Dell PowerConnect 3548 Quick Reference Guide

Download

Page 1

Dell PowerConnect 3500 Series

CLI Reference Guide

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\CLItp.fm

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Template Last Updated -03/06/2010

Regulatory Model: 3524, 3524P, 3548, 3548P

Page 2

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\CLItp.fm

Notes, Cautions, and Warnings

NOTE: A NOTE indicates important information that helps you make better use of your computer .

CAUTION: A CAUTION indicates potential damage to hardware or loss of data if instructions are not followed.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

____________________

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL logo, Dell Precision™, OptiPlex™, Latitude™, PowerEdge™, PowerVault™,

PowerConnect™, OpenManage™, EqualLogic™, KACE™, FlexAddress™ and Vostro™ are trademarks of Dell Inc. Intel, Pentium, Xeon, Core™ and Celeron are registered trademarks of Intel Corporation in the U.S. and other countries. AMD is a registered trademark and AMD Opteron™, AMD Phenom™, and AMD Sempron™ are trademarks of Advanced Micro Devices, Inc. Microsoft

, MS-DOS® and Windows V i sta® are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or

Server other countries. Red Hat Enterprise Linux countries. Novell registered trademark of Oracle Corporation and/or its affiliates. Citrix or trademarks of Citrix Systems, Inc. in the United States and/or other countries. VMware are registered trademarks or trademarks of VMWare, Inc. in the United States or other countries.

Other trademarks and trade names may be used in this publication to refer to either the entities claiming the marks and names or their products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

Regulatory Models: 3524, 3524P, 3548, 3548P

May 2012 Rev. A06

is a registered trademark and SUSE ™ is a trademark of Novell Inc. in the United States and other countries. Oracle® is a

and Enterprise Linux® are registered trademarks of Red Hat, Inc. in the United States and/or other

, Xen®, XenServer® and XenMotion® are either registered trademarks

, Virtual SM P®, vMotion®, vCenter®, and vSphere®

, Windows®, Windows

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Page 3

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

1 Using the CLI

CLI Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Starting the CLI Editing Features Setup Wizard

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

2 Command Groups

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Command Groups AAA Commands ACL Commands Address Table Command s Clock Commands Configuration and Image Files Commands DHCP Snooping Commands Ethernet Configuration Commands GVRP Commands IGMP Snooping Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

. . . . . . . . . . . . . . . . . . . . . . . . . . . 38

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

. . . . . . . . . . . . . . . . . . 42

. . . . . . . . . . . . . . . . . . . . . . . . . 42

. . . . . . . . . . . . . . . . . . . . . . 43

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

. . . . . . . . . . . . . . . . . . . . . . . . . 46

IP Addressing Commands IPv6 Addressing Commands LACP Commands Line Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

LLDP Commands Login Banner Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . 46

. . . . . . . . . . . . . . . . . . . . . . . . . 48

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

. . . . . . . . . . . . . . . . . . . . . . . . . . . 52

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Contents 3

Page 4

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

Management ACL Commands . . . . . . . . . . . . . . . . . . . . . . . . 53

PHY Diagnostics Commands

. . . . . . . . . . . . . . . . . . . . . . . . . 53

Power-over-Ethernet Commands Port Channel Commands Port Monitor Commands QoS Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

RADIUS Commands RMON Commands SNMP Commands Spanning Tree Commands SSH Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Syslog Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . 54

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

. . . . . . . . . . . . . . . . . . . . . . . . . . 58

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

System Management Commands TACACS Commands TIC Commands Tunnel Commands User Interface Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

. . . . . . . . . . . . . . . . . . . . . . . . . . . 64

. . . . . . . . . . . . . . . . . . . . . . . 53

. . . . . . . . . . . . . . . . . . . . . . . 61

VLAN Commands Voice VLAN Commands Web Server Commands

802.1x Commands

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

. . . . . . . . . . . . . . . . . . . . . . . . . . . 66

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

3 Command Modes

GC (Global Configuration) Mode . . . . . . . . . . . . . . . . . . . . . . . 71

IC (Interface Configuration) Mode LC (Line Configuration) Mode MA (Management Access-level) Mode

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

4 Contents

. . . . . . . . . . . . . . . . . . . . . . 77

. . . . . . . . . . . . . . . . . . . . . . . . 80

. . . . . . . . . . . . . . . . . . . . 80

Page 5

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

MC (MST Configuration) Mode . . . . . . . . . . . . . . . . . . . . . . . 81

ML (MAC Access-List) Mode PE (Privileged EXEC) Mode SP (SSH Public Key) Mode UE (User EXEC) Mode VC (VLAN Configuration) Mode IPAL (IP-Access List Configuration) Mode MAL (MAC-Access List Configuration) Mode

. . . . . . . . . . . . . . . . . . . . . . . . 81

. . . . . . . . . . . . . . . . . . . . . . . . . 81

. . . . . . . . . . . . . . . . . . . . . . . . . . 84

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

. . . . . . . . . . . . . . . . . . . . . . . 87

. . . . . . . . . . . . . . . . . . 88

. . . . . . . . . . . . . . . . 89

4 AAA Commands

aaa authentication login . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

aaa authentication enable login authentication enable authentication ip http authentication ip https authentication show authentication methods

. . . . . . . . . . . . . . . . . . . . . . . . . . . 92

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

. . . . . . . . . . . . . . . . . . . . . . . . . 97

password enable password username service password-recovery

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

. . . . . . . . . . . . . . . . . . . . . . . . . 100

5 ACL Commands

ip access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

permit (IP) deny (IP) mac access-list

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Contents 5

Page 6

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

permit (MAC). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

deny (MAC) service-acl show access-lists show interfaces access-lists

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111

. . . . . . . . . . . . . . . . . . . . . . . . . 112

6 Address Table Commands

bridge address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

bridge multicast filtering bridge multicast address bridge multicast forbidden address bridge multicast unregistered bridge multicast forward-all bridge multicast forbidden forward-all bridge aging-time clear bridge port security

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

. . . . . . . . . . . . . . . . . . . . . . . . . . 114

. . . . . . . . . . . . . . . . . . . . . . . . . . . 115

. . . . . . . . . . . . . . . . . . . . . 116

. . . . . . . . . . . . . . . . . . . . . . . . 117

. . . . . . . . . . . . . . . . . . . . . . . . . 118

. . . . . . . . . . . . . . . . . . . 119

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

port security mode port security max port security routed secure-address show bridge address-table show bridge address-table static show bridge address-table count show bridge multicast address-table show bridge multicast filtering show bridge multicast address-table static show bridge multicast filtering

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

. . . . . . . . . . . . . . . . . . . . . 123

. . . . . . . . . . . . . . . . . . . . . . . . . . 124

. . . . . . . . . . . . . . . . . . . . . . . 125

. . . . . . . . . . . . . . . . . . . . . . 126

. . . . . . . . . . . . . . . . . . . . . 127

. . . . . . . . . . . . . . . . . . . . . . . 129

. . . . . . . . . . . . . . . . . . 129

. . . . . . . . . . . . . . . . . . . . . . . 132

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

6 Contents

Page 7

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

show ports security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

show ports security addresses

. . . . . . . . . . . . . . . . . . . . . . . . 134

7Clock

clock set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

clock source clock timezone clock summer-time sntp authentication-key sntp authenticate sntp trusted-key sntp client poll timer sntp broadcast client enable sntp anycast client enable sntp client enable sntp client enable (Interface) sntp unicast client enable

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139

. . . . . . . . . . . . . . . . . . . . . . . . . . . 141

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

. . . . . . . . . . . . . . . . . . . . . . . . . 143

. . . . . . . . . . . . . . . . . . . . . . . . . . 144

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

. . . . . . . . . . . . . . . . . . . . . . . . 145

. . . . . . . . . . . . . . . . . . . . . . . . . . 146

sntp unicast client poll sntp server show clock

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

show sntp configuration show sntp status

. . . . . . . . . . . . . . . . . . . . . . . . . . . 147

. . . . . . . . . . . . . . . . . . . . . . . . . . . 151

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

8 Configuration and Image Files

copy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

delete

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

delete startup-config

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Contents 7

Page 8

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

dir. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

rename boot system show running-config show startup-config show bootvar

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

9 DHCP Snooping

ip dhcp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

ip dhcp snooping vlan ip dhcp snooping trust ip dhcp snooping information option allowed-untrusted ip dhcp snooping verify ip dhcp snooping database ip dhcp snooping database update-freq ip dhcp snooping binding clear ip dhcp snooping database show ip dhcp snooping

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

. . . . . . . . . . . 171

. . . . . . . . . . . . . . . . . . . . . . . . . . . 171

. . . . . . . . . . . . . . . . . . . . . . . . . 172

. . . . . . . . . . . . . . . . . . . 173

. . . . . . . . . . . . . . . . . . . . . . . . . . 173

. . . . . . . . . . . . . . . . . . . . . . . 174

. . . . . . . . . . . . . . . . . . . . . . . . . . . 175

show ip dhcp snooping binding

. . . . . . . . . . . . . . . . . . . . . . . 176

10 Ethernet Configuration Commands

interface ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

interface range ethernet shutdown description speed

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

8 Contents

. . . . . . . . . . . . . . . . . . . . . . . . . . . 179

Page 9

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

duplex. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

negotiation flowcontrol mdix back-pressure clear counters set interface active show interfaces advertise show interfaces configuration show interfaces status show interfaces description show interfaces counters port storm-control include-multicast port storm-control broadcast enable port storm-control broadcast rate show ports storm-control

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

. . . . . . . . . . . . . . . . . . . . . . . . . . 187

. . . . . . . . . . . . . . . . . . . . . . . . 188

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

. . . . . . . . . . . . . . . . . . . . . . . . . 192

. . . . . . . . . . . . . . . . . . . . . . . . . . 193

. . . . . . . . . . . . . . . . . . . . 195

. . . . . . . . . . . . . . . . . . . . . 196

. . . . . . . . . . . . . . . . . . . . . . 197

. . . . . . . . . . . . . . . . . . . . . . . . . . 197

11 GVRP Commands

gvrp enable (Global) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

gvrp enable (Interface) garp timer

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

gvrp vlan-creation-forbid gvrp registration-forbid clear gvrp statistics show gvrp configuration show gvrp statistics show gvrp error-statistics

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . 199

. . . . . . . . . . . . . . . . . . . . . . . . . . 201

. . . . . . . . . . . . . . . . . . . . . . . . . . . 202

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202

. . . . . . . . . . . . . . . . . . . . . . . . . . 203

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

. . . . . . . . . . . . . . . . . . . . . . . . . . 205

Contents 9

Page 10

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

12 IGMP Snooping Commands

ip igmp snooping (Global) . . . . . . . . . . . . . . . . . . . . . . . . . 207

ip igmp snooping (Interface) ip igmp snooping mrouter ip igmp snooping host-time-out ip igmp snooping mrouter-time-out ip igmp snooping leave-time-out ip igmp snooping querier enable ip igmp snooping querier address show ip igmp snooping mrouter show ip igmp snooping interface show ip igmp snooping groups

. . . . . . . . . . . . . . . . . . . . . . . . 207

. . . . . . . . . . . . . . . . . . . . . . . . . . 208

. . . . . . . . . . . . . . . . . . . . . . . 209

. . . . . . . . . . . . . . . . . . . . . 209

. . . . . . . . . . . . . . . . . . . . . . 210

. . . . . . . . . . . . . . . . . . . . . . 211

. . . . . . . . . . . . . . . . . . . . . . 212

. . . . . . . . . . . . . . . . . . . . . . . 213

. . . . . . . . . . . . . . . . . . . . . . 214

. . . . . . . . . . . . . . . . . . . . . . . 215

13 IP Addressing Commands

ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217

ip address dhcp ip default-gateway show ip interface

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

arp

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

arp timeout clear arp-cache show arp ip domain-lookup ip domain-name ip name-server ip host clear host

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

10 Contents

Page 11

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

clear host dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

show hosts

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

14 IPv6 Addressing

ipv6 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

ipv6 address autoconfig ipv6 icmp error-interval show ipv6 icmp error-interval ipv6 address

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231

ipv6 address link-local ipv6 unreachables ipv6 default-gateway ipv6 mld join-group ipv6 mld version show ipv6 interface show IPv6 route ipv6 nd dad attempts

. . . . . . . . . . . . . . . . . . . . . . . . . . . 229

. . . . . . . . . . . . . . . . . . . . . . . . . . . 230

. . . . . . . . . . . . . . . . . . . . . . . . 231

. . . . . . . . . . . . . . . . . . . . . . . . . . . 232

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 234

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 239

ipv6 host ipv6 neighbor ipv6 set mtu show ipv6 neighbors clear ipv6 neighbors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244

15 LACP Commands

lacp system-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

lacp port-priority lacp timeout

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248

Contents 11

Page 12

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

show lacp ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249

show lacp port-channel

. . . . . . . . . . . . . . . . . . . . . . . . . . . 251

16 Line Commands

line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

speed

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

autobaud exec-timeout history history size terminal history terminal history size show line

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258

17 Management ACL

management access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

permit (Management)

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

deny (Management) management access-class show management access-list show management access-class

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263

. . . . . . . . . . . . . . . . . . . . . . . . . . 264

. . . . . . . . . . . . . . . . . . . . . . . . 265

. . . . . . . . . . . . . . . . . . . . . . . 266

18 LLDP Commands

lldp enable (global) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267

lldp enable (interface) lldp timer

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268

lldp hold-multiplier

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

12 Contents

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 267

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

Page 13

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

lldp reinit-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

lldp tx-delay lldp optional-tlv lldp management-address lldp med enable lldp med network-policy (global) lldp med network-policy (interface) lldp med location clear lldp rx show lldp configuration show lldp med configuration show lldp local show lldp neighbors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271

. . . . . . . . . . . . . . . . . . . . . . . . . . 271

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272

. . . . . . . . . . . . . . . . . . . . . . 273

. . . . . . . . . . . . . . . . . . . . . 274

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275

. . . . . . . . . . . . . . . . . . . . . . . . . . . 276

. . . . . . . . . . . . . . . . . . . . . . . . 277

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280

19 Login Banner

banner exec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283

banner login

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284

banner motd exec-banner login-banner motd-banner show banner

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289

20 PHY Diagnostics Commands

test copper-port tdr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291

show copper-ports tdr show copper-ports cable-length

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 292

. . . . . . . . . . . . . . . . . . . . . . . 292

Contents 13

Page 14

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

21 Power over Ethernet Commands

power inline. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295

power inline powered-device power inline priority power inline usage-threshold power inline traps enable show power inline

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298

. . . . . . . . . . . . . . . . . . . . . . . . 295

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 296

. . . . . . . . . . . . . . . . . . . . . . . . 297

. . . . . . . . . . . . . . . . . . . . . . . . . . 298

22 Port Channel Commands

interface port-channel. . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

interface range port-channel channel-group

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307

show interfaces port-channel

. . . . . . . . . . . . . . . . . . . . . . . . . 306

. . . . . . . . . . . . . . . . . . . . . . . . 308

23 Port Monitor Commands

port monitor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309

show ports monitor

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310

24 QoS Commands

qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

show qos priority-queue out num-of-queues traffic-shape rate-limit (Ethernet) wrr-queue cos-map show qos interface qos map dscp-queue

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

14 Contents

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

. . . . . . . . . . . . . . . . . . . . . . 314

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319

Page 15

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

qos trust (Global) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320

qos cos

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

show qos map

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

25 RADIUS Commands

radius-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325

radius-server key radius-server retransmit radius-server source-ip radius-server source-ipv6 radius-server timeout radius-server deadtime show radius-servers

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326

. . . . . . . . . . . . . . . . . . . . . . . . . . . 327

. . . . . . . . . . . . . . . . . . . . . . . . . . 328

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 329

. . . . . . . . . . . . . . . . . . . . . . . . . . . 329

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330

26 RMON Commands

show rmon statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333

rmon collection history show rmon collection history

. . . . . . . . . . . . . . . . . . . . . . . . . . . 335

. . . . . . . . . . . . . . . . . . . . . . . . 336

show rmon history rmon alarm show rmon alarm-table show rmon alarm rmon event show rmon events show rmon log rmon table-size

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340

. . . . . . . . . . . . . . . . . . . . . . . . . . . 342

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Contents 15

Page 16

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

27 SNMP Commands

snmp-server community. . . . . . . . . . . . . . . . . . . . . . . . . . . 349

snmp-server view snmp-server group snmp-server user snmp-server engineID local snmp-server enable traps snmp-server filter snmp-server host snmp-server v3-host

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353

. . . . . . . . . . . . . . . . . . . . . . . . . 355

. . . . . . . . . . . . . . . . . . . . . . . . . . 356

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359

snmp-server trap authentication snmp-server contact snmp-server location snmp-server set show snmp

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363

show snmp engineid show snmp views show snmp groups

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 366

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367

. . . . . . . . . . . . . . . . . . . . . . . 361

show snmp filters show snmp users

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369

28 Spanning-Tree Commands

spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371

spanning-tree mode spanning-tree forward-time spanning-tree hello-time spanning-tree max-age

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

16 Contents

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371

. . . . . . . . . . . . . . . . . . . . . . . . . 372

. . . . . . . . . . . . . . . . . . . . . . . . . . 373

. . . . . . . . . . . . . . . . . . . . . . . . . . . 373

Page 17

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

spanning-tree priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374

spanning-tree disable spanning-tree cost spanning-tree port-priority spanning-tree portfast spanning-tree link-type spanning-tree pathcost method spanning-tree bpdu

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 375

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375

. . . . . . . . . . . . . . . . . . . . . . . . . 376

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 377

. . . . . . . . . . . . . . . . . . . . . . . . . . . 378

. . . . . . . . . . . . . . . . . . . . . . . 378

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379

clear spanning-tree detected-protocols spanning-tree mst priority spanning-tree mst max-hops spanning-tree mst port-priority spanning-tree mst cost spanning-tree mst configuration instance (mst) name (mst) revision (mst)

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386

. . . . . . . . . . . . . . . . . . . . . . . . . . 380

. . . . . . . . . . . . . . . . . . . . . . . . 381

. . . . . . . . . . . . . . . . . . . . . . . 382

. . . . . . . . . . . . . . . . . . . . . . . . . . . 382

. . . . . . . . . . . . . . . . . . . . . . . 383

. . . . . . . . . . . . . . . . . . . 380

show (mst) exit (mst) abort (mst) show spanning-tree spanning-tree guard root

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389

. . . . . . . . . . . . . . . . . . . . . . . . . . 405

29 SSH Commands

ip ssh port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407

ip ssh server crypto key generate dsa

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407

. . . . . . . . . . . . . . . . . . . . . . . . . . . 408

Contents 17

Page 18

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

crypto key generate rsa . . . . . . . . . . . . . . . . . . . . . . . . . . . 409

ip ssh pubkey-auth crypto key pubkey-chain ssh user-key key-string

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412

show ip ssh show crypto key mypubkey show crypto key pubkey-chain ssh

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409

. . . . . . . . . . . . . . . . . . . . . . . . 410

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414

. . . . . . . . . . . . . . . . . . . . . . . . . 415

. . . . . . . . . . . . . . . . . . . . . 416

30 Syslog Commands

logging on. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

logging

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417

logging console logging buffered logging buffered size clear logging logging file

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 421

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422

clear logging file aaa logging file-system logging management logging show logging show logging file show syslog-servers

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 425

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429

31 System Management

ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

18 Contents

Page 19

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433

telnet

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439

resume reload

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440

hostname service cpu-utilization stack master stack reload show stack show users show sessions show system show version asset-tag show system id show cpu utilization

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 441

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451

32 TACACS+ Commands

tacacs-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453

tacacs-server key

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454

tacacs-server timeout tacacs-server source-ip show tacacs

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 455

. . . . . . . . . . . . . . . . . . . . . . . . . . . 455

33 TIC Commands

passwords min-length. . . . . . . . . . . . . . . . . . . . . . . . . . . . 459

password-aging

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460

Contents 19

Page 20

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

passwords aging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460

passwords history passwords history hold-time passwords lockout aaa login-history file set username active set line active set enable-password active show passwords configuration show users login-history show users accounts

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461

. . . . . . . . . . . . . . . . . . . . . . . . 462

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 464

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465

. . . . . . . . . . . . . . . . . . . . . . . . . 465

. . . . . . . . . . . . . . . . . . . . . . . 466

. . . . . . . . . . . . . . . . . . . . . . . . . . 468

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469

34 Tunnel

interface tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471

tunnel mode ipv6ip tunnel isatap router tunnel source

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473

tunnel isatap query-interval tunnel isatap solicitation-interval tunnel isatap robustness show ipv6 tunnel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476

. . . . . . . . . . . . . . . . . . . . . . . . . 474

. . . . . . . . . . . . . . . . . . . . . . 474

. . . . . . . . . . . . . . . . . . . . . . . . . . . 475

35 User Interface

enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477

disable login

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478

configure

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

20 Contents

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

Page 21

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

exit (Configuration). . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479

exit

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480

end help

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481

terminal datadump show history show privilege

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484

36 VLAN Commands

vlan database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485

vlan interface vlan interface range vlan name switchport access vlan switchport trunk allowed vlan switchport trunk native vlan switchport general allowed vlan switchport general pvid switchport general ingress-filtering disable

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487

. . . . . . . . . . . . . . . . . . . . . . . . . . . 488

. . . . . . . . . . . . . . . . . . . . . . . . 489

. . . . . . . . . . . . . . . . . . . . . . . . . 490

. . . . . . . . . . . . . . . . . . . . . . . 490

. . . . . . . . . . . . . . . . . . . . . . . . . . . 491

. . . . . . . . . . . . . . . . . 492

switchport general acceptable-frame-type tagged-only switchport forbidden vlan switchport mode

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494

switchport customer vlan switchport protected map protocol protocols-group switchport general map protocols-group vlan

. . . . . . . . . . . . . . . . . . . . . . . . . . 493

. . . . . . . . . . . . . . . . . . . . . . . . . . 495

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495

. . . . . . . . . . . . . . . . . . . . . . . . 496

. . . . . . . . . . . . . . . . 497

. . . . . . . . . . . 492

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Contents 21

Page 22

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

ip internal-usage-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498

show vlan show vlan protocols-groups show vlan internal usage show interfaces switchport

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499

. . . . . . . . . . . . . . . . . . . . . . . . . 499

. . . . . . . . . . . . . . . . . . . . . . . . . . 500

. . . . . . . . . . . . . . . . . . . . . . . . . 501

37 Voice VLAN

voice vlan id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507

voice vlan oui-table voice vlan cos voice vlan aging-timeout voice vlan enable voice vlan secure show voice vlan

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 508

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510

. . . . . . . . . . . . . . . . . . . . . . . . . . 510

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512

38 Web Server

ip http server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515

ip http port ip http exec-timeout ip https server ip https port ip https exec-timeout crypto certificate generate crypto certificate request crypto certificate import ip https certificate show crypto certificate mycertificate

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 516

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 518

. . . . . . . . . . . . . . . . . . . . . . . . . . 519

. . . . . . . . . . . . . . . . . . . . . . . . . . 520

. . . . . . . . . . . . . . . . . . . . . . . . . . . 521

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524

. . . . . . . . . . . . . . . . . . . . 524

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

22 Contents

Page 23

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

show ip http. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525

show ip https

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526

39 802.1x Commands

aaa authentication dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . 529

dot1x system-auth-control dot1x port-control dot1x re-authentication dot1x timeout re-authperiod dot1x re-authenticate dot1x timeout quiet-period dot1x timeout tx-period dot1x max-req

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535

dot1x timeout supp-timeout dot1x timeout server-timeout dot1x send-async-request-id show dot1x

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538

. . . . . . . . . . . . . . . . . . . . . . . . . . 530

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530

. . . . . . . . . . . . . . . . . . . . . . . . . . . 531

. . . . . . . . . . . . . . . . . . . . . . . . . 532

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 533

. . . . . . . . . . . . . . . . . . . . . . . . . 533

. . . . . . . . . . . . . . . . . . . . . . . . . . . 534

. . . . . . . . . . . . . . . . . . . . . . . . . 536

. . . . . . . . . . . . . . . . . . . . . . . . 536

. . . . . . . . . . . . . . . . . . . . . . . . . 537

show dot1x users show dot1x statistics ADVANCED FEATURES dot1x auth-not-req dot1x multiple-hosts dot1x single-host-violation dot1x guest-vlan dot1x guest-vlan enable dot1x mac-authentication dot1x traps mac-authentication failure

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 542

. . . . . . . . . . . . . . . . . . . . . . . . . 544

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 544

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 545

. . . . . . . . . . . . . . . . . . . . . . . . . 545

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546

. . . . . . . . . . . . . . . . . . . . . . . . . . . 547

. . . . . . . . . . . . . . . . . . . . . . . . . . 548

. . . . . . . . . . . . . . . . . . . 549

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Contents 23

Page 24

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Ryan - old template\RyanCLITOC.fm

dot1x radius-attributes vlan . . . . . . . . . . . . . . . . . . . . . . . . . 549

show dot1x advanced

. . . . . . . . . . . . . . . . . . . . . . . . . . . . 550

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

24 Contents

Page 25

Using the CLI

This chapter describes how to start using the CLI and describes the command editing features to assist in using the CLI.

CLI Command Modes

Introduction

To assist in configuring the device, the Command Line Interface (CLI) is divided into different command modes. Each command mode has its own set of specific commands. Entering a question mark "?" at the system prompt (console prompt) displays a list of commands available for that particular command mode.

From each mode a specific command is used to navigate from one command mode to anot her. The standard order to access the modes is as follows: User EXEC mode, Privileged EXEC mode, Global Configuration mode, and Interface Configuration mode. The following figure illustrates the command mode access path.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Using the CLI 25

Page 26

www.dell.com | support.dell.com

When starting a session, the initial mode is the User EXEC mode. Only a limited subset of commands are available in the User EXEC mode. This level is reserved for tasks that do not change the configuration. To enter the next level, the Privileged EXEC mode, a password is required.

The Privileged EXEC mode gives access to commands that are restricted on User EXEC mode and provides access to the device Configuration mode.

The Global Configuration mode manages the device configuration on a global level. The Interface Configuration mode configures specific interfaces in the device.

User EXEC Mode

After logging into the device, the user is automatically in the User EXEC command mode unless the user is defined as a privileged user. In general, the User EXEC commands allow the user to perform basic tests, and list system information.

The user-level prompt consists of the device host name followed by the angle bracket (>).

Console>

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

26 Using the CLI

Page 27

The default host name is Console unless it was changed using the hostname command in the Global Configuration mode.

Privileged EXEC Mode

Privileged access is password protected to prevent unauthorized use because, many of the privileged commands set operating system parameters. The password is not displayed on the screen and is case sensitive.

Privileged users enter directly into the Privileged EXEC mode. To enter the Privileged EXEC mode from the User EXEC mode, perform the following steps:

At the prompt enter the

Enter the password and press <Enter>. The password is displayed as *. The Privileged EXEC mode prompt is displayed. The Privileged EXEC mode prompt consists of the device host name

followed by

Console#

T o return from the Privileged EXEC mode to the User EXEC mode, use the disable command. The following example illustrates how to access the Privileged EXEC mode and return to the User EXEC mode:

Console> enable Enter Password: ******

enable

command and press <Enter>. A password prompt appears.

Console# Console# disable Console>

The exit command is used to return from any mode to the previous mode except when returning to the User EXEC mode from the Privileged EXEC mode. For example, the exit command is used to return from the Interface Configuration mode to the Global Configuration mode.

Global Configuration Mode

Global Configuration mode commands apply to features that affect the system as a whole, rather than just a specific interface. The configure Privileged EXEC mode command is used to enter the Global Configuration mode.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Using the CLI 27

Page 28

T o enter the Global Configuration mode, at the Privileged EXEC mode prompt enter the command configure and press <Enter>. The Global Configuration mode prompt is displayed. The Global Configuration mode prompt consists of the device host name followed by (config) and #.

Console(config)#

T o return from the Global Configuration mode to the Privileged EXEC mode, the user can use one of the following commands:

•exit

•end

•Ctrl+Z

www.dell.com | support.dell.com

The following example illustrates how to access the Global Configuration mode and return to the Privileged EXEC mode:

Console# Console# configure Console(config)# exit Console#

Interface Configuration Mode and Specific Configuration Modes

Interface Configuration mode commands modify specific interface operations. The following are the Interface Configuration modes:

•

Line Interface

commands such as line timeout settings, etc. The used to enter the Line Configuration command mode.

•

VLAN Database

Global Configuration mode command is used to enter the VLAN Database Interface Configuration mode.

•

Management Access List management access-list

Access List Configuration mode.

•

Ethernet

Configuration mode command is used to enter Ethernet type interface.

— Contains commands to configure the management connectio ns. These include

line

Global Configuration mode command is

— Contains commands to create a VLAN as a whole. The

vlan database

— Contains commands to define management access-lists. The

Global Configuration mode command is used to enter the Managem ent

— Contains commands to manage port configuration. The

the Interface Configuration mode to configure an

interface ethernet

Global

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

28 Using the CLI

Page 29

•

Port Channel

— Contains commands to configure port-channels, for example, assigning ports to a port-channel. Most of these commands are the same as the commands in the Ethernet interface mode, and are used to manage the member ports as a single entity. The

channel

Global Configuration mode command is used to enter the Port Channel Inte rface

interface port-

Configuration mode.

•

SSH Public Key-chain

keys. The

crypto key pubkey-chain ssh

— Contains commands to manually specify other device SSH public

Global Configuration mode command is used to enter

the SSH Public Key-chain Configuration mode.

• QoS — Contains commands related to service definitions. The qos Global Configuration mode command is used to enter the QoS services configuration mode.

• MAC Access-List— Configures conditions required to allow traffic based on MAC addresses. The ip access-list Global Configuration mode command is used to enter the MAC access-list configuration mode.

Starting the CLI

The device can be managed over a direct connection to the device console port or via a Telnet connection. The device is managed by entering command keywords and parameters at the prompt. Using the device command-line interface (CLI) is very similar to entering commands on a UNIX system.

If access is via a Telnet connection, ensure that the device has a defined IP address, corresponding management access is granted, and the workstation used to access the device is connected to the device prior to using CLI commands.

NOTE: The following steps are for use on the console line only.

To start using the CLI, perform the following steps:

Connect the DB9 null-modem or cross over cable to the RS-232 serial port of the dev ice to the RS-232 serial port of the terminal or computer running the terminal emulatio n application.

NOTE: The default data rate, for Ryan, is 115,200 (Console port on unit shows a default data rate of

9600).

Set the data format to 8 data bits, 1 stop bit, and no parity.

a b

Set Flow Control to

Under

Properties

Select

Terminal keys

NOTICE: When using HyperTerminal with Microsoft® Windows 2000, ensur e that Windows® 2000

Service Pack 2 or later is installed. With Windows 2000 Service Pack 2, the arrow keys function properly in HyperT erminal’s VT100 emulation. Go to www.microsoft.com for information on Windows 2000 service packs.

For more information, see

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

none

, select

(not Windows keys

VT100 for Emulation

for

Function, Arrow, and Ctrl keys

mode.

. Ensure that the setting is for

Dell™ PowerConnect™ 3500 Series User's Guide

Using the CLI 29

Page 30

Enter the following commands to begin the configuration procedure :

Console> enable Console# configure Console(config)#

Configure the device and enter the necessary commands to complete the requi red tasks.

When finished, exit the session with the

When a different user is required to log onto the system, use the login Privileged EXEC mode command. This effectively logs off the current user and logs on the new user.

exit

command.

www.dell.com | support.dell.com

Editing Features

Entering Commands

A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command show interfaces status ethernet 1/e11, show, interfaces and status are keywords, ethernet is an argument that specifies the interface type, and 1/e11 specifies the port.

To enter commands that require parameters, enter the required parameters after the command keyword. For example, to set a password for the administrator, enter:

Console(config)# username admin password alansmith

When working with the CLI, the command options are not displayed. The command is not selected from a menu, but is manually entered. To see what commands are available in each mode or within an interface configuration, the CLI provides a method of displaying the available commands, the command syntax requirements and in some instances, parameters required to complete the command. The standard command to request help is the character ?.

There are two instances where help information can be displayed:

•

Keyword lookup

commands and corresponding help messages are is displayed.

•

Partial keyword lookup

place of a parameter. The matched keyword or parameters for this command are displayed.

— The character ? is entered in place of a command. A list of all valid

— If a command is incomplete and or the character ? is entered in

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

30 Using the CLI

Page 31

To assist in using the CLI, there is an assortment of editing features. The following features are described:

• Terminal Command Buffer

• Command Completion

• Keyboard Shortcuts

Copying and Pasting Text

Up to 100 lines of text (i.e., commands) can be copied and pasted into the device.

NOTE: This editing features are for Tel net only.

NOTE: It is the user’s responsibility to ensure that the text copied into the device consists of legal

commands only.

When copying and pasting commands from a configuration file, make sure that the following conditions exist:

• A device Configuration mode has been accessed.

• The commands contain no encrypted data, like encrypted passwords or keys. Encrypted data cannot be copied and pasted into the device.

Setup Wizard

The CLI supports a Setup Wizard. This is an easy-to-use user interface which quickly guides the user in setting up basic device information, so that the device can be easily managed from a Web Based Interface. Refer to the Getting Started Guide and User Guide for more information on the Setup Wizard.

Terminal Command Buffer

Every time a command is entered in the CLI, it is recorded on an internally managed Command History buffer. Commands stored in the buffer are maintained on a First In First Out (FIFO) basis. These commands can be recalled, reviewed, modified, and reissued. This buffer is not preserved across device resets.

Keyword Description Up-arrow key

Ctrl+P

Down-arrow key Returns to more recent commands in the history buffer after recalling

By default, the history buffer system is enabled, but it can be disabled at any time. For information about the command syntax to enable or disable the history buffer, see history.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Recalls commands in the history buffer, beginning with the most recent command. Repeats the key sequence to recall successively older commands.

commands with the up-arrow key. Repeating the key sequence will recall successively more recent commands.

Using the CLI 31

Page 32

There is a standard default number of commands that are stored in the buffer. The standard number of 10 commands can be increased to 216. By configuring 0, the effect is the same as disabling the history buffer system. For information about the command syntax for configuring the command history buffer, see history size.

To display the history buffer, see show history.

Negating the Effect of Commands

For many configuration commands, the prefix keyword no can be entered to cancel the effect of a command or reset the configuration to the default value. This guide describes the negation effect for all applicable commands.

www.dell.com | support.dell.com

Command Completion

An appropriate error message displays if the entered command is incomplete or invalid; or has missing or invalid parameters. This assists in entering the correct command.

Keyboard Shortcuts

The CLI has a range of keyboard shortcuts to assist in editing the CLI commands. The following table describes the CLI shortcuts.

Keyboard Key Description Up-arrow key Recalls commands from the history buf fer, beginning with the most recent command.

Down-arrow key Returns the most recent commands from the history buffer after recalling commands

Ctrl+A Moves the cursor to the beginning of the command line. Ctrl+E Moves the cursor to the end of the command line. Ctrl+Z / End Returns back to the Privileged EXEC mode from any configuration mode. Backspace key Deletes one character left to the cursor position.

Repeat the key sequence to recall successively older commands.

with the up arrow key. Repeating the key sequence will recall successively more recent commands.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

32 Using the CLI

Page 33

CLI Command Conventions

When entering commands there are certain command entry standards that apply to all commands. The following table describes the command conventions.

Convention Description

[ ] In a command line, square brackets indicate an optional entry. { } In a command line, curly brackets indicate a selection of compulsory

parameters separated by the | character. One option must be selected. For example, flowcontrol {auto|on|off} means that for the flowcontrol command either auto, on or off must be selected.

Italic font Indicates a parameter. <Enter> Indicates an individual key on the keyboard. For example, <Enter>

indicates the Enter key.

Ctrl+F4 Any combination of keys pressed simultaneously on the keyboard.

Screen Display

all

Indicates system messages and prompts appearing on the console.

When a parameter is required to define a range of ports or parameters and

all

is an option, the default for the command is defined. For example, the comma nd

interface range port-channel

option of either entering a range of channels, or selecting command is entered without a parameter, it automatically defaults to

when no parameters are

has the

all

. When the

all

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Using the CLI 33

Page 34

www.dell.com | support.dell.com

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

34 Using the CLI

Page 35

Command Groups

Introduction

The Command Language Interface (CLI) is a network management application operated through an ASCII terminal without the use of a Graphical User Interface (GUI) driven software application. By directly entering commands, you achieve greater configuration flexibility. The CLI is a basic command-line interpreter similar to the UNIX C shell.

You can configure and maintain a device by entering commands from the CLI, which is based solely on textual input and output; you enter commands using a terminal keyboard and the textual output displays via a terminal monitor . You can access the CLI from a VT100 terminal connected to the console port of the device or through a Telnet connection from a remote host.

The first time you use the CLI from the console a Setup Wizard is invoked. The Setup Wizard guides you in setting up a minimum configuration, so that the device can be managed from the Web Based Interface. Refer to the Getting Started Guide and User Guide for more information on the Setup Wizard.

This guide describes how the Command Line Interface (CLI) is structured, describes the command syntax, and describes the command functionality.

This guide also provides information for configuring the PowerConnect device, details the procedures, and provides configuration examples. Basic installation configuration is described in the User’s Guide and must be completed before using this document.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 35

Page 36

Command Groups

The system commands can be broken down into functional groups as shown below.

Command Group Description AAA Commands Configures connection security including authorization and

ACL Commands Configures ACL on the device. Address Table Commands Configures bridging Address Tables. Clock Commands Configures clock commands on the device. Configuration and Image Files

www.dell.com | support.dell.com

Commands DHCP Snooping Commands Configuring DHCP snooping on the device. Ethernet Configuration Configures all port configuration options for, example ports, storm

GVRP Commands Configures and displays GVRP configuration and information. IGMP Snooping Commands Configures IGMP snooping and displays IGMP configuration and

IP Addressing Commands Configures and manages IP addresses on the device. IPv6 Addressing Commands Configures and manages IPv6 addresses on the device. LACP Commands Configures and displays LACP information. Line Commands Configures the console and remote Telnet connection. LLDP Commands Configures and displays LLDP information. Login Banner Commands Configures customizable login banners on the device. Management ACL Commands Configures and displays management access-list information. PHY Diagnostics Commands Diagnoses and displays the interface status. Power-over-Ethernet Commands Configure Power over Ethernet settings on the device. Port Channel Commands Configures and displays Port Channel information. Port Monitor Commands Monitors activity on specific target ports. QoS Commands Configures and displays QoS information. RADIUS Commands Configures and displays RADIUS information. RMON Commands Displays RMON statistics. SNMP Commands Configures SNMP communities, traps and displays SNMP

Spanning Tree Commands Configures and reports on Spanning Tree protocol.

passwords.

Manages the device configuration files.

control, and auto-negotiation.

IGMP information.

information.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

36 Command Groups

Page 37

SSH Commands Configures SSH authentication. Syslog Commands Manages and displays syslog messages. System Management Commands Configures the device clock, name and authorized users. TACACS Commands Configures TACACS+ commands. TIC Commands Configures and displays TIC information. Tunnel Commands User Interface Commands Describes user commands used for entering CLI commands. VLAN Commands Configures VLANs and displays VLAN information. Voice VLAN Commands Configures Voice VLANs and displays VLAN information. W e b Server Commands Configures W eb based access to the device.

802.1x Commands Configures commands related to 802.1x security protocol.

Configures tunnel routing configurations.

AAA Commands

Command Group Description Access Mode aaa authentication login Defines login authentication. Global

Configuration

aaa authentication enable Defines authentication method lists for accessing higher

privilege levels.

telnet or console.

enable authentication Specifies the authentication method list when accessing a

higher privilege level from a remote telnet or console.

ip http authentication Specifies authentication methods for HTTP server users. Global

ip https authentication Specifies authentication methods for HTTPS server users. Global

show authentication methods

password Specifies a password on a line. Line

enable password Sets a local password to control access to normal and

username Establishes a username-based authentication system. Global

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Displays information about the authentication methods. Privileged EXEC

privilege levels.

Global Configuration

Line Configuration

Configuration

Configuration Global

Configuration

Command Groups 37

Page 38

ACL Commands

Command Group Description Access Mode ip access-list Creates Layer 2 ACLs. Global

permit (IP) Permits traffic if the conditions defined in the permit

deny (IP) Denies traffic if the conditions defined in the deny

mac access-list Creates Layer 2 ACLs. Global

www.dell.com | support.dell.com

permit (MAC) Set permit conditions for a MAC access list MAC Access-List

deny (MAC) Denies traffic if the conditions defined in the deny

service-acl Sets the default ace action to permit or deny. Interface

show access-lists Applies an ACL to the input interface. Privileged EXEC show interfaces access-

lists

Configuration IP Access-List

statement match.

statement match

Displays ACLs defined on the device. Privileged EXEC

Configuration IP Access-List

Configuration

Configuration MAC Access-List

Configuration

Address Table Commands

Command Group Description Access Mode bridge address Adds a static MAC-layer station source address to the

bridge multicast filtering Enables filtering of Multicast addresses. Global

bridge multicast address Registers MAC-layer Multicast addresses to the

bridge multicast forbidden address

bridge multicast unregistered

bridge multicast forwardall

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

38 Command Groups

Interface (VLAN)

bridge table.

bridge table, and adds static ports to the group. Forbids adding a specific Multicast address to specific

ports. Configures the forwarding state of unregistered

multicast addresses. Enables forwarding all Multicast frames on a port. Interface (VLAN)

Configuration

Configuration Interface (VLAN)

Configuration Interface

Configuration

Page 39

bridge multicast forbidden forward-all

Forbids a port from becoming a forward-all Multicast port.

Interface (VLAN) Configuration

bridge aging-time Sets the Address Table aging time. Global

Configuration

clear bridge Removes any learned entries from the forwarding

Privileged EXEC

database.

port security Disables new address learning/forwarding on an

interface.

Interface Configuration

port security mode Configures the port security learning mode. Interface

Configuration

port security max Configures the maximum number of addresses that

may be learned on the port while the port is in port

Interface Configuration

security mode.

port security routed secure-address

Adds MAC-layer secure addresses to a routed port. Interface

Configuration show bridge address-table Displays all entries in the bridge-forwarding database. Privileged EXEC show bridge address-table

static show bridge address-table

count show bridge multicast

Displays statically created entries in the bridgeforwarding database

Displays the number of addresses present in the

Privileged EXEC

bridge-forwarding database. Displays all entries in the bridge-forwarding database. Privileged EXEC

address-table show bridge multicast

Displays the statically configured multicast addresses. Privileged EXEC

address-table static show bridge multicast

Displays the Multicast filtering configuration. Privileged EXEC

filtering show ports security Displays the port-lock status. Privileged EXEC show ports security

Displays current dynamic addresses in locked ports. Privileged EXEC

addresses

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 39

Page 40

Clock Commands

Command Group Description Access Mode clock set Manually sets the system clock. Privileged EXEC clock source Configures an external time source for the sys tem

clock timezone Sets the time zone for display purposes. Global Configuration clock summer-time Configures the system to automatically switch to

sntp authentication-key Defines an authentication key for Simple

www.dell.com | support.dell.com

sntp authenticate Grants authentication for received Network T ime

sntp trusted-key Authenticates the identity of a system to which

sntp client poll timer Sets the polling time for the Simple Network

sntp broadcast client enable

sntp anycast client enable Enables Anycast clients. Global Configuration sntp client enable

sntp client enable (Interface)

sntp unicast client enable Enables the device to use the Simple Network

sntp unicast client poll Enables polling for the Simple Network Time

sntp server Configures the device to use the Simple Network

show clock Displays the time and date from the system

clock.

summer time (daylight saving time).

Network Time Protocol (SNTP).

Protocol (NTP) traffic from servers.

Simple Network Time Protocol (SNTP) will synchronize.

Time Protocol (SNTP) client. Enables the Simple Network Time Protocol

(SNTP) Broadcast clients.

Enables the Simple Network Time Protocol (SNTP) Broadcast and Anycast client on an interface.

Enables the Simple Network Time Protocol (SNTP) client on an interface.

Time Protocol (SNTP) to request and accept Simple Network Time Protocol (SNTP) traffic from servers.

Protocol (SNTP) predefined Unicast clients.

Time Protocol (SNTP) to request and accept Simple Network Time Protocol (SNTP) traffic from a server.

clock.

Global Configuration

Interface Configuration

Global Configuration

User EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

40 Command Groups

Page 41

show sntp configuration Shows the configuration of the Simple Network

Time Protocol (SNTP).

show sntp status Shows the status of the Simple Network Time

Protocol (SNTP).

Privileged EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 41

Page 42

Configuration and Image Files Commands

Command Group Description Access Mode copy Copies files from a source to a destination. Privileged EXEC delete Deletes a file from a Flash memory device. Privileged EXEC delete startup-config Deletes the startup-config file. Privileged EXEC dir Displays a list of files on a flash file system. Privileged EXEC more Displays a file. Privileged EXEC rename Renames a file. Privileged EXEC

www.dell.com | support.dell.com

boot system Specifies the system image that the device loads at

show running-config Displays the contents of the currently running

show startup-config Displays the startup configuration file contents. Privileged EXEC show bootvar Displays the active system image file that the device

DHCP Snooping Commands

Command Group Description Access Mode ip dhcp snooping Globally enables DHCP snooping Global

ip dhcp snooping vlan Enables DHCP snooping on a VLAN. Global

ip dhcp snooping trust Configures a port as trusted for DHCP snooping

ip dhcp snooping information option allowed-untrusted

ip dhcp snooping verify Configures a switch to accept DHCP packets with

ip dhcp snooping database Configures the DHCP snooping binding file. Global

ip dhcp snooping database update-freq

startup.

configuration file.

loads at startup.

purposes. Configures a switch to accept DHCP packets with

option-82 information from an untrusted port.

Configures the update frequency of the DHCP snooping binding file.

Privileged EXEC

Configuration

Configuration Interface

Configuration Global

Configuration

Global Configuration

Configuration Global

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

42 Command Groups

Page 43

ip dhcp snooping binding Configures the update frequency of the DHCP

snooping binding file.

clear ip dhcp snooping database

show ip dhcp snooping Displays the DHCP snooping configuration. EXEC show ip dhcp snooping

binding

Clears the DHCP snooping binding database. Privileged EXEC

Displays the DHCP snooping binding database and configuration information for all interfaces on

Privileged EXEC

User EXEC

a switch.

Ethernet Configuration Commands

Command Group Description Access Mode interface ethernet Enters the interface configuration mode to configure

an Ethernet type interface.

interface range ethernet Enters the interface configuration mode to configure

multiple Ethernet type interfaces.

shutdown Disables interfaces. Interface

description Adds a description to an interface. Interface

speed Configures the speed of a given Ethernet interface

when not using auto-negotiation.

duplex Configures the full/half duplex operation of a given

Ethernet interface when not using auto-negotiation.

negotiation Enables auto-negotiation operation for the speed and

duplex parameters of a given interface.

flowcontrol Configures the Flow Control on a given interface. Interface

mdix Enables automatic crossover on a given interface. Interface

back-pressure Enables Back Pressure on a given interface. Interface

clear counters set interface active Reactivates an interface that was suspended by the

show interfaces advertise Displays auto negotiation advertisement data. Privileged EXEC show interfaces

configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Clears statistics on an interface. Privil ege d EXEC

system.

Displays the configuration for all interfaces. Privileged EXEC

Global

Configuration

Global

Configuration

Interface

Configuration

Interface

Configuration

Interface

Configuration

Privileged EXEC

Command Groups 43

Page 44

show interfaces status Displays the status for all interfaces. Privileged EXEC show interfaces

description show interfaces counters D isplays traffic seen by the physical interface. Privileged EXEC port storm-control

include-multicast port storm-control

broadcast enable port storm-control

broadcast rate

www.dell.com | support.dell.com

show ports storm-control Displays the storm control configuration. Privileged User

Displays the description for all interfaces. Privileged EXEC

Enables the device to count Multicast packets with Broadcast packets.

Interface Configuration

Enables Broadcast storm control. Interface

Configuration

Configures the maximum Broadcast rate. Interface

Configuration

EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

44 Command Groups

Page 45

GVRP Commands

Command Group Description Mode gvrp enable (Global) Enables GVRP globally. Global

Configuration gvrp enable (Interface) Enables GVRP on an interface. Interface

Configuration garp timer Adjusts the GARP application join, leave, and leaveall

GARP timer values.

gvrp vlan-creation-forbid Enables or disables dynamic VLAN creation. Interface

gvrp registration-forbid De-registers all VLANs, and prevents dynamic

VLAN registration on the port. clear gvrp statistics Clears all the GVRP statistics information. Privileged EXEC show gvrp configuration Displays GVRP configuration information. User EXEC show gvrp statistics Displays GVRP statistics. User EXEC show gvrp error-statistics Displays GVRP error statistics. User EXEC

Interface Configuration

Configuration Interface

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 45

Page 46

IGMP Snooping Commands

Command Group Description Access Mode ip igmp snooping (Global) Enables Internet Group Management Protocol

ip igmp snooping (Interface)

ip igmp snooping mrouter Enables automatic learning of Multicast router ports. Interface (VLAN) ip igmp snooping host-

time-out

www.dell.com | support.dell.com

ip igmp snooping mroutertime-out

ip igmp snooping leavetime-out

ip igmp snooping querier enable

ip igmp snooping querier address

show ip igmp snooping mrouter

show ip igmp snooping interface

show ip igmp snooping groups

Global

(IGMP) snooping. Enables Internet Group Management Protocol

(IGMP) snooping on a specific VLAN.

Configures the host-time-out. Interface (VLAN)

Configures the mrouter-time-out. Interface (VLAN)

Configures the leave-time-out. Interface (VLAN)

Enables Internet Group Management Protocol (IGMP) querier on a specific VLAN

Defines the source IP address that the IGMP Snooping querier uses.

Displays information on dynamically learned Multicast router interfaces.

Displays IGMP snooping configuration. User EXEC

Displays Multicast groups learned by IGMP snooping.

Configuration Interface (VLAN)

Interface (VLAN)

User EXEC

IP Addressing Commands

Command Group Description Access Mode ip address

ip address dhcp Acquires an IP address on an interface from the

ip default-gateway

show ip interface Displays the usability status of interfaces configured

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

46 Command Groups

Sets an IP address.

DHCP server. Defines a default gateway (router).

for IP.

Interface Configuration

Global Configuration

Privileged EXEC

Page 47

arp Adds a permanent entry in the ARP cache. Global

Configuration

arp timeout Configures how long an entry remains in the ARP

cache.

Global

Configuration clear arp-cache Deletes all dynamic entries from the ARP cache. Privileged EXEC show arp Displays entries in the ARP table. Privileged EXEC ip domain-lookup

ip domain-name

ip name-server

Enables the IP Domain Naming System (DNS)-based host name-to-address translation.

Defines a default domain nam e that the softw are uses to complete unqualified host names.

Sets the available name servers.

Global

Configuration

Global

Configuration

Global

Configuration ip host

clear host clear host dhcp

Defines static host name-to-address mapping in the host cache.

Deletes entries from the host name-to-address cache. Deletes entries from the host name-to-address mapping

Global

Configuration

Privileged EXEC

received from Dynamic Host Configuration Protocol (DHCP).

show hosts

Displays the default domain name, a list of name server

Privileged EXEC

hosts, the static and cached list of host nam es and addresses.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 47

Page 48

IPv6 Addressing Commands

Command Group Description Access Mode ipv6 enable Enables IPv6 processing on an interface. Interface Configu-

ipv6 address autoconfig Enables automatic configuration of IPv6 addresses

ipv6 icmp error-interval Configures the rate limit interval and bucket size

show ipv6 icmp error-

www.dell.com | support.dell.com

interval ipv6 address Configures an IPv6 address for an interface. Interface Configu-

ipv6 address link-local Configures an IPv6 link-local address for an interface. Interface Configu-

ipv6 unreachables Enables the generation of Internet Control Message

ipv6 default-gateway Defines an IPv6 default gateway. Global Configura-

ipv6 mld join-group Configures Multicast Listener Discovery (MLD)

ipv6 mld version Changes the Multicast Listener Discovery Protocol

show ipv6 interface Displays the usability status of interfaces configured

show IPv6 route Displays the current state of the IPv6 routing table. Privileged EXEC ipv6 nd dad attempts Configures the number of consecutive neighbor solici-

ipv6 host Defines a static host name-to-address mapping in the

ipv6 neighbor Configures a static entry in the IPv6 neighbor discov-

ipv6 set mtu Sets the MTU size of IPv6 packets sent on an inter-

show ipv6 neighbors Displays IPv6 neighbor discovery cache information. Privileged EXEC

using stateless autoconfiguration on an interface.

parameters for IPv6 ICMP error messages. Displays

Protocol for IPv6 (ICMPv6) unreachable messages for any packets arriving on a specified interface.

reporting for a specified group.

(MLD) version.

for IPv6.

tation messages that are sent on an interface while duplicate address detection is performed on the unicast IPv6 addresses of the interface.

host name cache.

ery cache.

face.

the IPv6 ICMP error interval setting Privileged EXEC

ration Interface Configu-

ration Global Configura-

tion

ration

ration Interface Configu-

ration

tion Interface Configu-

ration Interface Configu-

ration Privileged EXEC

Interface Configuration

Global Configuration

Privileged EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

48 Command Groups

Page 49

clear ipv6 neighbors Deletes all entries in the IPv6 neighbor discovery

cache, except static entries.

Privileged EXEC

LACP Commands

Command Group Description Access Mode lacp system-priority Configures the system LACP priority. Global

Configuration lacp port-priority Configures the priority value for physical ports. Interface

Configuration lacp timeout Assigns an administrative LACP timeout. Interface

Configuration show lacp ethernet Displays LACP information for Ethernet ports. Privileged EXEC show lacp port-channel

Displays LACP information for a port-channel.

Privileged EXEC

Line Commands

Command Group Description Access Mode line Identifies a specific line for configuration and enters

the line configuration command mode. speed Configures the baud rate of the line. Line Configuration autobaud Configures the line for automatic baud rate detection

(autobaud).

exec-timeout Configures the interval that the system waits until user

input is detected. history Enables the command history function. Line Configuration history size Configures the command history buffer size for a

particular line.

terminal history Enables the command history function for the current

terminal session.

terminal history size Configures the command history buffer size for the

current terminal session.

show line Displays line parameters. User EXEC

Global Configuration

Line Configuration

User EXEC

Line Commands

Command Group Description Access Mode

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 49

Page 50

line Identifies a specific line for configuration and enters

speed Sets the line baud rate. Line Configuration autobaud

exec-timeout Configures the interval that the system waits until user

show line Displays line parameters. User EXEC terminal history Enables the command history function for the current

terminal history size Terminal history buf fer size for the current terminal

www.dell.com | support.dell.com

the Line Configuration command mode.

Sets the line for automatic baud rate detection

input is detected.

terminal session.

session.

Global Configuration

Line Configuration Line Configuration

User EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

50 Command Groups

Page 51

LLDP Commands

Command Group Description Access Mode lldp enable (global) Enables Link Layer Discovery Protocol (LLDP). Global

configuration

lldp enable (interface) Enables LL DP on an interface. Interface

configuration (Ethernet)

lldp timer Specifies how often the software sends LLDP updates. Global

configuration

lldp hold-multiplier Specifies the amount of time the receiving device should

hold a LLDP packet before discarding it.

lldp reinit-delay Specifies the minimum time an LLDP p ort will wait befo re

reinitializing LLDP transmission.

lldp tx-delay Specifies the delay between successive LLDP frame

transmissions initiated by value/status changes in the LLDP local systems MIB.

lldp optional-tlv Specifies which optional TLVs from the basic set should be

transmitted.

lldp managementaddress

lldp med enable Enables LLDP Media Endpoint Discovery (MED) on an

lldp med networkpolicy (global)

lldp med networkpolicy (interface)

lldp med location Interface

clear lldp rx Restarts the LLDP RX state machine and clears the

show lldp configuration Displays the LLDP configuration. Privileged

Specifies the management address that would be advertised from an interface.

interface.

Defines LLDP MED network policy. Global

Attaches a LLDP MED network policy to a port. Interface

neighbors table.

Global configuration

Interface configuration (Ethernet)

configuration

configuration (Ethernet)

Privileged EXEC

EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 51

Page 52

show lldp med configuration

show lldp local Displays the Link Layer Discovery Protocol (LLDP)

show lldp neighbors Displays information about discovered neighboring

Login Banner Commands

Command Group Description Access Mode

www.dell.com | support.dell.com

banner exec Specifies and enables a message to be displayed when

banner login Enables a message to be displayed before the user-

banner motd Specifies and enables a message-of-the-day banner. Global Configura-

exec-banner Enables the display of exec banners. Line Configuration login-banner Enables the display of login banners. Line Configuration motd-banner Enables the display of message-of-the-day banners. Line Configuration show banner Displays the banners configuration. Privileged EXEC

Displays the Link Layer Discovery Protocol (LLDP) Media Endpoint Discovery (MED) configuration.

information that is advertised from a specific port.

devices using Link Layer Discovery Protocol (LLDP)

an EXEC process is created.

name and password login prompts.

Privileged EXEC

Global Configuration

tion

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

52 Command Groups

Page 53

Management ACL Commands

Command Group Description Access Mode management access-list Defines a management access-list, and enters the

access-list for configuration.

permit (Management) Defines a permit rule. Management

deny (Management) Defines a deny rule. Management

management access-class Defines which management access-list is used. Global

show management accesslist

show management accessclass

Displays management access-lists. Privileged EXEC

Displays the active management access-list. Privileged EXEC

Global Configuration

Access-level

Configuration

PHY Diagnostics Commands

Command Group Description Access Mode test copper-port tdr Diagnoses with TDR (Time Domain Reflectometry)

technology the quality and characteristics of a copper cable attached to a port.

show copper-ports tdr Displays the last TDR (Time Domain Reflectometry)

tests on specified ports.

show copper-ports cable-length

Displays the estimated copper cable length attached to a port.

Privileged EXEC

User EXEC

Power-over-Ethernet Commands

Command Group Description Access Mode power inline Configures the administrative mode of the inline

power on an interface.

power inline powereddevice

power inline priority Displays port monitor ing status. Interface

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Adds a description of the powered d evice ty pe attached to the interface.

Interface Configuration

Configuration

Command Groups 53

Page 54

power inline usagethreshold

power inline traps enable

show power inline Displays port monitoring status. User EXEC

Port Channel Commands

Command Group Description Access Mode interface port-channel Enters the interface configuration mode of a specific

www.dell.com | support.dell.com

interface range portchannel

channel-group Associates a port with a port-channel. Interface

show interfaces portchannel

Port Monitor Commands

Command Group Description Access Mode port monitor Starts a port monitoring session. Interface

show ports monitor Displays port monitoring status. User EXEC

Configures the administrative mode of the inline power on an interface.

Adds a description of the powered device type attached to the interface.

port-channel. Enters the interface configuration mode to configure

multiple port-channels.

Displays port-channel information. Privileged EXEC

Global Configuration

Configuration

QoS Commands

Command Group Description Access Mode qos Enables quality of service (QoS) on the device and

show qos Displays the QoS status. User EXEC priority-queue out num-

of-queues traffic-shape Sets the shaper on an egress port. Interface

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

54 Command Groups

Global Configuration

enters QoS basic mode.

Configures the number of expedite queues. Global Configuration

Configuration

Page 55

rate-limit (Ethernet) Limits the rate of the incoming traffic. Interface

Configuration

wrr-queue cos-map Maps assigned CoS values to select one of the egress

Global Configuration

queues.

show qos interface Displays interface QoS information. User EXEC qos map dscp-queue Modifies the DSCP to CoS map. Global Configuration qos trust (Global) Configures the system to basic mode and the "trust"

Global Configuration

state.

qos cos Configures the default port CoS value. Interface

Configuration

show qos map Displays all the maps for QoS. User EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 55

Page 56

RADIUS Commands

Command Group Description Access Mode radius-server host Specifies a RADIUS server host. Global Configuration radius-server key Sets the authentication and encryption key for all

radius-server retransmit Specifies the number of times the software searches

radius-server source-ip Specifies the source IP address used for

www.dell.com | support.dell.com

radius-server sourceipv6

radius-server timeout Sets the interval for which a device waits for a server

radius-server deadtime Improves RADIUS response times when servers are

show radius-servers Displays the RADIUS server settings. Privileged EXEC

RMON Commands

Command Group Description Mode show rmon statistics Displays RMON Ethernet Statistics. User EXEC rmon collection history Enables a Remote Monitoring (RMON) MIB history

show rmon collection history

show rmon history Displays RMON Ethernet statistics history. User EXEC rmon alarm Configures alarm conditions. Global Configuration show rmon alarm-table Displays the alarms table. User EXEC show rmon alarm Displays alarm configurations. User EXEC rmon event Configures a RMON event. Global Configuration show rmon events Displays the RMON event table. User EXEC show rmon log Displays the RMON logging table. User EXEC rmon table-size Configures the maximum RMON tables sizes. Global Configuration

Global Configuration RADIUS communications between the device and the RADIUS daemon.

Global Configuration the list of RADIUS server hosts.

Global Configuration communication with RADIUS servers.

Specifies the source IPv6 address used for the IPv6 communication with RADIUS servers.

host to reply.

unavailable.

statistics group on an interface. Displays the requested history group configuration. User EXEC

Global Configuration

Interface

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

56 Command Groups

Page 57

SNMP Commands

Command Group Description Access Mode snmp-server

community snmp-server view Creates and modifies view entries. Global Configuration snmp-server group Configures a new SNMP group or a table that maps

snmp-server user Configures a new SNMP v3 user. Global Configuration snmp-server engineID

local snmp-server enable

traps snmp-server filter Creates and modifies filter entries. Global Configuration snmp-server host Specifies an SNMP notification recipient. Global Configuration snmp-server v3-host Specifies an SNMP v3 notification recipient. Global Configuration snmp-server trap

authentication

snmp-server contact Sets up a system contact. Global Configuration snmp-server location Sets up the information on where the device is

snmp-server set Sets SNMP MIB value by the CLI. Global Configuration show snmp Displays the SNMP status. Privileged EXEC show snmp engineid Displays the local SNMP EngineID. Privileged EXEC show snmp views Displays the configuration of SNMP views. Privileged EXEC show snmp groups Displays the configuration of SNMP groups. Privileged EXEC show snmp filters Displays the configuration of SNMP filters. Privileged EXEC show snmp users Displays the configuration of SNMP users. Privileged EXEC

Sets up the community access string to permit access to SNMP protocol.

SNMP users to SNMP views.

Specifies an SNMP EngineID on the local device. Globa l Confi gurat ion

Enables the device to send SNMP traps or SNMP notifications.

Enables the device to send Simple Network Management Protocol traps when authentication failed.

located.

Global Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 57

Page 58

Spanning Tree Commands

Command Group Description Access Mode spanning-tree Enables Spanning Tree functionality. Global

spanning-tree mode Configures the Spanning Tree protocol. Global

spanning-tree forwardtime

spanning-tree hello-

www.dell.com | support.dell.com

time spanning-tree max-age Configures the Spanning Tree bridge maximum age. Global

spanning-tree priority Configures the Spanning Tree priority. Global

spanning-tree disable Disables Spanning Tree on a specific port. Interface

spanning-tree cost Configures the Spanning Tree path cost for a port. Interface

spanning-tree portpriority

spanning-tree portfast Enables PortFast mode. Interface

spanning-tree link-type

spanning-tree pathcost method

spanning-tree bpdu Defines bridge protocol data unit (BPDU) handling

clear spanning-tree detected-protocols

spanning-tree mst priority

spanning-tree mst maxhops

Configuration

Configures the Spanning Tree bridge forward time. Global

Configuration

Configures the Spanning Tree bridge Hello Time. Global

Configuration

Configures port priority. Interface

Configuration

Overrides the default link-type setting

Sets the default path cost method. Global

when Spanning Tree is disabled on an interface. Shutdowns an interface when it receives a BPDU. Interface

Restarts the protocol migration process on all interfaces or on the specified interface.

Configures the device priority for the specified spanning-tree instance.

Configures the number of hops in an MST region before the BDPU is discarded and the port information is aged out.

. Interface

Configuration

Global

Configuration

Privileged EXEC

Global

Configuration

Global

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

58 Command Groups

Page 59

spanning-tree mst portpriority

spanning-tree mst cost Configures the path cost for multiple Spanning Tree

spanning-tree mst configuration

instance (mst) Maps VLANs to the MST instance. MST Configuration name (mst) Defines the configuration name. MST Configuration revision (mst) Defines the configuration revision number. MST Configuration show (mst) Displays the current or pending MST region

exit (mst) Exits the MST region configuration mode and applies

abort (mst) Exits the MST region configuration mode without

show spanning-tree Displays Spanning Tree configuration. Privileged EXEC spanning-tree guard

root

Configures the priority of a port. Interface

Configuration Interface

(MST) calculations. Enables configuring an MST region by entering the

Multiple Spanning Tree (MST) mode.

configuration.

all configuration changes.

applying configuration changes.

Enables root guard on all the Spanning Tree instances in the interface.

Configuration Global

Configuration

MST Configuration

Interface Configuration

SSH Commands

Command Group Description Access Mode ip ssh port Specifies the port to be used by the SSH server. Global Configuration ip ssh server Enables the device to be configured from a SSH

server. crypto key generate dsa Generates DSA key pairs. Global Configuration crypto key generate rsa Generates RSA key pairs. Global Configuration ip ssh pubkey-auth Enables public key authentication for incoming SSH

sessions. crypto key pubkey-

chain ssh user-key Specifies which SSH public key is manually

key-string Manually specifies a SSH public key. SSH Public Key show ip ssh D ispla ys the SSH server configuration. Privileged EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Enters SSH Public Key-chain configuration mode. Global Configuration

configured and enters the SSH public key-string

configuration command.

Global Configuration

SSH Public Key

Command Groups 59

Page 60

show crypto key mypubkey

show crypto key pubkey-chain ssh

Syslog Commands

Command Group Description Access Mode logging on Controls error messages logging. Global Configuration logging Logs messages to a syslog server. Global Configuration

www.dell.com | support.dell.com

logging console Limits messages logged to the console based on

logging buffered Limits syslog messages displayed from an internal

logging buffered size Changes the number of syslog messages stored in the

clear logging Clears messages from the internal logging buffer. Privileged EXEC logging file Limits syslog messages sent to the logging file based

clear logging file Clears messages from the logging file. Privileged EXEC aaa logging Enables logging AAA login events. Global Configuration file-system logging Enables logging file system events. Global Configuration management logging Enables logging management access list events. Global Configuration show logging Displays the state of logging and the syslog messages

show logging file Displays the state of logging and the syslog messages

show syslog-servers Displays the syslog servers settings. Privileged EXEC

Displays the SSH public keys stored on the device. Privileged EXEC

Displays SSH public keys stored on the device. Privileged EXEC

Global Configuration

severity.

Global Configuration

buffer based on severity.

Global Configuration

internal buffer.

Global Configuration

on severity.

Privileged EXEC

stored in the internal buffer.

Privileged EXEC

stored in the logging file.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

60 Command Groups

Page 61

System Management Commands

Command Group Description Access Mode ping Sends ICMP echo request packets to another node on

the network.

traceroute

telnet resume reload Reloads the operating system. Privileged EXEC hostname Specifies or modifies the device host name. Global Configuration stack master Forces selection of a stack master. Global Configuration stack reload Reloads stack members. Privileged EXEC show stack Displays information about stack status. User EXEC show users Displays information about the active users. User EXEC show sessions show system Displays system information. User EXEC show version Displays the system version information. User EXEC asset-tag Specifies the device asset-tag. Global Configuration show system id Displays the service ID information. User EXEC show cpu utilization Displays information about the CPU utilization of

Discovers the routes that packets will actually take when traveling to their destination.

Logs in to a host that supports Telnet. Switches to another open Telnet session.

Lists the open Telnet sessions.

active processes.

User EXEC

User EXEC User EXEC

User EXEC

Privileged EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 61

Page 62

TACACS Commands

Command Group Description Mode tacacs-server host Specifies a TACACS+ host. Global

tacacs-server key Sets the authentication encryption key used for all

tacacs-server source-ip Specifies the source IP address that will be used for the

www.dell.com | support.dell.com

tacacs-server timeout Sets the timeout value. Global

show tacacs Displays configuration and statistics for a TACACS+

T A CACS+ communications between the device and the TACACS+ daemon.

communication with TACACS+ servers.

servers.

Configuration Global

Configuration

Global Configuration

Configuration Privileged EXEC

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

62 Command Groups

Page 63

TIC Commands

Command Group Description Access Mode passwords min-length Sets the minimum length required for passwords in

the local database.

password-aging Sets the expiration time of username and enables

passwords.

passwords aging Configures the expiration time of line passwords in

the local database.

passwords history Sets the number of required password changes before

a password in the local database can be reused.

passwords history holdtime

passwords lockout Sets the number of failed login attempts before a user

aaa login-history file Enables writing to the login history file. Global

set username active Reactivates a locked user account. Privileged EXEC set line active Reactivates a locked line. Privileged EXEC set enable-password active Reactivates a locked enable password. Privileged EXEC show passwords

configuration show users login-history Displays information about the login history of users. Privileged EXEC show users accounts Displays information about the local user database. Privileged EXEC

Configures the number of days a password is relevant for tracking its password history.

account is locked.

Displays information about password management. Privileged EXEC

Global Configuration

Line Configuration

Global Configuration

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 63

Page 64

Tunnel Commands

Command Group Description Access Mode interface tunnel enters tunnel interface configuration mode. Global Configura-

tunnel mode ipv6ip configures an IPv6 transition mechanism global sup-

tunnel isatap router configures a global string that represents a specific

tunnel source sets the local (source) tunnel interface IPv4 address. Interface Tunnel

www.dell.com | support.dell.com

tunnel isatap query-interval

tunnel isatap solicitationinterval

tunnel isatap robustness configures the number of DNS Query/Router Solicita-

show ipv6 tunnel displays information on the ISATAP tunnel. Privileged EXEC

User Interface Commands

port mode.

automatic tunnel router domain name.

configures the interval between DNS Queries (before the IP address of the ISATAP router is known) for the automatic tunnel router domain name.

configures the interval between ISATAP router solicitations messages (when there is no active ISATAP router).

tion refresh messages that the device sends.

tion Interface Tunnel

Configuration Interface Tunnel

Configuration

Configuration Global Configura-

tion

Global Configuration

Command Group Description Access Mode enable Enters the privileged EXEC mode. User EXEC disable Returns to User EXEC mode. Privileged EXEC login Changes a login username. Priv/User EXEC configure exit (Configuration) Exits any configuration mode to the next highest mode

exit Closes an active terminal session by logging off the

end Ends the current configuration session and returns to

help Displays a brief description of the help system. All terminal datadump Enables dumping all output of a show command without

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

64 Command Groups

Enables the global configuration mode.

in the CLI mode hierarchy.

device.

the Privileged EXEC mode.

prompting.

Privileged EXEC All

Priv/User EXEC

After Privileged EXEC

User EXEC

Page 65

show history Lists the commands entere d in the current session. Privileged EXEC show privilege Displays the current privilege level. User EXEC

VLAN Commands

Command Group Description Access Mode vlan database Enters the VLAN database configuration mode. Global

Configuration vlan Creates a VLAN. VLAN Database interface vlan Enters the interface configuration (VLAN) mode. Global

Configuration interface range vlan Enters the interface configuration mode to configure

multiple VLANs.

name Configures a name to a VLAN. Interface (VLAN)

switchport access vlan Configures the VLAN ID when the interface is in access

mode.

switchport trunk allowed vlan

switchport trunk native vlan

switchport general allowed vlan

switchport general pvid Configures the PVID when the interface is in general

switchport general ingress-filtering disable

switchport general acceptable-frame-type tagged-only

switchport forbidden vlan

switchport mode Configures the VLAN membership mode of a port Interface

switchport customer vlan

Adds or removes VLANs from a port in general mode. Interface

Defines the port as a member of the specified VLAN, and the VLAN ID is the "port default VLAN ID (PVID)".

Adds or removes VLANs from a general port. Interface

mode. Disables port ingress filtering. Interface

Discards untagged frames at ingress. Interface

Forbids adding specific VLANs to a port. Interface

Set the port’ s VLA N when the interface is in customer mode.

Global

Configuration

Interface

Configuration

Interface

Configuration

Interface

Configuration

Interface

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 65

Page 66

switchport protected Overrides the FDB (Forwarding Database) decision, and

map protocol protocolsgroup

switchport general map protocols-group vlan

ip internal-usage-vlan Reserves a VLAN as the internal usage VLAN of

mac-to-vlan Adds MAC addresses to the MAC-to-VLAN database. VLAN

www.dell.com | support.dell.com

show vlan Displays the MAC-to-VLAN database. Privileged EXEC show vlan Displays VLAN information. Privileged EXEC show vlan protocols-

groups show vlan internal

usage show interfaces

switchport

Voice VLAN Commands

Interface sends all the Unicast, Multicast and Broadcast traffic to an uplink port.

Maps a protocol to a protocol group. Protocol groups are used for protocol-based VLAN assignment.

Sets a protocol-based classification rule. Interface

an interface.

Displays protocols-groups information. Privileged EXEC

Displays a list of VLANs used internally by the device. Privileged EXEC

Displays switchport configuration. Privileged EXEC

Configuration

VLAN

Configuration

Interface

Configuration

configuration

Command Group Description Access Mode voice vlan id Enables voice VLAN and configures voice VLAN ID. Global

voice vlan oui-table Configures the voice OUI table. Global

voice vlan cos Global

voice vlan aging-timeout Sets the voice VLAN aging timeout. Global

voice vlan enable Enables automatic voice VL AN configu r ati on for a

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

66 Command Groups

port.

Configuration

Configuration Interface

configuration (Ethernet, portchannel)

Page 67

voice vlan secure Configures the secure mode for the voice VLAN. Interface

configuration (Ethernet, portchannel

show voice vlan Displays the voice VLAN status. EXEC mode

Web Server Commands

Command Group Description Access Mode ip http server Enables the device to be configured from a browser. Global

Configuration

ip http port Specifies the TCP port for use by a web browser to

configure the device.

ip http exec-timeout Sets the interval the system waits for user input before

automatically logging off.

ip https server Enables configuring the device from a secured browser. Global

ip https port Specifies the TCP port used by the server to configure

the device through the Web browser.

ip https exec-timeout Sets the interval the system waits for user input before

automatically logging off.

crypto certificate generate

crypto certificate request

crypto certificate import Imports a certificate signed by Certification Auth ority for

ip https certificate Configures the active certificate for HTTPS. Global

show crypto certificate mycertificate

show ip http Displays the HTTP server configuration. Privileged EXEC show ip https Displays the HTTPS server configuration. Privileged EXEC

Generates a self-signed HTTPS certificate. Global

Generates and displays certificate requests for HTTPS. Privileged EXEC

HTTPS.

Displays the SSH certificates of the device. Privileged EXEC

Global Configuration

Configuration Global

Configuration

Global Configuration

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 67

Page 68

802.1x Commands

Command Description Access Mode

aaa authentication dot1x

dot1x system-authcontrol

dot1x port-control Enables manual control of the authorization state of the

www.dell.com | support.dell.com

dot1x re-authentication Enables periodic re-authentication of the client. Interface

dot1x timeout reauthperiod

dot1x re-authentication Manually initiates a re-authentication of all 802.1x-

dot1x timeout quietperiod

dot1x timeout tx-period Sets the number of seconds that the device waits for a

dot1x max-req Sets the maximum number of times that the device sends

dot1x timeout supptimeout

dot1x timeout servertimeout

show dot1x Allows multiple hosts on an 802.1x-authorized port that

show dot1x users Displays active 802.1x authenticated users. show dot1x statistics Displays 802.1x statistics for the specified interface. Privileged EXEC dot1x auth-not-req Enables unauthorized users access to that VLAN. Interface (VLAN)

Specifies one or more authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE 802.1x.

Enables 802.1x globally. Global

port

Sets the number of seconds between re-authentication attempts.

enabled ports or the specified 802.1x-enabled port. Sets the number of seconds that the device remains in

the quiet state following a failed authentication exchange.

response to an Extensible Authentication Protocol (EAP) - request/identity frame from the client, before resending the request.

an EAP - request/identity frame to the client, before restarting the authentication process.

Sets the time for the retransmission of an Extensible Authentication Protocol (EAP)-request frame to the client.

Sets the time for the retransmission of packets to the authentication server.

has the dot1x port-control interface configuration command set to auto.

Global Configuration

Configuration Interface

Configuration

Configuration Interface

Configuration

Interface Configuration

Privileged EXEC

Configuration

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

68 Command Groups

Page 69

dot1x multiple-hosts Allows multiple hosts (clients) on an 802.1x-authorized

port that has the dot1x port-control Interface

Interface Configuration

Configuration mode command set to auto.

dot1x single-hostviolation

Configures the action to be taken, when a station whose MAC address is not the supplicant MAC address,

Interface Configuration

attempts to access the interface.

dot1x guest-vlan Defines a guest VLAN. Interface

Configuration

dot1x guest-vlan enable Enables unauthorized users on the interface to ac cess the

guest VLAN.

dot1x macauthentication

dot1x traps macauthentication failure

Enables authentication based on the station’s MAC address.

Enables sending traps when a MAC address was failed in authentication of the 802.1X MAC authentication

Interface Configuration

Global Configuration

access control.

dot1x radius-attributes vlan

show dot1x advanced Displays 802.1x advanced features for the device or for

Enables user-based VLAN assignment. Interface

Configuration Privileged EXEC

the specified interface.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Groups 69

Page 70

www.dell.com | support.dell.com

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

70 Command Groups

Page 71

Command Modes

GC (Global Configuration) Mode

Command Group Description aaa authentication dot1x Specifies one or more authentication, authorization, and accounting

(AAA) methods for use on interfaces running IEEE 802.1x.

aaa authentication enable Defines authentication method lists for accessing higher privilege

levels. aaa authentication login Defines login authentication. aaa logging Enables logging AAA login events. aaa login-history file Enables writing to the login history file. arp Adds a permanent entry in the ARP cache. arp timeout Configures how long an entry remains in the ARP cache. asset-tag Specifies the device asset-tag. bridge aging-time Sets the Address Table aging time. bridge multicast filtering Enables filtering of Multicast addresses. clock source Configures an external time source for the system clock. clock summer-time C onfigures the system to automatically switch to summer tim e (daylight

saving time). clock timezone Sets the time zone for display purposes crypto certificate generate Generates a self-signed HTTPS certificate. crypto certificate import Imports a certificate signed by Certification Authority for HTTPS. crypto certificate request Generates and displays certificate requests for HTTPS. crypto key generate dsa Gene r at es DSA key pai r s. crypto key generate rsa Generates RSA key pairs. crypto key pubkey-chain ssh Enters SSH Public Key-chain configuration mode. dot1x system-auth-control Enables 802.1x globally. dot1x traps mac-authentication

failure

Enables sending traps when a MAC ad dress was failed in authentication

of the 802.1X MAC authentication access control.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 71

Page 72

enable password Sets a local password to control access to normal and privilege levels. end Ends the current configuration session and returns to the previous

file-system logging Enables logging file system events. gvrp enable (Global) Enables GVRP globally. hostname Specifies or modifies the device host name. interface ethernet Enters the interface configuration mode to configure an Ethernet type

interface port-channel Enters the interface configuration mode of a specific port-channel.

www.dell.com | support.dell.com

interface range ethernet Enters the interface configuration mode to configure multiple ethernet

interface range port-channel Enters the interface configuration mode to configure multiple port-

interface range vlan Enters the interface configuration mode to configure multiple VLANs. interface vlan Enters the interface configuration (VLAN) mode. ip access-list Creates Layer 2 ACLs. ip access-list Creates Layer 2 ACLs. ip address ip default-gateway Defines a default gateway. ip dhcp snooping Globally enables DHCP snooping. ip dhcp snooping database Configures the DHCP snooping binding file. ip dhcp snooping database

update-freq ip dhcp snooping information

option allowed-untrusted ip dhcp snooping trust Configures a port as trusted for DHCP snooping purposes. ip dhcp snooping verify Configures a switch to accept DHCP packets with option-82

ip dhcp snooping vlan Enables DHCP snooping on a VLAN. ip domain-lookup Enables the IP Domain Naming System (DNS)-based host name-to-

ip domain-name Defines a default domain name, that the software uses to complete

ip host Defines static host name-to-address mapping in the host cache. ip http authentication Specifies authentication methods for HTTP server users.

command mode.

interface.

type interfaces.

channels.

Sets an IP address.

Configures the update frequency of the DHCP snooping binding file.

Configures a switch to accept DHCP packets with option-82 information from an untrusted port.

information from an untrusted port.

address translation.

unqualified host names.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

72 Command Modes

Page 73

ip http exec-timeout Enables the device to be configured from a secured browser. ip http port Specifies the TCP port for use by a web browser to configure the

device. ip http server Enables the device to be configured from a browser. ip https authentication Specifies authentication methods for HTTPS server users. ip https certificate Configures the active certificate for HTTPS. ip https exec-timeout Sets the interval the system waits for user input before automatically

logging off. ip https port Configures a TCP port for use by a secure web browser to configure the

device. ip https server Enables configuring the device from a secured browser. ip igmp snooping (Global) Enables Internet Group Management Protocol (IGMP) snooping. ip name-server Sets the available name servers. ip ssh port Specifies the port to be used by the SSH server. ip ssh pubkey-auth Enables public key authentication for incoming SSH sessions. ip ssh server Enables the device to be configured from a SSH server. lacp system-priority Configures the system LACP priority. line Identifies a specific line for configuration and enters the line

configuration command mode. logging Logs messages to a syslog server. logging buffered Limits syslog messages displayed from an internal buffer based on

severity. logging buffered size Changes the number of syslog messages stored in the internal buffer. logging console Limits messages logged to the console based on severity. logging file Limits syslog messages sent to the logging file based on severity. logging on Controls error messages logging. mac access-list Creates Layer 2 ACLs. management access-class Defines which manage me nt access-list is used. management access-list Defines a management access-list, and enters the acce ss-list for

configuration. management logging Enables logging management access list events. password min-length Sets the minimum required length for passwords in the local database. password-aging Sets the expiration time for passwords in the local database.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 73

Page 74

passwords history

passwords history hold-time Sets the number of days a password is relevant for tracking its password

passwords lockout power inline traps enable power inline usage-threshold Configures the administrative mode of the inline power on an interface. priority-queue out num-of-

queues qos Enables Quality of Service (QoS) on the device and enters QoS basic or

www.dell.com | support.dell.com

qos map dscp-queue Modifies the DSCP to CoS map. qos trust (Global) Configure the system to "trust" state. radius-server deadtime Improves RADIUS response times when servers are unavailable. radius-server host Specifies a RADIUS server host. radius-server key Sets the authentication and encryption key for all RADIUS

radius-server retransmit Specifies the number of times the software searches the list of RADIUS

radius-server source-ip Specifies the source IP address used for communication with RADIUS

radius-server source-ipv6 Specifies the source IPv6 address used for the IPv6 communication

radius-server timeout Sets the interval for which a device waits for a server host to reply. rmon alarm Configures alarm conditions. rmon event Configures a RMON event. rmon table-size Configures the maximum RMON tables sizes. rmon table-size Configures the maximum RMON tables sizes. show cpu utilization Enables measuring CPU utilization. show users Changes the unit ID of a specific unit. snmp-server community Sets up the community access string to permit access to SNMP

snmp-server contact Sets up a system contact. snmp-server enable traps Enables the device to send SNMP traps or SNMP notifications. snmp-server engineID local Specifies an SNMP EngineID on the local device.

Sets the number of required password changes before a password in the local database can be reused.

history. Sets the number of failed login attempts before a user account is locked. Adds a description of the powered device type attached to the interface.

Enables the egress queues to be SP queues.

advance mode.

communications between the device and the RADIUS daemon.

server hosts.

servers.

with RADIUS servers.

protocol.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

74 Command Modes

Page 75

snmp-server filter Creates and modifies filter entries. snmp-server group Configures a new SNMP group or a table that maps SNMP users to

SNMP views. snmp-server host Specifies the recipient of Simple Network Management Protocol

notification operation. snmp-server location Sets up the information on where the device is located. snmp-server set Sets SNMP MIB value by the CLI. snmp-server trap authentication Enables the device to send Simple Network Management Protocol traps

when authentication failed. snmp-server user Configures a new SNMP v3 user. snmp-server v3-host Specifies an SNMP v3 notification recipient. snmp-server view Creates and modifies view entries. sntp anycast client enable Enables Anycast clients. sntp authenticate

Grants authentication for received Simple Network Time Protocol (SNTP)

traffic from servers. sntp authentication-key

Defines an authentication key for Simple Network Time Protocol (SNTP). sntp broadcast client enable Enables the Simple Network Time Protocol (SNTP) Broadcast clients. sntp client enable

Enables the Simple Network Time Protocol (SNTP) Broadcast and

Anycast client on an interface. sntp client poll timer Sets the polling time for the Simple Network Time Protocol (SNTP)

client. sntp server Configures the device to use the Simple Network Time Protocol

(SNTP) to request and accept Simple Network Time Protocol (SNTP)

traffic from a server. sntp trusted-key Authenticates the identity of a system to which Simple Network Time

Protocol (SNTP) will synchronize. sntp unicast client enable Enables the device to use the Simple Network Time Protocol (SNTP) to

request and accept Simple Network Time Protocol (SNTP) traffic from

servers. sntp unicast client poll Enables polling for the Simple Network Time Protocol (SNTP)

predefined Unicast clients. spanning-tree Enables Spanning Tree functionality. spanning-tree bpdu Defines BPDU handling when Spanning Tree is disabled on an

interface. spanning-tree forward-time Configures the Spanning Tree bridge forward time. spanning-tree hello-time Configures the Spanning Tree bridge Hello Time.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 75

Page 76

spanning-tree max-age Configures the Spanning Tree bridge maximum age. spanning-tree mode Configures the Spanning Tree protocol. spanning-tree mst

configuration spanning-tree mst max-hops Configures the number of hops in an MST region before the BDPU is

spanning-tree mst priority Configures the device priority for the specified spanning-tree instance. spanning-tree pathcost method Sets the default pathcost method. spanning-tree priority Configures the Spanning Tree priority.

www.dell.com | support.dell.com

stack master Forces selection of a stack master. tacacs-server host Specifies a TACACS+ host. tacacs-server key Sets the authentication encryption key used for all TACACS+

tacacs-server source-ip Specifies the source IP address that will be used for the communication

tacacs-server timeout Sets the timeout value. username Establishes a username-based authentication system. vlan database Enters the VLAN database configuration mode. wrr-queue cos-map Maps CoS values to a specific egress queue.

Enables configuring an MST region by entering the Multiple Spanning Tree (MST) mode.

discarded and the port information is aged out.

communications between the device and the TACACS+ daemon.

with T A CACS+ servers.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

76 Command Modes

Page 77

IC (Interface Configuration) Mode

Command Group Description back-pressure Enables Back Pressure on a given interface. bridge multicast forbidden

forward-all bridge multicast forward-all Enables forwarding all Multicast frames on a port. bridge multicast unregistered Configures the forwarding state of unregistered multicast addresses. channel-group Associates a port with a Port-channel. description Adds a description to an interface. dot1x guest-vlan Defines a guest VLAN. dot1x guest-vlan enable Enables unauthorized users on the interface to access the guest VLAN. dot1x mac-authentication Enables authentication based on the station’s MAC address. dot1x max-req Sets the maximum number of times that the device sends an EAP -

dot1x multiple-hosts Allows multiple hosts (clients) on an 802.1x-authorized port, that has

dot1x port-control Enables manual control of the authorization state of the port dot1x radius-attributes vlan Enables user-based VLAN assignment. dot1x re-authentication Enables periodic re-authentication of the client. dot1x single-host-violation Configures the action to b e taken, when a station whose MAC address is

dot1x timeout quiet-period Sets the number of seconds that the device remains in the quiet state

dot1x timeout re-authperiod Sets the number of seconds between re-authentication attempts. dot1x timeout server-timeout Sets the time for the retransmission of packets to the authentication

dot1x timeout supp-timeout Sets the time for the retransmission of an EAP-request frame to the

dot1x timeout tx-period Sets the number of seconds that the device waits for a response to an

duplex Configures the full/half duplex operation of a given ethernet interface

flowcontrol Configures the Flow Control on a given interface.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Forbids a port from becoming a forward-all Multicast port.

request/identity frame to the client, before restarting the authentication process.

the dot1x port-control Interface Configuration mode command set to auto.

not the supplicant MAC address, attempts to access the interface.

following a failed authentication exchange.

server.

client.

Extensible Authentication Protocol (EAP) - request/identity frame, fro m the client, before resending the request.

when not using auto-negotiation.

Command Modes 77

Page 78

garp timer Adjusts the GARP application join, leave, and leaveall GARP timer

gvrp enable (Interface) Enables GVRP on an interface. gvrp registration-forbid De-registers all VLANs, and prevents dynamic VLAN registration on

gvrp vlan-creation-forbid Enables or disables dynamic VLAN creation. ip address Sets an IP address. ip address dhcp Acquires an IP address on an interface from the DHCP server. ip internal-usage-vlan Reserves a VLAN as the internal usage VLAN of an interface.

www.dell.com | support.dell.com

ipv6 default-gateway Defines an IPv6 default gateway. ipv6 mld join-group Configures Multicast Listener Discovery (MLD) reporting for a

ipv6 mld version Changes the Multicast Listener Discovery Protocol (MLD) version. lacp port-priority Configures the priority value for physical ports. lacp timeout Assigns an administrative LACP timeout. mdix Enables automatic crossover on a given interface. name Configures a name to a VLAN. negotiation Enables auto-negotiation operation for the speed and duplex parameters

port monitor Starts a port monitoring session. port security Disables new address learning/forwarding on an interface. port security max Configures the maximum number of addresses that may be learned on

port security mode Configures the port security learning mode. port security routed secure-

address port storm-control broadcast

enable port storm-control broadcast

rate port storm-control include-

multicast power inline Configures the administrative mode of the inline power on an interface. power inline powered-device power inline priority Displays port monitoring status

values.

the port.

specified group.

of a given interface.

the port while the port is in port security mode.

Adds MAC-layer secure addresses to a routed port.

Enables Broadcast storm control.

Configures the maximum Broadcast rate.

Enables the device to count Multicast packets.

Adds a description of the powered device type attached to the interface.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

78 Command Modes

Page 79

qos cos Configures the default port CoS value. qos cos Configures the default port CoS value. qos cos Enables each port trust state. qos cos Enables each port trust state while the system is in basic mode. rate-limit (Ethernet) Limits the rate of the incoming traffic. rmon collection history Enables a Remote Monitoring (RMON) MIB history statistics group on

an interface.

rmon collection history Enables a Remote Monitoring (RMON) MIB history statistics group on

an interface. service-acl Sets the default ace action to permit or deny. show ports monitor Transmits tagged ingress mirrored packets. shutdown Disables interfaces. sntp client enable (Interface) Enables the Simple Network Time Protocol (SNTP) client on an

interface. clear spanning-tree detected-

protocols

Shutsdown an interface when it receives a bridge protocol data unit

(BPDU). spanning-tree cost Configures the Spanning Tree path cost for a port. spanning-tree disable Disables Spanning Tree on a specific port. spanning-tree guard root Enables root guard on all the Spanning Tree instances in the interface. spanning-tree link-type Overrides the default link-type setting. spanning-tree mst cost Configures the path cost for multiple Spanning Tree (MST) calculations. spanning-tree mst port-priority Configures the priority of a port. spanning-tree portfast Enables PortFast mode. spanning-tree port-priority Configures port priority. speed Configures the speed of a given Ethernet interface wh en not using auto-

negotiation. switchport access vlan Configures the VLAN ID when the interface is in access mode. switchport access vlan Defines the primary PVLAN. switchport customer vlan

Set the port’s VL AN wh en the interface is in customer mode.

switchport forbidden vlan Forbids adding specific VLANs to a port. switchport general acceptable-

Discards untagged frames at ingress. frame-type tagged-only

switchport general allowed

Adds or removes VLANs from a general port. vlan

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 79

Page 80

switchport general ingressfiltering disable

switchport general map protocols-group vlan

switchport general pvid Configures the PVID when the interface is in general mode. switchport mode Configures the VLAN membership mode of a port switchport protected Overrides the FDB (Forwarding Database) decision, and sends all the

switchport trunk allowed vlan Adds or removes VLANs from a port in general mode. switchport trunk native vlan Defines the port as a member of the specified VLAN, and the VLAN ID

www.dell.com | support.dell.com

traffic-shape Sets the shaper on an egress port.

LC (Line Configuration) Mode

Command Group Description autobaud Configures the line for automatic baud rate detection (autobaud) enable authentication Specifies the authentication method list when accessing a higher

exec-timeout Configures the interval that the system waits until user input is detected. history Enables the command history function. history size Configures the command history buffer size for a particular line. login authentication Specifies the login authentication method list for a remote telnet or

password Specifies a password on a line. password-aging Sets the expiration time of line passwords in the local database. speed Configures the baud rate of the line.

Disables port ingress filtering.

Sets a protocol-based classification rule.

Unicast, Multicast and Broadcast traffic to an uplink port.

is the "port default VLAN ID (PVID)".

privilege level from a remote telnet or console.

console.

MA (Management Access-level) Mode

Command Group Description deny (Management) Defines a deny rule. permit (Management) Defines a permit rule.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

80 Command Modes

Page 81

MC (MST Configuration) Mode

Command Group Description abort (mst) Exits the MST region configuration mode without applying

configuration changes.

exit (mst) Exits the MST region configuration mode and applies all configuration

changes. instance (mst) Maps VLANs to the MST instance. name (mst) Defines the configuration name. revision (mst) Defines the configuration revision number. show (mst) Displays the current or pending MST region configuration.

ML (MAC Access-List) Mode

Command Group Description permit (MAC) Denies traffic if the conditions defined in the permit statement match.

PE (Privileged EXEC) Mode

Command Group Description boot system Specifies the system image that the device loads at startup. clear arp-cache Deletes all dynamic entries from the ARP cache. clear bridge Removes any learned entries from the forwarding database. clear counters clear gvrp statistics Clears all the GVRP statistics information. clear host Deletes entrie s from the host name-to-address cache. clear host dhcp Deletes entries from the host name-to-address mapping received from

clear ip dhcp snooping database

clear logging Clears messages from the internal logging buffer. clear logging file Clears messages from the logging file. clear spanning-tree detected-

protocols clock set Manually sets the system clock. configure Enters the Global Configuration mode.

Clears statistics on an interface.

Dynamic Host Configuration Protocol (DHCP). Clears the DHCP snooping binding database.

Restarts the protocol migration process on all interfaces or on the specified interface.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 81

Page 82

copy Copies files from a source to a destination. crypto certificate request Generates and displays certificate requests for HTTPS. delete Deletes a file from a Flash me mory devic e. delete startup-config Deletes the startup-config file. dir Displays a list of files on a flash file system. disable Returns to User EXEC mode. dot1x re-authentication Manually initiates a re-authentication of all 802.1x-enabled ports or the

exit Closes an active terminal session by logging off the device.

www.dell.com | support.dell.com

ip dhcp snooping binding Configures the update frequency of the DHCP snooping binding file. login Changes a login username. more Displays a file. reload Reloads the operating system. rename Renames a file. set enable-password active Reactivates a locked local password. set interface active Reactivates an interface that was suspended by the sy st em. set line active Reactivates a locked line. set username active show access-lists Displays ACLs defined on the device. show arp Displays entries in the ARP table. show authentication methods Displays information about the authentication methods. show bootvar Displays the active system image file that the device loads at startup show bridge address-table Displays all entries in the bridge-forwarding database. show bridge address-table

count show bridge address-table

static show bridge multicast address-

table show bridge multicast address-

table static show bridge multicast filtering Displays the Multicast filtering configuration. show cpu utilization Enables measuring CPU utilization. show cpu utilization Displays information about the CPU utilization of active processes.

specified 802.1x-enabled port.

Reactivates a locked user account.

Displays the number of addresses present in all VLANs or at specific VLAN.

Displays statically created entries in the bridge-forwarding database

Displays Multicast MAC or IP Address Table information.

Displays the statically configured multicast addresses.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

82 Command Modes

Page 83

show crypto certificate

Displays the SSH certificates of the device.

mycertificate show crypto key mypubkey Displays the SSH public keys stored on the device. show crypto key pubkey-chain

Displays SSH public keys stored on the device.

ssh show dot1x Displays 802.1x status for the device or for the specified interface. show dot1x advanced Displays 802.1x enhanced features for the device or for the specified

interface. show dot1x statistics Displays 802.1x statistics for the specified interface. show dot1x users Displays 802.1x users for the device. show history Lists the commands entered in the current session. show hosts Displays the default domain name, a list of name server hosts, the static

and the cached list of host names and addresses. show interfaces access-lists Displays access lists applied on interfaces. show interfaces advertise Displays auto negotiation advertisement data. show interfaces configuration Displays the configuration for all interfaces. show interfaces counters Displays traffic seen by the physical interface. show interfaces description Displays the description for all interfaces. show interfaces port-channel Displays Port-channel information. show interfaces status Displays the status for all interfaces. show interfaces switchport Displays switchport configuration. show ip http Displays the HTTP server configuration. show ip https Displays the HTTPS server configuration. show ip interface Displays the usability status of interfaces configured for IP. show ip ssh Displays the SSH server configuration. show logging Displays the state of logging and the syslog messages stored in the

internal buffer. show logging file Displays the state of logging and the syslog messages stored in the

logging file. show management access-

Displays the active management access-list. class

show management access-list Displays management access-lists. show passwords configuration Displays information about password management. show ports security Displays the port-lock status.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 83

Page 84

show ports security addresses Displays current dynamic addresses in locked ports. show ports storm-control Displays the storm control configuration. show radius-servers Displays the RADIUS server setti ngs. show running-config Displays the contents of the currently running configuration file. show snmp Displays the SNMP status. show snmp engineid Displays the local SNMP EngineID. show snmp filters Displays the configuration of SNMP filters. show snmp groups Displays the configuration of SNMP groups. show snmp users Displays the configuration of SNMP users.

www.dell.com | support.dell.com

show snmp views Displays the configuration of SNMP views. show sntp configuration Shows the configuration of the Simple Network Time Protocol (SNTP). show sntp status Shows the status of the Simple Network Time Protocol (SNTP). show spanning-tree Displays Spanning Tree configuration. show startup-config Displays the startup configuration file contents. show syslog-servers Displays the syslog servers settings. show tacacs Displays configuration and statistics for a TACACS+ servers. show users accounts Displays information about the local user database. show users login-history Displays information about the login history of users. show vlan Displays VLAN information. show vlan internal usage Displays a list of VLANs used internally by the device. show vlan Displays the MAC-to-VLAN database. show vlan protocols-groups Displays protocols-groups information. stack reload Reloads stack members. test copper-port tdr Diagnoses with TDR (Time Domain Reflectometry) technology the

quality and characteristics of a copper cable attached to a port.

SP (SSH Public Key) Mode

Command Group Description key-string Manually specifies a SSH public key. user-key Specifies which SSH public key is manually configured and enters the

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

84 Command Modes

SSH public key-string configuration command.

Page 85

UE (User EXEC) Mode

Command Group Description enable Enters the Privileged EXEC mode. exit Closes an active terminal session by logging off the device. login Changes a login username. ping Sends ICMP echo request packets to another node on the network. resume show clock Displays the time and date from the system clock. show copper-ports cable-

length show copper-ports tdr Displays the last TDR (Time Domain Reflectometry) tests on specified

show gvrp configuration Displays GVRP configuration information. show gvrp error-statistics Displays GVRP error statistics. show gvrp statistics Displays GVRP statistics. show history Lists the commands entered in the current s es s ion. show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping

binding show ip igmp snooping

groups show ip igmp snooping

interface show ip igmp snooping

mrouter show ip igmp snooping

mrouter show lacp ethernet Displays LACP information for Ethernet ports. show lacp port-channel Displays LACP information for a port-channel. show line Displays line parameters. show ports monitor Displays port monitoring status show power inline Displays information about inline power. show privilege Displays the current privilege level. show qos Displays the QoS status.

Switches to ano ther open Telnet session.

Displays the estimated copper cable length attached to a port.

ports.

Displays the DHCP snooping binding database and configuration

information for all interfaces on a switch.

Displays Multicast groups learned by IGMP snooping.

Displays IGMP snooping configuration.

Enables automatic learning of Multicast swi tch port s in the conte xt of a

specific VLAN.

Displays information on dynamically learned Multicast router

interfaces.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 85

Page 86

show qos interface Displays interface QoS information. show qos map Displays all the maps for QoS. show rmon alarm Displays alarm configurations. show rmon alarm-table Displays the alarms table. show rmon collection history Displays the requested history group configuration. show rmon events Displays the RMON event table. show rmon history Displays RMON Ethernet Statistics history. show rmon log Displays the RMON logging table. show rmon statistics Displays RMON Ethernet Statistics.

www.dell.com | support.dell.com

show sessions show stack Displays information about stack status. show system Displays system information. show system id Displays the service id information. show users Displays information about the active users. show version Displays the system version information. telnet Sends ICMP echo request packets to another node on the network. terminal datadump Enables dumping all output of a show command without prompting. terminal history Enables the command history function for the current terminal session. terminal history size Configures the command history buffer size for the current

traceroute

traffic-shape Assigns CoS values to select one of the egress queues.

Lists the open Telnet sessions.

terminal session. Discovers the routes that packets w ill actu ally take whe n traveling to their

destination.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

86 Command Modes

Page 87

VC (VLAN Configuration) Mode

Command Group Description bridge address Adds a static MAC-layer station source address to the bridge table. bridge multicast address Registers MAC-layer Multicast addresses to the bridge table, and adds

static ports to the group.

bridge multicast forbidden address

bridge multicast forbidden forward-all

bridge multicast forward-all Enables forwarding of all Multicast frames on a port. dot1x auth-not-req Enables unauthorized users access to that VLAN. ip igmp snooping (Interface) Enables Internet Group Management Protocol (IGMP) snooping on a

ip igmp snooping host-time-out Configures the host-time-out. ip igmp snooping leave-time-

out ip igmp snooping mrouter Enables automatic learning of Multicast router ports. ip igmp snooping mrouter-

time-out ip igmp snooping querier

address ip igmp snooping querier

enable ip internal-usage-vlan mac-to-vlan Adds MAC addresses to the MAC-to-VLAN database. name Configures a name to a VLAN. vlan Creates a VLAN.

Forbids adding a specific Multicast address to specific ports.

Forbids a port from becoming a forward-all Multicast port.

specific VLAN.

Configures the leave-time-out.

Configures the mrouter-time-out.

Defines the source IP address that the IGMP Snooping querier uses.

Enables Internet Group Management Protocol (IGMP) querier on a specific VLAN.

Reserves a VLAN as the internal usage VLAN of an interface.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 87

Page 88

IPAL (IP-Access List Configuration) Mode

Command Group Description deny (IP) Denies traffic if the conditions defined in the deny statement match. permit (IP) Permits traffic if the conditions defined in the permit statement match.

www.dell.com | support.dell.com

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

88 Command Modes

Page 89

MAL (MAC-Access List Configuration) Mode

Command Group Description deny (MAC) Denies traffic if the conditions defined in the deny statement match. permit (MAC) Set permit conditions for a MAC access list.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Command Modes 89

Page 90

www.dell.com | support.dell.com

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

90 Command Modes

Page 91

AAA Commands

aaa authentication login

The aaa authentication login Global Configuration mode command defines login authentication. Use the no form of this command to return to the default configuration.

Syntax

•

aaa authentication login {default | list-name} method1 [method2

•

no aaa authentication login {default | list-name

•

default

— Uses the listed authentication methods that follow this argument as the default

list of methods when a user logs in.

•

list-name

a user logs in. (Range: 1 - 12 characters)

•

method1 [method2

Keyword Description enable Uses the enable password for authentication. line Uses the line password for authentication. local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication.

— Character string used to name the list of authentication methods activated w hen

...] — Specify at least one from the following table:

}

...]

Default Configuration

The local user database is checked. This has the same ef fect as the command

NOTE: On the console, login succeeds without any authentication check if the authentication method is

not defined.

Command Mode

Global Configuration mode.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

aaa authentication

AAA Commands 91

Page 92

User Guidelines

• The default and optional list names created with the used with the

• Create a list by entering the particular protocol, where

aaa authentication login

list-name

command.

is any character string used to name this list. The

aaa authentication login

list-name method

command for a

command are

method

argument identifies the list of methods that the authentication algorithm tries, in the given sequence.

• The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error,

none

specify

as the final method in the command line.

www.dell.com | support.dell.com

Example

The following example configures the authentication login, so that user authentication is performed as follows: Authentication is attempted at the RADIUS server. If the RADIUS server is not available, authentication is attempted at the local user database. If there is no database, then no authentication is performed.

Console(config)# aaa authentication login radius local none

aaa authentication enable

The aaa authentication enable Global Configuration mode command defines authentication method lists for accessing higher privilege levels. Use the no form of this command to return to the default configuration.

Syntax

•

aaa authentication enable {default | list-name} method1 [method2

•

no aaa authentication enable {default | list-name

•

default

list of methods, when using higher privilege levels.

•

list-name

when using access higher privilege levels. (Range: 1 - 12 characters)

•

method1 [method2

...]

}

— Uses the listed authentication methods that follow this argument as the default

— Character string used to name the list of authentication methods activated,

...] — Specify at least one from the following table:

Keyword Description enable Uses the enable password for authentication. line Uses the line password for authentication. none Uses no authentication.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

92 AAA Commands

Page 93

radius Uses the list of all RADIUS servers for authentication. Uses username

$enabx$., where x is the privilege level.

tacacs Uses the list of all TACACS+ servers for authentication. Uses username

"$enabx$." where x is the privilege level.

Default Configuration

If the

default

command

list is not set, only the enable password is checked. This has the same effect as the

aaa authentication enable default enable

On the console, the enable password is used if it exists. If no password is set, the process still succeeds. This has the same effect as using the command

enable none

Command Mode

aaa authentication enable default

Global Configuration mode.

User Guidelines

• The default and optional list names created with the used with the

enable authentication

command.

aaa authentication enable

command are

• The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error, specify

• All

none

as the final method in the command line.

aaa authentication enable default

requests sent by the device to a RADIUS or TACACS+

server include the username $enabx$., where x is the requested privilege level.

Example

The following example sets the enable password for authentication when accessing higher privilege levels.

Console(config)# aaa authentication enable default enable

login authentication

The login authentication Line Configuration mode command specifies the login authentication method list for a remote telnet or console. Use the no form of this command to return to the default configuration specified by the aaa authentication login command.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

AAA Commands 93

Page 94

Syntax

•

no login authentication

•

default

•

list-name

Default Configuration

Uses the default set with the command

Command Mode

Line Configuration mode.

www.dell.com | support.dell.com

User Guidelines

• Changing login authentication from default to another value may disconnect the telnet session.

Example

The following example specifies the default authentication method for a console.

Console(config)# line console Console(config-line)# login authentication default

list-name

}

— Uses the default list created with the

— Uses the indicated list created with the

aaa authentication login

command.

enable authentication

The enable authentication Line Configuration mode command specifies the authentication method list when accessing a higher privilege level from a remote telnet or console. Use the no form of this command to return to the default configuration specified by the aaa authentication enable command.

Syntax

•

enable authentication {default

•

no enable authentication

•

default

•

list-name

Default Configuration

Uses the default set with the

Command Mode

Line Configuration mode.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

94 AAA Commands

list-name

}

— Uses the default list created with the

— Uses the indicated list created with the

aaa authentication enable

command.

Page 95

User Guidelines

There are no user guidelines for this command.

Example

The following example specifies the default authentication method when accessing a higher privilege level from a console.

Console(config)# line console Console(config-line)# enable authentication default

ip http authentication

The ip http authentication Global Configuration mode command specifies authentication methods for HTTP server users. Use the no form of this command to return to the default configuration.

Syntax

•

ip http authentication

•

no ip http authentication

•

method1 [method2

Keyword Description local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication.

method1 [method2

...]

...] — Specify at least one from the following table:

Default Configuration

The local user database is checked. This has the same effec t as the command

authentication local

Command Mode

ip http

Global Configuration mode.

User Guidelines

• The additional methods of authentication are used only if the previous method returns an error, not if it fails. To ensure that the authentication succeeds even if all methods return an error,

none

specify

as the final method in the command line.

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

AAA Commands 95

Page 96

Example

The following example configures the HTTP authentication.

Console(config)# ip http authentication radius local

ip https authentication

The ip https authentication Global Configuration mode command specifies authentication methods for HTTPS server users. Use the no form of this command to return to the default configuration.

www.dell.com | support.dell.com

Syntax

•

ip https authentication

•

no ip https authentication

•

method1 [method2

Keyword Source or destination local Uses the local username database for authentication. none Uses no authentication. radius Uses the list of all RADIUS servers for authentication. tacacs Uses the list of all TACACS+ servers for authentication.

Default Configuration

The local user database is checked. This has the same effect as the command

authentication local

Command Mode

Global Configuration mode.

User Guidelines

none

method1 [method2

...]

...] — Specify at least one from the following table:

as the final method in the command line.

ip https

Example

The following example configures HTTPS authentication.

Console(config)# ip https authentication radius local

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

96 AAA Commands

Page 97

show authentication methods

The show authentication methods Privileged EXEC mode command displays inform ation about the authentication methods.

Syntax

•

show authentication methods

Default Configuration

This command has no default configuration.

Command Mode

Privileged EXEC mode.

User Guidelines

There are no user guidelines for this command.

Example

The following example displays the authentication configuration.

Console# sh authentication methods Login Authentication Method Lists

--------------------------------Console_Default: None Network_Default:

Local

Enable Authentication Method Lists

---------------------------------Console_Default: Network_Default:

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

Enable, None Enable

AAA Commands 97

Page 98

Line Login Method List Enable Method List

-------------- ----------------- ------------------

Console Default Default Telnet Default Default SSH Default Default

http : Local https : Local dot1x :

www.dell.com | support.dell.com

console#

password

The password Line Configuration mode command specifies a password on a line. Use the no form of this command to remove the password.

Syntax

•

password

•

no password

•

password

•

encrypted

password [encrypted

]

— Password for this level. (Range: 1 - 159 characters)

— Encrypted password to be entered, copied from another device configu ration.

Default Configuration

No password is defined.

Command Mode

Line Configuration mode.

User Guidelines

If a password is defined as encrypted, the required password length is 32 charac ters.

Example

The following example specifies password secret on a console.

Console(config)# line console Console(config-line)# password secret

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

98 AAA Commands

Page 99

enable password

The enable password Global Configuration mode command sets a l ocal password to control access to user and privilege levels. Use the no form of this command to remove t h e p asswo rd re q u i r e m ent.

Syntax

•

enable password [level

•

no enable password [level

•

password

•

level

15)

•

encrypted

Default Configuration

No enable password is defined.

Command Mode

Global Configuration mode.

User Guidelines

There are no user guidelines for this command.

Example

The following example sets local level 15 password secret to control access to privilege levels.

— Password for this level. (Range: 8 - 64 characters)

— Level for which the password applies. If not specified the level is 15. (Range: 1 or

— Encrypted password entered, copied from another device configuration.

level] password [encrypted

level

]

Console(config)# enable password level 15 secret

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

AAA Commands 99

Page 100

username

The username Global Configuration mode command creates a user account in the local database. Use the no form of this command to remove a user name.

Syntax

•

username

•

no username

•

name

•

password

•

www.dell.com | support.dell.com

Default Configuration

Command Mode

• Global Configuration mode

User Guidelines

• User account can be created without a password.

Example

The following example configures user bob with password lee and user level 15 to the system.

level

•

encrypted

No user is defined.

name [password password

name

— The name of the user. (Range: 1 - 20 characters)

— The authentication password for the user. (Range: 8 - 64 characters)

— The user level. (Range: 1 or 15)

— Encrypted password entered, copied from another device configuration.

] [

level level

] [

encrypted

]

Console(config)# username bob password lee level 15

service password-recovery

Use the service password-recovery Global Configuration mode command to enable the passwordrecovery mechanism. This mechanism enables an end user, with physical access to the console port of the device, to enter the boot menu and trigger the password recovery process. Use the no service password-recovery command to disable the password-recovery mechanism. When the passwordrecovery mechanism is disabled, accessing the boot menu is still allowed and the user can trigger the password recovery process. The difference is, that in this case, all the configuration files and all the user files are removed.

Syntax

• service password-recovery

• no service password-recovery

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

100 AAA Commands