Intel SBCEGBESW10 CLI, SBCEGBESW1 User Manual
Intel® Blade Server Ethernet Switch
Modules SBCEGBESW1 and
SBCEGBESW10 CLI Guide
A Guide for System Administrators of Intel® Server Products
Intel Order Number D67145-002
Disclaimer
Information in this document is provided in connection with Intel® products. No license, express or implied, by
estoppel or otherwise, to any intellectual property rights is granted by this document. Except as provided in Intel's
Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any
express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to
fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property
right. Intel products are not intended for use in medical, life saving, or life sustaining applications.
Intel may make changes to specifications and product descriptions at any time, without notice.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United
States and other countries.
Other names and brands may be claimed as the property of others.
Copyright © 2006, Intel Corporation. All Rights Reserved.
This product includes software developed by the OpenSSL Project for use in the Open SSL Toolkit (http://
wwww.openssl.org/).
This product includes software developed by the NetBSD Foundation, Inc., and its contributors.
This product includes crytographic software written by Eric Young (eay@cryptsoft.com).
This product includes software written by Tim Hudson (tjh@cryptsoft.com).
SECURE SOCKETS LAYER DELIVERABLE: The Secure Sockets Layer shall constitute “OpenSSL Deliverables”
hereunder. The OpenSSL Deliverables are provided to Licensee under the terms of this Agreement and the
OpenSSL License Agreement (the “OpenSSL License”), and any use of such OpenSSL Deliverables shall comply
with the terms and conditions of the OpenSSL License and this Agreement. A copy of the OpenSSL License is
available in the license.txt file accompanying the Deliverables and at http://www.openssl.org/source/license.html.
SSH PROTOCOL SUITE OF NETWORK CONNECTIVITY TOOLS DELIVERABLES: The SSH protocol suite of
network connectivity tools shall constitute “Open SSH Deliverables” hereunder. The OpenSSH Deliverables are
provided to Licensee under the terms of this Agreement and the BSD License (the “BSD License”), and any use of
such OpenSSH Deliverables shall comply with the terms and conditions fo the BSD License and this Agreement. A
copy of the BSD License is set forth as below:
Copyright © Marvell International Ltd. and its affiliates.
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
following conditions are met:
1. Redistribution of source code must retain the above copyright notice, this list of conditions and the following
disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided with the distribution.
3. All advertising materials mentioning features or use of this software must display the following acknowledgement:
This product includes software developed by the NetBSD Foundation, Inc. and its contributors.
4. Neither the name of Marvell nor the names of its contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
ii Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Safety Information
Important Safety Instructions
Read all caution and safety statements in this document before performing any of the
instructions.
Wichtige Sicherheitshinweise
Lesen Sie zunächst sämtliche Warnund Sicherheitshinweise in diesem Dokument, bevor
Sie eine der Anweisungen ausführen.
Consignes de sécurité
Lisez attention toutes les consignes de sécurité et les mises en garde indiquées dans ce
document avant de suivre toute instruction.
Instrucciones de seguridad importantes
Lea todas las declaraciones de seguridad y precaución de este documento antes de realizar
cualquiera de las instrucciones.
重要安全指导
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide iii
在执行任何指令之前,请阅读本文档中的所有注意事项及安全声明。 和/或
http://support.intel.com/support/motherboards/server/sb/CS-010770.htm
Server Boards and Server Chassis Safety Information(《Intel
服务器主板与服务器机箱安全信息》)。
上的 Intel
Warnings
Heed safety instructions: Before working with your server product, whether you are
using this guide or any other resource as a reference, pay close attention to the safety
instructions. You must adhere to the assembly instructions in this guide to ensure and
maintain compliance with existing product certifications and approvals. Use only the
described, regulated components specified in this guide. Use of other products /
components will void the UL listing and other regulatory approvals of the product and
will most likely result in noncompliance with product regulations in the region(s) in which
the product is sold.
System power on/off: The power button DOES NOT turn off the system AC power. To
remove power from system, you must unplug the AC power cord from the wall outlet.
Make sure the AC power cord is unplugged before you open the chassis, add, or remove
any components.
Hazardous conditions, devices and cables: Hazardous electrical conditions may be
present on power, telephone, and communication cables. Turn off the server and
disconnect the power cord, telecommunications systems, networks, and modems attached
to the server before opening it. Otherwise, personal injury or equipment damage can
result.
Electrostatic discharge (ESD) and ESD protection: ESD can damage disk drives,
boards, and other parts. We recommend that you perform all procedures in this chapter
only at an ESD workstation. If one is not available, provide some ESD protection by
wearing an antistatic wrist strap attached to chassis ground any unpainted metal surface on
your server when handling parts.
iv Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Preface
About this Manual
Thank you for purchasing and using an Intel® Blade Server Ethernet Switch Module
SBCEGBESW1 or SBCEGBESW10.
This manual is written for System Administrators who have knowledge of device
management through Command Line Interface (CLI) commands.This document provides
the basic rules for understanding how the commands are presented in this guide. The
Guide also provides command by command information of all available CLI commands,
inclusive of the command description, command syntax, any parameters, other relevant
command information, and a basic example. For the latest version of this manual, see
http://support.intel.com.
Manual Organization
Chapter 1 Using CLI
Chapter 2 AAA Commands
Chapter 3 Address Table Commands
Chapter 4 ACL Commands
Chapter 5 Clock Commands
Chapter 6 Configuration and Image File Commands
Chapter 7 Ethernet Configuration Commands
Chapter 8 GVRP Commands
Chapter 9 IGMP Snooping Commands
Chapter 10 IP Address Commands
Chapter 11 LACP Commands
Chapter 12 Line Commands
Chapter 13 Management ACL Commands
Chapter 14 PHY Diagnostics Commands
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide v
Chapter 15 Port Channel Commands
Chapter 16 Port Monitor Commands
Chapter 17 QoS Commands
Chapter 18 RMON Commands
Chapter 19 RADIUS Commands
Chapter 20 Web Server Commands
Chapter 21 SNMP Commands
Chapter 22 Spanning-Tree Commands
Chapter 23 SSH Commands
Chapter 24 Syslog Commands
Chapter 25 System Management Commands
Chapter 26 TACACS+ Commands
Chapter 27 User Interface Commands
Chapter 28 VLAN Commands
Chapter 29 802.1x Commands
Appendix A: Getting Help
vi Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Contents
Important Safety Instructions ................................................................................................ iii
Wichtige Sicherheitshinweise ............................................................................................... iii
Consignes de sécurité .......................................................................................................... iii
Instrucciones de seguridad importantes ............................................................................... iii
Warnings ............................................................................................................................... iv
About this Manual .................................................................................................................. v
Manual Organization ..............................................................................................................v
Chapter 1: Using CLI ..................................................................................................1
Overview ................................................................................................................................1
Chapter 2: AAA Commands ...................................................................................... 9
aaa authentication login .........................................................................................................9
aaa authentication enable ....................................................................................................10
login authentication ..............................................................................................................11
enable authentication ...........................................................................................................12
ip http authentication ............................................................................................................13
ip https authentication ..........................................................................................................14
show authentication methods ..............................................................................................15
password .............................................................................................................................16
enable password ..................................................................................................................17
username .............................................................................................................................18
Chapter 3: Address Table Commands ................................................................... 21
bridge address .....................................................................................................................21
bridge multicast filtering .......................................................................................................22
bridge multicast address ......................................................................................................23
bridge multicast forbidden address ......................................................................................24
bridge multicast forward-all ..................................................................................................25
bridge multicast forbidden forward-all ..................................................................................26
bridge aging-time .................................................................................................................27
clear bridge ..........................................................................................................................28
port security .........................................................................................................................28
port security mode ...............................................................................................................29
port security routed secure-address ....................................................................................30
show bridge address-table ...................................................................................................31
show bridge address-table static .........................................................................................32
show bridge address-table count .........................................................................................33
show bridge multicast address-table ...................................................................................34
show bridge multicast filtering ..............................................................................................36
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide vii
show ports security .............................................................................................................. 37
show ports security addresses ............................................................................................ 38
Chapter 4: ACL Commands .....................................................................................41
ip access-list ........................................................................................................................ 41
permit (ip) ............................................................................................................................ 42
deny (IP) .............................................................................................................................. 44
mac access-list .................................................................................................................... 46
permit (MAC) ....................................................................................................................... 47
deny (MAC) ......................................................................................................................... 48
service-acl ........................................................................................................................... 50
show access-lists ................................................................................................................ 50
show interfaces access-lists ................................................................................................ 51
Chapter 5: Clock Commands ...................................................................................53
clock set .............................................................................................................................. 53
clock source ........................................................................................................................ 54
clock timezone ..................................................................................................................... 54
clock summer-time ..............................................................................................................55
sntp authentication-key ....................................................................................................... 57
sntp authenticate ................................................................................................................. 58
sntp trusted-key ................................................................................................................... 59
sntp client poll timer ............................................................................................................. 59
sntp broadcast client enable ................................................................................................ 60
sntp anycast client enable ................................................................................................... 61
sntp client enable (Interface) ............................................................................................... 62
sntp unicast client enable .................................................................................................... 63
sntp unicast client poll ......................................................................................................... 63
sntp server ........................................................................................................................... 64
show clock ........................................................................................................................... 65
show sntp configuration ....................................................................................................... 66
show sntp status .................................................................................................................. 67
Chapter 6: Configuration and Image File Commands ...........................................69
copy ..................................................................................................................................... 69
delete ................................................................................................................................... 71
boot system ......................................................................................................................... 72
show running-config ............................................................................................................73
show startup-config ............................................................................................................. 74
show backup-config .............................................................................................................75
show bootvar ....................................................................................................................... 76
Chapter 7: Ethernet Configuration Commands .....................................................79
interface ethernet ................................................................................................................ 79
interface range ethernet ...................................................................................................... 79
viii Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
shutdown .............................................................................................................................80
description ...........................................................................................................................81
speed ...................................................................................................................................82
duplex ..................................................................................................................................83
negotiation ...........................................................................................................................84
flowcontrol ............................................................................................................................85
mdix .....................................................................................................................................86
back-pressure ......................................................................................................................87
port jumbo-frame .................................................................................................................87
clear counters ......................................................................................................................88
set interface active ...............................................................................................................89
show interfaces advertise ....................................................................................................90
show interfaces configuration ..............................................................................................91
show interfaces status .........................................................................................................92
show interfaces description .................................................................................................93
show interfaces counters .....................................................................................................94
show ports jumbo-frame ......................................................................................................97
port storm-control include-multicast (GC) ............................................................................98
port storm-control include-multicast (IC) ..............................................................................98
port storm-control broadcast enable ....................................................................................99
port storm-control broadcast rate .......................................................................................100
show ports storm-control ...................................................................................................101
Chapter 8: GVRP Commands ................................................................................ 103
gvrp enable (Global) ..........................................................................................................103
gvrp enable (Interface) .......................................................................................................103
garp timer ...........................................................................................................................104
gvrp vlan-creation-forbid ....................................................................................................105
gvrp registration-forbid .......................................................................................................106
clear gvrp statistics ............................................................................................................107
show gvrp configuration .....................................................................................................108
show gvrp statistics ............................................................................................................109
show gvrp error-statistics ...................................................................................................110
Chapter 9: IGMP Snooping Commands ............................................................... 111
ip igmp snooping (Global) ..................................................................................................111
ip igmp snooping (Interface) ..............................................................................................111
ip igmp snooping mrouter learn-pim-dvmrp .......................................................................112
ip igmp snooping host-time-out ..........................................................................................113
ip igmp snooping mrouter-time-out ....................................................................................114
ip igmp snooping leave-time-out ........................................................................................115
show ip igmp snooping mrouter .........................................................................................116
show ip igmp snooping interface .......................................................................................117
show ip igmp snooping groups ..........................................................................................118
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide ix
Chapter 10: IP Address Commands ......................................................................121
ip address .......................................................................................................................... 121
ip address dhcp ................................................................................................................. 122
ip default-gateway .............................................................................................................123
show ip interface ............................................................................................................... 124
arp ................................................................................................................................... 125
arp timeout ........................................................................................................................ 126
clear arp-cache .................................................................................................................. 127
show arp ............................................................................................................................ 127
ip domain-lookup ...............................................................................................................128
ip domain-name .................................................................................................................129
ip name-server .................................................................................................................. 130
ip host ................................................................................................................................ 131
clear host ........................................................................................................................... 131
clear host dhcp .................................................................................................................. 132
show hosts ........................................................................................................................ 133
Chapter 11: LACP Commands ...............................................................................135
lacp system-priority ...........................................................................................................135
lacp port-priority ................................................................................................................. 135
lacp timeout ....................................................................................................................... 136
show lacp ethernet ............................................................................................................ 137
show lacp port-channel ..................................................................................................... 139
Chapter 12: Line Commands .................................................................................141
Line ................................................................................................................................... 141
show line ........................................................................................................................... 141
Chapter 13: Management ACL Commands ..........................................................145
management access-list .................................................................................................... 145
Chapter 14: PHY Diagnostics Commands ............................................................153
test copper-port tdr ............................................................................................................ 153
show copper-ports tdr ........................................................................................................ 154
show copper-ports cable-length ........................................................................................ 155
................................................................................................................................... 155
Chapter 15: Port Channel Commands ..................................................................157
................................................................................................................................... 157
interface port-channel ........................................................................................................ 157
interface range port-channel ............................................................................................. 158
channel-group ................................................................................................................... 158
show interfaces port-channel ............................................................................................ 159
Chapter 16: Port Monitor Commands ...................................................................161
port monitor vlan-tagging ................................................................................................... 162
x Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
show ports monitor ............................................................................................................163
Chapter 17: QoS Commands .................................................................................165
qos ....................................................................................................................................165
show qos ............................................................................................................................166
show qos aggregate-policer ...............................................................................................166
show qos interface .............................................................................................................167
show qos map ....................................................................................................................169
class-map ..........................................................................................................................170
show class-map .................................................................................................................171
match .................................................................................................................................172
policy-map .........................................................................................................................173
class ...................................................................................................................................174
show policy-map ................................................................................................................175
trust cos-dscp ....................................................................................................................176
set ....................................................................................................................................177
police .................................................................................................................................178
service-policy .....................................................................................................................179
qos aggregate-policer ........................................................................................................180
show qos aggregate-policer ...............................................................................................181
police aggregate ................................................................................................................182
wrr-queue cos-map ............................................................................................................183
wrr-queue bandwidth .........................................................................................................184
priority-queue out num-of-queues ......................................................................................185
traffic-shape .......................................................................................................................186
show qos interface .............................................................................................................187
qos wrr-queue threshold ....................................................................................................189
qos map policed-dscp ........................................................................................................190
qos map dscp-queue .........................................................................................................191
qos trust (Global) ...............................................................................................................192
qos trust (Interface) ............................................................................................................193
qos cos ..............................................................................................................................194
qos dscp-mutation .............................................................................................................195
qos map dscp-mutation .....................................................................................................196
Chapter 18: RMON Commands ............................................................................. 199
show rmon statistics ..........................................................................................................199
rmon collection history .......................................................................................................201
show rmon collection history ..............................................................................................202
show rmon history ..............................................................................................................203
rmon alarm .........................................................................................................................206
show rmon alarm-table ......................................................................................................208
show rmon alarm ...............................................................................................................209
rmon event .........................................................................................................................210
show rmon events ..............................................................................................................211
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide xi
show rmon log ................................................................................................................... 212
rmon table-size .................................................................................................................. 214
Chapter 19: RADIUS Commands ...........................................................................215
radius-server host .............................................................................................................. 215
radius-server key ............................................................................................................... 216
radius-server retransmit .................................................................................................... 217
radius-server source-ip ...................................................................................................... 218
radius-server timeout ......................................................................................................... 219
radius-server deadtime ...................................................................................................... 220
show radius-servers .......................................................................................................... 220
Chapter 20: Web Server Commands .....................................................................223
ip http server ...................................................................................................................... 223
ip http port ......................................................................................................................... 223
ip http exec-timeout ...........................................................................................................224
ip https server .................................................................................................................... 225
ip https port ........................................................................................................................ 226
ip https exec-timeout ......................................................................................................... 226
crypto certificate generate ................................................................................................. 227
crypto certificate request ................................................................................................... 228
crypto certificate import ..................................................................................................... 230
ip https certificate .............................................................................................................. 231
show crypto certificate mycertificate .................................................................................. 232
show ip http ....................................................................................................................... 233
show ip https ..................................................................................................................... 234
Chapter 21: SNMP Commands ..............................................................................237
snmp-server community .................................................................................................... 237
snmp-server view .............................................................................................................. 238
snmp-server group ............................................................................................................ 239
snmp-server user .............................................................................................................. 241
snmp-server engineID local ............................................................................................... 242
snmp-server enable traps .................................................................................................. 244
snmp-server filter ............................................................................................................... 245
snmp-server host ...............................................................................................................246
snmp-server v3-host .......................................................................................................... 247
snmp-server trap authentication ........................................................................................ 248
snmp-server contact .......................................................................................................... 249
snmp-server location ......................................................................................................... 250
snmp-server set ................................................................................................................. 251
show snmp ........................................................................................................................ 252
show snmp engineid .......................................................................................................... 253
show snmp views .............................................................................................................. 254
show snmp groups ............................................................................................................ 255
xii Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
show snmp filters ...............................................................................................................256
show snmp users ...............................................................................................................257
Chapter 22: Spanning-Tree Commands ............................................................... 259
spanning-tree .....................................................................................................................259
spanning-tree mode ...........................................................................................................259
spanning-tree forward-time ................................................................................................260
spanning-tree max-age ......................................................................................................262
spanning-tree priority .........................................................................................................263
spanning-tree disable ........................................................................................................264
spanning-tree cost .............................................................................................................264
spanning-tree port-priority ..................................................................................................265
spanning-tree portfast ........................................................................................................266
spanning-tree link-type ......................................................................................................267
spanning-tree pathcost method .........................................................................................268
spanning-tree bpdu ............................................................................................................269
clear spanning-tree detected-protocols .............................................................................270
spanning-tree mst priority ..................................................................................................270
spanning-tree mst max-hops .............................................................................................271
spanning-tree mst port-priority ...........................................................................................272
spanning-tree mst cost ......................................................................................................273
spanning-tree mst configuration ........................................................................................274
instance (mst) ....................................................................................................................275
name (mst) .........................................................................................................................276
revision (mst) .....................................................................................................................276
show (mst) .........................................................................................................................277
exit (mst) ............................................................................................................................278
abort (mst) .........................................................................................................................279
spanning-tree guard root ...................................................................................................279
show spanning-tree ...........................................................................................................280
Chapter 23: SSH Commands .................................................................................295
ip ssh port ..........................................................................................................................295
ip ssh server ......................................................................................................................295
crypto key generate dsa ....................................................................................................296
crypto key generate rsa .....................................................................................................297
ip ssh pubkey-auth .............................................................................................................298
crypto key pubkey-chain ssh .............................................................................................299
user-key .............................................................................................................................300
key-string ...........................................................................................................................301
show ip ssh ........................................................................................................................302
show crypto key mypubkey ................................................................................................303
show crypto key pubkey-chain ssh ....................................................................................304
Chapter 24: Syslog Commands ............................................................................ 307
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide xiii
logging on .......................................................................................................................... 307
logging ............................................................................................................................... 308
logging buffered ................................................................................................................. 309
logging buffered size ......................................................................................................... 310
clear logging ...................................................................................................................... 310
logging file ......................................................................................................................... 311
clear logging file ................................................................................................................ 312
aaa logging ........................................................................................................................ 313
file-system logging ............................................................................................................. 313
management logging ......................................................................................................... 314
show logging ..................................................................................................................... 315
show logging file ................................................................................................................ 317
show syslog-servers .......................................................................................................... 318
Chapter 25: System Management Commands .....................................................321
ping ................................................................................................................................... 321
traceroute .......................................................................................................................... 322
telnet .................................................................................................................................. 325
resume .............................................................................................................................. 328
reload ................................................................................................................................ 328
hostname ........................................................................................................................... 329
show users ........................................................................................................................ 330
show sessions ................................................................................................................... 331
show system ...................................................................................................................... 332
show system id .................................................................................................................. 333
show system flowcontrol ................................................................................................... 334
show system mode ............................................................................................................ 335
show version ..................................................................................................................... 335
service cpu-utilization ........................................................................................................336
show cpu utilization ...........................................................................................................337
Chapter 26: TACACS+ Commands .......................................................................339
tacacs-server host .............................................................................................................339
tacacs-server key ..............................................................................................................340
tacacs-server timeout ........................................................................................................ 341
tacacs-server source-ip ..................................................................................................... 342
show tacacs ....................................................................................................................... 342
Chapter 27: User Interface Commands .................................................................345
enable ................................................................................................................................ 345
disable ............................................................................................................................... 345
login ................................................................................................................................... 346
configure ............................................................................................................................ 347
exit (Configuration) ............................................................................................................ 348
exit ................................................................................................................................... 348
xiv Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
end ....................................................................................................................................349
help ....................................................................................................................................350
terminal datadump .............................................................................................................350
show history .......................................................................................................................351
show privilege ....................................................................................................................352
do ....................................................................................................................................353
Chapter 28: VLAN Commands .............................................................................. 355
vlan database ....................................................................................................................355
vlan ....................................................................................................................................355
interface vlan .....................................................................................................................356
interface range vlan ...........................................................................................................357
name ..................................................................................................................................358
switchport protected ...........................................................................................................359
switchport mode .................................................................................................................360
switchport access vlan .......................................................................................................360
switchport trunk allowed vlan .............................................................................................361
switchport trunk native vlan ...............................................................................................362
switchport general allowed vlan .........................................................................................363
switchport general pvid ......................................................................................................364
switchport general ingress-filtering disable ........................................................................365
switchport general acceptable-frame-type tagged-only .....................................................366
switchport forbidden vlan ...................................................................................................366
ip internal-usage-vlan ........................................................................................................367
show vlan ...........................................................................................................................368
show vlan internal usage ...................................................................................................369
show interfaces switchport .................................................................................................370
map protocol protocols-group ............................................................................................373
switchport general map protocols-group vlan ....................................................................374
map mac macs-group ........................................................................................................375
switchport general map macs-group vlan ..........................................................................376
map subnet subnets-group ................................................................................................377
switchport general map subnets-group vlan ......................................................................377
show vlan protocols-groups ...............................................................................................378
show vlan macs-groups .....................................................................................................379
show vlan subnets-groups .................................................................................................380
Chapter 29: 802.1x Commands ............................................................................. 383
aaa authentication dot1x ....................................................................................................383
dot1x system-auth-control .................................................................................................384
dot1x port-control ...............................................................................................................384
dot1x re-authentication ......................................................................................................386
dot1x timeout re-authperiod ...............................................................................................386
dot1x re-authenticate .........................................................................................................387
dot1x timeout quiet-period .................................................................................................388
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide xv
dot1x timeout tx-period ...................................................................................................... 389
dot1x max-req ................................................................................................................... 390
dot1x timeout supp-timeout ............................................................................................... 391
dot1x timeout server-timeout ............................................................................................. 392
show dot1x ........................................................................................................................ 393
show dot1x users .............................................................................................................. 395
show dot1x statistics ......................................................................................................... 397
ADVANCED FEATURES .................................................................................................. 398
dot1x auth-not-req .............................................................................................................398
dot1x multiple-hosts .......................................................................................................... 399
dot1x single-host-violation ................................................................................................. 400
dot1x guest-vlan ................................................................................................................ 401
dot1x guest-vlan enable .................................................................................................... 402
show dot1x advanced ........................................................................................................ 403
Appendix A: Getting Help ......................................................................................405
World Wide Web ............................................................................................................... 405
Telephone ......................................................................................................................... 405
xvi Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
1 Using CLI
Overview
This document describes the Command Line Interface (CLI) used to manage the Intel®
Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10. The
switches can operate as standalone systems, or can be stacked together in the same
system.
Most of the CLI commands are applicable to both switch modules.
This chapter describes how to start using the CLI and the CLI command editing features.
CLI Command Modes
Introduction
The Command Line Interface (CLI) is divided into different command modes. Each
command mode has its own set of specific commands. Entering a question mark ? at the
system prompt (console prompt) displays a list of commands available for that particular
command mode.
From each command mode a specific command is used to navigate from one command
mode to another. The order for mode access is as follows: User EXEC mode, Privileged
EXEC mode, Global Configuration mode, and Interface Configuration mode.
When starting a session, the initial mode is the User EXEC mode. Only a limited subset of
commands are available in User EXEC mode. This task level does not change the
configuration. To enter the next level, the Privileged EXEC mode, a password is required.
The Privileged EXEC mode gives access to commands that displays device configuration
and provides access to the device Configuration mode.
The Global Configuration mode manages the device configuration on a global level.
The Interface Configuration mode configures specific interfaces in the device.
User EXEC Mode
After logging into the device, the user is automatically in User EXEC command mode
unless the user is defined as a privileged user. In general, the User EXEC commands allow
the user to perform basic tests, and list system information.
The user-level prompt consists of the device host name followed by the angle bracket (>).
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 1
Using CLI
The default host name is Console unless it has been changed using the hostname
Console>
command in the Global Configuration mode.
Privileged EXEC Mode
Privileged access is password protected to prevent unauthorized use because many of the
Privileged commands set operating system parameters. The password is not displayed on
the screen and is case sensitive.
Privileged users enter directly into the Privileged EXEC mode. To enter the Privileged
EXEC mode from the User EXEC mode, perform the following steps:
At the prompt enter the enable command and press <Enter>. A password prompt is
displayed.
Enter the password and press <Enter>. The password is displayed as *. The Privileged
EXEC mode prompt is displayed. The Privileged EXEC mode prompt consists of the
device host name followed by #.
Console#
To return from the Privileged EXEC mode to the User EXEC mode, use the disable
command. The following example illustrates how to access the Privileged EXEC mode
and return to the User EXEC mode:
Console> enable
Enter Password: ******
Console#
Console# disable
Console>
The exit command is used to return from any mode to the previous mode except when
returning to the User EXEC mode from the Privileged EXEC mode. For example, the exit
command is used to return from the Interface Configuration mode to the Global
Configuration mode.
Global Configuration Mode
Global Configuration mode commands apply to features that affect the system as a whole,
rather than just a specific interface. The configure Privileged EXEC mode command is
used to enter the Global Configuration mode.
To enter the Global Configuration mode perform the following steps:
1. At the Privileged EXEC mode prompt enter the configure command and press
<Enter>. The Global Configuration mode prompt is displayed. The Global
2 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Using CLI
Configuration mode prompt consists of the device host name followed by (config)
and #.
2. To return from the Global Configuration mode to the Privileged EXEC mode, the
user can use one of the following commands:
exit
end
Ctrl+Z
The following example illustrates how to access the Global Configuration mode and
return to the Privileged EXEC mode:
Console#
Console# configure
Console(config)# exit
Console#
Interface Configuration and Specific Configuration Modes
Interface Configuration mode commands modify specific interface operations. The
following are the Interface Configuration modes:
• Line Interface — Contains commands to configure the management connections.
These include commands such as line timeout settings, etc. The line Global
Configuration mode command is used to enter the Line Configuration command
mode.
• VLAN Database — Contains commands to create a VLAN as a whole. The vlan
database Global Configuration mode command is used to enter the VLAN Database
Interface Configuration mode.
• Management Access List — Contains commands to define management access-lists.
The management access-list Global Configuration mode command is used to enter the
Management Access List Configuration mode.
• Ethernet — Contains commands to manage port configuration. The interface ethernet
Global Configuration mode command is used to enter the Interface Configuration
mode to configure an Ethernet type interface.
• Port Channel — Contains commands to configure port-channels, for example,
assigning ports to a port-channel. Most of these commands are the same as the
commands in the Ethernet interface mode, and are used to manage the member ports
as a single entity. The interface port-channel Global Configuration mode command is
used to enter the Port Channel Interface Configuration mode.
• SSH Public Key-chain — Contains commands to manually specify other device SSH
public keys. The crypto key pubkey-chain ssh Global Configuration mode command
is used to enter the SSH Public Key-chain Configuration mode.
• QoS — Contains commands related to service definitions. The qos Global
Configuration mode command is used to enter the QoS services configuration mode.
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 3
Using CLI
• MAC Access-List — Configures conditions required to allow traffic based on MAC
addresses. The mac access-list Global Configuration mode command is used to enter
the MAC access-list configuration mode.
Starting the CLI
The device can be managed over a direct connection via a Telnet connection. The device
is managed by entering command keywords and parameters at the prompt. Using the
device command-line interface (CLI) is very similar to entering commands on a UNIX
system.
If access is via a Telnet connection, ensure that the device has a defined IP address,
corresponding management access is granted, and the workstation used to access the
device is connected to the device prior to using CLI commands.
1. Enter the following commands to begin the configuration procedure:
Console> enable
Console# configure
Console(config)#
2. Configure the device and enter the necessary commands to complete the required
tasks.
3. When finished, exit the session with the exit command.
When a different user is required to log onto the system, use the login Privileged EXEC
mode command. This effectively logs off the current user and logs on the new user.
Editing Features
Entering Commands
A CLI command is a series of keywords and arguments. Keywords identify a command,
and arguments specify configuration parameters. For example, in the command show
interfaces status ethernet Ext.1, show, interfaces and status are keywords, ethernet is an
argument that specifies the interface type, and Ext.1 specifies the port.
To enter commands that require parameters, enter the required parameters after the
command keyword. For example, to set a password for the administrator, enter:
Console(config)# username admin password alansmith
When working with the CLI, the command options are not displayed. The command is not
selected from a menu, but is manually entered. To see what commands are available in
each mode or within an Interface Configuration, the CLI does provide a method of
displaying the available commands, the command syntax requirements and in some
instances parameters required to complete the command. The standard command to
request help is ?.
4 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Using CLI
There are two instances where help information can be displayed:
• Keyword lookup — The character ? is entered in place of a command. A list of all
valid commands and corresponding help messages are is displayed.
• Partial keyword lookup — If a command is incomplete and or the character ? is
entered in place of a parameter. The matched keyword or parameters for this
command are displayed.
To assist in using the CLI, there is an assortment of editing features. The following
features are described:
• Terminal Command Buffer
• Command Completion
• Nomenclature
• Keyboard Shortcuts
• Terminal Command Buffer
Every time a command is entered in the CLI, it is recorded on an internally managed
Command History buffer. Commands stored in the buffer are maintained on a First In
First Out (FIFO) basis. These commands can be recalled, reviewed, modified, and
reissued. This buffer is not preserved across device resets.
By default, the history buffer system is enabled, but it can be disabled at any time. For
information about the command syntax to enable or disable the history buffer, see “show
history”.
There is a standard default number of commands that are stored in the buffer. The standard
number of 10 commands can be increased to 216. By configuring 0, the effect is the same
as disabling the history buffer system. For information about the command syntax for
configuring the command history buffer, see history size.
To display the history buffer, see “show history”.
Negating the Effect of Commands
For many configuration commands, the prefix keyword no can be entered to cancel the
effect of a command or reset the configuration to the default value. This guide describes
the negation effect for all applicable commands.
Command Completion
If the command entered is incomplete, invalid or has missing or invalid parameters, then
the appropriate error message is displayed. This assists in entering the correct command.
By pressing the <Tab> button, an incomplete command is entered. If the characters
already entered are not enough for the system to identify a single matching command,
press ? to display the available commands matching the characters already entered.
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 5
Using CLI
Nomenclature
When referring to an Ethernet port in a CLI command, the following format is used:
For an Ethernet port on a standalone device: Ethernet_type port_number
For an Ethernet port on a stacked device: unit_number/Ethernet_type port number
The Ethernet type may be Gigabit Ethernet (indicated by “g”).
For example, g3 stands for Gigabit Ethernet port 3 on a stand-alone device, whereas 1/3
stands for Gigabit Ethernet port 3 on stacking unit.
The ports may be described on an individual basis or within a range. Use format port
number-port number to specify a set of consecutive ports and port number, port number to
indicates a set of non-consecutive ports. For example, g1-3 stands for Gigabit Ethernet
ports 1, 2 and 3, and g1,5 stands for Gigabit Ethernet ports 1 and 5.
Keyboard Shortcuts
The CLI has a range of keyboard shortcuts to assist in editing the CLI commands. The
following table describes the CLI shortcuts.
Keyboard KeyDescription
The following list provides a description of keyboard shortcuts:
• Up-arrow key — Recalls commands from the history buffer, beginning with the most
recent command. Repeat the key sequence to recall successively older commands.
• Down-arrow key — Returns the most recent commands from the history buffer after
recalling commands with the up arrow key. Repeating the key sequence will recall
successively more recent commands.
• Ctrl+A — Moves the cursor to the beginning of the command line.
• Ctrl+E — Moves the cursor to the end of the command line.
• Ctrl+Z / End — Returns back to the Privileged EXEC mode from any configuration
mode.
• Backspace key — Deletes one character left to the cursor position.
6 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
CLI Command Conventions
When entering commands there are certain command entry standards that apply to all
commands. The following table describes the command conventions.
ConventionDescription
[ ]In a command line, square brackets indicates an optional entry.
{ }In a command line, curly brackets indicate a selection of compulsory parameters
separated by the | character. One option must be selected. For example: flowcontrol
{auto|on|off} means that for the flowcontrol command either auto, on or off must be
selected.
Italic fontIndicates a parameter.
<Enter> Indicates an individual key on the keyboard. For example, <Enter> indicates
the Enter key.
Ctrl+F4Any combination keys pressed simultaneously on the keyboard.
Using CLI
all — When a parameter is required to define a range of ports or parameters and all is
an option, the default for the command is all when no parameters are defined. For
example, the command interface range port-channel has the option of either entering a
range of channels, or selecting all. When the command is entered without a parameter,
it automatically defaults to all.
Copying and Pasting Text
Up to 1000 lines of text (or commands) can be copied and pasted into the device.
It is the user’s responsibility to ensure that the text copied into the device consists of legal
commands only.
This feature is dependent on the baud rate of the device.
When copying and pasting commands from a configuration file, make sure that the
following conditions exist:
A device Configuration mode has been accessed.
The commands contain no encrypted data, like encrypted passwords or keys. Encrypted
data cannot be copied and pasted into the device.
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 7
Using CLI
8 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
2 AAA Commands
aaa authentication login
The aaa authentication login Global Configuration mode command defines login
authentication. To restore defaults, use the no form of this command.
Syntax
aaa authentication login {default | list-name} method1 [method2...]
no aaa authentication login {default | list-name}
Parameters
• default — Uses the listed authentication methods that follow this argument as the
default list of methods when a user logs in.
• list-name — Character string used to name the list of authentication methods activated
when a user logs in. (Range: 1-12 characters)
• method1 [method2...] — Specify at least one method from the following list:
Keyword Description
enable Uses the enable password for authentication.
line Uses the line password for authentication.
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command aaa
authentication login list-name local.
Command Mode
Global Configuration mode
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 9
AAA Commands
User Guidelines
The default and optional list names created with the aaa authentication login command
are used with the
login authentication command.
Create a list by entering the
particular protocol, where list-name is any character string used to name this list. The
method argument identifies the list of methods that the authentication algorithm tries, in
the given sequence.
The additional methods of authentication are used only if the previous method returns an
error, not if it fails. To ensure that the authentication succeeds even if all methods return
an error, specify none as the final method in the command line.
aaa authentication login list-name method command for a
Example
The following example configures the authentication login.
Console(config)# aaa authentication login default radius tacacs enable
line local none
aaa authentication enable
The aaa authentication enable Global Configuration mode command defines
authentication method lists for accessing higher privilege levels. To restore defaults, use
the no form of this command.
Syntax
aaa authentication enable {default | list-name} method1 [method2...]
no aaa authentication enable {default | list-name}
Parameters
• default — Uses the listed authentication methods that follow this argument as the
default list of methods, when using higher privilege levels.
• list-name — Character string used to name the list of authentication methods
activated, when using access higher privilege levels. (Range: 1-12 characters)
• method1 [method2...] — Specify at least one method from the following list:
Keyword Description
enable Uses the enable password for authentication.
10 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Keyword Description
line Uses the line password for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication. Uses username
tacacs Uses the list of all TACACS+ servers for authentication. Uses username
Default Configuration
If the default list is not set, only the enable password is checked. This has the same effect
as the command
Command Mode
Global Configuration mode
AAA Commands
$enabx$., where x is the privilege level.
"$enabx$." where x is the privilege level.
aaa authentication enable default enable.
User Guidelines
The default and optional list names created with the aaa authentication enable command
are used with the
The additional methods of authentication are used only if the previous method returns an
error, not if it fails. To ensure that the authentication succeeds even if all methods return
an error, specify none as the final method in the command line.
aaa authentication enable default requests sent by the device to a RADIUS or
All
TACACS+ server include the username $enabx$., where x is the requested privilege level.
enable authentication command.
Example
The following example sets the enable password for authentication when accessing higher
privilege levels.
Console(config)# aaa authentication enable default enable
login authentication
The login authentication Line Configuration mode command specifies the login
authentication method list for a remote telnet or console. To restore the default
configuration specified by the
command.
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 11
aaa authentication login command, use the no form of this
AAA Commands
Syntax
login authentication {default | list-name}
no login authentication
Parameters
• default — Uses the default list created with the aaa authentication login command.
• list-name — Uses the indicated list created with the aaa authentication login
command.
Default Configuration
Uses the default set with the command aaa authentication login.
Command Mode
Line Configuration mode
User Guidelines
To change (or rename) an authentication method, use the negate command and create a
new rule with the new method name.
Example
The following example specifies the default authentication method for a console.
Console(config)# line console
Console(config-line)# login authentication default
enable authentication
The enable authentication Line Configuration mode command specifies the
authentication method list when accessing a higher privilege level from a remote Telnet or
console. To restore the default configuration specified by the
command, use the no form of this command.
Syntax
aaa authentication enable
enable authentication {default | list-name}
no enable authentication
12 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Parameters
• default — Uses the default list created with the aaa authentication enable command.
• list-name — Uses the indicated list created with the aaa authentication enable
command.
Default Configuration
Uses the default set with the aaa authentication enable command.
Command Mode
Line Configuration mode
User Guidelines
There are no user guidelines for this command.
AAA Commands
Example
The following example specifies the default authentication method when accessing a
higher privilege level from a Telnet.
Console(config)# line console
Console(config-line)# enable authentication default
ip http authentication
The ip http authentication Global Configuration mode command specifies
authentication methods for HTTP server users. To restore the default configuration, use
the no form of this command.
Syntax
ip http authentication method1 [method2...]
no ip http authentication
Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide 13
AAA Commands
Parameters
• method1 [method2...] — Specify at least one method from the following list:
Keyword Description
local Uses the local username database for authentication.
none Uses no authentication.
radius Uses the list of all RADIUS servers for authentication.
tacacs Uses the list of all TACACS+ servers for authentication.
Default Configuration
The local user database is checked. This has the same effect as the command ip http
authentication
Command Mode
local.
Global Configuration mode
User Guidelines
The additional methods of authentication are used only if the previous method returns an
error, not if it fails. To ensure that the authentication succeeds even if all methods return
an error, specify
none as the final method in the command line.
Example
The following example configures the HTTP authentication.
Console(config)# ip http authentication radius tacacs local none
ip https authentication
The ip https authentication Global Configuration mode command specifies
authentication methods for HTTPS server users. To restore the default configuration, use
the no form of this command.
Syntax
ip https authentication method1 [method2...]
no ip https authentication
14 Intel® Blade Server Ethernet Switch Modules SBCEGBESW1 and SBCEGBESW10 CLI Guide
Loading...