Command Line Interface Reference Guide
HP BladeSystem PC Blade Switch
Document Part Number: 413354-002
June 2006
© Copyright 2005, 2006 Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice.
Adobe, Acrobat, and Acrobat Reader are trademarks or registered trademarks of Adobe Systems Incorporated.
The only warranties for HP products and services are set forth in the express warranty statements accompanying
such products and services. Nothing herein should be construed as constituting an additional warranty.
HP shall not be liable for technical or editorial errors or omissions contained herein.
This document contains proprietary information that is protected by copyright. No part of this document may be
photocopied, reproduced, or translated to another language without the prior written consent of Hewlett-Packard
Company.
WARNING: Text set off in this manner indicates that failure to follow directions could result in bodily
Å
harm or loss of life.
CAUTION: Text set off in this manner indicates that failure to follow directions could result in damage to
Ä
equipment or loss of information.
CLI Reference Guide
HP BladeSystem PC Blade Switch
Second Edition (June 2006)
First Edition (December 2005)
Document Part Number:
413354-002
Contents
Command Line Interface
Using the Command Line Interface (CLI) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1–1
Entering Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1–3
Command Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1–7
802.1x Commands
aaa authentication dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–1
dot1x system-auth-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–2
dot1x port-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–3
dot1x re-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–4
dot1x timeout re-authperiod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–5
dot1x re-authenticate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–6
dot1x timeout quiet-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–7
dot1x timeout tx-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–8
dot1x max-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–9
dot1x timeout supp-timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–10
dot1x timeout server-timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–11
show dot1x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–12
show dot1x users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–15
show dot1x statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–16
Advanced Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–18
dot1x auth-not-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–18
dot1x multiple-hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–19
dot1x single-host-violation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–20
dot1x guest-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–21
dot1x guest-vlan enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–22
show dot1x advanced. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2–23
AAA Commands
aaa authentication login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–1
aaa authentication enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–3
login authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–5
enable authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–6
ip http authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–7
ip https authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–8
show authentication methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–9
password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–10
enable password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–11
username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3–12
HP PC Blade Switch CLI Reference Guide www.hp.com iii
Contents
ACL Commands
ip access-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–1
permit (IP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–2
deny (IP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–5
mac access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–7
permit (MAC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–8
deny (MAC). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–9
service-acl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–11
show access-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4–12
Address Table Commands
bridge address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–1
bridge multicast filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–3
bridge multicast address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–4
bridge multicast forbidden address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–5
bridge multicast forward-all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–6
bridge multicast forbidden forward-all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–7
bridge aging-time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–8
clear bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–9
port security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–10
port security mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–11
port security max . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–12
port security routed secure-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–13
show bridge address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–14
show bridge address-table static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–15
show bridge address-table count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–16
show bridge multicast address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–17
show bridge multicast filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–19
show ports security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–20
show ports security addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5–21
iv www.hp.com HP PC Blade Switch CLI Reference Guide
Clock Commands
clock set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–1
clock source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–2
clock timezone. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–3
clock summer-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–4
sntp authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–6
sntp authenticate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–7
sntp trusted-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–8
sntp client poll timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–9
sntp broadcast client enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–10
sntp anycast client enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–11
sntp client enable (Interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–12
sntp unicast client enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–13
sntp unicast client poll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–14
sntp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–15
show clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–16
show sntp configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–17
show sntp status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6–18
Contents
Configuration and Image File Commands
copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7–1
delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7–4
boot system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7–5
show running-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7–6
show startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7–7
show bootvar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7–8
HP PC Blade Switch CLI Reference Guide www.hp.com v
Contents
Ethernet Configuration Commands
interface ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–1
interface range ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–2
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–3
description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–4
speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–5
duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–6
negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–7
flowcontrol. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–8
mdix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–9
back-pressure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–10
clear counters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–11
set interface active . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–12
show interfaces advertise. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–13
show interfaces configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–14
show interfaces status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–15
show interfaces description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–16
show interfaces counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–17
port storm-control include-multicast (IC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–20
port storm-control broadcast enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–21
port storm-control broadcast rate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–22
show ports storm-control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8–23
GVRP Commands
gvrp enable (Global) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–1
gvrp enable (Interface). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–2
garp timer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–3
gvrp vlan-creation-forbid. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–4
gvrp registration-forbid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–5
clear gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–6
show gvrp configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–7
show gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–8
show gvrp error-statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9–9
IGMP Snooping Commands
ip igmp snooping (Global). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–1
ip igmp snooping (Interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–2
nip igmp snooping host-time-out. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–3
ip igmp snooping mrouter-time-out. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–4
ip igmp snooping mrouter learn-pim-dvmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–5
ip igmp snooping leave-time-out. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–6
show ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–7
show ip igmp snooping interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–8
show ip igmp snooping groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10–9
vi www.hp.com HP PC Blade Switch CLI Reference Guide
IP Addressing Commands
ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–1
ip address dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–2
ip default-gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–3
show ip interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–4
arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–5
arp timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–6
clear arp-cache. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–7
show arp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–8
ip domain-lookup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–9
ip domain-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–10
ip name-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–11
ip host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–12
clear host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–13
clear host dhcp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–14
show hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11–15
LACP Commands
lacp system-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12–1
lacp port-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12–2
lacp timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12–3
show lacp ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12–4
show lacp port-channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12–6
Contents
Line Commands
line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–1
speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–2
autobaud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–3
exec-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–4
history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–5
history size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–6
terminal history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–7
terminal history size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–8
show line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13–9
Management ACL Commands
management access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14–1
permit (Management) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14–3
deny (Management). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14–4
management access-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14–5
show management access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14–6
show management access-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14–7
HP PC Blade Switch CLI Reference Guide www.hp.com vii
Contents
PHY Diagnostics Commands
test copper-port tdr. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15–1
show copper-ports tdr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15–2
show copper-ports cable-length. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15–3
show fiber-ports optical-transceiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15–4
Port Channel Commands
interface port-channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16–1
interface range port-channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16–2
channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16–3
show interfaces port-channel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16–4
Port Monitor Commands
port monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17–1
show ports monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17–3
QoS Commands
qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–1
show qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–2
class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–3
show class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–5
match . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–6
policy-map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–7
class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–8
show policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–9
trust cos-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–10
set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–11
police . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–12
service-policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–13
qos aggregate-policer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–14
show qos aggregate-policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–15
police aggregate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–16
wrr-queue cos-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–17
priority-queue out num-of-queues. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–18
traffic-shape. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–19
show qos interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–20
wrr-queue threshold. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–22
qos map dscp-dp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–23
qos map policed-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–24
qos map dscp-queue. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–25
qos trust (Global). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–26
qos cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–28
qos dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
qos map dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18–30
. . . 18–29
viii www.hp.com HP PC Blade Switch CLI Reference Guide
RADIUS Commands
radius-server host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19–1
radius-server key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19–3
radius-server retransmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19–4
radius-server source-ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19–5
radius-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19–6
radius-server deadtime. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19–7
show radius-servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19–8
RMON Commands
show rmon statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–1
rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–4
show rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–5
show rmon history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–6
rmon alarm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–9
show rmon alarm-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–11
show rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–12
rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–14
show rmon events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–15
show rmon log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–16
rmon table-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20–17
Contents
SNMP Commands
snmp-server community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–1
snmp-server view. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–3
snmp-server group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–4
snmp-server user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–5
snmp-server engineid local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–7
snmp-server enable traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–9
snmp-server filter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–10
snmp-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–11
snmp-server v3-host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–13
snmp-server trap authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–14
snmp-server contact. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–15
snmp-server location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–16
snmp-server set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–17
show snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–18
show snmp engineid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–20
show snmp views. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–21
show snmp groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–22
show snmp filters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–23
show snmp users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21–24
HP PC Blade Switch CLI Reference Guide www.hp.com ix
Contents
Spanning-Tree Commands
spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–1
spanning-tree mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–2
spanning-tree forward-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–3
spanning-tree hello-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–4
spanning-tree max-age. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–5
spanning-tree priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–6
spanning-tree disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–7
spanning-tree cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–8
spanning-tree port-priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–9
spanning-tree portfast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–10
spanning-tree link-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–11
spanning-tree pathcost method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–12
spanning-tree bpdu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–13
clear spanning-tree detected-protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–14
spanning-tree mst priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–15
spanning-tree mst max-hops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–16
spanning-tree mst port-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–17
spanning-tree mst cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–18
spanning-tree mst configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–19
instance (mst). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–20
name (mst) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–21
revision (mst). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–22
show (mst) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–23
exit (mst) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–24
abort (mst) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–25
spanning-tree guard root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
show spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–27
spanning-tree pvst-interop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–39
spanning-tree mst mstp-rstp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22–40
. . 22–26
SSH Commands
ip ssh port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–1
ip ssh server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–2
crypto key generate dsa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–3
crypto key generate rsa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–4
ip ssh pubkey-auth. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–5
crypto key pubkey-chain ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–6
user-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–7
key-string. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–8
show ip ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23–10
x www.hp.com HP PC Blade Switch CLI Reference Guide
Syslog Commands
logging on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–1
logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–2
logging console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–3
logging buffered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–4
logging buffered size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–5
clear logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–6
logging file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–7
clear logging file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–8
aaa logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–9
file-system logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–10
management logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–11
show logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–12
show logging file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24–14
System Management Commands
ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–1
traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–3
telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–5
resume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–8
reload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–9
hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–10
show users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–11
show sessions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–12
show system. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–13
show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–14
service cpu-utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–15
show cpu utilization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25–16
Contents
TACACS+ Commands
tacacs-server host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26–1
tacacs-server key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26–3
tacacs-server timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26–4
tacacs-server source-ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26–5
show tacacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26–6
HP PC Blade Switch CLI Reference Guide www.hp.com xi
Contents
User Interface Commands
do . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–1
enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–2
disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–3
login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–4
configure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–5
exit (Configuration) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–6
exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–7
end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–8
help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–9
terminal data-dump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–10
show history. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–11
show privilege . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27–12
VLAN Commands
vlan database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–1
vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–2
interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–3
interface range vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–4
name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–5
switchport mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–6
switchport access vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–7
switchport trunk allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–8
switchport trunk native vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–9
switchport general allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–10
switchport general pvid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–11
switchport general ingress-filtering disable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–12
switchport general acceptable-frame-type tagged-only. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–13
switchport forbidden vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–14
ip internal-usage-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–15
show vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–16
show vlan internal usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–17
show interfaces switchport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28–18
Web Server Commands
ip http server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–1
ip http port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–2
ip https server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–3
ip https port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–4
crypto certificate generate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–5
crypto certificate request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–7
crypto certificate import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–9
ip https certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–11
show crypto certificate mycertificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–12
show ip http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–13
show ip https . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29–14
Index
xii www.hp.com HP PC Blade Switch CLI Reference Guide
Command Line Interface
Using the Command Line Interface (CLI)
Accessing the CLI
When accessing the management interface for the switch over a direct connection to the server’s
console port, or via a Telnet connection, the switch can be managed by entering command
keywords and parameters at the prompt. Using the switch’s command-line interface (CLI) is very
similar to entering commands on a UNIX system.
Console Connection
To access the switch through the console port, perform these steps:
1. At the console prompt, enter the user name and password. When the administrator user name
and password is entered, the CLI displays the “Console#” prompt and enters privileged
access mode (i.e., Privileged Exec). But when the guest user name and password is entered,
the CLI displays the “Console>” prompt and enters normal access mode (i.e., Normal Exec).
2. Enter the necessary commands to complete your desired tasks.
1
3. When finished, exit the session with the “quit” or “exit” command.
After connecting to the system through the console port, the login screen displays:
User Access Verification
Username: admin
Password:
CLI session with the PC Blade Switch is opened.
To end the CLI session, enter [Exit].
Console#
Telnet Connection
Telnet operates over the IP transport protocol. In this environment, your management station and
any network device you want to manage over the network must have a valid IP address. Valid IP
addresses consist of four numbers, 0 to 255, separated by periods. Each address consists of a
network portion and host portion.
For example, the IP address assigned to this switch, 10.1.0.1, consists of a network portion
(10.1.0) and a host portion (1).
The IP address for this switch is unassigned by default.
✎
HP PC Blade Switch CLI Reference Guide www.hp.com 1-1
Command Line Interface
To access the switch through a Telnet session, you must first set the IP address for the switch, and
set the default gateway if you are managing the switch from a different IP subnet.
For example:
Console(config)#interface vlan 1
Console(config-if)#ip address 10.1.0.1 255.255.255.0
Console(config-if)#exit
Console(config)#ip default-gateway 10.1.0.254
If your corporate network is connected to another network outside your office or to the Internet,
you need to apply for a registered IP address. However, if you are attached to an isolated
network, then you can use any IP address that matches the network segment to which you are
attached.
After you configure the switch with an IP address, you can open a Telnet session by performing
these steps:
1. From the remote host, enter the Telnet command and the IP address of the device you want to
access.
2. At the prompt, enter the user name and system password. The CLI will display the
“Console#” prompt for the administrator to show that you are using privileged access mode
(i.e., Privileged Exec), or “Console” for the guest to show that you are using normal access
mode (i.e., Normal Exec).
3. Enter the necessary commands to complete your desired tasks.
4. When finished, exit the session with the “quit” or “exit” command.
After entering the Telnet command, the login screen displays:
Username: admin
Password:
CLI session with the PC Blade Switch is opened.
To end the CLI session, enter [Exit].
Console#
You can open up to four sessions to the device via Telnet.
✎
1-2 www.hp.com CLI Reference Guide
Entering Commands
This section describes how to enter CLI commands.
Keywords and Arguments
A CLI command is a series of keywords and arguments. Keywords identify a command, and
arguments specify configuration parameters. For example, in the command “show interfaces
status ethernet 1/e5,” show interfaces and status are keywords, ethernet is an argument that
specifies the interface type, and 1/5 specifies the port.
You can enter commands as follows:
■ To enter a simple command, enter the command keyword.
■ To enter multiple commands, enter each command in the required order. For example, to
enable Privileged Exec command mode, and display the startup configuration, enter:
Console> enable
Console# show startup-config
■ To enter commands that require parameters, enter the required parameters after the command
keyword. For example, to set a password for the administrator, enter:
Command Line Interface
Console(config)#username admin password smith
Minimum Abbreviation
The CLI will accept a minimum number of characters that uniquely identify a command. For
example, the command “configure” can be entered as con. If an entry is ambiguous, the system
will prompt for further input.
Command Completion
If you terminate input with a Tab key, the CLI will print the remaining characters of a partial
keyword up to the point of ambiguity. In the “logging history” example, typing log followed by a
tab will result in printing the command up to “logging.”
Getting Help on Commands
You can display a brief description of the help system by entering the help command. You can
also display command syntax by using the “?” character to list keywords or parameters.
Show Commands
If you enter a “?” at the command prompt, the system will display the first level of keywords for
the current command class (Normal Exec or Privileged Exec) or configuration class (Global,
ACL, DHCP, Interface, Line, VLAN Database, or MSTP). You can also display a list of valid
keywords for a specific command. For example, the command “show ?” displays a list of
possible show commands.
HP PC Blade Switch CLI Reference Guide www.hp.com 1-3
Command Line Interface
The command “show interfaces ?” will display the following information:
Console# show interfaces ?
counters
protocol-vlan
status s
switchport
Console#
Partial Keyword Lookup
If you terminate a partial keyword with a question mark, alternatives that match the initial letters
are provided. (Remember not to leave a space between the command and question mark.) For
example “s?” shows all the keywords starting with “s.”
Console# show s?
snmp sntp spanning-tree ssh startup-config
system
Console#
Information of interfaces counters
Protocol-vlan information
Information of interfaces status
Information of interfaces switchport
Negating the Effect of Commands
For many configuration commands you can enter the prefix keyword “no” to cancel the effect of
a command or reset the configuration to the default value. For example, the logging command
will log system messages to a host server. To disable logging, specify the no logging command.
This guide describes the negation effect for all applicable commands.
Using Command History
The CLI maintains a history of commands that have been entered. You can scroll back through
the history of commands by pressing the up arrow key. Any command displayed in the history
list can be executed again, or first modified and then executed.
Using the show history command displays a longer list of recently executed commands.
Understanding Command Modes
The command set is divided into Exec and Configuration classes. Exec commands generally
display information on system status or clear statistical counters. Configuration commands, on
the other hand, modify interface parameters or enable certain switching functions. These classes
are further divided into different modes. Available commands depend on the selected mode. You
can always enter a question mark “?” at the prompt to display a list of the commands available
for the current mode.
Exec Commands
When you open a new console session on the switch with the user name and password “guest,”
the system enters the Normal Exec command mode (or guest mode), displaying the “Console>”
command prompt. Only a limited number of the commands are available in this mode. You can
access all commands only from the Privileged Exec command mode (or administrator mode).
1-4 www.hp.com CLI Reference Guide
Command Line Interface
To access the Privilege Exec mode, open a new console session with the user name and password
“admin.” The system will now display the “Console#” command prompt. You can also enter the
Privileged Exec mode from within Normal Exec mode. To enter the Privileged Exec mode, enter
the following user names and passwords:
Username: admin
Password: [admin login password]
CLI session with the PC Blade Switch is opened.
To end the CLI session, enter [Exit].
Console#
Username: guest
Password: [guest login password]
CLI session with the PC Blade Switch is opened.
To end the CLI session, enter [Exit].
Console#enable
Password: [privileged level password]
Console#
Configuration Commands
Configuration commands are privileged level commands used to modify switch settings. These
commands modify the running configuration only and are not saved when the switch is rebooted.
To store the running configuration in non-volatile storage, use the copy running-config
startup-config command.
The configuration commands are organized into different modes:
■ Global Configuration — These commands modify the system level configuration, and
include commands such as hostname and snmp-server community.
■ Access Control List Configuration — These commands are used for packet filtering.
■ DHCP Configuration — These commands are used to configure the DHCP server.
■ Interface Configuration — These commands modify the port configuration such as
speed-duplex and negotiation.
■ Line Configuration — These commands modify the console port and Telnet configuration,
and include command such as parity and databits.
■ Router Configuration — These commands configure global settings for unicast and multicast
routing protocols.
■ VLAN Configuration — Includes the command to create VLAN groups.
■ Multiple Spanning Tree Configuration — These commands configure settings for the
selected multiple spanning tree instance.
HP PC Blade Switch CLI Reference Guide www.hp.com 1-5
Command Line Interface
To enter the Global Configuration mode, enter the command configure in Privileged Exec mode.
The system prompt will change to “Console(config)#” which gives you access privilege to all
Global Configuration commands.
Console# configure
Console(config)#
To enter the other modes, at the configuration prompt type one of the following commands. Use
the exit or end command to return to the Privileged Exec mode.For example, you can use the
following commands to enter interface configuration mode, and then return to Privileged Exec
mode.
Console(config)#interface ethernet 1/e5
Console(config-if)#exit
Console(config)#
Command Line Processing
Commands are not case sensitive. You can abbreviate commands and parameters as long as they
contain enough letters to differentiate them from any other currently available commands or
parameters. You can use the Tab key to complete partial commands, or enter a partial command
followed by the “?” character to display a list of possible matches. You can also use the following
editing keystrokes for command-line processing:
Keystroke Commands
Keystroke Function
Up Arrows Recalls commands from the history buffer, beginning with the most
recent command. Repeat the key sequence to recall successively
older commands.
Down Arrows Returns the most recent commands from the history buffer after
recalling commands with the up arrow key. Repeating the key
sequence will recall successively more recent commands.
Ctrl+A Moves the cursor to the beginning of the command line.
Ctrl+E Moves the cursor to the end of the command line.
Ctrl+Z/ End Returns back to the Privileged EXEC mode from any configuration
mode.
1-6 www.hp.com CLI Reference Guide
Command Groups
The system commands can be broken down into the functional groups shown below.
Command Groups
Command Group Description Page
Command Line Interface
802.1x Commands Specify authentication, authorization and accounting
(AAA) methods for use on interfaces running IEEE
802.1x, and enable 802.1x globally.
AAA Commands Define the authentication method lists for servers. 3-1
ACL Commands Display Access Control Lists (ACLs) defined on the
device.
Address Table Commands Register MAC-layer multicast addresses, and handle
MAC-layer secure address to a routed port.
Clock Commands Show the configuration or status of the Simple
Network Time Protocol (SNTP).
Configuration and Image
File Commands
Ethernet Configuration
Commands
GVRP Commands Display the GARP VLAN Registration Protocol (GVRP)
IGMP Snooping
Commands
IP Addressing Commands Define a default gateway, set an IP address for
Display the contents of the currently running
configuration file, specify contents of image files.
Configure multiple Ethernet type interfaces. 8-1
configuration information, enable GVRP globally or on
an interface.
Enable the Internet Group Management Protocol
(IGMP) snooping.
interface, delete entries from the host.
2-1
4-1
5-1
6-1
7-1
9-1
10-1
11-1
LACP Commands Configure system or port priority using the Link
Aggregation Control Protocol (LACP).
Line Commands Display line parameters, enable the command history
function, or configure the command history buffer size.
Management ACL
Commands
PHY Diagnostics
Commands
Port Channel Commands Enter the interface configuration mode to configure a
Port Monitor Commands Start a port monitoring session, or display the port
QoS Commands Enable Quality of Service (QoS) on the device, create
HP PC Blade Switch CLI Reference Guide www.hp.com 1-7
Define a permit or deny a rule, or configure a
management access control list.
Display the optical transceiver diagnostics. 15-1
specific, or a multiple port-channel.
monitoring status.
policy maps, and define traffic classifications
12-1
13-1
14-1
16-1
17-1
18-1
Command Line Interface
Command Group Description Page
RADIUS Commands Specify the source IP address used for communication
19-1
with Remote Authentication Dial-in User Service
(RADIUS) servers, and display the RADIUS server
settings.
RMON Commands Display the Remote Network Monitoring (RMON)
20-1
Ethernet history statistics, alarms table and
configuration.
SNMP Commands Configure the community access string to permit
21-1
access to the Simple Network Management Protocol
(SNMP) server, create or update SNMP server entries,
and specify SNMP engineID.
Spanning-Tree Commands Configure the spanning-tree functionality. 22-1
SSH Commands Display the Secure Socket Shell (SSH) public keys on
23-1
the device, SSH server configuration, or which SSH
public key is manually configured.
Syslog Commands Log messages to a syslog server, or limit log messages
24-1
to a syslog server.
System Management
Commands
TACACS+ Commands Display configuration and statistical information about
Display and list system, version or Telnet session
information.
25-1
26-1
a Terminal Access Controller Access Control System
(TACACS+) server, or specify a TACACS+ host.
User Interface Commands Display and list system, version or Telnet session
information.
VLAN Commands Enter the (Virtual Local Area Network) VLAN
Configuration mode, enable simultaneously
configuring multiple VLANs, or adds or remove
VLANs.
Web Server Commands Enable configuring the device from a browser, or
display the HTTP server configuration.
27-1
28-1
29-1
1-8 www.hp.com CLI Reference Guide
aaa authentication dot1x
The aaa authentication dot1x Global Configuration mode command specifies one or more
authentication, authorization, and accounting (AAA) methods for use on interfaces running IEEE
802.1x. To return to the default configuration, use the no form of this command.
Syntax
aaa authentication dot1x default method1 [method2...]
no aaa authentication dot1x default
Parameters
■ method1 [method2...] - At least one keyword, as listed in the following table:
Keyword Description
radius Uses the list of all RADIUS servers for authentication.
2
802.1x Commands
none Uses no authentication.
Default Setting
No authentication method is defined.
Command Mode
Global Configuration
Command Usage
Additional methods of authentication are used only if the previous method returns an error and
not if the request for authentication is denied. To ensure that authentication succeeds even if all
methods return an error, specify none as the final method in the command line.
The RADIUS server must support MD-5 challenge and EAP type frames.
Example
The following command uses the aaa authentication dot1x default with no authentication.
Console(config)# aaa authentication dot1x default none
HP PC Blade Switch CLI Reference Guide www.hp.com 2-1
802.1x Commands
dot1x system-auth-control
The dot1x system-auth-control Global Configuration mode command enables 802.1x globally.
To return to the default configuration, use the no form of this command.
Syntax
dot1x system-auth-control
no dot1x system-auth-control
Parameters
There are no parameters for this command.
Default Configuration
802.1x is disabled globally.
Command Modes
Global Configuration mode
Command Usage
There are no user guidelines for this command.
Example
The following command enables 802.1x globally.
Console(config)# dot1x system-auth-control
2-2 www.hp.com HP PC Blade Switch CLI Reference Guide
dot1x port-control
The dot1x port-control Interface Configuration mode command enables manually controlling
the authorization state of the port. To return to the default configuration, use the
command.
Syntax
dot1x port-control {auto | force-authorized | force-unauthorized}
no dot1x port-control
Parameters
■ auto — Enables 802.1x authentication on the interface and causes the port to transition to
the authorized or unauthorized state based on the 802.1x authentication exchange between
the port and the client.
■ force-authorized — Disables 802.1x authentication on the interface and causes the port to
transition to the authorized state without any authentication exchange required. The port
resends and receives normal traffic without 802.1x-based authentication of the client.
■ force-unauthorized — Denies all access through this interface by forcing the port to
transition to the unauthorized state and ignoring all attempts by the client to authenticate.
The device cannot provide authentication services to the client through the interface.
802.1x Commands
no form of this
Default Configuration
Port is in the force-authorized state
Command Mode
Interface Configuration (Ethernet)
Command Usage
It is recommended to disable spanning tree or to enable spanning-tree PortFast mode on 802.1x
edge ports (ports in auto state that are connected to end stations), in order to get immediately to
the forwarding state after successful authentication.
Example
The following command enables 802.1x authentication on Ethernet port 1/e16.
Console(config)# interface ethernet 1/e16
Console(config-if)# dot1x port-control auto
HP PC Blade Switch CLI Reference Guide www.hp.com 2-3
802.1x Commands
dot1x re-authentication
The dot1x re-authentication Interface Configuration mode command enables periodic
re-authentication of the client. To return to the default configuration, use the no form of this
command.
Syntax
dot1x re-authentication
no dot1x re-authentication
Parameters
There are no parameters for this command.
Default Setting
Periodic re-authentication is disabled.
Command Mode
Interface Configuration (Ethernet)
Command Usage
There are no user guidelines for this command.
Example
The following command enables periodic re-authentication of the client.
Console(config)# interface ethernet 1/e16
Console(config-if)# dot1x re-authentication
2-4 www.hp.com HP PC Blade Switch CLI Reference Guide
dot1x timeout re-authperiod
The dot1x timeout re-authperiod Interface Configuration mode command sets the number of
seconds between re-authentication attempts. To return to the default configuration, use the no
form of this command.
Syntax
dot1x timeout re-authperiod seconds
no dot1x timeout re-authperiod
Parameters
■ seconds — Number of seconds between re-authentication attempts.
(Range: 300-4294967295)
Default Setting
Re-authentication period is 3600 seconds.
Command Mode
Interface Configuration (Ethernet) mode
802.1x Commands
Command Usage
There are no user guidelines for this command.
Example
The following command sets the number of seconds between re-authentication attempts, to 300.
Console(config)# interface ethernet 1/e16
Console(config-if)# dot1x timeout re-authperiod
300
HP PC Blade Switch CLI Reference Guide www.hp.com 2-5
802.1x Commands
dot1x re-authenticate
The dot1x re-authenticate Privileged EXEC mode command manually initiates a
re-authentication of all 802.1x-enabled ports or the specified 802.1x-enabled port.
Syntax
dot1x re-authenticate [ethernet interface]
Parameters
■ interface — Valid Ethernet port. (Full syntax: port)
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Example
The following command manually initiates a re-authentication of 802.1x-enabled Ethernet port
1/e16.
Console# dot1x re-authenticate ethernet 1/e16
2-6 www.hp.com HP PC Blade Switch CLI Reference Guide
dot1x timeout quiet-period
The dot1x timeout quiet-period Interface Configuration mode command sets the number of
seconds that the device remains in the quiet state following a failed authentication exchange (for
example, the client provided an invalid password). To return to the default configuration, use the
no form of this command.
Syntax
dot1x timeout quiet-period seconds
no dot1x timeout quiet-period
Parameters
■ seconds — Specifies the time in seconds that the device remains in the quiet state following a
failed authentication exchange with the client. (Range: 0-65535 seconds)
Default Setting
The default quiet period is 60 seconds.
Command Mode
802.1x Commands
Interface Configuration (Ethernet) mode
Command Usage
During the quiet period, the device does not accept or initiate authentication requests.
The default value of this command should only be changed to adjust for unusual circumstances,
such as unreliable links or specific behavioral problems with certain clients and authentication
servers.
To provide a faster response time to the user, a smaller number than the default value should be
entered.
Example
In the following example, the number of seconds that the device remains in the quiet state
following a failed authentication exchange, is set to 3600.
Console(config)# interface ethernet 1/e16
Console(config-if)# dot1x timeout quiet-period 3600
HP PC Blade Switch CLI Reference Guide www.hp.com 2-7
802.1x Commands
dot1x timeout tx-period
The dot1x timeout tx-period Interface Configuration mode command sets the number of
seconds that the device waits for a response to an Extensible Authentication Protocol
(EAP)-request/identity frame from the client before resending the request. To return to the
default configuration, use the no form of this command.
Syntax
dot1x timeout tx-period seconds
no dot1x timeout tx-period
Parameters
■ seconds — Specifies the time in seconds that the device waits for a response to an
EAP-request/identity frame from the client before resending the request.
(Range: 1-65535 seconds)
Default Configuration
Timeout period is 30 seconds.
Command Mode
Interface Configuration (Ethernet) mode
Command Usage
The default value of this command should be changed only to adjust for unusual circumstances,
such as unreliable links or specific behavioral problems with certain clients and authentication
servers.
Example
The following command sets the number of seconds that the device waits for a response to an
EAP-request/identity frame, to 3600 seconds.
Console(config)# interface ethernet 1/e16
Console(config-if)# dot1x timeout tx-period 3600
2-8 www.hp.com HP PC Blade Switch CLI Reference Guide
dot1x max-req
The dot1x max-req Interface Configuration mode command sets the maximum number of times
that the device sends an Extensible Authentication Protocol (EAP)-request/identity frame
(assuming that no response is received) to the client, before restarting the authentication process.
To return to the default configuration, use the no form of this command.
Syntax
dot1x max-req count
no dot1x max-req
Parameters
■ count — Number of times that the device sends an EAP-request/identity frame before
restarting the authentication process. (Range: 1-10)
Default Configuration
The default number of times is 2.
Command Mode
802.1x Commands
Interface Configuration (Ethernet) mode
Command Usage
The default value of this command should be changed only to adjust for unusual circumstances,
such as unreliable links or specific behavioral problems with certain clients and authentication
servers.
Example
The following command sets the number of times that the device sends an EAP-request or
identity frame, to 6.
Console(config)# interface ethernet 1/e16
Console(config-if)# dot1x max-req 6
HP PC Blade Switch CLI Reference Guide www.hp.com 2-9
802.1x Commands
dot1x timeout supp-timeout
The dot1x timeout supp-timeout Interface Configuration mode command sets the time for the
retransmission of an Extensible Authentication Protocol (EAP)-request frame to the client. To
return to the default configuration, use the no form of this command.
Syntax
dot1x timeout supp-timeout seconds
no dot1x timeout supp-timeout
Parameters
■ seconds — Time in seconds that the device waits for a response to an EAP-request frame
from the client before resending the request. (Range: 1-65535 seconds)
Default Configuration
Default timeout period is 30 seconds.
Command Mode
Interface configuration (Ethernet) mode
Command Usage
The default value of this command should be changed only to adjust for unusual circumstances,
such as unreliable links or specific behavioral problems with certain clients and authentication
servers.
Example
The following command sets the timeout period before retransmitting an EAP-request frame to
the client to 3600 seconds.
Console(config-if)# dot1x timeout supp-timeout 3600
2-10 www.hp.com HP PC Blade Switch CLI Reference Guide
dot1x timeout server-timeout
The dot1x timeout server-timeout Interface Configuration mode command sets the time that the
device waits for a response from the authentication server. To return to the default configuration,
use the no form of this command.
Syntax
dot1x timeout server-timeout seconds
no dot1x timeout server-timeout
Parameters
■ seconds — Time in seconds that the device waits for a response from the authentication
server. (Range: 1-65535 seconds)
Default Configuration
The timeout period is 30 seconds.
Command Mode
Interface configuration (Ethernet) mode
802.1x Commands
Command Usage
The actual timeout can be determined by comparing the dot1x timeout server-timeout value
and the result of multiplying the radius-server retransmit value with the radius-server
timeout value and selecting the lower of the two values.
Example
The following command sets the time for the retransmission of packets to the authentication
server to 3600 seconds.
Console(config-if)# dot1x timeout server-timeout 3600
HP PC Blade Switch CLI Reference Guide www.hp.com 2-11
802.1x Commands
show dot1x
The show dot1x Privileged EXEC mode command displays the 802.1x status of the device or
specified interface.
Syntax
show dot1x [ethernet interface]
Parameters
■ interface — Valid Ethernet port. (Full syntax: port)
Default Configuration
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Example
The following command displays the status of 802.1x-enabled Ethernet ports.
Console# show dot1x
802.1x is enabled
Port Admin Mode Oper Mode Reauth Control Reauth Period Username
---- ---------- --------- ------- ------ --------
1/e1 Auto Authorized Ena 3600 Bob
1/e2 Auto Authorized Ena 3600 John
1/e3 Auto Unauthorized Ena 3600 Clark
1/e4 Force-auth Authorized Dis 3600 n/a
1/e5 Force-auth Unauthorized* Dis 3600 n/a
* Port is down or not present.
Console# show dot1x ethernet 1/e3
802.1x is enabled.
Port Admin Mode Oper Mode Reauth Control Reauth Period Username
---- ---------- --------- ------- ------ --------
1/e3 Auto Unauthorized Ena 3600 Clark
2-12 www.hp.com HP PC Blade Switch CLI Reference Guide
Quiet period: 60 Seconds
Tx period:30 Seconds
Max req: 2
Supplicant timeout: 30 Seconds
Server timeout: 30 Seconds
Session Time (HH:MM:SS): 08:19:17
MAC Address: 00:08:78:32:98:78
Authentication Method: Remote
Termination Cause: Supplicant logoff
Authenticator State Machine
State: HELD
Backend State Machine
State: IDLE
Authentication success: 9
Authentication fails: 1
802.1x Commands
The following table describes significant fields shown in the example:
Field Description
Port The port number.
Admin mode The port admin mode. Possible values: FoTrce-auth, Force-unauth,
Auto.
Oper mode The port oper mode. Possible values: Authorized, Unauthorized or
Down.
Reauth Control Reauthentication control.
Reauth Period Reauthentication period.
Username The username representing the identity of the Supplicant. This field
shows the username in case the port control is auto. If the port is
Authorized, it shows the username of the current user. If the port is
unauthorized it shows the last user that was authenticated
successfully.
Quiet period The number of seconds that the device remains in the quiet state
following a failed authentication exchange (for example, the client
provided an invalid password).
Tx period The number of seconds that the device waits for a response to an
Extensible Authentication Protocol (EAP)-request/identity frame
from the client before resending the request.
Max req The maximum number of times that the device sends an Extensible
Supplicant timeout Time in seconds the switch waits for a response to an EAP-request
HP PC Blade Switch CLI Reference Guide www.hp.com 2-13
Authentication Protocol (EAP)-request frame (assuming that no
response is received) to the client before restarting the
authentication process.
frame from the client before resending the request.
802.1x Commands
Field Description
Server timeout Time in seconds the switch waits for a response from the
Session Time The amount of time the user is logged in.
MAC address The supplicant MAC address.
Authentication Method The authentication method used to establish the session.
Termination Cause The reason for the session termination.
State The current value of the Authenticator PAE state machine and of the
Authentication success The number of times the state machine received a Success message
Authentication fails The number of times the state machine received a Failure message
authentication server before resending the request.
Backend state machine.
from the Authentication Server.
from the Authentication Server.
2-14 www.hp.com HP PC Blade Switch CLI Reference Guide
show dot1x users
The show dot1x users Privileged EXEC mode command displays active 802.1x authenticated
users for the device.
Syntax
show dot1x users [username username]
Parameters
■ username — Supplicant username (Range: 1-160 characters)
Default Configuration
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
802.1x Commands
Example
The following commands display 802.1x users.
Console# show dot1x users
Port Username Session Time Auth Method MAC Address
----- -------- ------------ ----------- --------------
1/e1 Bob 1d:03:08.58 Remote 0008:3b79:8787
1/e2 John 08:19:17 None 0008:3b89:3127
Console# show dot1x users username
Username: Bob
Port Username Session Time Auth Method MAC Address
----- -------- ------------ ----------- --------------
1/e1 Bob 1d:03:08.58 Remote 0008:3b79:8787
Bob
The following table describes the significant fields shown in the example:
Keyword Description
Port The port number.
Username The username representing the identity of the Supplicant.
Session Time The period of time the Supplicant is connected to the system.
Authentication Method Authentication method used by the Supplicant to open the session.
MAC Address MAC address of the Supplicant.
HP PC Blade Switch CLI Reference Guide www.hp.com 2-15
802.1x Commands
show dot1x statistics
The show dot1x statistics Privileged EXEC mode command displays 802.1x statistics for the
specified interface.
Syntax
show dot1x statistics ethernet
interface
Parameters
■ interface — Valid Ethernet port. (Full syntax: port)
Default Configuration
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Example
The following command displays 802.1x statistics for the specified interface.
Console# show dot1x statistics ethernet 1/e1
EapolFramesRx: 11
EapolFramesTx: 12
EapolStartFramesRx: 12
EapolLogoffFramesRx: 1
EapolRespIdFramesRx: 3
EapolRespFramesRx: 6
EapolReqIdFramesTx: 3
EapolReqFramesTx: 6
InvalidEapolFramesRx: 0
EapLengthErrorFramesRx: 0
LastEapolFrameVersion: 1
LastEapolFrameSource: 00:08:78:32:98:78
The following table describes the significant fields shown in the example:
Keyword Description
EapolFramesRx The number of valid EAPOL frames of any type that have been
EapolFramesTx The number of EAPOL frames of any type that have been transmitted
2-16 www.hp.com HP PC Blade Switch CLI Reference Guide
received by this Authenticator.
by this Authenticator.
802.1x Commands
Keyword Description
EapolStartFramesRx The number of EAPOL Start frames that have been received by this
Authenticator.
EapolLogoffFramesRx The number of EAPOL Logoff frames that have been received by this
Authenticator.
EapolRespIdFramesRx The number of EAP Resp/Id frames that have been received by this
Authenticator.
EapolRespFramesRx The number of valid EAP Response frames (other than Resp/Id
frames) that have been received by this Authenticator.
EapolReqIdFramesTx The number of EAP Req/Id frames that have been transmitted by this
Authenticator.
EapolReqFramesTx The number of EAP Request frames (other than Rq/Id frames) that
have been transmitted by this Authenticator.
InvalidEapolFramesRx The number of EAPOL frames that have been received by this
Authenticator in which the frame type is not recognized.
EapLengthErrorFramesRx The number of EAPOL frames that have been received by this
Authenticator in which the Packet Body Length field is invalid.
LastEapolFrameVersion The protocol version number carried in the most recently received
EAPOL frame.
LastEapolFrameSource The source MAC address carried in the most recently received EAPOL
frame.
HP PC Blade Switch CLI Reference Guide www.hp.com 2-17
802.1x Commands
Advanced Features
dot1x auth-not-req
The dot1x auth-not-req Interface Configuration mode command enables unauthorized devices
access to the VLAN. To disable access to the VLAN, use the no form of this command.
Syntax
dot1x auth-not-req
no dot1x auth-not-req
Parameters
There are no parameters for this command.
Default Configuration
Access is enabled.
Command Mode
Interface Configuration (VLAN) mode
Command Usage
An access port cannot be a member in an unauthenticated VLAN.
The native VLAN of a trunk port cannot be an unauthenticated VLAN.
For a general port, the PVID can be an unauthenticated VLAN (although only tagged packets
would be accepted in the unauthorized state.)
Example
The following command enables access to the VLAN to unauthorized devices.
Console(config-if)# dot1x auth-not-req
2-18 www.hp.com HP PC Blade Switch CLI Reference Guide
dot1x multiple-hosts
The dot1x multiple-hosts Interface Configuration mode command enables multiple hosts
(clients) on an 802.1x-authorized port, where the authorization state of the port is set to auto. To
return to the default configuration, use the no form of this command.
Syntax
dot1x multiple-hosts
no dot1x multiple-hosts
Parameters
There are no parameters for this command.
Default Configuration
Multiple hosts are disabled.
Command Mode
Interface Configuration (Ethernet) mode
802.1x Commands
Command Usage
This command enables the attachment of multiple clients to a single 802.1x-enabled port. In this
mode, only one of the attached hosts must be successfully authorized for all hosts to be granted
network access. If the port becomes unauthorized, all attached clients are denied access to the
network.
For unauthenticated VLANs, multiple hosts are always enabled.
Multiple-hosts must be enabled to enable port security on the port.
Example
The following command enables multiple hosts (clients) on an 802.1x-authorized port.
Console(config-if)# dot1x multiple-hosts
HP PC Blade Switch CLI Reference Guide www.hp.com 2-19
802.1x Commands
dot1x single-host-violation
The dot1x single-host-violation Interface Configuration mode command configures the action
to be taken, when a station whose MAC address is not the supplicant MAC address, attempts to
access the interface. Use the no form of this command to return to default.
Syntax
dot1x single-host-violation {forward | discard | discard-shutdown} [trap seconds]
no port dot1x single-host-violation
Parameters
■ forward — Forwards frames with source addresses that are not the supplicant address, but
does not learn the source addresses.
■ discard — Discards frames with source addresses that are not the supplicant address.
■ discard-shutdown — Discards frames with source addresses that are not the supplicant
address. The port is also shut down.
■ trap — Indicates that SNMP traps are sent.
■ seconds — Specifies the minimum amount of time in seconds between consecutive traps.
(Range: 1-1000000
)
Default Setting
Frames with source addresses that are not the supplicant address are discarded.
No traps are sent.
Command Mode
Interface Configuration (Ethernet) mode
Command Usage
The command is relevant when multiple hosts is disabled and the user has been successfully
authenticated.
Example
The following command forwards frames with source addresses that are not the supplicant
address and sends consecutive traps at intervals of 100 seconds.
Console(config-if)# dot1x single-host-violation forward trap 100
2-20 www.hp.com HP PC Blade Switch CLI Reference Guide
dot1x guest-vlan
The dot1x guest-vlan Interface Configuration mode command defines a guest VLAN. To return
to the default configuration, use the no form of this command.
Syntax
dot1x guest-vlan
no dot1x guest-vlan
Parameters
There are no parameters for this command.
Default Setting
No VLAN is defined as a guest VLAN.
Command Mode
Interface Configuration (VLAN) mode
Command Usage
802.1x Commands
Use the dot1x guest-vlan enable Interface Configuration mode command to enable
unauthorized users on an interface to access the guest VLAN.
If the guest VLAN is defined and enabled, the port automatically joins the guest VLAN when the
port is unauthorized and leaves it when the port becomes authorized. To be able to join or leave
the guest VLAN, the port should not be a static member of the guest VLAN.
Example
The following command defines VLAN 2 as a guest VLAN.
Console#
Console# configure
Console(config)# vlan database
Console(config-vlan)# vlan
Console(config-vlan)# exit
Console(config)# interface vlan 2
Console(config-if)# dot1x guest-vlan
2
HP PC Blade Switch CLI Reference Guide www.hp.com 2-21
802.1x Commands
dot1x guest-vlan enable
The dot1x vlans guest-vlan enable Interface Configuration mode command enables
unauthorized users on the interface access to the Guest VLAN. To disable access, use the no
form of this command
Syntax
dot1x guest-vlan enable
no dot1x guest-vlan enable
Parameters
There are no parameters for this command.
Default Setting
Disabled.
Command Mode
Interface Configuration (Ethernet) mode
Command Usage
A device can have only one global guest VLAN. The guest VLAN is defined using the dot1x
guest-vlan Interface Configuration mode command.
Example
The following command enables unauthorized users on Ethernet port 1/e1 to access the guest VLAN.
Console# configure
Console(config)# interface ethernet 1/e1
Console(config-if)# dot1x guest-vlan enable
2-22 www.hp.com HP PC Blade Switch CLI Reference Guide
show dot1x advanced
The show dot1x advanced Privileged EXEC mode command displays 802.1x advanced features
for the device or specified interface.
Syntax
show dot1x advanced [ethernet interface]
Parameters
■ interface — Valid Ethernet port. (Full syntax: port)
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
802.1x Commands
Example
The following command displays 802.1x advanced features for the device.
Console# show dot1x advanced
Guest VLAN: 2
Unauthenticated VLANs: 91,92
Interface Multiple Hosts Guest VLAN
--------- -------------- ----------
1/e1 Disabled Enabled
1/e2 Enabled Disabled
Console# show dot1x advanced ethernet 1/e1
Interface Multiple Hosts Guest VLAN
--------- -------------- ----------
1/e1 Disabled Enabled
Single host parameters
Violation action: Discard
Trap: Enabled
Trap frequency: 100
Status: Single-host locked
Violations since last trap: 9
HP PC Blade Switch CLI Reference Guide www.hp.com 2-23
802.1x Commands
2-24 www.hp.com HP PC Blade Switch CLI Reference Guide
aaa authentication login
The aaa authentication login Global Configuration mode command defines login
authentication. To return to the default configuration, use the no form of this command.
Syntax
aaa authentication login {default | list-name} method1 [method2...]
3
AAA Commands
no aaa authentication login {
Parameters
■ default — Uses the listed authentication methods that follow this argument as the default list
of methods when a user logs in.
■ list-name — Character string used to name the list of authentication methods activated when
a user logs in. (Range: 1-12 characters).
■ method1 [method2...] — Specify at least one from the following table:
Keyword Description
enable Uses the enable password for authentication.
line Uses the line password for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
Default Setting
The local user database is checked. This has the same effect as the command
list-name local.
default | list-name}
aaa authentication login
On the console, login succeeds without any authentication check if the authentication method is
✎
not defined.
Command Mode
Global Configuration mode
Command Usage
The default and optional list names created with the
with the login authentication
HP PC Blade Switch CLI Reference Guide www.hp.com 3-1
aaa authentication login command are used
command.
AAA Commands
Create a list by entering the aaa authentication login list-name method command for a
particular protocol, where list-name is any character string used to name this list. The method
argument identifies the list of methods that the authentication algorithm tries, in the given
sequence.
The additional methods of authentication are used only if the previous method returns an error,
not if it fails. To ensure that the authentication succeeds even if all methods return an error,
specify none as the final method in the command line.
Example
The following command configures the authentication login.
Console(config)# aaa authentication login default radius local enable none
3-2 www.hp.com HP PC Blade Switch CLI Reference Guide
aaa authentication enable
The aaa authentication enable Global Configuration mode command defines authentication
method lists for accessing higher privilege levels. To return to the default configuration, use the
no form of this command.
Syntax
aaa authentication enable {default | list-name} method1 [method2...]
no aaa authentication enable {default | list-name}
Parameters
■ default — Uses the listed authentication methods that follow this argument as the default list
of methods, when using higher privilege levels.
■ list-name — Character string used to name the list of authentication methods activated, when
using access higher privilege levels (Range: 1-12 characters).
■ method1 [method2...] — Specify at least one keyword from the following table:
Keyword Description
enable Uses the enable password for authentication.
AAA Commands
line Uses the line password for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication. Uses username
$enabx$., where x is the privilege level.
tacacs Uses the list of all TACACS+ servers for authentication. Uses username
"$enabx$." where x is the privilege level.
Default Setting
If the default
list is not set, only the enable password is checked. This has the same effect as the
command aaa authentication enable default enable.
On the console, the enable password is used if it exists. If no password is set, the process still
succeeds. This has the same effect as using the command aaa authentication enable default
enable none.
Command Mode
Global Configuration mode
Command Usage
The default and optional list names created with the
used with the enable authentication
command.
aaa authentication enable command are
The additional methods of authentication are used only if the previous method returns an error,
not if it fails. To ensure that the authentication succeeds even if all methods return an error,
specify none as the final method in the command line.
All aaa authentication enable
server include the username $enabx$., where x is the requested privilege level.
HP PC Blade Switch CLI Reference Guide www.hp.com 3-3
default requests sent by the device to a RADIUS or TACACS+
AAA Commands
Example
The following command sets the enable password for authentication when accessing higher
privilege levels.
Console(config)# aaa authentication enable default enable
3-4 www.hp.com HP PC Blade Switch CLI Reference Guide
login authentication
The login authentication Line Configuration mode command specifies the login authentication
method list for a remote telnet or console. To return to the default configuration specified by the
aaa authentication login
Syntax
login authentication {default | list-name}
no login authentication
Parameters
■ default — Uses the default list created with the aaa authentication login command.
■ list-name — Uses the indicated list created with the aaa authentication login command.
Default Setting
Uses the default set with the command aaa authentication login.
Command Mode
Line Configuration mode
AAA Commands
command, use the no form of this command.
Command Usage
Changing login authentication from default to another value may disconnect the telnet session.
Example
The following command specifies the default authentication method for a console.
Console(config)# line console
Console(config-line)# login authentication default
HP PC Blade Switch CLI Reference Guide www.hp.com 3-5
AAA Commands
enable authentication
The enable authentication Line Configuration mode command specifies the authentication
method list when accessing a higher privilege level from a remote telnet or console. To return to
the default configuration specified by the aaa authentication enable command, use the no form
of this command.
Syntax
enable authentication {default | list-name}
no enable authentication
Parameters
■ default — Uses the default list created with the aaa authentication enable command.
■ list-name — Uses the indicated list created with the aaa authentication enable command.
Default Setting
Uses the default set with the aaa authentication enable command.
Command Mode
Line Configuration mode
Command Usage
There are no user guidelines for this command.
Example
The following command specifies the default authentication method when accessing a higher
privilege level from a console.
Console(config)# line console
Console(config-line)# enable authentication default
3-6 www.hp.com HP PC Blade Switch CLI Reference Guide
ip http authentication
The ip http authentication Global Configuration mode command specifies authentication
methods for HTTP server users. To return to the default configuration, use the no form of this
command.
Syntax
ip http authentication method1 [method2...]
no ip http authentication
Parameters
■ method1 [method2...] — Specify at least one from the following table:
Keyword Description
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
AAA Commands
Default Setting
The local user database is checked. This has the same effect as the command ip http
authentication
local.
Command Mode
Global Configuration mode
Command Usage
The additional methods of authentication are used only if the previous method returns an error,
not if it fails. To ensure that the authentication succeeds even if all methods return an error,
specify none as the final method in the command line.
Example
The following command configures the HTTP authentication.
Console(config)# ip http authentication radius local
HP PC Blade Switch CLI Reference Guide www.hp.com 3-7
AAA Commands
ip https authentication
The ip https authentication Global Configuration mode command specifies authentication
methods for HTTPS server users. To return to the default configuration, use the no form of this
command.
Syntax
ip https authentication method1 [method2...]
no ip https authentication
Parameters
■ method1 [method2...] — Specify at least one from the following table:
Keyword Source or Destination
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
Default Setting
The local user database is checked. This has the same effect as the command ip https
authentication
local.
Command Mode
Global Configuration mode
Command Usage
The additional methods of authentication are used only if the previous method returns an error,
not if it fails. To ensure that the authentication succeeds even if all methods return an error,
specify none as the final method in the command line.
Example
The following command configures HTTPS authentication.
Console(config)# ip https authentication radius local
3-8 www.hp.com HP PC Blade Switch CLI Reference Guide
show authentication methods
The show authentication methods privileged EXEC mode command displays information
about the authentication methods.
Syntax
show authentication methods
Parameters
There are no parameters for this command.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
AAA Commands
Example
The following command displays the authentication configuration.
Console# show authentication methods
---------------------------------
Default: RADIUS, Local, Line
Console_Login:
Enable Authentication Method Lists
----------------------------------
Default: RADIUS, Enable
Console_Enable:
Line Login Method List Enable Method List
-------------- ----------------- ------------------
Console Console_Login Console_Enable
Telnet Default Default
SSH Default Default
Line, None
Enable, None
http: RADIUS, Local
https: RADIUS, Local
dot1x: RADIUS
HP PC Blade Switch CLI Reference Guide www.hp.com 3-9
AAA Commands
password
The password Line Configuration mode command specifies a password on a line. To remove the
password, use the no form of this command.
Syntax
password
password [encrypted]
no password
Parameters
■ password — Password for this level (Range: 1-160 characters).
■ encrypted — Encrypted password to be entered, copied from another device configuration.
Default Setting
No password is defined.
Command Mode
Line Configuration mode
Command Usage
If a password is defined as encrypted, the required password length is 32 characters.
Example
The following command specifies password secret on a console.
Console(config)# line console
Console(config-line)# password
secret
3-10 www.hp.com HP PC Blade Switch CLI Reference Guide
enable password
The enable password Global Configuration mode command sets a local password to control
access to user and privilege levels. To remove the password requirement, use the no form of this
command.
Syntax
enable password [level level] password [encrypted]
no enable password [level level]
Parameters
■ password — Password for this level (Range: 1-159 characters).
■ level — The user privilege level with the following options:
❏ 1 — Allows access but not configuration rights.
❏ 15 — Enables access and configuration rights.
■ encrypted — Encrypted password entered, copied from another device configuration.
Default Configuration
AAA Commands
No enable password is defined.
Command Mode
Global Configuration mode
Command Usage
There are no user guidelines for this command.
Example
The following example sets local level 15 password secret to control access to user and privilege
levels.
Console(config)# enable password level 15 secret
HP PC Blade Switch CLI Reference Guide www.hp.com 3-11
AAA Commands
username
The username Global Configuration mode command creates a user account in the local
database. To remove a user name, use the no form of this command.
Syntax
username name [password password] [level level] [encrypted]
no username name
Parameters
■ name — The name of the user (Range: 1- 20 characters).
■ password — The authentication password for the user (Range: 1-159 characters).
■ level — The user privilege level with the following options:
❏ 1 — Allows access but not configuration rights.
❏ 15 — Enables access and configuration rights.
■ encrypted — Encrypted password entered, copied from another device configuration.
Default Configuration
No user is defined.
Command Mode
Global Configuration mode
Command Usage
User account can be created without a password.
Example
The following example configures user bob with password lee and user level 15 to the system.
Console(config)# username bob password lee level 15
3-12 www.hp.com HP PC Blade Switch CLI Reference Guide
ip access-list
The ip access-list Global Configuration command enables the IP-Access Configuration mode
and creates Layer 3 ACLs. To delete an ACL, use the no form of this command.
Syntax
ip access-list name
4
ACL Commands
no ip access-list
Parameters
■ name — Specifies the name of the ACL.
Default Setting
The default for all ACLs is deny-all.
Command Mode
Global Configuration mode
Command Usage
Up to 1018 rules can be defined on the device, depending on the type of rule defined.
Example
The following command creates an IP ACL.
Console(config)# ip access-list ip-acl1
Console(config-ip-al)#
name
HP PC Blade Switch CLI Reference Guide www.hp.com 4-1
ACL Commands
permit (IP)
The permit IP-Access List Configuration mode command permits traffic if the conditions
defined in the permit statement match.
Syntax
permit {any | protocol} {any
| {source source-wildcard}} {any | {destination
destination-wildcard}} [dscp dscp number | ip-precedence ip-precedence]
permit-icmp {any
| {source source-wildcard}} {any | {destination destination-wildcard}} {any
| icmp-type} {any | icmp-code} [dscp number | ip-precedence number]
permit-igmp {any
| {source source-wildcard}} {any | {destination destination-wildcard}} {any
| igmp-type} [dscp number | ip-precedence number]
permit-tcp {any | { source source-wildcard}} {any
destination-wildcard}} {any
| destination-port} [dscp number | ip-precedence number] [flags
| source-port} {any |{ destination
list-of-flags]
permit-udp {any
destination-wildcard}} {any
| { source source-wildcard}} {any | source-port} {any | {destination
| destination-port} [dscp number | ip-precedence number]
Parameters
■ source — Specifies the source IP address of the packet. Specify any to indicate IP address
0.0.0.0 and mask 255.255.255.255.
■ source-wildcard — Specifies wildcard to be applied to the source IP address. Use 1s in bit
positions to be ignored. Specify any to indicate IP address 0.0.0.0 and mask
255.255.255.255.
■ destination — Specifies the destination IP address of the packet. Specify any to indicate IP
address 0.0.0.0 and mask 255.255.255.255.
■ destination-wildcard — Specifies wildcard to be applied to the destination IP address. Use 1s
in bit positions to be ignored. Specify any to indicate IP address 0.0.0.0 and mask
255.255.255.255.
■ protocol — Specifies the abbreviated name or number of an IP protocol. (Range: 0-255)
The following table lists protocols that can be specified:
IP Protocol Abbreviated Name Protocol Number
Internet Control Message Protocol icmp 1
Internet Group Management Protocol igmp 2
IP in IP (encapsulation) Protocol ipinip 4
Transmission Control Protocol tcp 6
Exterior Gateway Protocol egp 8
Interior Gateway Protocol igp 9
User Datagram Protocol udp 17
Host Monitoring Protocol hmp 20
Reliable Data Protocol rdp 27
Inter-Domain Policy Routing Protocol idpr 35
4-2 www.hp.com HP PC Blade Switch CLI Reference Guide
ACL Commands
IP Protocol Abbreviated Name Protocol Number
Ipv6 Protocol ipv6 41
Routing Header for IPv6 ipv6-route 43
Fragment Header for IPv6 ipv6-frag 44
Inter-Domain Routing Protocol idrp 45
Reservation Protocol rsvp 46
General Routing Encapsulation gre 47
Encapsulating Security Payload (50) esp 50
Authentication Header ah 51
ICMP for IPv6Protocol ipv6-icmp 58
EIGRP Routing Protocol eigrp 88
Open Shortest Path Protocol ospf 89
Protocol Independent Multicast pim 103
Layer Two Tunneling Protocol l2tp 115
ISIS over IPv4 Protocol isis 124
(any IP protocol) any (25504)
■ DSCP — Indicates matching the dscp number with the packet DSCP value.
■ ip-precedence — Indicates matching ip-precedence with the packet ip-precedence value.
■ icmp-type — Specifies an ICMP message type for filtering ICMP packets. Enter a value or
one of the following values: echo-reply, destination-unreachable, source-quench,
redirect, alternate-host-address, echo-request, router-advertisement,
router-solicitation, time-exceeded, parameter-problem, timestamp, timestamp-reply,
information-request, information-reply, address-mask-request, address-mask-reply,
traceroute, datagram-conversion-error, mobile-host-redirect, ipv6-where-are-you,
ipv6-i-am-here, mobile-registration-request, mobile-registration-reply,
domain-name-request, domain-name-reply, skip and photuris. (Range: 0-255)
■ icmp-code — Specifies an ICMP message code for filtering ICMP packets. ICMP packets
that are filtered by ICMP message type can also be filtered by the ICMP message code.
(Range: 0-255)
■ igmp-type — IGMP packets can be filtered by IGMP message type. Enter a number or one of
the following values: dvmrp, host-query, host-report, pim or trace, host-report-v2,
host-leave-v2, host-report-v3 (Range: 0-255)
■ destination-port — Specifies the UDP/TCP destination port. (Range: 0-65535)
■ source-port — Specifies the UDP/TCP source port. (Range: 0-65535)
■ list-of-flags — Specifies a list of TCP flags that can be triggered. If a flag is set, it is prefixed
by “+”. If a flag is not set, it is prefixed by “-”. Possible values: +urg, +ack, +psh, +rst,
+syn, +fin, -urg, -ack, -psh, -rst, -syn and -fin. The flags are concatenated into one string.
For example: +fin-ack.
HP PC Blade Switch CLI Reference Guide www.hp.com 4-3
ACL Commands
Default Setting
No IPv4 ACL is defined.
Command Mode
IP-Access List Configuration mode
Command Usage
Use the ip access-list Global Configuration mode command to enable the IP-Access List
Configuration mode.
Before an Access Control Element (ACE) is added to an ACL, all packets are permitted. After an
ACE is added, an implied deny-any-any condition exists at the end of the list and those packets
that do not match the conditions defined in the permit statement are denied.
Example
The following command define a permit statement for an IP ACL.
Console(config)# ip access-list ip-acl1
Console(config-ip-al)# permit
rsvp 192.1.1.1 0.0.0.0 any dscp 56
4-4 www.hp.com HP PC Blade Switch CLI Reference Guide
deny (IP)
The deny IP-Access List Configuration mode command denies traffic if the conditions defined in
the deny statement match.
Syntax
ACL Commands
deny [disable-port] {any | protocol} {any
| {source source-wildcard}} {any | {destination
destination-wildcard}} [dscp dscp number | ip-precedence ip-precedence]
deny {any | protocol} {any | {source source-wildcard}} {any | {destination
destination-wildcard}} [dscp dscp-number | ip-precedence ip-precedence]
deny-icmp {any | {source source-wildcard}} {any | {destination destination-wildcard}} {any |
icmp-type} {any | icmp-code} [dscp number | ip-precedence number]
deny-igmp {any | {source source-wildcard}} {any | {destination destination-wildcard}} {any
| igmp-type} [dscp number | ip-precedence number]
Parameters
■ disable-port — Specifies that the port should be disabled if the conditions defined match.
■ source — Specifies the IP address or host name from which the packet was sent. Specify any
to indicate IP address 0.0.0.0 and mask 255.255.255.255.
■ source-wildcard — Specifies wildcard bits by placing 1s in bit positions to be ignored.
Specify any to indicate IP address 0.0.0.0 and mask 255.255.255.255.
■ destination — Specifies the IP address or host name to which the packet is being sent.
Specify any to indicate IP address 0.0.0.0 and mask 255.255.255.255.
■ destination-wildcard — Specifies wildcard bits by placing 1s in bit positions to be ignored.
Specify any to indicate IP address 0.0.0.0 and mask 255.255.255.255.
■ protocol — Specifies the abbreviated name or number of an IP protocol.
The following table lists protocols that can be specified:
IP Protocol Abbreviated Name Protocol Number
Internet Control Message Protocol icmp 1
Internet Group Management Protocol igmp 2
IP in IP (encapsulation) Protocol ipinip 4
Transmission Control Protocol tcp 6
Exterior Gateway Protocol egp 8
Interior Gateway Protocol igp 9
User Datagram Protocol udp 17
Host Monitoring Protocol hmp 20
Reliable Data Protocol rdp 27
Inter-Domain Policy Routing Protocol idpr 35
Ipv6 Protocol ipv6 41
Routing Header for IPv6 ipv6-route 43
Fragment Header for IPv6 ipv6-frag 44
HP PC Blade Switch CLI Reference Guide www.hp.com 4-5
ACL Commands
IP Protocol Abbreviated Name Protocol Number
Inter-Domain Routing Protocol idrp 45
Reservation Protocol rsvp 46
General Routing Encapsulation gre 47
Encapsulating Security Payload (50) esp 50
Authentication Header ah 51
ICMP for IPv6 ipv6-icmp 58
EIGRP rOuting Protocol eigrp 88
Open Shortest Path Protocol ospf 89
Protocol Independent Multicast pim 103
Layer Two Tunneling Protocol l2tp 115
ISIS over IPv4 isis 124
(any IP protocol) any (25504)
■ dscp — Indicates matching the dscp number with the packet dscp value.
■ ip-precedence — Indicates matching ip-precedence with the packet ip-precedence value.
Default Setting
This command has no default configuration.
Command Mode
IP-Access List Configuration mode
Command Usage
Use the ip access-lis
t Global Configuration mode command to enable the IP-Access List
Configuration mode.
Before an Access Control Element (ACE) is added to an ACL, all packets are permitted. After an
ACE is added, an implied deny-any-any condition exists at the end of the list and those packets
that do not match the defined conditions are denied.
Example
The following commands define a permit statement for an IP ACL.
Console(config)# ip access-list ip-acl1
Console(config-ip-al)# deny
rsvp 192.1.1.1 0.0.0.255 any
4-6 www.hp.com HP PC Blade Switch CLI Reference Guide
mac access-list
The mac access-list Global Configuration mode command enables the MAC-Access List
Configuration mode and creates Layer 2 ACLs. To delete an ACL, use the no form of this
command.
Syntax
ACL Commands
mac access-list
name
no mac access-list name
Parameters
■ name — Specifies the name of the ACL.
Default Setting
The default for all ACLs is deny all.
Command Mode
Global Configuration mode
Command Usage
There are no user guidelines for this command.
Example
The following command creates a MAC ACL.
Console(config)# mac access-list macl-acl1
Console(config-mac-al)#
HP PC Blade Switch CLI Reference Guide www.hp.com 4-7
ACL Commands
permit (MAC)
The permit MAC-Access List Configuration mode command defines permit conditions of an
MAC ACL.
Syntax
permit {any | {host source source-wildcard} any | {destination destination-wildcard}} [vlan
vlan-id] [cos cos cos-wildcard] [ethtype eth-type]
Parameters
■ source — Specifies the source MAC address of the packet.
■ source-wildcard — Specifies wildcard bits to be applied to the source MAC address. Use 1s
in bit positions to be ignored.
■ destination — Specifies the MAC address of the host to which the packet is being sent.
■ destination-wildcard — Specifies wildcard bits to be applied to the destination MAC
address. Use 1s in bit positions to be ignored.
■ vlan-id — Specifies the ID of the packet VLAN. (Range: 0-4095)
■ cos — Specifies the Class of Service (CoS) for the packet. (Range: 0-7)
■ cos-wildcard — Specifies wildcard bits to be applied to the CoS.
■ eth-type — Specifies the Ethernet type of the packet.(Range: 0-65535)
Default Setting
No MAC ACL is defined.
Command Mode
MAC-Access List Configuration mode
Command Usage
Before an Access Control Element (ACE) is added to an ACL, all packets are permitted. After an
ACE is added, an implied deny-any-any condition exists at the end of the list and those packets
that do not match the conditions defined in the permit statement are denied.
If the VLAN ID is specified, the policy map cannot be connected to the VLAN interface.
Example
The following commands create a MAC ACL with permit rules.
Console(config)# mac access-list macl-acl1
Console(config-mac-al)# permit 6:6:6:6:6:6 0:0:0:0:0:0 any vlan 6
4-8 www.hp.com HP PC Blade Switch CLI Reference Guide
deny (MAC)
The deny MAC-Access List Configuration mode command denies traffic if the conditions
defined in the deny statement match.
Syntax
deny
destination
deny [disable-port] {any | {source source-wildcard}}{any | {destination destination-
wildcard}}[vlan vlan-id] [cos cos cos-wildcard] [ethtype eth-type]
Parameters
■ disable-port — Indicates that the port is disabled if the statement is deny.
■ source — Specifies the MAC address of the host from which the packet was sent.
■ source-wildcard — (Optional for the first type) Specifies wildcard bits by placing 1s in bit
positions to be ignored.
■ destination — Specifies the MAC address of the host to which the packet is being sent.
■ destination-wildcard — (Optional for the first type) Specifies wildcard bits by placing 1s in
bit positions to be ignored.
ACL Commands
■ vlan-id — Specifies the ID of the packet vlan.
■ cos — Specifies the packets’s Class of Service (CoS).
■ cos-wildcard — Specifies wildcard bits to be applied to the CoS.
■ eth-type — Specifies the packet’s Ethernet type.
Default Setting
This command has no default configuration.
Command Mode
MAC-Access List Configuration mode
Command Usage
MAC BPDU packets cannot be denied.
This command defines an Access Control Element (ACE). An ACE can only be removed by
deleting the ACL, using the no mac access-list Global Configuration mode command.
Alternatively, the Web-based interface can be used to delete ACEs from an ACL.
Use the following user guidelines:
■ Before an Access Control Element (ACE) is added to an ACL, all packets are permitted.
After an ACE is added, an implied deny-any-any condition exists at the end of the list and
those packets that do not match the conditions defined in the permit statement are denied.
■ If the VLAN ID is specified, the policy map cannot be connected to the VLAN interface.
HP PC Blade Switch CLI Reference Guide www.hp.com 4-9
ACL Commands
Example
The following commands create a MAC ACL with deny rules on a device.
Console(config)# mac access-list macl1
Console (config-mac-acl)# deny 06:06:06:06:06:06:00:00:00:00:00:00 any
4-10 www.hp.com HP PC Blade Switch CLI Reference Guide
service-acl
The service-acl Interface Configuration mode command applies an ACL to the input interface.
To detach an ACL from an input interface, use the no form of this command.
Syntax
ACL Commands
service-acl
{input acl-name}
no service-acl {input}
Parameters
■ acl-name — Specifies the ACL to be applied to the input interface.
Default Setting
This command has no default configuration.
Command Mode
Interface (Ethernet, port-channel) Configuration mode.
Example
The following command binds (services) an ACL to VLAN 2.
Console(config)# interface vlan 2
Console(config-if)# service-acl input macl1
HP PC Blade Switch CLI Reference Guide www.hp.com 4-11
ACL Commands
show access-lists
The show access-lists Privileged EXEC mode command displays access control lists (ACLs)
defined on the device.
Syntax
show access-lists
[name]
Parameters
■ name — Name of the ACL.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Example
The following command displays access lists on a device.
Console# show access-lists
IP access list ACL1
permit ip host 172.30.40.1 any
permit rsvp host 172.30.8.8 any
4-12 www.hp.com HP PC Blade Switch CLI Reference Guide
bridge address
The bridge address Interface Configuration (VLAN) mode command adds a MAC-layer station
source address to the bridge table. To delete the MAC address, use the no form of this command.
Syntax
5
Address Table Commands
bridge address
[permanent | delete-on-reset | delete-on-timeout | secure]
no bridge address [mac-address]
Parameters
■ mac-address — A valid MAC address.
■ interface — A valid Ethernet port.
■ port-channel-number — A valid port-channel number.
■ permanent — The address can only be deleted by the no bridge address command.
■ delete-on-reset — The address is deleted after reset.
■ delete-on-timeout — The address is deleted after “age out” time has expired.
■ secure — The address is deleted after the port changes mode to unlock learning (no port
security command). This parameter is only available when the port is in the learning locked
mode.
Default Setting
No static addresses are defined. The default mode for an added address is permanent.
Command Mode
Interface Configuration (VLAN) mode
mac-address {ethernet interface | port-channel port-channel-number}
Command Usage
Using the no form of the command without specifying a MAC address deletes all static MAC
addresses belonging to this VLAN).
On interfaces that have an IP address configured, use the command “port security routed secure
address” to configure an address with “secure” option.
HP PC Blade Switch CLI Reference Guide www.hp.com 5-1
Address Table Commands
Example
The following command adds a permanent static MAC-layer station source address
3aa2.64b3.a245 on port 1/e16 to the bridge table.
Console(config)# interface vlan 2
Console(config-if)# bridge address 3aa2.64b3.a245 ethernet 1/e16 permanent
5-2 www.hp.com HP PC Blade Switch CLI Reference Guide
bridge multicast filtering
The bridge multicast filtering Global Configuration mode command enables filtering multicast
addresses. To disable filtering multicast addresses, use the no form of this command.
Syntax
bridge multicast filtering
no bridge multicast filtering
Parameters
There are no parameters for this command.
Default Setting
Filtering multicast addresses is disabled. All multicast addresses are flooded to all ports.
Command Mode
Global Configuration mode
Command Usage
Address Table Commands
If multicast devices exist on the VLAN, do not change the unregistered multicast addresses state
to drop on the switch ports.
If multicast devices exist on the VLAN and IGMP-snooping is not enabled, the bridge multicast
forward-all command should be used to enable forwarding all multicast packets to the multicast
switches.
Example
The following command enables bridge multicast filtering.
Console(config)# bridge multicast filtering
HP PC Blade Switch CLI Reference Guide www.hp.com 5-3
Address Table Commands
bridge multicast address
The bridge multicast address Interface Configuration (VLAN) mode command registers a
MAC-layer multicast address in the bridge table and statically adds ports to the group. To
unregister the MAC address, use the no
Syntax
form of this command.
bridge multicast address
bridge multicast address
{mac-multicast-address | ip-multicast-address}
{mac-multicast-address | ip-multicast-address} [add | remove]
{ethernet interface-list | port-channel port-channel-number-list}
no bridge multicast address
{mac-multicast-address | ip-multicast-address}
Parameters
■ add — Adds ports to the group. If no option is specified, this is the default option.
■ remove — Removes ports from the group.
■ mac-multicast-address — A valid MAC multicast address.
■ ip- multicast-address — A valid IP multicast address.
■ interface-list — Separate nonconsecutive Ethernet ports with a comma and no spaces; a
hyphen is used to designate a range of ports.
■ port-channel-number-list — Separate nonconsecutive port-channels with a comma and no
spaces; a hyphen is used to designate a range of ports.
Default Setting
No multicast addresses are defined.
Command Mode
Interface configuration (VLAN) mode
Command Usage
If the command is executed without add or remove, the command only registers the group in the
bridge database.
Static multicast addresses can only be defined on static VLANs.
Examples
The following command registers the MAC address:
Console(config)# interface vlan 8
Console(config-if)# bridge multicast address
01:00:5e:02:02:03
The following command registers the MAC address and adds ports statically.
Console(config)# interface vlan 8
Console(config-if)# bridge multicast address
5-4 www.hp.com HP PC Blade Switch CLI Reference Guide
01:00:5e:02:02:03 add ethernet 1/e1-e9,2/e2
bridge multicast forbidden address
The bridge multicast forbidden address Interface Configuration (VLAN) mode command
forbids adding a specific multicast address to specific ports. Use the no form of this command to
return to the default configuration.
Syntax
Address Table Commands
bridge multicast forbidden address
remove} {ethernet interface-list | port-channel
no bridge multicast forbidden address
{mac-multicast-address | ip-multicast-address} {add |
port-channel-number-list}
{mac-multicast-address | ip-multicast-address}
Parameters
■ add —Defines the port as forbidden. Forbidden ports are not included the Multicast group,
even if IGMP snooping designated the port to join a Multicast group.
■ remove — Removes ports from the Forbidden Port list.
■ mac-multicast-address — A valid MAC multicast address.
■ ip- multicast-address — A valid IP multicast address.
■ interface-list — Separate nonconsecutive Ethernet ports with a comma and no spaces;
hyphen is used to designate a range of ports.
■ port-channel-number-list — Separate nonconsecutive valid port-channels with a comma and
no spaces; a hyphen is used to designate a range of port-channels.
Default Setting
No forbidden addresses are defined.
Command Modes
Interface Configuration (VLAN) mode
Command Usage
Before defining forbidden ports, the multicast group should be registered.
Example
The following command forbids MAC address 0100.5e02.0203 on port 2/e9 within VLAN 8.
Console(config)# interface vlan 8
Console(config-if)# bridge multicast address 0100.5e02.0203
Console(config-if)# bridge multicast forbidden address 0100.5e02.0203 add
HP PC Blade Switch CLI Reference Guide www.hp.com 5-5
ethernet 2/e9
Address Table Commands
bridge multicast forward-all
The bridge multicast forward-all Interface Configuration (VLAN) mode command enables
forwarding all multicast packets on a port. To restore the default configuration, use the no
command.
of this
Syntax
form
bridge multicast forward-all {add
| remove} {ethernet interface-list | port-channel
port-channel-number-list}
no bridge multicast forward-all
Parameters
■ add — Force forwarding all multicast packets.
■ remove — Do not force forwarding all multicast packets.
■ interface-list — Separate nonconsecutive Ethernet ports with a comma and no spaces; a
hyphen is used to designate a range of ports.
■ port-channel-number-list — Separate nonconsecutive port-channels with a comma and no
spaces; a hyphen is used to designate a range of port-channels.
Default Setting
This setting is disabled.
Command Mode
Interface Configuration (VLAN) mode
Command Usage
There are no user guidelines for this command.
Example
The following command configures the device to forward all multicast packets on port 1/e8.
Console(config)# interface vlan 2
Console(config-if)# bridge multicast forward-all add ethernet
5-6 www.hp.com HP PC Blade Switch CLI Reference Guide
1/e8
bridge multicast forbidden forward-all
The bridge multicast forbidden forward-all Interface Configuration (VLAN) mode command
forbids a port to be a forward-all-multicast port. To restore the default configuration, use the no
form of this command.
Syntax
Address Table Commands
bridge multicast forbidden forward-all
{add | remove} {ethernet interface-list | port-channel
port-channel-number-list}
no bridge multicast forbidden forward-all
Parameters
■ add — Forbids forwarding all multicast packets.
■ remove — Does not forbid forwarding all multicast packets.
■ interface-list — Separates nonconsecutive Ethernet ports with a comma and no spaces; a
hyphen is used to designate a range of ports.
■ port-channel-number-list — Separates nonconsecutive port-channels with a comma and no
spaces; a hyphen is used to designate a range of port-channels.
Default Setting
This setting is disabled.
Command Mode
Interface Configuration (VLAN) mode
Command Usage
IGMP snooping dynamically discovers multicast device ports. When a multicast device port is
discovered, all the multicast packets are forwarded to it unconditionally.
This command prevents a port from becoming a multicast device port.
Example
The following command configures the device to forbid all forwarding of Multicast packets to
1/e1 with VLAN 2.
Console(config)# interface vlan 2
Console(config-if)# bridge multicast forbidden forward-all add ethernet 1/e1
HP PC Blade Switch CLI Reference Guide www.hp.com 5-7
Address Table Commands
bridge aging-time
The bridge aging-time Global Configuration mode command sets the address table aging time.
To restore the default configuration, use the no
Syntax
form of this command.
bridge aging-time
seconds
no bridge aging-time
Parameters
■ seconds — Time in seconds. (Range: 10-630 seconds)
Default Setting
The default is 300 seconds.
Command Mode
Global Configuration mode
Command Usage
There are no user guidelines for this command.
Example
The following command sets the bridge aging time to 250 seconds.
Console(config)# bridge aging-time 250
5-8 www.hp.com HP PC Blade Switch CLI Reference Guide
clear bridge
The clear bridge Privileged EXEC mode command removes any learned entries from the
forwarding database.
Syntax
clear bridge
Parameters
There are no parameters for this command.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Address Table Commands
Example
The following command clears the bridge tables.
Console# clear bridge
HP PC Blade Switch CLI Reference Guide www.hp.com 5-9
Address Table Commands
port security
The port security Interface Configuration mode command locks the port, thereby, blocking
unknown traffic and preventing the port from learning new addresses. To return to the default
configuration, use the no
Syntax
form of this command.
port security
[forward | discard | discard-shutdown] [trap seconds]
no port security
Parameters
■ forward — Forwards packets with unlearned source addresses, but does not learn the
address.
■ discard — Discards packets with unlearned source addresses. This is the default if no option
is indicated.
■ discard-shutdown — Discards packets with unlearned source addresses. The port is also
shut down.
■ seconds — Sends SNMP traps and defines the minimum amount of time in seconds between
consecutive traps. (Range: 1-1000000)
Default Setting
This setting is disabled.
Command Mode
Interface Configuration (Ethernet, port-channel) mode
Command Usage
There are no user guidelines for this command.
Example
In the following example, port 1/e1 forwards all packets without learning addresses of packets
from unknown sources and sends traps every 100 seconds if a packet with an unknown source
address is received.
Console(config)# interface ethernet 1/e1
Console(config-if)# port security forward trap 100
5-10 www.hp.com HP PC Blade Switch CLI Reference Guide
port security mode
The port security mode Interface Configuration mode command configures the port security
mode. To return to the default configuration, use the no
Syntax
port security mode {lock | dynamic}
no port security mode
Parameters
■ lock — Saves the current dynamic MAC addresses associated with the port and disables
learning, relearning and aging.
■ dynamic — Deletes the current dynamic MAC addresses associated with the port and learns
up to the maximum number addresses allowed on the port. Relearning and aging are enabled.
Default Setting
This setting is disabled.
Command Mode
Address Table Commands
form of this command.
Interface Configuration (Ethernet, port-channel) mode
Command Usage
There are no user guidelines for this command.
Example
In the following command, the port security mode is set to dynamic for Ethernet interface 1/e7.
Console(config)# interface ethernet 1/e7
Console(config-if)# port security mode dynamic
HP PC Blade Switch CLI Reference Guide www.hp.com 5-11
Address Table Commands
port security max
The port security max Interface Configuration (Ethernet, port-channel) mode command
configures the maximum number of addresses that can be learned on the port while the port is in
port security mode. To return to the default configuration, use the no form of this
Syntax
port security max max-addr
no port security max
Parameters
■ max-addr — Maximum number of addresses that can be learned by the port. (Range: 1-128)
Default Setting
The default is 1 address.
Command Mode
Interface Configuration (Ethernet, port-channel) mode
command.
Command Usage
This command is only relevant in dynamic learning modes.
Example
The following command sets the maximum number of addresses that are learned on port 1/e7
before it is locked to 20.
Console(config)# interface ethernet 1/e7
Console(config-if)# port security mode dynamic
Console(config-if)# port security max 20
5-12 www.hp.com HP PC Blade Switch CLI Reference Guide
port security routed secure-address
The port security routed secure-address Interface Configuration (Ethernet, port-channel) mode
command adds a MAC-layer secure address to a routed port. Use the no
delete a MAC address.
Syntax
Address Table Commands
form of this command to
port security routed secure-address
no port security routed secure-address
mac-address
mac-address
Parameters
■ mac-address — A valid MAC address.
Default Setting
No addresses are defined.
Command Mode
Interface Configuration (Ethernet, port-channel) mode. Cannot be configured for a range of
interfaces (range context).
Command Usage
The command enables adding secure MAC addresses to a routed port in port security mode. The
command is available when the port is a routed port and in port security mode. The address is
deleted if the port exits the security mode or is not a routed port.
Use this command on interfaces that have an IP address configured, instead of the command
bridge address mac-address
[secure]
.
{ethernet interface port-channel port-channel-number}
Example
The following command adds the MAC-layer address 66:66:66:66:66:66 to port 1/e1.
Console(config)# interface ethernet 1/e1
Console(config-if)# port security routed secure-address
HP PC Blade Switch CLI Reference Guide www.hp.com 5-13
66:66:66:66:66:66
Address Table Commands
show bridge address-table
The show bridge address-table Privileged EXEC mode command displays all entries in the
bridge-forwarding database.
Syntax
show bridge address-table
[vlan vlan] [ethernet interface | port-channel
port-channel-number]
Parameters
■ vlan — Specifies a valid VLAN, such as VLAN 1.
■ interface — A valid Ethernet port.
■ port-channel-number — A valid port-channel number.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
Internal usage VLANs (VLANs that are automatically allocated on ports with a defined Layer 3
interface) are presented in the VLAN column by a port number and not by a VLAN ID.
“Special” MAC addresses that were not statically defined or dynamically learned are displayed
in the MAC address table. This includes, for example, MAC addresses defined in ACLs.
Example
The following command displays all classes of entries in the bridge-forwarding database.
Console# show bridge address-table
Aging time is 300 sec
Interface MAC Address Port Type
--------- -------------- ---- -------
1 00:60:70:4C:73:FF 5/e8 dynamic
1 00:60:70:8C:73:FF 5/e8 dynamic
200 00:10:0D:48:37:FF 5/e9 static
5-14 www.hp.com HP PC Blade Switch CLI Reference Guide
show bridge address-table static
The show bridge address-table static Privileged EXEC mode command displays statically
created entries in the bridge-forwarding database.
Syntax
Address Table Commands
show bridge address-table static
[vlan vlan] [ethernet interface | port-channel
port-channel-number]
Parameters
■ vlan — Specifies a valid VLAN, such as VLAN 1.
■ interface — A valid Ethernet port.
■ port-channel-number — A valid port-channel number.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Example
The following command displays all static entries in the bridge-forwarding database.
Console# show bridge address-table static
Aging time is 300 sec
VLAN MAC Address Port Type
---- ----------------- ---- -----------------
1 00:60:70:4C:73:FF 1/e8 Permanent
1 00:60.70.8C.73:FF 1/e8 delete-on-timeout
200 00:10:0D:48:37:FF 1/e9 delete-on-reset
HP PC Blade Switch CLI Reference Guide www.hp.com 5-15
Address Table Commands
show bridge address-table count
The show bridge address-table count Privileged EXEC mode command displays the number of
addresses present in the Forwarding Database.
Syntax
show bridge address-table coun
t [vlan vlan][ ethernet interface-number | port-channel
port-channel-number]
Parameters
■ vlan — Specifies a valid VLAN, such as VLAN 1.
■ interface — A valid Ethernet port.
■ port-channel-number — A valid port-channel number.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Example
The following command displays the number of addresses present in all VLANs.
Console# show bridge address-table count
Capacity: 8192
Free: 8083
Used: 109
Secure addresses: 2
Static addresses: 1
Dynamic addresses: 97
Internal addresses: 9
5-16 www.hp.com HP PC Blade Switch CLI Reference Guide
show bridge multicast address-table
The show bridge multicast address-table User EXEC mode command displays multicast MAC
address or IP address table information.
Syntax
Address Table Commands
show bridge multicast address-table
ip-multicast-address] [format ip |
[vlan vlan-id] [address mac-multicast-address |
format mac]
Parameters
■ vlan-id — A valid VLAN ID value.
■ mac-multicast-address — A valid MAC multicast address.
■ ip-multicast-address — A valid IP multicast address.
■ format ip|mac — Multicast address format. Can be ip or mac. If the format is unspecified,
the default is mac.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
A MAC address can be displayed in IP format only if it is in the range of
0100.5e00.0000-0100.5e7f.ffff.
Example
The following command displays Multicast MAC address and IP address table information.
Console# show bridge multicast address-table
VLAN MAC Address Type Ports
---- -------------- ------- ----------
1 01:00:5e:02:02:03 static 1/e1, 2/e2
19 01:00:5e:02:02:08 static 1/e1-e8
19 00:00:5e:02:02:08 dynamic 1/e9-e11
Forbidden ports for multicast addresses:
VLAN MAC Address Ports
---- -------------- -----
1 01:00:5e:02:02:03 2/e8
19 01:00:5e:02:02:08 2/e8
HP PC Blade Switch CLI Reference Guide www.hp.com 5-17
Address Table Commands
Console# show bridge multicast address-table format ip
VLAN IP/MAC Address Type Ports
---- ----------------- ------ ---------
1 224-239.130|2.2.3 static 1/e1,2/e2
19 224-239.130|2.2.8 static 1/e1-8
19 224-239.130|2.2.8 dynamic 1/e9-11
Forbidden ports for multicast addresses:
VLAN IP/MAC Address Ports
---- ----------------- ------
1 224-239.130|2.2.3 2/e8
19 224-239.130|2.2.8 2/e8
A multicast MAC address maps to multiple IP addresses as shown in the example.
✎
5-18 www.hp.com HP PC Blade Switch CLI Reference Guide
show bridge multicast filtering
The show bridge multicast filtering User EXEC mode command displays the multicast filtering
configuration.
Syntax
show bridge multicast filtering vlan-id
Parameters
■ vlan-id — VLAN ID value.
Default Setting
This command has no default configuration.
Command Mode
User EXEC mode
Command Usage
There are no user guidelines for this command.
Address Table Commands
Example
The following command displays the Multicast configuration for VLAN 1.
Console# show bridge multicast filtering 1
Filtering: Enabled
VLAN: 1
Port Forward-Unregistered Forward-All
Static Status Static Status
---- --------- --------- --------- ----------
1/e1 Forbidden Filter Forbidden Filter
1/e2 Forward Forward(s) Forward Forward(s)
1/e3 - Forward(d) - Forward(d)
HP PC Blade Switch CLI Reference Guide www.hp.com 5-19
Address Table Commands
show ports security
The show ports security Privileged EXEC mode command displays the port-lock status.
Syntax
show ports security
[ethernet interface | port-channel port-channel-number]
Parameters
■ interface — A valid Ethernet port.
■ port-channel-number — A valid port-channel number.
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
Example
The following command displays all classes of port-lock status entries.
Console# show ports security
Port Status Learning Action Maximum Trap Frequency
---- ------- -------- ------- ------- ------- ---------
1/e1 Locked Dynamic Discard 3 Enable 100
1/e2 Unlocked Dynamic - 28 - -
1/e3 Locked Disabled Discard,
Shutdown
8 Disable -
The following table describes the fields shown in the example.
Field Description
Por t Port number
Status Locked/Unlocked
Learning Learning mode
Action Action on violation
Maximum Maximum addresses that can be associated on this port in Static Learning
Trap Indicates if traps are sent in case of a violation
Frequency Minimum time between consecutive trap
5-20 www.hp.com HP PC Blade Switch CLI Reference Guide
mode or in Dynamic Learning mode
show ports security addresses
The show ports security addresses Privileged EXEC mode command displays the current
dynamic addresses in locked ports.
Syntax
Address Table Commands
show ports security addresses
[ethernet interface | port-channel port-channel-number]
Parameters
■ interface — A valid Ethernet port.
■ port-channel-number — A valid port-channel number
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC Mode
Command Usage
There are no user guidelines for this command.
Example
The following command displays the dynamic addresses in currently locked ports.
Console# show ports security addresses
Port Status Learning Current Maximum
---- -------- -------- ------- -------
1/e1 Disabled Lock - 1
1/e2 Disabled Lock - 1
1/e3 Enabled Max-addresses 0 1
1/e4 Port is a member in port-channel ch1
1/e5 Disabled Lock - 1
1/e6 Enabled Max-addresses 0 10
ch1 Enabled Max-addresses 0 50
ch2 Enabled Max-addresses 0 128
The following command displays the dynamic addresses in currently locked port 1/e1.
Console# show ports security addresses ethernet 1/e1
Port Status Learning Current Maximum
---- -------- -------- ------- -------
1/e1 Disabled Lock - 1
HP PC Blade Switch CLI Reference Guide www.hp.com 5-21
Address Table Commands
5-22 www.hp.com HP PC Blade Switch CLI Reference Guide
clock set
The clock set Privileged EXEC mode command manually sets the system clock.
Syntax
6
Clock Commands
clock set hh
or
clock set hh
Parameters
■ hh:mm:ss — Current time in hours (military format), minutes, and seconds (hh: 0-23,
mm: 0-59, ss: 0-59).
■ day — Current day (by date) in the month (1-31).
■ month — Current month using the first three letters by name (Jan, …, Dec).
■ year — Current year (2000-2097).
Default Setting
This command has no default configuration.
Command Mode
Privileged EXEC mode
Command Usage
There are no user guidelines for this command.
:mm:ss day month year
:mm:ss month day year
Example
The following command sets the system time to 13:32:00 on March 7th, 2006.
Console# clock set 13:32:00 7 Mar 2006
HP PC Blade Switch CLI Reference Guide www.hp.com 6-1
Clock Commands
clock source
The clock source Global Configuration mode command configures an external time source for
the system clock. Use no form of this command to disable external time source.
Syntax
clock source {sntp}
no clock source
Parameters
■ sntp — SNTP servers
Default Setting
No external clock source.
Command Mode
Global Configuration mode
Command Usage
There are no user guidelines for this command.
Example
The following command configures an external time source for the system clock.
Console(config)# clock source sntp
6-2 www.hp.com HP PC Blade Switch CLI Reference Guide
clock timezone
The clock timezone Global Configuration mode command sets the time zone for display
purposes. To set the time to the Coordinated Universal Time (UTC), use the no form of this
command.
Syntax
clock timezone hours-offset [minutes minutes-offset] [zone acronym]
no clock timezone
Parameters
■ hours-offset — Hours difference from UTC. (Range: -12 – +13)
■ minutes-offset — Minutes difference from UTC. (Range: 0–59 minutes)
■ acronym — The acronym of the time zone. (Range: Up to 4 characters)
Default Setting
Clock set to UTC.
Command Mode
Clock Commands
Global Configuration mode
Command Usage
The system internally keeps time in UTC, so this command is used only for display purposes and
when the time is manually set.
Example
The following command sets the time zone to 6 hours difference from UTC.
Console(config)# clock timezone -6 zone CST
HP PC Blade Switch CLI Reference Guide www.hp.com 6-3
Clock Commands
clock summer-time
The clock summer-time Global Configuration mode command configures the system to
automatically switch to summer time (daylight saving time). To configure the software not to
automatically switch to summer time, use the no form of this command.
Syntax
clock summer-time recurring {usa | eu | {week day month hh:mm week day month hh:mm}}
[offset offset] [zone acronym]
clock summer-time date date month year hh:mm date month year hh:mm [offset offset] [zone
acronym]
clock summer-time date month date year hh:mm month date year hh:mm [offset offset] [zone
acronym]
no clock summer-time recurring
Parameters
■ recurring — Indicates that summer time should start and end on the corresponding specified
days every year.
■ date — Indicates that summer time should start on the first specific date listed in the
command and end on the second specific date in the command.
■ usa — The summer time rules are the United States rules.
■ eu — The summer time rules are the European Union rules.
■ week — Week of the month. (Range: 1-5, first, last)
■ day — Day of the week (Range: first three letters by name, like sun)
■ date — Date of the month. (Range:1-31)
■ month — Month. (Range: first three letters by name, like Jan)
■ year — year - no abbreviation (Range: 2000-2097)
■ hh:mm — Time in military format, in hours and minutes. (Range: hh: 0-23, mm: 0-59)
■ offset — Number of minutes to add during summer time. (Range: 1-1440)
■ acronym — The acronym of the time zone to be displayed when summer time is in effect.
(Range: Up to 4 characters)
Default Setting
■ Summer time is disabled by default.
■ offset — Default summer time is 60 minutes.
■ acronym — If unspecified default to the timezone acronym.
■ If the time zone has not been defined, the default is UTC.
Command Mode
Global Configuration mode
6-4 www.hp.com HP PC Blade Switch CLI Reference Guide
Clock Commands
Command Usage
In both the date and recurring forms of the command, the first part of the command specifies
when summer time begins, and the second part specifies when it ends. All times are relative to
the local time zone. The start time is relative to standard time. The end time is relative to summer
time. If the starting month is chronologically after the ending month, the system assumes that the
user is in the southern hemisphere.
USA rule for daylight savings time:
■ Start: First Sunday in April
■ End: Last Sunday in October
■ Time: 2 am local time
EU rule for daylight savings time:
■ Start: Last Sunday in March
■ End: Last Sunday in October
■ Time: 1.00 am (01:00)
Example
The following command sets the summer time, starting on the first Sunday in April at 2 am and
finishing on the last Sunday in October at 2 am.
Console(config)# clock summer-time recurring first sun apr 2:00 last sun oct 2:00
HP PC Blade Switch CLI Reference Guide www.hp.com 6-5
Clock Commands
sntp authentication-key
The sntp authentication-key Global Configuration mode command defines an authentication
key for Simple Network Time Protocol (SNTP). To remove the authentication key for SNTP, use
the no form of this command.
Syntax
sntp authentication-key number md5 value
no sntp authentication-key number
Parameters
■ number — Key number (Range: 1-4294967295)
■ value — Key value (Range: 1-8 characters)
Default Setting
No authentication key is defined.
Command Mode
Global Configuration mode
Command Usage
Multiple keys can be generated.
Example
The following command defines the authentication key for SNTP.
Console(config)# sntp authentication-key 8 md5 ClkKey
6-6 www.hp.com HP PC Blade Switch CLI Reference Guide
sntp authenticate
The sntp authenticate Global Configuration mode command grants authentication for received
Simple Network Time Protocol (SNTP) traffic from servers. To disable the feature, use the no
form of this command.
Syntax
sntp authenticate
no sntp authenticate
Parameters
There are no parameters for this command.
Default Setting
No authentication
Command Mode
Global Configuration mode
Clock Commands
Command Usage
The command is relevant for both unicast and broadcast.
Example
The following command defines the authentication key for SNTP and grants authentication.
Console(config)# sntp authentication-key 8 md5 ClkKey
Console(config)# sntp trusted-key 8
Console(config)# sntp authenticate
HP PC Blade Switch CLI Reference Guide www.hp.com 6-7
Clock Commands
sntp trusted-key
The sntp trusted-key Global Configuration mode command authenticates the identity of a
system to which Simple Network Time Protocol (SNTP) will synchronize. To disable
authentication of the identity of the system, use the no form of this command.
Syntax
sntp trusted-key key-number
no sntp trusted-key key-number
Parameters
■ key-number — Key number of authentication key to be trusted. (Range: 1-4294967295)
Default Setting
No keys are trusted.
Command Mode
Global Configuration mode
Command Usage
The command is relevant for both received unicast and broadcast.
If there is at least 1 trusted key, then unauthenticated messages will be ignored.
Example
The following command authenticates key number 8.
Console(config)# sntp authentication-key 8 md5 ClkKey
Console(config)# sntp trusted-key 8
Console(config)# sntp authenticate
6-8 www.hp.com HP PC Blade Switch CLI Reference Guide
sntp client poll timer
The sntp client poll timer Global Configuration mode command sets the polling time for the
Simple Network Time Protocol (SNTP) client. To return to default configuration, use the no form
of this command.
Syntax
sntp client poll timer seconds
no sntp client poll timer
Parameters
■ seconds — Polling interval in seconds (Range: 60-86400)
Default Setting
Polling interval is 1024 seconds.
Command Mode
Global Configuration mode
Clock Commands
Command Usage
There are no user guidelines for this command.
Example
The following command sets the polling time for the Simple Network Time Protocol (SNTP)
client to 120 seconds.
Console(config)# sntp client poll timer 120
HP PC Blade Switch CLI Reference Guide www.hp.com 6-9
Clock Commands
sntp broadcast client enable
The sntp broadcast client enable Global Configuration mode command enables Simple
Network Time Protocol (SNTP) broadcast clients. To disable SNTP broadcast clients, use the no
form of this command.
Syntax
sntp broadcast client enable
no sntp broadcast client enable
Parameters
There are no parameters for this command.
Default Setting
The SNTP broadcast client is disabled.
Command Mode
Global Configuration mode
Command Usage
Use the sntp client enable (Interface) Interface Configuration mode command to enable the
SNTP client on a specific interface.
Example
The following command enables the SNTP broadcast clients.
Console(config)# sntp broadcast client enable
6-10 www.hp.com HP PC Blade Switch CLI Reference Guide
Loading...