID value.

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• There are no user guidelines for this command.

Example

In this example, the multicast configuration for VLAN 1 is displayed.

Console # show bridge multicast filtering 1

Filtering: Enabled

VLAN: 1

Privileged EXEC mode command displays the multicast

Port Static Status

------- ----------------- -----------

g1 Forbidden Filter

g2 Forward Forward(s)

g3 - Forward(d)

show ports security

The

show ports security

Syntax

show ports security [ethernet interface |

interface

•

port-channel-number—

Privileged EXEC mode command displays the port-lock status.

—A valid Ethernet port

A valid port-channel number

port-channel

port-channel-number

]

Address Table Commands 91

Page 92

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode

User Guidelines

• There are no user guidelines for this command.

Example

In this example, all classes of entries in the port-lock status are displayed.

www.dell.com | support.dell.com

Console # show ports security

Port Status Action Trap Frequency Counter

----- ------- ------- ------- --------- --------

g1 Locked Discard Enable 100 88

g2 Unlocked - - - -

g3 Locked Discard,

Frequency: Minimum time in seconds between consecutive traps

Disable - -

Shutdown

Counter: Number of actions since last trap

92 Address Table Commands

Page 93

Clock

clock set

The

clock set

Syntax

clock set

clock set hh:mm:ss month day year

•

Default Configuration

The default time set is 0:0:0:0 Jan 1 2000 or xxxxx Month Day Year.

Command Mode

Privileged EXEC mode

Privileged EXEC mode command manually sets the system clock.

hh:mm:ss day month year

hh:mm:ss

- 59, ss: 0 - 59

day

month

year

—Current time in hours (military format), minutes, and seconds (0 - 23, mm: 0

—Current day (by date) in the month (1 - 31)

—Current month using the first three letters by name (Jan, …, Dec).

—Current year (2000 - 2097).

User Guidelines

• There are no user guidelines for this command.

Example

The following example sets the system time to 13:32:00 on the 7th March 2002.

Console# clock set 13:32:00 7 Mar 2002

clock source

The

clock source

system clock.

Syntax

clock source {sntp

no clock source

•

Privileged EXEC mode command configures an external time source for the

}

sntp

—SNTP servers

Clock 93

Page 94

Default Configuration

No external clock source

Command Mode

Global Configuration mode

User Guidelines

• There are no user guidelines for this command.

Examples

The following example configures an external time source for the system clock.

www.dell.com | support.dell.com

Console# clock source sntp

clock timezone

The

clock timezone

To set the time to Coordinated Universal Time (UTC), use the

Syntax

clock timezone hours-offset [minutes minutes-offset

no clock timezone

•

hours-offset—

•

minutes

zone acronym—

•

Global Configuration mode command sets the time zone for display purposes.

form of this command.

] [

Hours difference from UTC. (Range: -12

minutes-offset—

Minutes difference from UTC. (Range: 0 – 59)

zone acronym

– +

]

13)

The acronym of the time zone. (Range: Up to 4 characters)

Default Configuration

Command Mode

User Guidelines

Examples

The following example sets the timezone to 6 hours difference from UTC.

94 Clock

UTC

Global Configuration mode

• The system internally keeps time in UTC, so this command is used only for display purposes and when the time is manually set.

Console# (config)

# clock timezone -6 zone CST

Page 95

clock summer-time

The

clock summer-time

automatically switch to summer time (daylight saving time). To configure the software to not automatically switch to summer time, use the

Syntax

clock summer-time recurring {usa

[

offset

Global Configuration mode command configures the system to

form of this command.

] [

zone acronym

| eu | {

]

week day month hh:mm week day month hh:mm

}}

clock summer-time date date month year hh:mm date month year hh:mm [offset offset

acronym

clock summer-time date month date year hh:mm month date year hh:mm [offset

acronym

]

offset

]

no clock summer-time

•

recurring

—Indicates that summer time should start and end on the corresponding

specified days every year.

•

date

—Indicates that summer time should start on the first specific date listed in the

command and end on the second specific date in the command.

usa

•

—The summer time rules are the United States rules.

—The summer time rules are the European Union rules.

week—

day—

date—

month—

year—

hh:mm—

offset

zone acronym

Week of the month. (Range: 1 - 4,

first, last

)

Day of the week (Range: first three letters by name, like

Date of the month (Range:1 - 31)

Month (Range: first three letters by name)

year - no abbreviation (Range: 2000 - 2097)

Time in military format, in hours and minutes (Range: hh: 0 - 23, mm:0 - 59)

offset—

Number of minutes to add during summer time (Range: 1 - 1440).

—The acronym of the time zone to be displayed when summer time is in

sun

)

effect. If unspecified default to the timezone acronym. (Range: Up to 4 characters)

] [

zone

Default Configuration

Summer time is disabled.

offset

offset—

zone acronym

default is 60

— If unspecified default to the timezone acronym.

If the timezone has not been defined, the default will be UTC.

Clock 95

Page 96

Command Mode

Global Configuration mode

User Guidelines

• In both the when summer time begins, and the second part specifies when it ends. All times are relative to the local time zone. The start time is relative to standard time. The end time is relative to summer time. If the starting month is chronologically after the ending month, the system assumes that you are in the southern hemisphere.

• USA rule for daylight saving time:

• Start: First Sunday in April

www.dell.com | support.dell.com

• End: Last Sunday in October

• Time: 2 am local time

• EU rule for daylight saving time:

• Start: Last Sunday in March

• End: Last Sunday in October

• Time: 1.00 am (01:00) Greenwich Mean Time (GMT)

Examples

The following example sets summer time starting on the first Sunday in April at 2am and finishing on the last Sunday in October at 2 am.

date

and

recurring

forms of the command, the first part of the command specifies

sntp authentication-key

The for Simple Network Time Protocol (SNTP). To remove the authentication key for SNTP, use the form of this command.

Syntax

sntp authentication-key

no sntp authentication-key

Default Configuration

96 Clock

Console (config)# clock summer-time recurring first sun apr 2:00 last sun oct 2:00

sntp authentication-key

Global Configuration mode command defines an authentication key

number

md5 value

number

•

number—

value—

Key number (Range: 1 - 4294967295)

Key value (Range: Up to 8 characters)

No authentication key is defined.

Page 97

Command Mode

Global Configuration mode

User Guidelines

• Multiple keys can be generated.

Examples

The following example defines the authentication key for SNTP.

Console(config)# sntp authentication-key 8 md5 ClkKey

Console(config)# sntp trusted-key 8

Console(config)# sntp authenticate

sntp authenticate

The

sntp authenticate

Network Time Protocol (NTP) traffic from servers. To disable the feature, use the command.

Syntax

sntp authenticate

no sntp authenticate

Global Configuration mode command grants authentication for received

form of this

This command has no arguments or keywords.

Default Configuration

No authentication

Command Mode

Global Configuration mode

User Guidelines

• The command is relevant for both unicast and broadcast.

Examples

The following example defines the authentication key for SNTP and grants authentication.

Console(config)# sntp authentication-key 8 md5 ClkKey

Console(config)# sntp trusted-key 8

Console(config)# sntp authenticate

Clock 97

Page 98

sntp trusted-key

The

sntp trusted-key

to which Simple Network Time Protocol (SNTP) will synchronize. To disable authentication of the identity of the system, use the

Syntax

sntp trusted-key

Global Configuration mode command authenticates the identity of a system

form of this command.

key-number

no sntp trusted-key

•

key-number—

www.dell.com | support.dell.com

Default Configuration

Not trusted.

Command Mode

Global configuration mode

User Guidelines

• The command is relevant for both received unicast and broadcast.

• If there is at least 1 trusted key, then unauthenticated messages will be ignored.

Examples

The following example authenticates key 8.

Console(config)# sntp authentication-key 8 md5 ClkKey

Console(config)# sntp trusted-key 8

Console(config)# sntp authenticate

sntp client poll timer

The

sntp client poll timer

Simple Network Time Protocol (SNTP) client. To return to default, use the command.

key-number

Key number of authentication key to be trusted. (Range: 1 - 4294967295)

Global Configuration mode command sets the polling time for the

form of this

Syntax

98 Clock

sntp client poll timer

seconds

no sntp client poll timer

•

seconds—

Polling interval in seconds (Range: 60-86400)

Page 99

Default Configuration

1024

Command Mode

Global configuration mode

User Guidelines

• There are no user guidelines for this command.

Examples

The following example sets the polling time for the Simple Network Time Protocol (SNTP) client to 120 seconds.

Console (config)# sntp client poll timer 120

sntp broadcast client enable

The

sntp broadcast client enable

Network Time Protocol (SNTP) broadcast clients. To disable the SNTP broadcast clients, use the

form of this command.

Syntax

sntp broadcast client enable

no sntp broadcast client enable

Global Configuration mode command enables the Simple

This command has no arguments or keywords.

Default Configuration

Disabled

Command Mode

Global configuration mode

User Guidelines

• The

sntp broadcast client enable

Interface Configuration mode command enables the device

to receive broadcast transmissions globally and on ALL interfaces.

• Use the

sntp client enable

Interface Configuration mode command to enable the SNTP

client on a specific interface.

Examples

The following example enables the SNTP broadcast clients.

Console (config)# sntp broadcast client enable

Clock 99

Page 100

sntp anycast client enable

The

sntp anycast client enable

disable the polling for SNTP broadcast client, use the

Syntax

sntp anycast client enable

no sntp anycast client enable

This command has no arguments or keywords.

Default Configuration

www.dell.com | support.dell.com

Disabled

Command Mode

Global configuration

User Guidelines

Global Configuration mode command enables anycast client. To

form of this command.

• Polling time is determined by the

sntp client poll timer

Global Configuration mode

command.

• Use the

sntp client enable

Interface Configuration mode command to enable the SNTP

client on a specific interface.

Examples

The following example enables anycast clients.t

Console (config-if)# sntp anycast client enable

sntp client enable (interface)

The

sntp client enable

Protocol (SNTP) client on an interface. This applies to both receive broadcast and unicast updates. To disable the SNTP client, use the

Syntax

sntp client enable

no sntp client enable

This command has no arguments or keywords.

Default Configuration

Disabled

Interface Configuration mode command enables the Simple Network Time

form of this command.

100 Clock

Dell 5324 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Command Groups

Introduction

Command Groups

AAA Commands

Address Table Commands

Clock Commands

Configuration and Image Files Commands

Ethernet Configuration Commands

GVRP Commands

IGMP Snooping Commands

IP Addressing

LACP Commands

Line Commands

LLDP Commands

Management ACL Commands

PHY Diagnostics Commands

Port Channel Commands

Port Monitor Commands

QoS Commands

Radius Commands

RMON Commands

SNMP Commands

Spanning Tree Commands

SSH Commands

Syslog Commands

System Management Commands

TACACS Commands

User Interface Commands

VLAN Commands

Web Server Commands

802.1x Commands

Command Modes

GC (Global Configuration) Mode

IC (Interface Configuration) Mode

LC (Line Configuration) Mode

MA (Management Access-level) Mode

PE (Privileged User EXEC) Mode

SP (SSH Public Key) Mode

UE (User EXEC) Mode

VC (VLAN Configuration) Mode

Using the CLI

CLI Command Modes

Starting the CLI

Editing Features

AAA Commands

aaa authentication login

aaa authentication enable

login authentication

enable authentication

ip http authentication

ip https authentication

show authentication methods

password

enable password

username

show users accounts

Address Table Commands

bridge address

bridge multicast filtering

bridge multicast address

bridge multicast forbidden address

bridge multicast forward-all

bridge multicast forbidden forward-all

bridge aging-time

clear bridge

port security

port security routed secure-address

show bridge address-table

show bridge address-table static

show bridge address-table count

show bridge multicast address-table

show bridge multicast filtering

show ports security

Clock

clock set

clock source